Jump to content

Weick

Members
  • Content count

    104
  • Joined

  • Last visited

Everything posted by Weick

  1. DigRam, obrigado. Segue o relatório: http://www.cjoint.com/c/GAmvV4Rrpk4
  2. DigRam, É normal que esse processo de fix demore? Porque ele ta rodando a mais de meia hora e nada. Estou esperando, mas me parece que ele não vai finalizar.
  3. Pessoal, Estou com o note infestado de pragas. Quando abro o navegador, várias extensões são instaladas e por mais que eu as delete e as desinstale do note, não consigo me livrar delas, elas sempre voltam. O resultado é que em toda página aparecem propagandas no topo ou no meio da página e às vezes páginas são carregadas automaticamente (estou lendo um artigo, de repente saio do site e estou em uma outra página). Esses anúncios vem com o nome de "Ad by SalePlus" ou "Ad by DealNoDeal" dentre outros. Obs.: quando rodei o Hijackthis, apareceu uma mensagem dizendo o seguinte: "For some reasons the system denied write access to the Hosts file. If any hijacked domains are in this file, HijackThis may not be able to fix this. If that happens, you need to edit the file yourself. To do this, click Start, Run and type: notepad C:\WINDOWS\System32\drivers\etc\hosts and press enter. Find the line(s) HijackThis reports and delete them. Save this file as 'hosts' (with quotes) and reboot." Segue log: Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 8:22:42 PM, on 2015-04-14 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.17416) Boot mode: Normal Running processes: C:\PROGRA~2\GbPlugin\GbpSv.exe C:\ProgramData\{ab512ab1-9c13-6b92-ab51-12ab19c1aac6}\Driver ToolKit 8.3 License Key Crack for Free download.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Vi\Downloads\HijackThis.exe C:\WINDOWS\SysWOW64\DllHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: G-Buster Browser Defense BANESE - {C41A1C0E-EA6C-11D4-B1B8-444553540027} - C:\Program Files (x86)\GbPlugin\gbiehbes.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Policies\Explorer\Run: [btvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" O4 - Startup: Driver ToolKit 8.3 License Key Crack for Free download.lnk = C:\ProgramData\{ab512ab1-9c13-6b92-ab51-12ab19c1aac6}\Driver ToolKit 8.3 License Key Crack for Free download.exe O4 - Startup: Driver Toolkit 8.4 Working License Key and Crack Free Download.lnk = C:\ProgramData\{4e410934-b586-2d1d-4e41-10934b5824d2}\Driver Toolkit 8.4 Working License Key and Crack Free Download.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000 O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.banese.b.br O15 - Trusted Zone: wwws.banese.b.br O15 - Trusted Zone: egov.banese.com.br O15 - Trusted Zone: www.banese.com.br O15 - Trusted Zone: wwws.banese.com.br O15 - Trusted Zone: www.banesecard.com.br O15 - Trusted Zone: portaldoservidor.se.gov.br O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O20 - Winlogon Notify: GbPluginBes - C:\Program Files (x86)\GbPlugin\gbiehBes.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Easy Launcher - Samsung Electronics CO., LTD. - C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 6405 bytes Obrigado
  4. Boa tarde, Fiz todos os procedimentos e reiniciei o note. Quando abri o Chrome, tinha uma extensão lá na lista, mas ela estava desativada. Eu deletei ela da lista no navegador e reiniciei o Chrome. A extensão não apareceu novamente, parece que está tudo normal agora. Vou monitorar. Muito obrigado, Weick
  5. Boa tarde, Segue relatório: http://www.cjoint.com/15av/EDvtzVuxCUi.htm
  6. Bom dia! Zoek rodou sem erros. Segue log Zoek.exe v5.0.0.0 Updated 08-April-2015 Tool run by Vi on 2015-04-21 at 8:42:53.37. Microsoft Windows 8.1 Single Language 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Vi\Desktop\zoek.exe [scan all users] [script inserted] ==== System Restore Info ====================== 2015-04-21 8:45:14 AM Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\Users\Vi\AppData\Local\SKIDROW deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~3\aloabmppojelahdamjgjcndbdenoghci deleted C:\PROGRA~3\epnbmccgpfhkfmlikbbiojjpjehfllkf deleted C:\PROGRA~3\jkcmbmgehienpclegogefgjkejbbppek deleted C:\PROGRA~3\{49f71d88-1773-51d1-49f7-71d881777620} deleted C:\Users\Vi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup\Driver ToolKit 8.3 License Key Crack for Free download.lnk deleted C:\Users\Vi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup\Driver Toolkit 8.4 Working License Key and Crack Free Download.lnk deleted C:\PROGRA~3\14874686664167840276 deleted C:\Users\Vi\.android deleted C:\B000.tmp deleted C:\ZHPDiag2.exe deleted C:\Users\Vi\AppData\Roaming\appdataFr3.bin deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\Vi\AppData\Roaming\unins000.exe deleted C:\PROGRA~3\MakeMarkerFile.exe deleted "C:\PROGRA~3\{4e410934-b586-2d1d-4e41-10934b5824d2}\5d17585c0f91bd19" not deleted "C:\PROGRA~3\{4e410934-b586-2d1d-4e41-10934b5824d2}\90eafe0928455acd" not deleted "C:\PROGRA~3\{ab512ab1-9c13-6b92-ab51-12ab19c1aac6}\23071211da6b8c89" not deleted "C:\PROGRA~3\{ab512ab1-9c13-6b92-ab51-12ab19c1aac6}\Driver ToolKit 8.3 License Key Crack for Free download.exe" deleted "C:\PROGRA~3\{ab512ab1-9c13-6b92-ab51-12ab19c1aac6}\eefab444fdbf6b5d" not deleted "C:\PROGRA~3\{4e410934-b586-2d1d-4e41-10934b5824d2}" not deleted "C:\PROGRA~3\{ab512ab1-9c13-6b92-ab51-12ab19c1aac6}" not deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2015-04-20 22:30:01 CA2A8AF1DBAD0F31F9B33A2827DFBC16 207 ----a-w- C:\WINDOWS\tweaking.com-regbackup-VSAM-NB-Windows-8.1-Single-Language-(64-bit).dat ====== C:\Users\Vi\AppData\Local\Temp ==== 2015-04-21 11:38:50 7488533E2D6A6DE19BD3D01C9BE04023 485376 ----a-w- C:\Users\Vi\AppData\Local\Temp\C548.exe 2015-04-20 22:51:03 7488533E2D6A6DE19BD3D01C9BE04023 485376 ----a-w- C:\Users\Vi\AppData\Local\Temp\20D8.exe 2015-04-20 22:29:27 FDD26A402322F212DCA153FF8B1FFB6E 78816 ----a-w- C:\Users\Vi\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\pcwintech_tasksch.dll 2015-04-20 22:29:27 DC7A3BC0FC185CD68848DC6F7D7B026B 40960 ----a-w- C:\Users\Vi\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\SSubTmr6.dll 2015-04-20 22:29:27 547C43567AB8C08EB30F6C6BACB479A3 79360 ----a-w- C:\Users\Vi\AppData\Local\Temp\jrt\regex2.dll 2015-04-20 22:29:26 E0DC8C6BBC787B972A9A468648DBFD85 1008128 ----a-w- C:\Users\Vi\AppData\Local\Temp\jrt\libiconv2.dll 2015-04-20 22:29:26 D202BAA425176287017FFE1FB5D1B77C 103424 ----a-w- C:\Users\Vi\AppData\Local\Temp\jrt\libintl3.dll 2015-04-20 22:29:26 A107DE2D120C0571B544EEC53D1971AB 1406208 ----a-w- C:\Users\Vi\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\TweakingRegistryBackup.exe 2015-04-20 22:29:26 57CAC848FA14AE38F14F9441F8933282 140288 ----a-w- C:\Users\Vi\AppData\Local\Temp\jrt\pcre3.dll 2015-04-20 22:29:26 1B128828BF5E4353811B6DA58156B7F4 6656 ----a-w- C:\Users\Vi\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\files\dosdev.exe 2015-04-20 22:28:08 7488533E2D6A6DE19BD3D01C9BE04023 485376 ----a-w- C:\Users\Vi\AppData\Local\Temp\2D80.exe 2015-04-20 21:03:32 7488533E2D6A6DE19BD3D01C9BE04023 485376 ----a-w- C:\Users\Vi\AppData\Local\Temp\C5D8.exe 2015-04-20 15:39:30 7488533E2D6A6DE19BD3D01C9BE04023 485376 ----a-w- C:\Users\Vi\AppData\Local\Temp\8F40\temp\2880.exe 2015-04-20 12:48:46 1412FA64CD13E44E85D51FDDC97CFCAB 385024 ----a-w- C:\Users\Vi\AppData\Local\Temp\BE78\temp\Chaturbate Token Hack Tool 2014 Fully Cracked Working Cheats.exe 2015-04-20 12:48:39 1412FA64CD13E44E85D51FDDC97CFCAB 385024 ----a-w- C:\Users\Vi\AppData\Local\Temp\D000.exe 2015-04-19 19:06:18 376E4CFAA0CB5B487B2B5A5426BEA58A 40448 ------w- C:\Users\Vi\AppData\Local\Temp\proxy_vole8753661764148910314.dll ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2015-04-14 20:32:04 8A4CEBF34370D689E198E6673C1F2C40 74072 ----a-w- C:\WINDOWS\SysWOW64\XAPOFX1_5.dll 2015-04-14 20:32:04 81DFDDFB401D663BA7E6AD1C80364216 527192 ----a-w- C:\WINDOWS\SysWOW64\XAudio2_7.dll 2015-04-14 20:32:00 1C9B45E87528B8BB8CFA884EA0099A85 2106216 ----a-w- C:\WINDOWS\SysWOW64\D3DCompiler_43.dll 2015-04-14 20:31:58 8E0BB968FF41D80E5F2C747C04DB79AE 248672 ----a-w- C:\WINDOWS\SysWOW64\d3dx11_43.dll 2015-04-14 20:31:43 501AC862517C5445742BEE8A2B88414E 453456 ----a-w- C:\WINDOWS\SysWOW64\d3dx10_42.dll 2015-04-14 20:31:31 91B4AAD4412BB223B466F3DFB43E86DA 452440 ----a-w- C:\WINDOWS\SysWOW64\d3dx10_40.dll 2015-04-14 20:31:31 3384134EEB8F223178C2EB8323003EC0 2036576 ----a-w- C:\WINDOWS\SysWOW64\D3DCompiler_40.dll 2015-04-14 20:31:28 EEA5E428CE63804F9B12D21C97B5968F 4379984 ----a-w- C:\WINDOWS\SysWOW64\D3DX9_40.dll 2015-04-14 20:30:39 26AF232140C88B42D92A88F2198EDF6A 3426072 ----a-w- C:\WINDOWS\SysWOW64\d3dx9_32.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2015-04-15 10:52:18 2C1EA4F0084B46604F4F437776551F36 33592 ----a-w- C:\WINDOWS\Sysnative\WinDivert.dll 2015-04-15 10:52:14 8D568B1E99BAD4BCC9B58A06E22A5354 37592 ----a-w- C:\WINDOWS\Sysnative\WinDivert64.sys 2015-04-14 20:32:04 E9739AE8B2FA28DCD6F2EF5525DA8827 77656 ----a-w- C:\WINDOWS\Sysnative\XAPOFX1_5.dll 2015-04-14 20:32:04 4F7513FF4DE6303088DB28DCBCEF372C 518488 ----a-w- C:\WINDOWS\Sysnative\XAudio2_7.dll 2015-04-14 20:32:00 ADA0C39D4EACDC81FD84163A95D62079 2526056 ----a-w- C:\WINDOWS\Sysnative\D3DCompiler_43.dll 2015-04-14 20:31:58 9D6429F410597750B2DC2579B2347303 276832 ----a-w- C:\WINDOWS\Sysnative\d3dx11_43.dll 2015-04-14 20:31:43 B739C423276AE62D7AC91773226EC13B 523088 ----a-w- C:\WINDOWS\Sysnative\d3dx10_42.dll 2015-04-14 20:31:31 862586AD4B1355F7DCDE111EE0AAF350 519000 ----a-w- C:\WINDOWS\Sysnative\d3dx10_40.dll 2015-04-14 20:31:31 37309B833480DC69FDE7DB68F9B8BC20 2605920 ----a-w- C:\WINDOWS\Sysnative\D3DCompiler_40.dll 2015-04-14 20:31:28 29A79F0B607FAF5722D7BAF2485F632A 5631312 ----a-w- C:\WINDOWS\Sysnative\D3DX9_40.dll 2015-04-14 20:30:39 A4DDFE5DC4E73D1FED9B1B3A3D885612 4398360 ----a-w- C:\WINDOWS\Sysnative\d3dx9_32.dll ====== C:\WINDOWS\Sysnative\drivers ===== ====== C:\WINDOWS\Tasks ====== 2015-04-20 22:01:52 2F054AEE40DBE612F91E6326098C97E2 3026 ----a-w- C:\WINDOWS\Sysnative\Tasks\{264FE75D-0388-4912-AEBD-A87D13C15167} ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2015-04-15 10:52:14 -------- d-----w- C:\Program Files\Diebold ======= C:\PROGRA~2 ===== 2015-04-19 18:48:34 -------- d-----w- C:\PROGRA~2\QuickPar 2015-04-19 18:25:28 -------- d-----w- C:\PROGRA~2\WinRAR 2015-04-18 16:29:20 -------- d-----w- C:\PROGRA~2\ZHPDiag 2015-04-15 10:52:14 -------- d-----w- C:\PROGRA~2\GAS Tecnologia 2015-04-15 10:52:14 -------- d-----w- C:\PROGRA~2\Diebold ======= C: ===== 2015-04-18 16:40:00 95E18B5ED8B20C32AE8A5068FFA72709 512 ----a-w- C:\PhysicalDisk0_MBR.bin 2015-04-14 00:18:10 D334E627DB2B9CACCB4FD7591E1D6454 1024 ----a-w- C:\.rnd ====== C:\Users\Vi\AppData\Roaming ====== 2015-04-21 11:39:19 -------- d-----r- C:\Users\Vi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2015-04-19 19:08:48 -------- d-----w- C:\Users\Vi\AppData\Local\QuickPar 2015-04-19 18:48:37 -------- d-----w- C:\Users\Vi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPar 2015-04-19 18:25:55 -------- d-----w- C:\Users\Vi\AppData\Roaming\WinRAR 2015-04-19 18:25:36 -------- d-----w- C:\Users\Vi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-04-18 21:19:05 -------- d-----w- C:\Users\Vi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader 2015-04-18 20:33:00 -------- d-----w- C:\Users\Vi\AppData\Local\JDownloader 2.0 2015-04-18 16:29:20 -------- d-----w- C:\Users\Vi\AppData\Roaming\ZHP 2015-04-14 00:15:49 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Programs 2015-04-09 23:57:02 -------- d-----w- C:\Users\Vi\AppData\Locallow\Adobe 2015-04-06 00:06:05 -------- d-----w- C:\Users\Vi\AppData\Roaming\dvdcss 2015-03-26 20:48:58 -------- d-----w- C:\Users\Vi\AppData\Roaming\vlc ====== C:\Users\Vi ====== 2015-04-20 12:37:24 7CCCC76D58F6BC06446885D389AD9933 2684539 ----a-w- C:\Users\Vi\Downloads\JRT.exe 2015-04-19 18:48:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar 2015-04-19 18:48:04 6FB201020B62B57586CA762DEC51A982 501363 ----a-w- C:\Users\Vi\Downloads\QuickPar-0.9.1.0.exe 2015-04-19 18:25:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-04-19 18:21:52 9B6F7231533F04B75F3B3C86CB9D0117 1941744 ----a-w- C:\Users\Vi\Downloads\winrar-x64-521.exe 2015-04-18 17:26:26 D14E892FE0F82244F2EEEAF75D58A3AB 36403448 ----a-w- C:\Users\Vi\Downloads\JDownloader2Setup.exe 2015-04-18 16:59:55 8CB58620F4651954C5F7539B0A301E92 4463952 ----a-w- C:\Users\Vi\Downloads\dolphin-4.0-win64.exe 2015-04-18 16:29:29 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP 2015-04-14 20:21:49 7C1FC2021CF57FED3C25C9B03CD0C31A 100271992 ----a-w- C:\Users\Vi\Downloads\directx_Jun2010_redist.exe 2015-04-14 20:05:07 31D2409237481996E00505054E68BA3E 21540440 ----a-w- C:\Users\Vi\Downloads\mbam-setup-2.1.4.1018.exe 2015-04-14 00:14:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games ====== C: exe-files == 2015-04-21 11:38:50 7488533E2D6A6DE19BD3D01C9BE04023 485376 ----a-w- C:\Users\Vi\AppData\Local\Temp\C548.exe 2015-04-20 22:51:03 7488533E2D6A6DE19BD3D01C9BE04023 485376 ----a-w- C:\Users\Vi\AppData\Local\Temp\20D8.exe 2015-04-20 22:29:26 A107DE2D120C0571B544EEC53D1971AB 1406208 ----a-w- C:\Users\Vi\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\TweakingRegistryBackup.exe 2015-04-20 22:29:26 1B128828BF5E4353811B6DA58156B7F4 6656 ----a-w- C:\Users\Vi\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\files\dosdev.exe 2015-04-20 22:28:08 7488533E2D6A6DE19BD3D01C9BE04023 485376 ----a-w- C:\Users\Vi\AppData\Local\Temp\2D80.exe 2015-04-20 21:03:32 7488533E2D6A6DE19BD3D01C9BE04023 485376 ----a-w- C:\Users\Vi\AppData\Local\Temp\C5D8.exe 2015-04-20 15:39:30 7488533E2D6A6DE19BD3D01C9BE04023 485376 ----a-w- C:\Users\Vi\AppData\Local\Temp\8F40\temp\2880.exe 2015-04-20 12:48:46 1412FA64CD13E44E85D51FDDC97CFCAB 385024 ----a-w- C:\Users\Vi\AppData\Local\Temp\BE78\temp\Chaturbate Token Hack Tool 2014 Fully Cracked Working Cheats.exe 2015-04-20 12:48:39 1412FA64CD13E44E85D51FDDC97CFCAB 385024 ----a-w- C:\Users\Vi\AppData\Local\Temp\D000.exe 2015-04-20 12:37:24 7CCCC76D58F6BC06446885D389AD9933 2684539 ----a-w- C:\Users\Vi\Downloads\JRT.exe 2015-04-19 18:48:37 ED8047EC2E557F7380B7BAE78528282E 56869 ----a-w- C:\Program Files (x86)\QuickPar\uninst.exe 2015-04-19 18:48:04 6FB201020B62B57586CA762DEC51A982 501363 ----a-w- C:\Users\Vi\Downloads\QuickPar-0.9.1.0.exe 2015-04-19 18:25:33 B291AC0C1C2A09D566E161FFE851088A 61528 ----a-w- C:\Program Files (x86)\WinRAR\Ace32Loader.exe 2015-04-19 18:25:30 2565447320BCC0A5EDE86267A2B27A18 1502808 ----a-w- C:\Program Files (x86)\WinRAR\WinRAR.exe 2015-04-19 18:25:29 ACEED86B06A889A33D71E8F0E65735BF 332376 ----a-w- C:\Program Files (x86)\WinRAR\UnRAR.exe 2015-04-19 18:25:29 6CC32404A80C3547AC713E9B01A8B3DF 187480 ----a-w- C:\Program Files (x86)\WinRAR\Uninstall.exe 2015-04-19 18:25:29 18144E860D353600BBD2E917AED21FDE 527960 ----a-w- C:\Program Files (x86)\WinRAR\Rar.exe 2015-04-19 18:23:10 F6414DD3B23979312F8EBB91DE794178 11080 ----a-w- C:\Users\Vi\AppData\Roaming\ZHP\Quarantine\apps.DIR\2.0\1VYXCNC5.PZH\DVML307P.3H2\goog...app_86fd5b6b43e66935_0001.0003_02e0d8611226c884\clickonce_bootstrap.exe 2015-04-19 18:23:10 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Users\Vi\AppData\Roaming\ZHP\Quarantine\apps.DIR\2.0\1VYXCNC5.PZH\DVML307P.3H2\goog...app_86fd5b6b43e66935_0001.0003_02e0d8611226c884\GoogleUpdateSetup.exe 2015-04-19 18:23:10 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Users\Vi\AppData\Roaming\ZHP\Quarantine\apps.DIR\2.0\1VYXCNC5.PZH\DVML307P.3H2\clic...exe_86fd5b6b43e66935_0001.0003_none_f263691f58f224f9\GoogleUpdateSetup.exe 2015-04-19 18:21:52 9B6F7231533F04B75F3B3C86CB9D0117 1941744 ----a-w- C:\Users\Vi\Downloads\winrar-x64-521.exe 2015-04-18 21:17:30 23E0E3B40B8AF8A296AE22C0DA5B7A7A 77824 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\tools\Windows\elevate\Elevate64.exe 2015-04-18 21:17:29 3D1EC7713B815CFC6E59CC852018EE5B 358912 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\tools\Windows\rtmpdump\rtmpdump.exe 2015-04-18 21:17:28 F5E6D3F393383040721C724E6CD1B589 40960 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\tools\Windows\rtmpdump\SendSignal.exe 2015-04-18 20:35:53 000BA4F00A789F8917060126669ACF60 806912 ----a-w- C:\Users\Vi\Downloads\Dolphin 4.0\DSPTool.exe 2015-04-18 20:35:52 0127ABCCB2199DD7FF00955C8C279DEB 13477888 ----a-w- C:\Users\Vi\Downloads\Dolphin 4.0\Dolphin.exe 2015-04-18 20:33:29 DE395ADB369470A953A11B8C300697E2 35680 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\.install4j\i4jdel.exe 2015-04-18 20:33:28 3F255660963C674D7FDE5813A91E8305 425208 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\Uninstall JDownloader.exe 2015-04-18 20:33:27 95ABD5CD57979EE6C5586FCF570E7B6A 265976 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\JDownloader2Update.exe 2015-04-18 20:33:11 B2D0BBD411F8A0196A855E1BECFC8AE0 425208 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\JDownloader2.exe 2015-04-18 20:33:05 F29CA354D6E309EE48820168C2283D0D 197544 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\jre\bin\unpack200.exe 2015-04-18 20:33:05 DB7F7542B7AE6F51C14FB3DB1F0BC09E 16296 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\jre\bin\tnameserv.exe 2015-04-18 20:33:05 BC69789A18C4450C0701C62E9F1BD2F5 66472 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\jre\bin\ssvagent.exe 2015-04-18 20:33:05 83492C6B3CE1B24D99DF58F423578C04 16808 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\jre\bin\rmiregistry.exe 2015-04-18 20:33:05 47F35CAD3B7DA73DD6033950F0B018A2 16808 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\jre\bin\servertool.exe 2015-04-18 20:33:05 47179F241C883785191F856A7772E320 15784 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\jre\bin\rmid.exe 2015-04-18 20:33:04 E89BBD1512A51613550136EF833B2E16 16296 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\jre\bin\klist.exe 2015-04-18 20:33:04 BF3CA14817AE2C5609F0177C169C4688 16296 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\jre\bin\pack200.exe 2015-04-18 20:33:04 87772AAA7D9E4DC5185FFFFF1D66AAC1 16296 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\jre\bin\ktab.exe 2015-04-18 20:33:04 5EAC3F56872C6828B49951EBAB7BF4CD 16296 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\jre\bin\orbd.exe 2015-04-18 20:33:04 51486673818C862FB955A37BEA75C7DC 16808 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\jre\bin\policytool.exe 2015-04-18 20:33:03 D5F7A1FF7B6205A018427AD2B2EF37C4 16296 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\jre\bin\keytool.exe 2015-04-18 20:33:03 A434996DEB3A419F4F0880BE8193AE6D 16296 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\jre\bin\kinit.exe 2015-04-18 20:33:03 8CD76D429A03BB2F4CCC47B2777D8240 15784 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\jre\bin\jjs.exe 2015-04-18 20:33:03 7571F354DC6266AE3F641A0FC810A370 99752 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\jre\bin\jp2launcher.exe 2015-04-18 20:33:02 885B022B51C792CE0BE4626ED8F69653 77224 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\jre\bin\javacpl.exe 2015-04-18 20:33:02 250C7E62532CE498564C4AF2739158B0 207272 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\jre\bin\javaw.exe 2015-04-18 20:33:01 C3A19A1D2EA810A67E7038DC35CEBEB0 15784 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\jre\bin\java-rmi.exe 2015-04-18 20:33:01 C10B23D45949634BB5B203F5B76C3B17 206760 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\jre\bin\java.exe 2015-04-18 20:33:01 491069DBCB825D2E585D0D8536F8F7AF 34216 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\jre\bin\jabswitch.exe 2015-04-18 17:26:26 D14E892FE0F82244F2EEEAF75D58A3AB 36403448 ----a-w- C:\Users\Vi\Downloads\JDownloader2Setup.exe 2015-04-18 16:59:55 8CB58620F4651954C5F7539B0A301E92 4463952 ----a-w- C:\Users\Vi\Downloads\dolphin-4.0-win64.exe 2015-04-18 16:29:29 CB2D120A4B72422A8141192831B1F500 80384 ----a-w- C:\Program Files (x86)\ZHPDiag\mbrcheck.exe 2015-04-18 16:29:29 5DAF7081A4BB112FA3F1915819330A3E 61440 ----a-w- C:\Program Files (x86)\ZHPDiag\pv.exe 2015-04-18 16:29:28 F3A37421DBD1AAA36558C97572C91C5A 147456 ----a-w- C:\Program Files (x86)\ZHPDiag\catchme.exe 2015-04-18 16:29:28 53CDBB093B0AEE9FD6CF1CBD25A95077 290304 ----a-w- C:\Program Files (x86)\ZHPDiag\subinacl.exe 2015-04-18 16:29:28 2312A38B8B003330DB919FA818C48449 231048 ----a-w- C:\Program Files (x86)\ZHPDiag\sigcheck.exe 2015-04-18 16:29:27 9DAA7218961710008D7385B01BD3F386 89088 ----a-w- C:\Program Files (x86)\ZHPDiag\mbr.exe 2015-04-18 16:29:27 451AE03D3C92777F09840CA56F08AB62 454056 ----a-w- C:\Program Files (x86)\ZHPDiag\setacl32.exe 2015-04-18 16:29:27 3E350EB5DF15C06DEC400A39DD1C6F29 559528 ----a-w- C:\Program Files (x86)\ZHPDiag\setacl64.exe 2015-04-18 16:29:26 6B8AF3A2A3D9059008B55C444461CA00 61952 ----a-w- C:\Program Files (x86)\ZHPDiag\Lads.exe 2015-04-18 16:29:25 C155A13687144076286989EF078112C2 1917440 ----a-w- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe 2015-04-18 16:29:24 2E30F0D775442FFBF68E7AB4603BFFDB 3060224 ----a-w- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPFix.exe 2015-04-18 16:29:22 E47AC731D42B2452D4C0BF096DF3DD6E 8145408 ----a-w- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe 2015-04-18 16:29:20 C155A13687144076286989EF078112C2 1917440 ----a-w- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe 2015-04-18 16:29:20 8AE13B97BFCAD6C7D3B8C8A1C298EFB4 694736 ----a-w- C:\Program Files (x86)\ZHPDiag\unins000.exe 2015-04-18 16:15:43 0D423A0CBEC984F3C08354C72E999FB1 11017296 ----a-w- C:\Program Files (x86)\Google\Update\Install\{93C88C54-063F-4757-8A47-12CCFC850EE8}\42.0.2311.90_41.0.2272.118_chrome_updater.exe 2015-04-18 16:15:43 0D423A0CBEC984F3C08354C72E999FB1 11017296 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\42.0.2311.90\42.0.2311.90_41.0.2272.118_chrome_updater.exe 2015-04-15 10:52:36 342189493F544604C7007578A439A830 463160 ----a-w- C:\Program Files\Diebold\Warsaw\wsffcmgr.exe 2015-04-15 10:52:16 5DA5370F68E38CEB391A959E98252C3E 442168 ----a-w- C:\Program Files\Diebold\Warsaw\uninstall_core.exe 2015-04-15 10:52:14 EDA917548C58FA93F5357A9000D297BF 847160 ----a-w- C:\Program Files\Diebold\Warsaw\core.exe 2015-04-15 10:52:14 827888889FF7BFC480FF3AC62132EABD 718497 ----a-w- C:\Program Files\Diebold\Warsaw\unins000.exe 2015-04-14 20:21:49 7C1FC2021CF57FED3C25C9B03CD0C31A 100271992 ----a-w- C:\Users\Vi\Downloads\directx_Jun2010_redist.exe 2015-04-14 20:05:07 31D2409237481996E00505054E68BA3E 21540440 ----a-w- C:\Users\Vi\Downloads\mbam-setup-2.1.4.1018.exe === C: other files == 2015-04-20 22:29:22 FB5FA705CF4508958152C4F129A104FE 7921 ----a-w- C:\Users\Vi\AppData\Local\Temp\jrt\runvalues.bat 2015-04-20 22:29:22 D20B8F5E5D46E8E194FD2ABBCA9ABA03 28499 ----a-w- C:\Users\Vi\AppData\Local\Temp\jrt\ask.bat 2015-04-20 22:29:22 C16EBCAA02F2976408D2F5A68D2562FF 1771 ----a-w- C:\Users\Vi\AppData\Local\Temp\jrt\delfolders.bat 2015-04-20 22:29:22 B6CEA839C92553E4EA47A949577A6B5A 18357 ----a-w- C:\Users\Vi\AppData\Local\Temp\jrt\medfos.bat 2015-04-20 22:29:22 B23B16209341AEAE62A7D32117A36F55 1192 ----a-w- C:\Users\Vi\AppData\Local\Temp\jrt\TDL4.bat 2015-04-20 22:29:22 A8F5541C419593F3ECAC0E0A3FB0F2BA 1162 ----a-w- C:\Users\Vi\AppData\Local\Temp\jrt\surfvox.bat 2015-04-20 22:29:22 A3329663A605381C72C4F187111CA964 13832 ----a-w- C:\Users\Vi\AppData\Local\Temp\jrt\chrome.bat 2015-04-20 22:29:22 93FCD3CDB82A49B19B7271AC28B94227 121702 ----a-w- C:\Users\Vi\AppData\Local\Temp\jrt\misc.bat 2015-04-20 22:29:22 93A6196509429319C854A941F14F1E7C 252 ----a-w- C:\Users\Vi\AppData\Local\Temp\jrt\ev_clear.bat 2015-04-20 22:29:22 764E4EBC028D50B41B18A2614966AA19 17795 ----a-w- C:\Users\Vi\AppData\Local\Temp\jrt\get.bat 2015-04-20 22:29:22 62D7034C831C2A80790CD778051D5B9D 35577 ----a-w- C:\Users\Vi\AppData\Local\Temp\jrt\prelim.bat 2015-04-20 22:29:22 38DF1A0E0C2037993449FCE4121B048B 153581 ----a-w- C:\Users\Vi\AppData\Local\Temp\jrt\firefox.bat 2015-04-20 22:29:22 2338B23B49B006B14839A9B7FF19F7B9 9459 ----a-w- C:\Users\Vi\AppData\Local\Temp\jrt\searchlnk.bat 2015-04-20 22:29:22 1ED2FC3C8F413609912CD6D6C75A4B95 30974 ----a-w- C:\Users\Vi\AppData\Local\Temp\jrt\iexplore.bat 2015-04-20 22:29:22 080CFDE64F31E7B50EECF4552033E84D 9937 ----a-w- C:\Users\Vi\AppData\Local\Temp\jrt\mws.bat 2015-04-19 20:29:01 8AF3964877F7B9C1C1B56D1D7C09335A 2599 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\cfg\downloadList21.zip 2015-04-19 20:29:01 19BEC4FBE20367405331F24065D9E382 230 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\cfg\linkcollector10.zip 2015-04-19 19:57:20 9ADE9D7116BED0B637E186E5D26998A7 2599 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\cfg\downloadList20.zip 2015-04-19 19:56:19 B405BE857BDB571FDE105A5A00A8FC9B 2599 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\cfg\downloadList19.zip 2015-04-19 19:55:49 C9E537B5D39BDF88F4D55D3D3C2AF1C7 2645 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\cfg\downloadList18.zip 2015-04-19 19:54:20 0163FA1476AAB0A2B53723444FCE2ADA 2619 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\cfg\downloadList17.zip 2015-04-19 19:51:22 6A4B6B82809B29B3BBAE82395E054A3A 2621 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\cfg\downloadList16.zip 2015-04-19 19:39:20 98E5164F74EFA773B237F3FCBA9652C6 230 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\cfg\linkcollector9.zip 2015-04-19 19:39:14 40D42E36547B37862234197D5EC11A5F 2981 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\cfg\linkcollector8.zip 2015-04-19 19:38:45 7FB70BB56E5E33B6D2CD105C2A2A7CDC 2887 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\cfg\linkcollector7.zip 2015-04-19 19:26:16 3101BCFAB575371D297C7490418614C6 194885 ----a-w- C:\Users\Vi\Downloads\hjsplit.zip 2015-04-19 18:47:20 4445BA8BEC8E13B2A473A3337AA90C6D 230 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\cfg\linkcollector6.zip 2015-04-19 18:47:04 1817623F02A532422C27C6A9C576DFB5 5609 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\cfg\linkcollector5.zip 2015-04-18 20:36:42 6BB3888C3149C19EFE882EBDAA70142A 60 ----a-w- C:\Users\Vi\Documents\Dolphin Emulator\Wii\sys\uid.sys 2015-04-18 20:33:06 9C585B18B266B9471AC39BC5F688D761 14130 ----a-w- C:\Users\Vi\AppData\Local\JDownloader 2.0\jre\lib\deploy\ffjcext.zip 2015-04-15 10:52:14 8D568B1E99BAD4BCC9B58A06E22A5354 37592 ----a-w- C:\Windows\System32\WinDivert64.sys ==== Startup Registry Enabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /S3HpProtect " "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "Persistence"="C:\WINDOWS\system32\igfxpers.exe" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "Diebold - Warsaw"="C:\Program Files\Diebold\Warsaw\core.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeActiveFileMonitor11.0] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AtherosSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\cphs] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Easy Launcher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ICCS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Intel® Capability Licensing Service Interface] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Intel® Capability Licensing Service TCP IP Interface] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Intel® ME Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\jhi_service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\LMS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SWUpdateService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\UNS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ZAtheros Bt and Wlan Coex Agent] ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-21 10:10 PM] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-21 10:10 PM] C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job --a-------- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-12-02 01:21 PM] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\advRecovery" ["C:\Program Files\Samsung\Recovery\WCScheduler.exe"] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d" ["C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe"] "C:\WINDOWS\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon" ["C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe"] "C:\WINDOWS\SysNative\tasks\RTKCPL" ["C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"] "C:\WINDOWS\SysNative\tasks\SAgent" ["%ProgramFiles%\Samsung\S Agent\CommonAgent.exe"] "C:\WINDOWS\SysNative\tasks\Settings" ["C:\Program Files (x86)\Samsung\Settings\sSettings.exe"] "C:\WINDOWS\SysNative\tasks\Synaptics TouchPad Enhancements" ["C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{6731B059-A923-405F-9E7F-3DF36F5F201A}" [C:\WINDOWS\system32\msfeedssync.exe] ==== Chromium Look ====================== Google Chrome Version: 42.0.2311.90 (Possible outdated, latest Stable version: 41.0.2272.118) [z-db] Google Drive - Vi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf FVD Video Downloader - Vi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjjnhlldkcmeabhjlopelfhidanhdicg YouTube - Vi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Módulo de Proteção Banese - Vi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cakljnifdmgekijnkekjhbdleplooakk Google Search - Vi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Bookmark Manager - Vi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik Chrome Hotword Shared Module - Vi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg Google Wallet - Vi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Vi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Vi\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://google.com/", ==== Chromium Fix ====================== C:\Users\Vi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjjnhlldkcmeabhjlopelfhidanhdicg deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://www.google.com" "Default_Page_URL"="http://www.google.com" "Default_Search_URL"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.google.com" "Default_Page_URL"="http://www.google.com" "Start Page"="http://www.google.com" "Search Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.google.com" "Default_Page_URL"="http://www.google.com" "Start Page"="http://www.google.com" "Search Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {A1B00A1B-ED61-41AF-A700-69672CBF4EE9} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2242910852-1522185380-850179407-1001\Software\Microsoft\Internet Explorer\SearchScopes\{A1B00A1B-ED61-41AF-A700-69672CBF4EE9} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{A1B00A1B-ED61-41AF-A700-69672CBF4EE9} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A1B00A1B-ED61-41AF-A700-69672CBF4EE9} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Dracula 3 - The Path of the Dragon.lnk - C:\GOG Games\Dracula Trilogy\Dracula 3 - The Path of the Dragon\dracula3.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Vi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Vi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk - C:\Program Files (x86)\Samsung\S Agent\CommonAgent.exe C:\Users\Vi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices\Tracks Air.lnk - C:\Program Files (x86)\Bluetooth Suite\Win7UI.exe a4:15:66:4b:c2:ea C:\Users\Vi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2 Uninstaller.lnk - C:\Users\Vi\AppData\Local\JDownloader 2.0\Uninstall JDownloader.exe C:\Users\Vi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2 Update & Rescue.lnk - C:\Users\Vi\AppData\Local\JDownloader 2.0\JDownloader2Update.exe C:\Users\Vi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2.lnk - C:\Users\Vi\AppData\Local\JDownloader 2.0\JDownloader2.exe C:\Users\Vi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files (x86)\WinRAR\Rar.txt C:\Users\Vi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt C:\Users\Vi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm C:\Users\Vi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk - C:\Program Files (x86)\Audacity\audacity.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4.lnk - C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dracula Trilogy [GOG.com]\Dracula - The Resurrection.lnk - C:\GOG Games\Dracula Trilogy\Dracula - The Resurrection\Dracula.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dracula Trilogy [GOG.com]\Dracula 2 - The Last Sanctuary.lnk - C:\GOG Games\Dracula Trilogy\Dracula 2 - The Last Sanctuary\Dracula2.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dracula Trilogy [GOG.com]\Dracula 3 - The Path of the Dragon.lnk - C:\GOG Games\Dracula Trilogy\Dracula 3 - The Path of the Dragon\dracula3.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dracula Trilogy [GOG.com]\Manual [Dracula - The Resurrection].lnk - C:\GOG Games\Dracula Trilogy\Dracula - The Resurrection\Dracula Resurrection - Manual.pdf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dracula Trilogy [GOG.com]\Manual [Dracula 2 - The Last Sanctuary].lnk - C:\GOG Games\Dracula Trilogy\Dracula 2 - The Last Sanctuary\Dracula The Last Sanctuary - Manual.pdf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dracula Trilogy [GOG.com]\Manual [Dracula 3 - The Path of the Dragon].lnk - C:\GOG Games\Dracula Trilogy\Dracula 3 - The Path of the Dragon\Dracula Path of the Dragon - Manual.pdf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dracula Trilogy [GOG.com]\Uninstall Dracula Trilogy.lnk - C:\GOG Games\Dracula Trilogy\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe -tab update C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\xlicons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pptico.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Skype for Business 2015.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\wordicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Database Compare 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\dbcicons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Language Preferences.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\misc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Upload Center.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\msouc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Skype for Business Recording Manager.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Spreadsheet Compare 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\sscicons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Telemetry Dashboard for Office 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\osmadminicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Telemetry Log for Office 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\osmclienticon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar\QuickPar.lnk - C:\Program Files (x86)\QuickPar\QuickPar.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar\Uninstall.lnk - C:\Program Files (x86)\QuickPar\uninst.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar\Website.lnk - C:\Program Files (x86)\QuickPar\QuickPar.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Recovery.lnk - C:\Program Files\Samsung\Recovery\Manager1.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Support Center.lnk - C:\Program Files (x86)\Samsung\Support Center\GuaranaMain.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\SW Update.lnk - C:\Program Files (x86)\Samsung\SW Update\sManager.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sherlock Holmes - Mystery Of The Mummy\frogzz test.lnk - C:\Program Files (x86)\Sherlock Holmes - Mystery Of The Mummy\game.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sherlock Holmes - Mystery Of The Mummy\GLWorker.lnk - C:\Program Files (x86)\Sherlock Holmes - Mystery Of The Mummy\GLWorker.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sherlock Holmes - Mystery Of The Mummy\iWinGames Game.lnk - C:\Program Files (x86)\Sherlock Holmes - Mystery Of The Mummy\GameLauncher.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sherlock Holmes - Mystery Of The Mummy\Uninstall.lnk - C:\Program Files (x86)\Sherlock Holmes - Mystery Of The Mummy\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk - C:\Program Files (x86)\VideoLAN\VLC\Documentation.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk - C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk - C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --reset-config --reset-plugins-cache vlc://quit C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe -Iskins C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files (x86)\WinRAR\Rar.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPDiag.lnk - C:\Program Files (x86)\ZHPDiag\ZHPhep.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPFix.lnk - C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Vi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Vi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Vi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Vi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Vi\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Vi\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Vi\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Vi\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Vi\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=82 folders=48 25339126 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Vi\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Vi\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\PROGRA~3\{4e410934-b586-2d1d-4e41-10934b5824d2}\5d17585c0f91bd19" not found "C:\PROGRA~3\{4e410934-b586-2d1d-4e41-10934b5824d2}\90eafe0928455acd" not found "C:\PROGRA~3\{ab512ab1-9c13-6b92-ab51-12ab19c1aac6}\23071211da6b8c89" not found "C:\PROGRA~3\{ab512ab1-9c13-6b92-ab51-12ab19c1aac6}\eefab444fdbf6b5d" not found "C:\PROGRA~3\{4e410934-b586-2d1d-4e41-10934b5824d2}" not found "C:\PROGRA~3\{ab512ab1-9c13-6b92-ab51-12ab19c1aac6}" not found ==== EOF on 2015-04-21 at 9:14:32.98 ======================
  7. Boa noite, Seguem relatórios: adwcleaner # AdwCleaner v4.201 - Logfile created 14/04/2015 at 18:30:55 # Updated 08/04/2015 by Xplode # Database : 2015-04-08.1 [server] # Operating system : Windows 8.1 Single Language (x64) # Username : Vi - VSAM-NB # Running from : C:\Users\Vi\Downloads\adwcleaner_4.201.exe # Option : Cleaning ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Scheduled tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Web browsers ] ***** -\\ Internet Explorer v11.0.9600.17416 -\\ Google Chrome v41.0.2272.118 ************************* AdwCleaner[R0].txt - [738 bytes] - [14/04/2015 18:29:10] AdwCleaner[s0].txt - [664 bytes] - [14/04/2015 18:30:55] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [722 bytes] ########## JRT ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.5.9 (04.19.2015:1) OS: Windows 8.1 Single Language x64 Ran by Vi on 2015-04-20 at 19:29:52.88 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Tasks Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-2242910852-1522185380-850179407-1001 Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-2242910852-1522185380-850179407-500 ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C41A1C0E-EA6C-11D4-B1B8-444553540027} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C41A1C0E-EA6C-11D4-B1B8-444553540027} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{C41A1C0E-EA6C-11D4-B1B8-444553540027} ~~~ Files Successfully deleted: [File] C:\WINDOWS\prefetch\DRIVER TOOLKIT 8.3 LICENSE KE-2A509D8D.pf Successfully deleted: [File] C:\WINDOWS\prefetch\DRIVER TOOLKIT 8.4 WORKING LI-F8E4A571.pf ~~~ Folders Successfully deleted: [Folder] C:\ProgramData\baidu security ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 2015-04-20 at 19:33:23.95 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Obrigado,
  8. Boa tarde! Segue log: Rapport de ZHPFix 2014.10.24.12 par Nicolas Coolman, Update du 24/10/2014 Fichier d'export Registre : Run by Vi at 2015-04-19 3:23:13 PM High Elevated Privileges : OK Windows 8 Home Premium Edition, 64-bit Service Pack 1 (9600) Recycle Bin emptied (03mn AMs) Prefetcher emptied ========== Registry keys ========== REMOVES:* HKCR\CLSID\{ba790571-915e-4617-a10c-cdf3ef46439b} REMOVES: HKLM\Software\Classes\AppID\secman.DLL REMOVES: HKLM\Software\Wow6432Node\AIM Toolbar REMOVES:* HKLM\Software\Baidu Security REMOVES: HKCU\Software\Baidu Security REMOVES: HKCU\Software\Linkey ========== Registry values ========== ABSENT value Standard Profile: FirewallRaz : ABSENT value Domain Profile: FirewallRaz : REMOVES: FirewallRaz (Domain) : {9E3D57FC-7C37-4424-9352-4831E97D029D} REMOVES: FirewallRaz (Domain) : {548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6} REMOVES: FirewallRaz (Domain) : NetPres-In-TCP-NoScope REMOVES: FirewallRaz (Domain) : NetPres-Out-TCP-NoScope REMOVES: FirewallRaz (None) : NetPres-WSD-In-UDP REMOVES: FirewallRaz (None) : NetPres-WSD-Out-UDP REMOVES: FirewallRaz (Public) : NetPres-In-TCP REMOVES: FirewallRaz (Public) : NetPres-Out-TCP REMOVES: FirewallRaz (None) : MCX-Prov-Out-TCP REMOVES: FirewallRaz (None) : MCX-McrMgr-Out-TCP REMOVES: FirewallRaz (Domain) : {E7985E1D-C36F-4787-80A8-6350D07E9266} REMOVES: FirewallRaz (None) : {808F1451-4108-46FD-ADBB-F17324B5F0BD} ========== Elements of the registry data ========== REPLACES Value NoActiveDesktopChanges : Good (0) - Bad (1) ========== Folders ========== Deletes temporary Windows (10) REMOVES Flash Cookies (0) REMOVES: c:\programdata\boost_interprocess REMOVES: c:\users\vi\appdata\local\apps ========== Files ========== Deletes temporary Windows (14) (851,477 octets) REMOVES Flash Cookies (0) (0 octets) ========== Hidden folders/files restored ========== Mes images (My Pictures) : 11 restored successfully Ma musique (My Music) : 7 restored successfully Ma Video (My Video) : 1 restored successfully Mes Favoris (My Favorites) : 2 restored successfully Mes Documents (My Documents) : 1 restored successfully Mon Bureau (My Desktop) : 1 restored successfully Menu demarrer (Programs) : 10 restored successfully Dossier utilisateur (AppData) : 20 restored successfully Programmes (Program Files) : 17 restored successfully ========== System restore ========== The system successfully created restore point ========== Summary ========== 6 : Registry keys 14 : Registry values 1 : Elements of the registry data 4 : Folders 2 : Files 70 : Hidden folders/files restored 1 : System restore End of clean in 20mn AMs ========== Path to file report ========== C:\Users\Vi\AppData\Roaming\ZHP\ZHPFix[R1].txt - 2015-04-19 3:23:17 PM [2728] MUITO obrigado, Weick
  9. Boa tarde, Obrigado pelo help. Segue log hospedado no pjjoint.malekal.com http://pjjoint.malekal.com/files.php?id=20150418_z12y8x14g8q12 -Weick
  10. Oi pessoal, Poderiam dar uma olhada nesse log pra mim? Estou com esse notebook positivo travando MUUUUUITO e fechando programas sozinho, sem motivo aparente. Tô achando que é treta de malware (o usuário não é dos mais responsáveis). Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:16:02, on 20/07/2014 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v10.0 (10.00.9200.17028) Boot mode: Normal Running processes: C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ismagent.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\updateui.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60 O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [uTorrent] "C:\Users\Tião'\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Tião'\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - Startup: area-de-trabalho.lnk = C:\Windows\explorer.exe O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Serviço do Mundo Positivo (AppManagerService) - Positivo Informática S.A. - C:\Program Files (x86)\Positivo Informática\Positivo Experience\Positivo Experience\MundoPositivoService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Battery Manager Service (BatteryManagerSrv) - Positivo Informática S.A - C:\Program Files (x86)\Positivo Informática\Positivo Experience\Positivo Bateria\BatteryManagerService.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Tecnologia de armazenamento Intel® Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 7985 bytes Abraço, Weick
  11. Oi, DigRam! Obrigado pelas orientações. Seguem os logs. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.4 (04.06.2014:1) OS: Windows 8 Single Language x64 Ran by TiÆo' on 20/07/2014 at 16:55:10,60 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bonanzadealslive Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dsiteproducts Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminent Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\bonanzadealslive Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\desksvc Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchthewebarp ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\apn" Successfully deleted: [Folder] "C:\ProgramData\baidu" Successfully deleted: [Folder] "C:\ProgramData\bonanzadealslive" Successfully deleted: [Folder] "C:\ProgramData\savesenselive" Successfully deleted: [Folder] "C:\Users\TiÆo'\AppData\Roaming\baidu" Successfully deleted: [Folder] "C:\Users\TiÆo'\AppData\Roaming\systweak" Successfully deleted: [Folder] "C:\Program Files (x86)\bonanzadeals" Successfully deleted: [Folder] "C:\Program Files (x86)\bonanzadealslive" Successfully deleted: [Folder] "C:\Program Files (x86)\savesenselive" Successfully deleted: [Folder] "C:\Program Files (x86)\winzip registry optimizer" ~~~ FireFox Successfully deleted: [File] C:\Users\TiÆo'\AppData\Roaming\mozilla\firefox\profiles\nmi2j58p.default\user.js Successfully deleted the following from C:\Users\TiÆo'\AppData\Roaming\mozilla\firefox\profiles\nmi2j58p.default\prefs.js user_pref("extensions.IJ9VKm.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1 ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 20/07/2014 at 17:13:33,04 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ =-= # AdwCleaner v3.216 - Relatório criado 20/07/2014 às 19:20:45 # Atualizado 17/07/2014 por Xplode # Sistema Operacional : Windows 8 Single Language (64 bits) # Usuário : Tião' - TIÃO # Executando de : C:\Users\Tião'\Desktop\adwcleaner_3.216.exe # Opção : Limpar ***** [ Serviços ] ***** ***** [ Arquivos / Pastas ] ***** Pasta Deletada : C:\ProgramData\IePluginService Pasta Deletada : C:\ProgramData\AlawarWrapper Pasta Deletada : C:\Program Files (x86)\Bench Pasta Deletada : C:\Program Files (x86)\FindRight Pasta Deletada : C:\Program Files (x86)\IminentToolbar Pasta Deletada : C:\Program Files (x86)\predm Pasta Deletada : C:\Program Files (x86)\Common Files\337 Pasta Deletada : C:\Users\Administrador\AppData\Local\torch Pasta Deletada : C:\Users\Convidado\AppData\Local\torch Pasta Deletada : C:\Users\Public\Documents\ShopperPro Pasta Deletada : C:\Users\Tião'\AppData\Local\BonanzaDealsLive Pasta Deletada : C:\Users\Tião'\AppData\Local\SaveSenseLive Pasta Deletada : C:\Users\Tião'\AppData\Local\torch Pasta Deletada : C:\Users\Tião'\AppData\Roaming\DigitalSites Pasta Deletada : C:\Users\Tião'\AppData\Roaming\Nico Mak Computing Pasta Deletada : C:\Users\Tião'\AppData\Roaming\UpdaterEX Pasta Deletada : C:\Users\Tião'\AppData\Roaming\Mozilla\Firefox\Profiles\nmi2j58p.default\Extensions\a8_o@eyiyu-.com Pasta Deletada : C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\maagjljbhbikhdpmjfcpgbdkgcikkoee Pasta Deletada : C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\maagjljbhbikhdpmjfcpgbdkgcikkoee Arquivo Deletada : C:\Windows\System32\roboot64.exe Arquivo Deletada : C:\Users\Tião'\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx Arquivo Deletada : C:\Windows\Tasks\bench-sys.job Arquivo Deletada : C:\Windows\System32\Tasks\bench-sys Arquivo Deletada : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser Arquivo Deletada : C:\Windows\Tasks\Digital Sites.job Arquivo Deletada : C:\Windows\System32\Tasks\Digital Sites ***** [ Atalhos ] ***** ***** [ Registro ] ***** Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pkndmigholgfjlniaohblojbhgjbkakn Chave Deletedo : HKCU\Software\SIEN SA Chave Deletedo : HKLM\SOFTWARE\Classes\AmiBs.Installer Chave Deletedo : HKLM\SOFTWARE\Classes\AmiBs.Installer.1 Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4} Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A6FEED89-3BCD-4D19-9DC2-3E613A80A2A4} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923} Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{71E129FF-6C2A-4984-818C-7E2C998B8D99} Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EA34C851-D481-49F5-A356-3A8B0A8F3B7E} Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{71E129FF-6C2A-4984-818C-7E2C998B8D99} Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EA34C851-D481-49F5-A356-3A8B0A8F3B7E} Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} Chave Deletedo : HKCU\Software\FreeSoftToday Chave Deletedo : HKCU\Software\SaveSenseLive Chave Deletedo : HKCU\Software\TutoTag Chave Deletedo : HKCU\Software\UpdaterEX Chave Deletedo : HKLM\Software\Bench Chave Deletedo : HKLM\Software\FreeSoftToday Chave Deletedo : HKLM\Software\hdcode Chave Deletedo : HKLM\Software\SaveSenseLive Chave Deletedo : HKLM\Software\Tutorials Chave Deletedo : HKLM\Software\V9 Chave Deletedo : HKLM\Software\Wpm Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7DD5E91C-3864-77EC-7635-D14910C2A03E} Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SaveSenseLive.exe ***** [ Navegadores ] ***** -\\ Internet Explorer v10.0.9200.17028 Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page] Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page] -\\ Mozilla Firefox v28.0 (pt-BR) [ Arquivo : C:\Users\Tião'\AppData\Roaming\Mozilla\Firefox\Profiles\nmi2j58p.default\prefs.js ] Linha deletada : user_pref("extensions.IJ9VKm.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.[...] -\\ Google Chrome v36.0.1985.125 [ Arquivo : C:\Users\Tião'\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deletedo [Extension] : pkndmigholgfjlniaohblojbhgjbkakn ************************* AdwCleaner[R0].txt - [15679 octets] - [20/07/2014 19:18:06] AdwCleaner[s0].txt - [14432 octets] - [20/07/2014 19:20:47] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [14493 octets] ##########
×

Important Information

Ao usar o fórum, você concorda com nossos Terms of Use.