Linkbucks, não há meio de tirar !!!

Já tentou resetar seus navegadores?

Quais os navegadores usados por vc?

Wings, resetei meus três.
Chrome, Mozilla e Explorer, já resetei os três, estou pensando em apagar os três e baixar de novo.

Anotou, num papel, o IP, Máscara de rede, Gateway padrão e DNS's que passaram para vc pelo telefone?

Gustavo Soares Nogueira escreveu:eu desisto, vou parar de usar computador, não sei mais o que tentar, já liguei, de acordo com eles tudo foi mudado e nada = /

Teve um caso com LinkBucks identico a todos aqui..., no Forum Clube do Hardware que o usuario resolveu o problema adicionando DNS e resolveu o problema!

Veja -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Topico completo do caso -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

# Agora no seu caso não resolver é difícil de entender pois o problema e o mesmo!!

Mas acredito que se voce adicionar os DNS, na configuraçoes de TCP,IP do Windows sugerido pelo Wings, e reiniciar o sistema vai resolver o seu problema!

Galera, troquei hoje minha internet pra cabo.
Por enquanto, não está aparecendo o vírus.
Vamos ver no que dá.

TÓPICO REABERTO

O tópico foi reaberto conforme solicitação do usuário via MP.

Achei que fosse resolver o problema, mas nada resolvido !
A net agora é a cabo, e o problema persiste, o que fazer ?

Gustavo Soares Nogueira escreveu:Achei que fosse resolver o problema, mas nada resolvido !
A net agora é a cabo, e o problema persiste, o que fazer ?

Copie esse link --> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Cole na barra de seu navgador e tecla (Enter) para carregar a página!

Clique no botão (Proceed) e em -> (All Service Ports)..., aguarde a verificação!!

Quando terminar tire um print screen da imagem e cole aqui em seu tópico!!

pronto ...

Gustavo Soares Nogueira escreveu:pronto ...

Isso já basta pra provar que você não está com nenhum problema de redirecionamento..

A segurança em seu Roteador é super excelente, uma invasão em assitência remota via SSH em seu Roteador é impossível...
Lamento dizer, mas você não tem problema algum!!!

*Só se o problema está na central do provedor de sua internet..

mandando mais um

Gustavo Soares Nogueira escreveu:mandando mais um

Copie esse link malicioso em um bloco de notas e deixa em anexo aqui, quero verificar!!
Quero brincar com esse trojan, que está se passando pelo programa "Adobe Flash Player"  :rindo_ate_agor

Segue em anexo

qualquer coisa é só pedir aqui ...

Olá!

Gustavo Soares Nogueira escreveu:

Achei que fosse resolver o problema, mas nada resolvido !
A net agora é a cabo, e o problema persiste, o que fazer ?

Você pode mudar de provedor quantas vezes for.
Algum log gerado por algúma ferramenta tipo hijack, por exemplo?

Seria interessante printar o seu gerenciador de processos e colar um log do hijack.

O modem da net está conectado ao roteador ou sua conexão é direta ao modem?

É um Trojan realmente, tome cuidado para não instalar esse "Adobe Flash Player" Ok ??

Veja --> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Instale a extensão SafeBrowser, em seu navegador, unica solução
Link --> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Ligue para seu provedor de internet e explique o problema!!

Até

Wings, o cabo vem direto ao pc, não uso roteador.
Você acha que devo usar ?


Brandon - Instalei o Safebrowser e pelo que parece não tem problema quanto à entrar na página, ele muda.
Mas como retirar essa praga não tem como né ?

Gustavo Soares Nogueira escreveu:Wings, o cabo vem direto ao pc, não uso roteador.
Você acha que devo usar ?


Brandon - Instalei o Safebrowser e pelo que parece não tem problema quanto à entrar na página, ele muda.
Mas como retirar essa praga não tem como né ?

Internet via rádio colega??
Recomendo usar um Roteador para internet via rádio!

Ligue para o seu provedor, e explique o problema, sem condições para te ajudar!!

Agora é à cabo.

Era rádio, aí pedi pra trocar, pq meu provedor trabalha com os dois, eles trocaram, por uns dias o problema sumiu, hoje ele voltou !

Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e salve-o no Desktop

Obs. Baixe a versão correta conforme seu Windows: 32 ou 64 bits.

*Clique com o botão direito do mouse no FRST e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Aceite o contrato, clique [Scan] e ao término clique [OK] > [OK]

*Anexe os relatórios FRST.txt e Addition.txt criados no Desktop

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-12-2013
Ran by Gustavo Soares at 2013-12-09 22:46:57
Running from C:\Users\Gustavo Soares\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG Internet Security 2013 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials (Enabled - Up to date) {108DAC43-C256-20B7-BB05-914135DA5160}
AS: Microsoft Security Essentials (Enabled - Up to date) {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2013 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

32 Bit HP CIO Components Installer (Version: 6.1.2)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.278)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader 9.3 - Português (Version: 9.3.0)
Ares 2.2.4 (Version: 2.2.4-Build#3048)
aTube Catcher (Version: 2.9.4134)
AVG 2013 (Version: 13.0.3426)
AVG 2013 (Version: 13.0.3658)
AVG 2013 (Version: 2013.0.3426)
BufferChm (Version: 140.0.212.000)
CCleaner (Version: 4.00)
Copy (Version: 140.0.212.000)
D3DX10 (Version: 15.4.2368.0902)
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 140.0.212.000)
DJ_AIO_06_F4500_SW_MIN (Version: 140.0.690.000)
do-search Browser Protecter
F4500 (Version: 140.0.690.000)
Football Manager 2014
Google Chrome (HKCU Version: 31.0.1650.63)
Google Talk Plugin (Version: 4.9.1.16010)
GPBaseService2 (Version: 140.0.211.000)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (Version: 5.002.002.002)
HPPhotoGadget (Version: 140.0.524.000)
HPProductAssistant (Version: 140.0.212.000)
HPSSupply (Version: 140.0.211.000)
Intel(R) Processor Graphics (Version: 8.15.10.2401)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Junk Mail filter update (Version: 15.4.3502.0922)
K-Lite Codec Pack 9.3.0 (Full) (Version: 9.3.0)
MarketResearch (Version: 140.0.212.000)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Antimalware Service PT-BR Language Pack (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office Access MUI (Portuguese (Brazil)) 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (Portuguese (Brazil)) 2010 (Version: 14.0.4763.1000)
Microsoft Office Groove MUI (Portuguese (Brazil)) 2010 (Version: 14.0.4763.1000)
Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2010 (Version: 14.0.4763.1000)
Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010 (Version: 14.0.4763.1000)
Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010 (Version: 14.0.4763.1000)
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010 (Version: 14.0.4763.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (Portuguese (Brazil)) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proofing (Portuguese (Brazil)) 2010 (Version: 14.0.4763.1000)
Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared MUI (Portuguese (Brazil)) 2010 (Version: 14.0.4763.1000)
Microsoft Office Word MUI (Portuguese (Brazil)) 2010 (Version: 14.0.4763.1000)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Client PT-BR Language Pack (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 4.0.50401.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 25.0.1 (x86 pt-BR) (Version: 25.0.1)
Mozilla Maintenance Service (Version: 25.0.1)
MSVCRT (Version: 15.4.2862.0708)
Nero 7 Ultra Edition (Version: 7.02.2631)
Network (Version: 140.0.215.000)
Opera Stable 18.0.1284.49 (Version: 18.0.1284.49)
Pro Evolution Soccer 2013 (Version: 1.00.0000)
Scan (Version: 140.0.80.000)
Shop for HP Supplies (Version: 14.0)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 140.0.213.000)
SpyHunter (Version: 4.15.1.4270)
Status (Version: 140.0.212.000)
Steam (Version: 1.0.0.0)
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 140.0.212.000)
Unity Web Player (HKCU Version: )
Unlocker 1.9.2 (Version: 1.9.2)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
WebReg (Version: 140.0.212.017)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR archiver

==================== Restore Points =========================

24-11-2013 21:53:15 Windows Update
28-11-2013 03:45:16 Windows Update
28-11-2013 19:31:24 Installed STOPzilla
28-11-2013 20:01:46 STOPzilla Restore Point.
28-11-2013 20:43:30 Removed STOPzilla
01-12-2013 16:10:09 Windows Update
06-12-2013 01:56:45 Windows Update
09-12-2013 23:25:29 Windows Update

==================== Hosts content: ==========================

2009-07-14 00:04 - 2013-11-29 14:20 - 00000021 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1CC64753-48E0-43E5-9D79-950E638A43AC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2496378635-2844013415-931308862-1000UA => C:\Users\Gustavo Soares\AppData\Local\Google\Update\GoogleUpdate.exe [2013-11-26] (Google Inc.)
Task: {22F70A89-2D39-4651-90C7-16CD18C1AADB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10] (Adobe Systems Incorporated)
Task: {25D2BAC8-DB3A-42E7-915A-3D9146F4E596} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {3136D617-BCEC-4567-B053-D25837B32E45} - System32\Tasks\{F4898ABB-1D7C-4380-BD6E-C38EC609C096} => C:\Users\Gustavo Soares\Desktop\My Shared Folder\Nova pasta\zoek.exe
Task: {6AC73FB0-2830-4456-9D7C-FDFB0FE7285B} - System32\Tasks\{41BACDDE-D4C5-4F60-9FC8-9B3E4475B2CE} => C:\Users\Gustavo Soares\Downloads\scupper.exe
Task: {6D579D9E-0099-4B8B-BDBD-3F3D86001413} - System32\Tasks\Microsoft\Microsoft Antimalware\MP Scheduled Scan => C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27] (Microsoft Corporation)
Task: {805B8154-DCE1-4E2F-B7FB-4DAAF7C4D335} - System32\Tasks\{E3BF3900-EBF8-4319-BE57-FDD9B391C37D} => C:\Users\Gustavo Soares\Downloads\scupper.exe
Task: {C217A462-AC61-44EB-9E05-4753B1B6F78B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2496378635-2844013415-931308862-1000Core => C:\Users\Gustavo Soares\AppData\Local\Google\Update\GoogleUpdate.exe [2013-11-26] (Google Inc.)
Task: {EF20601A-7AD6-4514-AE8C-1C3C710BAF97} - System32\Tasks\{0029EAE0-B404-4F64-BC8D-457789962A13} => C:\Users\Gustavo Soares\Desktop\My Shared Folder\Nova pasta\zoek.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2496378635-2844013415-931308862-1000Core.job => C:\Users\Gustavo Soares\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2496378635-2844013415-931308862-1000UA.job => C:\Users\Gustavo Soares\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-07-04 19:32 - 2010-07-04 19:32 - 00004608 _____ () C:\Program Files\Unlocker\UnlockerHook.dll
2010-07-04 19:32 - 2010-07-04 19:32 - 00010752 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2013-03-26 18:10 - 2005-10-07 16:05 - 00125440 _____ () C:\Program Files\WinRAR\rarext.dll
2013-03-26 17:40 - 2011-05-21 15:32 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2013-11-17 16:39 - 2013-11-17 16:39 - 03363952 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-10-10 02:56 - 2013-10-10 02:56 - 16233864 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows\System32:6D470005_Bb.gbp
AlternateDataStreams: C:\Windows\system32\drivers:GbpKmAp.lst

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/09/2013 08:28:16 PM) (Source: Application Error) (User: )
Description: Nome de aplicativo com falha: fm.exe, versão: 14.1.3.45519, carimbo de hora: 0x5272c0ef
Nome do módulo de falhas: fm.exe, versão: 14.1.3.45519, carimbo de hora: 0x5272c0ef
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0154fa50
Identificação do processo com falha: 0x17c8
Hora de início do aplicativo com falha: 0xfm.exe0
Caminho do aplicativo com falha: fm.exe1
FCaminho do módulo de falhas: fm.exe2
Identificação do Relatório: fm.exe3

Error: (12/09/2013 01:29:11 PM) (Source: SideBySide) (User: )
Description: Falha na geração de contexto de ativação para "imaging1". Erro no arquivo de manifesto ou de diretiva imaging2", na linha imaging3.
O elemento imaging aparece como filho do elemento urn:schemas-microsoft-com:asm.v1^assembly, o que não tem suporte nesta versão do Windows.

Error: (12/07/2013 11:46:39 AM) (Source: SideBySide) (User: )
Description: Falha na geração de contexto de ativação para "imaging1". Erro no arquivo de manifesto ou de diretiva imaging2", na linha imaging3.
O elemento imaging aparece como filho do elemento urn:schemas-microsoft-com:asm.v1^assembly, o que não tem suporte nesta versão do Windows.

Error: (12/06/2013 11:15:27 PM) (Source: SideBySide) (User: )
Description: Falha na geração de contexto de ativação para "imaging1". Erro no arquivo de manifesto ou de diretiva imaging2", na linha imaging3.
O elemento imaging aparece como filho do elemento urn:schemas-microsoft-com:asm.v1^assembly, o que não tem suporte nesta versão do Windows.

Error: (12/06/2013 00:10:19 AM) (Source: RasClient) (User: )
Description: CoId={B91F40E8-46D8-45D2-8251-365B9C430015}: o usuário Gustavo-PC\Gustavo Soares discou uma conexão de nome Conexão de Banda Larga que falhou. O código do erro retornado na falha é 691.

Error: (12/04/2013 10:15:12 PM) (Source: Application Error) (User: )
Description: Nome de aplicativo com falha: fm.exe, versão: 14.1.3.45519, carimbo de hora: 0x5272c0ef
Nome do módulo de falhas: fm.exe, versão: 14.1.3.45519, carimbo de hora: 0x5272c0ef
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00f31237
Identificação do processo com falha: 0x10cc
Hora de início do aplicativo com falha: 0xfm.exe0
Caminho do aplicativo com falha: fm.exe1
FCaminho do módulo de falhas: fm.exe2
Identificação do Relatório: fm.exe3

Error: (12/03/2013 09:55:42 PM) (Source: Application Error) (User: )
Description: Nome de aplicativo com falha: fm.exe, versão: 14.1.3.45519, carimbo de hora: 0x5272c0ef
Nome do módulo de falhas: fm.exe, versão: 14.1.3.45519, carimbo de hora: 0x5272c0ef
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00f31237
Identificação do processo com falha: 0xd9c
Hora de início do aplicativo com falha: 0xfm.exe0
Caminho do aplicativo com falha: fm.exe1
FCaminho do módulo de falhas: fm.exe2
Identificação do Relatório: fm.exe3

Error: (12/03/2013 01:14:56 PM) (Source: SideBySide) (User: )
Description: Falha na geração de contexto de ativação para "imaging1". Erro no arquivo de manifesto ou de diretiva imaging2", na linha imaging3.
O elemento imaging aparece como filho do elemento urn:schemas-microsoft-com:asm.v1^assembly, o que não tem suporte nesta versão do Windows.

Error: (12/03/2013 00:41:58 PM) (Source: Application Error) (User: )
Description: Nome de aplicativo com falha: fm.exe, versão: 14.1.3.45519, carimbo de hora: 0x5272c0ef
Nome do módulo de falhas: fm.exe, versão: 14.1.3.45519, carimbo de hora: 0x5272c0ef
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0154fa50
Identificação do processo com falha: 0xfe0
Hora de início do aplicativo com falha: 0xfm.exe0
Caminho do aplicativo com falha: fm.exe1
FCaminho do módulo de falhas: fm.exe2
Identificação do Relatório: fm.exe3

Error: (12/02/2013 10:24:17 PM) (Source: Application Error) (User: )
Description: Nome de aplicativo com falha: fm.exe, versão: 14.1.3.45519, carimbo de hora: 0x5272c0ef
Nome do módulo de falhas: fm.exe, versão: 14.1.3.45519, carimbo de hora: 0x5272c0ef
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0154fa50
Identificação do processo com falha: 0xe4c
Hora de início do aplicativo com falha: 0xfm.exe0
Caminho do aplicativo com falha: fm.exe1
FCaminho do módulo de falhas: fm.exe2
Identificação do Relatório: fm.exe3


System errors:
=============
Error: (12/09/2013 09:14:49 PM) (Source: Service Control Manager) (User: )
Description: Não foi possível iniciar o serviço sbapifs devido ao seguinte erro:
%%2

Error: (12/09/2013 09:13:43 PM) (Source: Service Control Manager) (User: )
Description: A chamada ScRegSetValueExW falhou para FailureActions com o seguinte erro:
%%5

Error: (12/09/2013 09:13:11 PM) (Source: Service Control Manager) (User: )
Description: O serviço Windows Search foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço.

Error: (12/09/2013 09:13:11 PM) (Source: Service Control Manager) (User: )
Description: O serviço Microsoft Antimalware Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 15000 milissegundos: Reiniciar o serviço.

Error: (12/09/2013 09:13:11 PM) (Source: Service Control Manager) (User: )
Description: O serviço Spooler de Impressão foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.

Error: (12/09/2013 09:13:10 PM) (Source: Service Control Manager) (User: )
Description: O serviço Microsoft Network Inspection foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 15000 milissegundos: Reiniciar o serviço.

Error: (12/09/2013 09:13:10 PM) (Source: Service Control Manager) (User: )
Description: O serviço VIA Karaoke digital mixer Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Error: (12/09/2013 09:13:10 PM) (Source: Service Control Manager) (User: )
Description: O serviço Windows Live ID Sign-in Assistant foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (12/09/2013 09:13:10 PM) (Source: Service Control Manager) (User: )
Description: O serviço SpyHunter 4 Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Error: (12/09/2013 09:02:15 AM) (Source: Service Control Manager) (User: )
Description: A chamada ScRegSetValueExW falhou para FailureActions com o seguinte erro:
%%5


Microsoft Office Sessions:
=========================
Error: (12/09/2013 08:28:16 PM) (Source: Application Error)(User: )
Description: fm.exe14.1.3.455195272c0effm.exe14.1.3.455195272c0efc00000050154fa5017c801cef4e8a606ff24C:\Program Files\Steam\steamapps\common\Football Manager 2014\fm.exeC:\Program Files\Steam\steamapps\common\Football Manager 2014\fm.exe32172ad9-6121-11e3-b5e2-1078d2be35f5

Error: (12/09/2013 01:29:11 PM) (Source: SideBySide)(User: )
Description: imagingurn:schemas-microsoft-com:asm.v1^assemblyc:\program files\microsoft security client\MSESysprep.dllc:\program files\microsoft security client\MSESysprep.dll10

Error: (12/07/2013 11:46:39 AM) (Source: SideBySide)(User: )
Description: imagingurn:schemas-microsoft-com:asm.v1^assemblyc:\program files\microsoft security client\MSESysprep.dllc:\program files\microsoft security client\MSESysprep.dll10

Error: (12/06/2013 11:15:27 PM) (Source: SideBySide)(User: )
Description: imagingurn:schemas-microsoft-com:asm.v1^assemblyc:\program files\microsoft security client\MSESysprep.dllc:\program files\microsoft security client\MSESysprep.dll10

Error: (12/06/2013 00:10:19 AM) (Source: RasClient)(User: )
Description: {B91F40E8-46D8-45D2-8251-365B9C430015}Gustavo-PC\Gustavo SoaresConexão de Banda Larga691

Error: (12/04/2013 10:15:12 PM) (Source: Application Error)(User: )
Description: fm.exe14.1.3.455195272c0effm.exe14.1.3.455195272c0efc000000500f3123710cc01cef12d8772f01eC:\Program Files\Steam\steamapps\common\Football Manager 2014\fm.exeC:\Program Files\Steam\steamapps\common\Football Manager 2014\fm.exe4e995086-5d42-11e3-9dc4-1078d2be35f5

Error: (12/03/2013 09:55:42 PM) (Source: Application Error)(User: )
Description: fm.exe14.1.3.455195272c0effm.exe14.1.3.455195272c0efc000000500f31237d9c01cef0589e4a0fd7C:\Program Files\Steam\steamapps\common\Football Manager 2014\fm.exeC:\Program Files\Steam\steamapps\common\Football Manager 2014\fm.exe6a9d4423-5c76-11e3-b7e7-1078d2be35f5

Error: (12/03/2013 01:14:56 PM) (Source: SideBySide)(User: )
Description: imagingurn:schemas-microsoft-com:asm.v1^assemblyc:\program files\microsoft security client\MSESysprep.dllc:\program files\microsoft security client\MSESysprep.dll10

Error: (12/03/2013 00:41:58 PM) (Source: Application Error)(User: )
Description: fm.exe14.1.3.455195272c0effm.exe14.1.3.455195272c0efc00000050154fa50fe001cef02bac909015C:\Program Files\Steam\steamapps\common\Football Manager 2014\fm.exeC:\Program Files\Steam\steamapps\common\Football Manager 2014\fm.exe0f58ac79-5c29-11e3-b7e7-1078d2be35f5

Error: (12/02/2013 10:24:17 PM) (Source: Application Error)(User: )
Description: fm.exe14.1.3.455195272c0effm.exe14.1.3.455195272c0efc00000050154fa50e4c01ceef5b5eb35506C:\Program Files\Steam\steamapps\common\Football Manager 2014\fm.exeC:\Program Files\Steam\steamapps\common\Football Manager 2014\fm.exe3e72278d-5bb1-11e3-b5f0-1078d2be35f5


==================== Memory info ===========================

Percentage of memory in use: 50%
Total physical RAM: 3172.79 MB
Available physical RAM: 1573.53 MB
Total Pagefile: 6343.85 MB
Available Pagefile: 4636.75 MB
Total Virtual: 2047.88 MB
Available Virtual: 1864.24 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:414.94 GB) (Free:314.83 GB) NTFS
Drive d: () (Fixed) (Total:516.47 GB) (Free:516.36 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 932 GB) (Disk ID: 97BE5B6A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=415 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=516 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-12-2013
Ran by Gustavo Soares (administrator) on GUSTAVO-PC on 09-12-2013 22:46:13
Running from C:\Users\Gustavo Soares\Downloads
Microsoft Windows 7 Ultimate (X86) OS Language: Portuguese Brazilian
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgcsrvx.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgwdsvc.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgnsx.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files\Unlocker\UnlockerAssistant.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgemcx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-11] (Adobe Systems Incorporated)
HKLM\...\Run: [NeroFilterCheck] - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuschd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM\...\Run: [mobilegeni daemon] - C:\Program Files\Mobogenie\DaemonProcess.exe
HKLM\...\Run: [UnlockerAssistant] - C:\Program Files\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] ()
Winlogon\Notify\ GbPluginBb: C:\Program Files\GbPlugin\gbieh.dll (Banco do Brasil)
HKCU\...\Run: [Google Update] - C:\Users\Gustavo Soares\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-11-26] (Google Inc.)
HKCU\...\Winlogon: [Shell] explorer.exe [2614784 2011-02-26] (Microsoft Corporation) <==== ATTENTION
MountPoints2: {70938acb-964a-11e2-823d-806e6f6e6963} - E:\DriverPackSolution.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x831FFD557EECCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br
SearchScopes: HKLM - DefaultScope value is missing.
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files\GbPlugin\gbieh.dll (Banco do Brasil)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files\GbPlugin\gbieh.dll [1487912 2013-10-07] (Banco do Brasil)
Tcpip\..\Interfaces\{495847DA-391F-4067-8E2A-E5C43E829FE0}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1,198.153.192.40,198.153.194.40
Tcpip\..\Interfaces\{7462C488-36A1-4952-88F3-2AFA91CCB58B}: [NameServer]200.222.41.83 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Gustavo Soares\AppData\Roaming\Mozilla\Firefox\Profiles\qyasuxtc.default-1384876832046
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Gustavo Soares\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Gustavo Soares\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Gustavo Soares\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Gustavo Soares\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Gustavo Soares\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Gustavo Soares\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\buscape.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mercadolivre.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-br.xml
FF Extension: SafeBrowse - C:\Users\Gustavo Soares\AppData\Roaming\Mozilla\Firefox\Profiles\qyasuxtc.default-1384876832046\Extensions\safebrowse@safebrowse.co
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR DefaultSearchKeyword: google.com.br
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Extension: (Google Docs) - C:\Users\Gustavo Soares\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Gustavo Soares\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Gustavo Soares\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Gustavo Soares\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\Gustavo Soares\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1
CHR Extension: (Gmail) - C:\Users\Gustavo Soares\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736 2011-04-27] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [208944 2011-04-27] (Microsoft Corporation)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [770432 2013-07-17] (Enigma Software Group USA, LLC.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-02-17] (VIA Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [208184 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [60216 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22328 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [171320 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [96568 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [39224 2013-09-05] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [182072 2013-03-21] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-11-10] (AVG Technologies)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13904 2011-05-06] ()
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()
R0 GbpKm; C:\Windows\System32\drivers\gbpkm.sys [49536 2013-05-08] (GAS Tecnologia)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [165648 2011-04-18] (Microsoft Corporation)
R3 MpNWMon; C:\Windows\System32\DRIVERS\MpNWMon.sys [43392 2011-04-18] (Microsoft Corporation)
S3 Ndisrd; C:\Windows\System32\DRIVERS\gbpndisrd.sys [31088 2013-12-09] (GbPlugin NDIS Device Driver)
R3 NdisrdMP; C:\Windows\System32\DRIVERS\gbpndisrd.sys [31088 2013-12-09] (GbPlugin NDIS Device Driver)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1801328 2011-02-17] (VIA Technologies, Inc.)
S3 apf001; \??\C:\Game\SoftnyxGame\GunBoundPS\apf001.sys [x]
R1 MpKsl5ad51fe6; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{13F268AA-9AD5-4E2F-8241-43BC644AE892}\MpKsl5ad51fe6.sys [x]
S2 sbapifs; system32\DRIVERS\sbapifs.sys [x]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-09 22:46 - 2013-12-09 22:46 - 00013239 _____ C:\Users\Gustavo Soares\Downloads\FRST.txt
2013-12-09 22:46 - 2013-12-09 22:46 - 00000000 ____D C:\FRST
2013-12-09 22:45 - 2013-12-09 22:45 - 01060641 _____ (Farbar) C:\Users\Gustavo Soares\Downloads\FRST.exe
2013-12-09 22:44 - 2013-12-09 22:45 - 00001384 _____ C:\Users\Gustavo Soares\Desktop\CCleaner.lnk
2013-12-09 22:05 - 2013-12-09 22:05 - 00000123 _____ C:\Users\Gustavo Soares\Desktop\Novo Documento de Texto.txt
2013-12-09 21:11 - 2013-12-09 21:12 - 01110034 _____ C:\Users\Gustavo Soares\Downloads\adwcleaner.exe
2013-12-09 21:11 - 2013-12-09 21:12 - 01110034 _____ C:\Users\Gustavo Soares\Downloads\adwcleaner(1).exe
2013-12-04 15:20 - 2013-12-04 15:20 - 00000534 _____ C:\Users\Gustavo Soares\Desktop\Conexão de Banda Larga - Atalho.lnk
2013-12-01 19:13 - 2013-12-01 19:13 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2013-12-01 19:13 - 2013-12-01 19:13 - 00000000 ____D C:\ProgramData\GbPlugin
2013-12-01 10:13 - 2013-12-01 10:13 - 00001087 _____ C:\Users\Public\Desktop\Opera.lnk
2013-12-01 10:13 - 2013-12-01 10:13 - 00000000 ____D C:\Users\Gustavo Soares\AppData\Roaming\Opera Software
2013-12-01 10:13 - 2013-12-01 10:13 - 00000000 ____D C:\Users\Gustavo Soares\AppData\Local\Opera Software
2013-12-01 10:13 - 2013-12-01 10:13 - 00000000 ____D C:\Program Files\Opera
2013-12-01 09:52 - 2013-12-01 09:52 - 33808696 _____ (Opera Software ASA) C:\Users\Gustavo Soares\Downloads\995-Opera_18.0.1284.49_Setup.exe
2013-12-01 09:39 - 2013-12-01 09:39 - 00621880 _____ C:\Users\Gustavo Soares\Downloads\opera-180128449-32-bits.exe
2013-11-29 17:45 - 2013-11-29 17:45 - 00001133 _____ C:\Users\Gustavo Soares\Desktop\gera-boleto.htm
2013-11-29 15:02 - 2013-11-29 15:02 - 00000000 ____D C:\Users\Gustavo Soares\AppData\Roaming\do-search
2013-11-29 14:47 - 2013-12-09 21:14 - 00001456 _____ C:\Windows\setupact.log
2013-11-29 14:47 - 2013-11-29 23:19 - 00001542 _____ C:\Windows\PFRO.log
2013-11-29 14:47 - 2013-11-29 14:47 - 00000000 _____ C:\Windows\setuperr.log
2013-11-29 14:26 - 2013-11-29 14:43 - 00000000 ____D C:\Users\Gustavo Soares\AppData\Local\cache
2013-11-29 14:26 - 2013-11-29 14:26 - 00000000 ____D C:\Users\Gustavo Soares\Documents\Mobogenie
2013-11-29 14:10 - 2013-11-29 15:00 - 00000000 ____D C:\Users\Gustavo Soares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2013-11-29 14:10 - 2013-11-29 15:00 - 00000000 ____D C:\Program Files\Unlocker
2013-11-28 21:45 - 2013-12-09 21:26 - 01255147 _____ C:\Windows\WindowsUpdate.log
2013-11-28 21:40 - 2013-11-28 21:40 - 00023073 _____ C:\Users\Gustavo Soares\Downloads\clean.zip
2013-11-28 20:56 - 2013-11-29 14:20 - 00000000 ____D C:\LinhaDefensiva
2013-11-28 20:56 - 2013-11-28 20:56 - 00178597 _____ (Igor Pavlov) C:\Users\Gustavo Soares\Downloads\bankerfix.exe
2013-11-28 20:52 - 2013-11-28 20:52 - 00000209 _____ C:\Users\Gustavo Soares\Downloads\Scanhosts.zip
2013-11-28 19:13 - 2013-11-28 19:13 - 00388608 _____ (Trend Micro Inc.) C:\Users\Gustavo Soares\Downloads\HijackThis.exe
2013-11-28 19:13 - 2013-11-28 19:13 - 00009320 _____ C:\Users\Gustavo Soares\Downloads\hijackthis.log
2013-11-28 17:44 - 2013-11-28 21:13 - 00000000 ____D C:\Program Files\HiJackThis
2013-11-28 17:16 - 2013-11-28 17:24 - 00000000 ____D C:\Users\Gustavo Soares\Downloads\Blog
2013-11-28 17:15 - 2013-11-28 17:24 - 00000000 ____D C:\Users\Gustavo Soares\Downloads\Faculdade
2013-11-28 14:22 - 2013-11-28 14:22 - 00025258 _____ C:\Users\Gustavo Soares\Documents\cc_20131128_142157.reg
2013-11-27 14:07 - 2013-11-27 14:07 - 00402911 _____ C:\Users\Gustavo Soares\Downloads\Unlocker1.9.2.exe
2013-11-26 18:27 - 2013-12-09 22:38 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2496378635-2844013415-931308862-1000UA.job
2013-11-26 18:27 - 2013-12-09 19:38 - 00001062 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2496378635-2844013415-931308862-1000Core.job
2013-11-20 12:12 - 2013-12-06 00:12 - 00001904 _____ C:\Users\Gustavo
2013-11-20 09:17 - 2013-11-20 09:19 - 04044244 _____ C:\Users\Gustavo Soares\Downloads\zoek.zip
2013-11-20 08:58 - 2013-12-09 21:13 - 00000000 ____D C:\AdwCleaner
2013-11-17 18:41 - 2013-11-29 14:46 - 00000000 ____D C:\Users\Gustavo Soares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2013-11-17 16:39 - 2013-11-19 14:02 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-14 16:06 - 2013-11-17 19:13 - 00000000 ____D C:\Users\Gustavo Soares\Desktop\SpyHunter_4.15.1.4270
2013-11-14 16:06 - 2013-11-17 18:41 - 00000000 ____D C:\Windows\DB847E94446B49E0AC5DC5627EC8B0C0.TMP
2013-11-14 15:39 - 2013-11-14 16:02 - 47455242 _____ C:\Users\Gustavo Soares\Downloads\SpyHunter_4.15.1.4270(1).rar
2013-11-14 15:33 - 2013-11-14 15:33 - 00331280 _____ (WinterSoft) C:\Users\Gustavo Soares\Downloads\SpyHunter_4.15.1.4270.rar.exe
2013-11-13 02:32 - 2013-11-13 02:33 - 01961120 _____ C:\Users\Gustavo Soares\Downloads\SpyHunter_4.15.1.4270.rar.part
2013-11-13 02:32 - 2013-11-13 02:32 - 00000000 _____ C:\Users\Gustavo Soares\Downloads\SpyHunter_4.15.1.4270.rar
2013-11-13 01:59 - 2013-11-13 01:59 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2013-11-13 01:59 - 2013-11-13 01:59 - 00000000 ____D C:\Users\Gustavo Soares\AppData\Roaming\Malwarebytes
2013-11-13 01:59 - 2013-11-13 01:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-13 01:57 - 2013-11-13 01:57 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Gustavo Soares\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-13 01:53 - 2013-11-13 01:53 - 00621880 _____ C:\Users\Gustavo Soares\Downloads\malwarebytes-anti-malware-17501300-32-bits.exe
2013-11-13 01:22 - 2013-11-13 01:22 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-11-13 01:21 - 2013-11-14 16:06 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-11-13 01:21 - 2013-11-13 01:53 - 00000000 ____D C:\Windows\A358F2F62500420C989C25C4F22DF51E.TMP
2013-11-11 14:36 - 2013-11-11 14:36 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Gustavo Soares\Downloads\SpyHunter-Installer.exe
2013-11-11 14:29 - 2013-11-13 01:33 - 00000000 ____D C:\Windows\system32\appmgmt
2013-11-11 14:04 - 2013-11-11 14:04 - 00000000 ____D C:\Windows\Sun
2013-11-10 20:28 - 2013-11-11 14:33 - 00000000 ____D C:\Users\Gustavo Soares\AppData\Local\Facebook

==================== One Month Modified Files and Folders =======

2013-12-09 22:46 - 2013-12-09 22:46 - 00013239 _____ C:\Users\Gustavo Soares\Downloads\FRST.txt
2013-12-09 22:46 - 2013-12-09 22:46 - 00000000 ____D C:\FRST
2013-12-09 22:45 - 2013-12-09 22:45 - 01060641 _____ (Farbar) C:\Users\Gustavo Soares\Downloads\FRST.exe
2013-12-09 22:45 - 2013-12-09 22:44 - 00001384 _____ C:\Users\Gustavo Soares\Desktop\CCleaner.lnk
2013-12-09 22:38 - 2013-11-26 18:27 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2496378635-2844013415-931308862-1000UA.job
2013-12-09 22:05 - 2013-12-09 22:05 - 00000123 _____ C:\Users\Gustavo Soares\Desktop\Novo Documento de Texto.txt
2013-12-09 21:56 - 2013-04-23 01:17 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-09 21:48 - 2013-07-03 15:36 - 00000000 ____D C:\Users\Todos os Usuários\MFAData
2013-12-09 21:48 - 2013-07-03 15:36 - 00000000 ____D C:\ProgramData\MFAData
2013-12-09 21:26 - 2013-11-28 21:45 - 01255147 _____ C:\Windows\WindowsUpdate.log
2013-12-09 21:21 - 2009-07-14 02:34 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-09 21:21 - 2009-07-14 02:34 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-09 21:15 - 2013-09-12 16:50 - 00031088 _____ (GbPlugin NDIS Device Driver) C:\Windows\system32\Drivers\GbpNdisrd.sys
2013-12-09 21:14 - 2013-11-29 14:47 - 00001456 _____ C:\Windows\setupact.log
2013-12-09 21:14 - 2009-07-14 02:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-09 21:13 - 2013-11-20 08:58 - 00000000 ____D C:\AdwCleaner
2013-12-09 21:12 - 2013-12-09 21:11 - 01110034 _____ C:\Users\Gustavo Soares\Downloads\adwcleaner.exe
2013-12-09 21:12 - 2013-12-09 21:11 - 01110034 _____ C:\Users\Gustavo Soares\Downloads\adwcleaner(1).exe
2013-12-09 19:38 - 2013-11-26 18:27 - 00001062 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2496378635-2844013415-931308862-1000Core.job
2013-12-09 12:12 - 2013-11-08 10:23 - 00000000 ____D C:\Program Files\Steam
2013-12-09 11:03 - 2013-11-07 01:20 - 00000000 ____D C:\Users\Gustavo Soares\Desktop\AP
2013-12-09 11:02 - 2013-10-03 13:14 - 00000000 ____D C:\Users\Gustavo Soares\Desktop\Blog
2013-12-06 11:05 - 2013-03-26 17:35 - 01515084 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-06 11:05 - 2009-07-14 06:31 - 00660456 _____ C:\Windows\system32\prfh0416.dat
2013-12-06 11:05 - 2009-07-14 06:31 - 00129616 _____ C:\Windows\system32\prfc0416.dat
2013-12-06 00:12 - 2013-11-20 12:12 - 00001904 _____ C:\Users\Gustavo
2013-12-06 00:12 - 2009-07-14 00:37 - 00000000 ____D C:\Windows\system32\NDF
2013-12-04 17:25 - 2009-07-14 02:53 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-04 15:20 - 2013-12-04 15:20 - 00000534 _____ C:\Users\Gustavo Soares\Desktop\Conexão de Banda Larga - Atalho.lnk
2013-12-02 10:33 - 2013-07-29 11:29 - 00000000 ____D C:\Users\Gustavo Soares\Documents\Documentos
2013-12-01 19:56 - 2013-03-27 09:06 - 00000000 ____D C:\Users\Gustavo Soares\AppData\Local\Windows Live
2013-12-01 19:13 - 2013-12-01 19:13 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2013-12-01 19:13 - 2013-12-01 19:13 - 00000000 ____D C:\ProgramData\GbPlugin
2013-12-01 10:14 - 2013-03-26 17:30 - 00000000 ____D C:\Users\Gustavo Soares
2013-12-01 10:13 - 2013-12-01 10:13 - 00001087 _____ C:\Users\Public\Desktop\Opera.lnk
2013-12-01 10:13 - 2013-12-01 10:13 - 00000000 ____D C:\Users\Gustavo Soares\AppData\Roaming\Opera Software
2013-12-01 10:13 - 2013-12-01 10:13 - 00000000 ____D C:\Users\Gustavo Soares\AppData\Local\Opera Software
2013-12-01 10:13 - 2013-12-01 10:13 - 00000000 ____D C:\Program Files\Opera
2013-12-01 09:52 - 2013-12-01 09:52 - 33808696 _____ (Opera Software ASA) C:\Users\Gustavo Soares\Downloads\995-Opera_18.0.1284.49_Setup.exe
2013-12-01 09:39 - 2013-12-01 09:39 - 00621880 _____ C:\Users\Gustavo Soares\Downloads\opera-180128449-32-bits.exe
2013-11-29 23:19 - 2013-11-29 14:47 - 00001542 _____ C:\Windows\PFRO.log
2013-11-29 17:46 - 2013-11-02 12:03 - 00000000 ____D C:\Users\Gustavo Soares\Documents\iMacros
2013-11-29 17:45 - 2013-11-29 17:45 - 00001133 _____ C:\Users\Gustavo Soares\Desktop\gera-boleto.htm
2013-11-29 15:02 - 2013-11-29 15:02 - 00000000 ____D C:\Users\Gustavo Soares\AppData\Roaming\do-search
2013-11-29 15:00 - 2013-11-29 14:10 - 00000000 ____D C:\Users\Gustavo Soares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2013-11-29 15:00 - 2013-11-29 14:10 - 00000000 ____D C:\Program Files\Unlocker
2013-11-29 14:47 - 2013-11-29 14:47 - 00000000 _____ C:\Windows\setuperr.log
2013-11-29 14:46 - 2013-11-17 18:41 - 00000000 ____D C:\Users\Gustavo Soares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2013-11-29 14:46 - 2013-11-08 11:12 - 00000000 ____D C:\Users\Gustavo Soares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-11-29 14:46 - 2013-03-26 18:34 - 00000000 ____D C:\Users\Gustavo Soares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-11-29 14:46 - 2013-03-26 17:30 - 00000000 ___RD C:\Users\Gustavo Soares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-11-29 14:46 - 2013-03-26 17:30 - 00000000 ___RD C:\Users\Gustavo Soares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-11-29 14:43 - 2013-11-29 14:26 - 00000000 ____D C:\Users\Gustavo Soares\AppData\Local\cache
2013-11-29 14:34 - 2013-09-11 10:34 - 00000000 ____D C:\Users\Gustavo Soares\Desktop\Faculdade
2013-11-29 14:26 - 2013-11-29 14:26 - 00000000 ____D C:\Users\Gustavo Soares\Documents\Mobogenie
2013-11-29 14:20 - 2013-11-28 20:56 - 00000000 ____D C:\LinhaDefensiva
2013-11-29 14:15 - 2013-09-12 16:49 - 00000000 ____D C:\Program Files\GbPlugin
2013-11-28 21:40 - 2013-11-28 21:40 - 00023073 _____ C:\Users\Gustavo Soares\Downloads\clean.zip
2013-11-28 21:13 - 2013-11-28 17:44 - 00000000 ____D C:\Program Files\HiJackThis
2013-11-28 20:56 - 2013-11-28 20:56 - 00178597 _____ (Igor Pavlov) C:\Users\Gustavo Soares\Downloads\bankerfix.exe
2013-11-28 20:52 - 2013-11-28 20:52 - 00000209 _____ C:\Users\Gustavo Soares\Downloads\Scanhosts.zip
2013-11-28 19:13 - 2013-11-28 19:13 - 00388608 _____ (Trend Micro Inc.) C:\Users\Gustavo Soares\Downloads\HijackThis.exe
2013-11-28 19:13 - 2013-11-28 19:13 - 00009320 _____ C:\Users\Gustavo Soares\Downloads\hijackthis.log
2013-11-28 17:24 - 2013-11-28 17:16 - 00000000 ____D C:\Users\Gustavo Soares\Downloads\Blog
2013-11-28 17:24 - 2013-11-28 17:15 - 00000000 ____D C:\Users\Gustavo Soares\Downloads\Faculdade
2013-11-28 14:22 - 2013-11-28 14:22 - 00025258 _____ C:\Users\Gustavo Soares\Documents\cc_20131128_142157.reg
2013-11-27 14:07 - 2013-11-27 14:07 - 00402911 _____ C:\Users\Gustavo Soares\Downloads\Unlocker1.9.2.exe
2013-11-26 18:30 - 2013-03-26 18:34 - 00000000 ____D C:\Users\Gustavo Soares\AppData\Roaming\Mozilla
2013-11-26 18:30 - 2013-03-26 18:34 - 00000000 ____D C:\Users\Gustavo Soares\AppData\Local\Google
2013-11-26 09:23 - 2013-03-28 16:04 - 00000000 ____D C:\Users\Gustavo Soares\Desktop\My Shared Folder
2013-11-20 09:19 - 2013-11-20 09:17 - 04044244 _____ C:\Users\Gustavo Soares\Downloads\zoek.zip
2013-11-19 14:02 - 2013-11-17 16:39 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-19 08:21 - 2013-03-26 18:45 - 00230048 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-17 19:43 - 2013-04-17 02:43 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-17 19:13 - 2013-11-14 16:06 - 00000000 ____D C:\Users\Gustavo Soares\Desktop\SpyHunter_4.15.1.4270
2013-11-17 18:41 - 2013-11-14 16:06 - 00000000 ____D C:\Windows\DB847E94446B49E0AC5DC5627EC8B0C0.TMP
2013-11-14 16:06 - 2013-11-13 01:21 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-11-14 16:02 - 2013-11-14 15:39 - 47455242 _____ C:\Users\Gustavo Soares\Downloads\SpyHunter_4.15.1.4270(1).rar
2013-11-14 15:35 - 2013-07-03 16:26 - 00000000 ____D C:\Users\Todos os Usuários\AVG2013
2013-11-14 15:35 - 2013-07-03 16:26 - 00000000 ____D C:\ProgramData\AVG2013
2013-11-14 15:33 - 2013-11-14 15:33 - 00331280 _____ (WinterSoft) C:\Users\Gustavo Soares\Downloads\SpyHunter_4.15.1.4270.rar.exe
2013-11-13 02:33 - 2013-11-13 02:32 - 01961120 _____ C:\Users\Gustavo Soares\Downloads\SpyHunter_4.15.1.4270.rar.part
2013-11-13 02:32 - 2013-11-13 02:32 - 00000000 _____ C:\Users\Gustavo Soares\Downloads\SpyHunter_4.15.1.4270.rar
2013-11-13 01:59 - 2013-11-13 01:59 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2013-11-13 01:59 - 2013-11-13 01:59 - 00000000 ____D C:\Users\Gustavo Soares\AppData\Roaming\Malwarebytes
2013-11-13 01:59 - 2013-11-13 01:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-13 01:57 - 2013-11-13 01:57 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Gustavo Soares\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-13 01:53 - 2013-11-13 01:53 - 00621880 _____ C:\Users\Gustavo Soares\Downloads\malwarebytes-anti-malware-17501300-32-bits.exe
2013-11-13 01:53 - 2013-11-13 01:21 - 00000000 ____D C:\Windows\A358F2F62500420C989C25C4F22DF51E.TMP
2013-11-13 01:33 - 2013-11-11 14:29 - 00000000 ____D C:\Windows\system32\appmgmt
2013-11-13 01:22 - 2013-11-13 01:22 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-11-11 14:36 - 2013-11-11 14:36 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Gustavo Soares\Downloads\SpyHunter-Installer.exe
2013-11-11 14:33 - 2013-11-10 20:28 - 00000000 ____D C:\Users\Gustavo Soares\AppData\Local\Facebook
2013-11-11 14:04 - 2013-11-11 14:04 - 00000000 ____D C:\Windows\Sun
2013-11-10 19:02 - 2013-07-03 16:28 - 00037664 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys

Some content of TEMP:
====================
C:\Users\Gustavo Soares\AppData\Local\Temp\bitool.dll
C:\Users\Gustavo Soares\AppData\Local\Temp\Mobogenie_Setup_2.1.23_515.exe
C:\Users\Gustavo Soares\AppData\Local\Temp\PCSpeedMaximizer.exe
C:\Users\Gustavo Soares\AppData\Local\Temp\Quarantine.exe
C:\Users\Gustavo Soares\AppData\Local\Temp\smt_do-search_201311131701.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-02 18:17

==================== End Of Log ============================

Baixe o arquivo fixlist.txt e salve-o na mesma pasta onde encontra-se o FRST

Spoiler:

*Clique com o botão direito do mouse no FRST e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Clique [Fix] e cole ou anexe o relatório Fixlog.txt criado no Desktop


Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Smeenk)

*Extraia o arquivo Zoek.exe

*Clique com o botão direito do mouse no Zoek e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Copie e cole as linhas em marrom no espaço do Zoek

emptyclsid;
emptyfolderscheck;delete
autoclean;
emptyalltemp;
ipconfig /flushdns >> %temp%\log.txt;b

*Feche o seu navegador e clique [Run Script]

*Durante o scan a mensagem abaixo será apresentada. Aguarde o término...pode demorar!

Zoek.exe is running now.
Do not start any browser windows, they will be closed automatically.
Please wait! This window will close when finished.
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log

*Caso a reinicialização do PC seja solicitada, clique [OK]

*Anexe o relatório C:\zoek-results.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 09-12-2013
Ran by Gustavo Soares at 2013-12-09 23:25:00 Run:1
Running from C:\Users\Gustavo Soares\Downloads
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKCU\...\Winlogon: [Shell] explorer.exe [2614784 2011-02-26] (Microsoft Corporation)
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction
S3 apf001;
S2 sbapifs;
C:\Users\Gustavo Soares\AppData\Local\Temp\bitool.dll
C:\Users\Gustavo Soares\AppData\Local\Temp\Mobogenie_Setup_2.1.23_515.exe
C:\Users\Gustavo Soares\AppData\Local\Temp\PCSpeedMaximizer.exe
C:\Users\Gustavo Soares\AppData\Local\Temp\Quarantine.exe
C:\Users\Gustavo Soares\AppData\Local\Temp\smt_do-search_201311131701.exe


*****************

HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.
HKCU\SOFTWARE\Policies\Google => Key deleted successfully.
apf001 => Service deleted successfully.
sbapifs => Service deleted successfully.
C:\Users\Gustavo Soares\AppData\Local\Temp\bitool.dll => Moved successfully.
C:\Users\Gustavo Soares\AppData\Local\Temp\Mobogenie_Setup_2.1.23_515.exe => Moved successfully.
C:\Users\Gustavo Soares\AppData\Local\Temp\PCSpeedMaximizer.exe => Moved successfully.
C:\Users\Gustavo Soares\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Gustavo Soares\AppData\Local\Temp\smt_do-search_201311131701.exe => Moved successfully.

==== End of Fixlog ====