fpvoliveira

Novato
  • Total de itens

    25
  • Registro em

  • Última visita

Reputação

0 Neutral

Sobre fpvoliveira

  • Rank
    Novato

Contact Methods

  • ICQ
    0
  1. Computador apresenta lentidão ao inicializar, abrir programas como chrome, libreoffice, etc, lentidão exagerada no carregamento de páginas.
  2. Computador apresente lentidão incomum para abertura de programas como chrome, libre office, etc. Anexo relatórios ZA-Scan, MbrScan e Farbar Scanner.
  3. Instruções realizadas com sucesso. Obrigado pela atenção.
  4. Bom dia, Funcionando normalmente. Obrigado.
  5. Bom dia Desculpe a demora em responder. Utilizando Revo Uninstaller para desinstalar o programa, obtive "Falha na execução do desinstalador do aplicativo! Possível comando de desinstalação invalido!" Finalizado procedimento programa não aparece mais na lista de instalados.
  6. Bom dia, Após execução do Security Check segue log: SecurityCheck by glax24 & Severnyj v.1.4.0.46 [22.09.16] WebSite: www.safezone.cc DateLog: 29.11.2016 08:03:44 Path starting: C:\Users\Francisco Oliveira\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe Log directory: C:\SecurityCheck\ IsAdmin: True User: Francisco Oliveira VersionXML: 3.54is-25.11.2016 ___________________________________________________________________________ Windows 7(6.1.7601) Service Pack 1 (x86) Ultimate Lang: Portuguese(0416) Installation date OS: 24.06.2016 16:31:46 LicenseStatus: Windows(R) 7, Ultimate edition The machine is permanently activated. Boot Mode: Normal Default Browser: 0 SystemDrive: C: FS: [NTFS] Capacity: [465.7 Gb] Used: [85.3 Gb] Free: [380.4 Gb] ------------------------------- [ Windows ] ------------------------------- Internet Explorer 8.0.7601.17514 Warning! Download Update Online installation. Last version available when Windows update is enabled throught the Internet. User Account Control enabled Automatically download and schedule installation Date install updates: 2016-11-28 05:01:04 Windows Update (wuauserv) - The service is running Central de Segurança (wscsvc) - The service is running Registro remoto (RemoteRegistry) - The service has stopped Descoberta SSDP (SSDPSRV) - The service is running Serviços de Área de Trabalho Remota (TermService) - The service has stopped Windows Remote Management (WS-Management) (WinRM) - The service has stopped ------------------------------ [ MS Office ] ------------------------------ Microsoft Office 2010 x86 v.14.0.4763.1000 --------------------------- [ FirewallWindows ] --------------------------- Firewall do Windows (MpsSvc) - The service is running --------------------------- [ AntiSpyware_WMI ] --------------------------- Windows Defender (disabled and up to date) ---------------------- [ AntiVirusFirewallInstall ] ----------------------- ESET Online Scanner v3 -------------------------- [ SecurityUtilities ] -------------------------- Malwarebytes Anti-Malware versão 2.2.1.1043 v.2.2.1.1043 --------------------------- [ OtherUtilities ] ---------------------------- VLC media player v.2.2.1 Warning! Download Update WinRAR 5.40 (32-bit) v.5.40.0 Microsoft Silverlight v.3.0.40818.0 Warning! Download Update LibreOffice 5.1.4.2 v.5.1.4.2 Warning! Download Update --------------------------------- [ IM ] ---------------------------------- Skype™ 7.28 v.7.28.101 Warning! Download Update ^Optional update.^ --------------------------------- [ P2P ] --------------------------------- µTorrent v.3.4.7.42330 Warning! P2P-client. -------------------------------- [ Java ] --------------------------------- Java 8 Update 111 v.8.0.1110.14 Warning! Download Update Uninstall old version and install new one (jre-8u112-windows-i586.exe). --------------------------- [ AdobeProduction ] --------------------------- Adobe Flash Player 23 PPAPI v.23.0.0.207 Adobe Acrobat Reader DC - Português v.15.020.20042 ------------------------------- [ Browser ] ------------------------------- Google Chrome v.54.0.2840.99 Mozilla Firefox 49.0.2 (x86 pt-BR) v.49.0.2 Warning! Download Update --------------------------- [ RunningProcess ] ---------------------------- C:\Program Files\Google\Chrome\Application\chrome.exe v.54.0.2840.99 ------------------ [ AntivirusFirewallProcessServices ] ------------------- MBAMScheduler (MBAMScheduler) - The service has stopped MBAMService (MBAMService) - The service has stopped Windows Defender (WinDefend) - The service has stopped ---------------------------- [ UnwantedApps ] ----------------------------- Yahoo Search Set Warning! Browser's toolbar. It can slow down the working of your browser and have violation privacy problems. ----------------------------- [ End of Log ] ------------------------------
  7. bom dia Chrome e Firefox inicializando normal, aparentemente tudo normal. Obrigado pela ajuda.
  8. Bom dia, Segue log. Resultado da Correção pela Farbar Recovery Scan Tool (x86) Versão: 23-11-2016 Executado por Francisco Oliveira (25-11-2016 08:08:15) Run:2 Executando a partir de C:\Users\Francisco Oliveira\Desktop Perfis Carregados: Francisco Oliveira (Perfis Disponíveis: Francisco Oliveira) Modo da Inicialização: Normal ============================================== fixlist Conteúdo: ***************** start CloseProcesses: CreateRestorePoint: HKLM\...\Providers\40tkq602: C:\Músicas_\local32spl.dll [145408 2016-11-07] () HKLM\...\Providers\83h078mt: C:\Receita Federal\\local32spl.dll [145408 2016-11-07] () HKLM\...\Providers\egqovv02: C:\Músicas\\local32spl.dll [145408 2016-11-07] () HKLM\...\Providers\kr4olds6: C:\Msicas\\local32spl.dll [145408 2016-11-07] () HKLM\...\Providers\lcwm9fof: C:\WinSetupFromUSB\\local32spl.dll [145408 2016-11-07] () HKLM\...\Providers\masfe1w0: C:\Photos & Images_\local32spl.dll [145408 2016-11-07] () HKLM\...\Providers\nhghn2k9: C:\Msicas_\local32spl.dll [145408 2016-11-07] () HKLM\...\Providers\ot5x7s7z: C:\WinSetupFromUSB_\local32spl.dll [145408 2016-11-07] () HKLM\...\Providers\qr7fn4d2: C:\Receita Federal_\local32spl.dll [145408 2016-11-07] () HKLM\...\Providers\tqsygkj0: C:\Photos & Images\\local32spl.dll [145408 2016-11-07] () HKLM\...\Providers\vsd6c3am: C:\_\local32spl.dll [145408 2016-11-07] () HKLM\...\Providers\w993wgsf: C:\\local32spl.dll [145408 2016-11-07] () FF ProfilePath: C:\Users\Francisco Oliveira\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\49eev9cp.default\Profiles\49eev9cp.default [não encontrado (a)] FF Extension: (Search and New Tab by Yahoo) - C:\Users\Francisco Oliveira\AppData\Roaming\Mozilla\Firefox\Profiles\utev3a5y.default-1479233884941\Extensions\jid1-16aeif9OQIRKxA@jetpack.xpi [2016-11-17] CHR DefaultSearchURL: Default -> hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default CHR DefaultSearchKeyword: Default -> Yahoo CHR DefaultSuggestURL: Default -> hxxps://br.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10 CHR Extension: (Yahoo Partner) - C:\Users\Francisco Oliveira\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabhkdeopjkcpkmofliimbjckmocfiom [2016-11-19] CHR Extension: (Yahoo Partner) - C:\Users\Francisco Oliveira\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdmjodecdegfglgaapafjleomjjlpnh [2016-11-19] CHR HKLM\...\Chrome\Extension: [fabhkdeopjkcpkmofliimbjckmocfiom] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx S2 Suqlykooch; C:\Windows\system32\svchost.exe [20992 2009-07-13] (Microsoft Corporation) S2 YSearchUtilSvc; "C:\Program Files\Yahoo!\yset\{49FDF011-C595-6749-B245-D35C95DD7373}\YSearchUtilSvc.exe" [X] 2016-11-17 06:43 - 2016-11-17 06:43 - 00000000 ____D C:\Users\Francisco Oliveira\AppData\Local\YSearchUtil 2016-11-07 10:09 - 2016-11-07 10:09 - 00145408 ____H C:\local32spl.dll 2016-11-07 10:09 - 2016-11-07 10:09 - 00000020 ____H C:\local32spl.dll.ini 2016-11-07 10:09 - 2016-11-07 10:09 - 00000000 ___HD C:\WinSetupFromUSB_ 2016-11-07 10:09 - 2016-11-07 10:09 - 00000000 ___HD C:\Receita Federal_ 2016-11-07 10:09 - 2016-11-07 10:09 - 00000000 ___HD C:\Photos & Images_ 2016-11-07 10:09 - 2016-11-07 10:09 - 00000000 ___HD C:\Músicas_ 2016-11-07 10:09 - 2016-11-07 10:09 - 00000000 ___HD C:\Msicas_ 2016-11-07 10:09 - 2016-11-07 10:09 - 00000000 ___HD C:\_ 2016-11-07 10:09 - 2016-11-07 10:09 - 00000000 ____D C:\Msicas 2016-11-05 14:21 - 2016-11-05 14:44 - 00000000 ____D C:\Program Files\UCBrowser 2016-11-05 14:14 - 2016-11-13 08:21 - 00000000 ____D C:\Program Files\wanttoxiamen 2016-11-05 14:14 - 2016-11-05 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\wanttoxiamen 2016-11-05 14:11 - 2016-11-05 14:11 - 00000000 _____ C:\TOSTACK 2016-11-05 14:09 - 2016-11-05 14:09 - 00000000 ____D C:\ProgramData\Avira 2016-11-05 14:09 - 2016-11-05 14:09 - 00000000 ____D C:\ProgramData\Avg 2016-11-05 14:09 - 2016-11-05 14:09 - 00000000 ____D C:\ProgramData\AVAST Software 2016-11-05 14:07 - 2016-11-05 14:19 - 00000000 ____D C:\Users\Francisco Oliveira\AppData\Local\Thictzimertain 2016-11-05 08:59 - 2016-11-05 08:59 - 06160320 _____ (LinuxLive USB Creator) C:\Users\Francisco Oliveira\Downloads\Baixaki_lili-usb-creator [1].exe 2016-11-05 08:58 - 2016-11-05 08:58 - 01867472 _____ ( ) C:\Users\Francisco Oliveira\Downloads\Baixaki_lili-usb-creator.exe 2016-11-01 06:31 - 2016-11-13 08:21 - 00000000 ____D C:\Users\Francisco Oliveira\Downloads\Kaspersky Anti-Virus 2015 v15.0.2.284-P2P 2016-11-13 08:22 - 2016-06-24 15:07 - 00000000 ____D C:\Users\Francisco Oliveira\Downloads\Recuva Professional 1.52.1086 + Crack 2016-11-07 10:09 - 2016-10-07 21:23 - 00000000 ____D C:\WinSetupFromUSB 2016-11-07 10:09 - 2016-06-28 18:13 - 00000000 ____D C:\Photos & Images 2016-11-07 10:09 - 2016-04-27 07:35 - 00000000 ____D C:\Receita Federal 2016-11-07 10:09 - 2013-05-13 20:58 - 00000000 ____D C:\Músicas Task: {334A3175-D89B-484F-B8E8-30532842CC6F} - \Nversythernely Configuration -> Nenhum Arquivo <==== ATENÇÃO Task: {8E77D7AB-A239-46D3-8505-EA5E829A7F3B} - System32\Tasks\{C27ECEC8-649C-4C90-B9F6-CDDEF477CB08} => pcalua.exe -a "C:\Users\Francisco Oliveira\Downloads\WinXP\Make Bootable USB Pen Drive For Windows XP,Windows 7,And Windows 8\Windows XP\WinSetupFromUSB_0-2-3.exe" -d "C:\Users\Francisco Oliveira\Downloads\WinXP\Make Bootable USB Pen Drive For Windows XP,Windows 7,And Windows 8\Windows XP" Task: {C72134B2-1CEE-4731-B161-856BCDEE2670} - \edd2563489cbb90cb69a57d7497f2e4b -> Nenhum Arquivo <==== ATENÇÃO WMI_ActiveScriptEventConsumer_ASEC: <===== ATENÇÃO ShortcutWithArgument: C:\Users\Francisco Oliveira\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\FRANCI~1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://9o0gle.com/ ShortcutWithArgument: C:\Users\Francisco Oliveira\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\FRANCI~1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://9o0gle.com/ ShortcutWithArgument: C:\Users\Francisco Oliveira\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://9o0gle.com/ ShortcutWithArgument: C:\Users\Francisco Oliveira\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Francisco - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\FRANCI~1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://9o0gle.com/ ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://9o0gle.com/ ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\FRANCI~1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://9o0gle.com/ C:\Program Files\Yahoo! C:\Users\Francisco Oliveira\Downloads\WinXP AlternateDataStreams: C:\Program Files\GbPlugin:IncompleteStartProcessProtection.cnt [8] AlternateDataStreams: C:\Windows\System32:247E8AE9_Bb.gbp [2] AlternateDataStreams: C:\Windows\system32\drivers:GbpKmAp.lst [412] AlternateDataStreams: C:\Windows\system32\drivers:ucdrv-x86.sys [69010] AlternateDataStreams: C:\Windows\system32\drivers:x86 [1157922] AlternateDataStreams: C:\Windows\system32\Drivers\gbpddreg32.sys:X5ZN8aGvT4 [674] AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [0] AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10] Folder: C:\Windows\network EmptyTemp: end ***************** Processos fechados com sucesso. Ponto de Restauração criado com sucesso. "HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\40tkq602" => chave removido (a) com sucesso. HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\\order 40tkq602 => removido (a) com sucesso. "HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\83h078mt" => chave removido (a) com sucesso. HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\\order 83h078mt => removido (a) com sucesso. "HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\egqovv02" => chave removido (a) com sucesso. HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\\order egqovv02 => removido (a) com sucesso. "HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\kr4olds6" => chave removido (a) com sucesso. HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\\order kr4olds6 => removido (a) com sucesso. "HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\lcwm9fof" => chave removido (a) com sucesso. HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\\order lcwm9fof => removido (a) com sucesso. "HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\masfe1w0" => chave removido (a) com sucesso. HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\\order masfe1w0 => removido (a) com sucesso. "HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\nhghn2k9" => chave removido (a) com sucesso. HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\\order nhghn2k9 => removido (a) com sucesso. "HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\ot5x7s7z" => chave removido (a) com sucesso. HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\\order ot5x7s7z => removido (a) com sucesso. "HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\qr7fn4d2" => chave removido (a) com sucesso. HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\\order qr7fn4d2 => removido (a) com sucesso. "HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\tqsygkj0" => chave removido (a) com sucesso. HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\\order tqsygkj0 => removido (a) com sucesso. "HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\vsd6c3am" => chave removido (a) com sucesso. HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\\order vsd6c3am => removido (a) com sucesso. "HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\w993wgsf" => chave removido (a) com sucesso. HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\\order w993wgsf => removido (a) com sucesso. C:\Users\Francisco Oliveira\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\49eev9cp.default\Profiles\49eev9cp.default => caminho removido (a) com sucesso. C:\Users\Francisco Oliveira\AppData\Roaming\Mozilla\Firefox\Profiles\utev3a5y.default-1479233884941\Extensions\jid1-16aeif9OQIRKxA@jetpack.xpi => movido com sucesso Chrome DefaultSearchURL => removido (a) com sucesso. Chrome DefaultSearchKeyword => removido (a) com sucesso. Chrome DefaultSuggestURL => removido (a) com sucesso. C:\Users\Francisco Oliveira\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabhkdeopjkcpkmofliimbjckmocfiom => não encontrado (a). C:\Users\Francisco Oliveira\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdmjodecdegfglgaapafjleomjjlpnh => não encontrado (a). "HKLM\SOFTWARE\Google\Chrome\Extensions\fabhkdeopjkcpkmofliimbjckmocfiom" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Google\Chrome\Extensions\kpdmjodecdegfglgaapafjleomjjlpnh" => chave removido (a) com sucesso. Suqlykooch => serviço removido (a) com sucesso. YSearchUtilSvc => serviço removido (a) com sucesso. C:\Users\Francisco Oliveira\AppData\Local\YSearchUtil => movido com sucesso C:\local32spl.dll => movido com sucesso C:\local32spl.dll.ini => movido com sucesso C:\WinSetupFromUSB_ => movido com sucesso C:\Receita Federal_ => movido com sucesso C:\Photos & Images_ => movido com sucesso C:\Músicas_ => movido com sucesso C:\Msicas_ => movido com sucesso C:\_ => movido com sucesso C:\Msicas => movido com sucesso C:\Program Files\UCBrowser => movido com sucesso C:\Program Files\wanttoxiamen => movido com sucesso C:\ProgramData\Microsoft\Windows\Start Menu\Programs\wanttoxiamen => movido com sucesso C:\TOSTACK => movido com sucesso C:\ProgramData\Avira => movido com sucesso C:\ProgramData\Avg => movido com sucesso C:\ProgramData\AVAST Software => movido com sucesso C:\Users\Francisco Oliveira\AppData\Local\Thictzimertain => movido com sucesso C:\Users\Francisco Oliveira\Downloads\Baixaki_lili-usb-creator [1].exe => movido com sucesso C:\Users\Francisco Oliveira\Downloads\Baixaki_lili-usb-creator.exe => movido com sucesso C:\Users\Francisco Oliveira\Downloads\Kaspersky Anti-Virus 2015 v15.0.2.284-P2P => movido com sucesso C:\Users\Francisco Oliveira\Downloads\Recuva Professional 1.52.1086 + Crack => movido com sucesso C:\WinSetupFromUSB => movido com sucesso C:\Photos & Images => movido com sucesso C:\Receita Federal => movido com sucesso C:\Músicas => movido com sucesso "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{334A3175-D89B-484F-B8E8-30532842CC6F}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{334A3175-D89B-484F-B8E8-30532842CC6F}" => chave removido (a) com sucesso. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Nversythernely Configuration => chave não encontrado (a). "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8E77D7AB-A239-46D3-8505-EA5E829A7F3B}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E77D7AB-A239-46D3-8505-EA5E829A7F3B}" => chave removido (a) com sucesso. C:\Windows\System32\Tasks\{C27ECEC8-649C-4C90-B9F6-CDDEF477CB08} => movido com sucesso "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C27ECEC8-649C-4C90-B9F6-CDDEF477CB08}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C72134B2-1CEE-4731-B161-856BCDEE2670}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C72134B2-1CEE-4731-B161-856BCDEE2670}" => chave removido (a) com sucesso. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\edd2563489cbb90cb69a57d7497f2e4b => chave não encontrado (a). WMI_ActiveScriptEventConsumer_ASEC: <===== ATENÇÃO => removido (a) com sucesso. C:\Users\Francisco Oliveira\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => Atalho argumento removido (a) com sucesso.. C:\Users\Francisco Oliveira\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk => Atalho argumento removido (a) com sucesso.. C:\Users\Francisco Oliveira\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk => Atalho argumento removido (a) com sucesso.. C:\Users\Francisco Oliveira\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Francisco - Chrome.lnk => Atalho argumento removido (a) com sucesso.. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk => Atalho argumento removido (a) com sucesso.. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk => Atalho argumento removido (a) com sucesso.. C:\Users\Public\Desktop\Google Chrome.lnk => Atalho argumento removido (a) com sucesso.. "C:\Program Files\Yahoo!" => não encontrado (a). C:\Users\Francisco Oliveira\Downloads\WinXP => movido com sucesso C:\Program Files\GbPlugin => ":IncompleteStartProcessProtection.cnt" ADS removido (a) com sucesso.. C:\Windows\System32 => ":247E8AE9_Bb.gbp" ADS removido (a) com sucesso.. C:\Windows\system32\drivers => ":GbpKmAp.lst" ADS removido (a) com sucesso.. C:\Windows\system32\drivers => ":ucdrv-x86.sys" ADS removido (a) com sucesso.. C:\Windows\system32\drivers => ":x86" ADS removido (a) com sucesso.. C:\Windows\system32\Drivers\gbpddreg32.sys => ":X5ZN8aGvT4" ADS removido (a) com sucesso.. C:\Windows\system32\Drivers\wsddfac.sys => ":X5ZN8aGXs4" ADS removido (a) com sucesso.. C:\ProgramData\GbPlugin => ":IncompleteStartGbprcm.cnt" ADS removido (a) com sucesso.. ========================= Folder: C:\Windows\network ======================== 2014-04-15 06:37 - 2013-12-10 19:22 - 0165888 _____ () C:\Windows\network\ROTINA.mdb ====== Fim de Folder: ====== =========== EmptyTemp: ========== BITS transfer queue => 12582912 B DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5246442 B Java, Flash, Steam htmlcache => 0 B Windows/system/drivers => 7815339 B Edge => 0 B Chrome => 482420837 B Firefox => 7811598 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 218081 B LocalService => 66228 B NetworkService => 66228 B Francisco Oliveira => 109167086 B RecycleBin => 0 B EmptyTemp: => 596.4 MB de dados temporários Removidos. ================================ O sistema precisou ser reiniciado. ==== Fim de Fixlog 08:10:40 ==== Bom dia, Segue log. Fixlog.txt
  9. Segue log. Resultado da Correção pela Farbar Recovery Scan Tool (x86) Versão: 20-11-2016 01 Executado por Francisco Oliveira (23-11-2016 07:06:38) Run:1 Executando a partir de C:\Users\Francisco Oliveira\Desktop Perfis Carregados: Francisco Oliveira (Perfis Disponíveis: Francisco Oliveira) Modo da Inicialização: Normal ============================================== fixlist Conteúdo: ***************** start Folder: C:\Receita Federal_ Folder: C:\Músicas_ Folder: C:\Msicas_ Folder: C:\Msicas end ***************** ========================= Folder: C:\Receita Federal_ ======================== 2016-11-07 10:09 - 2016-11-07 10:09 - 0145408 ____H () C:\Receita Federal_\local32spl.dll 2016-11-07 10:09 - 2016-11-07 10:09 - 0000021 ____H () C:\Receita Federal_\local32spl.dll.ini ====== Fim de Folder: ====== ========================= Folder: C:\Músicas_ ======================== 2016-11-07 10:09 - 2016-11-07 10:09 - 0145408 ____H () C:\Músicas_\local32spl.dll 2016-11-07 10:09 - 2016-11-07 10:09 - 0000021 ____H () C:\Músicas_\local32spl.dll.ini ====== Fim de Folder: ====== ========================= Folder: C:\Msicas_ ======================== 2016-11-07 10:09 - 2016-11-07 10:09 - 0145408 ____H () C:\Msicas_\local32spl.dll 2016-11-07 10:09 - 2016-11-07 10:09 - 0000021 ____H () C:\Msicas_\local32spl.dll.ini ====== Fim de Folder: ====== ========================= Folder: C:\Msicas ======================== 2016-11-07 10:09 - 2016-11-07 10:09 - 0145408 ____H () C:\Msicas\local32spl.dll 2016-11-07 10:09 - 2016-11-07 10:09 - 0000020 ____H () C:\Msicas\local32spl.dll.ini ====== Fim de Folder: ====== ==== Fim de Fixlog 07:06:38 ==== Segue log. Fixlog.txt
  10. Bom dia, Como citado anteriormente, chrome e firefox ainda inicializam com página inicial: "http://9o0gle.com/" e pedem para instalação de extensão do yahoo. Segue arquivo. FRST.txt Addition.txt
  11. Bom dia, Mesmo problema citado anteriormente: " Das21 parou de funcionar." Feita reinicialização, modo de segurança com rede, executar como administrador. Ainda assim apresentou erro. Não apresentou log, mas em c:\ encontra-se o aquivo que acredito ser o log. Como citado anteriormente, chrome e firefox ainda inicializam com página inicial: "http://9o0gle.com/" e pedem para instalação de extensão do yahoo. Segue arquivo.zoek-results2016-11-19-120729.log zoek-results2016-11-19-120729.log
  12. Bom dia, Mesmo problema citado anteriormente: " Das21 parou de funcionar." Feita reinicialização, modo de segurança com rede, executar como administrador. Ainda assim apresentou erro, mas apresentou log que segue. Mesmo outros softwares apresentando que estão sendo feitas remoções/correções, chrome e firefox ainda inicializam com página inicial: "http://9o0gle.com/" e pedem para instalação de extensão do yahoo. ZA-Scan.txt
  13. Procedimentos realizados, segue log: JRT.txt ZHPCleaner.txt AdwCleaner[C7].txt
  14. Bom dia, Segue log. eset.txt