Logo Hardware.com.br
IsaGeorge
IsaGeorge Novo Membro Registrado
8 Mensagens 2 Curtidas

Analise Windows 7 - Virus

#1 Por IsaGeorge 28/04/2015 - 19:15 


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 27-04-2015 01

Ran by Isuara at 2015-04-27 23:42:23

Running from D:\Downloads

Boot Mode: Normal

==========================================================





==================== Accounts: =============================



Administrador (S-1-5-21-450319107-1443454657-1460410450-500 - Administrator - Disabled)

Convidado (S-1-5-21-450319107-1443454657-1460410450-501 - Limited - Enabled) => C:\Users\Convidado

HomeGroupUser$ (S-1-5-21-450319107-1443454657-1460410450-1003 - Limited - Enabled)

Isuara (S-1-5-21-450319107-1443454657-1460410450-1000 - Administrator - Enabled) => C:\Users\Isuara



==================== Security Center ========================



(If an entry is included in the fixlist, it will be removed.)



AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



==================== Installed Programs ======================



(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)



Adobe AIR (HKLM\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)

Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)

Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.10) - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)

AMCap (HKLM\...\AMCap) (Version: 9.20.132.2 - Noël Danjou)

Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)

Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software)

Badoo Desktop (HKLM\...\{D91D71FB-C52E-440D-8A78-5E5E05487DA0}) (Version: 1.6.58.1220 - Badoo)

Balabolka (HKLM\...\Balabolka) (Version: 2.10.0.573 - Ilya Morozov)

Battle for Wesnoth 1.10.1 (HKLM\...\Battle for Wesnoth 1.10.1) (Version: 1.10.1 - )

Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)

CCleaner (HKLM\...\CCleaner) (Version: 4.07 - Piriform)

Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)

Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)

Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)

Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation)

D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden

Dropbox (HKU\S-1-5-21-450319107-1443454657-1460410450-1000\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)

Duplicate Cleaner Free 3.2.1 (HKLM\...\Duplicate Cleaner Free) (Version: 3.2.1 - DigitalVolcano Software Ltd) <==== ATTENTION

ENCORE Driver de LAN Sem Fio - Adaptador PCI (HKLM\...\{46710AEB-ACE9-4386-9DFB-8B65153BFA74}) (Version: 1.00.0000 - )

Evernote v. 5.0.2 (HKLM\...\{C2EECB42-2C7F-11E3-8960-00163E98E7D0}) (Version: 5.0.2.1392 - Evernote Corp.)

Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)

FormatFactory 2.95 (HKLM\...\FormatFactory) (Version: 2.95 - Free Time)

Freemake Video Downloader (HKLM\...\Freemake Video Downloader_is1) (Version: 3.7.1 - Ellora Assets Corporation)

Galeria de Fotos (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Google Chrome (HKU\S-1-5-21-450319107-1443454657-1460410450-1000\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)

Google Drive (HKLM\...\{6C36881B-0E51-4231-9D02-BF2149664D34}) (Version: 1.20.8672.3137 - Google, Inc.)

Google Talk Plugin (HKLM\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)

Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden

Google+ Auto Backup (HKU\S-1-5-21-450319107-1443454657-1460410450-1000\...\Google+ Auto Backup) (Version: 1.0.27.161 - Google, Inc.)

IBM ViaVoice TTS Runtime v6.21 -  Português do Brasil (HKLM\...\{CFEBB045-AD38-45A5-88F5-B91910E82A13}) (Version:  - )

iCloud (HKLM\...\{760BB327-3973-4608-85C8-88162E2FF3B6}) (Version: 4.0.6.28 - Apple Inc.)

Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)

Intel(R) TV Wizard (HKLM\...\TVWiz) (Version:  - Intel Corporation)

iTunes (HKLM\...\{CE1F04C7-79BC-4219-BE6A-BA490224D4B5}) (Version: 12.1.2.27 - Apple Inc.)

J2SE Runtime Environment 5.0 Update 9 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150090}) (Version: 1.5.0.90 - Sun Microsystems, Inc.)

Jimbo (HKLM\...\br.com.meubolsoemdia.jimbo) (Version: 2.1.7 - FEDERACAO BRASILEIRA DE BANCOS)

Jimbo (Version: 2.1.7 - FEDERACAO BRASILEIRA DE BANCOS) Hidden

Junk Mail filter update (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

L&H TTS3000 Português (Brasil) (HKLM\...\LHTTSPTB) (Version:  - )

Locaweb Softphone (HKLM\...\.IAP{0070.0000.00E8.0002}) (Version: 4.6.0000.0000 - Locaweb iDC Ltda)

ManyCam 4.1.0 (HKLM\...\ManyCam) (Version: 4.1.0 - Visicom Media Inc.)

ManyDownloader (HKLM\...\ManyDownloader) (Version: 1.6.4.185 - Visicom Media Inc.)

Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft Office Live Add-in 1.3 (HKLM\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)

Microsoft Office Outlook Connector (HKLM\...\{95140000-0081-0416-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-450319107-1443454657-1460410450-1000\...\OneDriveSetup.exe) (Version: 17.3.4726.0226 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)

Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Mozilla Firefox 36.0 (x86 pt-BR) (HKLM\...\Mozilla Firefox 36.0 (x86 pt-BR)) (Version: 36.0 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)

MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden

MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

NextUp-ScanSoft Raquel Brazilian Portuguese Voice (HKLM\...\{5FAFC823-5E8C-40FB-8238-F2C536B2FB11}) (Version: 4.0.0 - NextUp.com)

Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)

PDF Architect (HKLM\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)

PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)

Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)

QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)

Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)

Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.4.11328 - Skype Technologies S.A.)

Skype Web Plugin (HKLM\...\{69F300CB-D6BF-41DD-B7CC-983BAFF4EE15}) (Version: 3.1.15602.22612 - Skype Technologies S.A.)

Skype™ 7.3 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)

Suplemento Microsoft Salvar como PDF ou XPS para programas do Microsoft Office 2007 (HKLM\...\{90120000-00B2-0416-0000-0000000FF1CE}) (Version: 12.0.4518.1019 - Microsoft Corporation)

Suporte para Aplicativos Apple (32-bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)

swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)

Update Manager (Version: 4.60 - Corel Corporation) Hidden

Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)

Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

WinRAR 5.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

Wise Disk Cleaner 8.39 (HKLM\...\Wise Disk Cleaner_is1) (Version: 8.39 - WiseCleaner.com, Inc.)

YAC(Yet Another Cleaner!) (HKLM\...\iSafe) (Version:  - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATTENTION

Zuma Deluxe RA (HKLM\...\Zuma Deluxe RA) (Version:  - )

Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)



==================== Custom CLSID (selected items): ==========================



(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)



CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Isuara\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Isuara\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{037FB476-15E0-4ED1-B11A-E420B750B1A8}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Isuara\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.32.dll (Helmut Buhler)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Isuara\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Isuara\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Isuara\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{2837E0FE-686B-4CB0-BE53-0EA097EAF71B}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll No File

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Isuara\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Isuara\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Isuara\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Isuara\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{5AFAFE48-7107-4FE5-B21A-86A4254541DD}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{5B7524C8-2446-40E9-9474-94A779DBA224}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll No File

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Isuara\AppData\Local\Google\Chrome\Application\42.0.2311.90\delegate_execute.exe (Google Inc.)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Isuara\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{621D3650-F1D3-414C-97F9-03A02B211261}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{623E415A-22EF-4DAA-A2FF-E68E77A673C9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Isuara\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{885BB46A-3F1E-44C3-A01B-A7D9260CC98B}\InprocServer32 -> C:\Windows\DOWNLO~1\dwusplay.dll No File

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Isuara\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Isuara\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{915C2CEB-216B-4B7C-89E4-9ED3512D58D9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{92C5E738-7372-4CD6-BE57-15833624EBF3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{9CAAD2EA-177B-4D07-871F-47255B5D30F3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Isuara\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Isuara\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Isuara\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Isuara\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{B391A1DB-28C8-4506-A43C-5BD6051F16BA}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Isuara\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Isuara\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Isuara\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Isuara\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Isuara\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Isuara\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Isuara\AppData\Local\Google\Update\1.3.25.11\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{dc67367a-8b15-47bc-b7f8-0ba0435a504a}\InprocServer32 -> C:\Program Files\Common Files\SYSTEM\MSMAPI\1046\MSNCON32.DLL (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{dcedfcbf-c7d1-4b81-a20f-7524d306135e}\InprocServer32 -> C:\Program Files\Common Files\SYSTEM\MSMAPI\1046\MSNCON32.DLL (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{E42CE23D-69F9-480A-A15F-BFF5E4D170C3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{E50C953D-311A-481B-8F8D-C55E65AF7417}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Isuara\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Isuara\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{E9880553-B8A7-4960-A668-95C68BED571E}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll No File

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{E9A93328-79D4-4AED-A778-146E7191F8BC}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Isuara\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{F1522EC1-F84F-4CE2-A38C-F9384B0DFD41}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Isuara\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Isuara\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncApi.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Isuara\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Isuara\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Isuara\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Isuara\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Isuara\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Isuara\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Isuara\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Isuara\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Isuara\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-450319107-1443454657-1460410450-1000_Classes\CLSID\{FFF2D28F-E4EE-44D9-8104-8E71556757F6}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)



==================== Restore Points  =========================





==================== Hosts content: ==========================



(If needed Hosts: directive could be included in the fixlist to reset Hosts.)



2009-07-13 23:04 - 2015-03-29 11:17 - 00000840 ____N C:\Windows\system32\Drivers\etc\hosts



127.0.0.1       localhost

::1             localhost



==================== Scheduled Tasks (whitelisted) =============



(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)



Task: {03EF7E20-D967-444F-9D89-37427671C432} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-450319107-1443454657-1460410450-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe

Task: {159CE2BA-92AB-4572-9489-2BB50A94D554} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe

Task: {1AC2136C-1C46-4318-A747-D957F352F626} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)

Task: {44510D83-D0C6-447D-BD49-4F5A08209FA9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-450319107-1443454657-1460410450-1000UA => C:\Users\Isuara\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-31] (Google Inc.)

Task: {45FC25D4-46FA-4942-8EC7-4A12E9D091EF} - System32\Tasks\avastBCLRestartS-1-5-21-450319107-1443454657-1460410450-1000 => Chrome.exe

Task: {462466A0-79E2-437C-9D01-D73A9737C95E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-05-03] (Google Inc.)

Task: {52F417AE-3A8B-4CC7-B929-91451DF9C044} - System32\Tasks\Games\UpdateCheck_S-1-5-21-450319107-1443454657-1460410450-1000

Task: {5D2F4238-A555-494A-A605-6BD0696F0DA1} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-450319107-1443454657-1460410450-1000 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe

Task: {60305E33-B942-43D2-8643-8DBB5397B23D} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-450319107-1443454657-1460410450-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe

Task: {61391707-A6DE-4BFA-96FD-24221994E80E} - System32\Tasks\Apple Diagnostics => C:\Program Files\Common Files\Apple\Internet Services\EReporter.exe [2014-12-01] (Apple Inc.)

Task: {6E1534B6-5922-4682-A777-6110E1A0E101} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {71A260ED-5380-4BF1-BD8E-CE8F8A2A7DED} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-450319107-1443454657-1460410450-1000Core => C:\Users\Isuara\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-31] (Google Inc.)

Task: {77258EB3-FC85-49AF-998C-7B825C364B10} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-21] (Piriform Ltd)

Task: {7A1882E4-E644-4280-9DB1-964C67050DC1} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)

Task: {8B6E31E6-45FD-474D-B980-973A1C08205F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-05-03] (Google Inc.)

Task: {9847F595-799F-4A22-8876-0BFD8391213D} - \FacebookUpdateTaskUserS-1-5-21-450319107-1443454657-1460410450-1000UA No Task File <==== ATTENTION

Task: {A052FEC9-D521-4B79-A78B-08DABF5D9355} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-450319107-1443454657-1460410450-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe

Task: {BDAC9677-2A47-49F4-9500-7AD0C213ED2B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)

Task: {C9F4C87E-972E-4423-82D5-EC1ACA14846A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-20] (Adobe Systems Incorporated)

Task: {CA6254E6-FAF8-4204-8CEF-EB5FA3ED9E8C} - \FacebookUpdateTaskUserS-1-5-21-450319107-1443454657-1460410450-1000Core No Task File <==== ATTENTION

Task: {CC5BFC48-721B-4FAA-8D8C-A9E3FE0225E2} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-450319107-1443454657-1460410450-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe

Task: {D87258AD-265E-4E8F-9611-CFE52F7A645A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)

Task: {D92F187D-E165-4B12-AD2C-D949F316707E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)

Task: {D944F43C-9F17-4BB5-9F1A-25D69D9268E5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe

Task: {E821B677-7C35-4FBC-BE79-4408A1DF6B09} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-22] (AVAST Software)

Task: {EA81FE9E-97DE-4F04-A932-5D42F2C386E0} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-450319107-1443454657-1460410450-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe

Task: {F08B21A2-BCC1-4F5C-80EF-AD009CAF1987} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc

Task: {F129187D-113E-48B0-9384-50260C750458} - System32\Tasks\{E131A7DE-4A4C-487A-8893-D542C0DD9D48} => pcalua.exe -a "D:\Downloads\vpsupd (1).exe" -d D:\Downloads

Task: {F5FB45A1-0B10-47BB-B4D8-DC5CCE9D3BD4} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-450319107-1443454657-1460410450-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe



(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)



Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-450319107-1443454657-1460410450-1000Core.job => C:\Users\Isuara\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-450319107-1443454657-1460410450-1000UA.job => C:\Users\Isuara\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-450319107-1443454657-1460410450-1000Core.job => C:\Users\Isuara\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-450319107-1443454657-1460410450-1000UA.job => C:\Users\Isuara\AppData\Local\Google\Update\GoogleUpdate.exe



==================== Loaded Modules (whitelisted) ==============



2015-01-11 18:52 - 2015-03-20 00:44 - 00065696 _____ () C:\Program Files\Elex-tech\YAC\zlib1.dll

2015-04-22 10:39 - 2013-12-01 23:52 - 00176976 _____ () C:\Program Files\Elex-tech\YAC\tws\unrar.dll

2015-04-22 10:39 - 2013-12-11 10:12 - 00087744 _____ () C:\Program Files\Elex-tech\YAC\tws\unacev2.dll

2015-04-27 17:49 - 2015-04-27 17:49 - 02925568 _____ () C:\Program Files\AVAST Software\Avast\defs\15042701\algo.dll

2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2015-02-13 04:20 - 2015-02-13 04:20 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2015-01-11 18:52 - 2015-03-20 00:44 - 00185672 _____ () C:\Program Files\Elex-tech\YAC\libpng.dll

2015-03-19 09:36 - 2015-03-19 09:36 - 38714440 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2015-01-11 18:52 - 2015-03-20 00:49 - 00681768 _____ () C:\Program Files\Elex-tech\YAC\iDesk.exe

2015-01-11 18:52 - 2015-03-20 00:49 - 00209192 _____ () C:\Program Files\Elex-tech\YAC\iddmgr.dll

2015-02-13 08:15 - 2015-02-13 08:15 - 03219456 _____ () C:\Users\Isuara\AppData\Local\Programs\Google\Google+ Auto Backup\gpuploader_i18n.dll

2013-09-26 13:50 - 2013-09-26 13:50 - 00433664 _____ () C:\Program Files\Evernote\Evernote\libxml2.dll

2013-09-26 13:49 - 2013-09-26 13:49 - 00315392 _____ () C:\Program Files\Evernote\Evernote\libtidy.dll



==================== Alternate Data Streams (whitelisted) =========



(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)



AlternateDataStreams: C:\Windows\System32:FA2E0DDC_Bb.gbp

AlternateDataStreams: C:\Windows\System32:FA2E0DDC_Cef.gbp

AlternateDataStreams: C:\Windows\system32\drivers:GbpKmAp.lst

AlternateDataStreams: C:\ProgramData\TEMP:7311BB85

AlternateDataStreams: C:\ProgramData\TEMP:F1DEA771

AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:7311BB85

AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:F1DEA771



==================== Safe Mode (whitelisted) ===================



(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)





==================== EXE Association (whitelisted) ===============



(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)





==================== Internet Explorer trusted/restricted ===============



(If an entry is included in the fixlist, the associated entry will be removed from the registry.)



IE trusted site: HKU\S-1-5-21-450319107-1443454657-1460410450-1000\...\bancobrasil.com.br -> <a href="'http://www.bancobrasil.com.br'" target="_blank">www.bancobrasil.com.br</a>

IE trusted site: HKU\S-1-5-21-450319107-1443454657-1460410450-1000\...\bb.com.br -> hxxps://seg.bb.com.br

IE trusted site: HKU\S-1-5-21-450319107-1443454657-1460410450-1000\...\caixa.gov.br -> imagem.caixa.gov.br

IE trusted site: HKU\S-1-5-21-450319107-1443454657-1460410450-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br





==================== Other Areas ============================



(Currently there is no automatic fix for this section.)



HKU\S-1-5-21-450319107-1443454657-1460410450-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Isuara\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 192.168.1.1



==================== MSCONFIG/TASK MANAGER disabled items ==



(Currently there is no automatic fix for this section.)



MSCONFIG\Services: AeLookupSvc => 3

MSCONFIG\Services: AppIDSvc => 3

MSCONFIG\Services: BDESVC => 3

MSCONFIG\Services: Browser => 3

MSCONFIG\Services: bthserv => 3

MSCONFIG\Services: Dnscache => 2

MSCONFIG\Services: EFS => 3

MSCONFIG\Services: hidserv => 3

MSCONFIG\Services: IKEEXT => 3

MSCONFIG\Services: KtmRm => 3

MSCONFIG\Services: lmhosts => 2

MSCONFIG\Services: PolicyAgent => 3

MSCONFIG\Services: SensrSvc => 3

MSCONFIG\Services: StorSvc => 3

MSCONFIG\Services: TabletInputService => 3

MSCONFIG\Services: W32Time => 3

MSCONFIG\Services: WebClient => 3

MSCONFIG\Services: WerSvc => 3

MSCONFIG\Services: WinDefend => 2

MSCONFIG\Services: WPDBusEnum => 3

MSCONFIG\Services: wudfsvc => 3



==================== FirewallRules (whitelisted) ===============



(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)



FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe

FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe

FirewallRules: [{BD8C11F9-6F94-4B8E-9381-BBB7F47E3777}] => (Allow) svchost.exe

FirewallRules: [{FAB1D0F8-17FB-4C50-9726-C23D0E880237}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxbkpswx.exe

FirewallRules: [{A85D3BD3-638F-4B96-AC7F-9CEB10AA5BBD}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxbkpswx.exe

FirewallRules: [{507BC6B5-F452-49CD-BDD4-057856E5D8E3}] => (Allow) C:\Users\Isuara\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

FirewallRules: [TCP Query User{CC0CA6F6-2A9E-44F1-A64B-A739A3B79CD7}C:\users\isuara\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\isuara\appdata\local\google\chrome\application\chrome.exe

FirewallRules: [UDP Query User{145F1A4A-B2B3-47CC-80B2-F1F5B94527FD}C:\users\isuara\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\isuara\appdata\local\google\chrome\application\chrome.exe

FirewallRules: [{D87B2027-4B17-457A-80AA-21B83D66BB6B}] => (Allow) C:\Windows\System32\lxbkcoms.exe

FirewallRules: [{48CEAB75-98C0-4906-9028-B9491569979F}] => (Allow) C:\Windows\System32\lxbkcoms.exe

FirewallRules: [{518FE102-5340-472B-B735-68674E91145B}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

FirewallRules: [{7135BDB0-94ED-4ED9-9367-0BA82B75156E}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{75C2B3A9-B9EA-4768-AA98-2A6BFCB4F33B}] => (Allow) LPort=2869

FirewallRules: [{1EEB7962-8DF3-4A97-942D-56E59F3E26B0}] => (Allow) LPort=1900

FirewallRules: [{3FCDB36E-79DF-4449-AB3A-0B5E2BC15DB1}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe

FirewallRules: [{634E107E-9B69-471D-83B1-CC9D299F8B95}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe

FirewallRules: [{F3557290-7540-4133-835A-AC1054A21E13}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe

FirewallRules: [{8797A3E8-A715-4A83-9FDE-579BAEACB409}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe

FirewallRules: [{5E386C65-113D-46A8-9A03-24C31AEF38C1}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe

FirewallRules: [{F5426562-B5FB-455A-BE36-1616772614A3}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe

FirewallRules: [{FE501A97-D6C1-4BFC-AFA2-2E9A67DEF32B}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe

FirewallRules: [{C3FDA2A5-6D61-4F66-AA56-949875BE119A}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe

FirewallRules: [{1E0A674D-839F-40EB-83E2-05D015494703}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe

FirewallRules: [{DD99286F-1056-42FB-A5CE-45AAC43EB89B}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe

FirewallRules: [{E1195451-D009-4ED9-91E0-C983F902110D}] => (Allow) C:\Program Files\Microsoft Office\Office14\GROOVE.EXE

FirewallRules: [{94200BC7-B910-420E-875C-904B9A2FD3B7}] => (Allow) C:\Program Files\Microsoft Office\Office14\GROOVE.EXE

FirewallRules: [{6BFC6E3D-FF97-462B-8404-2412F51D4DDF}] => (Allow) C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE

FirewallRules: [{4B47B4A8-EB7B-4D20-AD94-2A2DEE674820}] => (Allow) C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE

FirewallRules: [{05DDF633-2DE2-4143-8446-EE92DE05715C}] => (Allow) C:\Program Files\Microsoft Office\Office14\outlook.exe

FirewallRules: [{73B35E6E-89DB-440F-8E41-04CCDC07C541}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{1E8A8C92-AB96-47DC-9F28-601D9327E041}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{B8E69123-749B-4EE1-8B17-1E34CD6DE85F}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe

FirewallRules: [{DB871540-5722-471F-AB51-594031665DDA}] => (Allow) C:\Users\Isuara\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{A295E485-0C8B-4590-85A1-2C68F1C1F4E6}] => (Allow) C:\Users\Isuara\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [TCP Query User{F269D81C-7168-4E0A-A74E-496EEB4C780A}C:\users\isuara\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\isuara\appdata\roaming\dropbox\bin\dropbox.exe

FirewallRules: [UDP Query User{D1AABB09-6434-4D8A-8402-F61EBD6F5F86}C:\users\isuara\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\isuara\appdata\roaming\dropbox\bin\dropbox.exe

FirewallRules: [{A519D9D6-D766-4CAD-87CC-E29F4F2139F2}] => (Allow) %ProgramFiles%\Zune\Zune.exe

FirewallRules: [{BEFA3F81-EE78-45E3-AB63-8C53C7AC61A6}] => (Allow) C:\Users\Isuara\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe

FirewallRules: [{DA346679-FB89-4BA9-AE2D-1D56ECA4DEC5}] => (Allow) C:\Program Files\SkypeWebPlugin\3.1.15602.22612\SkypeWebPlugin.exe

FirewallRules: [TCP Query User{4B8B45D8-C0B2-4401-8B3C-D43DB756DF15}C:\program files\locaweb\locaweb softphone\locaweb softphone.exe] => (Allow) C:\program files\locaweb\locaweb softphone\locaweb softphone.exe

FirewallRules: [UDP Query User{3E242BD8-AA11-4C9F-9956-3DC7A0D928A5}C:\program files\locaweb\locaweb softphone\locaweb softphone.exe] => (Allow) C:\program files\locaweb\locaweb softphone\locaweb softphone.exe

FirewallRules: [{2904D35D-D113-4FE3-B2E5-2E0CFFBC4841}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

FirewallRules: [{2902BFFE-E4AF-4B19-8DA3-2ECCD1CB977E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

FirewallRules: [{EAA90C2E-62F5-4D02-AF6C-4D4DD38F2D71}] => (Allow) C:\ProgramData\EmailNotifier\EmailNotifier.exe

FirewallRules: [{4C6B1EEA-5243-47B0-A87C-4C01341233DC}] => (Allow) C:\ProgramData\EmailNotifier\EmailNotifier.exe

FirewallRules: [{C548C05B-7DFC-4D23-B0CE-12172AB5025A}] => (Allow) C:\Program Files\ManyCam\ManyDownloader.exe

FirewallRules: [{E4E1D10E-ACCD-41AB-86FB-415449B6BEF9}] => (Allow) C:\Program Files\ManyCam\ManyDownloader.exe

FirewallRules: [TCP Query User{46DE6B45-0ECC-431A-83BC-E589B0CFAB26}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe

FirewallRules: [UDP Query User{F0310A9D-E1FF-4E8F-A5A0-E61F402CE4F0}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe

FirewallRules: [TCP Query User{6D64738C-DD62-40CE-9857-0CB9A2D1DD80}C:\program files\locaweb\locaweb softphone\locaweb softphone.exe] => (Allow) C:\program files\locaweb\locaweb softphone\locaweb softphone.exe

FirewallRules: [UDP Query User{CA7CE13F-6EAE-4F1A-BA9B-A514999C0D4E}C:\program files\locaweb\locaweb softphone\locaweb softphone.exe] => (Allow) C:\program files\locaweb\locaweb softphone\locaweb softphone.exe

FirewallRules: [TCP Query User{DEE855A7-2A8C-4557-9FDE-990EF4D6B9CE}C:\users\isuara\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\isuara\appdata\local\google\chrome\application\chrome.exe

FirewallRules: [UDP Query User{CBD1A8FF-F969-4D14-9CC9-D97D279E45E0}C:\users\isuara\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\isuara\appdata\local\google\chrome\application\chrome.exe

FirewallRules: [{B16E27F5-8F9F-4F25-A8B8-EF5F05D7AF79}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe

FirewallRules: [{86F40F15-D3C1-4C5D-B768-E06AD0F3B15B}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe

FirewallRules: [{A741BD6B-2AFB-410C-9888-A5B3D41F3159}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe

FirewallRules: [{C0DE808B-40A6-4022-8245-8FA73A6E921B}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe

FirewallRules: [{2FE58CAB-4609-4C68-87B2-FBD5DB114CFB}] => (Allow) C:\Program Files\iTunes\iTunes.exe

FirewallRules: [{35C8B345-C6ED-4FD4-9EEB-A14164817291}] => (Allow) C:\Users\Isuara\AppData\Local\Microsoft\OneDrive\OneDrive.exe



==================== Faulty Device Manager Devices =============



Name:

Description:

Class Guid:

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.



Name: Teredo Tunneling Pseudo-Interface

Description: Adaptador de Túnel Teredo da Microsoft

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.



Name:

Description:

Class Guid:

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.



Name: ENCORE Adaptador PCI de Rede sem Fio (RTL8190)

Description: ENCORE Adaptador PCI de Rede sem Fio (RTL8190)

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: ENCORE

Service: rtl819xp

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.





==================== Event log errors: =========================



Application errors:

==================

Error: (04/27/2015 05:17:34 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nome de aplicativo com falha: Skype.exe, versão: 7.3.0.101, carimbo de hora: 0x5512b3c5

Nome do módulo de falhas: unknown, versão: 0.0.0.0, carimbo de hora: 0x00000000

Código de exceção: 0xc0000005

Deslocamento com falha: 0x15a59088

Identificação do processo com falha: 0x4c8

Hora de início do aplicativo com falha: 0xSkype.exe0

Caminho do aplicativo com falha: Skype.exe1

FCaminho do módulo de falhas: Skype.exe2

Identificação do Relatório: Skype.exe3



Error: (04/27/2015 04:51:15 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nome de aplicativo com falha: Skype.exe, versão: 7.3.0.101, carimbo de hora: 0x5512b3c5

Nome do módulo de falhas: unknown, versão: 0.0.0.0, carimbo de hora: 0x00000000

Código de exceção: 0xc0000005

Deslocamento com falha: 0x18869028

Identificação do processo com falha: 0x1e40

Hora de início do aplicativo com falha: 0xSkype.exe0

Caminho do aplicativo com falha: Skype.exe1

FCaminho do módulo de falhas: Skype.exe2

Identificação do Relatório: Skype.exe3



Error: (04/27/2015 03:35:24 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nome de aplicativo com falha: Skype.exe, versão: 7.3.0.101, carimbo de hora: 0x5512b3c5

Nome do módulo de falhas: unknown, versão: 0.0.0.0, carimbo de hora: 0x00000000

Código de exceção: 0xc0000005

Deslocamento com falha: 0x186b9088

Identificação do processo com falha: 0x18ac

Hora de início do aplicativo com falha: 0xSkype.exe0

Caminho do aplicativo com falha: Skype.exe1

FCaminho do módulo de falhas: Skype.exe2

Identificação do Relatório: Skype.exe3



Error: (04/26/2015 03:07:59 PM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Aplicativo: FreemakeVD.exe

Versão do Framework: v4.0.30319

Descrição: O processo foi terminado devido a uma exceção sem tratamento.

Informações da Exceção: System.AccessViolationException

Pilha:

   em FMMediaSourceLib.IMediaSourceStreams.Close()

   em VideoDownloader.Model.Conversion.MediaConverter.FreeMediaSource(FMMediaSourceLib.IMediaSourceStreams)

   em VideoDownloader.Model.Conversion.MediaConverterBase.Stop()

   em VideoDownloader.Model.Actions.ConvertActionBase.ConverterConversionEnded(System.Object)

   em VideoDownloader.Model.Conversion.MediaConverterBase.OnConversionEnded()

   em VideoDownloader.Model.Conversion.MediaConverterBase.ConvertTimerElapsed(System.Object, System.Timers.ElapsedEventArgs)

   em System.Timers.Timer.MyTimerCallback(System.Object)

   em System.Threading.TimerQueueTimer.CallCallbackInContext(System.Object)

   em System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

   em System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

   em System.Threading.TimerQueueTimer.CallCallback()

   em System.Threading.TimerQueueTimer.Fire()

   em System.Threading.TimerQueue.FireNextTimers()

   em System.Threading.TimerQueue.AppDomainTimerCallback()



Error: (04/23/2015 06:29:56 PM) (Source: Windows Search Service) (EventID: 7042) (User: )

Description: O serviço Pesquisa do Windows está sendo interrompido devido a um problema no indexador:The catalog is corrupt.



Detalhes:

    O catálogo do índice de conteúdo está corrompido.  (HRESULT : 0xc0041801) (0xc0041801)



Error: (04/23/2015 06:29:56 PM) (Source: Windows Search Service) (EventID: 7040) (User: )

Description: O serviço de pesquisa detectou arquivos de dados corrompidos no índice {id=4400}. O serviço tentará corrigir automaticamente esse problema recriando o índice.



Detalhes:

    O catálogo do índice de conteúdo está corrompido.  (HRESULT : 0xc0041801) (0xc0041801)



Error: (04/23/2015 06:29:56 PM) (Source: Windows Search Service) (EventID: 7010) (User: )

Description: Não é possível inicializar o índice.



Detalhes:

    O banco de dados do índice de conteúdo está corrompido.  (HRESULT : 0xc0041800) (0xc0041800)



Error: (04/23/2015 06:29:56 PM) (Source: Windows Search Service) (EventID: 3058) (User: )

Description: Não é possível inicializar o aplicativo.



Contexto: Aplicativo Windows



Detalhes:

    O banco de dados do índice de conteúdo está corrompido.  (HRESULT : 0xc0041800) (0xc0041800)



Error: (04/23/2015 06:29:56 PM) (Source: Windows Search Service) (EventID: 3028) (User: )

Description: Não é possível inicializar o objeto coletor.



Contexto: Aplicativo Windows, Catálogo SystemIndex



Detalhes:

    O banco de dados do índice de conteúdo está corrompido.  (HRESULT : 0xc0041800) (0xc0041800)



Error: (04/23/2015 06:29:56 PM) (Source: Windows Search Service) (EventID: 3029) (User: )

Description: Não é possível inicializar o plug-in em <Search.TripoliIndexer>.



Contexto: Aplicativo Windows, Catálogo SystemIndex



Detalhes:

    Elemento não encontrado.  (HRESULT : 0x80070490) (0x80070490)





System errors:

=============

Error: (04/27/2015 08:32:53 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {CC957078-B838-47C4-A7CF-626E7A82FC58}



Error: (04/27/2015 08:29:13 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Serviço Windows Update suspenso ao iniciar.



Error: (04/27/2015 08:22:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Não foi possível iniciar o serviço Update Mgr RollAround devido ao seguinte erro:

%%2



Error: (04/27/2015 08:21:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Não foi possível iniciar o serviço Gbp Service devido ao seguinte erro:

%%2



Error: (04/27/2015 06:41:32 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: AUTORIDADE NT)

Description: Recursos de gerenciamento do consumo de energia em desempenho no processador 1 no grupo 0 estão desabilitados devido a um problema de firmware. Verifique com o fabricante do computador se há um firmware atualizado.



Error: (04/27/2015 06:41:32 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: AUTORIDADE NT)

Description: Recursos de gerenciamento do consumo de energia em desempenho no processador 0 no grupo 0 estão desabilitados devido a um problema de firmware. Verifique com o fabricante do computador se há um firmware atualizado.



Error: (04/27/2015 05:58:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Não foi possível iniciar o serviço Zune Network Sharing Service devido ao seguinte erro:

%%1053



Error: (04/27/2015 05:58:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Zune Network Sharing Service.



Error: (04/27/2015 05:56:19 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Serviço Windows Update suspenso ao iniciar.



Error: (04/27/2015 05:49:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Não foi possível iniciar o serviço Update Mgr RollAround devido ao seguinte erro:

%%2





Microsoft Office Sessions:

=========================

Error: (04/27/2015 05:17:34 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Skype.exe7.3.0.1015512b3c5unknown0.0.0.000000000c000000515a590884c801d081255d5e075dC:\Program Files\Skype\Phone\Skype.exeunknown6ade0766-ed1a-11e4-a069-00270e197932



Error: (04/27/2015 04:51:15 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Skype.exe7.3.0.1015512b3c5unknown0.0.0.000000000c0000005188690281e4001d0812104f2b595C:\Program Files\Skype\Phone\Skype.exeunknownc2cfedc6-ed16-11e4-a069-00270e197932



Error: (04/27/2015 03:35:24 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Skype.exe7.3.0.1015512b3c5unknown0.0.0.000000000c0000005186b908818ac01d08117bf291b18C:\Program Files\Skype\Phone\Skype.exeunknown2a72aed6-ed0c-11e4-a87e-00270e197932



Error: (04/26/2015 03:07:59 PM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Aplicativo: FreemakeVD.exe

Versão do Framework: v4.0.30319

Descrição: O processo foi terminado devido a uma exceção sem tratamento.

Informações da Exceção: System.AccessViolationException

Pilha:

   em FMMediaSourceLib.IMediaSourceStreams.Close()

   em VideoDownloader.Model.Conversion.MediaConverter.FreeMediaSource(FMMediaSourceLib.IMediaSourceStreams)

   em VideoDownloader.Model.Conversion.MediaConverterBase.Stop()

   em VideoDownloader.Model.Actions.ConvertActionBase.ConverterConversionEnded(System.Object)

   em VideoDownloader.Model.Conversion.MediaConverterBase.OnConversionEnded()

   em VideoDownloader.Model.Conversion.MediaConverterBase.ConvertTimerElapsed(System.Object, System.Timers.ElapsedEventArgs)

   em System.Timers.Timer.MyTimerCallback(System.Object)

   em System.Threading.TimerQueueTimer.CallCallbackInContext(System.Object)

   em System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

   em System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

   em System.Threading.TimerQueueTimer.CallCallback()

   em System.Threading.TimerQueueTimer.Fire()

   em System.Threading.TimerQueue.FireNextTimers()

   em System.Threading.TimerQueue.AppDomainTimerCallback()



Error: (04/23/2015 06:29:56 PM) (Source: Windows Search Service) (EventID: 7042) (User: )

Description: Detalhes:

    O catálogo do índice de conteúdo está corrompido.  (HRESULT : 0xc0041801) (0xc0041801)

The catalog is corrupt



Error: (04/23/2015 06:29:56 PM) (Source: Windows Search Service) (EventID: 7040) (User: )

Description: Detalhes:

    O catálogo do índice de conteúdo está corrompido.  (HRESULT : 0xc0041801) (0xc0041801)

4400



Error: (04/23/2015 06:29:56 PM) (Source: Windows Search Service) (EventID: 7010) (User: )

Description: Detalhes:

    O banco de dados do índice de conteúdo está corrompido.  (HRESULT : 0xc0041800) (0xc0041800)



Error: (04/23/2015 06:29:56 PM) (Source: Windows Search Service) (EventID: 3058) (User: )

Description: Contexto: Aplicativo Windows



Detalhes:

    O banco de dados do índice de conteúdo está corrompido.  (HRESULT : 0xc0041800) (0xc0041800)



Error: (04/23/2015 06:29:56 PM) (Source: Windows Search Service) (EventID: 3028) (User: )

Description: Contexto: Aplicativo Windows, Catálogo SystemIndex



Detalhes:

    O banco de dados do índice de conteúdo está corrompido.  (HRESULT : 0xc0041800) (0xc0041800)



Error: (04/23/2015 06:29:56 PM) (Source: Windows Search Service) (EventID: 3029) (User: )

Description: Contexto: Aplicativo Windows, Catálogo SystemIndex



Detalhes:

    Elemento não encontrado.  (HRESULT : 0x80070490) (0x80070490)

Search.TripoliIndexer





==================== Memory info ===========================



Processor: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz

Percentage of memory in use: 50%

Total physical RAM: 2035.84 MB

Available physical RAM: 1013.13 MB

Total Pagefile: 12507.84 MB

Available Pagefile: 11300.57 MB

Total Virtual: 2047.88 MB

Available Virtual: 1901.05 MB



==================== Drives ================================



Drive c: () (Fixed) (Total:153.88 GB) (Free:15.64 GB) NTFS

Drive d: (backup) (Fixed) (Total:144.1 GB) (Free:48.4 GB) NTFS

Drive e: (Simply Red) (CDROM) (Total:0.67 GB) (Free:0 GB) CDFS



==================== MBR & Partition Table ==================



========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 7BF77BF7)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=153.9 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=144.1 GB) - (Type=07 NTFS)



==================== End Of Log ============================
windows analise virus scan x86 result additional farbar
Responder
IsaGeorge
IsaGeorge Novo Membro Registrado
8 Mensagens 2 Curtidas
#3 Por IsaGeorge
29/04/2015 - 14:48
Desculpe Caedu

Segue o solicitado


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-04-2015 01

Ran by Isuara (administrator) on ISAURA-PC on 27-04-2015 23:37:56

Running from D:\Downloads

Loaded Profiles: Isuara (Available profiles: Isuara & Convidado)

Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: Português (Brasil)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: <a href="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/" target="_blank">http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/</a>



==================== Processes (Whitelisted) =================



(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)



(AMD) C:\Windows\System32\atiesrxx.exe

(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeSvc.exe

(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeSvc2.exe

(AMD) C:\Windows\System32\atieclxx.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

(Ellora Assets Corp.) C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe

(                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                ) C:\Program Files\Locaweb\Locaweb Softphone\Locaweb Softphone Manager.exe

( ) C:\Windows\System32\lxbkcoms.exe

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe

(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe

(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe

(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe

(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeTray.exe

(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer.exe

(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\tv_w32.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe

(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe

() C:\Program Files\Elex-tech\YAC\iDesk.exe

(Badoo) C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

(Google Inc.) C:\Users\Isuara\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files\Evernote\Evernote\EvernoteClipper.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

(Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe

(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe

(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe

(Microsoft Corporation) C:\Program Files\Zune\ZuneNss.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Microsoft Corporation) C:\Windows\System32\WerFault.exe

Failed to access process -> chrome.exe

(Google Inc.) C:\Users\Isuara\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Isuara\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Isuara\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Isuara\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Isuara\AppData\Local\Google\Chrome\Application\chrome.exe

Failed to access process -> chrome.exe

(Google Inc.) C:\Users\Isuara\AppData\Local\Google\Chrome\Application\chrome.exe

Failed to access process -> chrome.exe

(Google Inc.) C:\Users\Isuara\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Isuara\AppData\Local\Google\Chrome\Application\chrome.exe

Failed to access process -> chrome.exe

(Microsoft Corporation) C:\Windows\System32\taskmgr.exe





==================== Registry (Whitelisted) ==================



(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)



HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227648 2015-03-19] (AVAST Software)

HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [159456 2011-08-05] (Microsoft Corporation)

HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-04-07] (Apple Inc.)

Winlogon\Notify\ GbPluginBb: C:\Program Files\GbPlugin\gbieh.dll [2012-11-22] (Banco do Brasil)

Winlogon\Notify\ GbPluginCef: C:\Program Files\GbPlugin\gbiehCef.dll [2014-08-12] (Caixa Economica Federal)

HKU\S-1-5-21-450319107-1443454657-1460410450-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [26232152 2015-02-19] (Google)

HKU\S-1-5-21-450319107-1443454657-1460410450-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)

HKU\S-1-5-21-450319107-1443454657-1460410450-1000\...\Run: [Google Update] => C:\Users\Isuara\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-05-31] (Google Inc.)

HKU\S-1-5-21-450319107-1443454657-1460410450-1000\...\Run: [Badoo Desktop] => C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe [1067232 2012-12-24] (Badoo)

HKU\S-1-5-21-450319107-1443454657-1460410450-1000\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)

HKU\S-1-5-21-450319107-1443454657-1460410450-1000\...\Run: [GoogleChromeAutoLaunch_B31499B1F393489D87D07E8BDA2204C4] => C:\Users\Isuara\AppData\Local\Google\Chrome\Application\chrome.exe [812872 2015-04-13] (Google Inc.)

HKU\S-1-5-21-450319107-1443454657-1460410450-1000\...\Run: [Google+ Auto Backup] => C:\Users\Isuara\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3754312 2015-02-13] (Google Inc.)

HKU\S-1-5-21-450319107-1443454657-1460410450-1000\...\Run: [OneDrive] => C:\Users\Isuara\AppData\Local\Microsoft\OneDrive\OneDrive.exe [281248 2015-03-19] (Microsoft Corporation)

HKU\S-1-5-21-450319107-1443454657-1460410450-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> D:\DOWNLO~1\zoek.scr

HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-05-01] (Microsoft Corporation)

Startup: C:\Users\Isuara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-01]

ShortcutTarget: Dropbox.lnk -> C:\Users\Isuara\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Isuara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2014-09-03]

ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

Startup: C:\Users\Isuara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\googledrivesync.lnk [2014-09-03]

ShortcutTarget: googledrivesync.lnk -> C:\Program Files\Google\Drive\googledrivesync.exe (Google)

Startup: C:\Users\Isuara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Jimbo.lnk [2015-02-26]

ShortcutTarget: Jimbo.lnk -> C:\Program Files\Meu Bolso em Dia\Jimbo\Jimbo.exe ()

Startup: C:\Users\Isuara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2015-03-01]

ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Isuara\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-03-19] (Microsoft Corporation)

ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Isuara\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-03-19] (Microsoft Corporation)

ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Isuara\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-03-19] (Microsoft Corporation)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2014-12-22] (AVAST Software)

ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Isuara\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-01-30] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Isuara\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-01-30] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Isuara\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-01-30] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-02-19] (Google)

ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-02-19] (Google)

ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-02-19] (Google)

ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-02-19] (Google)

ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-02-19] (Google)

ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-02-19] (Google)

CHR HKU\S-1-5-21-450319107-1443454657-1460410450-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION



==================== Internet (Whitelisted) ====================



(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)



HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = <a href="http://www.bing.com" target="_blank">http://www.bing.com</a>

SearchScopes: HKLM -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = <a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a>

SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = <a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a>

SearchScopes: HKU\.DEFAULT -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = <a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a>

SearchScopes: HKU\.DEFAULT -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = <a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a>

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = <a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a>

SearchScopes: HKU\S-1-5-19 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = <a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a>

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = <a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a>

SearchScopes: HKU\S-1-5-20 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = <a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a>

SearchScopes: HKU\S-1-5-21-450319107-1443454657-1460410450-1000 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = <a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a>

SearchScopes: HKU\S-1-5-21-450319107-1443454657-1460410450-1000 -> 10677B069AE940B9A632C31C4CDFCDD2 URL = <a href="http://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}" target="_blank">http://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}</a>

SearchScopes: HKU\S-1-5-21-450319107-1443454657-1460410450-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = <a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a>

SearchScopes: HKU\S-1-5-21-450319107-1443454657-1460410450-1000 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = <a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a>

SearchScopes: HKU\S-1-5-21-450319107-1443454657-1460410450-1000 -> {F992E376-027D-4C35-A2CB-5AB83B06F73C} URL = <a href="http://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=062413&q={searchTerms}&src=IE-SearchBox" target="_blank">http://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=062413&q={searchTerms}&src=IE-SearchBox</a>

BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-22] (AVAST Software)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

BHO: No Name -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} ->  No File

BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files\GbPlugin\gbiehCef.dll [2014-08-12] (Caixa Economica Federal)

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} <a href="http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab" target="_blank">http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab</a>

DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} <a href="http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab" target="_blank">http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab</a>

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <a href="http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab" target="_blank">http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab</a>

Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  No File

Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  No File

ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files\GbPlugin\gbieh.dll [1585768 2012-11-22] (Banco do Brasil)

ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files\GbPlugin\gbiehcef.dll [1736008 2014-08-12] (Caixa Economica Federal)

Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1



FireFox:

========

FF ProfilePath: C:\Users\Isuara\AppData\Roaming\Mozilla\Firefox\Profiles\f9v5k0er.default

FF DefaultSearchUrl: <a href="https://www.google.com/search/?trackid=sp-006" target="_blank">https://www.google.com/search/?trackid=sp-006</a>

FF SearchEngineOrder.3: Bing

FF Homepage: <a href="https://www.google.com/?trackid=sp-006" target="_blank">https://www.google.com/?trackid=sp-006</a>

FF Keyword.URL: <a href="https://www.google.com/search/?trackid=sp-006" target="_blank">https://www.google.com/search/?trackid=sp-006</a>

FF DefaultSearchEngine: Google (avast)

FF SearchEngineOrder.1: Google (avast)

FF SelectedSearchEngine: Google (avast)

FF NewTab: about:newtab

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-20] ()

FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll No File

FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()

FF Plugin: <a href="/comunidade/members/user.636732">@google.com</a>/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll No File

FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-06-25] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-06-25] (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL No File

FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files\Microsoft\Office Live\npOLW.dll No File

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File

FF Plugin: <a href="/comunidade/members/user.419029">@skype</a> Technologies S.A..com/Skype Web Plugin -> C:\Program Files\SkypeWebPlugin\3.1.15602.22612\npSkypeWebPlugin.dll [2014-07-24] (Skype)

FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-09] (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-09] (Google Inc.)

FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-450319107-1443454657-1460410450-1000: <a href="/comunidade/members/user.419029">@skype</a> Limited.com/Facebook Video Calling Plugin -> C:\Users\Isuara\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

FF Plugin HKU\S-1-5-21-450319107-1443454657-1460410450-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Isuara\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)

FF Plugin HKU\S-1-5-21-450319107-1443454657-1460410450-1000: @talk.google.com/O1DPlugin -> C:\Users\Isuara\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)

FF Plugin HKU\S-1-5-21-450319107-1443454657-1460410450-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Isuara\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)

FF Plugin HKU\S-1-5-21-450319107-1443454657-1460410450-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Isuara\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-04-23] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-04-23] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-04-23] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-04-23] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-04-23] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Users\Isuara\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)

FF Plugin ProgramFiles/Appdata: C:\Users\Isuara\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)

FF SearchPlugin: C:\Users\Isuara\AppData\Roaming\Mozilla\Firefox\Profiles\f9v5k0er.default\searchplugins\badoo.xml [2012-12-17]

FF SearchPlugin: C:\Users\Isuara\AppData\Roaming\Mozilla\Firefox\Profiles\f9v5k0er.default\searchplugins\Baixaki.xml [2013-12-10]

FF SearchPlugin: C:\Users\Isuara\AppData\Roaming\Mozilla\Firefox\Profiles\f9v5k0er.default\searchplugins\google-avast.xml [2015-04-20]

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\buscape.xml [2015-01-22]

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mercadolivre.xml [2015-01-22]

FF Extension: No Name - C:\Users\Isuara\AppData\Roaming\Mozilla\Firefox\Profiles\f9v5k0er.default\Extensions\{607b689f-7600-45e4-b8e5-887f72dab15c} [2015-01-24]

FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-01-22]

FF HKLM\...\Firefox\Extensions: [[EMAIL]wrc@avast.com[/EMAIL]] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-12]

FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-04-03]



Chrome:

=======

CHR HomePage: Profile 6 -> hxxp://<a href="'http://www.google.com.br/'" target="_blank">www.google.com.br/</a>

CHR StartupUrls: Profile 6 -> "<a href="https://www.facebook.com/" target="_blank">https://www.facebook.com/</a>", "hxxp://<a href="'http://www.outlook.com/'" target="_blank">www.outlook.com/</a>", "<a href="https://www.google.com.br/" target="_blank">https://www.google.com.br/</a>", "<a href="https://zeropaper.com.br/users/sign_in" target="_blank">https://zeropaper.com.br/users/sign_in</a>", "<a href="https://web.whatsapp.com/" target="_blank">https://web.whatsapp.com/</a>"

CHR DefaultSuggestURL: Profile 6 -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{googleageClassification}{google:searchVersion}{google:sessionToken}{googlerefetchQuery}sugkey={google:suggestAPIKeyParameter}

CHR Profile: C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (No Name) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-24]

CHR Extension: (No Name) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-24]

CHR Extension: (No Name) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-24]

CHR Extension: (Avast Online Security) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-24]

CHR Profile: C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 1

CHR Extension: (No Name) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2012-04-22]

CHR Extension: (Skype Click to Call) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-04-22]

CHR Profile: C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 10

CHR Extension: (Google Slides) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-19]

CHR Extension: (Google Docs) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-19]

CHR Extension: (Google Drive) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-19]

CHR Extension: (No Name) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-19]

CHR Extension: (Google Search) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-19]

CHR Extension: (Yahoo!) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\dogdoihocdkadpalbghcpfafbojcfofa [2015-02-20]

CHR Extension: (Google Sheets) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-19]

CHR Extension: (Avast Online Security) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-19]

CHR Extension: (Google Wallet) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-19]

CHR Extension: (Gmail) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-19]

CHR Profile: C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 11

CHR Extension: (Docs) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-10]

CHR Extension: (Google Drive) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-10]

CHR Extension: (YouTube) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-10]

CHR Extension: (Google Search) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-10]

CHR Extension: (Gmail) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-10]

CHR Profile: C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 2

CHR Extension: (avast! WebRep) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2012-05-27]

CHR Extension: (Skype Click to Call) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-05-27]

CHR Profile: C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 3

CHR Extension: (Google Slides) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-22]

CHR Extension: (Google Docs) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-22]

CHR Extension: (Google Drive) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-10]

CHR Extension: (YouTube) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-10]

CHR Extension: (Adblock Plus) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-12-22]

CHR Extension: (Google Search) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-29]

CHR Extension: (Google Sheets) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-22]

CHR Extension: (AdBlock) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-12-22]

CHR Extension: (Avast Online Security) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-22]

CHR Extension: (Adblock Super) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\knebimhcckndhiglamoabbnifdkijidd [2014-12-22]

CHR Extension: (Video download helper) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mnkioblodjcgkdailhejgcocjkkoochj [2014-12-22]

CHR Extension: (Google Wallet) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-10]

CHR Extension: (Gmail) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-10]

CHR Profile: C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6

CHR Extension: (Duolingo on the Web) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2015-01-10]

CHR Extension: (Angry Birds) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-12-12]

CHR Extension: (Google Docs) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-12]

CHR Extension: (Lucidchart Diagrams - Online) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apboafhkiegglekeafbckfjldecefkhn [2015-03-19]

CHR Extension: (Google Drive) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-04]

CHR Extension: (YouTube) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-03]

CHR Extension: (Adblock Plus) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-22]

CHR Extension: (Raindrops(Non-Aero)) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\dpagcfbbmlebfnkeogkigellbgmfkjfg [2014-09-18]

CHR Extension: (Treasure Sprint) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\efdenlkkjdodjbkbbmlnijiljofpadoi [2014-12-11]

CHR Extension: (Off Road Rally) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\gbhibmbedajbmoojnalcbnjjhfgkgnec [2014-12-11]

CHR Extension: (No Name) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb [2014-12-12]

CHR Extension: (EXAME.com para Chrome) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\gjeomhheecfjcmhkncjhoedhchbahmpg [2014-09-18]

CHR Extension: (Bookmark Manager) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-22]

CHR Extension: (Avast Online Security) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-20]

CHR Extension: (Desprotetor de Links) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\imcbnnnoghiihopefblgehihofbfbmei [2014-10-04]

CHR Extension: (Clearly) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\iooicodkiihhpojmmeghjclgihfjdjhj [2014-09-23]

CHR Extension: (Vagalume) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ipgcdnbeeiajinajlafjcdfhckglcopd [2014-12-11]

CHR Extension: (Adblock Super) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-04-20]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-20]

CHR Extension: (GBBD Banco do Brasil) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\mkeabchhfifpaaoefpockjhaphjmoapp [2014-10-13]

CHR Extension: (Google Wallet) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-27]

CHR Extension: (Bridge the Gap) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nnabcmimfeppcngbeaffbdibagokamji [2014-12-11]

CHR Extension: (No Name) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\oolmcecgdmgibngcbeedeljjadklplag [2014-08-18]

CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi [2014-10-06]

CHR Extension: (Tarifa de Táxi) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pbldopcdkcepddcophogapjebhfjbpfp [2014-08-18]

CHR Extension: (No BBB) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pffipagakjgfndljjpkbdpoimojmgjca [2015-01-21]

CHR Extension: (Evernote Web Clipper) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2014-08-18]

CHR Extension: (Gmail) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-17]

CHR Profile: C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 7

CHR Extension: (Google Slides) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-25]

CHR Extension: (Google Docs) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-25]

CHR Extension: (Google Drive) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-25]

CHR Extension: (YouTube) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-25]

CHR Extension: (Google Search) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-25]

CHR Extension: (Google Sheets) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-25]

CHR Extension: (Avast Online Security) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-20]

CHR Extension: (Google Wallet) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-25]

CHR Extension: (Gmail) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-25]

CHR Profile: C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 8

CHR Extension: (Google Slides) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-02]

CHR Extension: (Google Docs) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-02]

CHR Extension: (Google Drive) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-02]

CHR Extension: (YouTube) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-02]

CHR Extension: (Google Search) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-02]

CHR Extension: (Google Sheets) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-02]

CHR Extension: (Avast Online Security) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-24]

CHR Extension: (Google Wallet) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-02]

CHR Extension: (Gmail) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-02]

CHR Profile: C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 9

CHR Extension: (Google Slides) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-19]

CHR Extension: (Google Docs) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-19]

CHR Extension: (Google Drive) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-19]

CHR Extension: (YouTube) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-19]

CHR Extension: (Google Search) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-19]

CHR Extension: (Google Sheets) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-19]

CHR Extension: (Bookmark Manager) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-22]

CHR Extension: (Avast Online Security) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-19]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-20]

CHR Extension: (Google Wallet) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-19]

CHR Extension: (Adblock Plus) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\ogkamflngncafnakobfendjelfmmdppf [2015-03-19]

CHR Extension: (Gmail) - C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-19]

CHR HKLM\...\Chrome\Extension: [dogdoihocdkadpalbghcpfafbojcfofa] - <a href="https://clients2.google.com/service/update2/crx" target="_blank">https://clients2.google.com/service/update2/crx</a>

CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-22]

CHR HKU\S-1-5-21-450319107-1443454657-1460410450-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Isuara\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-11]

StartMenuInternet: Google Chrome - c:\users\isuara\appdata\local\google\chrome\application\chrome.exe



========================== Services (Whitelisted) =================



(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)



R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-22] (AVAST Software)

R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-12-03] (Freemake) [File not signed]

R2 FreemakeVideoCapture; C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-12-03] (Ellora Assets Corp.) [File not signed]

R2 iSafeService; C:\Program Files\Elex-tech\YAC\iSafeSvc.exe [118048 2015-03-20] (Elex do Brasil Participações Ltda)

R2 Locaweb_Softphone_Manager; C:\Program Files\Locaweb\Locaweb Softphone\Locaweb Softphone Manager.exe [102400 2015-01-12] (                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                ) [File not signed]

R2 lxbk_device; C:\Windows\system32\lxbkcoms.exe [537256 2008-02-19] ( )

R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]

R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)

R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)

S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

S2 GbpSv; C:\PROGRA~1\GbPlugin\GbpSv.exe [X]

S2 Update Mgr RollAround; "C:\Program Files\Common Files\2a617352-d396-46a3-a71b-5d89535356cf\updater.exe" [X]



==================== Drivers (Whitelisted) ====================



(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)



R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-12-22] ()

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-12-22] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-12-22] (AVAST Software)

R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-12-22] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-12-22] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-12-22] (AVAST Software)

R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2014-12-22] (AVAST Software)

R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-12-22] ()

R0 GbpKm; C:\Windows\System32\drivers\gbpkm.sys [46552 2014-11-03] (GAS Tecnologia)

R1 iSafeKrnl; C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys [215336 2015-03-20] (Elex do Brasil Participações Ltda)

S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [40744 2015-03-20] (Elex do Brasil Participações Ltda)

R1 iSafeKrnlKit; C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys [83752 2015-03-20] (Elex do Brasil Participações Ltda)

R1 iSafeKrnlMon; C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys [34856 2015-03-20] (Elex do Brasil Participações Ltda)

R1 iSafeKrnlR3; C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys [63400 2015-03-20] (Elex do Brasil Participações Ltda)

R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [44712 2015-02-17] (Elex do Brasil Participações Ltda)

R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [48280 2014-12-15] (Visicom Media Inc.)

R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv.sys [30488 2014-12-15] (Visicom Media Inc.)

R1 ndisrd; C:\Windows\System32\DRIVERS\gbpndisrdn.sys [29400 2014-10-10] (GAS Tecnologia)

R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)

S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [629760 2010-08-10] (Realtek Semiconductor Corporation                           )

S3 rtl819xp; C:\Windows\System32\DRIVERS\rtl819xp.sys [557600 2010-07-18] (Realtek Semiconductor Corporation                           )

S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [File not signed]

S3 MsgPlusDriver; system32\DRIVERS\MsgPlusDriver.sys [X]

S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]



==================== NetSvcs (Whitelisted) ===================



(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)





==================== One Month Created Files and Folders ========



(If an entry is included in the fixlist, the file\folder will be moved.)



2015-04-27 23:30 - 2015-04-27 23:38 - 00000000 ____D () C:\FRST

2015-04-27 17:48 - 2015-04-27 20:22 - 00000112 _____ () C:\Windows\setupact.log

2015-04-27 17:48 - 2015-04-27 20:21 - 00002708 _____ () C:\Windows\PFRO.log

2015-04-27 17:48 - 2015-04-27 17:48 - 00000000 _____ () C:\Windows\setuperr.log

2015-04-27 16:53 - 2015-04-27 16:53 - 00000000 ____D () C:\Users\Todos os Usuários\GbPlugin

2015-04-27 16:53 - 2015-04-27 16:53 - 00000000 ____D () C:\ProgramData\GbPlugin

2015-04-27 15:42 - 2015-04-27 23:19 - 00000000 ___RD () C:\Users\Isuara\OneDrive

2015-04-26 12:39 - 2015-04-26 12:39 - 00000000 ____D () C:\Users\Isuara\AppData\Local\FreemakeVideoDownloader

2015-04-23 14:22 - 2015-04-23 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2015-04-23 14:21 - 2015-04-23 14:21 - 00000000 ____D () C:\Program Files\iPod

2015-04-23 14:20 - 2015-04-23 14:22 - 00000000 ____D () C:\Users\Todos os Usuários\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB

2015-04-23 14:20 - 2015-04-23 14:22 - 00000000 ____D () C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB

2015-04-23 14:09 - 2015-04-23 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

2015-04-23 14:08 - 2015-04-23 14:09 - 00000000 ____D () C:\Program Files\QuickTime

2015-04-23 10:51 - 2015-04-23 10:51 - 00000000 ___HD () C:\OneDriveTemp

2015-04-22 10:40 - 2015-03-20 00:49 - 00040744 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys

2015-04-22 10:40 - 2015-02-17 00:51 - 00044712 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys

2015-04-22 10:39 - 2015-04-22 10:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC

2015-04-20 17:52 - 2015-04-20 17:52 - 00000000 ___SD () C:\Windows\system32\GWX

2015-04-20 17:52 - 2015-04-20 17:52 - 00000000 ____D () C:\Windows\system32\appraiser

2015-04-17 19:03 - 2015-04-01 20:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2015-04-17 19:03 - 2015-03-23 00:06 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2015-04-17 19:03 - 2015-03-23 00:06 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

2015-04-17 19:03 - 2015-03-23 00:06 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2015-04-17 19:03 - 2015-03-23 00:06 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2015-04-17 19:03 - 2015-03-23 00:06 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2015-04-17 19:03 - 2015-03-23 00:06 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

2015-04-17 19:03 - 2015-03-23 00:06 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

2015-04-17 19:03 - 2015-03-22 23:59 - 00896000 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2015-04-17 19:03 - 2015-03-17 02:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe

2015-04-17 19:03 - 2015-03-17 02:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2015-04-17 19:03 - 2015-03-17 02:01 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2015-04-17 19:03 - 2015-03-17 02:01 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2015-04-17 19:03 - 2015-03-17 01:59 - 01306112 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2015-04-17 19:03 - 2015-03-17 01:57 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2015-04-17 19:03 - 2015-03-17 01:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2015-04-17 19:03 - 2015-03-17 01:57 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2015-04-17 19:03 - 2015-03-17 01:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2015-04-17 19:03 - 2015-03-17 01:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2015-04-17 19:03 - 2015-03-17 01:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2015-04-17 19:03 - 2015-03-17 01:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2015-04-17 19:03 - 2015-03-17 01:57 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2015-04-17 19:03 - 2015-03-17 01:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2015-04-17 19:03 - 2015-03-17 01:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll

2015-04-17 19:03 - 2015-03-17 01:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2015-04-17 19:03 - 2015-03-17 01:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2015-04-17 19:03 - 2015-03-17 01:56 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe

2015-04-17 19:03 - 2015-03-17 01:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2015-04-17 19:03 - 2015-03-17 01:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe

2015-04-17 19:03 - 2015-03-17 01:56 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2015-04-17 19:03 - 2015-03-17 01:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2015-04-17 19:03 - 2015-03-17 01:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2015-04-17 19:03 - 2015-03-17 01:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2015-04-17 19:03 - 2015-03-17 01:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll

2015-04-17 19:03 - 2015-03-17 01:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2015-04-17 19:03 - 2015-03-17 01:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll

2015-04-17 19:03 - 2015-03-13 00:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2015-04-17 19:03 - 2015-03-13 00:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2015-04-17 19:03 - 2015-03-13 00:42 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2015-04-17 19:03 - 2015-03-13 00:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2015-04-17 19:03 - 2015-03-13 00:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2015-04-17 19:03 - 2015-03-13 00:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2015-04-17 19:03 - 2015-03-13 00:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2015-04-17 19:03 - 2015-03-13 00:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2015-04-17 19:03 - 2015-03-13 00:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2015-04-17 19:03 - 2015-03-13 00:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2015-04-17 19:03 - 2015-03-13 00:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2015-04-17 19:03 - 2015-03-13 00:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2015-04-17 19:03 - 2015-03-13 00:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2015-04-17 19:03 - 2015-03-13 00:16 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2015-04-17 19:03 - 2015-03-13 00:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2015-04-17 19:03 - 2015-03-13 00:09 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2015-04-17 19:03 - 2015-03-13 00:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2015-04-17 19:03 - 2015-03-13 00:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2015-04-17 19:03 - 2015-03-12 23:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2015-04-17 19:03 - 2015-03-12 23:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2015-04-17 19:03 - 2015-03-12 23:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2015-04-17 19:03 - 2015-03-12 23:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2015-04-17 19:03 - 2015-03-12 23:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2015-04-17 19:03 - 2015-03-12 23:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2015-04-17 19:03 - 2015-03-12 23:43 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2015-04-17 19:03 - 2015-03-12 23:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2015-04-17 19:03 - 2015-03-12 23:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2015-04-17 19:03 - 2015-03-12 23:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2015-04-17 19:03 - 2015-03-12 23:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2015-04-17 19:03 - 2015-03-12 23:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2015-04-17 19:03 - 2015-03-05 01:06 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2015-04-17 19:03 - 2015-03-04 01:16 - 00249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys

2015-04-17 19:03 - 2015-03-04 01:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll

2015-04-17 19:03 - 2015-01-27 20:36 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe

2015-04-17 19:02 - 2015-03-25 00:00 - 03088384 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2015-04-17 19:02 - 2015-03-25 00:00 - 02020864 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2015-04-17 19:02 - 2015-03-25 00:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2015-04-17 19:02 - 2015-03-25 00:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2015-04-17 19:02 - 2015-03-25 00:00 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2015-04-17 19:02 - 2015-03-25 00:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2015-04-17 19:02 - 2015-03-25 00:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll

2015-04-17 19:02 - 2015-03-25 00:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2015-04-17 19:02 - 2015-03-25 00:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2015-04-17 19:02 - 2015-03-25 00:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2015-04-17 19:02 - 2015-03-25 00:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll

2015-04-17 19:02 - 2015-03-10 00:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2015-04-17 19:02 - 2015-03-10 00:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2015-04-17 19:02 - 2015-02-25 00:03 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys



==================== One Month Modified Files and Folders =======



(If an entry is included in the fixlist, the file\folder will be moved.)



2015-04-27 23:29 - 2012-05-03 17:28 - 00001058 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-04-27 22:54 - 2014-06-17 18:48 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-04-27 22:49 - 2012-03-11 15:11 - 00001082 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-450319107-1443454657-1460410450-1000UA.job

2015-04-27 22:09 - 2013-12-10 08:41 - 01288613 _____ () C:\Windows\WindowsUpdate.log

2015-04-27 21:55 - 2012-04-14 20:24 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-450319107-1443454657-1460410450-1000UA.job

2015-04-27 21:35 - 2012-03-13 12:43 - 00000000 ____D () C:\Users\Isuara\AppData\Roaming\Skype

2015-04-27 20:37 - 2009-07-14 01:34 - 00025616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-04-27 20:37 - 2009-07-14 01:34 - 00025616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-04-27 20:28 - 2013-12-10 09:34 - 00000000 ___RD () C:\Users\Isuara\Dropbox

2015-04-27 20:27 - 2013-12-10 09:21 - 00000000 ____D () C:\Users\Isuara\AppData\Roaming\Dropbox

2015-04-27 20:24 - 2012-05-03 17:28 - 00001054 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-04-27 20:22 - 2009-07-14 01:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2015-04-27 17:57 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system32\LogFiles

2015-04-27 15:42 - 2012-03-11 10:53 - 00000000 ____D () C:\Users\Isuara

2015-04-27 15:33 - 2015-02-24 14:46 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR

2015-04-26 16:23 - 2012-08-01 19:25 - 00000000 ___RD () C:\Users\Isuara\SkyDrive

2015-04-26 16:05 - 2012-03-11 10:57 - 01643654 _____ () C:\Windows\system32\PerfStringBackup.INI

2015-04-26 16:05 - 2009-07-14 05:31 - 00708702 _____ () C:\Windows\system32\prfh0416.dat

2015-04-26 16:05 - 2009-07-14 05:31 - 00148482 _____ () C:\Windows\system32\prfc0416.dat

2015-04-26 13:49 - 2012-03-11 15:11 - 00001030 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-450319107-1443454657-1460410450-1000Core.job

2015-04-26 11:54 - 2012-04-14 20:24 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-450319107-1443454657-1460410450-1000Core.job

2015-04-23 18:12 - 2012-03-11 10:57 - 00000000 ____D () C:\Users\Isuara\AppData\Local\Microsoft Help

2015-04-23 18:12 - 2009-07-13 23:37 - 00000000 __RHD () C:\Users\Default

2015-04-23 14:22 - 2013-09-18 15:50 - 00000000 ____D () C:\Program Files\iTunes

2015-04-23 14:20 - 2013-07-18 18:45 - 00000000 ____D () C:\Program Files\Common Files\Apple

2015-04-23 10:37 - 2009-07-14 01:53 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2015-04-22 21:06 - 2013-01-09 19:33 - 00000000 ____D () C:\Program Files\GbPlugin

2015-04-22 21:04 - 2014-12-31 15:30 - 00031088 _____ (GbPlugin NDIS Device Driver) C:\Windows\system32\Drivers\gbpndisrd.sys

2015-04-22 21:00 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system32\NDF

2015-04-22 14:48 - 2015-03-19 13:54 - 00002520 _____ () C:\Users\Isuara\Desktop\Inicializador de aplicativos do Google Chrome.lnk

2015-04-22 14:48 - 2015-01-26 10:24 - 00002446 _____ () C:\Users\Isuara\Desktop\Cigana Lola - Chrome.lnk

2015-04-22 11:39 - 2013-12-20 20:22 - 00000000 ____D () C:\Windows\Minidump

2015-04-22 09:54 - 2012-03-19 14:06 - 00000000 ____D () C:\Users\Isuara\AppData\Roaming\Mozilla

2015-04-20 21:03 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\Microsoft.NET

2015-04-20 18:21 - 2015-01-27 13:20 - 00000000 ____D () C:\Users\Isuara\AppData\Local\Codelines

2015-04-20 18:20 - 2014-09-04 19:22 - 00000000 ____D () C:\Users\Isuara\AppData\Local\Massive Media

2015-04-20 18:08 - 2012-03-13 12:42 - 00000000 ____D () C:\Users\Todos os Usuários\Skype

2015-04-20 18:08 - 2012-03-13 12:42 - 00000000 ____D () C:\ProgramData\Skype

2015-04-20 18:07 - 2012-03-13 12:42 - 00000000 ___RD () C:\Program Files\Skype

2015-04-20 17:52 - 2014-05-06 22:27 - 00000000 ___SD () C:\Windows\system32\CompatTel

2015-04-20 17:52 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system32\pt-BR

2015-04-20 17:52 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\AppCompat

2015-04-20 17:48 - 2012-03-11 10:57 - 00000000 ____D () C:\Users\Todos os Usuários\Microsoft Help

2015-04-20 17:48 - 2012-03-11 10:57 - 00000000 ____D () C:\ProgramData\Microsoft Help

2015-04-20 17:39 - 2014-01-15 16:11 - 00000000 ____D () C:\Windows\system32\MRT

2015-04-20 17:28 - 2012-05-23 21:18 - 00000000 ___RD () C:\Users\Isuara\Google Drive

2015-04-20 16:31 - 2012-08-07 12:54 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2015-04-20 16:12 - 2015-02-18 19:38 - 00001020 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk

2015-04-20 16:09 - 2009-07-13 23:04 - 00000478 _____ () C:\Windows\win.ini

2015-04-20 15:07 - 2012-03-19 14:06 - 00001093 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2015-04-20 14:54 - 2014-06-17 18:48 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2015-04-20 14:54 - 2014-06-17 18:48 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2015-04-17 15:34 - 2013-12-10 09:23 - 00000000 ____D () C:\Users\Isuara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox



==================== Files in the root of some directories =======



2013-08-17 17:14 - 2013-08-17 17:14 - 0000288 _____ () C:\Users\Isuara\AppData\Roaming\.backup.dm

2015-03-11 15:30 - 2015-03-11 15:58 - 0038480 _____ () C:\Users\Isuara\AppData\Roaming\Microsoft Excel 97-2003.ADR

2012-08-26 20:26 - 2013-12-10 09:42 - 11491478 _____ () C:\Users\Isuara\AppData\Roaming\UserTile.png

2015-03-11 16:05 - 2015-03-11 16:05 - 0038467 _____ () C:\Users\Isuara\AppData\Roaming\Valores Separados por Tabulações (DOS).ADR

2012-04-23 10:49 - 2015-03-11 16:12 - 0022477 _____ () C:\Users\Isuara\AppData\Roaming\Valores Separados por Tabulações (Windows).ADR

2012-04-25 16:02 - 2013-11-19 19:41 - 0007596 _____ () C:\Users\Isuara\AppData\Local\Resmon.ResmonCfg



Some content of TEMP:

====================

C:\Users\Isuara\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfe6tew.dll





==================== Bamital & volsnap Check =================



(There is no automatic fix for files that do not pass verification.)



C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed





LastRegBack: 2014-07-28 19:14



==================== End Of Log ============================
caedurodrigues
caedurodrigu... Tô em todas Registrado
710 Mensagens 257 Curtidas
#4 Por caedurodrigu...
29/04/2015 - 19:32
Boa noite IsaGeorge, informe com pormenores o que está ocorrendo com o PC.
  • Copie estas informações que estão em vermelho,para o Bloco de Notas.
  • Salve-a com o nome fixlist.txt
  • Salve-a no mesmo local em que se encontra a FRST

start
CreateRestorePoint:
CloseProcesses:
CHR HKU\S-1-5-21-450319107-1443454657-1460410450-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-450319107-1443454657-1460410450-1000 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-450319107-1443454657-1460410450-1000 -> 10677B069AE940B9A632C31C4CDFCDD2 URL = http://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
SearchScopes: HKU\S-1-5-21-450319107-1443454657-1460410450-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-450319107-1443454657-1460410450-1000 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-450319107-1443454657-1460410450-1000 -> {F992E376-027D-4C35-A2CB-5AB83B06F73C} URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=062413&q={searchTerms}&src=IE-SearchBox
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
FF DefaultSearchUrl: https://www.google.com/search/?trackid=sp-006
FF Homepage: https://www.google.com/?trackid=sp-006
FF Keyword.URL: https://www.google.com/search/?trackid=sp-006
S2 GbpSv; C:\PROGRA~1\GbPlugin\GbpSv.exe [X]
S2 Update Mgr RollAround; "C:\Program Files\Common Files\2a617352-d396-46a3-a71b-5d89535356cf\updater.exe" [X]
S3 MsgPlusDriver; system32\DRIVERS\MsgPlusDriver.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
C:\Users\Isuara\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfe6tew.dll
Task: {9847F595-799F-4A22-8876-0BFD8391213D} - \FacebookUpdateTaskUserS-1-5-21-450319107-1443454657-1460410450-1000UA No Task File <==== ATTENTION
Task: {CA6254E6-FAF8-4204-8CEF-EB5FA3ED9E8C} - \FacebookUpdateTaskUserS-1-5-21-450319107-1443454657-1460410450-1000Core No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:7311BB85
AlternateDataStreams: C:\ProgramData\TEMP:F1DEA771
AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:7311BB85
AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:F1DEA771
HOSTS:
CMD: bitsadmin /reset /allusers
CMD: ipconfig /flushdns
emptytemp:
end
Execute FRST/FRST64 >> Clique "Fix". << Aguarde!
Poste o relatório! (Fixlog.txt)

Um grande abraço. bom_trabalho.gif

bda2ffa2e92f7f2a44c02bfd0ae2986b
< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos irreparáveis aos mesmos! >
IsaGeorge
IsaGeorge Novo Membro Registrado
8 Mensagens 2 Curtidas
#5 Por IsaGeorge
30/04/2015 - 17:48
Prezado Caedu,

Em minha ultima atualização do adobe, foi baixado um programa de nome Buzzdock ads, que constantemente altera minhas paginas no Google Chromes, direciona-as para sites de compras e não sei como desinstalar esse programa. Já tentei de diversas formas e não consigo e ele não é percebido pelo antivirus avast.

Abaixo segue o fixlog.txt


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 27-04-2015 01

Ran by Isuara at 2015-04-30 17:05:54 Run:1

Running from D:\Downloads

Loaded Profiles: Isuara (Available profiles: Isuara & Convidado)

Boot Mode: Normal



==============================================



Content of fixlist:

*****************

start

CreateRestorePoint:

CloseProcesses:

CHR HKU\S-1-5-21-450319107-1443454657-1460410450-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

SearchScopes: HKLM -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = <a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a>

SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = <a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a>

SearchScopes: HKU\.DEFAULT -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = <a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a>

SearchScopes: HKU\.DEFAULT -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = <a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a>

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = <a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a>

SearchScopes: HKU\S-1-5-19 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = <a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a>

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = <a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a>

SearchScopes: HKU\S-1-5-20 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = <a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a>

SearchScopes: HKU\S-1-5-21-450319107-1443454657-1460410450-1000 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = <a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a>

SearchScopes: HKU\S-1-5-21-450319107-1443454657-1460410450-1000 -> 10677B069AE940B9A632C31C4CDFCDD2 URL = <a href="http://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}" target="_blank">http://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}</a>

SearchScopes: HKU\S-1-5-21-450319107-1443454657-1460410450-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = <a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a>

SearchScopes: HKU\S-1-5-21-450319107-1443454657-1460410450-1000 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = <a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a>

SearchScopes: HKU\S-1-5-21-450319107-1443454657-1460410450-1000 -> {F992E376-027D-4C35-A2CB-5AB83B06F73C} URL = <a href="http://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=062413&q={searchTerms}&src=IE-SearchBox" target="_blank">http://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=062413&q={searchTerms}&src=IE-SearchBox</a>

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} <a href="http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab" target="_blank">http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab</a>

DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} <a href="http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab" target="_blank">http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab</a>

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <a href="http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab" target="_blank">http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab</a>

FF DefaultSearchUrl: <a href="https://www.google.com/search/?trackid=sp-006" target="_blank">https://www.google.com/search/?trackid=sp-006</a>

FF Homepage: <a href="https://www.google.com/?trackid=sp-006" target="_blank">https://www.google.com/?trackid=sp-006</a>

FF Keyword.URL: <a href="https://www.google.com/search/?trackid=sp-006" target="_blank">https://www.google.com/search/?trackid=sp-006</a>

S2 GbpSv; C:\PROGRA~1\GbPlugin\GbpSv.exe [X]

S2 Update Mgr RollAround; "C:\Program Files\Common Files\2a617352-d396-46a3-a71b-5d89535356cf\updater.exe" [X]

S3 MsgPlusDriver; system32\DRIVERS\MsgPlusDriver.sys [X]

S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]

C:\Users\Isuara\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfe6tew.dll

Task: {9847F595-799F-4A22-8876-0BFD8391213D} - \FacebookUpdateTaskUserS-1-5-21-450319107-1443454657-1460410450-1000UA No Task File <==== ATTENTION

Task: {CA6254E6-FAF8-4204-8CEF-EB5FA3ED9E8C} - \FacebookUpdateTaskUserS-1-5-21-450319107-1443454657-1460410450-1000Core No Task File <==== ATTENTION

AlternateDataStreams: C:\ProgramData\TEMP:7311BB85

AlternateDataStreams: C:\ProgramData\TEMP:F1DEA771

AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:7311BB85

AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:F1DEA771

HOSTS:

CMD: bitsadmin /reset /allusers 

CMD: ipconfig /flushdns

emptytemp:

end

*****************



Restore point was successfully created.

Processes closed successfully.

"HKU\S-1-5-21-450319107-1443454657-1460410450-1000\SOFTWARE\Policies\Google" => Key deleted successfully.

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.

"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}" => Key deleted successfully.

HKCR\CLSID\{0191A6B0-1154-4C22-9182-23A95BBE92D9} => Key not found. 

HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.

"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}" => Key deleted successfully.

HKCR\CLSID\{0191A6B0-1154-4C22-9182-23A95BBE92D9} => Key not found. 

HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.

"HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}" => Key deleted successfully.

HKCR\CLSID\{0191A6B0-1154-4C22-9182-23A95BBE92D9} => Key not found. 

HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.

"HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}" => Key deleted successfully.

HKCR\CLSID\{0191A6B0-1154-4C22-9182-23A95BBE92D9} => Key not found. 

HKU\S-1-5-21-450319107-1443454657-1460410450-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.

"HKU\S-1-5-21-450319107-1443454657-1460410450-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\10677B069AE940B9A632C31C4CDFCDD2" => Key deleted successfully.

HKCR\CLSID\10677B069AE940B9A632C31C4CDFCDD2 => Key not found. 

"HKU\S-1-5-21-450319107-1443454657-1460410450-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => Key deleted successfully.

HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => Key not found. 

"HKU\S-1-5-21-450319107-1443454657-1460410450-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}" => Key deleted successfully.

HKCR\CLSID\{0191A6B0-1154-4C22-9182-23A95BBE92D9} => Key not found. 

"HKU\S-1-5-21-450319107-1443454657-1460410450-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F992E376-027D-4C35-A2CB-5AB83B06F73C}" => Key deleted successfully.

HKCR\CLSID\{F992E376-027D-4C35-A2CB-5AB83B06F73C} => Key not found. 

"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}" => Key deleted successfully.

"HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}" => Key deleted successfully.

"HKCR\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}" => Key deleted successfully.

"HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}" => Key deleted successfully.

Firefox DefaultSearchUrl deleted successfully.

Firefox homepage deleted successfully.

Firefox Keyword.URL deleted successfully.

GbpSv => Service deleted successfully.

Update Mgr RollAround => Service deleted successfully.

MsgPlusDriver => Service deleted successfully.

pccsmcfd => Service deleted successfully.

"C:\Users\Isuara\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfe6tew.dll" => File/Directory not found.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9847F595-799F-4A22-8876-0BFD8391213D}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9847F595-799F-4A22-8876-0BFD8391213D}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-450319107-1443454657-1460410450-1000UA" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA6254E6-FAF8-4204-8CEF-EB5FA3ED9E8C}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA6254E6-FAF8-4204-8CEF-EB5FA3ED9E8C}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-450319107-1443454657-1460410450-1000Core" => Key deleted successfully.

C:\ProgramData\TEMP => ":7311BB85" ADS removed successfully.

C:\ProgramData\TEMP => ":F1DEA771" ADS removed successfully.

"C:\Users\Todos os Usuários\TEMP" => ":7311BB85" ADS not found.

"C:\Users\Todos os Usuários\TEMP" => ":F1DEA771" ADS not found.

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.

Hosts was reset successfully.



=========  bitsadmin /reset /allusers =========





BITSADMIN version 3.0 [ 7.5.7601 ]

BITS administration utility.

(C) Copyright 2000-2006 Microsoft Corp.



BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.

Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.



Unable to cancel {527EC57C-C88C-4171-90FB-50CD44CBAFB9}.

{E9A406CB-6689-4B4A-93CA-5AC013B704A0} canceled.

{1250CE9E-5931-4AD7-9F68-FA705BE5A80B} canceled.

{92E74561-59A9-4B37-9437-0584A94D7B81} canceled.

{9B263096-6A5A-4E70-B0C5-12FE448AA1C6} canceled.

4 out of 5 jobs canceled.



========= End of CMD: =========





=========  ipconfig /flushdns =========





Configura��o de IP do Windows



N�o foi poss�vel liberar o Cache do DNS Resolver: A fun��o falhou durante a execu��o.





========= End of CMD: =========



EmptyTemp: => Removed 1.2 GB temporary data.





The system needed a reboot. 



==== End of Fixlog 17:11:30 ====
TmfeijoMMonroe
TmfeijoMMonr... Cyber Highlander Registrado
13.7K Mensagens 4.2K Curtidas
#6 Por TmfeijoMMonr...
30/04/2015 - 18:46
Boa noite ! IsaGeorge

Com licença . Se me permitem !

Onde obteve atualização do adobe ? Pois Buzzdock ads outra infecção !

Veio automático pelo próprio software ? Através desta versão ( DC 2015.007.20033 inclusive esta é pesada ; melhor a 11.010 for windows ) atual ?

http://get.adobe.com/br/reader/otherversions/
http://s1062.photobucket.com/user/Edson_Melo/media/Screen Shot 04-30-15 at 07.02 PM.png.html?sort=3&o=0

Se sim . Já aconteceu comigo . Lógico que em uma atualização/versão antiga até então e em meu post/tópico teve a discussão de que não seria possível sendo diretamente no site da adobe .


Abraços
caedurodrigues
caedurodrigu... Tô em todas Registrado
710 Mensagens 257 Curtidas
#7 Por caedurodrigu...
30/04/2015 - 22:30
Boa noite IsaGeorge,
  • Baixe: <2cb63f5a3cb2891ffea3918328744eaf> (...par Xplode)
  • Ou aqui >>AdwCleaner<<
  • Salve-a na sua Desktop (área de trabalho).
  • Feche todos os programas e navegadores de internet abertos.
  • Usuários do Windows Vista ou Windows 7,clique com o direito do mouse sobre o arquivo AdwCleaner.exe,depois clique em:
    715687bce3607a295707796273fb2e69

    43c99d23e544ec749d16171b30fe4b3c

  • Clique em Examinar, para iniciar o escaneamento!

    c16bf206c6be4697bd007bbcc0ea8fc9
  • Ao término, clique em limpar
  • Copie o log ou clique "Relatório".
  • Poste: >>C:\AdwCleaner\AdwCleaner [S0].txt<<


  • Baixe:<30e722672bdc2a82ab971d6946fd2de0> <(...by Oleg N. Scherbakov)>
  • Salve-o no desktop!
  • Desabilite seu antivírus!
  • Para Windows 7, clique direito em JRT.exe e execute-o como 06b357286306fefd312a9f88ba39d1e6
Imagem
Aguarde a conclusão e poste o relatório. ( JRT.txt )


Um grande abraço. bom_trabalho.gif
IsaGeorge
IsaGeorge Novo Membro Registrado
8 Mensagens 2 Curtidas
#8 Por IsaGeorge
02/05/2015 - 00:11
Tmfeijo disse:
Boa noite ! IsaGeorge

Com licença . Se me permitem !

Onde obteve atualização do adobe ? Pois Buzzdock ads outra infecção !

Veio automático pelo próprio software ? Através desta versão ( DC 2015.007.20033 inclusive esta é pesada ; melhor a 11.010 for windows ) atual ?

http://get.adobe.com/br/reader/otherversions/
http://s1062.photobucket.com/user/Edson_Melo/media/Screen Shot 04-30-15 at 07.02 PM.png.html?sort=3&o=0

Se sim . Já aconteceu comigo . Lógico que em uma atualização/versão antiga até então e em meu post/tópico teve a discussão de que não seria possível sendo diretamente no site da adobe .


Abraços


Bom dia Tmfeijo

Foi o que eu achei estranho.
Pois a última atualização automatica do adobe, que sempre baixei do próprio site, foi o único programa baixado no meu pc, antes de aparecer esse app.
Por isso, suponho que tenha sido ele a infectar meu computador
IsaGeorge
IsaGeorge Novo Membro Registrado
8 Mensagens 2 Curtidas
#10 Por IsaGeorge
04/05/2015 - 15:28
Prezado Caedu,

Segue os relatórios solicitados

ADWCLEANER


# AdwCleaner v4.203 - Relatório criado 04/05/2015 às 15:08:43

# Atualizado 30/04/2015 por Xplode

# Base de dados : 2015-05-02.1 [Servidor]

# Sistema operacional : Windows 7 Professional Service Pack 1 (x86)

# Usuário : Isuara - ISAURA-PC

# Executando de : C:\Users\Isuara\Desktop\adwcleaner_4.203.exe

# Opção : Limpar



***** [ Serviços ] *****



Serviço Excluído : iSafeKrnl

[#] Serviço Excluído : iSafeKrnlBoot

Serviço Excluído : iSafeKrnlKit

Serviço Excluído : iSafeKrnlMon

Serviço Excluído : iSafeKrnlR3

Serviço Excluído : iSafeNetFilter

[#] Serviço Excluído : iSafeService



***** [ Arquivos / Pastas ] *****



Pasta Excluído : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC

Pasta Excluído : C:\Program Files\Elex-tech

Pasta Excluído : C:\Users\Convidado\AppData\Roaming\Elex-tech

Pasta Excluído : C:\Users\Isuara\AppData\Roaming\eCyber

Pasta Excluído : C:\Users\Isuara\AppData\Roaming\Elex-tech

Pasta Excluído : C:\Users\Isuara\AppData\Roaming\Mozilla\Firefox\Profiles\f9v5k0er.default\Extensions\{607b689f-7600-45e4-b8e5-887f72dab15c}

Arquivo Excluído : C:\Windows\system32\drivers\iSafeKrnlBoot.sys

Arquivo Excluído : C:\Windows\system32\drivers\iSafeNetFilter.sys

Arquivo Excluído : C:\Users\Isuara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\YAC.lnk

Arquivo Excluído : C:\Program Files\Mozilla Firefox\defaults\pref\itms.js



***** [ Tarefas agendadas ] *****





***** [ Atalhos ] *****





***** [ Registro ] *****



Chave Apagado : HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\iSafeSvc2.exe

Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shell\iSafeRKScan

Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{5411D116-5A37-47D4-B154-5F7FCD9062F0}

Chave Apagado : HKLM\SOFTWARE\Elex-tech

Chave Apagado : HKU\.DEFAULT\Software\Elex-tech

Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe



***** [ Navegadores ] *****



-\\ Internet Explorer v11.0.9600.17728





-\\ Mozilla Firefox v36.0 (x86 pt-BR)





-\\ Google Chrome v





*************************



AdwCleaner[R0].txt - [2319 bytes] - [04/05/2015 15:03:46]

AdwCleaner[S0].txt - [2193 bytes] - [04/05/2015 15:08:43]



########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2252  bytes] ##########



<strong><em><span style="color:#ff0000">JTR</span></em></strong>

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.6.7 (04.30.2015:1)

OS: Windows 7 Professional x86

Ran by Isuara on 04/05/2015 at 15:18:35,00

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~









~~~ Services







~~~ Tasks







~~~ Registry Values







~~~ Registry Keys







~~~ Files







~~~ Folders











~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 04/05/2015 at 15:21:44,93

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ainda há o app no Google Chromes
caedurodrigues
caedurodrigu... Tô em todas Registrado
710 Mensagens 257 Curtidas
#11 Por caedurodrigu...
04/05/2015 - 17:21
Boa noite IsaGeorge,
  • Baixe:<dee34063e0aebc2b75fbd3b18cb7425azoek.exe> (...by Smeenk)
  • Salve na sua Desktop (Área de trabalho) !
  • Execute o arquivo Zoek.exe.
  • Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo Zoek.exe, depois clique em
    06b357286306fefd312a9f88ba39d1e6
  • Selecione as linhas em vermelho, clique com o direito sobre a seleção e escolha a opção copiar!

createsrpoint;
emptyclsid;
reset chrome;
chrdefaults;
shortcutfix;
autoclean;
emptyalltemp;
ipconfig /flushdns;b
emptyfolderscheck;delete

4f6efa8022d074e19ccf056a82db9aed
Clique com o direito em qualquer parte branca do Zoek e escolha a opção colar.
Clique 360993c3385d98b49fa5b9e507ab04cb, aguarde o scan. Ao final abrirá o bloco de notas com o relatório.
Uma cópia também será salva no seu disco local com o nome zoek-results.txt.
Anexe o zoek-results.txt na sua próxima resposta.

Um grande abraço. bom_trabalho.gif
IsaGeorge
IsaGeorge Novo Membro Registrado
8 Mensagens 2 Curtidas
#12 Por IsaGeorge
04/05/2015 - 19:33
Prezado Caedu,

Segue relatório

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Isuara on 04/05/2015 at 18:31:18,03.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Isuara\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

04/05/2015 18:37:04 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\Program Files\BlueStacks deleted successfully
C:\Program Files\Corel deleted successfully
C:\Program Files\GUME530.tmp deleted successfully
C:\Program Files\Nero deleted successfully
C:\Program Files\Real deleted successfully
C:\PROGRA~2\Installations deleted successfully
C:\PROGRA~2\Nokia deleted successfully
C:\Users\Isuara\AppData\Roaming\Nokia Suite deleted successfully
C:\Users\Isuara\AppData\Roaming\xcywu deleted successfully
C:\Users\Convidado\AppData\Local\VirtualStore deleted successfully
C:\Users\Isuara\AppData\Local\Codelines deleted successfully
C:\Users\Isuara\AppData\Local\Massive Media deleted successfully
C:\Users\Isuara\AppData\Local\MigWiz deleted successfully
C:\Users\Isuara\AppData\Local\Nokia deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C41A1C0E-EA6C-11D4-B1B8-444553540000} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{13B2AE15-856A-4B7B-9FED-422C1F8F2DE0} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1663D498-93D6-4843-8ED-4E8D9CE996A} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2A38AA1E-65A8-48CD-B024-F5D2CDA7024} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2BF63CD8-FA5E-41CC-ABDE-3983A966BC4} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3E0F3C6E-CE6E-444A-B117-D0D015CBDA5E} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4249990-ADE7-4F40-B512-7469D940F7} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4B72775F-FFD6-493E-AFD6-67EA339ED037} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4EB01A80-E765-4601-A2CB-40C648C59024} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56748CAF-3D55-4283-B9BD-A22896F18929} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56A443E3-B815-47E9-A61A-CD3837B751FA} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59207B83-DD6C-4171-B560-E2AF6766D4BB} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C14B1D6-C76A-438D-9499-9870BCA36C52} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5CAD5C40-CA63-4239-8EC6-438C6CB7620} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66A58CC3-1F79-46B4-AC17-F68763687CE8} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F5C36BD-EB51-4E32-BF3B-5CE2936F2A1A} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80FC0057-8130-43FB-9B8C-72A47711BB75} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A0591F8-FD4F-467C-BAE-59A58B5FDF4E} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFF2B05-F1E7-4C54-B67C-94C0F6E84BAE} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8C5923A-4DD5-4EC5-BB13-4EF63EE3C197} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CAA154E3-22FE-483E-9260-99F70F1261} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CB6895C4-680-43E1-B26F-9A187BC69F9} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD74AD99-378A-42E5-849A-7F1A7D58D2D7} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D01B9E40-8DA0-4D82-A6C1-C1AD1374FB4} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5F4BC0E-76BD-4881-9CD8-98387E6841E2} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D6C35989-B93D-4A79-9D5F-AE17AD4EC5F1} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D94808AB-81D4-4DAB-B78D-D3F0D9A7C9FE} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCD3AE1A-49C3-4490-913E-3044FD4EF434} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E959FF14-9DF9-4762-B67A-7BB6980E35E} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA40711-C0F0-4F78-822B-788FB3983625} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ED527201-50E0-4B59-A3AD-37E06C74769D} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDF4C708-E2D5-4124-967B-435F6A65BCDA} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4E39681-15F8-4fda-B8A3-B5C98378F2F3} deleted successfully
HKEY_USERS\S-1-5-21-450319107-1443454657-1460410450-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF83DDC9-3E89-420F-BEF0-FB2895EA3598} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C41A1C0E-EA6C-11D4-B1B8-444553540000} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\Isuara\AppData\Roaming\Mozilla\Firefox\Profiles\f9v5k0er.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_052015_1908_.backup

==== Batch Command(s) Run By Tool======================


==== Deleting Files \ Folders ======================

C:\Program Files\BlueStacks not found
C:\Program Files\Corel not found
C:\Program Files\GUME530.tmp not found
C:\Program Files\Nero not found
C:\Program Files\Real not found
C:\Program Files\Arquivos Comuns deleted
C:\Users\Isuara\.android deleted
C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-450319107-1443454657-1460410450-1000 deleted
C:\Users\Isuara\AppData\Roaming\Mozilla\Firefox\Profiles\f9v5k0er.default\mystarttb deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Isuara\AppData\Roaming\Mozilla\Firefox\Profiles\f9v5k0er.default
user_pref("browser.newtab.url", "about:newtab");
user_pref("browser.search.defaultengine", "Google (avast)");
user_pref("browser.search.defaultenginename", "Google (avast)");
user_pref("browser.search.selectedEngine", "Google (avast)");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"[email]wrc@avast.com[/email]"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [27/01/2015 09:05]

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Isuara\AppData\Roaming\Mozilla\Firefox\Profiles\f9v5k0er.default
0806948270D853B709CCBBF38AF167E4 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
9DF0C4F0CEF60158614EDD1B3AB441EE - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
49D429EBF5305FC9ADD7545B7C914333 - C:\Users\Isuara\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin
6BEAD7859E8A087BE04556AB5A78855C - C:\Users\Isuara\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer
3CD19649B2C3023D65E67C056457A2BC - C:\Users\Isuara\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
9E586E1E6BF071EE45DA280CCD797A2B - C:\Program Files\SkypeWebPlugin\3.1.15602.22612\npSkypeWebPlugin.dll - Skype Web Plugin
6897943E58D779D1C7CB74191931B1D5 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U60
7BF7103176DBFC80A31E275F7ED7918C - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.600.19
893BF7D2261C56C24F813405D9D018E0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In
8DA2ED6B04EA33F2EAE8BA883F903729 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dogdoihocdkadpalbghcpfafbojcfofa - No path found[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[22/12/2014 09:17]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
apdfllckaahabafndbhieahigkjlhalf - C:\Users\Isuara\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[11/05/2013 07:20]

Avast Online Security - Isuara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Skype Click to Call - Isuara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
MyStart One Click - Isuara\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\dogdoihocdkadpalbghcpfafbojcfofa
Avast Online Security - Isuara\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\gomekmidlodglbbmalcneegieacbdmki
Docs - Isuara\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\aohghmighlieiainnegkcijnfilokake
avast WebRep - Isuara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
Skype Click to Call - Isuara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
AdBlock - Isuara\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Avast Online Security - Isuara\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki
Angry Birds - Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj
Treasure Sprint - Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\efdenlkkjdodjbkbbmlnijiljofpadoi
Off Road Rally - Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\gbhibmbedajbmoojnalcbnjjhfgkgnec
EXAME.com para Chrome - Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\gjeomhheecfjcmhkncjhoedhchbahmpg
Bookmark Manager - Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\gmlllbghnfkpflemihljekbapjopfjik
Avast Online Security - Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\gomekmidlodglbbmalcneegieacbdmki
Desprotetor de Links - Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\imcbnnnoghiihopefblgehihofbfbmei
Vagalume - Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ipgcdnbeeiajinajlafjcdfhckglcopd
Chrome Hotword Shared Module - Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lccekmodgklaepjeofjdjpbminllajkg
GBBD Banco do Brasil - Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\mkeabchhfifpaaoefpockjhaphjmoapp
Bridge the Gap - Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nnabcmimfeppcngbeaffbdibagokamji
GBBD Caixa Economica Federal - Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi
Tarifa de Táxi - Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pbldopcdkcepddcophogapjebhfjbpfp
No BBB - Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pffipagakjgfndljjpkbdpoimojmgjca
Avast Online Security - Isuara\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\gomekmidlodglbbmalcneegieacbdmki
Avast Online Security - Isuara\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\gomekmidlodglbbmalcneegieacbdmki
Bookmark Manager - Isuara\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\gmlllbghnfkpflemihljekbapjopfjik
Avast Online Security - Isuara\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\gomekmidlodglbbmalcneegieacbdmki
Chrome Hotword Shared Module - Isuara\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\lccekmodgklaepjeofjdjpbminllajkg

==== Chromium Startpages ======================

C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 10\Preferences
"startup_urls": [ "http://www.facebook.com/", "https://www.blogger.com/" ]

C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 3\Preferences
"startup_urls": [ "https://www.google.com.br/", "http://www.outlook.com/", "http://www.facebook.com/" ]

C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Preferences
"homepage": "http://www.google.com.br/",
"startup_urls": [ "https://www.facebook.com/", "http://www.outlook.com/", "https://www.google.com.br/", "https://zeropaper.com.br/users/sign_in", "https://web.whatsapp.com/" ]

C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 7\Preferences
"startup_urls": [ "https://www.facebook.com/", "http://www.gmail.com.br/" ]

C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 8\Preferences
"homepage": "http://www.mystart.com/?pr=manycam&id=manycam_ot&v=4_0&ent=hp_5276&src=5276",
"homepage": "http://www.mystart.com/?pr=manycam&id=manycam_ot&v=4_0&ent=hp_5276&src=5276",
"startup_urls": ["http://www.mystart.com/?pr=manycam&id=manycam_ot&v=4_0&ent=hp_5276&src=5276"],
"startup_urls": ["http://www.mystart.com/?pr=manycam&id=manycam_ot&v=4_0&ent=hp_5276&src=5276"],

C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 9\Preferences
"startup_urls": [ "http://www.gmail.com/", "http://www.outlook.com/", "http://www.facebook.com/", "https://www.blogger.com/", "http://www.conselhosesotericos.com.br/", "http://www.sensitivosnaweb.com.br/", "http://www.vibracaodoamor.com.br/" ]


==== Chromium Fix ======================

C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\dogdoihocdkadpalbghcpfafbojcfofa deleted successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 10\Local Extension Settings\dogdoihocdkadpalbghcpfafbojcfofa deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Search Bar"="http://www.bing.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 10\Preferences was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 10\Preferences.bak was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 10\Secure Preferences was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 11\Preferences was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 11\Secure Preferences was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 3\Preferences was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 3\Preferences.bad was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 3\Preferences.bak was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 3\Secure Preferences was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Preferences was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Preferences.bad was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Preferences.bak was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Secure Preferences was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 7\Preferences was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 7\Preferences.bad was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 7\Preferences.bak was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 7\Secure Preferences was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 8\Preferences was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 8\Preferences.bak was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 8\Secure Preferences was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 9\Preferences was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 9\Preferences.bak was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 9\Secure Preferences was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 10\Web Data was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 11\Web Data was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 3\Web Data was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Web Data was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Web Data-journal was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 7\Web Data was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 8\Web Data was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 9\Web Data was reset successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 9\Web Data-journal was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Convidado\Desktop\Folha de Pagamento.LNK - D:\topsoft\folha\fpw.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk - C:\Program Files\TeamViewer\Version9\TeamViewer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake\Freemake Video Downloader.lnk - C:\Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Docs.lnk - C:\Program Files\Google\Drive\googledrivesync.exe --new_document
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk - C:\Program Files\Google\Drive\googledrivesync.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Sheets.lnk - C:\Program Files\Google\Drive\googledrivesync.exe --new_spreadsheet
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Slides.lnk - C:\Program Files\Google\Drive\googledrivesync.exe --new_presentation
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Buscar Meu iPhone.lnk - C:\Program Files\Common Files\Apple\Internet Services\iCloudWeb.exe find
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Calendário.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Contatos.lnk - C:\Program Files\Common Files\Apple\Internet Services\iCloudWeb.exe contacts
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Fotos do iCloud.lnk - C:\Program Files\Common Files\Apple\Internet Services\ShellStreamsShortcut.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud para Windows.lnk - C:\Program Files\Common Files\Apple\Internet Services\iCloud.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Lembretes.lnk - C:\Program Files\Common Files\Apple\Internet Services\iCloudWeb.exe reminders
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Mail.lnk - C:\Program Files\Common Files\Apple\Internet Services\iCloudWeb.exe mail
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Notas.lnk - C:\Program Files\Common Files\Apple\Internet Services\iCloudWeb.exe notes
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk - C:\Program Files\iTunes\iTunes.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Sobre o iTunes.lnk - C:\Program Files\iTunes\iTunes.Resources\pt.lproj\About iTunes.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jimbo v2\Jimbo.lnk - C:\Program Files\Meu Bolso em Dia\Jimbo\Jimbo.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Desinstalar o QuickTime.lnk - C:\Windows\System32\msiexec.exe /i {3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E} /qf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk - C:\Windows\Installer\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}\QTPlayer.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Sobre o QuickTime.lnk - C:\Windows\Installer\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}\RichText.ico

==== shortcuts in Quick Launch ======================

C:\Users\Convidado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Convidado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Convidado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Convidado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Convidado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dogdoihocdkadpalbghcpfafbojcfofa deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\TVWiz deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Isuara\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4EH1IXFH will be deleted at reboot
C:\Users\Isuara\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CRRPQWX0 will be deleted at reboot
C:\Users\Isuara\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ROO7O4MN will be deleted at reboot
C:\Users\Isuara\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U59EEZEO will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 10\Cache emptied successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 11\Cache emptied successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 3\Cache emptied successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 6\Cache emptied successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 7\Cache emptied successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 8\Cache emptied successfully
C:\Users\Isuara\AppData\Local\Google\Chrome\User Data\Profile 9\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=118 folders=16 11201299 bytes)

==== Empty Temp Folders ======================

C:\Users\Convidado\AppData\Local\Temp emptied successfully
C:\Users\Isuara\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Isuara\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Isuara\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4EH1IXFH" not found
"C:\Users\Isuara\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CRRPQWX0" not found
"C:\Users\Isuara\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ROO7O4MN" not found
"C:\Users\Isuara\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U59EEZEO" not found

==== EOF on 04/05/2015 at 19:26:44,49 ======================
caedurodrigues
caedurodrigu... Tô em todas Registrado
710 Mensagens 257 Curtidas
#13 Por caedurodrigu...
04/05/2015 - 21:46
Boa noite IsaGeorge, informe como está o PC.
  • Baixe: <ZHPDiag ><5fae498c5cd6c951142509fbc9efda13> ( ...Nicolas Coolman)
  • Salve-o no Disco local (C ou D).
  • Desabilite seu antivírus, e execute ZHPDiag.exe para instalar.
    e0baac1fc96e2b6998362b4e757228c9
  • Execute o ícone do pergaminho!
    c314df665282787371c8775d6c3c05fe
  • Clique na opção "COMPLETA" e aguarde a conclusão.
  • Clique OK e,ao concluir, poste o relatório! ( ZHPDiag.txt )
  • Obs: O relatório por ser extenso deve ser postado em um desses sites:
  • Acesse: <b7cb62cfb007715d3990c0ffc7a9f4ee>
  • Ou acesse:<317c011bca045ff7fc0b26f3766d4d22>
  • Maiores informações:<Link> << Hospedagem !


Um grande abraço.
Responder Tópico
© 1999-2024 Hardware.com.br. Todos os direitos reservados.
Imagem do Modal