Logo Hardware.com.br
joram
joram Highlander Registrado
5.4K Mensagens 2.5K Curtidas
#2 Por joram
29/09/2017 - 21:15
/_ Boa Noite! zGantz _\
Imagem

Imagem
https://www.hardware.com.br/comunidade/v-t/1226830/

Siga as recomendações oficiais deste Tópico e poste: FRST.txt + Addition.txt
Disponibilize os relatórios em Cjoint.com ou utilize spoiler,cuja instrução está ao final daquela página.
Outra opçãohospedar os relatórios em Hébergement de fichiers, Security-x.fr.

[Abs]
Moderador - iMasters Fóruns - Segurança & Malwares
Administrador - Fórum SecSecurity
Administrador - Fórum PC Brasil
zGantz
zGantz Novo Membro Registrado
3 Mensagens 0 Curtidas
#3 Por zGantz
29/09/2017 - 21:45
joram disse:
/_ Boa Noite! zGantz _\
Imagem

Imagem

Siga as recomendações oficiais deste Tópico e poste: FRST.txt + Addition.txt
Disponibilize os relatórios em Cjoint.com ou utilize spoiler,cuja instrução está ao final daquela página.
Outra opçãohospedar os relatórios em Hébergement de fichiers, Security-x.fr.

[Abs]


FRST.txt ------ http://www.cjoint.com/c/GIEaR6IGqIG
Addition.txt ----http://www.cjoint.com/c/GIEaThMdTfG
joram
joram Highlander Registrado
5.4K Mensagens 2.5K Curtidas
#4 Por joram
29/09/2017 - 23:20
/_ Boa Noite! zGantz _\

> Desinstale: BrowserDefender (HKLM-x32\...\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}) (Version: - Bit89 Inc)

> Copie estas informações que estão no Spoiler,para o Bloco de Notas.
> Salve-as com o nome fixlist. << Texto ou Unicode,caso solicite!
> Salve-as ao desktop! ( Área de trabalho ... )

"fixlist"
Start
CloseProcesses:
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\...\MountPoints2: {026f5b6a-d114-11e2-beda-eca86bb2c9ad} - "F:\AutoRun.exe" "motorola.html"
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\...\MountPoints2: {270de048-d3ef-11e4-81d1-eca86bb2c9ad} - "F:\setup.exe"
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\...\MountPoints2: {36e33d8d-8f75-11e4-8194-eca86bb2c9ad} - "D:\autorun.exe"
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\...\MountPoints2: {4c375b28-7b07-11e3-8251-eca86bb2c9ad} - "F:\setup.exe"
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\...\MountPoints2: {9e6cb0cb-c761-11e3-8089-eca86bb2c9ad} - "E:\LGAutoRun.exe"
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => Nenhum Arquivo
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => Nenhum Arquivo
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll -> Nenhum Arquivo
GroupPolicy: Restrição - Chrome <==== ATENÇÃO
GroupPolicyUsers\S-1-5-21-3732197090-2549513608-2655625776-1002\User: Restrição <==== ATENÇÃO
GroupPolicyUsers\S-1-5-21-3732197090-2549513608-2655625776-1001\User: Restrição <==== ATENÇÃO
ProxyEnable: [.DEFAULT] => Proxy está habilitado.
ProxyServer: [.DEFAULT] => http=127.0.0.1:58261;https=127.0.0.1:58261
ProxyEnable: [S-1-5-21-3732197090-2549513608-2655625776-1001] => Proxy está habilitado.
ProxyServer: [S-1-5-21-3732197090-2549513608-2655625776-1001] => http=127.0.0.1:8080;https=127.0.0.1:8080
Winsock: Catalog5 01 C:\ProgramData\Windows\System32\Mswapi32.dll => Nenhum Arquivo
Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\sslsp105.dll [73984 2015-07-13] (SumRando)
Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\sslsp105.dll [73984 2015-07-13] (SumRando)
Winsock: Catalog9 13 C:\WINDOWS\SysWOW64\sslsp105.dll [73984 2015-07-13] (SumRando)
Winsock: Catalog5-x64 01 C:\ProgramData\Windows\System32\Mswapi64.dll [3302400 2017-07-18] ()
Winsock: Catalog9-x64 01 C:\WINDOWS\system32\sslsp105.dll [75520 2015-07-13] (SumRando)
Winsock: Catalog9-x64 02 C:\WINDOWS\system32\sslsp105.dll [75520 2015-07-13] (SumRando)
Winsock: Catalog9-x64 13 C:\WINDOWS\system32\sslsp105.dll [75520 2015-07-13] (SumRando)
ManualProxies: 1http=127.0.0.1:8080;https=127.0.0.1:8080
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.top8844.com?oem=top8844&uid=S2A8V6P1_ST500DM002-1BD142&tm=1449944017
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.top8844.com?oem=top8844&uid=S2A8V6P1_ST500DM002-1BD142&tm=1449944017
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1435714507&z=a5371985838014af282c9bagaz0cdwfmagfz3b9w4g&from=cornl&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.top8844.com?oem=top8844&uid=S2A8V6P1_ST500DM002-1BD142&tm=1449944017
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1435714507&z=a5371985838014af282c9bagaz0cdwfmagfz3b9w4g&from=cornl&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.123rede.com?oem=mbtkv5&uid=S2A8V6P1_ST500DM002-1BD142&tm=1468481232
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = www.123rede.com?oem=mbtkv5&uid=S2A8V6P1_ST500DM002-1BD142&tm=1468481232
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=119556&babsrc=HP_ss&mntrId=2252ECA86BB2C9AD
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM-x32 - (Sem Nome) - {e0301295-ab3e-4af3-979f-3d453c5f9f48} - Nenhum Arquivo
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1435714507&z=a5371985838014af282c9bagaz0cdwfmagfz3b9w4g&from=cornl&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&q={searchTerms}
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1435714507&z=a5371985838014af282c9bagaz0cdwfmagfz3b9w4g&from=cornl&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&q={searchTerms}
SearchScopes: HKLM -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.searchult.com/?bd=ds&oem=Somo&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&version=2.2.0.7859&pid=414031160&tid=329&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1435714507&z=a5371985838014af282c9bagaz0cdwfmagfz3b9w4g&from=cornl&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&q={searchTerms}
SearchScopes: HKLM-x32 -> {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = hxxp://search.speedbit.com/search.aspx?s=D9Ne105&q={searchTerms}
SearchScopes: HKLM-x32 -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.searchult.com/?bd=ds&oem=Somo&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&version=2.2.0.7859&pid=414031160&tid=329&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?pr=vmn&id=toolbarcleaner_ot&v=2_0&ent=ch_5146&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=2252ECA86BB2C9AD&affID=119821&tsp=4948
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_ir_14_50_ch&cd=2XzuyEtN2Y1L1Qzu0E0C0AzzyC0B0BtB0Czy0A0D0FtBtDtCtN0D0Tzu0SzyyDtAtN1L2XzutBtFtBtCtFtCzztFyBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyDyDyE0B0EyCyB0FtGtDtB0A0AtGyEzy0EtAtGtA0CyEzztGyC0AtDtA0E0A0C0D0B0BtB0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0AtDyByCtBtA0BtGyCyDyDyBtG0A0FzztAtGyEyBtAtAtGyBtDtDtC0CtD0Czy0D0BzztD2Q&cr=2011952802&ir=
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1435714507&z=a5371985838014af282c9bagaz0cdwfmagfz3b9w4g&from=cornl&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?pr=vmn&id=toolbarcleaner_ot&v=2_0&ent=ch_5146&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {78D20564-C350-454B-B525-072680AC9B52} URL =
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = hxxp://search.speedbit.com/search.aspx?s=D9Ne105&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {B791756F-CBFD-4B92-A735-A8BBCCC53B8A} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_ir_14_50_ch&cd=2XzuyEtN2Y1L1Qzu0E0C0AzzyC0B0BtB0Czy0A0D0FtBtDtCtN0D0Tzu0SzyyDtAtN1L2XzutBtFtBtCtFtCzztFyEtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StByD0DzyyEtByB0BtGyC0E0C0CtGtByBtCyCtGtB0EyB0FtGtDtC0D0AtA0DtDzyzytBtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0AtDyByCtBtA0BtGyCyDyDyBtG0A0FzztAtGyEyBtAtAtGyBtDtDtC0CtD0Czy0D0BzztD2Q&cr=1251716020&ir=
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {DBCCBCB1-05D0-4ECB-8A8D-5618B7B31D5D} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=pt_BR&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^BR&apn_uid=A0D88606-1D42-4AAD-8335-D5FC8FCDF786&apn_sauid=E62B3AF9-AEAD-44A5-837F-71279CBA5D02
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.searchult.com/?bd=ds&oem=Somo&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&version=2.2.0.7859&pid=414031160&tid=329&q={searchTerms}
BHO-x32: Sem Nome -> {2f3dc1cf-3023-4906-9b17-c022e853c2d8} -> Nenhum Arquivo
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-26] (Oracle Corporation)
Toolbar: HKLM - Sem Nome - {ae07101b-46d4-4a98-af68-0333ea26e113} - Nenhum Arquivo
Toolbar: HKLM - Sem Nome - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - Nenhum Arquivo
Toolbar: HKLM-x32 - Sem Nome - {ae07101b-46d4-4a98-af68-0333ea26e113} - Nenhum Arquivo
Toolbar: HKLM-x32 - Sem Nome - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - Nenhum Arquivo
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Nenhum Arquivo
R2 WinNetSvc; C:\Users\patrick joão\AppData\Roaming\WinNetSvc\WinNetSvc.exe [4845408 2015-12-16] () <==== ATENÇÃO
R2 WMPNetworkAcSvc; C:\Users\patrick joão\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe [3879373 2017-09-13] () [Arquivo não assinado] <==== ATENÇÃO
S2 GbpSv; C:\PROGRA~2\GbPlugin\GbpSv.exe [X]
S4 hshld; "C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe" [X]
S2 Util Clock Hand; "C:\Program Files (x86)\Clock Hand\bin\utilClockHand.exe" [X]
S3 AFTrafMgr1.2; \??\C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_2_64.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S3 GBPRCM; \??\C:\Program Files (x86)\GbPlugin\gbprcm64.sys [X]
S3 mwars; \??\C:\Game\SoftnyxGame\MicroWarsPS\bin\avital\mwars64.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
S3 Warsaw_PP; \??\C:\PROGRA~2\GbPlugin\wsftprp64.sys [X]
S3 X6va016; \??\C:\WINDOWS\SysWOW64\Drivers\X6va016 [X]
S3 X6va017; \??\C:\WINDOWS\SysWOW64\Drivers\X6va017 [X]
S3 X6va022; \??\C:\WINDOWS\SysWOW64\Drivers\X6va022 [X]
S3 X6va027; \??\C:\WINDOWS\SysWOW64\Drivers\X6va027 [X]
S3 X6va028; \??\C:\WINDOWS\SysWOW64\Drivers\X6va028 [X]
S3 X6va029; \??\C:\WINDOWS\SysWOW64\Drivers\X6va029 [X]
S3 xhunter1; \??\C:\WINDOWS\xhunter1.sys [X]
2015-12-17 16:14 - 2015-12-16 06:21 - 004845408 _____ () C:\Users\patrick joão\AppData\Roaming\WinNetSvc\WinNetSvc.exe
2016-03-19 15:45 - 2017-09-13 11:47 - 003879373 _____ () C:\Users\patrick joão\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe
2015-07-12 15:58 - 2015-06-12 07:58 - 000173848 _____ () C:\Users\patrick joão\AppData\Roaming\NetService\netservice.exe
2017-09-29 21:07 - 2017-09-29 21:07 - 000001353 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2017-09-29 21:07 - 2017-09-29 21:07 - 000001341 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2017-09-29 21:07 - 2017-09-29 21:07 - 000000000 ____D C:\Users\Todos os Usuários\ProductData
2017-09-29 21:07 - 2017-09-29 21:07 - 000000000 ____D C:\Users\patrick joão\AppData\LocalLow\IObit
2017-09-29 21:07 - 2017-09-29 21:07 - 000000000 ____D C:\ProgramData\ProductData
2017-09-29 21:07 - 2017-09-29 21:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2017-09-29 21:07 - 2017-09-29 21:07 - 000000000 ____D C:\Program Files (x86)\IObit
2017-09-29 21:06 - 2017-09-29 21:09 - 000000000 ____D C:\Users\patrick joão\AppData\Roaming\IObit
2017-09-29 21:06 - 2017-09-29 21:07 - 000000000 ____D C:\Users\Todos os Usuários\IObit
2017-09-29 21:06 - 2017-09-29 21:07 - 000000000 ____D C:\ProgramData\IObit
2017-09-29 21:06 - 2017-09-29 21:06 - 014582384 _____ (IObit ) C:\Users\patrick joão\Downloads\iobituninstaller.exe
2017-09-29 20:38 - 2017-09-29 21:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toolbar Cleaner
2017-09-29 20:38 - 2017-09-29 20:38 - 001139568 _____ (Visicom Media Inc.) C:\Users\patrick joão\Downloads\ToolbarCleaner_softonic_2.0.0.10.exe
2017-09-29 20:34 - 2017-09-29 20:34 - 000276372 _____ C:\Users\patrick joão\Downloads\ASKRemover.zip
2017-09-29 20:34 - 2017-09-29 20:34 - 000276372 _____ C:\Users\patrick joão\Downloads\ASKRemover (1).zip
2017-09-29 20:33 - 2017-09-29 20:33 - 000276372 _____ C:\Users\patrick joão\Downloads\ASK-Remover.zip
2017-09-29 20:19 - 2017-09-29 20:19 - 000388608 _____ (Trend Micro Inc.) C:\Users\patrick joão\Downloads\HijackThis.exe
2017-09-29 20:16 - 2017-09-29 20:16 - 006685392 _____ (Glarysoft Ltd ) C:\Users\patrick joão\Downloads\gusetup_slim.exe
2017-09-29 19:53 - 2017-09-29 19:53 - 002178872 _____ (Reason Software Company Inc.) C:\Users\patrick joão\Downloads\ShouldIRemoveIt_Setup.exe
2017-08-02 00:27 - 2017-08-02 00:31 - 000000000 ____D C:\AdwCleaner
2017-07-19 04:06 - 2017-07-19 04:06 - 000000000 ____D C:\WINDOWS\system32\tmp
2017-07-19 04:06 - 2017-07-19 04:06 - 000000000 ____D C:\Users\Todos os Usuários\Windows
2017-07-19 04:06 - 2017-07-19 04:06 - 000000000 ____D C:\ProgramData\Windows
2017-09-29 21:30 - 2014-05-15 23:30 - 000001338 _____ C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-7.job
2017-09-29 21:30 - 2014-05-15 23:30 - 000001338 _____ C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-7.job
2017-09-29 21:24 - 2015-07-16 19:24 - 000005522 _____ C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-6.job
2017-09-29 21:24 - 2015-07-16 19:24 - 000003142 _____ C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-6.job
2017-09-29 21:20 - 2016-05-11 21:26 - 000000034 _____ C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE}
2017-09-29 21:20 - 2015-07-16 19:24 - 000005522 _____ C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-7.job
2017-09-29 21:20 - 2015-07-16 19:24 - 000004498 _____ C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-3.job
2017-09-29 21:20 - 2015-07-16 19:24 - 000003478 _____ C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-7.job
2017-09-29 21:20 - 2015-07-16 19:24 - 000002450 _____ C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-5.job
2017-09-29 21:20 - 2015-07-16 19:22 - 000001076 _____ C:\WINDOWS\Tasks\Crossbrowse.job
2017-09-29 21:20 - 2014-05-15 23:31 - 000001488 _____ C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-5.job
2017-09-29 21:20 - 2014-05-15 23:31 - 000001394 _____ C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-2.job
2017-09-29 21:20 - 2014-05-15 23:30 - 000003470 _____ C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-3.job
2017-09-29 21:20 - 2014-05-15 23:30 - 000002154 _____ C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-4.job
2017-09-29 20:23 - 2017-04-02 13:33 - 000000000 ____D C:\Users\patrick joão\AppData\LocalLow\Mozilla
2017-09-26 05:47 - 2016-03-19 15:45 - 000000000 ____D C:\Users\patrick joão\AppData\Roaming\WMPNetworkAcSvc
2017-08-19 22:28 - 2017-08-20 14:33 - 000000000 _____ () C:\Users\patrick joão\AppData\Local\Temp\3fc1552ba19ee3472398342b0fadfa41.dll
2017-08-19 22:29 - 2017-08-20 13:17 - 000000088 _____ () C:\Users\patrick joão\AppData\Local\Temp\8b8068ce81224a13f5a56acd0ae43ef0.dll
2017-09-07 21:29 - 2017-08-16 08:31 - 000838200 _____ (BlueStack Systems, Inc.) C:\Users\patrick joão\AppData\Local\Temp\BlueStacksClientUninstaller.exe
2017-03-19 01:32 - 2016-06-14 08:27 - 000945688 _____ (BlueStack Systems, Inc.) C:\Users\patrick joão\AppData\Local\Temp\BluestacksUninstaller.exe
2017-03-19 01:32 - 2016-06-14 08:26 - 000187416 _____ (BlueStack Systems) C:\Users\patrick joão\AppData\Local\Temp\HD-LibraryHandler.dll
2017-03-19 01:32 - 2016-06-14 08:24 - 000246808 _____ (BlueStack Systems) C:\Users\patrick joão\AppData\Local\Temp\HD-Logger-Native.dll
2017-03-29 20:17 - 2017-07-11 21:08 - 000037376 _____ (Microsoft) C:\Users\patrick joão\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
2017-03-29 20:17 - 2017-07-11 14:16 - 000020480 _____ (Microsoft) C:\Users\patrick joão\AppData\Local\Temp\HiRezLauncherControls.dll
2017-09-07 21:29 - 2017-08-16 08:30 - 000421400 _____ (CodeTitans) C:\Users\patrick joão\AppData\Local\Temp\JSON.dll
2014-10-27 19:11 - 2014-10-27 19:11 - 000000020 _____ () C:\ProgramData\bc.ini
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAWFP => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service"
CustomCLSID: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\patrick joão\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\patrick joão\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll => Nenhum Arquivo
ContextMenuHandlers1-x32: [Proc] -> {C7BB73F2-CAD9-4130-B233-FF1651FD0453} => C:\Users\patrick joão\AppData\Roaming\Macwebtoise\RtMenu64.dll -> Nenhum Arquivo
ContextMenuHandlers4: [Proc] -> {C7BB73F2-CAD9-4130-B233-FF1651FD0453} => C:\Users\patrick joão\AppData\Roaming\Macwebtoise\RtMenu64.dll -> Nenhum Arquivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll -> Nenhum Arquivo
ContextMenuHandlers6: [Proc] -> {C7BB73F2-CAD9-4130-B233-FF1651FD0453} => C:\Users\patrick joão\AppData\Roaming\Macwebtoise\RtMenu64.dll -> Nenhum Arquivo
Task: {05419AF4-5628-4BC3-A2E5-A590070EDC96} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-23] (Adobe Systems Incorporated)
Task: {0DFF5FE9-A69B-4EC7-96C5-C2F960D39E18} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATENÇÃO
Task: {1567AAFC-BAA7-45A5-B444-136C5EDFB28B} - System32\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-5 => C:\Program Files (x86)\MPlayerplus\b831afd9-f083-41b9-9e89-e4a308fff6ee-5.exe <==== ATENÇÃO
Task: {199E2023-B524-451B-A62F-CFD0610D50F5} - System32\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-3 => C:\Program Files (x86)\MPlayerplus\b831afd9-f083-41b9-9e89-e4a308fff6ee-3.exe <==== ATENÇÃO
Task: {366F1AAF-B855-40DD-B6BB-FBFBF417D8E4} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATENÇÃO
Task: {3A2C5204-7694-421E-BE20-59B7B6AA0B8C} - System32\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-2 => C:\Program Files (x86)\MPlayerplus\b831afd9-f083-41b9-9e89-e4a308fff6ee-2.exe <==== ATENÇÃO
Task: {3E5F3878-865D-4B4A-94BA-20912649DBB7} - System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-6 => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-6.exe <==== ATENÇÃO
Task: {647FA3AD-046A-4E81-A913-060B00ED5148} - System32\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-4 => C:\Program Files (x86)\MPlayerplus\b831afd9-f083-41b9-9e89-e4a308fff6ee-4.exe <==== ATENÇÃO
Task: {6550ED6E-F324-4BA3-AA4E-94D7669D7777} - System32\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-7 => C:\Program Files (x86)\MPlayerplus\MPlayerplus-nova.exe <==== ATENÇÃO
Task: {65EFC672-EE1B-4F1E-A68F-2310D6B79F01} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe [2014-11-08] () <==== ATENÇÃO
Task: {68F13B54-849C-4101-8575-B010C2E24661} - System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-3 => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-3.exe <==== ATENÇÃO
Task: {74E1E4A2-233D-4BAE-9909-88B1A15CD1F1} - \Torntv V9.0-chromeinstaller -> Nenhum Arquivo <==== ATENÇÃO
Task: {7858CC45-DDAD-4B4A-874E-F8DED4AAE7B5} - \FF Watcher {BF6D65E5-A203-4925-82DC-C8F6FD699017} -> Nenhum Arquivo <==== ATENÇÃO
Task: {8FD71AD6-D75F-4121-9C29-407A4E9B1EA9} - System32\Tasks\Torntv V9.0-firefoxinstaller => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-firefoxinstaller.exe <==== ATENÇÃO
Task: {93264FEA-A7DD-47F1-9BA7-345D311B0F8C} - System32\Tasks\RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATENÇÃO
Task: {A1E2FFAF-E017-410D-8EB3-3FCEC860E734} - System32\Tasks\Torntv V9.0-enabler => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-enabler.exe <==== ATENÇÃO
Task: {ADD92FF1-9A23-48FF-A4EC-2A3C5FE9E963} - System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-7 => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-7.exe <==== ATENÇÃO
Task: {C9A99E53-D6F0-4F24-B481-298C0E349B4A} - System32\Tasks\Torntv V9.0-codedownloader => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe <==== ATENÇÃO
Task: {CE7774E8-5E9C-47D2-99E7-F45A9EB1FB64} - System32\Tasks\Crossbrowse => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATENÇÃO
Task: {D6E61B1F-9EA2-4F3B-9C9C-1F34332D0019} - System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-6 => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-1-6.exe <==== ATENÇÃO
Task: {DFE42A13-DFF0-45FD-81B9-FC091BDAE3AD} - System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-5 => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-5.exe <==== ATENÇÃO
Task: {EA80D57B-1A71-4EDD-90CA-F85077864A76} - System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-7 => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-1-7.exe <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-6.job => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-1-6.exe <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-7.job => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-1-7.exe <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-3.job => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-3.exe <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-5.job => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-5.exe <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-5_user.job => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-5.exe <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-6.job => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-6.exe <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-7.job => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-7.exe <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-2.job => C:\Program Files (x86)\MPlayerplus\b831afd9-f083-41b9-9e89-e4a308fff6ee-2.exeǼ/mIran /BYxMwWzYg='MPlayerplus' /coTKHobdB=54246 /DZplfh='001359' /jAgokY='verticals-' /aqsCYInz='0' /QvowIm=DA0FA4D3576A42F789CE7CC0B9262DADIE /LdvCklKu=2c48bb493f9c9b155bd1a28d789faaaa /zMmvTh=1_34_05_12 /riwWGQWc=1400207430 /TcABGD=hxxp:/stats.clientstaticserv.com /tjOHk=hxxp:/errors.clientstaticserv.com /TMbDCIRQD=11111111-1111-1111-1111-110511421146 /dCPROoz=ch /sWlrClT /TWnVgGC /KqoIuK='hxxp:/update.clientstaticserv.com/ie_enable_agent_updates/{CAMP_ID}/update.jso <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-3.job => C:\Program Files (x86)\MPlayerplus\b831afd9-f083-41b9-9e89-e4a308fff6ee-3.exe <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-4.job => C:\Program Files (x86)\MPlayerplus\b831afd9-f083-41b9-9e89-e4a308fff6ee-4.exe͸/gxnMr /BYxMwWzYg='MPlayerplus' /OnCYBX C:\Program Files (x86)\MPlayerplus\54246.xpi' /coTKHobdB=54246 /DZplfh='001359' /jAgokY='verticals-' /aqsCYInz='0' /QvowIm=DA0FA4D3576A42F789CE7CC0B9262DADIE /LdvCklKu=2c48bb493f9c9b155bd1a28d789faaaa /zMmvTh=1_34_05_12 /GXJXhesx=1.34.5.12 /riwWGQWc=1400207430 /TcABGD=hxxp:/stats.clientstaticserv.com /tjOHk=hxxp:/errors.clientstaticserv.com /DRCRnNaYq=300 /uAgoIVWrU=[email]a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com[/email] /rbDDiaRe=0.94 /PZoYRTVtd=aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246 /JgtPO=hxxps:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/54246.rdf /ofeZNuQd='MPlayerplus' /HZMMarMDh='MediaPlayerEnhance Extension' /JkYPH='Freeven' /dCPROoz=ch /TWnVgGC /TgEEmM /wsCYsgo /KqoIuK='hxxp:/update.clientstaticserv.com/ff_agent_updates/{CAMP_ID}/update.jso <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-5.job => C:\Program Files (x86)\MPlayerplus\b831afd9-f083-41b9-9e89-e4a308fff6ee-5.exeȫ/sgcdrZs /BYxMwWzYg='MPlayerplus' /coTKHobdB=54246 /DZplfh='001359' /jAgokY='verticals-' /aqsCYInz='0' /QvowIm=DA0FA4D3576A42F789CE7CC0B9262DADIE /LdvCklKu=2c48bb493f9c9b155bd1a28d789faaaa /zMmvTh=1_34_05_12 /riwWGQWc=1400207430 /TcABGD=hxxp:/stats.clientstaticserv.com /tjOHk=hxxp:/errors.clientstaticserv.com /Tapnm=hxxp:/ipgeoapi.com/ /lGbhwLimb=hxxp:/update.clientstaticserv.com /NqrNpc=2 /sZgvie=hxxp:/logs.clientstaticserv.com /KqoIuK='hxxp:/update.clientstaticserv.com/updater_agent_updates/{CAMP_ID}/update.jso <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-7.job => C:\Program Files (x86)\MPlayerplus\MPlayerplus-nova.exeǶ/BYxMwWzYg='MPlayerplus' /coTKHobdB=54246 /DZplfh='001359' /jAgokY='verticals-' /aqsCYInz='0' /QvowIm=DA0FA4D3576A42F789CE7CC0B9262DADIE /LdvCklKu=2c48bb493f9c9b155bd1a28d789faaaa /zMmvTh=1_34_05_12 /GXJXhesx=1.34.5.12 /riwWGQWc=1400207430 /TcABGD=hxxp:/stats.clientstaticserv.com /tjOHk=hxxp:/errors.clientstaticserv.com /KQxGan=hxxp:/js.clientstaticserv.com /dCPROoz=ch /NLNIUrr /bxakhW='nova' /KqoIuK='hxxp:/update.clientstaticserv.com/novarun/{CAMP_ID}/update.jso <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\Crossbrowse.job => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\EyYD2Icv3p8nDGonphE1.job => C:\Users\patrick joo\AppData\Roaming\EyYD2Icv3p8nDGonphE1.exe <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\FF Watcher {BF6D65E5-A203-4925-82DC-C8F6FD699017}.job => C:\Program Files\Playzy\PrefHelper.exe <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\Norton Security Scan for patrick joão.job => C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe
Task: C:\WINDOWS\Tasks\OXuXcmDnUryvQraERDoHBaz.job => C:\Users\patrick joo\AppData\Roaming\OXuXcmDnUryvQraERDoHBaz.exe <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\Torntv V9.0-chromeinstaller.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-chromeinstaller.exe <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\Torntv V9.0-codedownloader.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exeȮ/reinstallapp /runfrom=task /agentregpath='Torntv V9.0' /appid=51390 /srcid='001062' /subid='0' /zdata='0' /bic=DA0FA4D3576A42F789CE7CC0B9262DADIE /verifier=2c48bb493f9c9b155bd1a28d789faaaa /installerversion=1_34_3_6 /installerfullversion=1.34.3.6 /installationtime=1396119348 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /codedownloaddomain=hxxp:/cr.install-daddy.com /defbro=ch /allusers /autoupdateulr='hxxp:/update.srvstatsdata.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\Torntv V9.0-enabler.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-enabler.exeǾ/enablebho /agentregpath='Torntv V9.0' /appid=51390 /srcid='001062' /subid='0' /zdata='0' /bic=DA0FA4D3576A42F789CE7CC0B9262DADIE /verifier=2c48bb493f9c9b155bd1a28d789faaaa /installerversion=1_34_3_6 /installationtime=1396119348 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /bhoguid=11111111-1111-1111-1111-110511131190 /defbro=ch /allusers /autoupdateulr='hxxp:/update.srvstatsdata.com/ie_enable_agent_updates/{CAMP_ID}/update.jso <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\Torntv V9.0-firefoxinstaller.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-firefoxinstaller.exeВ/installxpi /agentregpath='Torntv V9.0' /extensionfilepath C:\Program Files (x86)\Torntv V9.0\51390.xpi' /appid=51390 /srcid='001062' /subid='0' /zdata='0' /bic=DA0FA4D3576A42F789CE7CC0B9262DADIE /verifier=2c48bb493f9c9b155bd1a28d789faaaa /installerversion=1_34_3_6 /installerfullversion=1.34.3.6 /installationtime=1396119348 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /waitforbrowser=300 /extensionid=[email]5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com[/email] /extensionversion=0.94 /prefsbranch=a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390 /updateurl=hxxps:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/51390.rdf /extensionname='Torntv V9.0' /extensiondesc='The must-have App extensions for Television fans! Watch free TV channels, live sports and more' /publishername='installdaddy' /defbro=ch /allusers /allprofiles /checkfflist /autoupdateulr='hxxp:/update.srvstatsdata.com/ff_agent_updates/{CAMP_ID}/update.jso <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\Torntv V9.0-updater.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-updater.exeɑ/runupdater /agentregpath='Torntv V9.0' /appid=51390 /srcid='001062' /subid='0' /zdata='0' /bic=DA0FA4D3576A42F789CE7CC0B9262DADIE /verifier=2c48bb493f9c9b155bd1a28d789faaaa /installerversion=1_34_3_6 /installationtime=1396119348 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /geoserviceurl=hxxp:/ipgeoapi.com/ /updatejsondomain=hxxp:/update.srvstatsdata.com /updaterversion=2 /monetizationdomain=hxxp:/stats.mstatsserv.com /autoupdateulr='hxxp:/update.srvstatsdata.com/updater_agent_updates/{CAMP_ID}/update.jso <==== ATENÇÃO
ShortcutWithArgument: C:\Users\patrick joão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.top8844.com?oem=sv1&uid=S2A8V6P1_ST500DM002-1BD142&tm=1438440253
ShortcutWithArgument: C:\Users\patrick joão\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> www.top8844.com?oem=sv1&uid=S2A8V6P1_ST500DM002-1BD142&tm=1438440253
ShortcutWithArgument: C:\Users\patrick joão\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> www.top8844.com?oem=sv1&uid=S2A8V6P1_ST500DM002-1BD142&tm=1438440253
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.ddtbrasil.top/login.php
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> www.top8844.com?oem=sv1&uid=S2A8V6P1_ST500DM002-1BD142&tm=1438440253
FirewallRules: [{9AD256F2-DDBF-4674-BA29-C02EC5F82783}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{E222CA23-E028-40A3-A5F9-397F53A25C73}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [TCP Query User{73B96048-CD03-4954-AEA2-A8AD0EA9F8DC}C:\programdata\microsoft\network\dsq\network\sysnetwk.exe] => (Block) C:\programdata\microsoft\network\dsq\network\sysnetwk.exe
FirewallRules: [UDP Query User{BC9EFB24-1609-4734-898A-FBF1E265830B}C:\programdata\microsoft\network\dsq\network\sysnetwk.exe] => (Block) C:\programdata\microsoft\network\dsq\network\sysnetwk.exe
AlternateDataStreams: C:\WINDOWS\Temp:$DATA [16]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddreg64.sys:X5ZN8aGvT4 [686]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\ProgramData\Temp:07BF512B [156]
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [126]
AlternateDataStreams: C:\ProgramData\Temp:6BE50C2B [486]
AlternateDataStreams: C:\ProgramData\Temp:862BDB1A [132]
AlternateDataStreams: C:\ProgramData\Tempbig_green.png1B5B4F1 [112]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\Temp:07BF512B [156]
AlternateDataStreams: C:\Users\Todos os Usuários\Temp:373E1720 [126]
AlternateDataStreams: C:\Users\Todos os Usuários\Temp:6BE50C2B [486]
AlternateDataStreams: C:\Users\Todos os Usuários\Temp:862BDB1A [132]
AlternateDataStreams: C:\Users\Todos os Usuários\Tempbig_green.png1B5B4F1 [112]
C:\Users\patrick joão\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe
C:\Users\patrick joão\AppData\Roaming\WinNetSvc\WinNetSvc.exe
C:\Users\patrick joão\AppData\Roaming\NetService\netservice.exe
C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe
C:\ProgramData\Microsoft\Network\Dsq\browser\syshostctl.exe
C:\programdata\microsoft\network\dsq\network
C:\programdata\microsoft\network\dsq
RemoveProxy:
EmptyTemp:
Reboot:
end


> Execute FRST/FRST64.exe >> Clique "Corrigir" << Aguarde!
> Poste o relatório "Resultado da Correção pela Farbar Recovery Scan Tool". (Fixlog.txt)
> Este e outros relatórios,podem ser encontrados na pasta: Disco Local (C) > FRST > Logs

Imagem
< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos aos mesmos! >

[Abs]
Moderador - iMasters Fóruns - Segurança & Malwares
Administrador - Fórum SecSecurity
Administrador - Fórum PC Brasil
joram
joram Highlander Registrado
5.4K Mensagens 2.5K Curtidas
#6 Por joram
30/09/2017 - 07:04
/_ Bom Dia! zGantz _\
https://1fichier.com/?6yp5jqz6n9

> Após a ZHPCleaner,baixe e descompacte o conteúdo deste zip para a pasta: C:\Program Files\Microsoft Office\Office15

> Baixe: < Imagem > ( Imagem ... de Nicolas Coolman )

> Ou |Aqui!| << Mirror!

> Estando na página,clique Imagem

> Salve-a ao desktop! ( ZHPCleaner.exe )
> Desabilite seu antivírus e execute ZHPCleaner.exe <<

Imagem

> Clique "Eu".

Imagem

> Clique Scanner.

Imagem

> Aguarde a conclusão!

Imagem

> Ao concluir,clique Reparar.

Imagem

> Surgirão guias que estarão em vermelho,indicando problemas a serem reparados.
> Clique Reparar.

Imagem

> Ao concluir,clique Relatório!
> Poste o log de reparo: ~ Type : Reparo

[Abs]
Moderador - iMasters Fóruns - Segurança & Malwares
Administrador - Fórum SecSecurity
Administrador - Fórum PC Brasil
© 1999-2024 Hardware.com.br. Todos os direitos reservados.
Imagem do Modal