Este fórum foi descontinuado. LEIA AQUI e participe da Comunidade BABOO :)

Ir para conteúdo
turca

Analise de log

Mensagem Recomendada

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 10:24:08, on 17/07/2015

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17909)

Boot mode: Normal

 

Running processes:

C:\Windows\System32\smss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe

C:\PROGRA~1\GbPlugin\GbpSv.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\svchost.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Program Files\MoboRobo\MoboroboDeviceService.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe

C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe

C:\Windows\system32\svchost.exe

C:\Program Files\TeamViewer\TeamViewer_Service.exe

C:\Program Files\Diebold\Warsaw\core.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\SAMSUNG\Kies\KiesTrayAgent.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\AVAST Software\Avast\avastui.exe

C:\Program Files\Diebold\Warsaw\core.exe

C:\Windows\system32\GWX\GWX.exe

C:\Program Files\CCleaner\CCleaner.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\SAMSUNG\Kies\Kies.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe

C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\mmc.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe

C:\Windows\system32\conhost.exe

C:\Program Files\iTunes\iTunes.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\ATH.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileBackup.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\taskmgr.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\TURCA\Desktop\HijackThis.exe

C:\Windows\System32\WUDFHost.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files\GbPlugin\gbiehuni.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

O4 - HKLM\..\Run: [Diebold - Warsaw] C:\Program Files\Diebold\Warsaw\core.exe

O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe

O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: www.google.com.br

O15 - Trusted Zone: www.itau.b.br

O15 - Trusted Zone: *.itau.b.br

O15 - Trusted Zone: bankline.itau.com.br

O15 - Trusted Zone: banklineplus.itau.com.br

O15 - Trusted Zone: clickbanking.itau.com.br

O15 - Trusted Zone: guardiao.itau.com.br

O15 - Trusted Zone: www.itau.com.br

O15 - Trusted Zone: http://www.itau.com.br

O15 - Trusted Zone: *.itau.com.br

O15 - Trusted Zone: www.itaupersonnalite.com.br


O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - Winlogon Notify:  GbPluginUni - C:\Program Files\GbPlugin\gbiehUni.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Avast antivírus (avast! antivírus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe

O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe

O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

O23 - Service: Moborobo Device Service (MoboroboDeviceService) - Unknown owner - C:\Program Files\MoboRobo\MoboroboDeviceService.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: PST Service - Motorola - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe

O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe

O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe

O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe

 

--

End of file - 11257 bytes

 

 

valeu desde já!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Baixe o Novo Malwarebytes'Anti-Malware (MBAM)

Salve ou imprima estas instruções:

Dê um duplo-clique no mbam-setup.exe, escolha a linguagem.

Antes de concluir a instalação, desmarque a opção “Ativar trial gratuito do Malwarebytes Anti-Malware PRO”

Verifique se as caixas Atualizar Malwarebytes Anti-Malware e Executar Malwarebytes Anti-Malware estão marcadas e clique então, em Concluir. Se houver Atualizações a serem feitas, serão baixadas e instaladas.

Clique em Settings e no campo Language mude para Portuguese (Brasil).

Ainda na tela de Configurações clique em Detecção e proteção, marque "Verificar por Rootkits". Em "Detecções PUP" (programas potencialmente indesejados):, selecione "Tratar detecções como Malware".

Clique em Verificar e em seguida Verificar ameaça, clique em Verificar Agora.

Começará então o exame. Aguarde, pois pode demorar........

Ao acabar o exame, se houver itens encontrados, clique no botão "Mover todos para a Quarentena"..

Clique em Aplicar Ações

O Log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Histórico -> Logs de aplicativos > Log de Verificação , na janela principal do Programa. Utilize o formato .txt para exportar o Log. Poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo)

Selecione, copie e cole o conteúdo do Log do MBAM na sua próxima resposta + um novo Log do HijackThis .

NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar.


assinatura-mrmillion.png65301516_windows-insider-mvp-logo(Custom).png.36263cb7b506cc6935fb37f39e504cec.png

Compartilhar este post


Link para o post
Compartilhar em outros sites
Malwarebytes Anti-Malware

www.malwarebytes.org

 

Data da verificação: 17/07/2015

Hora da verificação: 10:38

Arquivo de registro: 

Administrador: Sim

 

Versão: 2.1.8.1057

Banco de dados de malware: v2015.07.17.03

Banco de dados de rootkit: v2015.07.16.01

Licença: Gratuita

Proteção contra malware: Desabilitado

Proteção contra website malicioso: Desabilitado

Autoproteção: Desabilitado

 

Sistema operacional: Windows 7 Service Pack 1

CPU: x86

Sistema de arquivos: NTFS

Usuário: TURCA

 

Tipo de verificação: Verificação da ameaça

Resultado: Concluído

Objetos verificados: 406169

Tempo decorrido: 1 hr, 11 min, 7 seg

 

Memória: Habilitado

Inicialização: Habilitado

Sistema de arquivos: Habilitado

Arquivos compactados: Habilitado

Rootkits: Habilitado

Heurística: Habilitado

PUP: Habilitado

PUM: Habilitado

 

Processos: 0

(Nenhum item malicioso detectado)

 

Módulos: 0

(Nenhum item malicioso detectado)

 

Chaves de registro: 0

(Nenhum item malicioso detectado)

 

Valores de registro: 0

(Nenhum item malicioso detectado)

 

Dados de registro: 0

(Nenhum item malicioso detectado)

 

Pastas: 0

(Nenhum item malicioso detectado)

 

Arquivos: 2

HackTool.Snadboy, C:\Program Files\SnadBoy's Revelation v2\Revelation.exe, Quarentena, [4394b929dbaffb3bef269ba17f869a66], 

PUP.PWSTool.SnadBoy, C:\Program Files\SnadBoy's Revelation v2\RevelationHelper.dll, Quarentena, [faddca18b4d62b0bdb13bd3926db9967], 

 

Setores físicos: 0

(Nenhum item malicioso detectado)

 

 

(end)

 

 

 

 


Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:56:28, on 17/07/2015

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17909)

Boot mode: Normal

 

Running processes:

C:\Windows\System32\smss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\svchost.exe

C:\PROGRA~1\GbPlugin\GbpSv.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Program Files\MoboRobo\MoboroboDeviceService.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe

C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe

C:\Windows\system32\svchost.exe

C:\Program Files\TeamViewer\TeamViewer_Service.exe

C:\Program Files\Diebold\Warsaw\core.exe

C:\Windows\System32\svchost.exe

C:\Program Files\SAMSUNG\Kies\KiesTrayAgent.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\AVAST Software\Avast\avastui.exe

C:\Program Files\Diebold\Warsaw\core.exe

C:\Program Files\CCleaner\CCleaner.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\SAMSUNG\Kies\Kies.exe

C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe

C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe

C:\Windows\system32\GWX\GWX.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe

C:\Windows\System32\WUDFHost.exe

C:\Windows\system32\sppsvc.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\System32\svchost.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\mmc.exe

C:\Program Files\iTunes\iTunes.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\TURCA\Desktop\HijackThis.exe

C:\Windows\System32\svchost.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files\GbPlugin\gbiehuni.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

O4 - HKLM\..\Run: [Diebold - Warsaw] C:\Program Files\Diebold\Warsaw\core.exe

O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe

O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: www.google.com.br

O15 - Trusted Zone: www.itau.b.br

O15 - Trusted Zone: *.itau.b.br

O15 - Trusted Zone: bankline.itau.com.br

O15 - Trusted Zone: banklineplus.itau.com.br

O15 - Trusted Zone: clickbanking.itau.com.br

O15 - Trusted Zone: guardiao.itau.com.br

O15 - Trusted Zone: www.itau.com.br

O15 - Trusted Zone: http://www.itau.com.br

O15 - Trusted Zone: *.itau.com.br

O15 - Trusted Zone: www.itaupersonnalite.com.br


O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - Winlogon Notify:  GbPluginUni - C:\Program Files\GbPlugin\gbiehUni.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Avast antivírus (avast! antivírus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe

O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe

O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

O23 - Service: Moborobo Device Service (MoboroboDeviceService) - Unknown owner - C:\Program Files\MoboRobo\MoboroboDeviceService.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: PST Service - Motorola - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe

O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe

O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe

O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe

 

--

End of file - 10823 bytes

 

 

Valeu mais uma vez

Compartilhar este post


Link para o post
Compartilhar em outros sites

Desabilite o seu Antivírus, AntiSpyware e Firewall para não haver conflitos. Mantenha-os desativados até terminar as instruções

Download AdwCleaner dlsymb.jpg

Salve-o no Desktop. (Área de Trabalho)

Execute o adwcleaner.exe

OBS: Usuários do Windows Vista, 7, 8 ou 8.1, clicar com o botão direito do mouse no arquivo e selecionar: run_as_adm1.png

AdwCleanerMobile_zps74904f3e.jpg

Clique [scan e depois em Clean]

Salve o Log criado.

Donload 1268r49.png Salve no seu Desktop (Área de trabalho).

Dê um duplo-clique para executar o Junkware Removal Tool (JRT)

* No Windows Vista e Windows 7, 8 ou 8.1:

Clique com o botão direito do mouse sobre o JRT.exe e selecione run_as_adm1.png

A Ferramenta começará o exame do seu Sistema. Tenha paciência pois pode demorar um pouco, dependendo da quantidades de ítens a serem examinados.

Ao final, um Log se abrirá e salvo no Desktop com o nome de JRT.txt.

Selecione, copie e cole o conteúdo deste Log na sua próxima resposta + o Log do AdwCleaner e um novo Log do HijackThis.


assinatura-mrmillion.png65301516_windows-insider-mvp-logo(Custom).png.36263cb7b506cc6935fb37f39e504cec.png

Compartilhar este post


Link para o post
Compartilhar em outros sites
# AdwCleaner v4.208 - Relatório criado 20/07/2015 às 16:50:27

# Atualizado 09/07/2015 por Xplode

# Base de dados : 2015-07-15.1 [servidor]

# Sistema operacional : Windows 7 Ultimate Service Pack 1 (x86)

# Usuário : TURCA - ASSISTENCIA

# Executando de : C:\Users\TURCA\Desktop\AdwCleaner.exe

# Opção : Limpar

 

***** [ Serviços ] *****

 

 

***** [ Arquivos / Pastas ] *****

 

Arquivo Excluído : C:\Program Files\Mozilla Firefox\defaults\pref\itms.js

Arquivo Excluído : C:\Users\TURCA\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_secure.claro.com.br_0.localstorage

Arquivo Excluído : C:\Users\TURCA\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_secure.claro.com.br_0.localstorage-journal

 

***** [ Tarefas agendadas ] *****

 

 

***** [ Atalhos ] *****

 

 

***** [ Registro ] *****

 

Chave Apagado : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}

Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}

Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}

Chave Apagado : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Chave Apagado : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}

Chave Apagado : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}

Chave Apagado : HKCU\Software\Myfree Codec

Chave Apagado : HKLM\SOFTWARE\Myfree Codec

Dados Apagado : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

 

***** [ Navegadores ] *****

 

-\\ Internet Explorer v11.0.9600.17909

 

 

-\\ Mozilla Firefox v39.0 (x86 pt-BR)

 

 

-\\ Google Chrome v43.0.2357.134

 

[C:\Users\TURCA\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Apagado [search Provider] : hxxp://idg.receita.fazenda.gov.br/@@busca?SearchableText={searchTerms}

 

*************************

 

AdwCleaner[R0].txt - [1039 bytes] - [13/06/2015 11:52:40]

AdwCleaner[R1].txt - [2290 bytes] - [20/07/2015 16:41:19]

AdwCleaner[s0].txt - [1092 bytes] - [13/06/2015 11:53:26]

AdwCleaner[s1].txt - [2169 bytes] - [20/07/2015 16:50:27]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [2228  bytes] ##########

 

 

 


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes

Version: 7.5.1 (07.16.2015:1)

OS: Windows 7 Ultimate x64

Ran by TURCA on 20/07/2015 at 17:14:32,90

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Tasks

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

Failed to delete: [Folder] C:\Program Files\gbplugin

Successfully deleted: [Folder] C:\Program Files\myfree codec

Successfully deleted: [Folder] C:\ProgramData\gbplugin

 

 

 

~~~ Chrome

 

 

[C:\Users\TURCA\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

 

[C:\Users\TURCA\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

 

[C:\Users\TURCA\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

 

[C:\Users\TURCA\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:

[]

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 20/07/2015 at 17:19:19,20

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 


Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 17:23:11, on 20/07/2015

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17909)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\AVAST Software\Avast\avastui.exe

C:\Program Files\CCleaner\CCleaner.exe

C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\TURCA\Desktop\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files\GbPlugin\gbiehuni.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

O4 - HKLM\..\Run: [Diebold - Warsaw] C:\Program Files\Diebold\Warsaw\core.exe

O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe

O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: www.google.com.br

O15 - Trusted Zone: www.itau.b.br

O15 - Trusted Zone: *.itau.b.br

O15 - Trusted Zone: bankline.itau.com.br

O15 - Trusted Zone: banklineplus.itau.com.br

O15 - Trusted Zone: clickbanking.itau.com.br

O15 - Trusted Zone: guardiao.itau.com.br

O15 - Trusted Zone: www.itau.com.br

O15 - Trusted Zone: http://www.itau.com.br

O15 - Trusted Zone: *.itau.com.br

O15 - Trusted Zone: www.itaupersonnalite.com.br


O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - Winlogon Notify:  GbPluginUni - C:\Program Files\GbPlugin\gbiehUni.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Avast antivírus (avast! antivírus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe

O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe

O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

O23 - Service: Moborobo Device Service (MoboroboDeviceService) - Unknown owner - C:\Program Files\MoboRobo\MoboroboDeviceService.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: PST Service - Motorola - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe

O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe

O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe

O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe

 

--

End of file - 9290 bytes

  valeu novamente

Compartilhar este post


Link para o post
Compartilhar em outros sites

Download Zoek

Descompacte o Arquivo Zoek.exe para Área de Trabalho (Desktop)

Execute-o e copie e cole as linhas abaixo no espaço do Zoek

createsrpoint;

autoclean;

resetieproxy;

resethosts;

iedefaults;

chrdefaults;

emptyCHRcache;

ffdefaults;

firefoxlook;

emptyalltemp;

shortcutfix;

Feche o seu Navegador e clique Run Script

(Durante o Scan a mensagem abaixo será apresentada. Aguarde o término, pode demorar um pouquinho.....

Zoek.exe is running now.

Do not start any browser windows, they will be closed automatically.

Please wait! This window will close when finished.

A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log

Caso seja solicitada a Reinicialização do PC, clique em OK .

Poste o Relatório gerado + um novo Log do HijackThis.


assinatura-mrmillion.png65301516_windows-insider-mvp-logo(Custom).png.36263cb7b506cc6935fb37f39e504cec.png

Compartilhar este post


Link para o post
Compartilhar em outros sites
 

Zoek.exe v5.0.0.0 Updated 04-May-2015

Tool run by TURCA on 21/07/2015 at  9:51:30,17.

Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\TURCA\Desktop\zoek.exe [scan all users] [script inserted] 

 

==== System Restore Info ======================

 

21/07/2015 09:58:28 Zoek.exe System Restore Point Created Successfully.

 

==== Reset Hosts File ======================

 

# Copyright © 1993-2006 Microsoft Corp. 


# This is a sample HOSTS file used by Microsoft TCP/IP for Windows. 


# This file contains the mappings of IP addresses to host names. Each 

# entry should be kept on an individual line. The IP address should 

# be placed in the first column followed by the corresponding host name. 

# The IP address and the host name should be separated by at least one 

# space. 


# Additionally, comments (such as these) may be inserted on individual 

# lines or following the machine name denoted by a '#' symbol. 


# For example: 


#      102.54.94.97     rhino.acme.com          # source server 

#       38.25.63.10     x.acme.com              # x client host 

 

# localhost name resolution is handled within DNS itself. 

127.0.0.1       localhost 

::1             localhost 

 

==== Empty Folders Check ======================

 

C:\Users\TURCA\AppData\Local\pangu deleted successfully

 

==== Deleting CLSID Registry Keys ======================

 

 

==== Deleting CLSID Registry Values ======================

 

 

==== Deleting Services ======================

 

 

==== FireFox Fix ======================

 

Deleted from C:\Users\TURCA\AppData\Roaming\Mozilla\Firefox\Profiles\oxn04pzv.default\prefs.js:

 

Added to C:\Users\TURCA\AppData\Roaming\Mozilla\Firefox\Profiles\oxn04pzv.default\prefs.js:

user_pref("browser.startup.homepage", "about:home");

user_pref("browser.newtab.url", "about:newtab");

 

ProfilePath: C:\Users\TURCA\AppData\Roaming\Mozilla\Firefox\Profiles\oxn04pzv.default

 

user.js not found

---- Lines browser.startup.page removed from prefs.js ----

user_pref("browser.startup.page", 3);

---- FireFox user.js and prefs.js backups ---- 

 

prefs_072015_1014_.backup

 

==== Deleting Files \ Folders ======================

 

C:\Program Files\Arquivos Comuns deleted

C:\Users\TURCA\AppData\Local\Aplicativo Itau deleted

C:\Users\TURCA\.android deleted

C:\Program Files\SnadBoy's Revelation v2 deleted

C:\Program Files\Wondershare deleted

C:\Program Files\Common Files\Wondershare deleted

C:\Users\TURCA\AppData\Roaming\Wondershare deleted

C:\PROGRA~2\ISTask.dll deleted

C:\Users\TURCA\AppData\Local\Wondershare deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted

C:\Windows\system32\config\systemprofile\Searches deleted

C:\Users\TURCA\AppData\Roaming\Mozilla\Firefox\Profiles\oxn04pzv.default\extensions\firefox@mega.co.nz.xpi deleted

 

==== Firefox Start and Search pages ======================

 

ProfilePath: C:\Users\TURCA\AppData\Roaming\Mozilla\Firefox\Profiles\oxn04pzv.default

user_pref("browser.startup.homepage", "about:home");

user_pref("browser.newtab.url", "about:newtab");

 

==== Firefox Extensions Registry ======================

 

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [21/07/2015 09:45]

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [19/06/2015 13:29]

 

==== Firefox Extensions ======================

 

ProfilePath: C:\Users\TURCA\AppData\Roaming\Mozilla\Firefox\Profiles\oxn04pzv.default

- Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

- DownThemAll - %ProfilePath%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi

 

AppDir: C:\Program Files\Mozilla Firefox

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

 

==== Firefox Plugins ======================

 

Profilepath: C:\Users\TURCA\AppData\Roaming\Mozilla\Firefox\Profiles\oxn04pzv.default

0A1788EE70EF444DABA1E958092F4B85 - C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll - Adobe Acrobat

1F352B5944AF5C2204D9EFF7F845C5AF - C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll - Google Update

CA808688B28D12B368F9A511FC5E3697 - C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll - Java Platform SE 8 U45

B28862688B70415A3C0C5DCC8B242388 - C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.450.15

46A59E6F7F7C1679AC7C4655E055326D - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector

 

 

==== Chromium Look ======================

 

Google Chrome Version: 43.0.2357.134

 

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx[22/06/2015 15:17]

gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[22/06/2015 15:17]

 

Avast SafePrice - TURCA\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck

Avast Online Security - TURCA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

 

==== Chromium Startpages ======================

 

C:\Users\TURCA\AppData\Local\Google\Chrome\User Data\Default\Preferences

80NAkfzx0gHyVS+p1Zow+1FzLMu9PiGwwFyN80HIB7GI/dIa0wC9K/2OrrzcHEhVH96DacTtWQqjfDVtZPjT7Xwv23dgoWcpbkRC86jMJot3dmX9xnn0KzoVc9gDOHSIkBLbkkr6Sp3LGXCCM4L0DJgxdFwaLr5WBzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/gcm","https://www.googleapis.com/auth/googlenow"]},"optional_permissions":["background"],"permissions":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate","*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/chromenow/v1/*","https://*.googleapis.com/gcm/*","https://*.googleusercontent.com/*"],"version":"1.2.0.1"},"path":"C:\\Program Files\\Google\\Chrome\\Application\\43.0.2357.124\\resources\\google_now","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"pjkljhegncpnkpknbcohdijeoejaedia":{"ack_external":true,"active_permissions":{"api":["notifications"],"manifest_permissions":[]},"app_launcher_ordinal":"x","commands":{},"content_settings":[],"creation_flags":137,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13078615222100400","lastpingday":"13081935602941200","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"pt_BR","default_locale":"en","description":"E-mail rápido e pesquisável com menos spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false}}},"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"390796BB79E989A4D1EDDC4C232D7FE7850022EB74FB4019A042BEDE344D2E7E"},"default_search_provider":{"keyword":"347207AE45F225F183ED12BD5F1C5765C3F56435A93A175A678F542F3AD4E084","name":"6EB9F295A9413E9758DAEA93CCF6A1881F91AB629059AEAE016F02AF07200E7A","search_url":"43F308864F98C23A835E36FFA1EC2F97D80AA0F9316A52A1E739693F9ABFDB4F"},"default_search_provider_data":{"template_url_data":"EDD9D3D08C6404181E31E271920B87DAC413F8A56F301C848C527C589805A826"},"extensions":{"settings":{"aapocclcgogkmnckokdopfmhonfmgoek":"8895A27C08C7D5B8DB0D8B6E94638711920BBD3383FD38B463389352E3153C5E","ahfgeienlihckogmohjhadlkjgocpleb":"E409049C6002F38E9EF67C23B8924D3892A7A3DF83ECB78F0DDBB9B898672F9B","aohghmighlieiainnegkcijnfilokake":"7701A7BA122314EE950F2668A1C17ACF5B29AB248A4C816018790F30024E062F","apdfllckaahabafndbhieahigkjlhalf":"FFC9C416184D44C0DFC5D57C1F8C8A489BA717AB952DBFF43071285D72765233","bepbmhgboaologfdajaanbcjmnhjmhfn":"EA867A9481E7FB7E43C9E795989AB320AD85E14B6C3B95E0148FD072E92D9133","blpcfgokakmgnkcojhhkbfbldkacnbeo":"8E15343121271BF059DDD10A3FB0148B62EEDB1D56EE1BB1CAB5EB3793D92818","coobgpohoikkiipiblmjeljniedjpjpf":"B006FB8D61CC4B36F3F6BBFD95B36FBA147D63408216235E9DA2134671662B85","eemcgdkfndhakfknompkggombfjjjeno":"1A945A54A2708970BB813F44753BE46322D95892C55B08E24C58E18B4BF1102F","ennkphjdgehloodpbhlhldgbnhmacadg":"344AD381AB394443DF5D4287C80CE546198B7308907BC9E04AC49ED8E1DC398D","eofcbnmajmjmplflapaojjnihcjkigck":"16382E5CFE74759D0A369C6FBB1A9D37C6182ED68C47D9F30D83099C2B9FDDD2","felcaaldnbdncclmgdcncolpebgiejap":"6CD4805C5C91750A5415B14D5F2E233BEAC86FA5B2B5175363FED8595F1858D4","gfdkimpbcpahaombhbimeihdjnejgicl":"7A09E700CEA438DAD505719A06B1D104608169731500BCC23925676A04F1F03D","gomekmidlodglbbmalcneegieacbdmki":"577E0D33DDCB55F11D9EC7BE776BE1F502530A62A6F6CFD1A77FE8610FCE2DC7","kmendfapggjehodndflmmgagdbamhnfd":"7D84DACDD196D5913CE762579FF1A89EE3BFBB5B30196804C29B632F2E2D228A","lccekmodgklaepjeofjdjpbminllajkg":"6C0998E3836F45EFBB85ED24F448F98DB8386624513CB4748B35B5045EEAB1A4","mfehgcgbbipciphmccgaenjidiccnmng":"94F0308D382C3C961EAD997C8CAE99DD24EE957D19840EDFB4725C403657DDB4","mfffpogegjflfpflabcdkioaeobkgjik":"2067BDA3506265E027A3CCF2DE27596582EA3BF6EB86D621F409B0D1D36B663B","mgndgikekgjfcpckkfioiadnlibdjbkf":"F48298D76CD57D16D07A7B0EF538488656893496B4F03F8CA82F8C2E7E70312F","mhjfbmdgcfjbbpaeojofohoefgiehjai":"B5B1CDE6463FE878282AADBA1DEEC0CFE40D2D3095834DAECF3B8A7AEC4ED568","nbpagnldghgfoolbancepceaanlmhfmd":"735EE6D7EA74ED545734CD9BBA7837500DEDCF27EFCCB1570D46C3681DE4CE40","neajdppkdcdipfabeoofebfddakdcjhd":"0F3D8E4B01CC078BA53E79BC20DF34E3120260368036AD0C5028FE3E3EAD76C5","nkeimhogjdpnpccoofpliimaahmaaome":"D16B9431CA89D9F87C4ED9A392334AD6019B310A9F6F6D0C107F4C277151BE1E","nmmhkkegccagdldgiimedpiccmgmieda":"2A4375322AC4200354D371081F933052C41668ACFAC10C8345D98CD716D8A16A","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"D3D5F18C1B56CCCDB8A99EF9233F6CAC85E613823E6C745838774A730C2A87E7","pjkljhegncpnkpknbcohdijeoejaedia":"2E8F453636ACD430D6BBD0432D415EF9F9715C140C59AA837347A0178040FBF0"}},"google":{"services":{"last_username":"04E291DC57B489B89E9EDDEC8D0E70CBA8C671E21BAF84DBDCAF2AFFFE798893","username":"BFED2E762B306753365DEAB92F3A78F55AB9FF714B14D055A8204957D780E3A9"}},"homepage":"618B6854A10E6FF7D15DC282BEA3B79A8532A8D372BB5677D76180C4D8B2B000","homepage_is_newtabpage":"859AC3B6841B942EA8E9A16D6653E8A0A0DA80FF9CEFC66898CB350AAC3DB3F7","pinned_tabs":"D847F3BC44940184F92F4CAE7733F616D640C07B42FC4DD602DFF361ACA94D3E","prefs":{"preference_reset_time":"2815C8BD2C21C68413446C9920CABF527FFA7F8B596549185B7238F7176AD058"},"profile":{"reset_prompt_memento":"2F7CE0F4A78465B545277519F8EE3579620A3B2E9B03328CEDB79CF72A5029DA"},"safebrowsing":{"incidents_sent":"7911AFA5607EA8D0379A3FA5F4B7E50743010749006014295EDFD87C2FDCBD6B"},"search_provider_overrides":"C5BA2045A477FD9C9FE4F57C2B37FB73DA69027757DC763F1A20538BEDC41C41","session":{"restore_on_startup":"89B1C7CBE4078C9D183495B891379E8C6E3455729D45FAF976ADA68808269E34","startup_urls":"77DE2E085C78512A66E467C1BC38BDF54756BA717752482C32A427316DD17408"},"software_reporter":{"prompt_reason":"C76186CBDE305DB1E621B0068C200DDEAC3B5C5DC9AA1ED951FEB297109F5E2E","prompt_seed":"3138F8AAD3DCCE88B12BA2D6567411041A7BCB23B941FCBE593C87B6797975B0","prompt_version":"4DCCC3899BDB17666E492E55BB2E25DA6EA57445FDF2A24CD6922BF49CA09AE2"},"sync":{"remaining_rollback_tries":"6213DA96D4CEAD01790D88FBAD48B13980F2805DE19E8F145870DDD57DE475E1"}},"super_mac":"8DFAEBAC55B582194379439929B0751CA9DC0BC4312BB25749ACFCCE814D7F3D"},"session":{"restore_on_startup":1}}

 

 

==== Chromium Fix ======================

 

C:\Users\TURCA\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pt.savefrom.net_0.localstorage deleted successfully

C:\Users\TURCA\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pt.savefrom.net_0.localstorage-journal deleted successfully

C:\Users\TURCA\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully

C:\Users\TURCA\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully

 

==== Set IE to Default ======================

 

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]


"Old Start Page"="http://www.google.com"

 

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]



 

==== All HKCU SearchScopes ======================

 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

 

==== Reset Google Chrome ======================

 

C:\Users\TURCA\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\TURCA\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully

C:\Users\TURCA\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

C:\Users\TURCA\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

 

==== shortcuts on Users Desktops ======================

 

C:\Users\TURCA\Desktop\ANAT.lnk - C:\ANAT2\NAT.exe 

C:\Users\TURCA\Desktop\ASANSAM QCN.lnk - C:\ASANSAM2\ASANQCN.exe 

C:\Users\TURCA\Desktop\ASANSAM.lnk - C:\ASANSAM2\ASANSAM.exe 

C:\Users\TURCA\Desktop\ASF.lnk - C:\ASF3\ASF.exe 

C:\Users\TURCA\Desktop\Atentication - Atalho.lnk - E:\Datweb\Atentication.exe 

C:\Users\TURCA\Desktop\AvatorBox.lnk - C:\Avator-Dongle\Avatorbox_Ver7.901\AvatorBox.exe 

C:\Users\TURCA\Desktop\Backup - Atalho.lnk - C:\Users\TURCA\AppData\Roaming\Apple Computer\MobileSync\Backup 

C:\Users\TURCA\Desktop\DataPro.exe - Atalho.lnk - C:\PROGRAMAS\MERAPI\Datapro\DataPro.exe 

C:\Users\TURCA\Desktop\DCTxBB5.lnk - C:\Program Files\Nokia\Phoenix\DCTxBB5.exe 

C:\Users\TURCA\Desktop\GadgetWide Tool.lnk - C:\Users\TURCA\AppData\Roaming\Microsoft\Installer\{6147344A-2A3D-4CE0-9F09-E99CE1C45573}\_72b9511f.exe 

C:\Users\TURCA\Desktop\GPGeMMC.lnk - C:\PROGRAMAS\GPGEMMC\GPGeMMC.exe 

C:\Users\TURCA\Desktop\Hard Disk Low Level Format Tool.lnk - C:\Program Files\HDDGURU LLF Tool\LLFTOOL.EXE 

C:\Users\TURCA\Desktop\InfinityBox BEST.lnk - C:\InfinityBox\BEST\BEST.exe 

C:\Users\TURCA\Desktop\Itaú.lnk -  

C:\Users\TURCA\Desktop\LG_GSM.lnk - C:\Program Files\SarasSoft\UFS\UFS_LG_GSM\LG_GSM.exe 

C:\Users\TURCA\Desktop\MerapiTool - Atalho.lnk - C:\PROGRAMAS\MERAPI\MerapiTool.exe 

C:\Users\TURCA\Desktop\Octoplus LG Tool.lnk - C:\Program Files\Octoplus\Octoplus_LG\OctoplusLG.exe 

C:\Users\TURCA\Desktop\Octoplus Samsung Tool.lnk - C:\Program Files\Octoplus\Octoplus_Samsung\OctoplusSamsung.exe 

C:\Users\TURCA\Desktop\Octoplus Shell.lnk - C:\Program Files\Octoplus\Octoplus_Shell\OctoplusShell.exe 

C:\Users\TURCA\Desktop\Octoplus Suite.lnk - C:\Program Files\Octoplus\Octoplus_Suite\OctoplusSuite.exe 

C:\Users\TURCA\Desktop\Odin3 v3.09.3.lnk - C:\PROGRAMAS\ODIN\Odin3_v3.09.3\Odin3 v3.09.3.exe 

C:\Users\TURCA\Desktop\Odin3 v3.10..lnk - C:\PROGRAMAS\ODIN\Odin3_v3.10.6\Odin3 v3.10.6.exe 

C:\Users\TURCA\Desktop\PROGRAMAS.lnk - C:\PROGRAMAS 

C:\Users\TURCA\Desktop\SeDbx.lnk - C:\Program Files\SarasSoft\UFS\UFS_DBX\SeDbx.exe 

C:\Users\TURCA\Desktop\SETOOL.lnk - C:\PROGRAMAS\SETOOL\Setool2g.exe 

C:\Users\TURCA\Desktop\SHOficina5.lnk - C:\SHARMAQ\SHOficina\shoficina3.exe 

C:\Users\TURCA\Desktop\SHVendas.lnk - C:\SHARMAQ\SHOficina\shvenda.exe 

C:\Users\TURCA\Desktop\VolcanoTool.lnk - C:\PROGRAMAS\VOLCANO\VolcanoTool.exe 

C:\Users\TURCA\Desktop\VolcanoUtility.lnk - C:\PROGRAMAS\VOLCANO\VolcanoUtility.exe 

C:\Users\TURCA\Desktop\µTorrent.lnk -  

 

==== shortcuts on All Users Desktop ======================

 

C:\Users\Public\Desktop\Acrobat Reader DC.lnk - C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe 

C:\Users\Public\Desktop\Activator.lnk - C:\Program Files\SPT\Activator\activator.exe 

C:\Users\Public\Desktop\Assistente Pimaco.lnk - C:\Pimaco\Pimaco.docm 

C:\Users\Public\Desktop\Avast Free antivírus.lnk - C:\Program Files\AVAST Software\Avast\AvastUI.exe 

C:\Users\Public\Desktop\Avast Internet Security.lnk - C:\Program Files\AVAST Software\Avast\avastui.exe 

C:\Users\Public\Desktop\Avast SafeZone.lnk - C:\Program Files\AVAST Software\Avast\avastui.exe /sfzonebrowser

C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe 

C:\Users\Public\Desktop\Central de Soluções HP.lnk -  

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe 

C:\Users\Public\Desktop\iFunbox.lnk - C:\Program Files\i-Funbox DevTeam\iFunBox.exe 

C:\Users\Public\Desktop\InfinityBox CM2MTK.lnk - C:\InfinityBox\CM2MTK\CM2MTK.exe 

C:\Users\Public\Desktop\InfinityBox CM2SPD.lnk - C:\InfinityBox\CM2SPD\CM2SPD.exe 

C:\Users\Public\Desktop\iRoot.lnk - C:\Program Files\iRoot\Root.exe 

C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files\iTunes\iTunes.exe 

C:\Users\Public\Desktop\Loja de Suprimentos HP.lnk - C:\Program Files\HP\HPSSUPPLY\hpqSSupply.exe 

C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes Anti-Malware\mbam.exe 

C:\Users\Public\Desktop\Manual_MultiSync.lnk - C:\MultiSync\Manual_MultiSync.pdf 

C:\Users\Public\Desktop\MoboRobo.lnk - C:\Program Files\MoboRobo\MoboRobo.exe 

C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe 

C:\Users\Public\Desktop\MultiSync.lnk - C:\MultiSync\UpdateMultiSync.exe 

C:\Users\Public\Desktop\MV RegClean 6.9.lnk - C:\Program Files\Marcos Velasco Security\MV RegClean 6.9\MVREGCLEAN.EXE 

C:\Users\Public\Desktop\RSD Lite.lnk - C:\Windows\Installer\{8F4A334E-D1B5-45D1-9C1A-3D1B97327E49}\_CDFF3DEB911FF6BC88C77E.exe 

C:\Users\Public\Desktop\Samsung Kies (Lite).lnk - C:\Program Files\SAMSUNG\Kies\KiesAgent.exe /lite

C:\Users\Public\Desktop\Samsung Kies 3.lnk - C:\Program Files\SAMSUNG\Kies3\Kies3.exe 

C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files\SAMSUNG\Kies\KiesAgent.exe 

C:\Users\Public\Desktop\SDFormatter.lnk - C:\Program Files\SDA\SD Formatter\SDFormatter.exe 

C:\Users\Public\Desktop\SigmaKey.lnk - C:\Program Files\GsmServer\SigmaKey\SigmaKey.exe 

C:\Users\Public\Desktop\smATool.lnk - C:\Avator-Dongle\smATool\smATool.exe 

C:\Users\Public\Desktop\SPT.lnk - C:\Program Files\SPT\SPT.exe 

C:\Users\Public\Desktop\TeamViewer 10.lnk - C:\Program Files\TeamViewer\TeamViewer.exe 

C:\Users\Public\Desktop\UFS_Panel.lnk - C:\Program Files\SarasSoft\UFS\UFS_Panel\UFS_Panel.exe 

C:\Users\Public\Desktop\Wondershare Dr.Fone para Android.lnk - C:\Program Files\Wondershare\Dr.Fone para Android\DrFoneAndroid.exe 

 

==== shortcuts in Users Start Menu ======================

 

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\GadgetWide Tool.lnk - C:\Users\TURCA\AppData\Roaming\Microsoft\Installer\{6147344A-2A3D-4CE0-9F09-E99CE1C45573}\_72ac292d.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -  

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe  -extoff

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativo Itaú\Desinstalador.lnk -  

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativo Itaú\Itaú.lnk -  

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASANSAM Dongle\ANAT.lnk - C:\ANAT2\NAT.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASANSAM Dongle\ASANSAM QCN.lnk - C:\ASANSAM2\ASANQCN.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASANSAM Dongle\ASANSAM.lnk - C:\ASANSAM2\ASANSAM.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASANSAM Dongle\ASF.lnk - C:\ASF3\ASF.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SarasSoft\UFS\ATRz.lnk - C:\Program Files\SarasSoft\UFS\UFS_ATRz\ATRz.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SarasSoft\UFS\DCTxBB5.lnk - C:\Program Files\Nokia\Phoenix\DCTxBB5.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SarasSoft\UFS\KZF.lnk - C:\Program Files\SarasSoft\UFS\UFS_KZF\KZF.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SarasSoft\UFS\LG_GSM.lnk - C:\Program Files\SarasSoft\UFS\UFS_LG_GSM\LG_GSM.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SarasSoft\UFS\RTP.lnk - C:\Program Files\SarasSoft\UFS\UFS_RTP\RTP.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SarasSoft\UFS\SeDbx.lnk - C:\Program Files\SarasSoft\UFS\UFS_DBX\SeDbx.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SarasSoft\UFS\Documents\Flashing With UFST Tips and Tricks.lnk - C:\Program Files\SarasSoft\UFS\Documents\Flashing With UFST Tips and Tricks.xps 

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SarasSoft\UFS\Documents\Galaxy S6 how to do.lnk - C:\Program Files\SarasSoft\UFS\Documents\Galaxy S6 how to do.xps 

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SarasSoft\UFS\Documents\How to get MSL Access on Exynos-Infineon Based Phones and Write Certification.lnk - C:\Program Files\SarasSoft\UFS\Documents\How to get MSL Access on Exynos-Infineon Based Phones and Write Certification.xps 

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SarasSoft\UFS\Documents\How to get MSL Access on Quallcomm Platform Based Phones and Write Certification.lnk - C:\Program Files\SarasSoft\UFS\Documents\How to get MSL Access on Quallcomm Platform Based Phones and Write Certification.xps 

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SarasSoft\UFS\Documents\LAST_UPATED.lnk - C:\Program Files\SarasSoft\UFS\Documents\LAST_UPATED.txt 

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SarasSoft\UFS\Documents\LAST_UPATED1.lnk - C:\Program Files\SarasSoft\UFS\Documents\LAST_UPATED1.txt 

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SarasSoft\UFS\Documents\Qualcomm New Security Direct Unlock and Certification Without Root.lnk - C:\Program Files\SarasSoft\UFS\Documents\Qualcomm New Security Direct Unlock and Certification Without Root.xps 

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SarasSoft\UFS\Documents\Samsung Android 5 Lollipop Enable_Modem.lnk - C:\Program Files\SarasSoft\UFS\Documents\Samsung Android 5 Lollipop Enable_Modem.xps 

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SarasSoft\UFS\Documents\Samsung_Android_Info.lnk - C:\Program Files\SarasSoft\UFS\Documents\Samsung_Android_Info.xps 

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SarasSoft\UFS\Documents\Samsung_Infineon_Info.lnk - C:\Program Files\SarasSoft\UFS\Documents\Samsung_Infineon_Info.xps 

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SarasSoft\UFS\Documents\UFST_Cables_R1.3.lnk - C:\Program Files\SarasSoft\UFS\Documents\UFST_Cables_R1.3.xps 

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SarasSoft\UFS\Documents\UFST_Galaxy_TAB_Cable_R1.3.lnk - C:\Program Files\SarasSoft\UFS\Documents\UFST_Galaxy_TAB_Cable_R1.3.xps 

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SarasSoft\UFS\Documents\UFSx_Drivers_Install_Readme.lnk - C:\Program Files\SarasSoft\UFS\Documents\UFSx_Drivers_Install_Readme.txt 

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SarasSoft\UFS\Documents\uTorrent Support Manual.lnk - C:\Program Files\SarasSoft\UFS\Documents\uTorrent Support Manual.pdf 

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.chm 

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual do Console RAR.lnk - C:\Program Files\WinRAR\Rar.txt 

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\O que há de novo na última versão.lnk -  

C:\Users\TURCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.exe 

 

==== shortcuts in All Users Start Menu ======================

 

C:\ProgramData\Microsoft\Windows\Start Menu\Central de Soluções HP.lnk -  

C:\ProgramData\Microsoft\Windows\Start Menu\MV RegClean 6.9.lnk - C:\Program Files\Marcos Velasco Security\MV RegClean 6.9\MVREGCLEAN.EXE 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}\SC_Reader.ico 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk - C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk - C:\Windows\ehome\ehshell.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RSD Lite.lnk - C:\Windows\Installer\{8F4A334E-D1B5-45D1-9C1A-3D1B97327E49}\_3C9E2F6AA0CED284602501.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk - C:\Program Files\TeamViewer\TeamViewer.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk - C:\Program Files\DVD Maker\DVDMaker.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Bluetooth File Transfer Wizard.lnk - C:\Windows\system32\fsquirt.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk - C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk - C:\Windows\system32\mblctr.exe /open

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk - C:\Windows\system32\NetProj.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk - C:\Windows\system32\SnippingTool.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk - C:\Windows\system32\StikyNot.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk - C:\Program Files\Common Files\Microsoft Shared\Ink\ShapeCollector.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk - C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk - C:\Program Files\Windows Journal\Journal.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk - C:\Windows\system32\printmanagement.msc 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk - C:\Windows\system32\secpol.msc /s

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AP2010\Assistente Pimaco.lnk - C:\Pimaco\Pimaco.docm 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AP2010\CadEtiq.lnk - C:\CadEtiq\CadEtiq.docx 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AP2010\CDpply A4.lnk - C:\Template\CDpply A4.dotm 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AP2010\CDpply Carta.lnk - C:\Template\CDpply Carta.dotm 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AP2010\Desinstalar.lnk - C:\Windows\System32\msiexec.exe /x {1E040F6A-6DC9-4DCF-819C-FCFE720B6097}

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software\Avast Free antivírus.lnk - C:\Program Files\AVAST Software\Avast\AvastUI.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software\Avast Internet Security.lnk - C:\Program Files\AVAST Software\Avast\avastui.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software\Avast SafeZone.lnk - C:\Program Files\AVAST Software\Avast\avastui.exe /sfzonebrowser

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avator-Dongle\smATool.lnk - C:\Avator-Dongle\smATool\smATool.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avator-Dongle\Uninstall Avator-Dongle smATool.lnk - C:\Avator-Dongle\smATool\uninstall.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Chess.lnk -  

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Backgammon.lnk -  

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Checkers.lnk -  

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Spades.lnk -  

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Mahjong.lnk -  

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GsmServer\Sigma Key\Download required drivers.lnk - C:\Program Files\GsmServer\SigmaKey\drivers\Drivers.url 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GsmServer\Sigma Key\End-User License Agreement (IMEI).lnk - C:\Program Files\GsmServer\SigmaKey\IMEI.rtf 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GsmServer\Sigma Key\End-User License Agreement.lnk - C:\Program Files\GsmServer\SigmaKey\EULA.rtf 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GsmServer\Sigma Key\SigmaKey USB Dongle Driver.lnk - C:\Windows\explorer.exe C:\Program Files\GsmServer\SigmaKey\drivers\AU9540DrvPkg V1.7.26.0_WHQL

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GsmServer\Sigma Key\SigmaKey.lnk - C:\Program Files\GsmServer\SigmaKey\SigmaKey.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GsmServer\Sigma Key\Manuals\Broadcom manual.lnk - C:\Program Files\GsmServer\SigmaKey\brcm_man.url 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GsmServer\Sigma Key\Manuals\MTK manual.lnk - C:\Program Files\GsmServer\SigmaKey\mtk_man.url 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GsmServer\Sigma Key\Manuals\Qualcomm manual.lnk - C:\Program Files\GsmServer\SigmaKey\qcom_man.url 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GsmServer\Sigma Key\Manuals\Supported models.lnk - C:\Program Files\GsmServer\SigmaKey\supp_models.url 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GsmServer\Sigma Key\Manuals\Texas Instruments manual.lnk - C:\Program Files\GsmServer\SigmaKey\ti_man.url 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GsmServer\Sigma Key\Manuals\Video manuals.lnk - C:\Program Files\GsmServer\SigmaKey\video_man.url 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GsmServer\Sigma Key\Social media\add us to your Circles and get all of our updates directly.lnk - C:\Program Files\GsmServer\SigmaKey\GooglePlus.url 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GsmServer\Sigma Key\Social media\Connect with other professionals, share information.lnk - C:\Program Files\GsmServer\SigmaKey\Facebook.url 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GsmServer\Sigma Key\Social media\Follow us on Twitter.lnk - C:\Program Files\GsmServer\SigmaKey\Twitter.url 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GsmServer\Sigma Key\Social media\Official forum.lnk - C:\Program Files\GsmServer\SigmaKey\forum.url 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GsmServer\Sigma Key\Social media\Watch tutorials of unlock operations.lnk - C:\Program Files\GsmServer\SigmaKey\video_man.url 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Low Level Format Tool\Hard Disk Low Level Format Tool on the Web.lnk - C:\Program Files\HDDGURU LLF Tool\LLFTOOL.url 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Low Level Format Tool\Hard Disk Low Level Format Tool.lnk - C:\Program Files\HDDGURU LLF Tool\LLFTOOL.EXE 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Low Level Format Tool\Uninstall Hard Disk Low Level Format Tool.lnk - C:\Program Files\HDDGURU LLF Tool\unins000.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Atualização HP.lnk -  

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Central de Soluções HP.lnk -  

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Loja de Suprimentos HP.lnk - C:\Program Files\HP\HPSSUPPLY\hpqSSupply.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Deskjet F4400 series\Adicionar dispositivo.lnk - C:\Program Files\HP\Digital Imaging\{A800FCC9-8E1E-4D84-9CED-47870701FDE1}\hpzstub.exe -addadevice

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Deskjet F4400 series\Ajuda.lnk - C:\Program Files\HP\Digital Imaging\help\AIO58.chm 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Deskjet F4400 series\Desinstalar.lnk - C:\Program Files\HP\Digital Imaging\{A800FCC9-8E1E-4D84-9CED-47870701FDE1}\setup\hpzscr01.exe -datfile hposcr37.dat -onestop -forcereboot

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Deskjet F4400 series\Leiame.lnk - C:\Program Files\HP\Digital Imaging\help\DJ_AIO_05_F4400_readme\readme.html 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Deskjet F4400 series\Registro do produto.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqwrg.exe "HP Deskjet F4400 series"

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Deskjet F4400 series\Site de suporte a produtos.lnk - C:\Program Files\HP\Digital Imaging\HP Deskjet F4400 series\help\HP Product Support Website.url 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Smart Web Printing\Ajuda da HP Smart Web Printing.lnk - C:\Program Files\HP\Digital Imaging\smart web printing\Help\hpsmartprint.chm 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam\Check New Update.lnk - C:\Program Files\i-Funbox DevTeam\links\ifunbox.win32.checkupdate.url 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam\iFunbox.lnk - C:\Program Files\i-Funbox DevTeam\iFunBox.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam\Online Tutorial.lnk - C:\Program Files\i-Funbox DevTeam\links\ifunbox.win32.tutorial.url 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam\Uninstall iFunbox.lnk - C:\Program Files\i-Funbox DevTeam\unins000.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Buscar Meu iPhone.lnk - C:\Program Files\Common Files\Apple\Internet Services\iCloudWeb.exe find

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Calendário.lnk -  

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Contatos.lnk - C:\Program Files\Common Files\Apple\Internet Services\iCloudWeb.exe contacts

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Fotos do iCloud.lnk - C:\Program Files\Common Files\Apple\Internet Services\ShellStreamsShortcut.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud para Windows.lnk - C:\Program Files\Common Files\Apple\Internet Services\iCloud.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Keynote.lnk - C:\Program Files\Common Files\Apple\Internet Services\iCloudWeb.exe keynote

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Lembretes.lnk - C:\Program Files\Common Files\Apple\Internet Services\iCloudWeb.exe reminders

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Mail.lnk - C:\Program Files\Common Files\Apple\Internet Services\iCloudWeb.exe mail

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Notas.lnk - C:\Program Files\Common Files\Apple\Internet Services\iCloudWeb.exe notes

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Numbers.lnk - C:\Program Files\Common Files\Apple\Internet Services\iCloudWeb.exe numbers

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Pages.lnk - C:\Program Files\Common Files\Apple\Internet Services\iCloudWeb.exe pages

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InfinityBox\BEST\InfinityBox BEST.lnk - C:\InfinityBox\BEST\BEST.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InfinityBox\BEST\Uninstall InfinityBox BEST.lnk - C:\InfinityBox\BEST\BEST_uninstall.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InfinityBox\CM2MTK\InfinityBox CM2MTK.lnk - C:\InfinityBox\CM2MTK\CM2MTK.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InfinityBox\CM2MTK\Uninstall InfinityBox CM2MTK.lnk - C:\InfinityBox\CM2MTK\CM2MTK_uninstall.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InfinityBox\CM2SPD\InfinityBox CM2SPD.lnk - C:\InfinityBox\CM2SPD\CM2SPD.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InfinityBox\CM2SPD\Uninstall InfinityBox CM2SPD.lnk - C:\InfinityBox\CM2SPD\CM2SPD_uninstall.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InfinityBox\Drivers\box\Drivers installation guide En.lnk - C:\InfinityBox\Drivers\box\Infinity-Box_Installation_manual_En.pdf 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InfinityBox\Drivers\box\Drivers installation guide Ru.lnk - C:\InfinityBox\Drivers\box\Infinity-Box_Installation_manual_Ru.pdf 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InfinityBox\Drivers\box\Drivers.lnk - C:\InfinityBox\Drivers\box 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Android Device USB driver\Uninstall.lnk - C:\Program Files\Intel Android Device USB driver\uninst.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel DnX USB Driver\Uninstall DnX USB Driver.lnk - C:\Program Files\Intel\xFSTK\DnXUSBDriver\unins000.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iRoot\iRoot.lnk - C:\Program Files\iRoot\Root.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iRoot\Uninstall iRoot.lnk - C:\Program Files\iRoot\unins000.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk - C:\Program Files\iTunes\iTunes.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Sobre o iTunes.lnk - C:\Program Files\iTunes\iTunes.Resources\pt.lproj\About iTunes.rtf 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configurar Java.lnk - C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Obter Ajuda.lnk -  

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Sobre o Java.lnk - C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe -tab about

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Verificar Atualizações.lnk -  

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visite Java.com.lnk -  

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes Anti-Malware\unins000.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes Anti-Malware\mbam.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Marcos Velasco Security\MV RegClean 6.9.lnk - C:\Program Files\Marcos Velasco Security\MV RegClean 6.9\MVREGCLEAN.EXE 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Access 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\accicons.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Excel 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft InfoPath Designer 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\inficon.exe  /design 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft InfoPath Filler 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\inficon.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft OneNote 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\joticon.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Outlook 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft PowerPoint 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pptico.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Publisher 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pubs.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft SharePoint Workspace 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\grvicons.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Word 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Ferramentas do Microsoft Office 2010\Centro de Carregamento do Microsoft Office 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\msouc.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Ferramentas do Microsoft Office 2010\Certificado Digital para Projetos do VBA.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Ferramentas do Microsoft Office 2010\Microsoft Media Gallery.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\cagicon.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Ferramentas do Microsoft Office 2010\Microsoft Office Picture Manager.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\oisicon.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Ferramentas do Microsoft Office 2010\Preferências de Idioma do Microsoft Office 2010.lnk -  

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MoboRobo\MoboRobo.lnk - C:\Program Files\MoboRobo\MoboRobo.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MoboRobo\Uninstall MoboRobo.lnk - C:\Program Files\MoboRobo\unins000.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager\Motorola Device Manager.lnk - C:\Windows\Installer\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}\_EED70B3E82A514A7A6E8F1.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiSync\Desinstalar MultiSync.lnk - C:\MultiSync\unins000.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiSync\Manual_MultiSync.lnk - C:\MultiSync\Manual_MultiSync.pdf 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiSync\MultiSync.lnk - C:\MultiSync\UpdateMultiSync.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec\1.0b beta\Uninstall.lnk - C:\Program Files\MyFree Codec\1.0b beta\uninstall.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Octoplus\Octoplus Shell.lnk - C:\Program Files\Octoplus\Octoplus_Shell\OctoplusShell.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Octoplus\Octoplus LG\Desinstalar Octoplus tool.lnk - C:\Program Files\Octoplus\Octoplus_LG\unins000.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Octoplus\Octoplus LG\Octoplus LG Tool.lnk - C:\Program Files\Octoplus\Octoplus_LG\OctoplusLG.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Octoplus\Octoplus LG\Update dongle.lnk - C:\Program Files\Octoplus\Octoplus_LG\LGUpdater.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Octoplus\Octoplus Samsung\Desinstalar Octoplus Samsung Tool.lnk - C:\Program Files\Octoplus\Octoplus_Samsung\unins000.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Octoplus\Octoplus Samsung\Octoplus Samsung Tool.lnk - C:\Program Files\Octoplus\Octoplus_Samsung\OctoplusSamsung.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Octoplus\Octoplus Samsung\Update dongle.lnk - C:\Program Files\Octoplus\Octoplus_Samsung\Updater.exe update

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Octoplus\Octoplus Suite\Desinstalar Octoplus tool.lnk - C:\Program Files\Octoplus\Octoplus_Suite\unins000.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Octoplus\Octoplus Suite\Octoplus Suite.lnk - C:\Program Files\Octoplus\Octoplus_Suite\OctoplusSuite.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Octoplus\Octoplus Suite\Update dongle.lnk - C:\Program Files\Octoplus\Octoplus_Suite\SeUpdater.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROCKEY200 Driver\ROCKEY200 Driver\Uninstall.lnk - C:\Program Files\Feitian\ROCKEY200\uninst.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Samsung Kies (Lite).lnk - C:\Program Files\SAMSUNG\Kies\KiesAgent.exe /lite

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Samsung Kies.lnk - C:\Program Files\SAMSUNG\Kies\KiesAgent.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Uninstall Kies.lnk - C:\Program Files\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe /removeonly

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies3\Samsung Kies 3.lnk - C:\Program Files\SAMSUNG\Kies3\Kies3.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies3\Uninstall Kies 3.lnk - C:\Program Files\InstallShield Installation Information\{88547073-C566-4895-9005-EBE98EA3F7C7}\setup.exe /removeonly

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SarasSoft\UFS\Utilities\UFS_Panel.lnk - C:\Program Files\SarasSoft\UFS\UFS_Panel\UFS_Panel.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SDFormatter\SDFormatter.lnk - C:\Program Files\SDA\SD Formatter\SDFormatter.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint\Microsoft SharePoint Workspace 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\grvicons.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHOficina\Manual.lnk - C:\SHARMAQ\SHOficina\Manual.doc 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHOficina\SHAgenda.lnk - C:\SHARMAQ\SHOficina\SHAgenda.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHOficina\SHEstoque.lnk - C:\SHARMAQ\SHOficina\shestoque.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHOficina\SHOficina na Web.lnk - C:\SHARMAQ\SHOficina\AutoBackups\SHOficina.url 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHOficina\SHOficina.lnk - C:\SHARMAQ\SHOficina\shoficina3.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHOficina\SHVendas.lnk - C:\SHARMAQ\SHOficina\shvenda.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHOficina\Uninstall SHOficina.lnk - C:\SHARMAQ\SHOficina\unins000.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SnadBoy's Revelation v2\Revelation.lnk - C:\Program Files\SnadBoy's Revelation v2\Revelation.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SPT\SPT.lnk - C:\Program Files\SPT\SPT.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SPT\Uninstall  SPT.lnk - C:\Program Files\SPT\unins000.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SPT\Uninstall SPT.lnk - C:\Program Files\SPT\unins000.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.chm 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual do Console RAR.lnk - C:\Program Files\WinRAR\Rar.txt 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\O que há de novo na última versão.lnk -  

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.exe 

 

==== shortcuts in Quick Launch ======================

 

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

C:\Users\TURCA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Hard Disk Low Level Format Tool.lnk - C:\Program Files\HDDGURU LLF Tool\LLFTOOL.EXE 

C:\Users\TURCA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MultiSync.lnk - C:\MultiSync\UpdateMultiSync.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Octoplus Box Samsung software.lnk - C:\Program Files\Octoplus\Octoplus_Samsung\OctoplusSamsung.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Octoplus Shell software.lnk - C:\Program Files\Octoplus\Octoplus_Shell\OctoplusShell.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Octoplus Suite.lnk - C:\Program Files\Octoplus\Octoplus_Suite\OctoplusSuite.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Octopus LG Tool.lnk - C:\Program Files\Octoplus\Octoplus_LG\OctoplusLG.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk - C:\Program Files\SAMSUNG\Kies\KiesAgent.exe /lite

C:\Users\TURCA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies 3.lnk - C:\Program Files\SAMSUNG\Kies3\Kies3.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk - C:\Program Files\SAMSUNG\Kies\KiesAgent.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  

C:\Users\TURCA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SPT.lnk - C:\Program Files\SPT\SPT.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

C:\Users\TURCA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -  

C:\Users\TURCA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\MoboRobo.lnk - C:\Program Files\MoboRobo\MoboRobo.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AvatorBox.lnk - C:\Avator-Dongle\Avatorbox_Ver7.901\AvatorBox.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\InfinityBox BEST.lnk - C:\InfinityBox\BEST\BEST.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\InfinityBox CM2MTK.lnk - C:\InfinityBox\CM2MTK\CM2MTK.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Excel 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Octoplus LG Tool.lnk - C:\Program Files\Octoplus\Octoplus_LG\OctoplusLG.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Octoplus Samsung Tool.lnk - C:\Program Files\Octoplus\Octoplus_Samsung\OctoplusSamsung.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\smATool.lnk - C:\Avator-Dongle\smATool\smATool.exe 

C:\Users\TURCA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe 

C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  

C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

 

==== Reset IE Proxy ======================

 

Value(s) before fix:

"ProxyEnable"=dword:00000000

 

Value(s) after fix:

"ProxyEnable"=dword:00000000

 

==== Deleting Registry Keys ======================

 

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SnadBoy's Revelation v2 deleted successfully

 

==== Empty IE Cache ======================

 

C:\Users\TURCA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\TURCA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

 

==== Empty FireFox Cache ======================

 

C:\Users\TURCA\AppData\Local\Mozilla\Firefox\Profiles\oxn04pzv.default\cache2 emptied successfully

 

==== Empty Chrome Cache ======================

 

C:\Users\TURCA\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

 

==== Empty All Flash Cache ======================

 

No Flash Cache Found

 

==== Empty All Java Cache ======================

 

Java Cache cleared successfully

 

==== C:\zoek_backup content ======================

 

C:\zoek_backup (files=383 folders=55 183091791 bytes)

 

==== Empty Temp Folders ======================

 

C:\Users\Default\AppData\Local\temp emptied successfully

C:\Users\Default User\AppData\Local\temp emptied successfully

C:\Users\Public\AppData\Local\temp emptied successfully

C:\Users\TURCA\AppData\Local\Temp will be emptied at reboot

C:\Users\USURIO~1\AppData\Local\temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

 

==== After Reboot ======================

 

==== Empty Temp Folders ======================

 

C:\Windows\Temp successfully emptied

C:\Users\TURCA\AppData\Local\Temp successfully emptied

 

==== Empty Recycle Bin ======================

 

C:\$RECYCLE.BIN successfully emptied

 

==== EOF on 21/07/2015 at 10:23:27,75 ======================

 

 

 


Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 10:30:10, on 21/07/2015

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17909)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\GWX\GWX.exe

C:\Windows\system32\notepad.exe

C:\Program Files\SAMSUNG\Kies\KiesTrayAgent.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\Diebold\Warsaw\core.exe

C:\Program Files\CCleaner\CCleaner.exe

C:\Program Files\SAMSUNG\Kies\Kies.exe

C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe

C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe

C:\Windows\system32\wuauclt.exe

C:\Users\TURCA\Desktop\HijackThis.exe

C:\Windows\system32\SearchFilterHost.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 

O1 - Hosts: ::1 localhost

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files\GbPlugin\gbiehuni.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

O4 - HKLM\..\Run: [Diebold - Warsaw] C:\Program Files\Diebold\Warsaw\core.exe

O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe

O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: www.google.com.br

O15 - Trusted Zone: www.itau.b.br

O15 - Trusted Zone: *.itau.b.br

O15 - Trusted Zone: bankline.itau.com.br

O15 - Trusted Zone: banklineplus.itau.com.br

O15 - Trusted Zone: clickbanking.itau.com.br

O15 - Trusted Zone: guardiao.itau.com.br

O15 - Trusted Zone: www.itau.com.br

O15 - Trusted Zone: http://www.itau.com.br

O15 - Trusted Zone: *.itau.com.br

O15 - Trusted Zone: www.itaupersonnalite.com.br


O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - Winlogon Notify:  GbPluginUni - C:\Program Files\GbPlugin\gbiehUni.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Avast antivírus (avast! antivírus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Avast Firewall (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe

O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe

O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe

O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

O23 - Service: Moborobo Device Service (MoboroboDeviceService) - Unknown owner - C:\Program Files\MoboRobo\MoboroboDeviceService.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: PST Service - Motorola - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe

O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe

O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe

O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe

 

--

End of file - 7977 bytes

 

 

valeu

Compartilhar este post


Link para o post
Compartilhar em outros sites

deu uma melhorada sim está mais rápido travando menos, acha que só isso resolve ou deve estar indo embora mu hd, uso watercoller, bem refrigerado meu PC, ou seria mesmo esses paus no windows? valeu muito mesmo

Compartilhar este post


Link para o post
Compartilhar em outros sites

×
×
  • Criar Novo...