Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14428 usuários registrados
O último usuário registrado atende pelo nome de RS_Computadores

Os nossos membros postaram um total de 35112 mensagens em 3557 assuntos
Últimos assuntos
» Notebook Travando!
por RS_Computadores Hoje à(s) 10:37

Quem está conectado
5 usuários online :: 1 usuário cadastrado, Nenhum Invisível e 4 Visitantes :: 2 Motores de busca

RS_Computadores

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Setembro 2017
SegTerQuaQuiSexSabDom
    123
45678910
11121314151617
18192021222324
252627282930 

Calendário Calendário

Palavras chave


Removendo buscador e página inicial QONE8 do Chrome

Página 1 de 2 1, 2  Seguinte

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

Removendo buscador e página inicial QONE8 do Chrome

Mensagem por rachoa em Qui 15 Maio 2014, 22:38

Pessoal,

Estou precisando remover essa praga desse Qone8. Pesquisando na internet e até aqui no fórum (post [Você precisa estar registrado e conectado para ver este link.] tentei remove-lo de forma tradicional, desinstalando o programa e removendo do Chrome.
Porém, convencionalmente não rolou e então parti para o Adw Cleaner.
Não adiantou também.
Alguma outra sugestão ?


Obrigado,

Rafael Achôa
avatar
rachoa
Iniciante
Iniciante

Mensagens : 19
Reputação : 0
Data de inscrição : 15/05/2014

Voltar ao Topo Ir em baixo

Re: Removendo buscador e página inicial QONE8 do Chrome

Mensagem por Power Max em Qui 15 Maio 2014, 22:41

   Olá Rafael.

* Poste o log (relatório) do Adwcleaner que está em C:\AdwCleaner\AdwCleaner[S0].txt para que possamos analisá-lo.

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Removendo buscador e página inicial QONE8 do Chrome

Mensagem por rachoa em Qui 15 Maio 2014, 22:49

Segue

# AdwCleaner v3.208 - Relatório criado 15/05/2014 às 21:38:26
# Atualizado 11/05/2014 por Xplode
# Sistema Operacional : Windows 8 Single Language  (64 bits)
# Usuário : Isabela - ISINHA
# Executando de : C:\Users\Isabela\Downloads\adwcleaner_3.208.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\WPM
Pasta Deletada : C:\Program Files (x86)\Common Files\337
[x] Não Deletada : C:\Users\Isabela\AppData\Local\Mobogenie
[x] Não Deletada : C:\Users\Isabela\AppData\Local\SearchProtect
Pasta Deletada : C:\Users\Isabela\AppData\LocalLow\IminentToolbar
Pasta Deletada : C:\Users\Isabela\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Isabela\AppData\Roaming\iWin
Pasta Deletada : C:\Users\Isabela\AppData\Roaming\Oxy
Pasta Deletada : C:\Users\Isabela\AppData\Roaming\qone8
Pasta Deletada : C:\Users\Isabela\AppData\Roaming\SupTab
Pasta Deletada : C:\Users\Isabela\AppData\Roaming\UpdaterEX
Pasta Deletada : C:\Users\Isabela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oxy
Pasta Deletada : C:\Users\Isabela\Documents\Mobogenie
Pasta Deletada : C:\Users\Isabela\AppData\Roaming\Mozilla\Firefox\Profiles\sm50t0wn.default\Extensions\quick_start@gmail.com
Arquivo Deletada : C:\Users\Isabela\daemonprocess.txt
Arquivo Deletada : C:\Users\Isabela\AppData\Roaming\Mozilla\Firefox\Profiles\sm50t0wn.default\user.js
Arquivo Deletada : C:\Users\Isabela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage
Arquivo Deletada : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser
Arquivo Deletada : C:\Windows\Tasks\Driver Booster Update.job
Arquivo Deletada : C:\Windows\System32\Tasks\Driver Booster Update
Arquivo Deletada : C:\Windows\System32\Tasks\PileFile logon
Arquivo Deletada : C:\Windows\System32\Tasks\PileFile reminder

***** [ Atalhos ] *****

Atalho Desinfectada : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Atalho Desinfectada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[x] Não Desinfectada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Atalho Desinfectada : C:\Users\Isabela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Atalho Desinfectada : C:\Users\Isabela\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Atalho Desinfectada : C:\Users\Isabela\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Atalho Desinfectada : C:\Users\Isabela\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Chave Deletedo : HKCU\Software\Conduit
Chave Deletedo : HKCU\Software\Escolade
Chave Deletedo : HKCU\Software\UpdaterEX
Chave Deletedo : HKLM\Software\Desksvc
Chave Deletedo : HKLM\Software\hdcode
Chave Deletedo : HKLM\Software\SearchProtect
Chave Deletedo : HKLM\Software\SupTab
Chave Deletedo : HKLM\Software\supWPM
Chave Deletedo : HKLM\Software\V9
Chave Deletedo : HKLM\Software\Wpm
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Dados Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll

***** [ Navegadores ] *****

-\\ Internet Explorer v10.0.9200.16537

Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v26.0 (pt-BR)

[ Arquivo : C:\Users\Isabela\AppData\Roaming\Mozilla\Firefox\Profiles\sm50t0wn.default\prefs.js ]

Linha deletada : user_pref("browser.newtab.url", "hxxp://start.qone8.com/newtab/?type=nt&ts=1400174629&from=mp3&uid=3219913727_198313_9C6789B8");
Linha deletada : user_pref("browser.startup.homepage", "hxxp://start.qone8.com/?type=hp&ts=1400174629&from=mp3&uid=3219913727_198313_9C6789B8");

-\\ Google Chrome v34.0.1847.137

[ Arquivo : C:\Users\Isabela\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Startup_urls] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Deletedo [Extension] : flpcjncodpafbgdpnkljologafpionhb
Deletedo [Extension] : gkcefkcdkepgkpbgncjchhbjgoanleod
Deletedo [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma

*************************

AdwCleaner[R0].txt - [8186 octets] - [15/05/2014 21:36:30]
AdwCleaner[S0].txt - [6368 octets] - [15/05/2014 21:38:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6428 octets] ##########
avatar
rachoa
Iniciante
Iniciante

Mensagens : 19
Reputação : 0
Data de inscrição : 15/05/2014

Voltar ao Topo Ir em baixo

Re: Removendo buscador e página inicial QONE8 do Chrome

Mensagem por Power Max em Qui 15 Maio 2014, 22:50

Desative temporariamente seu antivírus para evitar conflitos.

* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Você precisa estar registrado e conectado para ver este link.]

Para executá-lo corretamente siga as dicas deste tutorial:

Exclua adwares e outras ameaças de seu PC e browsers com o aplicativo Zoek

* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Removendo buscador e página inicial QONE8 do Chrome

Mensagem por rachoa em Qui 15 Maio 2014, 23:12

Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Isabela on 15/05/2014 at 23:02:54,37.
Microsoft Windows 8 Single Language 6.2.9200  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Isabela\Downloads\2 - zoek.exe    [Scan all users] [Script inserted]

===== Runcheck 23:05:08,57 =====

--- Create Environment Variables 23:05:11,49
--- Create System Restore Point 23:05:29,43
--- Checking Input 23:05:34,82
--- Reset Hosts File 23:05:41,42
--- AU AppData Check 23:05:42,43
--- Remove From Windows Installer 23:05:51,46
--- IE Startpage Check 23:07:50,75
--- Program Files DB Check 23:08:41,15
--- C:\Users\Default\AppData\Roaming DB Check 23:10:21,29
avatar
rachoa
Iniciante
Iniciante

Mensagens : 19
Reputação : 0
Data de inscrição : 15/05/2014

Voltar ao Topo Ir em baixo

Re: Removendo buscador e página inicial QONE8 do Chrome

Mensagem por Power Max em Qui 15 Maio 2014, 23:18

O Zoek ainda está fazendo a limpeza. Aguarde até que ele termine e poste seu relatório completo.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Removendo buscador e página inicial QONE8 do Chrome

Mensagem por rachoa em Qui 15 Maio 2014, 23:41

Desculpe-me a ansiedade hehe  :rindo_ate_agor  mas só para constar, parece que sumiu o Qone8  

Segue relatório:

Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Isabela on 15/05/2014 at 23:02:54,37.
Microsoft Windows 8 Single Language 6.2.9200  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Isabela\Downloads\2 - zoek.exe    [Scan all users] [Script inserted]

==== System Restore Info ======================

15/05/2014 23:05:32 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1       localhost
::1             localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3585445889-2484728970-451866620-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Isabela\AppData\Roaming\Mozilla\Firefox\Profiles\sm50t0wn.default\prefs.js:
user_pref("browser.startup.homepage", "http://start.qone8.com/?type=hp&ts=1400174629&from=mp3&uid=3219913727_198313_9C6789B8");
user_pref("browser.search.defaultenginename", "Google");

Added to C:\Users\Isabela\AppData\Roaming\Mozilla\Firefox\Profiles\sm50t0wn.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Isabela\AppData\Roaming\Mozilla\Firefox\Profiles\sm50t0wn.default

user.js not found
---- Lines qone8 removed from prefs.js ----
user_pref("browser.startup.homepage", "http://start.qone8.com/?type=hp&ts=1400174629&from=mp3&uid=3219913727_198313_9C6789B8");
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- FireFox user.js and prefs.js backups ----

prefs_052014_2326_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted
C:\PROGRA~3\FileSplitUpLoad.dll deleted
C:\PROGRA~3\boost_interprocess deleted
C:\PROGRA~3\ProductData deleted
C:\Users\Isabela\AppData\Local\SearchProtect deleted
C:\Users\Isabela\AppData\Local\Mobogenie deleted
C:\Users\Isabela\AppData\Local\cache deleted
C:\Users\Isabela\AppData\LocalLow\ADSRemoval deleted
C:\windows\SysNative\tasks\Baidu PC Faster Update deleted
C:\windows\SysNative\tasks\Oxy deleted
C:\Windows\Syswow64\InstallUtil.InstallLog deleted
C:\Users\Isabela\AppData\Roaming\Mozilla\Firefox\Profiles\sm50t0wn.default\searchplugins\trovi-search.xml deleted
C:\Users\Isabela\AppData\Roaming\unins000.exe deleted

==== Firefox Extensions Registry ======================

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{5D9F252A-241F-5588-C8D9-D47F9E59D5A7}"="C:\Program Files (x86)\Re_markit\170.xpi" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\Isabela\AppData\Roaming\Mozilla\Firefox\Profiles\sm50t0wn.default
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Isabela\AppData\Roaming\Mozilla\Firefox\Profiles\sm50t0wn.default
7B32EC68B2D0EAE4C1333EEB53199571 - C:\Users\Isabela\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll - Módulo de Proteção - Banco do Brasil
3D3CAF586124C4E8102764C8B3063BB6 - C:\windows\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director
58B690C992C321664AB6145A350B5DCD - C:\Users\Isabela\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll - Módulo de Proteção - Banco do Brasil


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
jhjjdgbhohaallcimgcmakfiobacimkm - C:\Program Files (x86)\BuzzSearch\jhjjdgbhohaallcimgcmakfiobacimkm.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
pgacfjdigcddmmncljpflgcfpfahebkh - C:\Users\Isabela\AppData\Local\GAS Tecnologia\GBBD\bb\sf.crx[14/04/2014 10:15]

Google Docs - Isabela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Isabela\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Isabela\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Isabela\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
AdBlock - Isabela\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Google Wallet - Isabela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
GBBD Banco do Brasil - Isabela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgacfjdigcddmmncljpflgcfpfahebkh
Gmail - Isabela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS"
{33BB0A4E-99AF-4226-BDF6-49120163DE86} qone8  Url="http://www.qone8.com/web/?type=ds&ts=1400174629&from=mp3&uid=3219913727_198313_9C6789B8&q={searchTerms}"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Isabela\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Isabela\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3585445889-2484728970-451866620-1001\Software\Mozilla\Firefox\Extensions\{5D9F252A-241F-5588-C8D9-D47F9E59D5A7} deleted successfully

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Advanced SystemCare 7.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /manual
C:\Users\Public\Desktop\Audacity.lnk - C:\Program Files (x86)\Audacity\audacity.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\Connected Music powered by Meridian.lnk - C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
C:\Users\Public\Desktop\CyberLink Media Suite.lnk - C:\Program Files (x86)\CyberLink\Media Suite\PS.exe
C:\Users\Public\Desktop\CyberLink YouCam.lnk - C:\Program Files (x86)\CyberLink\YouCam\Youcam_webcam_camera_video.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk - C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk - C:\Program Files (x86)\Audacity\audacity.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7\Advanced SystemCare 7.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /manual
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Você precisa estar registrado e conectado para ver este link.]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Sobre o iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.Resources\pt.lproj\About iTunes.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lame Front-End\Desinstalar Lame Front-End.lnk - C:\Program Files (x86)\pazera-software\Lame_Front-End\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lame Front-End\Lame Front-End.lnk - C:\Program Files (x86)\pazera-software\Lame_Front-End\Lfe.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

==== shortcuts After Repair ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyServer"="http=127.0.0.1:14037;https=127.0.0.1:14037"
"ProxyOverride"="localhost;<local>"
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jhjjdgbhohaallcimgcmakfiobacimkm deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Isabela\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Isabela\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H25ED6PD will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Isabela\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=218 folders=40 6952606 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Isabela\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Isabela\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Isabela\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H25ED6PD" not found

==== EOF on 15/05/2014 at 23:35:43,20 ======================
avatar
rachoa
Iniciante
Iniciante

Mensagens : 19
Reputação : 0
Data de inscrição : 15/05/2014

Voltar ao Topo Ir em baixo

Re: Removendo buscador e página inicial QONE8 do Chrome

Mensagem por Power Max em Qui 15 Maio 2014, 23:48

mas só para constar, parece que sumiu o Qone8
 O grande problema é que seu PC não estava só com o Qone8, está com vários tipos de adwares.
_________________________________________________________________________________

Baixe o programa Junkware Removal Tool no link abaixo:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

Tutorial do Junkware Removal Tool

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Removendo buscador e página inicial QONE8 do Chrome

Mensagem por rachoa em Sab 17 Maio 2014, 02:17

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 Single Language x64
Ran by Isabela on 15/05/2014 at 23:59:58,97
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16/05/2014 at  0:15:35,27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
avatar
rachoa
Iniciante
Iniciante

Mensagens : 19
Reputação : 0
Data de inscrição : 15/05/2014

Voltar ao Topo Ir em baixo

Re: Removendo buscador e página inicial QONE8 do Chrome

Mensagem por Power Max em Sab 17 Maio 2014, 09:18

Faça o download do < ZHPDiag2.exe > < [Você precisa estar registrado e conectado para ver esta imagem.]> ( ... de Nicolas Coolman )

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

Tutorial de instalação e execução do aplicativo ZHPDiag

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Removendo buscador e página inicial QONE8 do Chrome

Mensagem por rachoa em Sab 17 Maio 2014, 18:01

~ Relatório do ZHPDiag v2014.5.17.66 - Nicolas Coolman  (17/05/2014)
~ Iniciado por Isabela (17/05/2014 17:56:19)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Blog de análise de software : [Você precisa estar registrado e conectado para ver este link.]
~ Fóruns de suporte gratuito para desinfecção : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão :
~  Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v10.0.9200.16899
MFIE: Mozilla Firefox 26.0
GCIE: Google Chrome v34.0.1847.137 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8 Single Language, 64-bit  (Build 9200)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Malwarebytes Anti-Malware versão 1.75.0.1300
Windows Defender W8

---\\ Softwares d'optimização do sistema
CCleaner v4.12

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1940 MB (15% free)
System Restore: Activé (Enable)
System drive C: has 259 GB (57%) free of 448 GB

---\\ Modo de conexão ao sistema
~ Computer Name: ISINHA
~ User Name: Isabela
~ All Users Names: Isabela, HomeGroupUser$, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Isabela\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Isabela\AppData\Roaming\
~ %Desktop% : C:\Users\Isabela\Desktop\
~ %Favorites% : C:\Users\Isabela\Favorites\
~ %LocalAppData% : C:\Users\Isabela\AppData\Local\
~ %StartMenu% : C:\Users\Isabela\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 259 Go of 448 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 17 Go)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Windows Explorer.) (.01/06/2013 - 08:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.26/07/2012 - 00:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.2B7920C7885AC45FD0E27DD860F095A1] - (.Microsoft Corporation - Internet Extensions para Win32.) (.06/03/2014 - 21:08:30.) -- C:\Windows\System32\wininet.dll [2240000]
[MD5.75DD70A14145499C9F7D903CF9A8C91B] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.12/04/2014 - 06:10:31.) -- C:\Windows\System32\Winlogon.exe [578048]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.26/07/2012 - 00:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.7C0E0EDF18D6CC565D7BFBB451709FA5] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.04/09/2013 - 00:11:23.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 02:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.25/07/2012 - 23:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.25/07/2012 - 23:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.431141C6859990824D17F71C30A78728] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.06/04/2014 - 12:05:08.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 03:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Driver de porta i8042.) (.25/07/2012 - 23:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.25/07/2012 - 23:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.7A761AEE58658378BBA45D360F874CB0] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.04/05/2014 - 11:24:57.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.25/07/2012 - 23:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.06/04/2014 - 12:05:07.) -- C:\Windows\system32\Drivers\ntfs.sys [1939288]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Driver de porta paralela.) (.25/07/2012 - 23:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.25/07/2012 - 23:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.25/07/2012 - 23:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 02:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.01/06/2013 - 08:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/21
~ Mes musiques (My Musics) : 1/150
~ Mes Videos (My Videos) : 2/3
~ Mes Favoris (My Favorites) : 1/6
~ Mes Documents (My Documents) : 1/2130
~ Mon Bureau (My Desktop) : 2/9642
~ Menu demarrer (Programs) : 1/29
~ Hidden Files:  Scanned in 00mn 07s



---\\ Processos lançados
[MD5.AF3DA0C60DE8A312328F247FF2FA6239] - (.IObit - Advanced SystemCare 7 Monitor.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe   [775968] [PID.2836]
[MD5.17A89EF59FE3FFECFA608B6AD511F133] - (.Intel - Intel® Rapid Start Technology Manager.) -- C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe   [708648] [PID.2872]
[MD5.B7F55E2AE978D3D34F7876EE5D689AAE] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe   [136488] [PID.2052]
[MD5.60E844AE5920B75399DDBD9F3AE1C7A0] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\Isabela\AppData\Roaming\uTorrent\uTorrent.exe   [1272400] [PID.4264]  =>P2P.BitTorrent
[MD5.43FCAD8DC068E94B170353DAD02A0053] - (.IVT Corporation - Bluetooth Application.) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe   [363520] [PID.4628]
[MD5.B7995C675014EEBE77A0BEB7AFCCFC08] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe   [91432] [PID.4668]
[MD5.A9732510C6D8E3C954DB2F249AAC9818] - (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe   [580512] [PID.4692]
[MD5.9F3655267BA37004F519ABDDB3AEE244] - (.Hewlett-Packard Development Company, L.P. - HP CoolSense.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe   [1342008] [PID.4788]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   [254336] [PID.4868]
[MD5.79C28DDF889C26FDD6162F796FD49BC4] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe   [152392] [PID.4876]
[MD5.345B1798395CEA9C178AFF1784FA2A37] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   [841032] [PID.3120]
[MD5.8C59765B5462FC6F7A0C99DDB058AE8A] - (.PortableAppZ.blogspot.com - Adobe Photoshop CS6 Portable.) -- C:\Users\Isabela\Desktop\Arquivos\Adobe Photoshop CS6 Extended Portable Multi linguas\Photoshop CS6 Portable\AutoPlay\Docs\PhotoshopCS6Portable.exe   [81041] [PID.4856]
[MD5.9974E2B0E3085C835CF00B2B7F0F51C3] - (.Adobe Systems, Incorporated - Adobe Photoshop CS6.) -- C:\Users\Isabela\Desktop\Arquivos\Adobe Photoshop CS6 Extended Portable Multi linguas\Photoshop CS6 Portable\AutoPlay\Docs\App\PhotoshopCS6\Photoshop.exe   [42985632] [PID.1612]
[MD5.CF0B46A34780C3B4E3AF1297217A80BD] - (.Microsoft Corporation - Internet Low-Mic Utility Tool.) -- C:\Program Files (x86)\Internet Explorer\IELowutil.exe   [222208] [PID.4360]
[MD5.1F0D27B7142CDEA3FBEC7A7DE56D3D1B] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [7877120] [PID.5636]
~ Processes Running:  Scanned in 00mn 01s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Isabela\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 16 Legitimates Filtered in 00mn 02s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\Isabela\AppData\Roaming\Mozilla\Firefox\Profiles\sm50t0wn.default\prefs.js
M0 - MFSP: prefs.js [Isabela - sm50t0wn.default] [Você precisa estar registrado e conectado para ver este link.]  =>Hijacker.Qone8
M2 - MFEP: prefs.js [Isabela - sm50t0wn.default\ascsurfingprotection@iobit.com] [] Advanced SystemCare Surfing Protection v1.0 (..)
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Isabela\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll
~ Firefox Browser: 4 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbieh.dll
~ BHO: 6 Legitimates Filtered in 00mn 00s



---\\ Outras conexões do utilizador (04)
O4 - GS\QuickLaunch [Isabela]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.)  -- C:\Users\Isabela\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
O4 - GS\Desktop [Isabela]: SpyHunter.lnk . (...)  -- C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe (.not file.)  =>Crapware.SpyHunter
O4 - GS\Desktop [Isabela]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.)  -- C:\Users\Isabela\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
~ Global Startup: 3 Legitimates Filtered in 00mn 01s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\RunOnce: [NCPluginUpdater] . (.Hewlett-Packard - NCPluginUpdater.) -- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Isabela\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
O4 - HKLM\..\Wow6432Node\Run: [BtTray] . (.IVT Corporation - Bluetooth Application.) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Quick Launch] . (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Wow6432Node\Run: [HP CoolSense] . (.Hewlett-Packard Development Company, L.P. - HP CoolSense.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKUS\S-1-5-21-3585445889-2484728970-451866620-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Isabela\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
~ Application:  Scanned in 00mn 00s



---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance:  Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{351D14C2-3FCF-4F97-87C1-B07650D79758}: DhcpNameServer = 189.7.64.17 189.7.64.26
O17 - HKLM\System\CS1\Services\Tcpip\..\{351D14C2-3FCF-4F97-87C1-B07650D79758}: DhcpNameServer = 189.7.64.17 189.7.64.26
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 189.7.64.17 189.7.64.26
~ Domain:  Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\GbpSv.exe
~ Services: 19 Legitimates Filtered in 00mn 08s



---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [Windows Updater] (...) -- C:\Users\Isabela\AppData\Roaming\Oxy\Updater.exe (.not file.)   [0]
O39 - APT:  - (..) -- C:\Windows\Tasks\ASC7_SkipUac_Isabela.job   [260]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\ASC7_SkipUac_Isabela   [260]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore   [1080]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [1084]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\HPCeeScheduleForIsabela   [354]
~ Scheduled Task: 22 Legitimates Filtered in 00mn 08s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver:  (badriver) . (. - .) - C:\Windows\System32\drivers\badriver.sys (.not file.)
O41 - Driver:  (Bfilter) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\Windows\system32\drivers\Bfilter.sys
O41 - Driver:  (Bfmon) . (.Baidu, Inc. - Baidu FS Monitor Driver.) - C:\Windows\system32\drivers\Bfmon.sys  =>Adware.BDSearch
O41 - Driver:  (Bprotect) . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - C:\Windows\system32\drivers\Bprotect.sys
~ Drivers: 42 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: GBBD Banco do Brasil - (...) [HKLM][64Bits] -- {36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1
O42 - Logiciel: YoutubeMovieMaker - (.Youtube Movie Maker.) [HKLM][64Bits] -- {E084C471-FA8F-4468-93F1-25B3A13ED942}
~ Logic: 20 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Baidu Security]  =>Adware.BDSearch
[HKCU\Software\Baixou Agora]
[HKCU\Software\GbAs]
[HKCU\Software\dx20120105]
[HKLM\Software\Baidu Security]  =>Adware.BDSearch
[HKLM\Software\Wow6432Node\ADSRemoval]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Baidu Security]  =>Adware.BDSearch
[HKLM\Software\Wow6432Node\RZsoft]
~ Key Software: 267 Legitimates Filtered in 00mn 01s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 11/03/2014 - 15:04:14 - [] ----D C:\Program Files (x86)\Baidu Security  =>Adware.BDSearch
O43 - CFD: 13/03/2014 - 23:28:09 - [] ----D C:\Program Files (x86)\Baixou Agora App
O43 - CFD: 03/12/2013 - 10:04:45 - [] ----D C:\Program Files (x86)\Common Files\YUMediaCodec
O43 - CFD: 14/03/2014 - 13:15:07 - [] ----D C:\ProgramData\Baidu Security  =>Adware.BDSearch
O43 - CFD: 25/09/2012 - 18:44:55 - [] ----D C:\ProgramData\{BE4DD016-EE56-4AC8-9832-69281423A3D4}
O43 - CFD: 15/10/2013 - 13:01:42 - [] ----D C:\Users\Isabela\AppData\Roaming\Baidu Security  =>Adware.BDSearch
O43 - CFD: 15/05/2014 - 18:58:32 - [] ----D C:\Users\Isabela\AppData\Local\966
O43 - CFD: 15/05/2014 - 20:09:33 - [] ----D C:\Users\Isabela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter  =>Crapware.SpyHunter
~ Program Folder: 158 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.93E7FA131B9AF0AF62D112AB19D31264] - 15/05/2014 - 19:24:13 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml   [387268]
O44 - LFC:[MD5.3B32CAA07D672F8A2E0DF5CB3A873F45] - 15/05/2014 - 20:09:44 ---A- . (...) -- C:\Windows\System32\Drivers\EsgScanner.sys   [22704]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15/05/2014 - 20:10:58 ---A- . (...) -- C:\autoexec.bat   [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15/05/2014 - 21:41:01 ---A- . (...) -- C:\asc_rdflag   [0]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 15/05/2014 - 23:02:36 ---A- . (...) -- C:\Windows\zoek-delete.exe   [24064]
O44 - LFC:[MD5.2EF8E91286FA261FDB712485EBA77E41] - 15/05/2014 - 23:35:43 ---A- . (...) -- C:\zoek-results.log   [15501]
O44 - LFC:[MD5.723247F93B0C5AC5EC65A5D1B4F7FB0C] - 16/05/2014 - 17:44:20 ---A- . (...) -- C:\Windows\System32\prfc0416.dat   [166504]
O44 - LFC:[MD5.810E72928F4ABC42E7F513A6A31E7A78] - 16/05/2014 - 17:44:20 ---A- . (...) -- C:\Windows\System32\prfh0416.dat   [792452]
~ Files: 59 Legitimates Filtered in 00mn 03s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 22 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:21/01/2014 - 11:14:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys   [52032]
O58 - SDL:21/01/2014 - 11:14:50 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys   [34624]  =>Adware.BDSearch
O58 - SDL:21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys   [128992]
O58 - SDL:22/06/2012 - 11:01:32 ---A- . (...) -- C:\Windows\System32\Drivers\EsgScanner.sys   [22704]
O58 - SDL:28/10/2013 - 00:12:10 ---A- . (.DEVGURU Co., LTD.([Você precisa estar registrado e conectado para ver este link.] - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys   [107288]
O58 - SDL:28/10/2013 - 00:12:12 ---A- . (.DEVGURU Co., LTD.([Você precisa estar registrado e conectado para ver este link.] - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys   [204568]
O58 - SDL:26/07/2012 - 02:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys   [30960]
O58 - SDL:04/04/2014 - 16:39:25 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\Drivers\stwrt64.sys   [544768]
O58 - SDL:18/03/2013 - 15:51:08 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys   [54784]
~ Drivers: 64 Legitimates Filtered in 00mn 01s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} [DefaultScope] - (qone8) - [Você precisa estar registrado e conectado para ver este link.]  =>Hijacker.Qone8
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.99EBCA33C94850A583B5DB2E22E809CB] [SPRF][07/03/2014] (...) -- C:\Users\Isabela\AppData\Roaming\unins000.dat   [19714]
[MD5.92E6A6A0D8C77D9ADA9D0A5182A22B15] [SPRF][30/08/2012] (...) -- C:\Users\Isabela\Desktop\Wireless - USC.exe   [631808]
~ Files: 2 Legitimates Filtered in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{FA131CB5-66AD-4974-AC72-50A98D60F759}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Isabela\AppData\Roaming\uTorrent\uTorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{B828CF77-6BF3-45E3-AE83-8617D1077855}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Isabela\AppData\Roaming\uTorrent\uTorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{DF2D235F-124B-4A16-8DCE-B4888BAC3FC2}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Isabela\AppData\Roaming\uTorrent\uTorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{7338C19F-BA75-4C3E-80A3-A34FEEBA45F8}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Isabela\AppData\Roaming\uTorrent\uTorrent.exe  =>P2P.BitTorrent
~ Firewall: 4 Legitimates Filtered in 00mn 02s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateBuzzSearch_RASAPI32  =>PUP.BuzzSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateBuzzSearch_RASMANCS  =>PUP.BuzzSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilBuzzSearch_RASAPI32  =>PUP.BuzzSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilBuzzSearch_RASMANCS  =>PUP.BuzzSearch
~ BTK: 92 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 08/08/2012 276288 |  (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 12/10/2010 206072 |  (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 21/01/2014 116648 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 21/01/2014 116648 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 03/12/2013 2151200 |  (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
SS - | Demand 05/12/2013 119408 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 09/12/2013 881440 |  (AdvancedSystemCareService7) . (.IObit.) - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
SR - | Auto 12/02/2014 43336 |  (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 02/08/2012 1544192 |  (BlueSoleilCS) . (.IVT Corporation.) - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
SR - | Auto 30/08/2011 462184 |  (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Demand 10/07/2012 138752 |  (BsHelpCS) . (.IVT Corporation.) - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
SR - | Auto 10/07/1658 0 |  (ezSharedSvc) . (.EasyBits Software AS.) - C:\Windows\System32\ezSharedSvcHost.exe  =>.EasyBits Software AS
SR - | Auto 21/02/2014 519720 |  (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\GbpSv.exe
SR - | Auto 10/08/2012 85504 |  (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe  =>.Hewlett-Packard Co
SR - | Demand 10/08/2012 1001376 |  (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
SR - | Auto 04/04/2014 31040 |  (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe
SR - | Auto 31/07/2012 35232 |  (HPWMISVC) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
SR - | Auto 13/07/2012 2451456 |  (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SR - | Auto 20/04/2012 635104 |  (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 17/07/2012 128896 |  (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Demand 21/02/2014 641352 |  (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 20/07/2012 193576 |  (irstrtsv) . (.Intel Corporation.) - C:\Windows\SysWOW64\irstrtsv.exe
SR - | Auto 17/07/2012 165760 |  (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 17/07/2012 276864 |  (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 09/01/2014 1025408 |  (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC..) - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe  =>Crapware.SpyHunter
SR - | Auto 04/04/2014 332800 |  (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\STacSV64.exe
SR - | Auto 17/07/2012 364416 |  (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Demand 10/07/1658 0 |  (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
SR - | Auto 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 17s



---\\ Scâner Aditional (088)
Database Version : 13045 - (17/05/2014)
Clés trouvées (Keys found) : 4
Valeurs trouvées (Values found) : 4
Dossiers trouvés  (Folders found) : 4
Fichiers trouvés  (Files found) : 5

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]   =>PUP.V9Software
[HKLM\SYSTEM\CurrentControlSet\Services\SpyHunter 4 Service]   =>Crapware.SpyHunter
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375]   =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5]   =>PUP.Tarma
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent   =>P2P.BitTorrent^
C:\Program Files (x86)\Baidu Security   =>Adware.BDSearch^
C:\ProgramData\Baidu Security   =>Adware.BDSearch^
C:\Users\Isabela\AppData\Roaming\Baidu Security   =>Adware.BDSearch^
C:\Users\Isabela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter   =>Crapware.SpyHunter^
C:\Users\Isabela\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent^
[HKCU\Software\Baidu Security]   =>Adware.BDSearch^
[HKLM\Software\Baidu Security]   =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu Security]   =>Adware.BDSearch^
C:\Users\Isabela\Desktop\SpyHunter.lnk   =>Crapware.SpyHunter
~ Additionnel Scan: 308632 Items scanned in 01mn 10s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.]   =>Hijacker.Qone8
[Você precisa estar registrado e conectado para ver este link.]  =>Crapware.SpyHunter
[Você precisa estar registrado e conectado para ver este link.]  =>Adware.BDSearch
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.BuzzSearch
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.V9Software
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.Tarma
~ MSI: 6 link(s) detected in 00mn 00s



~ 682 Legitimates filtered by white list
End of the scan (465 lines in 02mn 31s)(0)
avatar
rachoa
Iniciante
Iniciante

Mensagens : 19
Reputação : 0
Data de inscrição : 15/05/2014

Voltar ao Topo Ir em baixo

Re: Removendo buscador e página inicial QONE8 do Chrome

Mensagem por Power Max em Sab 17 Maio 2014, 18:34

 Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:

Escolhendo Programas que Iniciam com o PC

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC agora e de tempos em tempos.
____________________________________________________________________________________________________________

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.


Última edição por Power Max em Dom 18 Maio 2014, 19:26, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Removendo buscador e página inicial QONE8 do Chrome

Mensagem por rachoa em Dom 18 Maio 2014, 01:14

Segue o relatório.
OBS: Ao utilizar o ccleaner, voltou a página do qon8, porém realizando a limpeza do ZHP FIX posteriormente, removeu tal página ao iniciar.


Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Isabela at 18/05/2014 01:12:25
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit  (Build 9200)

Reciclagem vazia (00mn 05s)
Reparação de atalhos do navegador

========== Chaves do Registo ==========
ELIMINÉ Driver Key: badriver
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bprotect
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ:* HKLM\Software\Baidu Security
ELIMINÉ: SearchScopes :{33BB0A4E-99AF-4226-BDF6-49120163DE86}
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateBuzzSearch_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateBuzzSearch_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilBuzzSearch_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilBuzzSearch_RASMANCS
ELIMINÉ: Service: Bonjour Service
ELIMINÉ: Service: SpyHunter 4 Service
ELIMINÉ: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5

========== Valores do Registo ==========
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Preferências do navegador ==========
ELIMINÉ Mozilla Pref: [Você precisa estar registrado e conectado para ver este link.]

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ: c:\users\isabela\desktop\spyhunter.lnk
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINA REINICIAR: c:\program files\bonjour\mdnsresponder.exe
ELIMINA REINICIAR: c:\program files\enigma software group\spyhunter\sh4service.exe
ELIMINÉ Temporários windows (10) (323.450 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: Windows Updater

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
16 : Chaves do Registo
6 : Valores do Registo
1 : Pastas
8 : Ficheiros
1 : Preferências do navegador
1 : Tarefa planificada
1 : Restauração Sistema


End of clean in 01mn 27s

========== Caminho do ficheiro do relatório ==========
C:\Users\Isabela\AppData\Roaming\ZHP\ZHPFix[R1].txt - 18/05/2014 01:12:30 [2705]
avatar
rachoa
Iniciante
Iniciante

Mensagens : 19
Reputação : 0
Data de inscrição : 15/05/2014

Voltar ao Topo Ir em baixo

Re: Removendo buscador e página inicial QONE8 do Chrome

Mensagem por Power Max em Dom 18 Maio 2014, 01:40

Abra novamente o ( ZHPDiag )

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Você precisa estar registrado e conectado para ver esta imagem.]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) Removendo buscador e página inicial QONE8 do Chrome

Mensagem por rachoa em Dom 18 Maio 2014, 18:01

~ Relatório do ZHPDiag v2014.5.17.66 - Nicolas Coolman  (17/05/2014)
~ Iniciado por Isabela (18/05/2014 17:55:55)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Blog de análise de software : [Você precisa estar registrado e conectado para ver este link.]
~ Fóruns de suporte gratuito para desinfecção : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão :
~  Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v10.0.9200.16899
MFIE: Mozilla Firefox 26.0
GCIE: Google Chrome v34.0.1847.137 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8 Single Language, 64-bit  (Build 9200)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Malwarebytes Anti-Malware versão 1.75.0.1300
Windows Defender W8

---\\ Softwares d'optimização do sistema
CCleaner v4.12

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1940 MB (8% free)
System Restore: Activé (Enable)
System drive C: has 272 GB (60%) free of 448 GB

---\\ Modo de conexão ao sistema
~ Computer Name: ISINHA
~ User Name: Isabela
~ All Users Names: Isabela, HomeGroupUser$, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Isabela\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Isabela\AppData\Roaming\
~ %Desktop% : C:\Users\Isabela\Desktop\
~ %Favorites% : C:\Users\Isabela\Favorites\
~ %LocalAppData% : C:\Users\Isabela\AppData\Local\
~ %StartMenu% : C:\Users\Isabela\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 272 Go of 448 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 17 Go)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Windows Explorer.) (.01/06/2013 - 08:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.26/07/2012 - 00:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.2B7920C7885AC45FD0E27DD860F095A1] - (.Microsoft Corporation - Internet Extensions para Win32.) (.06/03/2014 - 21:08:30.) -- C:\Windows\System32\wininet.dll [2240000]
[MD5.75DD70A14145499C9F7D903CF9A8C91B] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.12/04/2014 - 06:10:31.) -- C:\Windows\System32\Winlogon.exe [578048]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.26/07/2012 - 00:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.7C0E0EDF18D6CC565D7BFBB451709FA5] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.04/09/2013 - 00:11:23.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 02:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.25/07/2012 - 23:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.25/07/2012 - 23:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.431141C6859990824D17F71C30A78728] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.06/04/2014 - 12:05:08.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 03:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Driver de porta i8042.) (.25/07/2012 - 23:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.25/07/2012 - 23:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.7A761AEE58658378BBA45D360F874CB0] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.04/05/2014 - 11:24:57.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.25/07/2012 - 23:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.06/04/2014 - 12:05:07.) -- C:\Windows\system32\Drivers\ntfs.sys [1939288]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Driver de porta paralela.) (.25/07/2012 - 23:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.25/07/2012 - 23:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.25/07/2012 - 23:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 02:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.01/06/2013 - 08:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936]
~ Generic Processes:  Scanned in 00mn 03s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/21
~ Mes musiques (My Musics) : 1/150
~ Mes Videos (My Videos) : 2/3
~ Mes Favoris (My Favorites) : 1/6
~ Mes Documents (My Documents) : 1/2130
~ Mon Bureau (My Desktop) : 2/9700
~ Menu demarrer (Programs) : 1/26
~ Hidden Files:  Scanned in 00mn 14s



---\\ Processos lançados
[MD5.17A89EF59FE3FFECFA608B6AD511F133] - (.Intel - Intel® Rapid Start Technology Manager.) -- C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe   [708648] [PID.4460]
[MD5.43FCAD8DC068E94B170353DAD02A0053] - (.IVT Corporation - Bluetooth Application.) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe   [363520] [PID.6292]
[MD5.A9732510C6D8E3C954DB2F249AAC9818] - (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe   [580512] [PID.3336]
[MD5.9F3655267BA37004F519ABDDB3AEE244] - (.Hewlett-Packard Development Company, L.P. - HP CoolSense.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe   [1342008] [PID.3060]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   [254336] [PID.1600]
[MD5.B7F55E2AE978D3D34F7876EE5D689AAE] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe   [136488] [PID.5904]
[MD5.345B1798395CEA9C178AFF1784FA2A37] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   [841032] [PID.5980]
[MD5.1F0D27B7142CDEA3FBEC7A7DE56D3D1B] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [7877120] [PID.6296]
~ Processes Running:  Scanned in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Isabela\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 16 Legitimates Filtered in 00mn 04s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\Isabela\AppData\Roaming\Mozilla\Firefox\Profiles\sm50t0wn.default\prefs.js
M2 - MFEP: prefs.js [Isabela - sm50t0wn.default\ascsurfingprotection@iobit.com] [] Advanced SystemCare Surfing Protection v1.0 (..)
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Isabela\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll
~ Firefox Browser: 3 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbieh.dll
~ BHO: 6 Legitimates Filtered in 00mn 00s



---\\ Outras conexões do utilizador (04)
O4 - GS\QuickLaunch [Isabela]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.)  -- C:\Users\Isabela\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
O4 - GS\Desktop [Isabela]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.)  -- C:\Users\Isabela\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
~ Global Startup: 2 Legitimates Filtered in 00mn 01s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\RunOnce: [NCPluginUpdater] . (.Hewlett-Packard - NCPluginUpdater.) -- c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Isabela\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
O4 - HKLM\..\Wow6432Node\Run: [BtTray] . (.IVT Corporation - Bluetooth Application.) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Quick Launch] . (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Wow6432Node\Run: [HP CoolSense] . (.Hewlett-Packard Development Company, L.P. - HP CoolSense.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKUS\S-1-5-21-3585445889-2484728970-451866620-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Isabela\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
~ Application:  Scanned in 00mn 00s



---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance:  Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{351D14C2-3FCF-4F97-87C1-B07650D79758}: DhcpNameServer = 189.7.64.17 189.7.64.26 201.6.4.116
O17 - HKLM\System\CS1\Services\Tcpip\..\{351D14C2-3FCF-4F97-87C1-B07650D79758}: DhcpNameServer = 189.7.64.17 189.7.64.26 201.6.4.116
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 189.7.64.17 189.7.64.26 201.6.4.116
~ Domain:  Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\GbpSv.exe
~ Services: 17 Legitimates Filtered in 00mn 19s



---\\ Tarefas planificadas automaticamente (039)
O39 - APT:  - (..) -- C:\Windows\Tasks\ASC7_SkipUac_Isabela.job   [260]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\ASC7_SkipUac_Isabela   [260]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore   [1080]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [1084]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\HPCeeScheduleForIsabela   [354]
~ Scheduled Task: 21 Legitimates Filtered in 00mn 13s



---\\ Software instalados (042)
O42 - Logiciel: GBBD Banco do Brasil - (...) [HKLM][64Bits] -- {36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1
O42 - Logiciel: YoutubeMovieMaker - (.Youtube Movie Maker.) [HKLM][64Bits] -- {E084C471-FA8F-4468-93F1-25B3A13ED942}
~ Logic: 20 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Baixou Agora]
[HKCU\Software\GbAs]
[HKCU\Software\dx20120105]
[HKLM\Software\Wow6432Node\ADSRemoval]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\RZsoft]
~ Key Software: 264 Legitimates Filtered in 00mn 01s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 13/03/2014 - 23:28:09 - [] ----D C:\Program Files (x86)\Baixou Agora App
O43 - CFD: 03/12/2013 - 10:04:45 - [] ----D C:\Program Files (x86)\Common Files\YUMediaCodec
O43 - CFD: 15/05/2014 - 18:58:32 - [] ----D C:\Users\Isabela\AppData\Local\966
~ Program Folder: 153 Legitimates Filtered in 00mn 02s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.93E7FA131B9AF0AF62D112AB19D31264] - 15/05/2014 - 19:24:13 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml   [387268]
O44 - LFC:[MD5.3B32CAA07D672F8A2E0DF5CB3A873F45] - 15/05/2014 - 20:09:44 ---A- . (...) -- C:\Windows\System32\Drivers\EsgScanner.sys   [22704]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15/05/2014 - 20:10:58 ---A- . (...) -- C:\autoexec.bat   [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15/05/2014 - 21:41:01 ---A- . (...) -- C:\asc_rdflag   [0]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 15/05/2014 - 23:02:36 ---A- . (...) -- C:\Windows\zoek-delete.exe   [24064]
O44 - LFC:[MD5.2EF8E91286FA261FDB712485EBA77E41] - 15/05/2014 - 23:35:43 ---A- . (...) -- C:\zoek-results.log   [15501]
O44 - LFC:[MD5.723247F93B0C5AC5EC65A5D1B4F7FB0C] - 17/05/2014 - 18:05:50 ---A- . (...) -- C:\Windows\System32\prfc0416.dat   [166504]
O44 - LFC:[MD5.810E72928F4ABC42E7F513A6A31E7A78] - 17/05/2014 - 18:05:50 ---A- . (...) -- C:\Windows\System32\prfh0416.dat   [792452]
~ Files: 58 Legitimates Filtered in 00mn 16s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 22 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:21/01/2014 - 11:14:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys   [52032]
O58 - SDL:21/01/2014 - 11:14:50 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys   [34624]  =>Adware.BDSearch
O58 - SDL:21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys   [128992]
O58 - SDL:22/06/2012 - 11:01:32 ---A- . (...) -- C:\Windows\System32\Drivers\EsgScanner.sys   [22704]
O58 - SDL:28/10/2013 - 00:12:10 ---A- . (.DEVGURU Co., LTD.([Você precisa estar registrado e conectado para ver este link.] - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys   [107288]
O58 - SDL:28/10/2013 - 00:12:12 ---A- . (.DEVGURU Co., LTD.([Você precisa estar registrado e conectado para ver este link.] - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys   [204568]
O58 - SDL:26/07/2012 - 02:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys   [30960]
O58 - SDL:04/04/2014 - 16:39:25 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\Drivers\stwrt64.sys   [544768]
O58 - SDL:18/03/2013 - 15:51:08 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys   [54784]
~ Drivers: 64 Legitimates Filtered in 00mn 06s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} [DefaultScope] - (qone8) - [Você precisa estar registrado e conectado para ver este link.]  =>Hijacker.Qone8
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.99EBCA33C94850A583B5DB2E22E809CB] [SPRF][07/03/2014] (...) -- C:\Users\Isabela\AppData\Roaming\unins000.dat   [19714]
[MD5.92E6A6A0D8C77D9ADA9D0A5182A22B15] [SPRF][30/08/2012] (...) -- C:\Users\Isabela\Desktop\Wireless - USC.exe   [631808]
~ Files: 2 Legitimates Filtered in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{FA131CB5-66AD-4974-AC72-50A98D60F759}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Isabela\AppData\Roaming\uTorrent\uTorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{B828CF77-6BF3-45E3-AE83-8617D1077855}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Isabela\AppData\Roaming\uTorrent\uTorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{DF2D235F-124B-4A16-8DCE-B4888BAC3FC2}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Isabela\AppData\Roaming\uTorrent\uTorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{7338C19F-BA75-4C3E-80A3-A34FEEBA45F8}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Isabela\AppData\Roaming\uTorrent\uTorrent.exe  =>P2P.BitTorrent
~ Firewall: 4 Legitimates Filtered in 00mn 06s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 08/08/2012 276288 |  (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 12/10/2010 206072 |  (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 21/01/2014 116648 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 21/01/2014 116648 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 03/12/2013 2151200 |  (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
SS - | Demand 05/12/2013 119408 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 09/12/2013 881440 |  (AdvancedSystemCareService7) . (.IObit.) - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
SR - | Auto 12/02/2014 43336 |  (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 02/08/2012 1544192 |  (BlueSoleilCS) . (.IVT Corporation.) - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
SR - | Demand 10/07/2012 138752 |  (BsHelpCS) . (.IVT Corporation.) - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
SR - | Auto 10/07/1658 0 |  (ezSharedSvc) . (.EasyBits Software AS.) - C:\Windows\System32\ezSharedSvcHost.exe  =>.EasyBits Software AS
SR - | Auto 21/02/2014 519720 |  (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\GbpSv.exe
SR - | Auto 10/08/2012 85504 |  (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe  =>.Hewlett-Packard Co
SR - | Demand 10/08/2012 1001376 |  (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
SR - | Auto 04/04/2014 31040 |  (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe
SR - | Auto 31/07/2012 35232 |  (HPWMISVC) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
SR - | Auto 13/07/2012 2451456 |  (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SR - | Auto 20/04/2012 635104 |  (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 17/07/2012 128896 |  (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Demand 21/02/2014 641352 |  (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 20/07/2012 193576 |  (irstrtsv) . (.Intel Corporation.) - C:\Windows\SysWOW64\irstrtsv.exe
SR - | Auto 17/07/2012 165760 |  (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 17/07/2012 276864 |  (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 04/04/2014 332800 |  (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\STacSV64.exe
SR - | Auto 17/07/2012 364416 |  (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Demand 10/07/1658 0 |  (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
SR - | Auto 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 25s



---\\ Scâner Aditional (088)
Database Version : 13045 - (17/05/2014)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 3
Dossiers trouvés  (Folders found) : 0
Fichiers trouvés  (Files found) : 0

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]   =>PUP.V9Software
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent   =>P2P.BitTorrent^
~ Additionnel Scan: 308054 Items scanned in 01mn 52s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.]  =>Adware.BDSearch
[Você precisa estar registrado e conectado para ver este link.]   =>Hijacker.Qone8
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.V9Software
~ MSI: 3 link(s) detected in 00mn 00s



~ 661 Legitimates filtered by white list
End of the scan (412 lines in 04mn 31s)(0)
avatar
rachoa
Iniciante
Iniciante

Mensagens : 19
Reputação : 0
Data de inscrição : 15/05/2014

Voltar ao Topo Ir em baixo

Re: Removendo buscador e página inicial QONE8 do Chrome

Mensagem por Power Max em Dom 18 Maio 2014, 19:25

 Selecione e copie todo o texto destacado em vermelho que te passei.
____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.


Última edição por Power Max em Dom 18 Maio 2014, 19:32, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Removendo buscador e página inicial QONE8 do Chrome

Mensagem por rachoa em Dom 18 Maio 2014, 19:30

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Isabela at 18/05/2014 19:30:03
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit (Build 9200)

Reciclagem vazia (00mn 02s)

========== Chaves do Registo ==========
ELIMINÉ: SearchScopes :{33BB0A4E-99AF-4226-BDF6-49120163DE86}

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINÉ Temporários windows (7) (732.257 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
1 : Chaves do Registo
1 : Pastas
5 : Ficheiros
1 : Restauração Sistema


End of clean in 00mn 08s

========== Caminho do ficheiro do relatório ==========
C:\Users\Isabela\AppData\Roaming\ZHP\ZHPFix[R1].txt - 18/05/2014 01:12:30 [2787]
C:\Users\Isabela\AppData\Roaming\ZHP\ZHPFix[R2].txt - 18/05/2014 19:30:05 [1123]
avatar
rachoa
Iniciante
Iniciante

Mensagens : 19
Reputação : 0
Data de inscrição : 15/05/2014

Voltar ao Topo Ir em baixo

Re: Removendo buscador e página inicial QONE8 do Chrome

Mensagem por Power Max em Dom 18 Maio 2014, 19:31

Como está o PC?

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Removendo buscador e página inicial QONE8 do Chrome

Mensagem por rachoa em Dom 18 Maio 2014, 19:37

Acabei de reiniciar, como pediu o ZHPFix, mas o qone8 ainda tá aqui. Abri o navegador e ele voltou... Está mais rápido, pelo menos. E agora?
 Crying or Very sad 
avatar
rachoa
Iniciante
Iniciante

Mensagens : 19
Reputação : 0
Data de inscrição : 15/05/2014

Voltar ao Topo Ir em baixo

Re: Removendo buscador e página inicial QONE8 do Chrome

Mensagem por Power Max em Dom 18 Maio 2014, 19:40

Baixe o Farbar Recovery Scan Tool e salve-o no Desktop (Área de Trabalho)

Obs: Ao acessar o link acima, clique no botão Download Now 64-Bit Version

Execute o Farbar seguindo as dicas deste tutorial:

Analise importantes áreas do Windows com Farbar Recovery Scan Tool (versão 64 bits)

*Serão criados dois relatórios no Desktop: FRST.txt e Addition.txt

Poste estes dois relatórios em sua próxima resposta. (Obs: se não couber em uma só resposta, pode dividi-la em mais postagens).

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Removendo buscador e página inicial QONE8 do Chrome

Mensagem por rachoa em Dom 18 Maio 2014, 19:53

Relatório 1:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by Isabela (administrator) on ISINHA on 18-05-2014 19:51:01
Running from C:\Users\Isabela\Desktop
Platform: Windows 8 Single Language (X64) OS Language: Portuguese Brazilian
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: [Você precisa estar registrado e conectado para ver este link.]
Download link for 64-Bit Version: [Você precisa estar registrado e conectado para ver este link.]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Você precisa estar registrado e conectado para ver este link.]

==================== Processes (Whitelisted) =================

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1702912 2014-04-04] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3030256 2014-04-21] (Synaptics Incorporated)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [363520 2012-08-02] (IVT Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-31] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-05-13] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-3585445889-2484728970-451866620-1001\...\Run: [uTorrent] => C:\Users\Isabela\AppData\Roaming\uTorrent\uTorrent.exe [1272400 2014-05-11] (BitTorrent Inc.)
HKU\S-1-5-21-3585445889-2484728970-451866620-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3585445889-2484728970-451866620-1001\...\Policies\system: [DisableChangePassword] 0

==================== Internet (Whitelisted) ====================

StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = [Você precisa estar registrado e conectado para ver este link.]
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Você precisa estar registrado e conectado para ver este link.]
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = [Você precisa estar registrado e conectado para ver este link.]
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Você precisa estar registrado e conectado para ver este link.]
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = [Você precisa estar registrado e conectado para ver este link.]
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll (Skype Technologies)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1582632 2014-02-21] (Banco do Brasil)
Tcpip\Parameters: [DhcpNameServer] 189.7.64.17 189.7.64.26 201.6.4.116

FireFox:
========
FF ProfilePath: C:\Users\Isabela\AppData\Roaming\Mozilla\Firefox\Profiles\sm50t0wn.default
FF NewTab: [Você precisa estar registrado e conectado para ver este link.]
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF Homepage: /*hxxp://start.qone8.com/?type=hp&ts=1400174629&from=mp3&uid=3219913727_198313_9C6789B8*/
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: gastecnologia.com.br/sf/bb - C:\Users\Isabela\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-br.xml
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Isabela\AppData\Roaming\Mozilla\Firefox\Profiles\sm50t0wn.default\Extensions\ascsurfingprotection@iobit.com [2014-04-11]
FF HKCU\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\Isabela\AppData\Local\GAS Tecnologia\GBBD\bb\xpi
FF Extension: GBBD Banco do Brasil - C:\Users\Isabela\AppData\Local\GAS Tecnologia\GBBD\bb\xpi [2014-04-14]

Chrome:
=======
CHR StartupUrls: "hxxp://start.qone8.com/?type=hp&ts=1400174629&from=mp3&uid=3219913727_198313_9C6789B8"
CHR DefaultSearchKeyword: google.com.br
CHR Extension: (Google Docs) - C:\Users\Isabela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-11]
CHR Extension: (Google Drive) - C:\Users\Isabela\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-11]
CHR Extension: (YouTube) - C:\Users\Isabela\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-11]
CHR Extension: (Pesquisa do Google) - C:\Users\Isabela\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-11]
CHR Extension: (Google Wallet) - C:\Users\Isabela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-11]
CHR Extension: (GBBD Banco do Brasil) - C:\Users\Isabela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgacfjdigcddmmncljpflgcfpfahebkh [2014-03-07]
CHR Extension: (Gmail) - C:\Users\Isabela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-11]
CHR HKCU\...\Chrome\Extension: [pgacfjdigcddmmncljpflgcfpfahebkh] - C:\Users\Isabela\AppData\Local\GAS Tecnologia\GBBD\bb\sf.crx [2014-04-14]

==================== Services (Whitelisted) =================

R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881440 2013-12-09] (IObit)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1544192 2012-08-02] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2012-07-10] (IVT Corporation)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [519720 2014-02-21] (GAS Tecnologia)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthAvrcpTg;
U4 BthHFEnum;
U4 bthhfhid;
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
S3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48736 2012-08-08] (Ralink Corporation)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [14872 2014-01-07] ()
S2 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2012-06-22] ()
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2014-04-04] (Intel Corporation)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-03] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [695392 2012-08-09] (Ralink Technology, Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2014-04-21] (Synaptics Incorporated)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2014-04-04] (Hewlett-Packard Development Company, L.P.)
S3 BdApiUtil; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys [X]
S3 BdCameraProtect; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys [X]
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\3.7.0.0\PCFApiUtil64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-18 19:51 - 2014-05-18 19:51 - 00015855 _____ () C:\Users\Isabela\Desktop\FRST.txt
2014-05-18 19:50 - 2014-05-18 19:51 - 00000000 ____D () C:\FRST
2014-05-18 19:48 - 2014-05-18 19:48 - 02067456 _____ (Farbar) C:\Users\Isabela\Desktop\FRST64.exe
2014-05-18 19:32 - 2014-05-18 19:32 - 00002506 _____ () C:\Windows\PFRO.log
2014-05-18 19:31 - 2014-05-18 19:31 - 00016972 _____ () C:\Users\Isabela\Desktop\eja.odt
2014-05-18 19:31 - 2014-05-18 19:30 - 00001205 _____ () C:\Users\Isabela\Desktop\ZHPFixReport.txt
2014-05-18 18:00 - 2014-05-18 18:00 - 00026957 _____ () C:\Users\Isabela\Desktop\ZHPDiag.txt
2014-05-18 17:53 - 2014-05-18 19:34 - 00051965 _____ () C:\Windows\WindowsUpdate.log
2014-05-18 01:14 - 2014-05-18 19:32 - 00000354 _____ () C:\Windows\Tasks\HPCeeScheduleForIsabela.job
2014-05-18 01:14 - 2014-05-18 01:14 - 00003172 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForIsabela
2014-05-17 17:56 - 2014-05-17 17:56 - 00001989 _____ () C:\Users\Isabela\Desktop\ZHPFix.lnk
2014-05-17 17:56 - 2014-05-17 17:56 - 00001862 _____ () C:\Users\Isabela\Desktop\ZHPDiag.lnk
2014-05-17 17:52 - 2014-05-18 19:31 - 00000000 ____D () C:\Users\Isabela\AppData\Roaming\ZHP
2014-05-17 17:52 - 2014-05-18 17:55 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-05-17 17:52 - 2014-05-17 17:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-05-17 17:50 - 2014-05-15 22:01 - 06778868 _____ (Nicolas Coolman ) C:\Users\Isabela\Downloads\3 - ZHPDiag2.exe
2014-05-17 17:49 - 2014-05-17 17:50 - 06769536 _____ () C:\Users\Isabela\Downloads\3 - ZHPDiag2.rar
2014-05-16 13:19 - 2014-05-16 13:19 - 00000000 ____D () C:\Users\Todos os Usuários\Adobe
2014-05-16 13:19 - 2014-05-16 13:19 - 00000000 ____D () C:\Users\Isabela\AppData\Roaming\Adobe
2014-05-16 13:19 - 2014-05-16 13:19 - 00000000 ____D () C:\Users\Isabela\AppData\Local\Adobe
2014-05-16 13:19 - 2014-05-16 13:19 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-16 00:15 - 2014-05-16 00:15 - 00000775 _____ () C:\Users\Isabela\Desktop\JRT.txt
2014-05-15 23:59 - 2014-05-15 23:59 - 00000000 ____D () C:\Windows\ERUNT
2014-05-15 23:59 - 2014-05-15 21:57 - 01016261 _____ (Thisisu) C:\Users\Isabela\Downloads\1 - JRT.exe
2014-05-15 23:56 - 2014-05-15 23:57 - 00976124 _____ () C:\Users\Isabela\Downloads\1 - JRT.rar
2014-05-15 23:33 - 2014-05-15 23:02 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-15 23:05 - 2014-05-15 23:35 - 00015501 _____ () C:\zoek-results.log
2014-05-15 23:02 - 2014-05-15 23:26 - 00000000 ____D () C:\zoek_backup
2014-05-15 23:02 - 2014-05-15 23:02 - 01278530 _____ () C:\Users\Isabela\Downloads\2 - zoek.rar
2014-05-15 23:02 - 2014-05-15 22:00 - 01285120 _____ () C:\Users\Isabela\Downloads\2 - zoek.exe
2014-05-15 21:41 - 2014-05-15 21:41 - 00000000 _____ () C:\asc_rdflag
2014-05-15 21:38 - 2014-05-15 21:38 - 00001063 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-15 21:38 - 2014-05-15 21:38 - 00001051 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-15 21:38 - 2014-05-15 21:38 - 00000971 _____ () C:\Users\Isabela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-15 21:35 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-15 21:34 - 2014-05-15 21:39 - 00000000 ____D () C:\AdwCleaner
2014-05-15 21:31 - 2014-05-15 21:31 - 01325827 _____ () C:\Users\Isabela\Downloads\adwcleaner_3.208.exe
2014-05-15 20:10 - 2014-05-15 20:10 - 00000000 _____ () C:\autoexec.bat
2014-05-15 20:09 - 2014-05-17 19:19 - 00003332 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-05-15 20:09 - 2014-05-15 20:09 - 00000000 ____D () C:\sh4ldr
2014-05-15 20:09 - 2014-05-15 20:09 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-05-15 20:09 - 2012-06-22 11:01 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2014-05-15 20:08 - 2014-05-15 20:09 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-05-15 20:07 - 2014-05-15 20:07 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Isabela\Downloads\SpyHunter-Installer.exe
2014-05-15 19:24 - 2014-05-15 19:24 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-05-15 19:24 - 2014-05-15 19:24 - 00387268 _____ () C:\Windows\system32\ApnDatabase.xml
2014-05-15 19:24 - 2014-05-15 19:24 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-05-15 19:24 - 2014-05-15 19:24 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-05-15 19:24 - 2014-05-15 19:24 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-05-15 19:05 - 2014-05-01 17:37 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-15 19:05 - 2014-05-01 17:37 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-15 14:28 - 2014-05-15 18:58 - 00000000 ____D () C:\Users\Isabela\AppData\Local\966
2014-05-15 14:19 - 2014-05-16 14:34 - 00000000 ____D () C:\Users\Isabela\Desktop\selma
2014-05-14 21:57 - 2014-05-14 21:57 - 00000000 ____D () C:\Users\Isabela\Desktop\projeto glad_data
2014-05-14 18:30 - 2014-05-14 18:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lame Front-End
2014-05-14 18:30 - 2014-05-14 18:30 - 00000000 ____D () C:\Program Files (x86)\pazera-software
2014-05-14 18:28 - 2014-05-14 18:28 - 01630368 _____ (Jacek Pazera ) C:\Users\Isabela\Downloads\Lame_Front-End.exe
2014-05-14 18:07 - 2014-05-14 21:57 - 00000000 ____D () C:\Users\Isabela\Desktop\TW99
2014-05-14 14:32 - 2014-05-14 22:07 - 00000000 ____D () C:\Users\Isabela\AppData\Roaming\Audacity
2014-05-14 14:32 - 2014-05-14 14:32 - 00001021 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-05-14 14:32 - 2014-05-14 14:32 - 00001009 _____ () C:\Users\Public\Desktop\Audacity.lnk
2014-05-14 14:31 - 2014-05-14 14:32 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-05-14 14:02 - 2014-05-14 14:21 - 00000000 ____D () C:\Users\Isabela\AppData\Roaming\Free Audio Editor
2014-05-14 14:01 - 2014-05-14 14:35 - 00000000 ____D () C:\Users\Isabela\Downloads\AUDIO WAV
2014-05-14 13:55 - 2002-01-05 16:37 - 00344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2014-05-14 00:38 - 2014-03-28 16:19 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-05-14 00:38 - 2014-03-23 19:11 - 00269592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-05-14 00:30 - 2014-03-28 05:23 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-05-13 23:07 - 2014-03-28 05:23 - 19759104 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-13 23:07 - 2014-03-28 03:18 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-13 23:06 - 2014-04-12 06:27 - 00172888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-13 23:06 - 2014-04-12 06:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-13 23:06 - 2014-04-12 06:09 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-05-13 23:06 - 2014-04-12 06:09 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-05-13 23:06 - 2014-04-12 06:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-13 23:06 - 2014-04-12 06:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-13 23:06 - 2014-04-12 06:08 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-13 23:06 - 2014-04-12 06:08 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-13 23:06 - 2014-04-12 06:08 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-05-13 23:06 - 2014-04-12 06:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-13 23:06 - 2014-04-12 06:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-13 23:06 - 2014-04-12 04:23 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-05-13 23:06 - 2014-04-12 04:23 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-05-13 23:06 - 2014-04-12 04:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-13 23:06 - 2014-04-12 04:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-13 23:06 - 2014-04-12 04:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-13 23:06 - 2014-04-12 04:22 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-13 23:06 - 2014-04-12 04:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-13 23:06 - 2014-04-12 03:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2014-05-13 23:06 - 2014-03-11 00:32 - 06987096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-13 23:06 - 2014-03-11 00:25 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-13 23:06 - 2014-03-10 21:41 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-13 23:06 - 2014-03-10 21:41 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-13 23:06 - 2014-03-10 21:41 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-13 23:06 - 2014-03-10 21:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-13 23:06 - 2014-03-10 21:38 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-13 23:06 - 2014-03-10 21:38 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-13 23:06 - 2014-03-10 21:38 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-13 23:06 - 2014-03-10 21:38 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-05-13 23:06 - 2014-03-10 21:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-13 23:06 - 2014-03-10 21:38 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-13 23:06 - 2014-03-10 21:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-13 23:06 - 2014-03-10 00:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 23:06 - 2014-03-09 22:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-13 23:06 - 2014-03-03 20:07 - 00570216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-05-13 23:05 - 2014-05-06 00:48 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-13 23:04 - 2014-05-06 02:14 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-13 23:04 - 2014-05-06 02:14 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-13 23:04 - 2014-05-06 00:48 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-13 23:04 - 2014-05-06 00:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-13 23:04 - 2014-05-06 00:26 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-12 15:29 - 2014-05-12 15:29 - 00020379 _____ () C:\Users\Isabela\Downloads\[kickass.to]once.upon.a.time.complete.season.2.torrent
2014-05-09 12:56 - 2014-05-09 12:56 - 00000000 ____D () C:\Users\Isabela\Desktop\OpenOffice 4.1.0 (pt-BR) Installation Files
2014-05-09 12:50 - 2014-05-09 12:52 - 128780976 _____ () C:\Users\Isabela\Downloads\Apache_OpenOffice_4.1.0_Win_x86_install_pt-BR.exe
2014-05-09 12:22 - 2014-05-09 12:22 - 00010012 _____ () C:\Users\Isabela\Documents\Histórico de Participações.htm
2014-05-09 12:22 - 2014-05-09 12:22 - 00000000 ____D () C:\Users\Isabela\Documents\Histórico de Participações_files
2014-05-07 20:27 - 2014-05-07 20:27 - 36544512 _____ () C:\Windows\system32\config\COMPONENTS.iodefrag.bak
2014-05-06 00:46 - 2014-04-19 06:39 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-05-06 00:46 - 2014-04-19 05:45 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-05-06 00:46 - 2014-04-19 05:45 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-06 00:46 - 2014-04-19 03:57 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-05-06 00:46 - 2014-04-19 03:57 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-04 23:39 - 2014-05-04 23:39 - 00019223 _____ () C:\Users\Isabela\Downloads\[kickass.to]teen.wolf.season.3.episodes.13.24.hdtv.x264.vega004.torrent
2014-05-04 11:24 - 2014-05-04 11:24 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-04 11:24 - 2014-05-04 11:24 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-05-04 11:24 - 2014-05-04 11:24 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-05-04 11:24 - 2014-05-04 11:24 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-04 11:24 - 2014-05-04 11:24 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-05-04 11:24 - 2014-05-04 11:24 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-05-04 11:24 - 2014-05-04 11:24 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-05-04 11:24 - 2014-05-04 11:24 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-05-04 11:17 - 2014-05-04 11:17 - 36519936 _____ () C:\Windows\system32\config\COMPONENTS.iobit
2014-04-29 20:27 - 2014-04-29 20:27 - 00000000 ____D () C:\Users\Isabela\Desktop\PETAR
2014-04-28 13:49 - 2014-04-28 13:50 - 04824064 _____ () C:\Users\Isabela\Downloads\Geomorfologia Cárstica.sist mundo.ppt
2014-04-21 00:21 - 2014-04-21 00:20 - 00524016 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys
2014-04-21 00:21 - 2014-04-21 00:20 - 00264432 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2014-04-21 00:21 - 2014-04-21 00:20 - 00192240 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo19.dll
2014-04-21 00:21 - 2014-04-21 00:20 - 00151280 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynTPCom.dll
2014-04-21 00:21 - 2014-04-21 00:19 - 00819440 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2014-04-21 00:21 - 2014-04-21 00:19 - 00351984 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll
2014-04-21 00:21 - 2014-04-21 00:19 - 00033008 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2014-04-21 00:10 - 2013-01-25 11:47 - 00000313 _____ () C:\Windows\SysWOW64\RaCheckBTDev.ini
2014-04-21 00:00 - 2014-04-21 00:00 - 00000000 ____D () C:\Users\Isabela\AppData\Roaming\InstallShield
2014-04-21 00:00 - 2014-04-21 00:00 - 00000000 ____D () C:\Program Files (x86)\Ralink
2014-04-21 00:00 - 2014-03-07 16:30 - 02531528 _____ (Ralink Technology, Corp.) C:\Windows\system32\Drivers\netr28x.sys
2014-04-21 00:00 - 2013-12-17 21:06 - 00332080 _____ (Ralink Technology, Inc.) C:\Windows\system32\RaCoInstx.dll
2014-04-21 00:00 - 2013-12-17 14:41 - 00013973 _____ () C:\Windows\system32\RaCoInst.dat
2014-04-21 00:00 - 2013-01-25 11:47 - 00000313 _____ () C:\Windows\system32\RaCheckBTDev.ini
2014-04-20 20:25 - 2014-04-20 20:25 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-04-20 20:25 - 2014-04-20 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-04-20 20:22 - 2014-04-20 20:25 - 00000000 ____D () C:\Users\Todos os Usuários\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-20 20:22 - 2014-04-20 20:25 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-20 20:22 - 2014-04-20 20:25 - 00000000 ____D () C:\Program Files\iTunes
2014-04-20 20:22 - 2014-04-20 20:25 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-20 20:22 - 2014-04-20 20:22 - 00000000 ____D () C:\Program Files\iPod
2014-04-20 20:18 - 2014-05-18 19:32 - 00000000 ____D () C:\Program Files\Bonjour
2014-04-20 20:18 - 2014-04-20 20:18 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-04-20 20:08 - 2014-04-20 20:18 - 00000000 ____D () C:\Users\Isabela\Desktop\Músicas Noivado

==================== One Month Modified Files and Folders =======

2014-05-18 19:51 - 2014-05-18 19:51 - 00015855 _____ () C:\Users\Isabela\Desktop\FRST.txt
2014-05-18 19:51 - 2014-05-18 19:50 - 00000000 ____D () C:\FRST
2014-05-18 19:48 - 2014-05-18 19:48 - 02067456 _____ (Farbar) C:\Users\Isabela\Desktop\FRST64.exe
2014-05-18 19:40 - 2013-10-11 13:32 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3585445889-2484728970-451866620-1001
2014-05-18 19:38 - 2012-09-25 23:08 - 00792452 _____ () C:\Windows\system32\prfh0416.dat
2014-05-18 19:38 - 2012-09-25 23:08 - 00166504 _____ () C:\Windows\system32\prfc0416.dat
2014-05-18 19:38 - 2012-07-26 04:28 - 01900858 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-18 19:34 - 2014-05-18 17:53 - 00051965 _____ () C:\Windows\WindowsUpdate.log
2014-05-18 19:34 - 2014-01-21 18:01 - 00001080 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-18 19:34 - 2013-10-15 13:01 - 00000000 ____D () C:\Users\Isabela\AppData\Roaming\uTorrent
2014-05-18 19:33 - 2014-01-21 18:01 - 00001084 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-18 19:32 - 2014-05-18 19:32 - 00002506 _____ () C:\Windows\PFRO.log
2014-05-18 19:32 - 2014-05-18 01:14 - 00000354 _____ () C:\Windows\Tasks\HPCeeScheduleForIsabela.job
2014-05-18 19:32 - 2014-04-20 20:18 - 00000000 ____D () C:\Program Files\Bonjour
2014-05-18 19:32 - 2012-08-10 17:45 - 00000821 _____ () C:\Windows\SysWOW64\bscs.ini
2014-05-18 19:32 - 2012-07-26 04:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-18 19:32 - 2012-07-26 02:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-05-18 19:31 - 2014-05-18 19:31 - 00016972 _____ () C:\Users\Isabela\Desktop\eja.odt
2014-05-18 19:31 - 2014-05-17 17:52 - 00000000 ____D () C:\Users\Isabela\AppData\Roaming\ZHP
2014-05-18 19:31 - 2013-10-16 19:55 - 01095680 ___SH () C:\Users\Isabela\Desktop\Thumbs.db
2014-05-18 19:30 - 2014-05-18 19:31 - 00001205 _____ () C:\Users\Isabela\Desktop\ZHPFixReport.txt
2014-05-18 19:04 - 2013-10-11 13:25 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8D7ECDF9-AE4E-4854-9283-CF06A75DD99F}
2014-05-18 19:00 - 2012-07-26 05:12 - 00000000 ____D () C:\Windows\system32\sru
2014-05-18 18:09 - 2013-10-12 10:46 - 00364544 ___SH () C:\Users\Isabela\Downloads\Thumbs.db
2014-05-18 18:00 - 2014-05-18 18:00 - 00026957 _____ () C:\Users\Isabela\Desktop\ZHPDiag.txt
2014-05-18 17:55 - 2014-05-17 17:52 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-05-18 17:53 - 2014-01-21 17:28 - 00002207 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-05-18 12:47 - 2013-10-14 14:23 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-05-18 12:47 - 2013-10-14 14:22 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-05-18 01:14 - 2014-05-18 01:14 - 00003172 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForIsabela
2014-05-18 01:14 - 2013-10-11 13:21 - 00000000 ____D () C:\Users\Isabela
2014-05-17 19:19 - 2014-05-15 20:09 - 00003332 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-05-17 19:19 - 2014-04-11 12:23 - 00003100 _____ () C:\Windows\System32\Tasks\ASC7_PerformanceMonitor
2014-05-17 19:19 - 2014-03-06 00:22 - 00003220 _____ () C:\Windows\System32\Tasks\Driver Booster Scan
2014-05-17 18:06 - 2013-10-30 08:09 - 00000000 ____D () C:\Users\Isabela\AppData\Roaming\vlc
2014-05-17 17:56 - 2014-05-17 17:56 - 00001989 _____ () C:\Users\Isabela\Desktop\ZHPFix.lnk
2014-05-17 17:56 - 2014-05-17 17:56 - 00001862 _____ () C:\Users\Isabela\Desktop\ZHPDiag.lnk
2014-05-17 17:56 - 2014-05-17 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-05-17 17:50 - 2014-05-17 17:49 - 06769536 _____ () C:\Users\Isabela\Downloads\3 - ZHPDiag2.rar
2014-05-16 14:34 - 2014-05-15 14:19 - 00000000 ____D () C:\Users\Isabela\Desktop\selma
2014-05-16 14:29 - 2013-12-11 09:46 - 00000132 _____ () C:\Users\Isabela\AppData\Roaming\Preferências do Formato PNG do Adobe CS6
2014-05-16 13:19 - 2014-05-16 13:19 - 00000000 ____D () C:\Users\Todos os Usuários\Adobe
2014-05-16 13:19 - 2014-05-16 13:19 - 00000000 ____D () C:\Users\Isabela\AppData\Roaming\Adobe
2014-05-16 13:19 - 2014-05-16 13:19 - 00000000 ____D () C:\Users\Isabela\AppData\Local\Adobe
2014-05-16 13:19 - 2014-05-16 13:19 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-16 00:15 - 2014-05-16 00:15 - 00000775 _____ () C:\Users\Isabela\Desktop\JRT.txt
2014-05-15 23:59 - 2014-05-15 23:59 - 00000000 ____D () C:\Windows\ERUNT
2014-05-15 23:57 - 2014-05-15 23:56 - 00976124 _____ () C:\Users\Isabela\Downloads\1 - JRT.rar
2014-05-15 23:35 - 2014-05-15 23:05 - 00015501 _____ () C:\zoek-results.log
2014-05-15 23:26 - 2014-05-15 23:02 - 00000000 ____D () C:\zoek_backup
2014-05-15 23:02 - 2014-05-15 23:33 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-15 23:02 - 2014-05-15 23:02 - 01278530 _____ () C:\Users\Isabela\Downloads\2 - zoek.rar
2014-05-15 22:01 - 2014-05-17 17:50 - 06778868 _____ (Nicolas Coolman ) C:\Users\Isabela\Downloads\3 - ZHPDiag2.exe
2014-05-15 22:00 - 2014-05-15 23:02 - 01285120 _____ () C:\Users\Isabela\Downloads\2 - zoek.exe
2014-05-15 21:57 - 2014-05-15 23:59 - 01016261 _____ (Thisisu) C:\Users\Isabela\Downloads\1 - JRT.exe
2014-05-15 21:41 - 2014-05-15 21:41 - 00000000 _____ () C:\asc_rdflag
2014-05-15 21:41 - 2014-01-21 17:49 - 68124672 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-05-15 21:41 - 2014-01-21 17:49 - 00356352 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-05-15 21:41 - 2014-01-21 17:49 - 00069632 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-05-15 21:41 - 2014-01-21 17:49 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-05-15 21:39 - 2014-05-15 21:34 - 00000000 ____D () C:\AdwCleaner
2014-05-15 21:38 - 2014-05-15 21:38 - 00001063 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-15 21:38 - 2014-05-15 21:38 - 00001051 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-15 21:38 - 2014-05-15 21:38 - 00000971 _____ () C:\Users\Isabela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-15 21:31 - 2014-05-15 21:31 - 01325827 _____ () C:\Users\Isabela\Downloads\adwcleaner_3.208.exe
2014-05-15 20:10 - 2014-05-15 20:10 - 00000000 _____ () C:\autoexec.bat
2014-05-15 20:09 - 2014-05-15 20:09 - 00000000 ____D () C:\sh4ldr
2014-05-15 20:09 - 2014-05-15 20:09 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-05-15 20:09 - 2014-05-15 20:08 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-05-15 20:07 - 2014-05-15 20:07 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Isabela\Downloads\SpyHunter-Installer.exe
2014-05-15 19:27 - 2014-01-21 17:28 - 00000260 _____ () C:\Windows\Tasks\ASC7_SkipUac_Isabela.job
2014-05-15 19:24 - 2014-05-15 19:24 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-05-15 19:24 - 2014-05-15 19:24 - 00387268 _____ () C:\Windows\system32\ApnDatabase.xml
2014-05-15 19:24 - 2014-05-15 19:24 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-05-15 19:24 - 2014-05-15 19:24 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-05-15 19:24 - 2014-05-15 19:24 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-05-15 19:06 - 2013-10-11 13:25 - 00000000 ___RD () C:\Users\Isabela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 19:06 - 2013-10-11 13:25 - 00000000 ___RD () C:\Users\Isabela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 19:02 - 2012-07-26 05:12 - 00000000 ___RD () C:\Windows\ToastData
2014-05-15 19:02 - 2012-07-26 05:12 - 00000000 ___RD () C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-15 19:02 - 2012-07-26 05:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-15 19:02 - 2012-07-26 05:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-15 19:02 - 2012-07-26 05:12 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-05-15 19:02 - 2012-07-26 05:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-15 19:02 - 2012-07-26 05:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-15 18:58 - 2014-05-15 14:28 - 00000000 ____D () C:\Users\Isabela\AppData\Local\966
2014-05-15 18:33 - 2014-01-21 18:02 - 00002270 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-14 22:07 - 2014-05-14 14:32 - 00000000 ____D () C:\Users\Isabela\AppData\Roaming\Audacity
2014-05-14 21:57 - 2014-05-14 21:57 - 00000000 ____D () C:\Users\Isabela\Desktop\projeto glad_data
2014-05-14 21:57 - 2014-05-14 18:07 - 00000000 ____D () C:\Users\Isabela\Desktop\TW99
2014-05-14 18:31 - 2013-10-11 13:22 - 00000000 ____D () C:\Users\Isabela\AppData\Local\VirtualStore
2014-05-14 18:30 - 2014-05-14 18:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lame Front-End
2014-05-14 18:30 - 2014-05-14 18:30 - 00000000 ____D () C:\Program Files (x86)\pazera-software
2014-05-14 18:28 - 2014-05-14 18:28 - 01630368 _____ (Jacek Pazera ) C:\Users\Isabela\Downloads\Lame_Front-End.exe
2014-05-14 16:17 - 2012-07-26 05:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-05-14 16:15 - 2013-10-14 18:25 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 16:09 - 2013-10-14 18:25 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 16:09 - 2012-07-26 02:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-05-14 14:35 - 2014-05-14 14:01 - 00000000 ____D () C:\Users\Isabela\Downloads\AUDIO WAV
2014-05-14 14:32 - 2014-05-14 14:32 - 00001021 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-05-14 14:32 - 2014-05-14 14:32 - 00001009 _____ () C:\Users\Public\Desktop\Audacity.lnk
2014-05-14 14:32 - 2014-05-14 14:31 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-05-14 14:21 - 2014-05-14 14:02 - 00000000 ____D () C:\Users\Isabela\AppData\Roaming\Free Audio Editor
2014-05-12 22:45 - 2013-11-18 21:23 - 00000000 ____D () C:\Users\Isabela\Desktop\torrents
2014-05-12 15:29 - 2014-05-12 15:29 - 00020379 _____ () C:\Users\Isabela\Downloads\[kickass.to]once.upon.a.time.complete.season.2.torrent
2014-05-12 15:18 - 2013-10-16 19:54 - 00000000 ____D () C:\Users\Isabela\Desktop\textos
2014-05-11 12:18 - 2012-07-26 05:12 - 00000000 ____D () C:\Windows\rescache
2014-05-11 11:19 - 2013-10-15 13:06 - 00000855 _____ () C:\Users\Isabela\Desktop\µTorrent.lnk
2014-05-11 11:19 - 2013-10-15 13:06 - 00000835 _____ () C:\Users\Isabela\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-05-09 15:30 - 2013-10-16 19:50 - 00000000 ____D () C:\Users\Isabela\Desktop\textos da faculdade
2014-05-09 12:56 - 2014-05-09 12:56 - 00000000 ____D () C:\Users\Isabela\Desktop\OpenOffice 4.1.0 (pt-BR) Installation Files
2014-05-09 12:52 - 2014-05-09 12:50 - 128780976 _____ () C:\Users\Isabela\Downloads\Apache_OpenOffice_4.1.0_Win_x86_install_pt-BR.exe
2014-05-09 12:28 - 2014-01-21 18:01 - 00004056 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-09 12:28 - 2014-01-21 18:01 - 00003820 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-09 12:22 - 2014-05-09 12:22 - 00010012 _____ () C:\Users\Isabela\Documents\Histórico de Participações.htm
2014-05-09 12:22 - 2014-05-09 12:22 - 00000000 ____D () C:\Users\Isabela\Documents\Histórico de Participações_files
2014-05-07 20:29 - 2012-07-26 05:12 - 00000000 ____D () C:\Windows\WinStore
2014-05-07 20:27 - 2014-05-07 20:27 - 36544512 _____ () C:\Windows\system32\config\COMPONENTS.iodefrag.bak
2014-05-07 20:03 - 2012-07-26 05:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-07 13:17 - 2013-10-16 19:55 - 00000000 ____D () C:\Users\Isabela\Desktop\Iniciação
2014-05-06 02:14 - 2014-05-13 23:04 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 02:14 - 2014-05-13 23:04 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 00:48 - 2014-05-13 23:05 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-06 00:48 - 2014-05-13 23:04 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 00:37 - 2014-05-13 23:04 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 00:26 - 2014-05-13 23:04 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-04 23:39 - 2014-05-04 23:39 - 00019223 _____ () C:\Users\Isabela\Downloads\[kickass.to]teen.wolf.season.3.episodes.13.24.hdtv.x264.vega004.torrent
2014-05-04 11:44 - 2013-10-16 20:06 - 00000000 ____D () C:\Users\Isabela\Desktop\coisinhas
2014-05-04 11:43 - 2014-04-06 18:00 - 00000000 ____D () C:\Users\Isabela\Desktop\sd
2014-05-04 11:24 - 2014-05-04 11:24 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-04 11:24 - 2014-05-04 11:24 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-05-04 11:24 - 2014-05-04 11:24 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-05-04 11:24 - 2014-05-04 11:24 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-04 11:24 - 2014-05-04 11:24 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-05-04 11:24 - 2014-05-04 11:24 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-05-04 11:24 - 2014-05-04 11:24 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-05-04 11:24 - 2014-05-04 11:24 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-05-04 11:17 - 2014-05-04 11:17 - 36519936 _____ () C:\Windows\system32\config\COMPONENTS.iobit
2014-05-04 10:37 - 2014-03-31 00:15 - 00328200 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-01 17:37 - 2014-05-15 19:05 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-01 17:37 - 2014-05-15 19:05 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-29 21:48 - 2013-10-16 19:50 - 00000000 ____D () C:\Users\Isabela\Desktop\Arquivos
2014-04-29 20:27 - 2014-04-29 20:27 - 00000000 ____D () C:\Users\Isabela\Desktop\PETAR
2014-04-28 13:50 - 2014-04-28 13:49 - 04824064 _____ () C:\Users\Isabela\Downloads\Geomorfologia Cárstica.sist mundo.ppt
2014-04-25 20:39 - 2014-02-25 18:53 - 00000000 ____D () C:\Windows\Minidump
2014-04-21 00:20 - 2014-04-21 00:21 - 00524016 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys
2014-04-21 00:20 - 2014-04-21 00:21 - 00264432 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2014-04-21 00:20 - 2014-04-21 00:21 - 00192240 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo19.dll
2014-04-21 00:20 - 2014-04-21 00:21 - 00151280 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynTPCom.dll
2014-04-21 00:20 - 2012-08-03 21:02 - 00000000 ____D () C:\SWSetup
2014-04-21 00:19 - 2014-04-21 00:21 - 00819440 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2014-04-21 00:19 - 2014-04-21 00:21 - 00351984 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll
2014-04-21 00:19 - 2014-04-21 00:21 - 00033008 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2014-04-21 00:09 - 2013-07-19 06:34 - 00005535 _____ () C:\Windows\system32\RaCoInst.log
2014-04-21 00:00 - 2014-04-21 00:00 - 00000000 ____D () C:\Users\Isabela\AppData\Roaming\InstallShield
2014-04-21 00:00 - 2014-04-21 00:00 - 00000000 ____D () C:\Program Files (x86)\Ralink
2014-04-20 21:15 - 2014-01-21 17:29 - 00000000 ____D () C:\Users\Isabela\AppData\Roaming\Apple Computer
2014-04-20 20:25 - 2014-04-20 20:25 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-04-20 20:25 - 2014-04-20 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-04-20 20:25 - 2014-04-20 20:22 - 00000000 ____D () C:\Users\Todos os Usuários\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-20 20:25 - 2014-04-20 20:22 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-20 20:25 - 2014-04-20 20:22 - 00000000 ____D () C:\Program Files\iTunes
2014-04-20 20:25 - 2014-04-20 20:22 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-20 20:22 - 2014-04-20 20:22 - 00000000 ____D () C:\Program Files\iPod
2014-04-20 20:18 - 2014-04-20 20:18 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-04-20 20:18 - 2014-04-20 20:08 - 00000000 ____D () C:\Users\Isabela\Desktop\Músicas Noivado
2014-04-19 06:39 - 2014-05-06 00:46 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-04-19 05:45 - 2014-05-06 00:46 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-04-19 05:45 - 2014-05-06 00:46 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-19 03:57 - 2014-05-06 00:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-04-19 03:57 - 2014-05-06 00:46 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-05-13 23:06] - [2014-04-12 06:10] - 0578048 ____A (Microsoft Corporation) 75DD70A14145499C9F7D903CF9A8C91B

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-18 12:54

==================== End Of Log ============================
avatar
rachoa
Iniciante
Iniciante

Mensagens : 19
Reputação : 0
Data de inscrição : 15/05/2014

Voltar ao Topo Ir em baixo

Re: Removendo buscador e página inicial QONE8 do Chrome

Mensagem por rachoa em Dom 18 Maio 2014, 19:55

Relatório 2:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-05-2014
Ran by Isabela at 2014-05-18 19:52:11
Running from C:\Users\Isabela\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31139 - BitTorrent Inc.)
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.1.0.8 - Absolute Software)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.1.0 - IObit)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1916 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.1.3119 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.6.4319 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dream Chronicles (x32 Version: 2.2.0.95 - WildTangent) Hidden
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.2 - IObit)
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Galeria de Fotos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
GBBD Banco do Brasil (HKLM-x32\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.7.1.1 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Heartwild Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{EBA81BE1-5252-4ED9-B573-21746AF0929F}) (Version: 4.2.8.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKCU\...\HPConnectedMusic) (Version: 1.1 (build 59) hp - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{16B7BDA1-B967-4D2D-8B27-E12727C28350}) (Version: 2.10.3 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{0E4AF773-9908-4F3B-8D57-E402FE198107}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Postscript Converter (Version: 3.1.3554 - Hewlett-Packard) Hidden
HP Quick Launch (HKLM-x32\...\{609B11CC-8CED-4116-AD8A-A72168894D39}) (Version: 3.0.4 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 7.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{14FE2E94-DC3D-4F7C-BB41-EB7E672B3E8B}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{B8019B54-F9BE-490A-9619-6D06F18F129F}) (Version: 7.0.32.44 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.5.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6417.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.0.5.1228 - IObit)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Quest II (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jogos da WildTangent (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
JoJo's Fashion Show (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Lame Front-End 1.8 (HKLM-x32\...\{0908334B-6065-48A1-BD91-EC7A03DF77CE}_is1) (Version: 1.8 - Jacek Pazera)
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Malwarebytes Anti-Malware versão 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 26.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 26.0 (x86 pt-BR)) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.98 - WildTangent) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{50FA6B86-D3C4-4961-A58F-1A061B2DCE04}) (Version: 4.01.9714 - Apache Software Foundation)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Ralink Bluetooth Stack64 (HKLM\...\{58BC91D0-42E7-125D-F9B6-F2F5C0CDB096}) (Version: 9.0.715.0 - Nome da empresa:)
Ralink RT3290LE 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.44.0 - Mediatek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.0 - IObit)
SpyHunter (HKLM\...\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC)
Suporte para Aplicativos Apple (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.1.3 - Synaptics Incorporated)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Westward (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (x32 Version: 4.0.9.6 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
YoutubeMovieMaker (HKLM-x32\...\{E084C471-FA8F-4468-93F1-25B3A13ED942}) (Version: 8.06 - Youtube Movie Maker)
ZHPDiag 2014 (HKLM-x32\...\ZHPDiag_is1) (Version: 2014 - Nicolas Coolman)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Restore Points =========================

29-04-2014 21:20:06 Windows Update
04-05-2014 14:23:41 Instalador de Módulos do Windows
09-05-2014 15:57:44 Instalado OpenOffice 4.1.0
14-05-2014 18:55:17 Windows Update
15-05-2014 22:23:09 Instalador de Módulos do Windows
18-05-2014 04:11:25 ZHPFix Restore System Point

==================== Hosts content: ==========================

2014-05-15 23:05 - 2014-05-15 23:05 - 00000840 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {06CAEDF5-1351-4746-BEC8-F4C7EF503116} - \Driver Booster Update No Task File <==== ATTENTION
Task: {0ABCEA5C-D027-4642-8764-DB264FA0885A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFUpdaterRedux => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {0E6FE576-8A1E-46F0-9BC2-0CA250027BFA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-21] (Google Inc.)
Task: {11429B2C-8C53-4906-A7C5-CCFA7698EC6F} - System32\Tasks\ASC7_SkipUac_Isabela => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2014-01-08] (IObit)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {28EFFA6D-A0D3-4F7A-A479-AFEFE00D41CA} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe [2013-12-03] (IObit)
Task: {3E9DCB48-56CD-49EA-B996-77656053CAC9} - \Baidu PC Faster Update No Task File <==== ATTENTION
Task: {42F59D3B-E3B2-4CF9-8110-DE9DBF4F45EA} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {4819F360-D4DD-41FE-8132-C05758CEE0F6} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2012-07-20] (Intel)
Task: {4EA88D10-AE24-4557-9B23-AD67BF478173} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {657730EA-7772-4F1C-979B-F25E801F0ED8} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {6AA4F9E3-0FB8-4A92-83EE-DC01F997A7F8} - \PileFile reminder No Task File <==== ATTENTION
Task: {70805490-5956-47DF-8811-583B09312318} - \Oxy No Task File <==== ATTENTION
Task: {785DCC04-8AD7-4CC6-8A04-36C3E80D4A06} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7E60EDC2-03D1-4988-AEFE-6BCCEBEAF5F5} - System32\Tasks\HPCeeScheduleForIsabela => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {80F1F24F-042A-4B63-8ECA-D032549B7A25} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-01-16] (IObit)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {BCF5F8FE-452E-4187-BE58-DAAB73F5D702} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {BE2AD285-6C30-4342-94E9-7F4C00EFA692} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2014-01-09] (Enigma Software Group USA, LLC.)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CB0B6476-30EA-4BCE-A7F2-034A984247F8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {CC184A63-E2E4-4090-9402-F93C408B248E} - \Desk 365 RunAsStdUser No Task File <==== ATTENTION
Task: {CD73C012-8904-4F30-9CD5-0B592AAD5EF3} - \PileFile logon No Task File <==== ATTENTION
Task: {CE753A7D-8E3D-4348-B782-4D4F4F1F4FFB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-21] (Google Inc.)
Task: {CFE705F8-5BFD-4B14-984A-BA726BD832B8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {DD187C16-9A18-4226-8E4D-82D0C6510D52} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\Windows\Tasks\ASC7_SkipUac_Isabela.job => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForIsabela.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2012-07-10 18:11 - 2012-07-10 18:11 - 00009728 _____ () C:\Windows\system32\BsHelpCSps.dll
2012-07-10 18:11 - 2012-07-10 18:11 - 00052736 _____ () C:\Windows\system32\BlueSoleilCSps.dll
2012-08-08 02:17 - 2012-08-08 02:17 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-01-21 17:28 - 2013-10-25 11:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll
2014-01-20 12:17 - 2014-01-20 12:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 12:16 - 2014-01-20 12:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-07-10 18:09 - 2012-07-10 18:09 - 00022528 _____ () C:\Windows\SYSTEM32\BsTrace.dll
2012-07-10 18:11 - 2012-07-10 18:11 - 00009728 _____ () C:\Windows\SYSTEM32\BsHelpCSps.dll
2012-07-10 18:11 - 2012-07-10 18:11 - 00052736 _____ () C:\Windows\SYSTEM32\BlueSoleilCSps.dll
2012-07-10 18:14 - 2012-07-10 18:14 - 00072192 _____ () C:\Windows\SYSTEM32\BsProfilefunc.dll
2012-07-27 14:51 - 2012-07-27 14:51 - 00346112 _____ () C:\Windows\SYSTEM32\BsExtendFunc.dll
2014-01-21 17:28 - 2013-01-15 17:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll
2013-07-19 06:31 - 2012-06-25 15:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-05-14 18:53 - 2014-05-07 20:29 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\chrome_elf.dll
2014-05-14 18:53 - 2014-05-07 20:29 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libglesv2.dll
2014-05-14 18:53 - 2014-05-07 20:29 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libegl.dll
2014-05-14 18:53 - 2014-05-07 20:29 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll
2014-05-14 18:53 - 2014-05-07 20:29 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll
2014-05-14 18:53 - 2014-05-07 20:29 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ffmpegsumo.dll
2014-05-14 18:53 - 2014-05-07 20:29 - 13695816 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Adaptador do Microsoft ISATAP
Description: Adaptador do Microsoft ISATAP
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Adaptador do Microsoft ISATAP #2
Description: Adaptador do Microsoft ISATAP
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Adaptador do Microsoft 6to4
Description: Adaptador do Microsoft 6to4
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/18/2014 06:58:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: HPPU.exe, versão: 1.0.0.0, carimbo de data/hora: 0x50079e34
Nome do módulo com falha: d2d1.dll, versão: 6.2.9200.16765, carimbo de data/hora: 0x528bf8d9
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0015948b
ID do processo com falha: 0xddc
Hora de início do aplicativo com falha: 0xHPPU.exe0
Caminho do aplicativo com falha: HPPU.exe1
Caminho do módulo com falha: HPPU.exe2
ID do Relatório: HPPU.exe3
Nome completo do pacote com falha: HPPU.exe4
ID do aplicativo relativo ao pacote com falha: HPPU.exe5

Error: (05/18/2014 06:53:08 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (05/18/2014 00:44:28 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (05/17/2014 07:13:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 131500

Error: (05/17/2014 07:13:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 131500

Error: (05/17/2014 07:13:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/17/2014 07:13:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 130000

Error: (05/17/2014 07:13:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 130000

Error: (05/17/2014 07:13:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/17/2014 07:13:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1734


System errors:
=============
Error: (05/18/2014 07:35:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço LiveUpdate foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Error: (05/18/2014 07:32:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço EsgScanner depende do serviço Logon de rede, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1058

Error: (05/17/2014 06:28:37 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (05/17/2014 06:28:07 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (05/17/2014 05:40:13 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (05/17/2014 05:39:43 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (05/16/2014 07:01:04 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (05/16/2014 06:20:34 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (05/16/2014 06:15:37 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (05/16/2014 05:46:47 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================
Error: (05/18/2014 06:58:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: HPPU.exe1.0.0.050079e34d2d1.dll6.2.9200.16765528bf8d9c00000050015948bddc01cf72e43ed9dea8C:\Program Files (x86)\Hewlett-Packard\HP Utility Center\HPPU.exeC:\Windows\SYSTEM32\d2d1.dll7ed836ac-ded7-11e3-be9f-6c3be5e8b468

Error: (05/18/2014 06:53:08 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (05/18/2014 00:44:28 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (05/17/2014 07:13:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 131500

Error: (05/17/2014 07:13:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 131500

Error: (05/17/2014 07:13:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/17/2014 07:13:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 130000

Error: (05/17/2014 07:13:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 130000

Error: (05/17/2014 07:13:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/17/2014 07:13:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1734


CodeIntegrity Errors:
===================================
Date: 2014-05-18 19:50:57.536
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-18 19:48:09.835
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-18 19:44:23.462
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-18 19:41:06.610
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-18 19:40:44.690
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-18 19:40:10.225
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-18 19:39:31.435
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-18 19:30:08.744
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-18 19:30:08.457
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-18 18:35:43.620
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 80%
Total physical RAM: 1940.27 MB
Available physical RAM: 386.89 MB
Total Pagefile: 6548.27 MB
Available Pagefile: 4848.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:447.58 GB) (Free:271.57 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:17.4 GB) (Free:2.2 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: A723ADEA)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 8 GB) (Disk ID: 1D66E94B)

Partition: GPT Partition Type.

==================== End Of Log ============================
avatar
rachoa
Iniciante
Iniciante

Mensagens : 19
Reputação : 0
Data de inscrição : 15/05/2014

Voltar ao Topo Ir em baixo

Re: Removendo buscador e página inicial QONE8 do Chrome

Mensagem por Power Max em Dom 18 Maio 2014, 20:17

Estou analisando os seus logs. Neles constam o Bonjour, que é um programa sem praticamente nenhuma utilidade e que costuma deixar o PC mais lento, e também o Spyhunter que também não tem praticamente utilidade. Você quer mantê-los ou desinstalá-los?

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Removendo buscador e página inicial QONE8 do Chrome

Mensagem por rachoa em Dom 18 Maio 2014, 20:20

O bonjour veio com o iTunes, ele sincroniza o iPhone, que eu não tenho. O Spyhunter baixei pq vcs pediram, então vou desinstalar os dois.
avatar
rachoa
Iniciante
Iniciante

Mensagens : 19
Reputação : 0
Data de inscrição : 15/05/2014

Voltar ao Topo Ir em baixo

Re: Removendo buscador e página inicial QONE8 do Chrome

Mensagem por Power Max em Dom 18 Maio 2014, 20:23

rachoa escreveu:O bonjour veio com o iTunes, ele sincroniza o iPhone, que eu não tenho. O Spyhunter baixei pq vcs pediram, então vou desinstalar os dois.
Pode desinstalar os dois. Quanto ao Spyhunter não foi nós que pedimos.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Removendo buscador e página inicial QONE8 do Chrome

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Página 1 de 2 1, 2  Seguinte

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum