Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

carol2906

[Resolvido] Computador entrando em sites estranhos

Recommended Posts

Boa tarde,


Estou desesperada, não consigo fazer nada no meu computador sem ser redirecionada pra sites estranhos.

Começou a ficar assim depois que meu marido instalou uns programas no computador no Domingo, ontem estava mais ou menos ainda, mas hoje está impossível de mexer.


Segue o log do hijackthis


Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 13:44:17, on 24/03/2015

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal


Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\SiS VGA Utilities\SiSTray.exe

C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files\Epson Software\Event Manager\EEventManager.exe

C:\Program Files\lg_fwupdate\fwupdate.exe

C:\Program Files\CCleaner\CCleaner.exe

C:\Windows\System32\C2MP\UpdateChecker.exe

C:\Users\Not\AppData\Local\Microsoft\OneDrive\OneDrive.exe

C:\Windows\System32\C2MP\TrayMenu.exe

C:\ProgramData\{57d51851-15dc-2e26-57d5-5185115d6144}\Adobe Illustrator CS6 Serial Number Keygen, Crack 32 64 bit.exe

C:\Users\Not\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchFilterHost.exe

C:\hijackthis\Trend Micro\HiJackThis\HiJackThis.exe


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1427037150&from=wpc&uid=WDCXWD3200BEVT-00ZCT0_WD-WXE409JR7164R7164

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1427037150&from=wpc&uid=WDCXWD3200BEVT-00ZCT0_WD-WXE409JR7164R7164




R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: SalePlus - {32fec9c6-92f9-4d13-b67d-3358a72dbe73} - C:\Program Files\SalePlus\8JVbSVWLLRzslo.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [siSTray] %ProgramFiles%\SiS VGA Utilities\SiSTray.exe

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"

O4 - HKLM\..\Run: [LGODDFU] C:\Program Files\lg_fwupdate\lgfw.exe blrun

O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"

O4 - HKLM\..\Run: [Codec Settings UAC Manager] "C:\Windows\system32\C2MP\CodecUACManager.exe"

O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

O4 - HKCU\..\Run: [EPSON TX133 TX135 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHJB.EXE /FU "C:\Windows\TEMP\E_S11B.tmp" /EF "HKCU"

O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR

O4 - HKCU\..\Run: [Codec Pack Update Checker] "C:\Windows\system32\C2MP\UpdateChecker.exe"

O4 - HKCU\..\Run: [OneDrive] "C:\Users\Not\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background

O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4D013C93135F825B6C898CEE188794F1] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')

O4 - Startup: Adobe Illustrator CS6 Serial Number Keygen, Crack 32 64 bit.lnk = C:\ProgramData\{57d51851-15dc-2e26-57d5-5185115d6144}\Adobe Illustrator CS6 Serial Number Keygen, Crack 32 64 bit.exe

O4 - Startup: Dropbox.lnk = Not\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Global Startup: CodecPackTrayMenu.lnk = C:\Windows\System32\C2MP\TrayMenu.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL

O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE

O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Sentinel HASP License Manager (hasplms) - SafeNet Inc. - C:\Windows\system32\hasplms.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe


--

End of file - 8397 bytes


Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa tarde carol2906,

 

  • Baixe: <adwcleaner_zps702dd724.png> (...par Xplode)
  • Salve-a na sua Desktop (área de trabalho).
  • Feche todos os programas e navegadores de internet abertos.
  • Usuários do Windows Vista ou Windows 7,clique com o direito do mouse sobre o arquivo AdwCleaner.exe,depois clique em:
Administrador_zpsd2d1d317.jpg
AdwCleanerexaminar_zpsd5f3cfb4.jpg
  • Clique em Examinar, para iniciar o escaneamento!
AdwCleanerlimpar_zpsec0cb5a1.jpg
  • Ao término, clique em limpar
  • Copie o log ou clique "Relatório".
  • Poste: >>C:\AdwCleaner\AdwCleaner [s0].txt<<

 

  • Baixe:<JRT_zpsa866e301.png> <(...by Oleg N. Scherbakov)>
  • Salve-o no desktop!
  • Desabilite seu antivírus!
  • Para Windows 7, clique direito em JRT.exe e execute-o como run_as_adm1_zps9c608e64.png
SRF66vor.jpg
  • Aguarde a conclusão e poste o relatório. ( JRT.txt )
Um grande abraço. :thumbsup:

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa tarde, Seguem logs:

 

# AdwCleaner v4.113 - Logfile created 24/03/2015 at 14:55:53
# Updated 22/03/2015 by Xplode
# Database : 2015-03-23.1 [server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x86)
# Username : Not - NOT-PC
# Running from : C:\Users\Not\Desktop\adwcleaner_4.113.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\32b0c61d00007563
Folder Deleted : C:\Program Files\SaallePlus
Folder Deleted : C:\Program Files\SAilePLus
Folder Deleted : C:\Program Files\SalePlus
Folder Deleted : C:\Users\Not\AppData\Roaming\EZDownloader
Folder Deleted : C:\ProgramData\infbobjjjfejdlmgnoedlbmpmjabioaa
Folder Deleted : C:\ProgramData\nhalfonlolajbjebddaniicmfdmelbdm
File Deleted : C:\Users\Not\AppData\Roaming\Mozilla\Firefox\Profiles\nnlpqfcd.default\searchplugins\WebSearch.xml
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Key Deleted : HKLM\SOFTWARE\Classes\P92185047_c772_4c8e_be49_f29e731e34b8_.P92185047_c772_4c8e_be49_f29e731e34b8_
Key Deleted : HKLM\SOFTWARE\Classes\P92185047_c772_4c8e_be49_f29e731e34b8_.P92185047_c772_4c8e_be49_f29e731e34b8_.9
Key Deleted : HKLM\SOFTWARE\Classes\Pf6e821d1_207c_4395_af9d_965e0f13d4de_.Pf6e821d1_207c_4395_af9d_965e0f13d4de_
Key Deleted : HKLM\SOFTWARE\Classes\Pf6e821d1_207c_4395_af9d_965e0f13d4de_.Pf6e821d1_207c_4395_af9d_965e0f13d4de_.9
Key Deleted : HKLM\SOFTWARE\409221db-f320-ecdb-d142-f2b324fbb67b
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{92185047-c772-4c8e-be49-f29e731e34b8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{f6e821d1-207c-4395-af9d-965e0f13d4de}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{41F978F3-431A-4464-A789-5C0692D562FB}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0B55F99-F893-4F84-AE82-CAE0E70DFDFA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{92185047-c772-4c8e-be49-f29e731e34b8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{92185047-c772-4c8e-be49-f29e731e34b8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{f6e821d1-207c-4395-af9d-965e0f13d4de}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\HomeTab
Key Deleted : HKCU\Software\simplytech
Key Deleted : HKCU\Software\TNT2
Key Deleted : HKCU\Software\WajIntEnhance
Key Deleted : HKCU\Software\SearchProtectWS
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\SearchProtect
Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Deleted : HKLM\SOFTWARE\WajIntEnhance
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A2D81E70-2A98-4A08-A628-94388B063C5E}
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
***** [ Web browsers ] *****
-\\ Internet Explorer v9.0.8112.16421
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [secondary Start Pages]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page]
-\\ Mozilla Firefox v
[nnlpqfcd.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://websearch.coolsearches.info/?pid=22147&r=2015/03/22&hid=17850545162899052553&lg=EN&cc=BR&unqvl=85");
-\\ Google Chrome v41.0.2272.101
*************************
AdwCleaner[R0].txt - [5711 bytes] - [24/03/2015 14:52:27]
AdwCleaner[s0].txt - [5008 bytes] - [24/03/2015 14:55:53]
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [5067 bytes] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.6 (03.22.2015:1)
OS: Windows 7 Ultimate x86
Ran by Not on 24/03/2015 at 15:00:26,08
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24/03/2015 at 15:04:11,81
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Compartilhar este post


Link para o post
Compartilhar em outros sites
Boa tarde carol2906,

 

  • Baixe: <ZHPDiag ><Nicolas_zpsd607e812.jpg> ( ...Nicolas Coolman)
  • Salve-o no Disco local (C ou D).
  • Desabilite seu antivírus, e execute ZHPDiag.exe para instalar.
Pergaminho_zps6bd9016e.jpg
  • Execute o ícone do pergaminho!
ZHPDiag_zpsbfd2086c.jpg
  • Clique na opção "COMPLETA" e aguarde a conclusão.
  • Clique OK e,ao concluir, poste o relatório! ( ZHPDiag.txt )
  • Obs: O relatório por ser extenso deve ser postado em um desses sites:
  • Acesse: <cjoint_zpse4622b2d.jpg>
  • Ou acesse:<logo_zps572d7597_1.gif>
Um grande abraço. :thumbsup:

Compartilhar este post


Link para o post
Compartilhar em outros sites
Boa noite carol2906,



  • Execute este script na ferramenta ZHPFix.


  • Copie estas informações que estão em vermelho para o Bloco de notas.


  • Com o Bloco de notas aberto, faça: ctrl+a >> ctrl+c.


  • À seguir, minimize o Bloco de notas.


Script ZHPFix

SysRestore

O4 - HKCU\..\Run: [AdobeBridge] Chave orfã

O4 - HKUS\S-1-5-21-1918045531-4293645944-74723622-1000\..\Run: [AdobeBridge] Chave orfã

[HKCU\Software\Baixaki]

O43 - CFD: 23/01/2015 - 16:28:44 - [] ----D C:\ProgramData\boost_interprocess

O45 - LFCP:[MD5.D0C8C3518BA0C19BA4788431BB33D564] - 17/03/2015 - 08:02:11 ---A- - C:\Windows\Prefetch\BROWSEREXTENSIONSSETUP.EXE-49479A68.pf =>PUP.BrowserExtensions

O51 - MPSK:{afccec1b-89e5-11e4-9639-00030dd8fd88}\AutoRun\command. (...) -- G:\SETUP.exe (.not file.)

EmptyClsid

FirewallRaz

EmptyPrefetch

EmptyTemp

EmptyFlash




  • Abra a ferramenta ZHPFix. <ZHPFix_zps88a4bb81.jpg>


  • Clique em IMPORTAÇÃO > OK


  • Clique "GO".


  • Poste o Relatório!



Um grande abraço. :thumbsup:


434264.gif

< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos irreparáveis aos mesmos! >

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia segue relatório...

 

Rapport de ZHPFix 2015.3.18.4 par Nicolas Coolman, Update du 18/03/2015
Fichier d'export Registre :
Run by Not at 25/03/2015 08:30:14
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 32-bit Service Pack 1 (Build 7601)
Reciclagem vazia (00mn 03s)
Prefetcher vazio
========== Chaves do Registo ==========
ELIMINÉ: HKCU\Software\Baixaki
ELIMINÉ CLSID MPSK: {afccec1b-89e5-11e4-9639-00030dd8fd88}
========== Valores do Registo ==========
ELIMINÉ RunValue: AdobeBridge
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :
ELIMINÉ: FirewallRaz (None) : {B65F794C-3D7D-401D-B876-1DD92E68352C}
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
ELIMINÉ Temporários windows (26)
ELIMINÉ Flash Cookies (0)
========== Ficheiros ==========
ELIMINÉ: c:\windows\prefetch\browserextensionssetup.exe-49479a68.pf
ELIMINÉ Temporários windows (131) (13.350.454 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
2 : Chaves do Registo
4 : Valores do Registo
3 : Pastas
3 : Ficheiros
1 : Restauração Sistema
End of clean in 00mn 27s
========== Caminho do ficheiro do relatório ==========
C:\Users\Not\AppData\Roaming\ZHP\ZHPFix[R1].txt - 25/03/2015 08:30:18 [1309]

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia carol2906,

 

  • Baixe:<FRST_zpsc32f1d93.gif> <(...by Farbar)>
  • Salve-a na Área de trabalho !
  • Execute a ferramenta ! Clique "Yes" >> "Scan".
FRST_Addition_Scan_zpse941caa3.jpg
  • Verifique se as caixinhas em "Whitelist" estão assinaladas.
  • Em "Optional Scan",deixe marcada a checkbox "Addition.txt".
  • Será gerado o relatório! (FRST.txt)
  • Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na 1ª execução da ferramenta.
  • Acesse: <cjoint_zpse4622b2d.jpg>
  • Ou acesse:<logo_zps572d7597_1.gif>
Um grande abraço. :thumbsup:

Compartilhar este post


Link para o post
Compartilhar em outros sites
Acho que é esse:


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015

Ran by Not at 2015-03-25 10:25:12

Running from C:\Users\Not\Desktop

Boot Mode: Normal

==========================================================



==================== Security Center ========================


(If an entry is included in the fixlist, it will be removed.)


AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


==================== Installed Programs ======================


(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)


µTorrent (HKU\S-1-5-21-1918045531-4293645944-74723622-1000\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)

Add or Remove Adobe Creative Suite 3 Design Premium (HKLM\...\Adobe_c14ac4070fd9614ffe63f4bb533db2c) (Version: 1.0 - Adobe Systems Incorporated)

Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)

Adobe Flash Player 9 ActiveX (HKLM\...\{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}) (Version: 9.0.45.0 - Adobe Systems, Inc.)

Adobe Flash Player 9 Plugin (HKLM\...\{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}) (Version: 9.0.45.0 - Adobe Systems, Inc.)

Adobe Help Manager (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)

Adobe Illustrator CS6 (HKLM\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)

Adobe Reader XI - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)

AHV content for Acrobat and Flash (Version: 1 - Adobe Systems Incorporated) Hidden

AMP Font Viewer (HKLM\...\AMP Font Viewer) (Version: - )

Arquivo do WinRAR (HKLM\...\WinRAR archiver) (Version: - )

aTube Catcher versão 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)

CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)

Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)

Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)

Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)

Corel Graphics - Windows Shell Extension (HKLM\...\_{761B6C00-A23A-4F17-9D23-CB7E48307314}) (Version: 16.1.0.843 - Corel Corporation)

Corel Graphics - Windows Shell Extension (Version: 16.1.843 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X4 - Capture (Version: 14.2 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X4 - Content (Version: 14.2 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X4 - Draw (Version: 14.2 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X4 - Filters (Version: 14.2 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X4 - FontNav (Version: 14.2 - Corel Corporation) Hidden

CorelDRAW Graphics SUite X4 - ICA (Version: 14.2 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X4 - IPM (Version: 14.2 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X4 - Lang BR (Version: 14.2 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X4 - Lang DE (Version: 14.2 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X4 - Lang EN (Version: 14.2 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X4 - Lang ES (Version: 14.2 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X4 - Lang FR (Version: 14.2 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X4 - Lang IT (Version: 14.2 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X4 - PP (Version: 14.2 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X4 - VBA (Version: 14.2 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X4 (Version: 14.2 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - BR (Version: 16.1 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - Capture (Version: 16.1 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - Common (Version: 16.1 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - Connect (Version: 16.1 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - Custom Data (Version: 16.1 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - Draw (Version: 16.1 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - Filters (Version: 16.1 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - FontNav (Version: 16.1 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - IPM (Version: 16.1 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - PHOTO-PAINT (Version: 16.1 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - Photozoom Plugin (Version: 16.1 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - Redist (Version: 16.1 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - Setup Files (Version: 16.1 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - VBA (Version: 16.1 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - VideoBrowser (Version: 16.1 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - VSTA (Version: 16.1 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - Writing Tools (Version: 16.1 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 (HKLM\...\_{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}) (Version: 16.1.0.843 - Corel Corporation)

CorelDRAW Graphics Suite X6 (Version: 16.1 - Corel Corporation) Hidden

CorelDRAW® Graphics Suite X4 (HKLM\...\_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}) (Version: - Corel Corporation)

CyberLink Media Suite 10 (HKLM\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)

Desinstalar impressora EPSON TX133 TX135 Series (HKLM\...\EPSON TX133 TX135 Series) (Version: - SEIKO EPSON Corporation)

Dropbox (HKU\S-1-5-21-1918045531-4293645944-74723622-1000\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)

Epson Event Manager (HKLM\...\{8A17C27D-0325-400C-8AA9-DAA6B16CBD74}) (Version: 2.40.0009 - SEIKO EPSON CORPORATION)

EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)

GBBD Caixa Economica Federal (HKLM\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.12.0.2 - )

Google Chrome (HKLM\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)

Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden

HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)

JP (Version: 14.2 - Corel Corporation) Hidden

K-Lite Codec Pack 10.9.0 Full (HKLM\...\KLiteCodecPack_is1) (Version: 10.9.0 - )

LG ODD Auto Firmware Update (HKLM\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )

Media Player Codec Pack 4.3.5 (HKLM\...\Media Player - Codec Pack) (Version: 4.3.5 - Media Player Codec Pack)

Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-1918045531-4293645944-74723622-1000\...\OneDriveSetup.exe) (Version: 17.3.4726.0226 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)

Microsoft SQL Server Native Client (HKLM\...\{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}) (Version: 9.00.4035.00 - Microsoft Corporation)

Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.4035.00 - Microsoft Corporation)

Microsoft SQL Server VSS Writer (HKLM\...\{56B4002F-671C-49F4-984C-C760FE3806B5}) (Version: 9.00.4035.00 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)

Módulo de Proteção - Banco Santander (Brasil) S.A. (HKLM\...\{83033d93-48d0-48fc-9c5b-82e57e7e0dd6}_is1) (Version: 3.11.0.1 - )

Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Client Profile PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation)

Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Extended PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation)

PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden

PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden

PE-DESIGN NEXT (HKLM\...\{041EDAC5-853E-4A10-A0C8-ED0CF7769306}) (Version: 9.01.0000 - Brother Industries, Ltd.)

REALTEK Wireless LAN Driver (HKLM\...\{D4EEC21C-04F0-4CF4-8078-82C11E38EF11}) (Version: 1.00.0168 - REALTEK Semiconductor Corp.)

Sentinel HASP Run-time (HKLM\...\{2A414CBE-CDF3-48C6-A91B-D3D4522F8EB5}) (Version: 5.10.1.17163 - SafeNet Inc.)

SiS VGA Utilities (HKLM\...\SiS VGA Utilities) (Version: 5.23 - Silicon Integrated Systems Corporation)

Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)

Skype™ 7.1 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)

Speccy (HKLM\...\Speccy) (Version: 1.25 - Piriform)

Warsaw 1.5.1.8886 32 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.5.1.8886 - GAS Tecnologia)

Wilcom EmbroideryStudio (HKLM\...\{83D9307A-2024-4E4A-969E-8B65A1D1BC9A}) (Version: 12.0.0075 - Wilcom)

Wilcom EmbroideryStudio (Version: 12.0.0061 - Wilcom) Hidden

ZHPDiag 2015 (HKLM\...\ZHPDiag_is1) (Version: 2015 - Nicolas Coolman)


==================== Custom CLSID (selected items): ==========================


(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


CustomCLSID: HKU\S-1-5-21-1918045531-4293645944-74723622-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Not\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1918045531-4293645944-74723622-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0001}\InprocServer32 -> C:\Users\Not\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll (GAS Tecnologia)

CustomCLSID: HKU\S-1-5-21-1918045531-4293645944-74723622-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Not\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)

CustomCLSID: HKU\S-1-5-21-1918045531-4293645944-74723622-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0001}\InprocServer32 -> C:\Users\Not\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll (GAS Tecnologia)

CustomCLSID: HKU\S-1-5-21-1918045531-4293645944-74723622-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Not\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)

CustomCLSID: HKU\S-1-5-21-1918045531-4293645944-74723622-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Not\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1918045531-4293645944-74723622-1000_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Not\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1918045531-4293645944-74723622-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Not\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1918045531-4293645944-74723622-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Not\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1918045531-4293645944-74723622-1000_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Not\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1918045531-4293645944-74723622-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Not\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1918045531-4293645944-74723622-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Not\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1918045531-4293645944-74723622-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Not\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1918045531-4293645944-74723622-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Not\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1918045531-4293645944-74723622-1000_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> C:\Users\Not\AppData\Local\Temp\4FA8\temp\Adobe Illustrator CS6 Serial Number Keygen, Crack 32 64 bi (the data entry has 13 more characters).

CustomCLSID: HKU\S-1-5-21-1918045531-4293645944-74723622-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Not\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncApi.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1918045531-4293645944-74723622-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Not\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1918045531-4293645944-74723622-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Not\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1918045531-4293645944-74723622-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Not\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1918045531-4293645944-74723622-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Not\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1918045531-4293645944-74723622-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Not\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1918045531-4293645944-74723622-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Not\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1918045531-4293645944-74723622-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Not\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1918045531-4293645944-74723622-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Not\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)


==================== Restore Points =========================


10-03-2015 09:13:10 Ponto de Verificação Agendado

17-03-2015 08:04:13 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501

24-03-2015 13:42:56 Installed HiJackThis

24-03-2015 14:10:56 Avira Free Antivirus - 24/03/2015 14:10

25-03-2015 08:29:55 ZHPFix Restore System Point


==================== Hosts content: ==========================


(If needed Hosts: directive could be included in the fixlist to reset Hosts.)


2009-07-13 23:04 - 2009-06-10 18:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Scheduled Tasks (whitelisted) =============


(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)


Task: {2B13F00D-92F9-4A38-BF63-6F4F1E535E46} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2014-12-12] ()

Task: {63A1CF74-CB34-4952-B499-93A481BEE3BC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-22] (Google Inc.)

Task: {6ECCDFE7-54CD-407E-B2BB-9667D2FE32D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-22] (Google Inc.)

Task: {DB48CC89-1FE2-4E6E-9F36-D8F043D7E9E3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe


==================== Loaded Modules (whitelisted) ==============


2011-03-09 13:21 - 2011-03-09 13:21 - 00619816 _____ () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll

2011-03-09 13:21 - 2011-03-09 13:21 - 00013096 _____ () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll

2014-12-12 19:25 - 2014-12-12 19:25 - 00050688 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll

2014-12-21 02:55 - 2014-12-21 02:55 - 00055992 _____ () C:\Windows\System32\C2MP\UpdateChecker.exe

2015-03-25 08:25 - 2015-03-25 08:25 - 00011264 _____ () C:\Users\Not\AppData\Local\Temp\nsv93A9.tmp\System.dll

2014-12-20 23:07 - 2014-12-20 23:07 - 00208415 _____ () C:\Windows\System32\C2MP\TrayMenu.exe

2015-03-04 19:08 - 2015-03-04 19:08 - 00750080 _____ () C:\Users\Not\AppData\Roaming\Dropbox\bin\libGLESv2.dll

2015-03-25 08:26 - 2015-03-25 08:26 - 00043008 _____ () c:\users\not\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpegotyd.dll

2015-03-04 19:08 - 2015-03-04 19:08 - 00047616 _____ () C:\Users\Not\AppData\Roaming\Dropbox\bin\libEGL.dll

2015-03-04 19:08 - 2015-03-04 19:08 - 00865280 _____ () C:\Users\Not\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll

2015-03-04 19:07 - 2015-03-04 19:07 - 00200704 _____ () C:\Users\Not\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll

2014-12-22 12:44 - 2014-12-22 12:44 - 00261120 _____ () C:\EMBIRD32\EMBIRDIH.DLL

2015-03-19 19:58 - 2015-03-14 07:12 - 09278792 _____ () C:\Program Files\Google\Chrome\Application\41.0.2272.101\pdf.dll

2014-12-22 13:43 - 2014-02-10 11:44 - 04592128 _____ () C:\Users\Not\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll

2014-12-22 13:43 - 2014-02-10 11:44 - 00112128 _____ () C:\Users\Not\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll


==================== Alternate Data Streams (whitelisted) =========


(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)



==================== Safe Mode (whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)



==================== EXE Association (whitelisted) ===============


(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)



==================== Other Areas ============================


(Currently there is no automatic fix for this section.)


HKU\S-1-5-21-1918045531-4293645944-74723622-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Not\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 192.168.25.1


==================== MSCONFIG/TASK MANAGER disabled items ==


(Currently there is no automatic fix for this section.)



==================== Accounts: =============================


Administrador (S-1-5-21-1918045531-4293645944-74723622-500 - Administrator - Disabled)

Convidado (S-1-5-21-1918045531-4293645944-74723622-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-1918045531-4293645944-74723622-1002 - Limited - Enabled)

Not (S-1-5-21-1918045531-4293645944-74723622-1000 - Administrator - Enabled) => C:\Users\Not


==================== Faulty Device Manager Devices =============



==================== Event log errors: =========================


Application errors:

==================

Error: (03/25/2015 08:29:55 AM) (Source: VSS) (EventID: 8194) (User: )

Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado.

.

Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.



Operação:

Obtendo Dados do Gravador


Contexto:

Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}

Nome do Gravador: System Writer

ID de Instância de Gravador: {01bf0042-c945-40bd-8417-c8c45021e22b}


Error: (03/25/2015 08:26:43 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003



System errors:

=============


Microsoft Office Sessions:

=========================


==================== Memory info ===========================


Processor: Intel® Core2 Duo CPU T5800 @ 2.00GHz

Percentage of memory in use: 44%

Total physical RAM: 3055.17 MB

Available physical RAM: 1691.54 MB

Total Pagefile: 6108.63 MB

Available Pagefile: 4387.4 MB

Total Virtual: 2047.88 MB

Available Virtual: 1876.45 MB


==================== Drives ================================


Drive c: () (Fixed) (Total:99.08 GB) (Free:47.75 GB) NTFS

Drive d: (Backup) (Fixed) (Total:198.91 GB) (Free:167.33 GB) NTFS


==================== MBR & Partition Table ==================


========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 9E0E9E0E)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=99.1 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=198.9 GB) - (Type=07 NTFS)


==================== End Of Log ============================

Compartilhar este post


Link para o post
Compartilhar em outros sites
Boa tarde, obrigada pela ajuda...


O pc continua entrando em sites esquisitos, em todas as páginas que abro aparecem muitas propagandas piscando e pulando de um canto a outro das páginas.

Até aqui no fórum está difícil de postar pois quando entro alguns segundos depois sou redirecionada pra outras páginas e o fórum fecha, algumas páginas pedem para que eu faça download de programas.

Tenho que digitar tudo antes no bloco de notas pra colar aqui, pois senão não dá nem tempo de escrever e já vai pra outra página.

Um dos sites para os quais sou redirecionada é um tal de reduxmedia,esse é o que mais aparece pra mim :-(


Até mais

Compartilhar este post


Link para o post
Compartilhar em outros sites
Boa tarde carol2906, você possui uma versão de desenvolvimento do Google Chrome. Desinstale e instale a versão estável. Informe como está o PC.


CHR dev: Chrome dev build detected! <======= ATTENTION



  • Copie estas informações que estão em vermelho,para o Bloco de Notas.


  • Salve-a com o nome fixlist.txt


  • Salve-a no mesmo local em que se encontra a FRST


start

CloseProcesses:

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-21-1918045531-4293645944-74723622-1000 -> {8331CA8A-5318-4DFE-A835-B8FB3ECB6EF7} URL =

FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

CHR HomePage: Default ->

CHR StartupUrls: Default -> "", "hxxp://www.mystartsearch.com/?type=hp&ts=1427037150&from=wpc&uid=WDCXWD3200BEVT-00ZCT0_WD-WXE409JR7164R7164"

CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}

S3 VGPU; System32\drivers\rdvgkmd.sys [X]

C:\Users\Not\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpegotyd.dll



Folder: C:\EMBI¼“ù¼“ù¼“ù¼“ù¼“ù¼“


CreateRestorePoint:

EmptyTemp:

end



  • Execute FRST/FRST64 >> Clique "Fix". << Aguarde!


  • Poste o relatório! (Fixlog.txt)


Um grande abraço.


434264.gif

< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos irreparáveis aos mesmos! >

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa tarde!

 

N~~ao consigo desinstalar o Google Chrome, dá um aviso de que tenho que fechar as janelas do navegador porém n~~ao tem nada aberto. Quando clico no ícone do Chrome para executá-lo ele n~~ao abre.

Estou entrando pelo internet explorer, por ele está normal aparentemente, mas queria muito voltar o Chrome, acho ele melhor hehe. Sabe como devo fazer?

 

Desculpe esses acentos errados, n~~ao sei o que houve aqui, segue o relatório.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-03-2015
Ran by Not at 2015-03-25 16:24:43 Run:1
Running from C:\Users\Not\Desktop
Loaded Profiles: Not (Available profiles: Not)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start
CloseProcesses:
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1918045531-4293645944-74723622-1000 -> {8331CA8A-5318-4DFE-A835-B8FB3ECB6EF7} URL = https://br.search.ya...p={searchTerms}
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
CHR HomePage: Default ->
CHR StartupUrls: Default -> "https://br.search.ya...96&fr=yo-yhp-ch", "hxxp://www.mystartsearch.com/?type=hp&ts=1427037150&from=wpc&uid=WDCXWD3200BEVT-00ZCT0_WD-WXE409JR7164R7164"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
C:\Users\Not\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpegotyd.dll

Folder: C:\EMBI¼“ù¼“ù¼“ù¼“ù¼“ù¼“

CreateRestorePoint:
EmptyTemp:
end
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-1918045531-4293645944-74723622-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8331CA8A-5318-4DFE-A835-B8FB3ECB6EF7}" => Key deleted successfully.
HKCR\CLSID\{8331CA8A-5318-4DFE-A835-B8FB3ECB6EF7} => Key not found.
C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} => not found.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
Chrome DefaultSuggestURL deleted successfully.
VGPU => Service deleted successfully.
C:\Users\Not\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpegotyd.dll => Moved successfully.

========================= Folder: C:\EMBI¼“ù¼“ù¼“ù¼“ù¼“ù¼“ ========================

The path is not a directory.
Restore point was successfully created.
EmptyTemp: => Removed 443.1 MB temporary data.

The system needed a reboot.

==== End of Fixlog 16:25:29 ====

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite carol2906,

 

  • Salve-o na Desktop e descompacte-o aí mesmo.
  • Execute o utilitário ( Revouninstaller.exe ) e verifique se na tela principal aparece o programa a ser desinstalado.
  • No seu caso, o Google Chrome.
Revo_Uninstaller_zps2dc2688d.jpg
  • Selecione-o e clique em Desinstalar.
  • Escolha o módulo "Avançado".
  • Clique "Avançar" -> "Avançar" -> "Marcar tudo" -> "Excluir" -> "Sim".
  • Repetindo: Clique "Avançar" -> "Marcar tudo" -> "Excluir" -> "Sim".
  • Repetindo novamente: Clique "Avançar" -> "Finalizado".
  • Após desinstalar o Google Chrome, baixe o CCleaner e execute escolhendo a opção Registro.
<Clean_Registro_zpscdd5dfb8.jpg>
  • Clique em "Procurar erros" -> Aguarde!
  • Clique em "Corrigir erro(s) selecionado(s)...".
  • Clique em "Sim",na mensagem!
  • Nomeie o arquivo ( .reg ) e salve-o em pasta de sua preferência.
  • Clique em "Corrigir erro" -> "Fechar".
  • Baixe nova versão do Chrome e instale-o novamente!
Informe!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Oie,

 

Depois que eu reiniciei o computador eu consegui instalar o chrome, não sei se o anterior foi removido, mas aparentemente está tudo ok agora, já não tenho os mesmos problemas :-)

Devo rodar mais alguma coisa?

 

Até mais

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite carol2906,

 

  • Salve na sua Desktop (Área de trabalho) !
  • Execute o arquivo Zoek.exe.
  • Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo Zoek.exe, depois clique em
run_as_adm1_zps9c608e64.png
  • Selecione as linhas em vermelho, clique com o direito sobre a seleção e escolha a opção copiar!
standardsearch;
firefoxlook;
chromelook;
ielook;
emptyfolderscheck;delete
Insert_script_zps8yew1joj.jpg
  • Clique com o direito em qualquer parte branca do Zoek e escolha a opção colar.
  • Clique Run%20Script_icon_zps2dlaie9o.jpg, aguarde o scan. Ao final abrirá o bloco de notas com o relatório.
  • Uma cópia também será salva no seu disco local com o nome zoek-results.txt.
  • Anexe o zoek-results.txt na sua próxima resposta.
Um grande abraço.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Bom dia,


Segue o relatório do zoek:



Zoek.exe v5.0.0.0 Updated 25-March-2015

Tool run by Not on 26/03/2015 at 9:48:49,92.

Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Not\Desktop\zoek.exe [scan all users] [script inserted]


==== System Restore Info ======================


26/03/2015 09:50:00 Zoek.exe System Restore Point Created Successfully.


==== Empty Folders Check ======================


C:\Program Files\SoftwareUp deleted successfully

C:\PROGRA~2\ALM deleted successfully

C:\PROGRA~2\CorelDRAW Graphics Suite X6 deleted successfully

C:\Users\Not\AppData\Local\VirtualStore deleted successfully


==== Running Processes ======================


C:\Windows\System32\smss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\Common Files\EPSON\EPW3 SSRP\E_S50ST7.EXE

C:\Program Files\Common Files\EPSON\EPW3 SSRP\E_S50RP7.EXE

C:\Windows\Explorer.EXE

C:\Windows\system32\hasplms.exe

C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\SiS VGA Utilities\SiSTray.exe

c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Program Files\Diebold\Warsaw\core.exe

C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files\Epson Software\Event Manager\EEventManager.exe

C:\Program Files\lg_fwupdate\fwupdate.exe

C:\Program Files\Diebold\Warsaw\core.exe

C:\Program Files\CCleaner\CCleaner.exe

C:\Users\Not\AppData\Local\Microsoft\OneDrive\OneDrive.exe

C:\Windows\System32\C2MP\TrayMenu.exe

C:\Users\Not\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Users\Not\Desktop\zoek.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\vssvc.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k swprv


==== System Specs ======================


Windows: Windows 7 Ultimate Edition Service Pack 1 (Build 7601)

Memory (RAM): 3056 MB

CPU Info: Intel® Core2 Duo CPU T5800 @ 2.00GHz

CPU Speed: 1999,7 MHz

Sound Card: Alto-falantes (Dispositivo de H |

Display Adapters: SiS Mirage 3 Graphics | SiS Mirage 3 Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver

Monitors: 1x; Monitor Genérico PnP | Monitor Genérico PnP |

Screen Resolution: 1920 X 1080 - 32 bit

Network: Network Present

Network Adapters: Placa de rede sem fios PCIE Realtek RTL8187SE 802.11b/g | Controlador Ethernet SiS191

CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW TS-L633A

Ports: COM3 LPT Port NOT Present.

Mouse: 3 Button Wheel Mouse Present

Hard Disks: C: 99,1GB | D: 198,9GB

Hard Disks - Free: C: 49,2GB | D: 167,3GB

Manufacturer *: OEM

BIOS Info: AT/AT COMPATIBLE | 07/01/09 | ACRSYS - 6040000

Time Zone: Hora oficial do Brasil

Motherboard *: OEM N/A

Country: Brasil

Language: PTB


==== System Specs (Software) ======================


Anti-Spyware: Windows Defender disabled (Outdated)

Default Browser: Google Chrome 41.0.2272.101

Internet Explorer Version: 9.0.8112.16421

Google Chrome version: 41.0.2272.101

Adobe Reader version: 11.0.0.379


==== Files Recently Created / Modified ======================


====== C:\Windows ====

====== C:\Users\Not\AppData\Local\Temp ====

2015-03-26 12:15:15 12C0789B30AD2425D9F5B63FFFAAEEA6 43008 ----a-w- C:\Users\Not\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpn0sedy.dll

2015-03-25 19:48:19 FFF2C9BA6AB0C6F3A290CD3FBCBDF3C0 165704 ----atw- C:\Users\Not\AppData\Local\Temp\{0742994C-185F-422E-AD84-1B85132E6A31}\psmachine.dll

2015-03-25 19:48:19 FD98434B6A06FE31A35E4BFBC827B290 52040 ----atw- C:\Users\Not\AppData\Local\Temp\{0742994C-185F-422E-AD84-1B85132E6A31}\GoogleUpdateOnDemand.exe

2015-03-25 19:48:19 F3B6470DA7CE34E559D3BA7365CC909C 115528 ----atw- C:\Users\Not\AppData\Local\Temp\{0742994C-185F-422E-AD84-1B85132E6A31}\GoogleUpdateComRegisterShell64.exe

2015-03-25 19:48:19 E1B44A75947137F4143308D566889837 107848 ----atw- C:\Users\Not\AppData\Local\Temp\{0742994C-185F-422E-AD84-1B85132E6A31}\GoogleUpdate.exe

2015-03-25 19:48:19 C51C9B677C0BF6651B4D0AEE60E005A7 188232 ----atw- C:\Users\Not\AppData\Local\Temp\{0742994C-185F-422E-AD84-1B85132E6A31}\psmachine_64.dll

2015-03-25 19:48:19 98137411B9C632095F919E2CE70B288A 599368 ----atw- C:\Users\Not\AppData\Local\Temp\{0742994C-185F-422E-AD84-1B85132E6A31}\npGoogleUpdate3.dll

2015-03-25 19:48:19 83BB030C71C9727DCFB2737005772C4E 232264 ----atw- C:\Users\Not\AppData\Local\Temp\{0742994C-185F-422E-AD84-1B85132E6A31}\GoogleCrashHandler.exe

2015-03-25 19:48:19 821CC209D61D0ED1F4C86ABE0C8A1319 188232 ----atw- C:\Users\Not\AppData\Local\Temp\{0742994C-185F-422E-AD84-1B85132E6A31}\psuser_64.dll

2015-03-25 19:48:19 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Users\Not\AppData\Local\Temp\{0742994C-185F-422E-AD84-1B85132E6A31}\GoogleUpdateSetup.exe

2015-03-25 19:48:19 7502515B2447293E7239840134391CE0 28160 ----atw- C:\Users\Not\AppData\Local\Temp\{0742994C-185F-422E-AD84-1B85132E6A31}\GoogleUpdateHelper.msi

2015-03-25 19:48:19 5F0A3AA68785C49454F56C9F2DDA0237 52040 ----atw- C:\Users\Not\AppData\Local\Temp\{0742994C-185F-422E-AD84-1B85132E6A31}\GoogleUpdateWebPlugin.exe

2015-03-25 19:48:19 5C2593649CF4FE6B9ED6F9A734DBF344 1683272 ----atw- C:\Users\Not\AppData\Local\Temp\{0742994C-185F-422E-AD84-1B85132E6A31}\goopdate.dll

2015-03-25 19:48:19 580930FD62744F10FCDD5375E201BEEA 165704 ----atw- C:\Users\Not\AppData\Local\Temp\{0742994C-185F-422E-AD84-1B85132E6A31}\psuser.dll

2015-03-25 19:48:19 4C02536F4CA35911FB3EA5715F300C57 52040 ----atw- C:\Users\Not\AppData\Local\Temp\{0742994C-185F-422E-AD84-1B85132E6A31}\GoogleUpdateBroker.exe

2015-03-25 19:48:19 323CFFFDAF253AC65CD194A101BE6231 287048 ----atw- C:\Users\Not\AppData\Local\Temp\{0742994C-185F-422E-AD84-1B85132E6A31}\GoogleCrashHandler64.exe

2015-03-25 19:42:49 FFF2C9BA6AB0C6F3A290CD3FBCBDF3C0 165704 ----atw- C:\Users\Not\AppData\Local\Temp\{539B392E-A37B-418C-9F26-5A13F52998B1}\psmachine.dll

2015-03-25 19:42:49 C51C9B677C0BF6651B4D0AEE60E005A7 188232 ----atw- C:\Users\Not\AppData\Local\Temp\{539B392E-A37B-418C-9F26-5A13F52998B1}\psmachine_64.dll

2015-03-25 19:42:49 98137411B9C632095F919E2CE70B288A 599368 ----atw- C:\Users\Not\AppData\Local\Temp\{539B392E-A37B-418C-9F26-5A13F52998B1}\npGoogleUpdate3.dll

2015-03-25 19:42:49 821CC209D61D0ED1F4C86ABE0C8A1319 188232 ----atw- C:\Users\Not\AppData\Local\Temp\{539B392E-A37B-418C-9F26-5A13F52998B1}\psuser_64.dll

2015-03-25 19:42:49 580930FD62744F10FCDD5375E201BEEA 165704 ----atw- C:\Users\Not\AppData\Local\Temp\{539B392E-A37B-418C-9F26-5A13F52998B1}\psuser.dll

2015-03-25 19:42:48 FD98434B6A06FE31A35E4BFBC827B290 52040 ----atw- C:\Users\Not\AppData\Local\Temp\{539B392E-A37B-418C-9F26-5A13F52998B1}\GoogleUpdateOnDemand.exe

2015-03-25 19:42:48 F3B6470DA7CE34E559D3BA7365CC909C 115528 ----atw- C:\Users\Not\AppData\Local\Temp\{539B392E-A37B-418C-9F26-5A13F52998B1}\GoogleUpdateComRegisterShell64.exe

2015-03-25 19:42:48 E1B44A75947137F4143308D566889837 107848 ----atw- C:\Users\Not\AppData\Local\Temp\{539B392E-A37B-418C-9F26-5A13F52998B1}\GoogleUpdate.exe

2015-03-25 19:42:48 83BB030C71C9727DCFB2737005772C4E 232264 ----atw- C:\Users\Not\AppData\Local\Temp\{539B392E-A37B-418C-9F26-5A13F52998B1}\GoogleCrashHandler.exe

2015-03-25 19:42:48 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Users\Not\AppData\Local\Temp\{539B392E-A37B-418C-9F26-5A13F52998B1}\GoogleUpdateSetup.exe

2015-03-25 19:42:48 7502515B2447293E7239840134391CE0 28160 ----atw- C:\Users\Not\AppData\Local\Temp\{539B392E-A37B-418C-9F26-5A13F52998B1}\GoogleUpdateHelper.msi

2015-03-25 19:42:48 5F0A3AA68785C49454F56C9F2DDA0237 52040 ----atw- C:\Users\Not\AppData\Local\Temp\{539B392E-A37B-418C-9F26-5A13F52998B1}\GoogleUpdateWebPlugin.exe

2015-03-25 19:42:48 5C2593649CF4FE6B9ED6F9A734DBF344 1683272 ----atw- C:\Users\Not\AppData\Local\Temp\{539B392E-A37B-418C-9F26-5A13F52998B1}\goopdate.dll

2015-03-25 19:42:48 4C02536F4CA35911FB3EA5715F300C57 52040 ----atw- C:\Users\Not\AppData\Local\Temp\{539B392E-A37B-418C-9F26-5A13F52998B1}\GoogleUpdateBroker.exe

2015-03-25 19:42:48 323CFFFDAF253AC65CD194A101BE6231 287048 ----atw- C:\Users\Not\AppData\Local\Temp\{539B392E-A37B-418C-9F26-5A13F52998B1}\GoogleCrashHandler64.exe

====== Java Cache =====

====== C:\Windows\system32 =====

2015-03-25 11:27:24 21D6348D855E5DE8AC6F826E4221CB76 30936 ----a-w- C:\Windows\System32\WinDivert32.sys

2015-03-25 11:27:24 06777CD52B776FFCEE548C82BFA86451 30520 ----a-w- C:\Windows\System32\WinDivert.dll

====== C:\Windows\system32\drivers =====

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2015-03-25 11:27:23 -------- d--h--w- C:\Program Files\GAS Tecnologia

2015-03-25 11:27:23 -------- d-----w- C:\Program Files\Diebold

2015-03-24 18:41:04 -------- d-----w- C:\Program Files\ZHPDiag

2015-03-22 15:11:05 -------- d-----w- C:\Program Files\Facebook Quick Share

2015-03-22 12:35:42 -------- d-----w- C:\Program Files\Common Files\Protexis

======= C: =====

2015-03-24 18:44:08 A1A5B272D8B9A72C5FE4D4E2CC39B697 512 ----a-w- C:\PhysicalDisk0_MBR.bin

2015-03-24 18:39:16 07368C9133736A235D7CA1B3033A312F 6877279 ----a-w- C:\ZHPDiag2.exe

2015-03-17 11:05:13 A0B0E0655270E1B831DF5509D93B4C44 1024 ----a-w- C:\.rnd

2015-03-12 01:14:18 9F953C26E87BD03CAD185352DC68A10E 3262 ----a-w- C:\EMBI¼“ù¼“ù¼“ù¼“ù¼“ù¼“

====== C:\Users\Not\AppData\Roaming ======

2015-03-24 18:41:04 -------- d-----w- C:\Users\Not\AppData\Roaming\ZHP

2015-03-11 22:02:58 -------- d-----w- C:\Users\Not\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome

====== C:\Users\Not ======

2015-03-25 13:22:28 67D890E8DA0A5DB2846B6366172D15A0 1135104 ----a-w- C:\Users\Not\Desktop\FRST.exe

2015-03-24 18:41:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP

2015-03-24 17:45:50 F3B1380390D250D2ED638A3A246C10D4 1388782 ----a-w- C:\Users\Not\Desktop\JRT.exe

2015-03-24 17:45:28 E55CCE4E4A0153A3122E76A3DA23B288 2168320 ----a-w- C:\Users\Not\Desktop\adwcleaner_4.113.exe

2015-03-24 16:57:31 81472308A99AAF0F7F0A64A170E8A2AD 4515896 ----a-w- C:\Users\Not\Desktop\avira_ptbr_av_5511975f7d367__ws.exe

2015-03-23 11:24:22 -------- d-----w- C:\Users\TODOSO~1\{68bee0ec-3c16-5c66-68be-ee0ec3c183b0}

2015-03-23 11:24:22 -------- d-----w- C:\ProgramData\{68bee0ec-3c16-5c66-68be-ee0ec3c183b0}

2015-03-22 15:09:52 -------- d-----w- C:\Users\TODOSO~1\4909606385963357649

2015-03-22 15:09:52 -------- d-----w- C:\ProgramData\4909606385963357649

2015-03-22 15:08:06 -------- d-----w- C:\Users\TODOSO~1\{57d51851-15dc-2e26-57d5-5185115d6144}

2015-03-22 15:08:06 -------- d-----w- C:\ProgramData\{57d51851-15dc-2e26-57d5-5185115d6144}

2015-03-22 12:31:16 -------- d-----w- C:\Users\Public\Documents\Corel

2015-03-22 12:30:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X6

2015-03-17 11:04:34 -------- d-----w- C:\Users\TODOSO~1\Package Cache

2015-03-17 11:04:34 -------- d-----w- C:\ProgramData\Package Cache


====== C: exe-files ==

2015-03-25 19:48:24 A08A0CAD85CAB9E10E1E91D028F1B209 41472592 ----a-w- C:\Program Files\Google\Update\Install\{E33C104F-4E31-4522-A9B6-2E8B8000B570}\41.0.2272.101_chrome_installer.exe

2015-03-25 19:48:19 FD98434B6A06FE31A35E4BFBC827B290 52040 ----atw- C:\Users\Not\AppData\Local\Temp\{0742994C-185F-422E-AD84-1B85132E6A31}\GoogleUpdateOnDemand.exe

2015-03-25 19:48:19 F3B6470DA7CE34E559D3BA7365CC909C 115528 ----atw- C:\Users\Not\AppData\Local\Temp\{0742994C-185F-422E-AD84-1B85132E6A31}\GoogleUpdateComRegisterShell64.exe

2015-03-25 19:48:19 E1B44A75947137F4143308D566889837 107848 ----atw- C:\Users\Not\AppData\Local\Temp\{0742994C-185F-422E-AD84-1B85132E6A31}\GoogleUpdate.exe

2015-03-25 19:48:19 83BB030C71C9727DCFB2737005772C4E 232264 ----atw- C:\Users\Not\AppData\Local\Temp\{0742994C-185F-422E-AD84-1B85132E6A31}\GoogleCrashHandler.exe

2015-03-25 19:48:19 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Users\Not\AppData\Local\Temp\{0742994C-185F-422E-AD84-1B85132E6A31}\GoogleUpdateSetup.exe

2015-03-25 19:48:19 5F0A3AA68785C49454F56C9F2DDA0237 52040 ----atw- C:\Users\Not\AppData\Local\Temp\{0742994C-185F-422E-AD84-1B85132E6A31}\GoogleUpdateWebPlugin.exe

2015-03-25 19:48:19 4C02536F4CA35911FB3EA5715F300C57 52040 ----atw- C:\Users\Not\AppData\Local\Temp\{0742994C-185F-422E-AD84-1B85132E6A31}\GoogleUpdateBroker.exe

2015-03-25 19:48:19 323CFFFDAF253AC65CD194A101BE6231 287048 ----atw- C:\Users\Not\AppData\Local\Temp\{0742994C-185F-422E-AD84-1B85132E6A31}\GoogleCrashHandler64.exe

2015-03-25 19:43:29 A08A0CAD85CAB9E10E1E91D028F1B209 41472592 ----a-w- C:\Program Files\Google\Update\Install\{2060D902-C92B-495D-9F74-1225C14841FF}\41.0.2272.101_chrome_installer.exe

2015-03-25 19:43:28 A08A0CAD85CAB9E10E1E91D028F1B209 41472592 ----a-w- C:\Program Files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\41.0.2272.101\41.0.2272.101_chrome_installer.exe

2015-03-25 19:42:48 FD98434B6A06FE31A35E4BFBC827B290 52040 ----atw- C:\Users\Not\AppData\Local\Temp\{539B392E-A37B-418C-9F26-5A13F52998B1}\GoogleUpdateOnDemand.exe

2015-03-25 19:42:48 F3B6470DA7CE34E559D3BA7365CC909C 115528 ----atw- C:\Users\Not\AppData\Local\Temp\{539B392E-A37B-418C-9F26-5A13F52998B1}\GoogleUpdateComRegisterShell64.exe

2015-03-25 19:42:48 E1B44A75947137F4143308D566889837 107848 ----atw- C:\Users\Not\AppData\Local\Temp\{539B392E-A37B-418C-9F26-5A13F52998B1}\GoogleUpdate.exe

2015-03-25 19:42:48 83BB030C71C9727DCFB2737005772C4E 232264 ----atw- C:\Users\Not\AppData\Local\Temp\{539B392E-A37B-418C-9F26-5A13F52998B1}\GoogleCrashHandler.exe

2015-03-25 19:42:48 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Users\Not\AppData\Local\Temp\{539B392E-A37B-418C-9F26-5A13F52998B1}\GoogleUpdateSetup.exe

2015-03-25 19:42:48 5F0A3AA68785C49454F56C9F2DDA0237 52040 ----atw- C:\Users\Not\AppData\Local\Temp\{539B392E-A37B-418C-9F26-5A13F52998B1}\GoogleUpdateWebPlugin.exe

2015-03-25 19:42:48 4C02536F4CA35911FB3EA5715F300C57 52040 ----atw- C:\Users\Not\AppData\Local\Temp\{539B392E-A37B-418C-9F26-5A13F52998B1}\GoogleUpdateBroker.exe

2015-03-25 19:42:48 323CFFFDAF253AC65CD194A101BE6231 287048 ----atw- C:\Users\Not\AppData\Local\Temp\{539B392E-A37B-418C-9F26-5A13F52998B1}\GoogleCrashHandler64.exe

2015-03-25 17:52:11 695552E890F458947D60CC24D564147D 561992 ----a-w- C:\Users\Not\AppData\Local\Google\Chrome\User Data\SwReporter\2.16.2.0\software_reporter_tool.exe

2015-03-25 13:22:28 67D890E8DA0A5DB2846B6366172D15A0 1135104 ----a-w- C:\Users\Not\Desktop\FRST.exe

2015-03-25 11:27:27 17627A4E569E2CE247C12BF3DF44E590 372024 ----a-w- C:\Program Files\Diebold\Warsaw\wsffcmgr.exe

2015-03-25 11:27:24 ED6BB091F7DCE95FEE74FE328DCB5053 507704 ----a-w- C:\Program Files\Diebold\Warsaw\core.exe

2015-03-25 11:27:24 48922BE6C2AE8695012E70F7862EC31E 721602 ----a-w- C:\Program Files\Diebold\Warsaw\unins000.exe

2015-03-25 11:27:24 37D9923C43C8E0044BA0D6CAA95A792A 269624 ----a-w- C:\Program Files\Diebold\Warsaw\uninstall_core.exe

2015-03-24 18:41:07 F3A37421DBD1AAA36558C97572C91C5A 147456 ----a-w- C:\Program Files\ZHPDiag\catchme.exe

2015-03-24 18:41:07 CB2D120A4B72422A8141192831B1F500 80384 ----a-w- C:\Program Files\ZHPDiag\mbrcheck.exe

2015-03-24 18:41:07 9DAA7218961710008D7385B01BD3F386 89088 ----a-w- C:\Program Files\ZHPDiag\mbr.exe

2015-03-24 18:41:07 6B8AF3A2A3D9059008B55C444461CA00 61952 ----a-w- C:\Program Files\ZHPDiag\Lads.exe

2015-03-24 18:41:07 5DAF7081A4BB112FA3F1915819330A3E 61440 ----a-w- C:\Program Files\ZHPDiag\pv.exe

2015-03-24 18:41:07 53CDBB093B0AEE9FD6CF1CBD25A95077 290304 ----a-w- C:\Program Files\ZHPDiag\subinacl.exe

2015-03-24 18:41:07 451AE03D3C92777F09840CA56F08AB62 454056 ----a-w- C:\Program Files\ZHPDiag\setacl32.exe

2015-03-24 18:41:07 3E350EB5DF15C06DEC400A39DD1C6F29 559528 ----a-w- C:\Program Files\ZHPDiag\setacl64.exe

2015-03-24 18:41:07 2312A38B8B003330DB919FA818C48449 231048 ----a-w- C:\Program Files\ZHPDiag\sigcheck.exe

2015-03-24 18:41:06 C155A13687144076286989EF078112C2 1917440 ----a-w- C:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe

2015-03-24 18:41:06 509F5C3B534CD8F5F78F7CDEBAED38CF 3060224 ----a-w- C:\Program Files\ZHPDiag\ZHPFix\ZHPFix.exe

2015-03-24 18:41:05 EF6B4B38332C4EB7B74C0A1CB7094E83 8188928 ----a-w- C:\Program Files\ZHPDiag\ZHPDiag.exe

2015-03-24 18:41:04 C155A13687144076286989EF078112C2 1917440 ----a-w- C:\Program Files\ZHPDiag\ZHPhep.exe

2015-03-24 18:41:04 8AE13B97BFCAD6C7D3B8C8A1C298EFB4 694736 ----a-w- C:\Program Files\ZHPDiag\unins000.exe

2015-03-24 18:39:16 07368C9133736A235D7CA1B3033A312F 6877279 ----a-w- C:\ZHPDiag2.exe

2015-03-24 17:45:50 F3B1380390D250D2ED638A3A246C10D4 1388782 ----a-w- C:\Users\Not\Desktop\JRT.exe

2015-03-24 17:45:28 E55CCE4E4A0153A3122E76A3DA23B288 2168320 ----a-w- C:\Users\Not\Desktop\adwcleaner_4.113.exe

2015-03-24 16:57:31 81472308A99AAF0F7F0A64A170E8A2AD 4515896 ----a-w- C:\Users\Not\Desktop\avira_ptbr_av_5511975f7d367__ws.exe

2015-03-22 15:11:05 756360BCFB191CD73806747F45E472D0 223232 ----a-w- C:\Program Files\Facebook Quick Share\Facebook Quick Share.exe

2015-03-22 12:29:44 DA4C573F9E15676A16AAB9F20BE5E6BF 4005376 ----a-w- C:\Program Files\Corel\CorelDRAW Graphics Suite X6\Setup\CGS16\VSTA\expdbgsetup.exe

2015-03-19 22:55:40 A38E9C48F13C11CAB641A0C91F8F12A1 885840 ----a-w- C:\Program Files\Google\Update\Install\{B6817F87-FD38-4E7A-90C5-20BEA03FFFBC}\41.0.2272.101_41.0.2272.89_chrome_updater.exe

2015-03-19 22:55:40 A38E9C48F13C11CAB641A0C91F8F12A1 885840 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\41.0.2272.101\41.0.2272.101_41.0.2272.89_chrome_updater.exe

=== C: other files ==

2015-03-25 11:27:24 21D6348D855E5DE8AC6F826E4221CB76 30936 ----a-w- C:\Windows\System32\WinDivert32.sys


==== Startup Registry Enabled ======================


[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"


[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"


[HKEY_USERS\S-1-5-21-1918045531-4293645944-74723622-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"EPSON TX133 TX135 Series"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHJB.EXE /FU C:\Windows\TEMP\E_S11B.tmp /EF HKCU"

"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR"

"Codec Pack Update Checker"="C:\Windows\system32\C2MP\UpdateChecker.exe"

"OneDrive"="C:\Users\Not\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

"GoogleChromeAutoLaunch_4D013C93135F825B6C898CEE188794F1"="C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window"


[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"


[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"CLMLServer"="C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"

"LGODDFU"="C:\Program Files\lg_fwupdate\lgfw.exe blrun"

"EEventManager"="C:\Program Files\Epson Software\Event Manager\EEventManager.exe"

"Codec Settings UAC Manager"="C:\Windows\system32\C2MP\CodecUACManager.exe"

"AdobeAAMUpdater-1.0"="C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

"AdobeCS6ServiceManager"="C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin"

"Diebold - Warsaw"="C:\Program Files\Diebold\Warsaw\core.exe"

"SiSTray"="%ProgramFiles%\SiS VGA Utilities\SiSTray.exe"


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"EPSON TX133 TX135 Series"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHJB.EXE /FU C:\Windows\TEMP\E_S11B.tmp /EF HKCU"

"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR"

"Codec Pack Update Checker"="C:\Windows\system32\C2MP\UpdateChecker.exe"

"OneDrive"="C:\Users\Not\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

"GoogleChromeAutoLaunch_4D013C93135F825B6C898CEE188794F1"="C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window"


==== Startup Folders ======================


2015-02-05 19:46:06 1127 ----a-w- C:\Users\Not\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

2015-02-05 16:32:58 1858 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk


==== Task Scheduler Jobs ======================


C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [undetermined Task]


==== Other Scheduled Tasks ======================


"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\klcp_update" ["C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe"]


==== Firefox Start and Search pages ======================


ProfilePath: C:\Users\Not\AppData\Roaming\Mozilla\Firefox\Profiles\nnlpqfcd.default

user_pref("browser.search.defaultenginename", "Yahoo!");

user_pref("browser.search.selectedEngine", "Yahoo!");



==== Firefox Extensions ======================


ProfilePath: C:\Users\Not\AppData\Roaming\Mozilla\Firefox\Profiles\nnlpqfcd.default

- Segurana do navegador Avira - %ProfilePath%\extensions\abs@avira.com


==== Firefox Plugins ======================


Profilepath: C:\Users\Not\AppData\Roaming\Mozilla\Firefox\Profiles\nnlpqfcd.default

21FF3F07336CE4F8DF6AF1746BC26AAB - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat

E0BCE90537E4A41AF36D5BDD5963A09D - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat



==== Chromium Look ======================


Google Chrome Version: 41.0.2272.101 (Latest Stable version: 41.0.2272.101)


HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

flliilndjeohchalpbbcdekjklbdgfkk - No path found[]

lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14/07/2014 17:22]


Avira Browser Safety - Not\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk

Skype Click to Call - Not\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

Cath Kidston - Not\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndlpkmaeinmnbiadacenijnhlolneopm


==== IE Start and Search Settings ======================


[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

"Secondary Start Pages"="http://www.google.com"

"Default_Page_URL"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="http://www.google.com"

"Default_Page_URL"="http://www.google.com"

"Start Page"="http://www.google.com"

"Search Page"="http://www.google.com"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"


==== All HKCU SearchScopes ======================


HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"


==== HijackThis Entries ======================


O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [siSTray] %ProgramFiles%\SiS VGA Utilities\SiSTray.exe

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"

O4 - HKLM\..\Run: [LGODDFU] C:\Program Files\lg_fwupdate\lgfw.exe blrun

O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"

O4 - HKLM\..\Run: [Codec Settings UAC Manager] "C:\Windows\system32\C2MP\CodecUACManager.exe"

O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [Diebold - Warsaw] C:\Program Files\Diebold\Warsaw\core.exe

O4 - HKCU\..\Run: [EPSON TX133 TX135 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHJB.EXE /FU "C:\Windows\TEMP\E_S11B.tmp" /EF "HKCU"

O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR

O4 - HKCU\..\Run: [Codec Pack Update Checker] "C:\Windows\system32\C2MP\UpdateChecker.exe"

O4 - HKCU\..\Run: [OneDrive] "C:\Users\Not\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background

O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4D013C93135F825B6C898CEE188794F1] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')

O4 - Startup: Dropbox.lnk = Not\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Global Startup: CodecPackTrayMenu.lnk = C:\Windows\System32\C2MP\TrayMenu.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL

O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE

O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Sentinel HASP License Manager (hasplms) - SafeNet Inc. - C:\Windows\system32\hasplms.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe


==== C:\zoek_backup content ======================


C:\zoek_backup (files=0 folders=0 0 bytes)


==== EOF on 26/03/2015 at 9:55:19,45 ======================

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa tarde carol2906,

 

  • Baixe: <Security_Check_zpsu3tgsykp.png> (by screen317)
  • Salve-a na Dektop (Área de Trabalho)
  • Dê um duplo clique para executar o SecurityCheck !
  • Na janela que abrirá pressione qualquer tecla para continuar. Aguarde enquanto a ferramenta faz o exame.
  • Ao término, abrirá um log, o checkup.txt.
  • Selecione, copie e cole o conteúdo deste log na sua próxima resposta.


 

Um grande abraço. :thumbsup:

 

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.