Ir ao conteúdo
  • Cadastre-se
Grzgori

Possível malware criando novo usuário

Recommended Posts

O  notebook começou a ficar lento, pra iniciar, as vezes travando durante o uso. E de uns dias pra cá um usuário novo apareceu como o nome "smidkiwfw", e mesmo removendo, depois de algum tempo ele retorna.

ZA-Scan.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Grzgori

 

Por favor, atente para o seguinte:

  • Sobre o Fórum: Este é um espaço privado, não público. Seu uso é um privilégio, não um direito.
  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Respeite a ordem das instruções passadas.
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

Ao invés de criar um novo tópico, peço que você continue com este e faça uma resposta anexando o log do ZA-Scan, de acordo com essas instruções:

http://forum.clubedohardware.com.br/topic/1105783-como-criar-seu-t%C3%B3pico/

 

 

 

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa tarde!!

 

Venho a cá humildemente pedir ajuda de vocês. Estou enfrentando problemas com o meu notebook. Ele tem ficado muito lento de algumas semanas pra cá ao iniciar o Windows 10. Durante o uso dele, ele trava algumas vezes e nem desligar consigo pelo menu iniciar, que também trava, assim somente pelo jeito manual. E outra coisa estranha que aconteceu, foi que surgiu um novo usuário, obviamente não criado por mim, com o nome de "smidkiwfw". Desativei essa conta, mas depois de reiniciar o note, ele voltou a aparecer. Tentei restaurar pra um outro ponto de segurança, mas o estranho que não há ponto de segurança pra restaurar, coisa que sempre havia antes dos problemas. E mais um problema que apareceu é não conseguir atualizar o Windows 10, aparece a seguinte mensagem.

 

"Houve problemas ao instalar algumas atualizações, mas tentaremos novamente mais tarde. Se você continuar vendo esta mensagem e quiser pesquisar na Web ou pedir informações ao suporte, isto poderá ajudar:Houve problemas ao instalar algumas atualizações, mas tentaremos novamente mais tarde. Se você continuar vendo esta mensagem e quiser pesquisar na Web ou pedir informações ao suporte, isto poderá ajudar"

 

Desde já agradeço pela atenção e  um bom domingo a todos!!

 

ZA-Scan.txt

Editado por Grzgori
erro

Compartilhar este post


Link para o post
Compartilhar em outros sites

Carlos, obrigado por responder.

 

Pode ser que esteja errado ainda, mas ela está sendo executada na área de trabalho. No próprio log aparece " Launched: C:\Users\Grzgori\.appwork\Desktop\ZA-Scan.exe [Z-Analyse Scan]".

 

 

za scan.jpg

 

Se houver outra maneira, estou a disposição!!

Compartilhar este post


Link para o post
Compartilhar em outros sites

OK,

 

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está abaixo:

createsrpoint;
shortcutfix;
ffdefaults;
chrdefaults;
resetwmi;
resetieproxy;
network.proxy;ff
emptyclsid;
msconfigcheck;
autoclean;
ipconfig /flushdns >>"%temp%\log.txt";b

Salve este arquivo na Área de Trabalho (Desktop) como zascript

Novamente, execute o ZA-Scan.exe e aguarde.
Copie e cole o conteúdo desse arquivo em sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite Carlos, tentei fazer o que foi pedido, copiei o texto e criei o arquivo na área de trabalho. Desativei o antivírus e o Firewall, executei o ZA-Scan. Na primeira vez apareceu uma mensagem que o processador de dados do Windows havia parado. Reiniciei o notebook, refiz todo o processo, levou a noite toda o scaneamento e o notebook travou mas não apareceu nenhuma mensagem. Refiz tudo de novo e travou novamente. Então só fiz um novo log do ZA-Scan :

 

 

ZA-Scan V1.0.0.5 Updated 31-December-2015
Tool run by Grzgori on 07/07/2016 at 11:56:33,48.
Microsoft Windows 10 Home 10.0.10240  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Grzgori\.appwork\Desktop\ZA-Scan.exe [Z-Analyse Scan]

==== Running Processes ======================

C:\PROGRA~2\GbPlugin\GbpSv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\PROGRA~2\GbPlugin\GbpSv.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Users\Grzgori\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\NSPro\NSPro.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Users\Grzgori\.appwork\Desktop\ZA-Scan.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Users\Grzgori\AppData\Local\Temp\ZAScan.exe

==== Services(whitelist) ======================
Powered by E Dev

R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
R2 - [AESTFilters] - Andrea ST Filters Service - c:\program files\idt\wdm\aestsr64.exe
R2 - [AMD External Events Utility] - AMD External Events Utility - c:\windows\system32\atiesrxx.exe
R2 - [GbpSv] - Gbp Service - c:\progra~2\gbplugin\gbpsv.exe
R2 - [HP Wireless Assistant Service] - HP Wireless Assistant Service - c:\program files\hewlett-packard\hp wireless assistant\hpwa_service.exe
R2 - [hpsrv] - HP Service - c:\windows\system32\hpservice.exe
R2 - [LightScribeService] - LightScribeService Direct Disc Labeling Service - c:\program files (x86)\common files\lightscribe\lssrvc.exe
R2 - [MSMQ] - Enfileiramento de Mensagens - c:\windows\system32\mqsvc.exe
R2 - [NAUpdate] - Nero Update - c:\program files (x86)\nero\update\nasvc.exe
R2 - [STacSV] - Audio Service - c:\program files\idt\wdm\stacsv64.exe
R2 - [Warsaw Technology] - Warsaw Technology - c:\program files\diebold\warsaw\core.exe
R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
R3 - [ALG] - Serviço Gateway de Camada de Aplicativo - c:\windows\system32\alg.exe
R3 - [Bluetooth Device Manager] - Bluetooth Device Manager - c:\program files\motorola\bluetooth\devmgrsrv.exe
R3 - [Bluetooth Media Service] - Bluetooth Media Service - c:\program files\motorola\bluetooth\audiosrv.exe
R3 - [FLEXnet Licensing Service 64] - FLEXnet Licensing Service 64 - c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice64.exe
R3 - [hpqwmiex] - HP Software Framework Service - c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe
S2 - [gupdate] - Serviço do Google Update (gupdate) - c:\program files (x86)\google\update\googleupdate.exe
S2 - [HP Support Assistant Service] - HP Support Assistant Service - c:\program files (x86)\hewlett-packard\hp support framework\hpsa_service.exe
S2 - [SkypeUpdate] - Skype Updater - c:\program files (x86)\skype\updater\updater.exe
S2 - [sppsvc] - Proteção de Software - c:\windows\system32\sppsvc.exe
S2 - [WsAppService] - Wondershare Application Framework Service - c:\program files (x86)\wondershare\waf\2.2.0.5\wsappservice.exe
S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
S3 - [aspnet_state] - ASP.NET State Service - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe
S3 - [BBUpdate] - BBUpdate - c:\program files (x86)\microsoft\bingbar\7.1.391.0\seaport.exe
S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
S3 - [diagnosticshub.standardcollector.service] - Serviço Coletor de Padrões de Hub de Diagnóstico da Microsoft (R) - c:\windows\system32\diagsvcs\diagnosticshub.standardcollector.service.exe
S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
S3 - [FLEXnet Licensing Service] - FLEXnet Licensing Service - c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
S3 - [gupdatem] - Serviço do Google Update (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe
S3 - [IEEtwCollectorService] - Serviço Coletor ETW do Internet Explorer - c:\windows\system32\ieetwcollector.exe
S3 - [Microsoft SharePoint Workspace Audit Service] - Microsoft SharePoint Workspace Audit Service - c:\program files (x86)\microsoft office\office14\groove.exe
S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe
S3 - [MSDTC] - Coordenador de transações distribuídas - c:\windows\system32\msdtc.exe
S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
S3 - [ose] - Office  Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe
S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe
S3 - [PerfHost] - Host de DLL de Contador de Desempenho - c:\windows\syswow64\perfhost.exe
S3 - [RpcLocator] - Alocador Remote Procedure Call (RPC) - c:\windows\system32\locator.exe
S3 - [SensorDataService] - Serviço de Dados de Sensor - c:\windows\system32\sensordataservice.exe
S3 - [SNMPTRAP] - Interceptação SNMP - c:\windows\system32\snmptrap.exe
S3 - [Steam Client Service] - Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe
S3 - [TrustedInstaller] - Instalador de Módulos do Windows - c:\windows\servicing\trustedinstaller.exe
S3 - [vds] - Disco Virtual - c:\windows\system32\vds.exe
S3 - [VSS] - Cópia de Sombra de Volume - c:\windows\system32\vssvc.exe
S3 - [wbengine] - Serviço de Mecanismo de Backup em Nível de Bloco - c:\windows\system32\wbengine.exe
S3 - [WdNisSvc] - Serviço de Inspeção de Rede do Windows Defender - c:\program files\windows defender\nissrv.exe
S3 - [WinDefend] - Serviço Windows Defender - c:\program files\windows defender\msmpeng.exe
S3 - [wmiApSrv] - Adaptador de Desempenho WMI - c:\windows\system32\wbem\wmiapsrv.exe
S3 - [WMPNetworkSvc] - Serviço de Compartilhamento de Rede do Windows Media Player - c:\program files\windows media player\wmpnetwk.exe
S3 - [WsDrvInst] - Wondershare Driver Install Service - c:\program files (x86)\wondershare\dr.fone for android\driverinstall.exe
S4 - [BBSvc] - BingBar Service - c:\program files (x86)\microsoft\bingbar\7.1.391.0\bbsvc.exe

==== Drivers(whitelist) ======================
Powered by E Dev

R0 - [FileInfo] - File Information FS MiniFilter - C:\WINDOWS\system32\Drivers\FileInfo.sys
R0 - [FltMgr] - FltMgr - C:\WINDOWS\system32\Drivers\FltMgr.sys
R0 - [Mup] - Mup - C:\WINDOWS\system32\Drivers\Mup.sys
R0 - [Wof] - Windows Overlay File System Filter Driver - C:\WINDOWS\system32\Drivers\Wof.sys
R1 - [NetBIOS] - NetBIOS Interface - C:\WINDOWS\system32\Drivers\NetBIOS.sys
R2 - [srv] - Driver SMB 1.xxx do Servidor - C:\WINDOWS\system32\Drivers\srv.sys
R3 - [srv2] - Driver SMB 2.xxx do Servidor - C:\WINDOWS\system32\Drivers\srv2.sys
R0 - [80662667] - 80662667 - C:\WINDOWS\system32\Drivers\80662667.sys
R0 - [ACPI] - Microsoft ACPI Driver - C:\WINDOWS\system32\Drivers\ACPI.sys
R0 - [acpiex] - Microsoft ACPIEx Driver - C:\WINDOWS\system32\Drivers\acpiex.sys
R0 - [amdide64] - amdide64 - C:\WINDOWS\system32\Drivers\amdide64.sys
R0 - [atapi] - Canal de IDE - C:\WINDOWS\system32\Drivers\atapi.sys
R0 - [CLFS] - Common Log (CLFS) - C:\WINDOWS\system32\Drivers\CLFS.sys
R0 - [CNG] - CNG - C:\WINDOWS\system32\Drivers\CNG.sys
R0 - [disk] - Driver de disco - C:\WINDOWS\system32\Drivers\disk.sys
R0 - [epfwwfp] - epfwwfp - C:\WINDOWS\system32\Drivers\epfwwfp.sys
R0 - [fvevol] - Driver de Filtro de Criptografia de Unidade de Disco BitLocker - C:\WINDOWS\system32\Drivers\fvevol.sys
R0 - [hpdskflt] - HP Filter - C:\WINDOWS\system32\Drivers\hpdskflt.sys
R0 - [KSecDD] - KSecDD - C:\WINDOWS\system32\Drivers\KSecDD.sys
R0 - [KSecPkg] - KSecPkg - C:\WINDOWS\system32\Drivers\KSecPkg.sys
R0 - [mountmgr] - Gerenciador de Pontos de Montagem - C:\WINDOWS\system32\Drivers\mountmgr.sys
R0 - [msisadrv] - msisadrv - C:\WINDOWS\system32\Drivers\msisadrv.sys
R0 - [NDIS] - Driver do Sistema NDIS - C:\WINDOWS\system32\Drivers\NDIS.sys
R0 - [partmgr] - Gerenciador de Partições - C:\WINDOWS\system32\Drivers\partmgr.sys
R0 - [pci] - PCI Bus Driver - C:\WINDOWS\system32\Drivers\pci.sys
R0 - [pcw] - Performance Counters for Windows Driver - C:\WINDOWS\system32\Drivers\pcw.sys
R0 - [pdc] - pdc - C:\WINDOWS\system32\Drivers\pdc.sys
R0 - [rdyboost] - ReadyBoost - C:\WINDOWS\system32\Drivers\rdyboost.sys
R0 - [spaceport] - Driver de Espaços de Armazenamento - C:\WINDOWS\system32\Drivers\spaceport.sys
R0 - [storahci] - Driver AHCI SATA Padrão da Microsoft - C:\WINDOWS\system32\Drivers\storahci.sys
R0 - [Tcpip] - Driver de Protocolo TCP/IP - C:\WINDOWS\system32\Drivers\Tcpip.sys
R0 - [vdrvroot] - Enumerador de Unidade Virtual Microsoft - C:\WINDOWS\system32\Drivers\vdrvroot.sys
R0 - [volmgr] - Driver de Gerenciador de Volumes - C:\WINDOWS\system32\Drivers\volmgr.sys
R0 - [volmgrx] - Gerenciador de Volume Dinâmico - C:\WINDOWS\system32\Drivers\volmgrx.sys
R0 - [volsnap] - Volumes de armazenamento - C:\WINDOWS\system32\Drivers\volsnap.sys
R0 - [Wdf01000] - Serviço de Estruturas de Driver em Modo Kernel - C:\WINDOWS\system32\Drivers\Wdf01000.sys
R0 - [WFPLWFS] - Plataforma para Filtros do Microsoft Windows - C:\WINDOWS\system32\Drivers\WFPLWFS.sys
R0 - [WindowsTrustedRT] - Windows Trusted Execution Environment Class Extension - C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
R0 - [WindowsTrustedRTProxy] - Microsoft Windows Trusted Runtime Secure Service - C:\WINDOWS\system32\Drivers\WindowsTrustedRTProxy.sys
R1 - [AFD] - Ancillary Function Driver for Winsock - C:\WINDOWS\system32\Drivers\AFD.sys
R1 - [Beep] - Beep - C:\WINDOWS\system32\Drivers\Beep.sys
R1 - [tdx] - Driver de Suporte a TDI Herdado de NetIO - C:\WINDOWS\system32\Drivers\tdx.sys
R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\WINDOWS\system32\Drivers\tcpipreg.sys
S0 - [EhStorClass] - Enhanced Storage Filter Driver - C:\WINDOWS\system32\Drivers\EhStorClass.sys
S0 - [gbpddreg] - Gbpddreg svc - C:\WINDOWS\system32\Drivers\gbpddreg.sys [x]
S0 - [hwpolicy] - Hardware Policy Driver - C:\WINDOWS\system32\Drivers\hwpolicy.sys
S3 - [Tcpip6] - @todo.dll,-100;Microsoft IPv6 Protocol Driver - C:\WINDOWS\system32\Drivers\Tcpip6.sys [x]

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"
"Google Update"="C:\Users\Grzgori\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"
"Spotify Web Helper"="C:\Users\Grzgori\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

[HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Grzgori\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Grzgori\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
"Uninstall C:\Users\Grzgori\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Grzgori\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Default Manager"="C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe -resume"
"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"AdobeCS4ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe -launchedbylogin"
"VirtualCloneDrive"="C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe /s"
"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"
"HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"NSPro"="C:\Program Files (x86)\NSPro\NSPro.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"
"Google Update"="C:\Users\Grzgori\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"
"Spotify Web Helper"="C:\Users\Grzgori\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Grzgori\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Grzgori\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
"Uninstall C:\Users\Grzgori\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Grzgori\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BTMTrayAgent"="rundll32.exe C:\Program Files\Motorola\Bluetooth\btmshell.dll,TrayApp"
"AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"SmartMenu"="C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background"
"HPWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden"
"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon"
"CanonSolutionMenu"="C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon"
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice"
"Diebold - Warsaw"="C:\Program Files\Diebold\Warsaw\core.exe"
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPAdvisorDock]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HPAdvisorDock"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Hewlett-Packard\\HP Advisor\\Dock\\HPAdvisorDock.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BBSvc]


==== Startup Folders ======================

2015-05-28 22:03:28    1638    --sha-w-    C:\Users\Grzgori\AppData\Roaming\Microsoft\LastFlashConfig.wfc

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [16/06/2016 19:57]
C:\WINDOWS\tasks\ASC9_SkipUac_Grzgori.job --a-------- [Undetermined Task]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cf8d28a670fb05.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04/09/2015 21:57]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d040e64adceaa7.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04/09/2015 21:57]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1cf8d28a7c55fcc.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04/09/2015 21:57]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d040e64bfa41a1.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04/09/2015 21:57]
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2657562104-1521744097-369675392-1000Core.job --a-------- C:\Users\Grzgori\AppData\Local\Google\Update\GoogleUpdate.exe [04/09/2015 22:35]
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2657562104-1521744097-369675392-1000Core1d041d7c2a7c103.job --a-------- C:\Users\Grzgori\AppData\Local\Google\Update\GoogleUpdate.exe [04/09/2015 22:35]
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2657562104-1521744097-369675392-1000UA1cf8f2cea435dcf.job --a-------- C:\Users\Grzgori\AppData\Local\Google\Update\GoogleUpdate.exe [04/09/2015 22:35]
C:\WINDOWS\tasks\HPCeeScheduleForGrzgori.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [05/01/2010 03:53]
C:\WINDOWS\tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job --a-------- C:\Users\Grzgori\AppData\Roaming\2F3AA0F6-976C-4b02-A66A-5D1DEA00811F\InstallHelp.exe []

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\SysNative\tasks\ASC9_PerformanceMonitor" [C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe]
"C:\WINDOWS\SysNative\tasks\ASC9_SkipUac_Grzgori" [C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe /SkipUac]
"C:\WINDOWS\SysNative\tasks\CLMLSvc" [c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\Kernel\CLML\CLMLSvc.exe]
"C:\WINDOWS\SysNative\tasks\Driver Booster SkipUAC (Grzgori)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe]
"C:\WINDOWS\SysNative\tasks\DVDAgent" [c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore1cf8d28a670fb05" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore1d040e64adceaa7" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA1cf8d28a7c55fcc" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA1d040e64bfa41a1" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2657562104-1521744097-369675392-1000Core" [C:\Users\Grzgori\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2657562104-1521744097-369675392-1000Core1d041d7c2a7c103" [C:\Users\Grzgori\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2657562104-1521744097-369675392-1000UA1cf8f2cea435dcf" [C:\Users\Grzgori\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\HPCeeScheduleForGrzgori" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{FA4C04C9-3107-4B6F-9900-A9ED89B0DE25}" [C:\Windows\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\{17FFBA99-792D-4753-96BC-146D68125057}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\WINDOWS\SysNative\tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}" [C:\Users\Grzgori\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\InstallHelp.exe]
"C:\WINDOWS\SysNative\tasks\{2D54E96E-FD7E-4E17-B068-EED3A879F8BD}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\WINDOWS\SysNative\tasks\{32C53694-533F-437E-8310-AE0C64F0A4B4}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\WINDOWS\SysNative\tasks\{50BEF6D1-8102-43EE-9792-6DA7CEE8C152}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\WINDOWS\SysNative\tasks\{6374AF63-7DDD-4773-B7C2-772AD9F39CB5}" [C:\Users\Grzgori\Downloads\SaraivaReader.exe]
"C:\WINDOWS\SysNative\tasks\{6ADA7AD3-A1CA-412B-B2EB-3876C9563254}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\WINDOWS\SysNative\tasks\{788F552A-3284-4CF5-BDB7-C77DC65FA629}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\WINDOWS\SysNative\tasks\{8062DD5A-2509-47B3-AF72-58DEC1EA040D}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\WINDOWS\SysNative\tasks\{822124DC-32AA-4B00-A759-938B281DDAAF}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\WINDOWS\SysNative\tasks\{8DE80D99-2F58-4B56-B28A-9FDCEEABD1A9}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\WINDOWS\SysNative\tasks\{905459D1-2C72-46B2-87B0-E5CB89045E26}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\WINDOWS\SysNative\tasks\{982452B4-EEB3-49BA-8FDE-5C3AB177F51C}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\WINDOWS\SysNative\tasks\{A7A24847-2316-434B-8F11-F6FD5BB4F981}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\WINDOWS\SysNative\tasks\{ADE9420C-A537-4751-A9C6-28FE134B2D35}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\WINDOWS\SysNative\tasks\{B2982CE7-0F5B-4E21-AB84-28A4A95C1C37}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\WINDOWS\SysNative\tasks\{B6002AA6-9E24-4D0B-BAD3-6664D9603E27}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\WINDOWS\SysNative\tasks\{C1C52096-AC5E-4C24-A989-FFABEA8E86A9}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\WINDOWS\SysNative\tasks\{C4B484D1-BC19-4E7E-8E4B-0CA4E6493B4C}" [C:\Users\Grzgori\Downloads\SaraivaReader.exe]
"C:\WINDOWS\SysNative\tasks\{F00ABF15-147D-4972-AF3F-40C9DDC40728}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask" [C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]
"C:\WINDOWS\SysNative\tasks\Nero\Nero Info" [C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe]
"C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Grzgori\AppData\Roaming\Mozilla\Firefox\Profiles\515hff3n.default
user_pref("browser.startup.homepage", "http://www.google.com.br/");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"support@vdownloader.com"="C:\Program Files\VDownloader\Addons\FireFox" []
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{87F8774F-B485-47E2-A755-A40A8A5E8871}"="C:\Users\Grzgori\AppData\Local\GAS Tecnologia\GBBD\scd\xpi" [14/06/2016 21:59]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Grzgori\AppData\Roaming\Mozilla\Firefox\Profiles\515hff3n.default
- ADB Helper - %ProfilePath%\extensions\adbhelper@mozilla.org
- Valence - %ProfilePath%\extensions\fxdevtools-adapters@mozilla.org
- Super Start - %ProfilePath%\extensions\superstart@enjoyfreeware.org
- Undetermined - %ProfilePath%\extensions\firefox@mega.co.nz.xpi

ProfilePath: C:\Users\XseVenM\AppData\Roaming\Mozilla\Firefox\Profiles\g7ozs4qe.default
- Undetermined - %ProfilePath%\extensions\staged

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Grzgori\AppData\Roaming\Mozilla\Firefox\Profiles\515hff3n.default
C195AC4544729A69CFF30BB62F473054    - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll -    Shockwave for Director / Shockwave for Director
05F4E9B3912EA16B04C5928758E8AA75    - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll -    Shockwave Flash
4699428EA4B012974C479B3F0AF7E017    - C:\Users\Grzgori\AppData\Local\GAS Tecnologia\GBBD\npsf_scd.dll -    Módulo de Proteção - Sicredi
7E22425470F2072890C5747F07628846    - C:\Users\Grzgori\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll -    Módulo de Proteção - Banco do Brasil
C426F7E678D6E539041847556059D5E8    - C:\Users\Grzgori\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll -    Google Update
4E236D09338A29DDF4CF229B3BACA104    - C:\Users\Grzgori\AppData\LocalLow\PowerChallenge\nppowerloader.dll -    Power Challenge Loader
B536D1667BF7DDC4F57829093314DF90    - C:\Users\Grzgori\AppData\Local\GAS Tecnologia\GBBD\npsf_scd_64.dll -    Módulo de Proteção - Sicredi
D87C0639158DFC59B39E1B804F297B40    - C:\Users\Grzgori\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll -    Módulo de Proteção - Banco do Brasil


==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Grzgori\AppData\Local\Comodo\Dragon Found

==== Chromium Look ======================


Google Docs - Grzgori\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Wallet - Grzgori\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{9B7BA4B2-550E-4EF1-8B14-7B74E9FDF1C1} - http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{9B7BA4B2-550E-4EF1-8B14-7B74E9FDF1C1} - http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{9B7BA4B2-550E-4EF1-8B14-7B74E9FDF1C1} - No_Url_Value

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: IEExtension.VDownloaderBHO - {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dll (file missing)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O2 - BHO: G-Buster Browser Defense Sicredi - {C41A1C0E-EA6C-11D4-B1B8-444553540011} - C:\Program Files (x86)\GbPlugin\gbiehscd.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

==== EOF on 07/07/2016 at 12:15:42,46 ======================

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa tarde,

 

Acredito que agora consegui realizar o procedimento.

 

ZA ScanLog

 

ZA-Scan V1.0.0.5 Updated 30-09-2015
Tool run by Grzgori on 08/07/2016 at  0:47:16,05.
Microsoft Windows 10 Home 10.0.10240  x64
Running in: Safe Mode MINIMAL No Internet Access Detected
Launched: C:\Users\Grzgori\.appwork\Desktop\ZA-Scan.exe
Script used: C:\Users\Grzgori\.appwork\Desktop\zascript.txt

==== System Restore Info ======================

==== Empty Folders Check ======================

C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10A3B891-A5D-4C53-98C-2631C4E9F0CA} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11434275-77CC-4EF8-9C91-C2C0568BBC20} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F123CED-754-49AF-9D1A-42AFDA4F60F8} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{228B17C-FA6D-4A23-AC31-60A12ACCF96} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{25200564-DF8E-43B5-ACF8-FF636DE84938} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{281128AC-6FF9-4B35-BB42-5F4CEBB7C945} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2A6C64E7-8157-4CB5-AE72-2154C28686C8} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E199301-784F-4355-AD41-68E94217E4} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36527E62-2532-47A8-B12A-17806612AF36} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3CD3CBFF-4055-497E-BFD5-EFACBEC1C19} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{405350D9-B573-4C09-B9DB-D8B14AA176B} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{421B67E1-39D6-48EF-8EF0-54FDDFB3ED58} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4554F36B-A003-48B4-9237-DBBF69B66A1} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5006D8B3-11E7-4748-B162-F8F28C631544} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5F3488FC-D1F7-4E89-B8C-F55EFAF3EFD} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60C42A8C-815C-4D28-8E12-B84B399A801A} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{665579FC-3176-4A7F-8839-5B29E04CABBE} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71F47DED-9F60-4F1E-A3B1-74A8B9BBC60} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73B171B1-15ED-4FBC-8DE4-82D8EE264C9} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{79427E56-F8C6-42DC-84CC-BE9BE2D7F24E} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B387784-DDF5-41E2-933-64D6173CC8EB} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E989B7A-5CDE-419E-B6FF-485899BC8EB} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7EB1CF88-C48B-49F3-9918-C621911C71EE} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80A58ED7-903A-472A-8AA-6CF1ED3ABAF0} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{818D6F72-6612-4D00-B8B1-80DCFB894F68} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83DB950F-8BAA-4BE8-9F6F-BD386C224E84} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8875150C-5210-4E8C-AA37-B540F583D3} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8A76ADDA-7C83-422A-B02A-3E16A7485A6B} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8CAB32C-661E-47DE-9345-76245D4B2982} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F4E58C4-A1D6-4D9A-801-5377644DE4} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94B013AA-72CB-4A22-A255-21FBDA3819F} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95CEB328-AEFF-42B7-A6C3-42533952CE} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9AF7F16E-F12B-477C-B1DD-A233B886265} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A0C064B9-AE2C-4704-8387-2BF95AD691CE} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5794C06-91FB-4DE6-9B85-57CAA82DEEB2} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A93D1C16-7398-41F0-8ADD-822BC69D8FF} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A9717B0F-39B1-4878-962-E795C36139} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A9AA9677-AA3A-44BC-B27F-A7BD6A344C66} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFE67692-C2D1-4E75-A1BF-CD26AF547D} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7D0B376-9B8F-4179-909A-318FCA9AE0F0} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BB588D75-9CE9-4802-8F97-AD31D59A125} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBA47D7D-4F08-4BCF-B02E-2A09C25F750} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BCD28FE-6987-4BED-868D-214FA195116E} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3A7EEED-90F0-40DB-9A7-7FE9DE627D8F} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C5F42A73-4831-4CF2-BAB0-13FB3307E89} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CB160604-E9E3-44FA-A641-E1D5289B9C5} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D09731B1-82C4-4883-A316-FCDAB32470FB} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D47ED72D-6020-46BD-96B4-7FB16471CDB} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D9724B0B-7059-4AA3-9F5A-9731EE752137} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E578F138-25-4340-977D-8419C2383E} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6E22736-5A3A-4EBF-A18A-4792E718B883} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E759D7C0-351B-48FC-8332-57F016FA9F7} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC8D8EAD-3D7E-4DF6-8BD1-EBF58DCB072} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ED4DE157-B0C2-4ADD-9D58-613D25E01ABB} deleted successfully
HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F5FEF908-44A8-47E9-B6F6-C551E94D716B} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\support@vdownloader.com deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Grzgori\AppData\Roaming\Mozilla\Firefox\Profiles\515hff3n.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com.br/");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Grzgori\AppData\Roaming\Mozilla\Firefox\Profiles\515hff3n.default\prefs.js:

Deleted from C:\Users\XseVenM\AppData\Roaming\Mozilla\Firefox\Profiles\g7ozs4qe.default\prefs.js:

Added to C:\Users\XseVenM\AppData\Roaming\Mozilla\Firefox\Profiles\g7ozs4qe.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Grzgori\AppData\Roaming\Mozilla\Firefox\Profiles\515hff3n.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_072016_0106_.backup

ProfilePath: C:\Users\XseVenM\AppData\Roaming\Mozilla\Firefox\Profiles\g7ozs4qe.default

user.js not found
---- Lines {00ADD29A-66F4-4f22-BCC0-4C1D29DA647B} modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}\":{\"descriptor\":\"C:\\\\
---- FireFox user.js and prefs.js backups ----

prefs_072016_0106_.backup

==== Batch Command(s) Run By Tool======================


Configura‡Æo de IP do Windows

NÆo foi poss¡vel liberar o Cache do DNS Resolver: A fun‡Æo falhou durante a execu‡Æo.


==== Deleting Files \ Folders ======================

C:\PROGRA~2\Windows Live SkyDrive deleted
C:\PROGRA~2\Advanced Sound Recorder deleted
C:\Users\Grzgori\.android deleted
C:\PROGRA~2\Wondershare deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\{827D21CC-A22D-45D6-23CA-451DDAC769BA} deleted
C:\PROGRA~3\{972DC8CA-126D-23FD-11AA-92876DD12AFD} deleted
C:\PROGRA~3\{EC3BBC27-096F-437F-AA20-6B5E46D778AE} deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Grzgori\AppData\Local\mbt-actwiz.log deleted
C:\Users\Grzgori\AppData\Local\CrashRpt deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\WINDOWS\Syswow64\InstallUtil.InstallLog deleted
C:\Users\Grzgori\AppData\Roaming\Mozilla\Firefox\Profiles\515hff3n.default\extensions\firefox@mega.co.nz.xpi deleted
C:\Users\XseVenM\AppData\Roaming\Mozilla\Firefox\Profiles\g7ozs4qe.default\extensions\staged deleted
C:\Users\Grzgori\AppData\Roaming\Mozilla\Firefox\Profiles\515hff3n.default\extensions\adbhelper@mozilla.org deleted
C:\Users\Grzgori\AppData\Roaming\Mozilla\Firefox\Profiles\515hff3n.default\extensions\fxdevtools-adapters@mozilla.org deleted
C:\Users\Grzgori\AppData\Roaming\Mozilla\Firefox\Profiles\515hff3n.default\nspdl deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\XseVenM\AppData\Roaming\Mozilla\Firefox\Profiles\g7ozs4qe.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}"="C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension" [06/09/2011 18:44]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{87F8774F-B485-47E2-A755-A40A8A5E8871}"="C:\Users\Grzgori\AppData\Local\GAS Tecnologia\GBBD\scd\xpi" [14/06/2016 21:59]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Grzgori\AppData\Roaming\Mozilla\Firefox\Profiles\515hff3n.default
- Super Start - %ProfilePath%\extensions\superstart@enjoyfreeware.org

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Grzgori\AppData\Roaming\Mozilla\Firefox\Profiles\515hff3n.default
C195AC4544729A69CFF30BB62F473054    - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll -    Shockwave for Director / Shockwave for Director
05F4E9B3912EA16B04C5928758E8AA75    - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll -    Shockwave Flash
4699428EA4B012974C479B3F0AF7E017    - C:\Users\Grzgori\AppData\Local\GAS Tecnologia\GBBD\npsf_scd.dll -    Módulo de Proteção - Sicredi
7E22425470F2072890C5747F07628846    - C:\Users\Grzgori\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll -    Módulo de Proteção - Banco do Brasil
C426F7E678D6E539041847556059D5E8    - C:\Users\Grzgori\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll -    Google Update
4E236D09338A29DDF4CF229B3BACA104    - C:\Users\Grzgori\AppData\LocalLow\PowerChallenge\nppowerloader.dll -    Power Challenge Loader
B536D1667BF7DDC4F57829093314DF90    - C:\Users\Grzgori\AppData\Local\GAS Tecnologia\GBBD\npsf_scd_64.dll -    Módulo de Proteção - Sicredi
D87C0639158DFC59B39E1B804F297B40    - C:\Users\Grzgori\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll -    Módulo de Proteção - Banco do Brasil


==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Grzgori\AppData\Local\Comodo\Dragon deleted

==== Chromium Look ======================

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{9B7BA4B2-550E-4EF1-8B14-7B74E9FDF1C1} Unknown  Url="Not_Found"

==== Reset Google Chrome ======================

C:\Users\Grzgori\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Grzgori\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Grzgori\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2657562104-1521744097-369675392-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9B7BA4B2-550E-4EF1-8B14-7B74E9FDF1C1} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9B7BA4B2-550E-4EF1-8B14-7B74E9FDF1C1} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9B7BA4B2-550E-4EF1-8B14-7B74E9FDF1C1} deleted successfully

==== Deleting CLSID Registry Values ======================


==== shortcuts on Users Desktops ======================

C:\Users\Public\Desktop\Acrobat Reader DC.lnk - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk - C:\Program Files (x86)\Adobe\Adobe Digital Editions 3.0\DigitalEditions.exe
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\CDBurnerXP.lnk - C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe
C:\Users\Public\Desktop\IXC - Internet Xadrez Clube.lnk - C:\Program Files (x86)\IXC\ixc0266.exe
C:\Users\Public\Desktop\Kobo.lnk - C:\Program Files (x86)\Kobo\Kobo.exe --affiliate kobodesktop
C:\Users\Public\Desktop\LG PC Suite IV.lnk - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LGUX.exe
C:\Users\Public\Desktop\LightScribe.lnk - C:\Program Files (x86)\Common Files\LightScribe\LSLauncher.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Medieval CUE Splitter.lnk - C:\Program Files (x86)\Medieval Software\Medieval CUE Splitter\CUE_Splitter.exe
C:\Users\Public\Desktop\Megacubo.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe
C:\Users\Public\Desktop\Minhateca.lnk - C:\Program Files (x86)\Minhateca.com.br Box\MinhaBox.exe
C:\Users\Public\Desktop\MiniTuner.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe -load:tuner
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Nero 2015.lnk - C:\Windows\Installer\{9D780839-6E97-4E2A-A5F7-711AF221B609}\NeroLauncher.ex_06255901E67449719980557FAA5EC1C6.exe
C:\Users\Public\Desktop\QI Teste.lnk - C:\Program Files (x86)\Tom Software\QI Teste\QITeste.exe
C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Shadow of Chernobyl.lnk - C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
C:\Users\Public\Desktop\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
C:\Users\Public\Desktop\Skype.lnk - C:\WINDOWS\Installer\{6A0549A9-1B96-498C-ACBC-3943001FEB19}\SkypeIcon.exe
C:\Users\Public\Desktop\Stereoscopic Player.lnk - C:\Program Files (x86)\Stereoscopic Player\StereoPlayer.exe
C:\Users\Public\Desktop\Virtual CloneDrive.lnk - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDPrefs.exe
C:\Users\Public\Desktop\Wondershare Dr.Fone para Android.lnk - C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DrFoneAndroid.exe
C:\Users\Public\Desktop\Acrobat Reader DC.lnk - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk - C:\Program Files (x86)\Adobe\Adobe Digital Editions 3.0\DigitalEditions.exe
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\CDBurnerXP.lnk - C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe
C:\Users\Public\Desktop\IXC - Internet Xadrez Clube.lnk - C:\Program Files (x86)\IXC\ixc0266.exe
C:\Users\Public\Desktop\Kobo.lnk - C:\Program Files (x86)\Kobo\Kobo.exe --affiliate kobodesktop
C:\Users\Public\Desktop\LG PC Suite IV.lnk - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LGUX.exe
C:\Users\Public\Desktop\LightScribe.lnk - C:\Program Files (x86)\Common Files\LightScribe\LSLauncher.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Medieval CUE Splitter.lnk - C:\Program Files (x86)\Medieval Software\Medieval CUE Splitter\CUE_Splitter.exe
C:\Users\Public\Desktop\Megacubo.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe
C:\Users\Public\Desktop\Minhateca.lnk - C:\Program Files (x86)\Minhateca.com.br Box\MinhaBox.exe
C:\Users\Public\Desktop\MiniTuner.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe -load:tuner
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Nero 2015.lnk - C:\Windows\Installer\{9D780839-6E97-4E2A-A5F7-711AF221B609}\NeroLauncher.ex_06255901E67449719980557FAA5EC1C6.exe
C:\Users\Public\Desktop\QI Teste.lnk - C:\Program Files (x86)\Tom Software\QI Teste\QITeste.exe
C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Shadow of Chernobyl.lnk - C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
C:\Users\Public\Desktop\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
C:\Users\Public\Desktop\Skype.lnk - C:\WINDOWS\Installer\{6A0549A9-1B96-498C-ACBC-3943001FEB19}\SkypeIcon.exe
C:\Users\Public\Desktop\Stereoscopic Player.lnk - C:\Program Files (x86)\Stereoscopic Player\StereoPlayer.exe
C:\Users\Public\Desktop\Virtual CloneDrive.lnk - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDPrefs.exe
C:\Users\Public\Desktop\Wondershare Dr.Fone para Android.lnk - C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DrFoneAndroid.exe
C:\Users\Public\Desktop\Acrobat Reader DC.lnk - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk - C:\Program Files (x86)\Adobe\Adobe Digital Editions 3.0\DigitalEditions.exe
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\CDBurnerXP.lnk - C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe
C:\Users\Public\Desktop\IXC - Internet Xadrez Clube.lnk - C:\Program Files (x86)\IXC\ixc0266.exe
C:\Users\Public\Desktop\Kobo.lnk - C:\Program Files (x86)\Kobo\Kobo.exe --affiliate kobodesktop
C:\Users\Public\Desktop\LG PC Suite IV.lnk - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LGUX.exe
C:\Users\Public\Desktop\LightScribe.lnk - C:\Program Files (x86)\Common Files\LightScribe\LSLauncher.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Medieval CUE Splitter.lnk - C:\Program Files (x86)\Medieval Software\Medieval CUE Splitter\CUE_Splitter.exe
C:\Users\Public\Desktop\Megacubo.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe
C:\Users\Public\Desktop\Minhateca.lnk - C:\Program Files (x86)\Minhateca.com.br Box\MinhaBox.exe
C:\Users\Public\Desktop\MiniTuner.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe -load:tuner
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Nero 2015.lnk - C:\Windows\Installer\{9D780839-6E97-4E2A-A5F7-711AF221B609}\NeroLauncher.ex_06255901E67449719980557FAA5EC1C6.exe
C:\Users\Public\Desktop\QI Teste.lnk - C:\Program Files (x86)\Tom Software\QI Teste\QITeste.exe
C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Shadow of Chernobyl.lnk - C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
C:\Users\Public\Desktop\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
C:\Users\Public\Desktop\Skype.lnk - C:\WINDOWS\Installer\{6A0549A9-1B96-498C-ACBC-3943001FEB19}\SkypeIcon.exe
C:\Users\Public\Desktop\Stereoscopic Player.lnk - C:\Program Files (x86)\Stereoscopic Player\StereoPlayer.exe
C:\Users\Public\Desktop\Virtual CloneDrive.lnk - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDPrefs.exe
C:\Users\Public\Desktop\Wondershare Dr.Fone para Android.lnk - C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DrFoneAndroid.exe
C:\Users\Public\Desktop\Acrobat Reader DC.lnk - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk - C:\Program Files (x86)\Adobe\Adobe Digital Editions 3.0\DigitalEditions.exe
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\CDBurnerXP.lnk - C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe
C:\Users\Public\Desktop\IXC - Internet Xadrez Clube.lnk - C:\Program Files (x86)\IXC\ixc0266.exe
C:\Users\Public\Desktop\Kobo.lnk - C:\Program Files (x86)\Kobo\Kobo.exe --affiliate kobodesktop
C:\Users\Public\Desktop\LG PC Suite IV.lnk - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LGUX.exe
C:\Users\Public\Desktop\LightScribe.lnk - C:\Program Files (x86)\Common Files\LightScribe\LSLauncher.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Medieval CUE Splitter.lnk - C:\Program Files (x86)\Medieval Software\Medieval CUE Splitter\CUE_Splitter.exe
C:\Users\Public\Desktop\Megacubo.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe
C:\Users\Public\Desktop\Minhateca.lnk - C:\Program Files (x86)\Minhateca.com.br Box\MinhaBox.exe
C:\Users\Public\Desktop\MiniTuner.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe -load:tuner
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Nero 2015.lnk - C:\Windows\Installer\{9D780839-6E97-4E2A-A5F7-711AF221B609}\NeroLauncher.ex_06255901E67449719980557FAA5EC1C6.exe
C:\Users\Public\Desktop\QI Teste.lnk - C:\Program Files (x86)\Tom Software\QI Teste\QITeste.exe
C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Shadow of Chernobyl.lnk - C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
C:\Users\Public\Desktop\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
C:\Users\Public\Desktop\Skype.lnk - C:\WINDOWS\Installer\{6A0549A9-1B96-498C-ACBC-3943001FEB19}\SkypeIcon.exe
C:\Users\Public\Desktop\Stereoscopic Player.lnk - C:\Program Files (x86)\Stereoscopic Player\StereoPlayer.exe
C:\Users\Public\Desktop\Virtual CloneDrive.lnk - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDPrefs.exe
C:\Users\Public\Desktop\Wondershare Dr.Fone para Android.lnk - C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DrFoneAndroid.exe
C:\Users\Public\Desktop\Acrobat Reader DC.lnk - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk - C:\Program Files (x86)\Adobe\Adobe Digital Editions 3.0\DigitalEditions.exe
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\CDBurnerXP.lnk - C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe
C:\Users\Public\Desktop\IXC - Internet Xadrez Clube.lnk - C:\Program Files (x86)\IXC\ixc0266.exe
C:\Users\Public\Desktop\Kobo.lnk - C:\Program Files (x86)\Kobo\Kobo.exe --affiliate kobodesktop
C:\Users\Public\Desktop\LG PC Suite IV.lnk - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LGUX.exe
C:\Users\Public\Desktop\LightScribe.lnk - C:\Program Files (x86)\Common Files\LightScribe\LSLauncher.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Medieval CUE Splitter.lnk - C:\Program Files (x86)\Medieval Software\Medieval CUE Splitter\CUE_Splitter.exe
C:\Users\Public\Desktop\Megacubo.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe
C:\Users\Public\Desktop\Minhateca.lnk - C:\Program Files (x86)\Minhateca.com.br Box\MinhaBox.exe
C:\Users\Public\Desktop\MiniTuner.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe -load:tuner
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Nero 2015.lnk - C:\Windows\Installer\{9D780839-6E97-4E2A-A5F7-711AF221B609}\NeroLauncher.ex_06255901E67449719980557FAA5EC1C6.exe
C:\Users\Public\Desktop\QI Teste.lnk - C:\Program Files (x86)\Tom Software\QI Teste\QITeste.exe
C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Shadow of Chernobyl.lnk - C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
C:\Users\Public\Desktop\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
C:\Users\Public\Desktop\Skype.lnk - C:\WINDOWS\Installer\{6A0549A9-1B96-498C-ACBC-3943001FEB19}\SkypeIcon.exe
C:\Users\Public\Desktop\Stereoscopic Player.lnk - C:\Program Files (x86)\Stereoscopic Player\StereoPlayer.exe
C:\Users\Public\Desktop\Virtual CloneDrive.lnk - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDPrefs.exe
C:\Users\Public\Desktop\Wondershare Dr.Fone para Android.lnk - C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DrFoneAndroid.exe
C:\Users\Public\Desktop\Acrobat Reader DC.lnk - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk - C:\Program Files (x86)\Adobe\Adobe Digital Editions 3.0\DigitalEditions.exe
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\CDBurnerXP.lnk - C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe
C:\Users\Public\Desktop\IXC - Internet Xadrez Clube.lnk - C:\Program Files (x86)\IXC\ixc0266.exe
C:\Users\Public\Desktop\Kobo.lnk - C:\Program Files (x86)\Kobo\Kobo.exe --affiliate kobodesktop
C:\Users\Public\Desktop\LG PC Suite IV.lnk - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LGUX.exe
C:\Users\Public\Desktop\LightScribe.lnk - C:\Program Files (x86)\Common Files\LightScribe\LSLauncher.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Medieval CUE Splitter.lnk - C:\Program Files (x86)\Medieval Software\Medieval CUE Splitter\CUE_Splitter.exe
C:\Users\Public\Desktop\Megacubo.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe
C:\Users\Public\Desktop\Minhateca.lnk - C:\Program Files (x86)\Minhateca.com.br Box\MinhaBox.exe
C:\Users\Public\Desktop\MiniTuner.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe -load:tuner
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Nero 2015.lnk - C:\Windows\Installer\{9D780839-6E97-4E2A-A5F7-711AF221B609}\NeroLauncher.ex_06255901E67449719980557FAA5EC1C6.exe
C:\Users\Public\Desktop\QI Teste.lnk - C:\Program Files (x86)\Tom Software\QI Teste\QITeste.exe
C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Shadow of Chernobyl.lnk - C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
C:\Users\Public\Desktop\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
C:\Users\Public\Desktop\Skype.lnk - C:\WINDOWS\Installer\{6A0549A9-1B96-498C-ACBC-3943001FEB19}\SkypeIcon.exe
C:\Users\Public\Desktop\Stereoscopic Player.lnk - C:\Program Files (x86)\Stereoscopic Player\StereoPlayer.exe
C:\Users\Public\Desktop\Virtual CloneDrive.lnk - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDPrefs.exe
C:\Users\Public\Desktop\Wondershare Dr.Fone para Android.lnk - C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DrFoneAndroid.exe
C:\Users\Public\Desktop\Acrobat Reader DC.lnk - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk - C:\Program Files (x86)\Adobe\Adobe Digital Editions 3.0\DigitalEditions.exe
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\CDBurnerXP.lnk - C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe
C:\Users\Public\Desktop\IXC - Internet Xadrez Clube.lnk - C:\Program Files (x86)\IXC\ixc0266.exe
C:\Users\Public\Desktop\Kobo.lnk - C:\Program Files (x86)\Kobo\Kobo.exe --affiliate kobodesktop
C:\Users\Public\Desktop\LG PC Suite IV.lnk - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LGUX.exe
C:\Users\Public\Desktop\LightScribe.lnk - C:\Program Files (x86)\Common Files\LightScribe\LSLauncher.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Medieval CUE Splitter.lnk - C:\Program Files (x86)\Medieval Software\Medieval CUE Splitter\CUE_Splitter.exe
C:\Users\Public\Desktop\Megacubo.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe
C:\Users\Public\Desktop\Minhateca.lnk - C:\Program Files (x86)\Minhateca.com.br Box\MinhaBox.exe
C:\Users\Public\Desktop\MiniTuner.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe -load:tuner
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Nero 2015.lnk - C:\Windows\Installer\{9D780839-6E97-4E2A-A5F7-711AF221B609}\NeroLauncher.ex_06255901E67449719980557FAA5EC1C6.exe
C:\Users\Public\Desktop\QI Teste.lnk - C:\Program Files (x86)\Tom Software\QI Teste\QITeste.exe
C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Shadow of Chernobyl.lnk - C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
C:\Users\Public\Desktop\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
C:\Users\Public\Desktop\Skype.lnk - C:\WINDOWS\Installer\{6A0549A9-1B96-498C-ACBC-3943001FEB19}\SkypeIcon.exe
C:\Users\Public\Desktop\Stereoscopic Player.lnk - C:\Program Files (x86)\Stereoscopic Player\StereoPlayer.exe
C:\Users\Public\Desktop\Virtual CloneDrive.lnk - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDPrefs.exe
C:\Users\Public\Desktop\Wondershare Dr.Fone para Android.lnk - C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DrFoneAndroid.exe
C:\Users\Public\Desktop\Acrobat Reader DC.lnk - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk - C:\Program Files (x86)\Adobe\Adobe Digital Editions 3.0\DigitalEditions.exe
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\CDBurnerXP.lnk - C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe
C:\Users\Public\Desktop\IXC - Internet Xadrez Clube.lnk - C:\Program Files (x86)\IXC\ixc0266.exe
C:\Users\Public\Desktop\Kobo.lnk - C:\Program Files (x86)\Kobo\Kobo.exe --affiliate kobodesktop
C:\Users\Public\Desktop\LG PC Suite IV.lnk - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LGUX.exe
C:\Users\Public\Desktop\LightScribe.lnk - C:\Program Files (x86)\Common Files\LightScribe\LSLauncher.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Medieval CUE Splitter.lnk - C:\Program Files (x86)\Medieval Software\Medieval CUE Splitter\CUE_Splitter.exe
C:\Users\Public\Desktop\Megacubo.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe
C:\Users\Public\Desktop\Minhateca.lnk - C:\Program Files (x86)\Minhateca.com.br Box\MinhaBox.exe
C:\Users\Public\Desktop\MiniTuner.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe -load:tuner
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Nero 2015.lnk - C:\Windows\Installer\{9D780839-6E97-4E2A-A5F7-711AF221B609}\NeroLauncher.ex_06255901E67449719980557FAA5EC1C6.exe
C:\Users\Public\Desktop\QI Teste.lnk - C:\Program Files (x86)\Tom Software\QI Teste\QITeste.exe
C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Shadow of Chernobyl.lnk - C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
C:\Users\Public\Desktop\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
C:\Users\Public\Desktop\Skype.lnk - C:\WINDOWS\Installer\{6A0549A9-1B96-498C-ACBC-3943001FEB19}\SkypeIcon.exe
C:\Users\Public\Desktop\Stereoscopic Player.lnk - C:\Program Files (x86)\Stereoscopic Player\StereoPlayer.exe
C:\Users\Public\Desktop\Virtual CloneDrive.lnk - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDPrefs.exe
C:\Users\Public\Desktop\Wondershare Dr.Fone para Android.lnk - C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DrFoneAndroid.exe
C:\Users\Public\Desktop\Acrobat Reader DC.lnk - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk - C:\Program Files (x86)\Adobe\Adobe Digital Editions 3.0\DigitalEditions.exe
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\CDBurnerXP.lnk - C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe
C:\Users\Public\Desktop\IXC - Internet Xadrez Clube.lnk - C:\Program Files (x86)\IXC\ixc0266.exe
C:\Users\Public\Desktop\Kobo.lnk - C:\Program Files (x86)\Kobo\Kobo.exe --affiliate kobodesktop
C:\Users\Public\Desktop\LG PC Suite IV.lnk - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LGUX.exe
C:\Users\Public\Desktop\LightScribe.lnk - C:\Program Files (x86)\Common Files\LightScribe\LSLauncher.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Medieval CUE Splitter.lnk - C:\Program Files (x86)\Medieval Software\Medieval CUE Splitter\CUE_Splitter.exe
C:\Users\Public\Desktop\Megacubo.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe
C:\Users\Public\Desktop\Minhateca.lnk - C:\Program Files (x86)\Minhateca.com.br Box\MinhaBox.exe
C:\Users\Public\Desktop\MiniTuner.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe -load:tuner
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Nero 2015.lnk - C:\Windows\Installer\{9D780839-6E97-4E2A-A5F7-711AF221B609}\NeroLauncher.ex_06255901E67449719980557FAA5EC1C6.exe
C:\Users\Public\Desktop\QI Teste.lnk - C:\Program Files (x86)\Tom Software\QI Teste\QITeste.exe
C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Shadow of Chernobyl.lnk - C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
C:\Users\Public\Desktop\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
C:\Users\Public\Desktop\Skype.lnk - C:\WINDOWS\Installer\{6A0549A9-1B96-498C-ACBC-3943001FEB19}\SkypeIcon.exe
C:\Users\Public\Desktop\Stereoscopic Player.lnk - C:\Program Files (x86)\Stereoscopic Player\StereoPlayer.exe
C:\Users\Public\Desktop\Virtual CloneDrive.lnk - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDPrefs.exe
C:\Users\Public\Desktop\Wondershare Dr.Fone para Android.lnk - C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DrFoneAndroid.exe
C:\Users\Public\Desktop\Acrobat Reader DC.lnk - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk - C:\Program Files (x86)\Adobe\Adobe Digital Editions 3.0\DigitalEditions.exe
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\CDBurnerXP.lnk - C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe
C:\Users\Public\Desktop\IXC - Internet Xadrez Clube.lnk - C:\Program Files (x86)\IXC\ixc0266.exe
C:\Users\Public\Desktop\Kobo.lnk - C:\Program Files (x86)\Kobo\Kobo.exe --affiliate kobodesktop
C:\Users\Public\Desktop\LG PC Suite IV.lnk - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LGUX.exe
C:\Users\Public\Desktop\LightScribe.lnk - C:\Program Files (x86)\Common Files\LightScribe\LSLauncher.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Medieval CUE Splitter.lnk - C:\Program Files (x86)\Medieval Software\Medieval CUE Splitter\CUE_Splitter.exe
C:\Users\Public\Desktop\Megacubo.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe
C:\Users\Public\Desktop\Minhateca.lnk - C:\Program Files (x86)\Minhateca.com.br Box\MinhaBox.exe
C:\Users\Public\Desktop\MiniTuner.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe -load:tuner
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Nero 2015.lnk - C:\Windows\Installer\{9D780839-6E97-4E2A-A5F7-711AF221B609}\NeroLauncher.ex_06255901E67449719980557FAA5EC1C6.exe
C:\Users\Public\Desktop\QI Teste.lnk - C:\Program Files (x86)\Tom Software\QI Teste\QITeste.exe
C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Shadow of Chernobyl.lnk - C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
C:\Users\Public\Desktop\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
C:\Users\Public\Desktop\Skype.lnk - C:\WINDOWS\Installer\{6A0549A9-1B96-498C-ACBC-3943001FEB19}\SkypeIcon.exe
C:\Users\Public\Desktop\Stereoscopic Player.lnk - C:\Program Files (x86)\Stereoscopic Player\StereoPlayer.exe
C:\Users\Public\Desktop\Virtual CloneDrive.lnk - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDPrefs.exe
C:\Users\Public\Desktop\Wondershare Dr.Fone para Android.lnk - C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DrFoneAndroid.exe
C:\Users\Public\Desktop\Acrobat Reader DC.lnk - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk - C:\Program Files (x86)\Adobe\Adobe Digital Editions 3.0\DigitalEditions.exe
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\CDBurnerXP.lnk - C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe
C:\Users\Public\Desktop\IXC - Internet Xadrez Clube.lnk - C:\Program Files (x86)\IXC\ixc0266.exe
C:\Users\Public\Desktop\Kobo.lnk - C:\Program Files (x86)\Kobo\Kobo.exe --affiliate kobodesktop
C:\Users\Public\Desktop\LG PC Suite IV.lnk - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LGUX.exe
C:\Users\Public\Desktop\LightScribe.lnk - C:\Program Files (x86)\Common Files\LightScribe\LSLauncher.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Medieval CUE Splitter.lnk - C:\Program Files (x86)\Medieval Software\Medieval CUE Splitter\CUE_Splitter.exe
C:\Users\Public\Desktop\Megacubo.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe
C:\Users\Public\Desktop\Minhateca.lnk - C:\Program Files (x86)\Minhateca.com.br Box\MinhaBox.exe
C:\Users\Public\Desktop\MiniTuner.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe -load:tuner
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Nero 2015.lnk - C:\Windows\Installer\{9D780839-6E97-4E2A-A5F7-711AF221B609}\NeroLauncher.ex_06255901E67449719980557FAA5EC1C6.exe
C:\Users\Public\Desktop\QI Teste.lnk - C:\Program Files (x86)\Tom Software\QI Teste\QITeste.exe
C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Shadow of Chernobyl.lnk - C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
C:\Users\Public\Desktop\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
C:\Users\Public\Desktop\Skype.lnk - C:\WINDOWS\Installer\{6A0549A9-1B96-498C-ACBC-3943001FEB19}\SkypeIcon.exe
C:\Users\Public\Desktop\Stereoscopic Player.lnk - C:\Program Files (x86)\Stereoscopic Player\StereoPlayer.exe
C:\Users\Public\Desktop\Virtual CloneDrive.lnk - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDPrefs.exe
C:\Users\Public\Desktop\Wondershare Dr.Fone para Android.lnk - C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DrFoneAndroid.exe
C:\Users\Public\Desktop\Acrobat Reader DC.lnk - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk - C:\Program Files (x86)\Adobe\Adobe Digital Editions 3.0\DigitalEditions.exe
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\CDBurnerXP.lnk - C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe
C:\Users\Public\Desktop\IXC - Internet Xadrez Clube.lnk - C:\Program Files (x86)\IXC\ixc0266.exe
C:\Users\Public\Desktop\Kobo.lnk - C:\Program Files (x86)\Kobo\Kobo.exe --affiliate kobodesktop
C:\Users\Public\Desktop\LG PC Suite IV.lnk - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LGUX.exe
C:\Users\Public\Desktop\LightScribe.lnk - C:\Program Files (x86)\Common Files\LightScribe\LSLauncher.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Medieval CUE Splitter.lnk - C:\Program Files (x86)\Medieval Software\Medieval CUE Splitter\CUE_Splitter.exe
C:\Users\Public\Desktop\Megacubo.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe
C:\Users\Public\Desktop\Minhateca.lnk - C:\Program Files (x86)\Minhateca.com.br Box\MinhaBox.exe
C:\Users\Public\Desktop\MiniTuner.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe -load:tuner
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Nero 2015.lnk - C:\Windows\Installer\{9D780839-6E97-4E2A-A5F7-711AF221B609}\NeroLauncher.ex_06255901E67449719980557FAA5EC1C6.exe
C:\Users\Public\Desktop\QI Teste.lnk - C:\Program Files (x86)\Tom Software\QI Teste\QITeste.exe
C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Shadow of Chernobyl.lnk - C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
C:\Users\Public\Desktop\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
C:\Users\Public\Desktop\Skype.lnk - C:\WINDOWS\Installer\{6A0549A9-1B96-498C-ACBC-3943001FEB19}\SkypeIcon.exe
C:\Users\Public\Desktop\Stereoscopic Player.lnk - C:\Program Files (x86)\Stereoscopic Player\StereoPlayer.exe
C:\Users\Public\Desktop\Virtual CloneDrive.lnk - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDPrefs.exe
C:\Users\Public\Desktop\Wondershare Dr.Fone para Android.lnk - C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DrFoneAndroid.exe
C:\Users\Public\Desktop\Acrobat Reader DC.lnk - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk - C:\Program Files (x86)\Adobe\Adobe Digital Editions 3.0\DigitalEditions.exe
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\CDBurnerXP.lnk - C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe
C:\Users\Public\Desktop\IXC - Internet Xadrez Clube.lnk - C:\Program Files (x86)\IXC\ixc0266.exe
C:\Users\Public\Desktop\Kobo.lnk - C:\Program Files (x86)\Kobo\Kobo.exe --affiliate kobodesktop
C:\Users\Public\Desktop\LG PC Suite IV.lnk - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LGUX.exe
C:\Users\Public\Desktop\LightScribe.lnk - C:\Program Files (x86)\Common Files\LightScribe\LSLauncher.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Medieval CUE Splitter.lnk - C:\Program Files (x86)\Medieval Software\Medieval CUE Splitter\CUE_Splitter.exe
C:\Users\Public\Desktop\Megacubo.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe
C:\Users\Public\Desktop\Minhateca.lnk - C:\Program Files (x86)\Minhateca.com.br Box\MinhaBox.exe
C:\Users\Public\Desktop\MiniTuner.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe -load:tuner
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Nero 2015.lnk - C:\Windows\Installer\{9D780839-6E97-4E2A-A5F7-711AF221B609}\NeroLauncher.ex_06255901E67449719980557FAA5EC1C6.exe
C:\Users\Public\Desktop\QI Teste.lnk - C:\Program Files (x86)\Tom Software\QI Teste\QITeste.exe
C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Shadow of Chernobyl.lnk - C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
C:\Users\Public\Desktop\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
C:\Users\Public\Desktop\Skype.lnk - C:\WINDOWS\Installer\{6A0549A9-1B96-498C-ACBC-3943001FEB19}\SkypeIcon.exe
C:\Users\Public\Desktop\Stereoscopic Player.lnk - C:\Program Files (x86)\Stereoscopic Player\StereoPlayer.exe
C:\Users\Public\Desktop\Virtual CloneDrive.lnk - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDPrefs.exe
C:\Users\Public\Desktop\Wondershare Dr.Fone para Android.lnk - C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DrFoneAndroid.exe
C:\Users\Public\Desktop\Acrobat Reader DC.lnk - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk - C:\Program Files (x86)\Adobe\Adobe Digital Editions 3.0\DigitalEditions.exe
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\CDBurnerXP.lnk - C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe
C:\Users\Public\Desktop\IXC - Internet Xadrez Clube.lnk - C:\Program Files (x86)\IXC\ixc0266.exe
C:\Users\Public\Desktop\Kobo.lnk - C:\Program Files (x86)\Kobo\Kobo.exe --affiliate kobodesktop
C:\Users\Public\Desktop\LG PC Suite IV.lnk - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LGUX.exe
C:\Users\Public\Desktop\LightScribe.lnk - C:\Program Files (x86)\Common Files\LightScribe\LSLauncher.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Medieval CUE Splitter.lnk - C:\Program Files (x86)\Medieval Software\Medieval CUE Splitter\CUE_Splitter.exe
C:\Users\Public\Desktop\Megacubo.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe
C:\Users\Public\Desktop\Minhateca.lnk - C:\Program Files (x86)\Minhateca.com.br Box\MinhaBox.exe
C:\Users\Public\Desktop\MiniTuner.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe -load:tuner
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Nero 2015.lnk - C:\Windows\Installer\{9D780839-6E97-4E2A-A5F7-711AF221B609}\NeroLauncher.ex_06255901E67449719980557FAA5EC1C6.exe
C:\Users\Public\Desktop\QI Teste.lnk - C:\Program Files (x86)\Tom Software\QI Teste\QITeste.exe
C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Shadow of Chernobyl.lnk - C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
C:\Users\Public\Desktop\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
C:\Users\Public\Desktop\Skype.lnk - C:\WINDOWS\Installer\{6A0549A9-1B96-498C-ACBC-3943001FEB19}\SkypeIcon.exe
C:\Users\Public\Desktop\Stereoscopic Player.lnk - C:\Program Files (x86)\Stereoscopic Player\StereoPlayer.exe
C:\Users\Public\Desktop\Virtual CloneDrive.lnk - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDPrefs.exe
C:\Users\Public\Desktop\Wondershare Dr.Fone para Android.lnk - C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DrFoneAndroid.exe
C:\Users\Public\Desktop\Acrobat Reader DC.lnk - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk - C:\Program Files (x86)\Adobe\Adobe Digital Editions 3.0\DigitalEditions.exe
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\CDBurnerXP.lnk - C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe
C:\Users\Public\Desktop\IXC - Internet Xadrez Clube.lnk - C:\Program Files (x86)\IXC\ixc0266.exe
C:\Users\Public\Desktop\Kobo.lnk - C:\Program Files (x86)\Kobo\Kobo.exe --affiliate kobodesktop
C:\Users\Public\Desktop\LG PC Suite IV.lnk - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LGUX.exe
C:\Users\Public\Desktop\LightScribe.lnk - C:\Program Files (x86)\Common Files\LightScribe\LSLauncher.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Medieval CUE Splitter.lnk - C:\Program Files (x86)\Medieval Software\Medieval CUE Splitter\CUE_Splitter.exe
C:\Users\Public\Desktop\Megacubo.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe
C:\Users\Public\Desktop\Minhateca.lnk - C:\Program Files (x86)\Minhateca.com.br Box\MinhaBox.exe
C:\Users\Public\Desktop\MiniTuner.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe -load:tuner
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Nero 2015.lnk - C:\Windows\Installer\{9D780839-6E97-4E2A-A5F7-711AF221B609}\NeroLauncher.ex_06255901E67449719980557FAA5EC1C6.exe
C:\Users\Public\Desktop\QI Teste.lnk - C:\Program Files (x86)\Tom Software\QI Teste\QITeste.exe
C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Shadow of Chernobyl.lnk - C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
C:\Users\Public\Desktop\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
C:\Users\Public\Desktop\Skype.lnk - C:\WINDOWS\Installer\{6A0549A9-1B96-498C-ACBC-3943001FEB19}\SkypeIcon.exe
C:\Users\Public\Desktop\Stereoscopic Player.lnk - C:\Program Files (x86)\Stereoscopic Player\StereoPlayer.exe
C:\Users\Public\Desktop\Virtual CloneDrive.lnk - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDPrefs.exe
C:\Users\Public\Desktop\Wondershare Dr.Fone para Android.lnk - C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DrFoneAndroid.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Acrobat Reader DC.lnk - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk - C:\Program Files (x86)\Adobe\Adobe Digital Editions 3.0\DigitalEditions.exe
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\CDBurnerXP.lnk - C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe
C:\Users\Public\Desktop\IXC - Internet Xadrez Clube.lnk - C:\Program Files (x86)\IXC\ixc0266.exe
C:\Users\Public\Desktop\Kobo.lnk - C:\Program Files (x86)\Kobo\Kobo.exe --affiliate kobodesktop
C:\Users\Public\Desktop\LG PC Suite IV.lnk - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LGUX.exe
C:\Users\Public\Desktop\LightScribe.lnk - C:\Program Files (x86)\Common Files\LightScribe\LSLauncher.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Medieval CUE Splitter.lnk - C:\Program Files (x86)\Medieval Software\Medieval CUE Splitter\CUE_Splitter.exe
C:\Users\Public\Desktop\Megacubo.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe
C:\Users\Public\Desktop\Minhateca.lnk - C:\Program Files (x86)\Minhateca.com.br Box\MinhaBox.exe
C:\Users\Public\Desktop\MiniTuner.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe -load:tuner
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Nero 2015.lnk - C:\Windows\Installer\{9D780839-6E97-4E2A-A5F7-711AF221B609}\NeroLauncher.ex_06255901E67449719980557FAA5EC1C6.exe
C:\Users\Public\Desktop\QI Teste.lnk - C:\Program Files (x86)\Tom Software\QI Teste\QITeste.exe
C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Shadow of Chernobyl.lnk - C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
C:\Users\Public\Desktop\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
C:\Users\Public\Desktop\Skype.lnk - C:\WINDOWS\Installer\{6A0549A9-1B96-498C-ACBC-3943001FEB19}\SkypeIcon.exe
C:\Users\Public\Desktop\Stereoscopic Player.lnk - C:\Program Files (x86)\Stereoscopic Player\StereoPlayer.exe
C:\Users\Public\Desktop\Virtual CloneDrive.lnk - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDPrefs.exe
C:\Users\Public\Desktop\Wondershare Dr.Fone para Android.lnk - C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DrFoneAndroid.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Grzgori\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - C:\Users\Grzgori\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Grzgori\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk - C:\Users\Grzgori\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Grzgori\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_80662667.lnk - C:\Users\Grzgori\AppData\Local\Temp\_uninst_80662667.bat

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk - C:\WINDOWS\Installer\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configurar Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_91\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Sobre o Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_91\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Verificar Atualizações.lnk -  

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Grzgori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Adobe Digital Editions 3.0.lnk - C:\Program Files (x86)\Adobe\Adobe Digital Editions 3.0\DigitalEditions.exe
C:\Users\Grzgori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Users\Grzgori\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Grzgori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Grzgori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\LG PC Suite IV.lnk - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LGUX.exe
C:\Users\Grzgori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\S.T.A.L.K.E.R. - Shadow of Chernobyl.lnk - C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
C:\Users\Grzgori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\Users\Grzgori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
C:\Users\Grzgori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Grzgori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Grzgori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\WINDOWS\system32\control.exe
C:\Users\Grzgori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9d91276b0be3e46b\pinned.lnk -  
C:\Users\Grzgori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Grzgori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -  
C:\Users\Grzgori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Grzgori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\smidkiwfw\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\smidkiwfw\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\XseVenM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\XseVenM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\XseVenM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\XseVenM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -  
C:\Users\XseVenM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HP MediaSmart.lnk - C:\Program Files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Users\XseVenM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HPAdvisor.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY
C:\Users\XseVenM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\XseVenM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Grzgori\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Grzgori\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Users\XseVenM\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Grzgori\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Grzgori\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Users\XseVenM\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Grzgori\AppData\Local\Mozilla\Firefox\Profiles\515hff3n.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Grzgori\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== Reset WMI ======================

O servi‡o de Testador de instrumenta‡Æo de gerenciam. do Windows est  sendo finalizado .
O servi‡o de Testador de instrumenta‡Æo de gerenciam. do Windows foi finalizado com ˆxito.

C:\WINDOWS\system32\wbem\repository renamed to repository.old
C:\WINDOWS\syswow64\wbem\repository renamed to repository.old

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Grzgori\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 08/07/2016 at  5:58:27,42 ======================

 

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Grzgori

 

Desative temporariamente seu Antivírus

 

  • Segure o botão Ctrl e clique neste link para abrir o ESET Online Scanner em uma nova janela.
  • Clique neste botão: j9Byf.png?1
  • Para navegadores alternativos: (Caso use o Internet Explorer, pule esta etapa)esetsmartinstaller_enu.png
    • Clique em esetsmartinstaller_enu.exe para baixar o ESET Smart Intaller. Salve-o em seu desktop.
    • Duplo clique no ícone em seu desktop.
  • Marque "YES, I accept the Terms of Use."
  • Clique em Start.
  • Aceite qualquer aviso de segurança de seu browser.
  • Marque: "Enable detection of potentially unwanted applications"
  • Clique em Hide Advanced settings e marque o seguinte:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Clique Change e marque também a caixa Computador.
  • Clique em Start.
  • Ele vai atualizar por conta própria, e escanear o computador. Tenha paciência, o processo pode demorar horas.
  • Quando o scan terminar, clique em List of found threats
  • Clique em Export to text file e salve o log na sua área de trabalho.
  • Clique em Back.
  • Clique em Finish.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa tarde Carlos

 

Não foi possível gerar o Log, talvez porque não foi encontrado nada. Aqui vai as imagens da tela do programa.

 

esets1.jpg

 

esets2.jpg

 

Assim somente a opção quarentena está disponível, no qual tem esse conteúdo:

 

esetq1.jpg

 

esetq2.jpg

 

Estou mantendo o ESET Online Scaner aberto pra novas instruções!

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Grzgori

 

Baixe Security Check, by glax24 e salve em sua Área de trabalho (Desktop).

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • Aguarde enquanto a ferramenta faz o exame.
  • Ao final abrirá um log: SecurityCheck.txt.
  • Este log é salvo em C: (Disco local) na pasta SecurityCheck que foi criada.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia, aqui vai o log gerado:

 

SecurityCheck by glax24 & Severnyj v.1.4.0.40 [21.05.16]
WebSite: www.safezone.cc
DateLog: 10.07.2016 11:27:22
Path starting: C:\Users\Grzgori\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Grzgori
VersionXML: 3.20is-08.07.2016
___________________________________________________________________________

Windows 10(6.3.10240) (x64) Core Lang: Portuguese(0416)
Installation date OS: 07.08.2015 08:39:39
LicenseStatus: Windows(R), Core edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
SystemDrive: C: FS: [NTFS] Capacity: [451.1 Gb] Used: [443.3 Gb] Free: [7.8 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.10240.16942 Warning! Download Update
Online installation. Last version available when Windows update is enabled throught the Internet.
User Account Control enabled
Notify of download and installation
Windows Update (wuauserv) - The service is running
Central de Segurança (wscsvc) - The service is running
Registro remoto (RemoteRegistry) - The service has stopped
Descoberta SSDP (SSDPSRV) - The service is running
Serviços de Área de Trabalho Remota (TermService) - The service has stopped
Serviço de Publicação da World Wide Web (W3SVC) - The service is running
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
------------------------------ [ MS Office ] ------------------------------
Microsoft Office 2010 x86 v.14.0.7015.1000
---------------------------- [ Firewall_WMI ] -----------------------------
Firewall pessoal da ESET (enabled)
--------------------------- [ AntiSpyware_WMI ] ---------------------------
ESET Smart Security 8.0 (disabled and out of date)
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware versão 2.2.0.1024 v.2.2.0.1024
--------------------------- [ OtherUtilities ] ----------------------------
Microsoft Silverlight v.5.1.41212.0 Warning! Download Update
WinRAR 4.01 (32-bit) v.4.01.0 Warning! Download Update
--------------------------------- [ IM ] ----------------------------------
Skype™ 7.13 v.7.13.101 Warning! Download Update
^Optional update.^
--------------------------------- [ P2P ] ---------------------------------
BitTorrent v.7.9.7.42331 Warning! P2P-client.
--------------------------------- [ SPY ] ---------------------------------
Spyrix Free Keylogger 8.0 v.8.0 Warning! Spyware!.
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 91 v.8.0.910.14 Warning! Download Update
Uninstall old version and install new one (jre-8u92-windows-i586.exe).
--------------------------- [ AdobeProduction ] ---------------------------
Adobe AIR v.1.5.0.7220 Warning! Download Update
Adobe Flash Player 22 NPAPI v.22.0.0.192
Adobe Shockwave Player 12.1 v.12.1.2.152 Warning! Download Update
Adobe Acrobat Reader DC - Português v.15.016.20045
Adobe Shockwave Player v.11.5.1.601 Warning! Download Update
------------------------------- [ Browser ] -------------------------------
Google Chrome v.51.0.2704.103 Warning! Download Update
Mozilla Firefox 47.0 (x86 pt-BR) v.47.0 Warning! Download Update
----------------------------- [ EmailClient ] -----------------------------
Windows Live Mail v.16.4.3528.0331
------------------ [ AntivirusFirewallProcessServices ] -------------------
C:\Program Files\ESET\ESET Smart Security\egui.exe v.8.0.312.0
ESET Service (ekrn) - The service is running
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe v.8.0.312.0
Serviço Windows Defender (WinDefend) - The service has stopped
Serviço de Inspeção de Rede do Windows Defender (WdNisSvc) - The service has stopped
----------------------------- [ End of Log ] ------------------------------

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ok,

 

Para finalizar:

 

# Etapa nº 1 #

 

Baixe o Delfix by Xplode e salve na sua área de trabalho.

 

Clique duas vezes no delfix.exe para executá-lo. Marque as caixas conforme imagem.

 

** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo delfix.exe, depois clique em execadmin.png.

 

2mez6ld.png

 

Clique no botão Executar.

 

Ao final será gerado um log, mas não é necessário postar.
 
# Etapa nº 2 #
 
imageproxy.php?img=http%3A%2F%2Fi65.tiny Versões antigas de programas têm vulnerabilidades que alguns malwares podem usar para infectar o seu sistema.
 
Por isso, é recomendável atualizar os programas que o Security Check apontou como desatualizados (os updates opcionais ficam ao seu critério).
 
Basta clicar no Download Update de cada aviso, que irá para o site do desenvolvedor.

<<@>> Mantenha sempre seu Windows atualizado; mantenha uma vigilância constante com o firewall e antivírus e por fim, lembre-se que, a melhor forma de prevenir começa pelas nossas atitudes!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite, obrigado pela ajuda até aqui,

 

Realizei os procedimentos e conseguir atualizar quase todos com exceção do Internet Explorer, que nem no site nem no aplicativo atualiza.

 

Bem, mas o problema do usuário que é criado automaticamente ainda está acontecendo. Exclui a conta mas ao reiniciar o  Note, ele reaparece. Deve ser imortal.

 

Há algo que ainda possa ser feito?

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×