Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14412 usuários registrados
O último usuário registrado atende pelo nome de LucasDrBr

Os nossos membros postaram um total de 35075 mensagens em 3551 assuntos
Quem está conectado
1 usuário online :: Nenhum usuário registrado, Nenhum Invisível e 1 Visitante :: 1 Motor de busca

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Julho 2017
SegTerQuaQuiSexSabDom
     12
3456789
10111213141516
17181920212223
24252627282930
31      

Calendário Calendário

Palavras chave


Sweetpages - Já tentei usar o Adwcleaner e nada

Página 1 de 2 1, 2  Seguinte

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

Sweetpages - Já tentei usar o Adwcleaner e nada

Mensagem por TaranisBsb em Dom 01 Jun 2014, 12:49

Boa tarde.

Ontem instalei um programa errado achando que era o Adobe PDF Reader e esse Sweetpages veio junto. Já tentei utilizar todas as dicas que uma pesquisa no Google pode trazer, inclusive utilizando o Adwcleaner. Tenho alguns relatórios dele aqui que posso colar. Já não sei mais o que fazer. Vocês poderiam me ajudar?

Grato

Relatório 01

# AdwCleaner v3.211 - Report created 01/06/2014 at 11:56:38
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Gabriel - GABRIEL-PC
# Running from : C:\Users\Gabriel\Downloads\Programas\adwcleaner_3.211.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Google Chrome v35.0.1916.114

[ File : C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deleted [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deleted [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deleted [Startup_urls] : [Você precisa estar registrado e conectado para ver este link.]

*************************

AdwCleaner[R0].txt - [3112 octets] - [01/06/2014 11:30:06]
AdwCleaner[R1].txt - [1323 octets] - [01/06/2014 11:55:54]
AdwCleaner[S0].txt - [2980 octets] - [01/06/2014 11:30:41]
AdwCleaner[S1].txt - [1252 octets] - [01/06/2014 11:56:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1312 octets] ##########

Relatório 02 (Depois que resolvi desinstalar o Chrome)

# AdwCleaner v3.211 - Report created 01/06/2014 at 12:02:55
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Gabriel - GABRIEL-PC
# Running from : C:\Users\Gabriel\Downloads\Programas\adwcleaner_3.211.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\AppDataLow\Software

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


*************************

AdwCleaner[R0].txt - [3112 octets] - [01/06/2014 11:30:06]
AdwCleaner[R1].txt - [1323 octets] - [01/06/2014 11:55:54]
AdwCleaner[R2].txt - [943 octets] - [01/06/2014 12:02:25]
AdwCleaner[S0].txt - [2980 octets] - [01/06/2014 11:30:41]
AdwCleaner[S1].txt - [1392 octets] - [01/06/2014 11:56:38]
AdwCleaner[S2].txt - [867 octets] - [01/06/2014 12:02:55]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [926 octets] ##########


Relatório 03 (Depois de reinstalado o Chrome)

# AdwCleaner v3.211 - Report created 01/06/2014 at 12:18:24
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Gabriel - GABRIEL-PC
# Running from : C:\Users\Gabriel\Downloads\Programas\adwcleaner_3.211.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\AppDataLow\Software

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Google Chrome v35.0.1916.114

[ File : C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]

*************************

AdwCleaner[R0].txt - [3112 octets] - [01/06/2014 11:30:06]
AdwCleaner[R1].txt - [1323 octets] - [01/06/2014 11:55:54]
AdwCleaner[R2].txt - [943 octets] - [01/06/2014 12:02:25]
AdwCleaner[R3].txt - [1015 octets] - [01/06/2014 12:05:13]
AdwCleaner[R4].txt - [1075 octets] - [01/06/2014 12:14:00]
AdwCleaner[R5].txt - [1376 octets] - [01/06/2014 12:17:47]
AdwCleaner[S0].txt - [2980 octets] - [01/06/2014 11:30:41]
AdwCleaner[S1].txt - [1392 octets] - [01/06/2014 11:56:38]
AdwCleaner[S2].txt - [1005 octets] - [01/06/2014 12:02:55]
AdwCleaner[S3].txt - [1301 octets] - [01/06/2014 12:18:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1361 octets] ##########

Relatório 04 (O sweetpage fica voltando mesmo tendo desinstalado o brownser)

# AdwCleaner v3.211 - Report created 01/06/2014 at 12:36:27
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Gabriel - GABRIEL-PC
# Running from : C:\Users\Gabriel\Downloads\Programas\adwcleaner_3.211.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Google Chrome v35.0.1916.114

[ File : C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deleted [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deleted [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deleted [Startup_urls] : [Você precisa estar registrado e conectado para ver este link.]

*************************

AdwCleaner[R0].txt - [3112 octets] - [01/06/2014 11:30:06]
AdwCleaner[R1].txt - [1323 octets] - [01/06/2014 11:55:54]
AdwCleaner[R2].txt - [943 octets] - [01/06/2014 12:02:25]
AdwCleaner[R3].txt - [1015 octets] - [01/06/2014 12:05:13]
AdwCleaner[R4].txt - [1075 octets] - [01/06/2014 12:14:00]
AdwCleaner[R5].txt - [1376 octets] - [01/06/2014 12:17:47]
AdwCleaner[R6].txt - [1802 octets] - [01/06/2014 12:33:40]
AdwCleaner[S0].txt - [2980 octets] - [01/06/2014 11:30:41]
AdwCleaner[S1].txt - [1392 octets] - [01/06/2014 11:56:38]
AdwCleaner[S2].txt - [1005 octets] - [01/06/2014 12:02:55]
AdwCleaner[S3].txt - [1441 octets] - [01/06/2014 12:18:24]
AdwCleaner[S4].txt - [1731 octets] - [01/06/2014 12:36:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1791 octets] ##########
avatar
TaranisBsb
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 01/06/2014

Voltar ao Topo Ir em baixo

Re: Sweetpages - Já tentei usar o Adwcleaner e nada

Mensagem por Power Max em Dom 01 Jun 2014, 13:14

Olá. Poste, por gentileza, o relatório do Adwcleaner que está neste local abaixo:

C:\AdwCleaner\AdwCleaner[S0].txt

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Sweetpages - Já tentei usar o Adwcleaner e nada

Mensagem por TaranisBsb em Dom 01 Jun 2014, 13:19

Este aqui?

# AdwCleaner v3.211 - Report created 01/06/2014 at 11:30:41
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Gabriel - GABRIEL-PC
# Running from : C:\Users\Gabriel\Downloads\Programas\adwcleaner_3.211.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : IePluginServices

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\baidu
Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\WPM
Folder Deleted : C:\Program Files (x86)\LPT
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Program Files (x86)\WinZip Registry Optimizer
Folder Deleted : C:\Users\Gabriel\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Gabriel\AppData\Local\Smartbar
Folder Deleted : C:\Users\Gabriel\AppData\Local\Temp\Smartbar
Folder Deleted : C:\Users\Gabriel\AppData\Roaming\baidu
Folder Deleted : C:\Users\Gabriel\AppData\Roaming\sweet-page
Folder Deleted : C:\Users\Gabriel\AppData\Roaming\Systweak
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Gabriel\daemonprocess.txt

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKLM\Software\SupTab
Key Deleted : HKLM\Software\supWPM
Key Deleted : HKLM\Software\sweet-pageSoftware
Key Deleted : HKLM\Software\Wpm
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~1.DLL
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~2.DLL

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v35.0.1916.114

[ File : C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deleted [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deleted [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deleted [Startup_urls] : [Você precisa estar registrado e conectado para ver este link.]

*************************

AdwCleaner[R0].txt - [3112 octets] - [01/06/2014 11:30:06]
AdwCleaner[S0].txt - [2828 octets] - [01/06/2014 11:30:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2888 octets] ##########
avatar
TaranisBsb
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 01/06/2014

Voltar ao Topo Ir em baixo

Re: Sweetpages - Já tentei usar o Adwcleaner e nada

Mensagem por Power Max em Dom 01 Jun 2014, 13:22

 No seu PC está constando também a presença do Baidu. Você quer removê-lo ou continuar com ele?
___________________________________________________________________________________________

Desative temporariamente seu antivírus para evitar conflitos.

 Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Você precisa estar registrado e conectado para ver este link.]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Dom 01 Jun 2014, 15:59, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Sweetpages - Já tentei usar o Adwcleaner e nada

Mensagem por TaranisBsb em Dom 01 Jun 2014, 13:46

Eu quero retirar esse Baidu também. Fiz o que você postou, o relatório segue abaixo:


Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by Gabriel on 01/06/2014 at 13:27:48,72.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gabriel\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

01/06/2014 13:28:17 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\Gabriel\.android deleted
C:\PROGRA~3\boost_interprocess deleted
C:\Users\Gabriel\AppData\Local\cache deleted
C:\Windows\wininit.ini deleted
C:\Users\Gabriel\AppData\Roaming\unins000.exe deleted

==== Folders Found ======================

2014-06-01 14:30:41 2014-06-01 14:30:41 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-06-01 14:30:44 2014-06-01 14:30:44 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Gabriel\AppData\Roaming\baidu
2014-06-01 14:30:44 2014-06-01 14:30:44 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Gabriel\AppData\Roaming\baidu\Baidu Antivirus
2014-05-11 06:03:37 2014-05-11 06:03:37 -------- d-----w- C:\Program Files (x86)\Baidu Security
2014-05-11 06:03:37 2014-05-31 16:00:06 -------- d-----w- C:\Program Files (x86)\Baidu Security\Baidu Antivirus
2014-05-31 03:12:16 2014-06-01 14:58:39 -------- d-----w- C:\ProgramData\Baidu Security
2014-05-31 03:12:16 2014-06-01 14:58:39 -------- d-----w- C:\Users\All Users\Baidu Security

==== Files Found ======================


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\baidu]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"="C:\\ProgramData\\baidu\\commondll\\splitupload\\DllVersion_2.0\\FileSplitUpLoad.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"="http://sync.br.bav.baidu.com/cgi-bin/report_uu_msg_bavv2.cgi"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdCameraProtect64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdCameraProtect64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdCameraProtect64.sys"

[HKEY_USERS\.DEFAULT\Software\Baidu]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

[HKEY_USERS\S-1-5-21-2685067900-1822866205-979970078-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-2685067900-1822866205-979970078-1000\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-21-2685067900-1822866205-979970078-1000\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-21-2685067900-1822866205-979970078-1000\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-2685067900-1822866205-979970078-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Users\\Gabriel\\AppData\\Local\\Temp\\~nsu.tmp\\Au_.exe"="Baidu Antivirus Uninstall"

[HKEY_USERS\S-1-5-21-2685067900-1822866205-979970078-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Users\\Gabriel\\AppData\\Local\\Temp\\~nsu.tmp\\Au_.exe"="Baidu Antivirus Uninstall"

[HKEY_USERS\S-1-5-18\Software\Baidu]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
jfmjfhklogoienhpfnppmbcbjfjnkonk - No path found[]

Google Docs - Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Unfriend Alerts - Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgbeldbnadmemecalekdfnffgobkpafc
Google Mail Checker - Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff
Google Wallet - Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
GBBD Caixa Economica Federal - Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi
Gmail - Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\aTube Catcher.lnk - D:\Programas\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\DAEMON Tools Pro.lnk - C:\Program Files (x86)\DAEMON Tools Pro\DTPro.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Hearthstone.lnk - C:\Hearthstone\Hearthstone Beta Launcher.exe
C:\Users\Public\Desktop\iTunes.lnk - D:\Programas\iTunes.exe
C:\Users\Public\Desktop\Protect.lnk - C:\Program Files (x86)\GVT\trigger.exe --open-launchpad --operator-id 51855
C:\Users\Public\Desktop\RealPlayer.lnk - C:\Program Files (x86)\Real\RealPlayer\realplay.exe /launch:desktop
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe
C:\Users\Public\Desktop\Steam.lnk - D:\Jogos\Steam\Steam.exe
C:\Users\Public\Desktop\Wireless Connection Manager.lnk - C:\Program Files (x86)\D-Link\RangeBooster G WUA-2340\AirPlusCFG.exe
C:\Users\Public\Desktop\World of Warcraft.lnk - C:\World of Warcraft\World of Warcraft Launcher.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk - C:\Users\Gabriel\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff
C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - D:\Jogos\Steam\Steam.exe
C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files (x86)\WinRAR\Rar.txt
C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt
C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm
C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AB0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk - C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk - C:\Windows\ehome\ehshell.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk - C:\Windows\system32\printmanagement.msc
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher\aTube Catcher.lnk - D:\Programas\aTube Catcher 2.0\yct.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net\Battle.net.lnk - C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link\RangeBooster G WUA-2340\Connection Wizard.lnk - C:\Program Files (x86)\D-Link\RangeBooster G WUA-2340\D-Link Wizard.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link\RangeBooster G WUA-2340\Uninstall.lnk - C:\Program Files (x86)\InstallShield Installation Information\{188CEE76-0503-4910-A845-E1DC45685DA0}\setup.exe -runfromtemp -l0x0009
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link\RangeBooster G WUA-2340\Wireless Connection Manager.lnk - C:\Program Files (x86)\D-Link\RangeBooster G WUA-2340\AirPlusCFG.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\DAEMON Tools Pro.lnk - C:\Program Files (x86)\DAEMON Tools Pro\DTPro.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\DTGadget.lnk - C:\Program Files (x86)\DAEMON Tools Pro\DT.gadget
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\Image Editor.lnk - C:\Program Files (x86)\DAEMON Tools Pro\DTImgEditor.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Chess.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Backgammon.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Checkers.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Spades.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Mahjong.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\TERA.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\World of Warcraft™.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GVT\Protect.lnk - C:\Program Files (x86)\GVT\trigger.exe --open-launchpad --operator-id 51855
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GVT\Support Tool.lnk - C:\Program Files (x86)\GVT\diagnostics\fsdiag.exe /OPERATORID:51855
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone\Hearthstone.lnk - C:\Hearthstone\Hearthstone Beta Launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel Control Center.lnk - C:\Program Files (x86)\Intel\Intel Control Center\IntelControlCenter.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Rapid Storage Technology.lnk - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Management Engine Components\Intel(R) Management and Security Status.lnk - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk - D:\Programas\iTunes.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Sobre o iTunes.lnk - D:\Programas\iTunes.Resources\pt.lproj\About iTunes.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\accicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Enviar para o OneNote 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\joticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\xlicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Designer 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\inficon.exe /design
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Filler 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\inficon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Lync 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\lyncicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneDrive for Business 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\grv_icons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\joticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\outicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\pptico.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\pubs.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\wordicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Centro de Carregamento do Office 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\msouc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Database Compare 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\dbcicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Gerenciador de Gravação do Lync.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Log de Telemetria do Office 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\osmclienticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Painel de Telemetria do Office 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\osmadminicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Preferências de Idioma do Office 2013.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Spreadsheet Compare 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\sscicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe /show
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Disable 3D Vision.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe /disable
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Enable 3D Vision.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe /enable
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Converter.lnk - C:\Program Files (x86)\Real\RealPlayer\realconverter.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Trimmer.lnk - C:\Program Files (x86)\Real\RealPlayer\realtrimmer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer.lnk - C:\Program Files (x86)\Real\RealPlayer\realplay.exe /launch:start_menu
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - D:\Jogos\Steam\Steam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk - C:\Program Files (x86)\VideoLAN\VLC\Documentation.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk - C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk - C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --reset-config --reset-plugins-cache [Você precisa estar registrado e conectado para ver este link.]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe -Iskins
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files (x86)\WinRAR\Rar.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft\Faturamento de conta.lnk - C:\World of Warcraft\Data\ptBR\AccountBilling.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft\Suporte técnico da Blizzard.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft\World of Warcraft.lnk - C:\World of Warcraft\World of Warcraft Launcher.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE /recycle
C:\Users\Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyOverride"="*.local"
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gabriel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gabriel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Gabriel\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=12 folders=22 997036 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Gabriel\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Gabriel\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found

==== EOF on 01/06/2014 at 13:44:22,15 ======================
avatar
TaranisBsb
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 01/06/2014

Voltar ao Topo Ir em baixo

Re: Sweetpages - Já tentei usar o Adwcleaner e nada

Mensagem por Power Max em Dom 01 Jun 2014, 15:57

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Dom 01 Jun 2014, 20:11, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Sweetpages - Já tentei usar o Adwcleaner e nada

Mensagem por TaranisBsb em Dom 01 Jun 2014, 19:55

Não consegui pegar naquele endereço que você forneceu, mas eu salvei o log que apareceu ao fim. Segue abaixo:


Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by Gabriel on 01/06/2014 at 19:42:45,09.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gabriel\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-01-164422.log 28347 bytes

==== System Restore Info ======================

01/06/2014 19:43:33 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BdCameraProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BdCameraProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BdApiUtil deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BdApiUtil deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdCameraProtect]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdCameraProtect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdCameraProtect]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdCameraProtect]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdCameraProtect]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdCameraProtect]
[-HKEY_USERS\.DEFAULT\Software\Baidu]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\S-1-5-21-2685067900-1822866205-979970078-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-2685067900-1822866205-979970078-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-2685067900-1822866205-979970078-1000\Software\Baidu Security\Antivirus\web]
[-HKEY_USERS\S-1-5-21-2685067900-1822866205-979970078-1000\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-21-2685067900-1822866205-979970078-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Users\\Gabriel\\AppData\\Local\\Temp\\~nsu.tmp\\Au_.exe"=-
[HKEY_USERS\S-1-5-21-2685067900-1822866205-979970078-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Users\\Gabriel\\AppData\\Local\\Temp\\~nsu.tmp\\Au_.exe"=-
[-HKEY_USERS\S-1-5-18\Software\Baidu]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\Baidu Security deleted
C:\ProgramData\Baidu Security deleted

==== Folders Found ======================

2014-06-01 14:30:41 2014-06-01 14:30:41 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-06-01 14:30:44 2014-06-01 14:30:44 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Gabriel\AppData\Roaming\baidu
2014-06-01 14:30:44 2014-06-01 14:30:44 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Gabriel\AppData\Roaming\baidu\Baidu Antivirus
2014-06-01 22:44:15 2014-06-01 22:44:15 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security
2014-06-01 22:44:15 2014-06-01 22:44:15 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus
2014-06-01 22:44:15 2014-06-01 14:58:39 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-06-01 22:44:15 2014-06-01 14:58:39 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-06-01 22:44:15 2014-06-01 22:44:15 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus

==== Files Found ======================


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\baidu]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=14 folders=27 3046072 bytes)

==== EOF on 01/06/2014 at 19:45:25,21 ======================
avatar
TaranisBsb
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 01/06/2014

Voltar ao Topo Ir em baixo

Re: Sweetpages - Já tentei usar o Adwcleaner e nada

Mensagem por Power Max em Dom 01 Jun 2014, 20:10

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Dom 01 Jun 2014, 20:17, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Sweetpages - Já tentei usar o Adwcleaner e nada

Mensagem por TaranisBsb em Dom 01 Jun 2014, 20:15

Aqui o resultado.

Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by Gabriel on 01/06/2014 at 20:13:38,03.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gabriel\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-01-164422.log 28347 bytes
C:\zoek-results2014-06-01-224525.log 6083 bytes

==== System Restore Info ======================

01/06/2014 20:13:58 Zoek.exe System Restore Point Created Succesfully.

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

==== Registry Search Results for "Baidu" ======================

No instances of string "Baidu" found.

==== C:\zoek_backup content ======================

C:\zoek_backup (files=14 folders=27 3046072 bytes)

==== EOF on 01/06/2014 at 20:14:22,15 ======================
avatar
TaranisBsb
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 01/06/2014

Voltar ao Topo Ir em baixo

Re: Sweetpages - Já tentei usar o Adwcleaner e nada

Mensagem por Power Max em Dom 01 Jun 2014, 20:17

Baixe o programa Junkware Removal Tool no link abaixo:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

Tutorial do Junkware Removal Tool

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Sweetpages - Já tentei usar o Adwcleaner e nada

Mensagem por TaranisBsb em Dom 01 Jun 2014, 20:34

Certo. Aqui está.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by Gabriel on 01/06/2014 at 20:24:04,10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01/06/2014 at 20:32:53,34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
avatar
TaranisBsb
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 01/06/2014

Voltar ao Topo Ir em baixo

Re: Sweetpages - Já tentei usar o Adwcleaner e nada

Mensagem por Power Max em Dom 01 Jun 2014, 20:35

Faça o download do < ZHPDiag2.exe > < [Você precisa estar registrado e conectado para ver esta imagem.]> ( ... de Nicolas Coolman )

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

Tutorial de instalação e execução do aplicativo ZHPDiag

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Sweetpages - Já tentei usar o Adwcleaner e nada

Mensagem por TaranisBsb em Dom 01 Jun 2014, 20:46

Aqui.

~ Relatório do ZHPDiag v2014.5.30.78 - Nicolas Coolman (30/05/2014)
~ Iniciado por Gabriel (01/06/2014 20:44:10)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão : Nova Versão disponivel
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17107
GCIE: Google Chrome v35.0.1916.114 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : Absent (Not found)
Windows ID Activation : Inconnue (Unknown)
Windows Licence : Inconnue (Unknown)
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Computer Security 12.77.101.0
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Reader XI

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8098 MB (63% free)
System Restore: Activé (Enable)
System drive C: has 4 GB (4%) free of 78 GB

---\\ Modo de conexão ao sistema
~ Computer Name: GABRIEL-PC
~ User Name: Gabriel
~ All Users Names: Guest, Gabriel, Administrator,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Gabriel\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Gabriel\AppData\Roaming\
~ %Desktop% : C:\Users\Gabriel\Desktop\
~ %Favorites% : C:\Users\Gabriel\Favorites\
~ %LocalAppData% : C:\Users\Gabriel\AppData\Local\
~ %StartMenu% : C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 4 Go of 78 Go)
D: Hard drive, Flash drive, Thumb drive (Free 1723 Go of 1785 Go)
E: CD-ROM drive (Free 0 Go of 1 Go)
F: Hard drive, Flash drive, Thumb drive (Free 11 Go of 699 Go)



---\\ Estado do Centro de Segurança do Windows
~ Security Center: 44 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 03:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Windows Start-Up Application.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.F220BA78AB542C70211D73AE4729B2CD] - (.Microsoft Corporation - Internet Extensions for Win32.) (.09/05/2014 - 01:52:06.) -- C:\Windows\System32\wininet.dll [2260480]
[MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Windows Logon Application.) (.04/03/2014 - 06:43:50.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Software Licensing Library.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.27/09/2013 - 22:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - i8042 Port Driver.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - NT File System Driver.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Parallel Port Driver.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 00:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Volume Shadow Copy Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/18032
~ Mes musiques (My Musics) : 1/9
~ Mes Videos (My Videos) : 1/214
~ Mes Favoris (My Favorites) : 1/19
~ Mes Documents (My Documents) : 1/35
~ Mon Bureau (My Desktop) : 1/4
~ Menu demarrer (Programs) : 1/29
~ Hidden Files: Scanned in 00mn 01s



---\\ Processos lançados
[MD5.5EA707336336DDFADE5FD3726CEA1523] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840] [PID.3576]
[MD5.D7C56CB89EF04A8D0544023FA12045FF] - (.DT Soft Ltd - DAEMON Tools Shell Extensions Helper.) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe [2748112] [PID.3972]
[MD5.094E4E76FB9AB960A73F841BC6733F42] - (.Intel Corporation - iusb3mon.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848] [PID.4160]
[MD5.A05602FCF939A0A051D0CDF8C5CEDA98] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296096] [PID.4168]
[MD5.4E3B9E4D292232D9BB01288D961C5BC2] - (.D-Link - D-Link Wireless LAN Monitor.) -- C:\Program Files (x86)\D-Link\RangeBooster G WUA-2340\AirPlusCFG.exe [1667072] [PID.4180]
[MD5.6AFD3970A41F48306874DB23991A4955] - (.Wireless Service - ANIWZCS2 launcher for Windows..) -- C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe [49152] [PID.4228]
[MD5.A0F2C92F410EBAE832DFE507C7E4D6FA] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files (x86)\GVT\fshoster32.exe [188400] [PID.1992]
[MD5.5DF9D84032F52FBD736DA2AC6ABE860D] - (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files (x86)\GVT\apps\ComputerSecurity\Common\FSM32.exe [310208] [PID.4244]
[MD5.D2E3E6D94A9E1CFA1561D9C748136FD0] - (.Apple Inc. - iTunesHelper.) -- D:\Programas\iTunesHelper.exe [152392] [PID.4336]
[MD5.3D45AD2B246B90DBD3E6F213E7AEBF64] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592] [PID.5732]
[MD5.1620FE36666F4BBC2314B7F360FB1965] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488] [PID.61172]
[MD5.6D652B06EB3916DC41A9DBBBC4EDEED1] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8020480] [PID.69864]
[MD5.CDA9313E34887A111B8309B55BCDCD82] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [411936] [PID.944]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1724]
[MD5.221564CC7BE37611FE15EACF443E1BF6] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336] [PID.1860]
[MD5.BBF8F831C7720DD5135D8C4C8325187A] - (...) -- C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728] [PID.1912]
[MD5.C67B42683036A503A2123EBEE9220AAA] - (.F-Secure Corporation - F-Secure ORSP Service.) -- C:\Program Files (x86)\GVT\apps\CCF_Reputation\fsorsp.exe [61176] [PID.1216]
[MD5.C0F5A63472D8A67B919C3A38D84A80C0] - (.F-Secure Corporation - F-Secure Gatekeeper Handler 32-bit.) -- C:\Program Files (x86)\GVT\apps\ComputerSecurity\Anti-Virus\FSGK32.exe [679464] [PID.1764]
[MD5.C50CD479FD1BB886244E2663DFFBCF6A] - (.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888] [PID.2004]
[MD5.480F368D8AD18D57A0A9F4B562A00A84] - (.F-Secure Corporation - F-Secure Management Agent.) -- C:\Program Files (x86)\GVT\apps\ComputerSecurity\Common\FSMA32.exe [207808] [PID.2808]
[MD5.22B759B44B8E9C7DB504993E38AC2AE8] - (.F-Secure Corporation - F-Secure Scanner Manager 32-bit.) -- C:\Program Files (x86)\GVT\apps\ComputerSecurity\Anti-Virus\fssm32.exe [1227304] [PID.2864]
[MD5.20E83F4632E15A5E9E716FF2E8AC7FAE] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720] [PID.5504]
[MD5.52069AEB42D3D0F97CBCA1085EBF55E6] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432] [PID.5140]
[MD5.08E2B577DB95156F9A658C988EE71F5D] - (.Intel Corporation - Intel(R) Local Management Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [390616] [PID.340]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 16 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/cef] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Gabriel\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll
~ Firefox Browser: 3 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
O4 - HKLM\..\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (.not file.)
O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\Windows\system32\nvspcap64.dll
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] . (.DT Soft Ltd - DAEMON Tools Pro Agent.) -- C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [IMSS] . (.Intel Corporation - PIcon startup utility.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - iusb3mon.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe =>.RealNetworks, Inc
O4 - HKLM\..\Wow6432Node\Run: [D-Link RangeBooster G WUA-2340] . (.D-Link - D-Link Wireless LAN Monitor.) -- C:\Program Files (x86)\D-Link\RangeBooster G WUA-2340\AirPlusCFG.exe
O4 - HKLM\..\Wow6432Node\Run: [ANIWZCS2Service] . (.Wireless Service - ANIWZCS2 launcher for Windows..) -- C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Wow6432Node\Run: [F-Secure Hoster (51855)] . (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files (x86)\GVT\fshoster32.exe
O4 - HKLM\..\Wow6432Node\Run: [F-Secure Manager] . (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files (x86)\GVT\apps\ComputerSecurity\Common\FSM32.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- D:\Programas\iTunesHelper.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2685067900-1822866205-979970078-1000\..\Run: [DAEMON Tools Pro Agent] . (.DT Soft Ltd - DAEMON Tools Pro Agent.) -- C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
~ Application: Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office15\ONBttnIE.dll (.not file.)
O9 - Extra button: Clique para Telefonar do Lync [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office15\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{771C0417-EFB0-418D-9320-8F515CEBC7A1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{771C0417-EFB0-418D-9320-8F515CEBC7A1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{771C0417-EFB0-418D-9320-8F515CEBC7A1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Tarefas planificadas automaticamente (039)
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1066]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1070]
O39 - APT: - (..) -- C:\Windows\Tasks\ReclaimerUpdateFiles_Gabriel.job [378]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Gabriel [378]
O39 - APT: - (..) -- C:\Windows\Tasks\ReclaimerUpdateXML_Gabriel.job [374]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\ReclaimerUpdateXML_Gabriel [374]
O39 - APT: - (..) -- C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Gabriel.job [384]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_Gabriel [384]
~ Scheduled Task: 16 Legitimates Filtered in 00mn 02s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (fsvista) . (...) - C:\Program Files (x86)\GVT\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys
~ Drivers: 78 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: Daylight - (.Zombie Studios.) [HKLM][64Bits] -- Steam App 230840
O42 - Logiciel: GBBD Caixa Economica Federal - (...) [HKLM][64Bits] -- {5d01f486-f32d-462e-8830-cc1d116e8ece}_is1
~ Logic: 21 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\GbAs]
[HKLM\Software\Baidu Security]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab
~ Key Software: 222 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 11/05/2014 - 13:12:35 - [] ----D C:\Program Files (x86)\GVT
~ Program Folder: 127 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.AC1C5202355616088CECC39B86C54C76] - 01/06/2014 - 13:44:22 ---A- . (...) -- C:\zoek-results2014-06-01-164422.log [28347]
O44 - LFC:[MD5.DAA86266B3260BEB416B67E27A445145] - 01/06/2014 - 19:45:25 ---A- . (...) -- C:\zoek-results2014-06-01-224525.log [6083]
O44 - LFC:[MD5.3419A970FBCD95015063826ECA3CFE24] - 01/06/2014 - 20:14:22 ---A- . (...) -- C:\zoek-results.log [1242]
O44 - LFC:[MD5.2465EBC8CD6E412CDC1AB9FEF40BCAE6] - 21/05/2014 - 01:51:21 ---A- . (...) -- C:\Windows\win.ini [478]
O44 - LFC:[MD5.BC9F8BE4A28203AB291977442BE409C7] - 31/05/2014 - 19:57:09 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [20832]
O44 - LFC:[MD5.BC9F8BE4A28203AB291977442BE409C7] - 31/05/2014 - 19:57:10 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [20832]
~ Files: 15 Legitimates Filtered in 00mn 30s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{bebe604b-d725-11e3-aaf7-e03f49e3e7a9}\AutoRun\command. (.Microsoft Corporation - Microsoft Setup Bootstrapper.) -- E:\SETUP.exe
~ Keys: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:09/05/2014 - 00:03:22 ---A- . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\Drivers\dtsoftbus01.sys [283200]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:17/05/2014 - 09:39:44 ---A- . (...) -- C:\Windows\System32\Drivers\fsbts.sys [56016]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:22/08/2012 - 14:54:10 ---A- . (...) -- C:\Windows\SysWOW64\drivers\AsIO.sys [15232]
O58 - SDL:02/04/2009 - 17:30:14 ---A- . (...) -- C:\Windows\SysWOW64\drivers\ASUSHWIO.SYS [10296]
O58 - SDL:17/05/2014 - 09:32:04 ---A- . (...) -- C:\Windows\SysWOW64\drivers\fsbts.sys [41024]
~ Drivers: 60 Legitimates Filtered in 00mn 00s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.CBFAD3D8978639FE20AAD0D7793F00C0] [SPRF][10/05/2014] (...) -- C:\Users\Gabriel\AppData\Roaming\unins000.dat [15897]
~ Files: 1 Legitimates Filtered in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{59F3F970-A65B-46E8-A680-C6D54CE5190E}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\Gabriel\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{283E954D-BE40-42D3-A469-18D92C081515}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\Gabriel\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 01/06/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 01/06/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 27/08/2013 828376 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SS - | Demand 19/05/2008 954368 | (jswpsapi) . (.Atheros Communications, Inc..) - C:\Program Files (x86)\D-Link\RangeBooster G WUA-2340\JSWUtilVst\jswpsapi.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 23/04/2014 572096 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SR - | Auto 05/09/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 12/02/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 07/05/2013 936728 | (asComSvc) . (...) - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 18/01/2013 188400 | (fshoster) . (.F-Secure Corporation.) - C:\Program Files (x86)\GVT\fshoster32.exe
SR - | Demand 20/08/2013 207808 | (FSMA) . (.F-Secure Corporation.) - C:\Program Files (x86)\GVT\apps\ComputerSecurity\Common\FSMA32.exe
SR - | Auto 06/08/2012 61176 | (FSORSPClient) . (.F-Secure Corporation.) - C:\Program Files (x86)\GVT\apps\CCF_Reputation\fsorsp.exe
SR - | Auto 07/08/2013 15720 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 27/08/2013 747520 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Demand 26/05/2014 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 16/09/2013 169432 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 16/09/2013 390616 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 30/04/2014 1618888 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - | Auto 30/04/2014 21009352 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SR - | Auto 04/03/2014 922968 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 04/03/2014 411936 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 04s



---\\ Scâner Aditional (088)
Database Version : 13026 - (30/05/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1

[HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab^
~ Additionnel Scan: 230189 Items scanned in 00mn 07s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.] =>PUP.SupTab
~ MSI: 1 link(s) detected in 00mn 00s



~ 679 Legitimates filtered by white list
End of the scan (400 lines in 01mn 02s)(0)
avatar
TaranisBsb
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 01/06/2014

Voltar ao Topo Ir em baixo

Re: Sweetpages - Já tentei usar o Adwcleaner e nada

Mensagem por Power Max em Dom 01 Jun 2014, 21:02

 Sugiro que desinstale o Bonjour, que é desnecessário.
_________________________________________________________________________________________________________________

 Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:

Escolhendo Programas que Iniciam com o PC

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC agora e de tempos em tempos.
____________________________________________________________________________________________________________________

 Acesse o site [Você precisa estar registrado e conectado para ver este link.] e envie este arquivo destacado em azul abaixo para ser analisado:

C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Gabriel.job
C:\Windows\Tasks\ReclaimerUpdateXML_Gabriel.job
C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Gabriel
C:\Windows\Tasks\ReclaimerUpdateFiles_Gabriel.job

Assim que a análise dele for concluída, copie o link que aparecerá na barra de endereços de seu navegador e poste estes links em sua próxima resposta juntamente com o relatório do ZHPFix pedido abaixo nesta postagem.

Maiores informações de como analisar arquivos no site Virus Total você encontra neste tutorial:

Analise arquivos e links suspeitos de forma online e totalmente gratuita
_____________________________________________________________________________________________________________________

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta juntamente com os links das análises dos arquivos no site Virus Total.


Última edição por Power Max em Dom 01 Jun 2014, 22:23, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Sweetpages - Já tentei usar o Adwcleaner e nada

Mensagem por TaranisBsb em Dom 01 Jun 2014, 21:38

Acho que consegui pegar estes links corretamente. A página inicial do Google está estranha, com aqueles links que mais usamos abaixo da barra de pesquisa? Tem a ver com este vírus do Sweetpage também?

Links:

[Você precisa estar registrado e conectado para ver este link.]

[Você precisa estar registrado e conectado para ver este link.]

[Você precisa estar registrado e conectado para ver este link.]

[Você precisa estar registrado e conectado para ver este link.]


Relatório:

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Gabriel at 01/06/2014 21:36:04
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 64-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 01s)
Reparação de atalhos do navegador

========== Chaves do Registo ==========
ELIMINÉ:* HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\SupDp

========== Valores do Registo ==========
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ Temporários windows (117) (1.761.819 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
2 : Chaves do Registo
6 : Valores do Registo
1 : Pastas
2 : Ficheiros
1 : Restauração Sistema


End of clean in 00mn 12s

========== Caminho do ficheiro do relatório ==========
C:\Users\Gabriel\AppData\Roaming\ZHP\ZHPFix[R1].txt - 01/06/2014 21:36:06 [1190]
avatar
TaranisBsb
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 01/06/2014

Voltar ao Topo Ir em baixo

Re: Sweetpages - Já tentei usar o Adwcleaner e nada

Mensagem por Power Max em Dom 01 Jun 2014, 22:00

Abra novamente o ( ZHPDiag )

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Você precisa estar registrado e conectado para ver esta imagem.]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Sweetpages - Já tentei usar o Adwcleaner e nada

Mensagem por TaranisBsb em Dom 01 Jun 2014, 22:20

O relatório:

~ Relatório do ZHPDiag v2014.5.30.78 - Nicolas Coolman (30/05/2014)
~ Iniciado por Gabriel (01/06/2014 22:16:01)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão : Nova Versão disponivel
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17107
GCIE: Google Chrome v35.0.1916.114 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : Absent (Not found)
Windows ID Activation : Inconnue (Unknown)
Windows Licence : Inconnue (Unknown)
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Computer Security 12.77.101.0
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema
CCleaner v4.14

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Reader XI

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8098 MB (60% free)
System Restore: Activé (Enable)
System drive C: has 5 GB (6%) free of 78 GB

---\\ Modo de conexão ao sistema
~ Computer Name: GABRIEL-PC
~ User Name: Gabriel
~ All Users Names: Guest, Gabriel, Administrator,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Gabriel\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Gabriel\AppData\Roaming\
~ %Desktop% : C:\Users\Gabriel\Desktop\
~ %Favorites% : C:\Users\Gabriel\Favorites\
~ %LocalAppData% : C:\Users\Gabriel\AppData\Local\
~ %StartMenu% : C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 5 Go of 78 Go)
D: Hard drive, Flash drive, Thumb drive (Free 1723 Go of 1785 Go)
E: CD-ROM drive (Free 0 Go of 1 Go)
F: Hard drive, Flash drive, Thumb drive (Free 11 Go of 699 Go)



---\\ Estado do Centro de Segurança do Windows
~ Security Center: 44 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 03:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Windows Start-Up Application.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.F220BA78AB542C70211D73AE4729B2CD] - (.Microsoft Corporation - Internet Extensions for Win32.) (.09/05/2014 - 01:52:06.) -- C:\Windows\System32\wininet.dll [2260480]
[MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Windows Logon Application.) (.04/03/2014 - 06:43:50.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Software Licensing Library.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.27/09/2013 - 22:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - i8042 Port Driver.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - NT File System Driver.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Parallel Port Driver.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 00:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Volume Shadow Copy Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/18041
~ Mes musiques (My Musics) : 1/9
~ Mes Videos (My Videos) : 1/214
~ Mes Favoris (My Favorites) : 1/19
~ Mes Documents (My Documents) : 1/41
~ Mon Bureau (My Desktop) : 1/5
~ Menu demarrer (Programs) : 1/29
~ Hidden Files: Scanned in 00mn 01s



---\\ Processos lançados
[MD5.5EA707336336DDFADE5FD3726CEA1523] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840] [PID.3576]
[MD5.D7C56CB89EF04A8D0544023FA12045FF] - (.DT Soft Ltd - DAEMON Tools Shell Extensions Helper.) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe [2748112] [PID.3972]
[MD5.094E4E76FB9AB960A73F841BC6733F42] - (.Intel Corporation - iusb3mon.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848] [PID.4160]
[MD5.A05602FCF939A0A051D0CDF8C5CEDA98] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296096] [PID.4168]
[MD5.4E3B9E4D292232D9BB01288D961C5BC2] - (.D-Link - D-Link Wireless LAN Monitor.) -- C:\Program Files (x86)\D-Link\RangeBooster G WUA-2340\AirPlusCFG.exe [1667072] [PID.4180]
[MD5.6AFD3970A41F48306874DB23991A4955] - (.Wireless Service - ANIWZCS2 launcher for Windows..) -- C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe [49152] [PID.4228]
[MD5.A0F2C92F410EBAE832DFE507C7E4D6FA] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files (x86)\GVT\fshoster32.exe [188400] [PID.1992]
[MD5.5DF9D84032F52FBD736DA2AC6ABE860D] - (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files (x86)\GVT\apps\ComputerSecurity\Common\FSM32.exe [310208] [PID.4244]
[MD5.D2E3E6D94A9E1CFA1561D9C748136FD0] - (.Apple Inc. - iTunesHelper.) -- D:\Programas\iTunesHelper.exe [152392] [PID.4336]
[MD5.3D45AD2B246B90DBD3E6F213E7AEBF64] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592] [PID.5732]
[MD5.1620FE36666F4BBC2314B7F360FB1965] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488] [PID.72700]
[MD5.6D652B06EB3916DC41A9DBBBC4EDEED1] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8020480] [PID.72412]
[MD5.CDA9313E34887A111B8309B55BCDCD82] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [411936] [PID.944]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1724]
[MD5.221564CC7BE37611FE15EACF443E1BF6] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336] [PID.1860]
[MD5.BBF8F831C7720DD5135D8C4C8325187A] - (...) -- C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728] [PID.1912]
[MD5.C67B42683036A503A2123EBEE9220AAA] - (.F-Secure Corporation - F-Secure ORSP Service.) -- C:\Program Files (x86)\GVT\apps\CCF_Reputation\fsorsp.exe [61176] [PID.1216]
[MD5.C0F5A63472D8A67B919C3A38D84A80C0] - (.F-Secure Corporation - F-Secure Gatekeeper Handler 32-bit.) -- C:\Program Files (x86)\GVT\apps\ComputerSecurity\Anti-Virus\FSGK32.exe [679464] [PID.1764]
[MD5.C50CD479FD1BB886244E2663DFFBCF6A] - (.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888] [PID.2004]
[MD5.480F368D8AD18D57A0A9F4B562A00A84] - (.F-Secure Corporation - F-Secure Management Agent.) -- C:\Program Files (x86)\GVT\apps\ComputerSecurity\Common\FSMA32.exe [207808] [PID.2808]
[MD5.22B759B44B8E9C7DB504993E38AC2AE8] - (.F-Secure Corporation - F-Secure Scanner Manager 32-bit.) -- C:\Program Files (x86)\GVT\apps\ComputerSecurity\Anti-Virus\fssm32.exe [1227304] [PID.2864]
[MD5.20E83F4632E15A5E9E716FF2E8AC7FAE] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720] [PID.5504]
[MD5.52069AEB42D3D0F97CBCA1085EBF55E6] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432] [PID.5140]
[MD5.08E2B577DB95156F9A658C988EE71F5D] - (.Intel Corporation - Intel(R) Local Management Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [390616] [PID.340]
[MD5.30B5F9FB0C35AE6B4A0851D24CE2EE8B] - (.Microsoft Corporation - Office Source Engine.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.exe [150600] [PID.72040]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 16 Legitimates Filtered in 00mn 01s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/cef] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Gabriel\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll
~ Firefox Browser: 3 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (.not file.)
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Wow6432Node\Run: [IMSS] . (.Intel Corporation - PIcon startup utility.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - iusb3mon.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
O4 - HKLM\..\Wow6432Node\Run: [D-Link RangeBooster G WUA-2340] . (.D-Link - D-Link Wireless LAN Monitor.) -- C:\Program Files (x86)\D-Link\RangeBooster G WUA-2340\AirPlusCFG.exe
O4 - HKLM\..\Wow6432Node\Run: [F-Secure Hoster (51855)] . (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files (x86)\GVT\fshoster32.exe
O4 - HKLM\..\Wow6432Node\Run: [F-Secure Manager] . (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files (x86)\GVT\apps\ComputerSecurity\Common\FSM32.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office15\ONBttnIE.dll (.not file.)
O9 - Extra button: Clique para Telefonar do Lync [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office15\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{771C0417-EFB0-418D-9320-8F515CEBC7A1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{771C0417-EFB0-418D-9320-8F515CEBC7A1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{771C0417-EFB0-418D-9320-8F515CEBC7A1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Tarefas planificadas automaticamente (039)
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1066]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1070]
O39 - APT: - (..) -- C:\Windows\Tasks\ReclaimerUpdateFiles_Gabriel.job [378]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Gabriel [378]
O39 - APT: - (..) -- C:\Windows\Tasks\ReclaimerUpdateXML_Gabriel.job [374]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\ReclaimerUpdateXML_Gabriel [374]
O39 - APT: - (..) -- C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Gabriel.job [384]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_Gabriel [384]
~ Scheduled Task: 17 Legitimates Filtered in 00mn 00s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (fsvista) . (...) - C:\Program Files (x86)\GVT\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys
~ Drivers: 78 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: Daylight - (.Zombie Studios.) [HKLM][64Bits] -- Steam App 230840
O42 - Logiciel: GBBD Caixa Economica Federal - (...) [HKLM][64Bits] -- {5d01f486-f32d-462e-8830-cc1d116e8ece}_is1
~ Logic: 21 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\GbAs]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
~ Key Software: 222 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 11/05/2014 - 13:12:35 - [] ----D C:\Program Files (x86)\GVT
~ Program Folder: 126 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.AC1C5202355616088CECC39B86C54C76] - 01/06/2014 - 13:44:22 ---A- . (...) -- C:\zoek-results2014-06-01-164422.log [28347]
O44 - LFC:[MD5.DAA86266B3260BEB416B67E27A445145] - 01/06/2014 - 19:45:25 ---A- . (...) -- C:\zoek-results2014-06-01-224525.log [6083]
O44 - LFC:[MD5.3419A970FBCD95015063826ECA3CFE24] - 01/06/2014 - 20:14:22 ---A- . (...) -- C:\zoek-results.log [1242]
O44 - LFC:[MD5.2465EBC8CD6E412CDC1AB9FEF40BCAE6] - 21/05/2014 - 01:51:21 ---A- . (...) -- C:\Windows\win.ini [478]
O44 - LFC:[MD5.BC9F8BE4A28203AB291977442BE409C7] - 31/05/2014 - 19:57:09 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [20832]
O44 - LFC:[MD5.BC9F8BE4A28203AB291977442BE409C7] - 31/05/2014 - 19:57:10 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [20832]
~ Files: 14 Legitimates Filtered in 00mn 01s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{bebe604b-d725-11e3-aaf7-e03f49e3e7a9}\AutoRun\command. (.Microsoft Corporation - Microsoft Setup Bootstrapper.) -- E:\SETUP.exe
~ Keys: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\ANIWZCS2Service [Key] . (.Wireless Service - ANIWZCS2 launcher for Windows..) -- C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
~ SMSR Keys: 7 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:09/05/2014 - 00:03:22 ---A- . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\Drivers\dtsoftbus01.sys [283200]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:17/05/2014 - 09:39:44 ---A- . (...) -- C:\Windows\System32\Drivers\fsbts.sys [56016]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:22/08/2012 - 14:54:10 ---A- . (...) -- C:\Windows\SysWOW64\drivers\AsIO.sys [15232]
O58 - SDL:02/04/2009 - 17:30:14 ---A- . (...) -- C:\Windows\SysWOW64\drivers\ASUSHWIO.SYS [10296]
O58 - SDL:17/05/2014 - 09:32:04 ---A- . (...) -- C:\Windows\SysWOW64\drivers\fsbts.sys [41024]
~ Drivers: 60 Legitimates Filtered in 00mn 00s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.CBFAD3D8978639FE20AAD0D7793F00C0] [SPRF][10/05/2014] (...) -- C:\Users\Gabriel\AppData\Roaming\unins000.dat [15897]
~ Files: 1 Legitimates Filtered in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{59F3F970-A65B-46E8-A680-C6D54CE5190E}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\Gabriel\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{283E954D-BE40-42D3-A469-18D92C081515}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\Gabriel\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 01/06/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 01/06/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 27/08/2013 828376 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SS - | Demand 19/05/2008 954368 | (jswpsapi) . (.Atheros Communications, Inc..) - C:\Program Files (x86)\D-Link\RangeBooster G WUA-2340\JSWUtilVst\jswpsapi.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 23/04/2014 572096 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SR - | Auto 05/09/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 12/02/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 07/05/2013 936728 | (asComSvc) . (...) - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
SR - | Auto 18/01/2013 188400 | (fshoster) . (.F-Secure Corporation.) - C:\Program Files (x86)\GVT\fshoster32.exe
SR - | Demand 20/08/2013 207808 | (FSMA) . (.F-Secure Corporation.) - C:\Program Files (x86)\GVT\apps\ComputerSecurity\Common\FSMA32.exe
SR - | Auto 06/08/2012 61176 | (FSORSPClient) . (.F-Secure Corporation.) - C:\Program Files (x86)\GVT\apps\CCF_Reputation\fsorsp.exe
SR - | Auto 07/08/2013 15720 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 27/08/2013 747520 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Demand 26/05/2014 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 16/09/2013 169432 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 16/09/2013 390616 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 30/04/2014 1618888 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - | Auto 30/04/2014 21009352 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SR - | Auto 04/03/2014 922968 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 04/03/2014 411936 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 03s



---\\ Scâner Aditional (088)
Database Version : 13026 - (30/05/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

~ Additionnel Scan: 229609 Items scanned in 00mn 07s



---\\ Sumário das deteções encontradas na sua estação
~ MSI: 0 link(s) detected in 00mn 00s



~ 683 Legitimates filtered by white list
End of the scan (395 lines in 00mn 28s)(0)
avatar
TaranisBsb
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 01/06/2014

Voltar ao Topo Ir em baixo

Re: Sweetpages - Já tentei usar o Adwcleaner e nada

Mensagem por Power Max em Dom 01 Jun 2014, 22:22

Como está o PC?

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Sweetpages - Já tentei usar o Adwcleaner e nada

Mensagem por TaranisBsb em Dom 01 Jun 2014, 22:31

Acredito que o Sweetpages e esse tal de Baidu foram permanentemente removidos, mas a página inicial do Chrome está diferente. Ela não era assim. Estou anexando uma imagem e enviando.

No mais, o pc parece estar bom. Isso significa que a máquina está segura novamente? Posso acessar minhas contas e páginas que exigem segurança sem medo?

Agradeço demais a ajuda, obrigado mesmo!
avatar
TaranisBsb
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 01/06/2014

Voltar ao Topo Ir em baixo

Re: Sweetpages - Já tentei usar o Adwcleaner e nada

Mensagem por Power Max em Dom 01 Jun 2014, 22:45

A imagem que você anexou não apareceu aqui. Mas uma boa dica neste caso seria desinstalar o Chrome e reinstalá-lo.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Sweetpages - Já tentei usar o Adwcleaner e nada

Mensagem por TaranisBsb em Dom 01 Jun 2014, 22:56

Certo! Vou tentar isso por que acredito que seja decorrência dos vírus.

Obrigado mesmo!
avatar
TaranisBsb
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 01/06/2014

Voltar ao Topo Ir em baixo

Re: Sweetpages - Já tentei usar o Adwcleaner e nada

Mensagem por Power Max em Dom 01 Jun 2014, 23:00

Depois que você fizer isto nos diga, por gentileza, se o problema foi resolvido.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Sweetpages - Já tentei usar o Adwcleaner e nada

Mensagem por TaranisBsb em Ter 03 Jun 2014, 23:50

Boa noite.

Não sei o que aconteceu, mas reinstalei o Chrome, o problema da página não desapareceu e hoje, ao religar, o Sweetpages voltou. Será que terei que reinstalar o windows? Fiquei preocupado agora. =/
avatar
TaranisBsb
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 01/06/2014

Voltar ao Topo Ir em baixo

Re: Sweetpages - Já tentei usar o Adwcleaner e nada

Mensagem por Power Max em Ter 03 Jun 2014, 23:57

Desative temporariamente seu antivirus para evitar conflitos.

Baixe: < Shortcut_Module > ( de g3n-h@ckm@n )
|- Ao acessar o link acima, role a página e clique em Télécharger para fazer o download: [Você precisa estar registrado e conectado para ver esta imagem.]

Execute-o da forma indicada nesta postagem:

Desinfecte atalhos infectados e exclua adwares com a ferramenta Shortcut_Module

Assim que a limpeza for concluída, poste o log (relatório) que estará em C:\Shortcut_Module_07_05_2014_17_05_22.txt (estes números em vermelho irão variar pois eles mostram a data e hora em que o escaneamento foi realizado).

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Sweetpages - Já tentei usar o Adwcleaner e nada

Mensagem por TaranisBsb em Qua 04 Jun 2014, 00:25

Boa noite, acredito que esteja seja o relatório.

¤¤¤¤¤¤¤¤¤¤ | Shortcut_Module | g3n-h@ckm@n | 03.06.2014.2

¤¤¤¤¤ Vista | 7 | 8 | 8.1 - 32/64 bits ¤¤¤¤¤ - Start 00:06:22 - 04/06/2014

update on : 03/06/2014 | 19.55 by g3n-h@ckm@n

Contact : [Você precisa estar registrado e conectado para ver este link.]

Feedbacks : [Você precisa estar registrado e conectado para ver este link.]
Boot : Normal

System : Windows 7 Ultimate (64 bits) Ultimate Service Pack 1

RAM memory = Total (MB) : 8293 | Free (MB) : 6379
Pagefile = Total (MB) : 16583 | Free (MB) : 14586
Virtual = Total (MB) : 4194 | Free (MB) : 4016


Registry saved, to restore : C:\Shortcut_Module\Save\Clean\ERDNT.exe

¤¤¤¤¤¤¤¤¤¤ | Windows Updates

No windows updates detected !!!

¤¤¤¤¤¤¤¤¤¤ | Browsers

IE : 11.0.9600.17041 (© Microsoft Corporation. All rights reserved.)
GC : 35.0.1916.114 (Copyright 2012 Google Inc. All rights reserved.)

¤¤¤¤¤¤¤¤¤¤ | Security

AV : Proteção do Computador Disabled
AS : Windows Defender Enabled
FW :
WMI : OK
WU: Windows Update Service [Auto(2)] = Started
AS: Windows Defender [Auto(2)] = Started
FW: Windows FireWall Service [Auto(2)] = Started

¤¤¤¤¤¤¤¤¤¤ | FlashPlayer


¤¤¤¤¤¤¤¤¤¤ | Killed processes

904 | [Owner : SYSTEM |Parent : 656] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.88.) - (8.17.13.3788) = C:\Windows\System32\nvvsvc.exe
928 | [Owner : SYSTEM |Parent : 656] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - (7.17.13.3788) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
1408 | [Owner : SYSTEM |Parent : 904] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.3788) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1424 | [Owner : SYSTEM |Parent : 904] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.88.) - (8.17.13.3788) = C:\Windows\System32\nvvsvc.exe
1536 | [Owner : SYSTEM |Parent : 656] - (.Microsoft Corporation - Spooler SubSystem App.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe
1656 | [Owner : SYSTEM |Parent : 656] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.7.4.0) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1676 | [Owner : SYSTEM |Parent : 656] - (.Apple Inc. - YSLoader.exe.) - (17.327.4.24) = C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1708 | [Owner : SYSTEM |Parent : 656] - (. - .) - (0.0.0.0) = C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
1868 | [Owner : SYSTEM |Parent : 656] - (.F-Secure Corporation - F-Secure Host Process.) - (1.4.36005.0) = C:\Program Files (x86)\GVT\fshoster32.exe
1972 | [Owner : NETWORK SERVICE |Parent : 656] - (.F-Secure Corporation - F-Secure ORSP Service.) - (1.0.25.1877) = C:\Program Files (x86)\GVT\apps\CCF_Reputation\fsorsp.exe
1996 | [Owner : SYSTEM |Parent : 656] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.31.8.1) = C:\Program Files\Intel\iCLS Client\HeciServer.exe
2012 | [Owner : SYSTEM |Parent : 1868] - (.F-Secure Corporation - F-Secure Gatekeeper Handler 32-bit .) - (13.60.67.222) = C:\Program Files (x86)\GVT\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
1236 | [Owner : SYSTEM |Parent : 656] - (.NVIDIA Corporation - NVIDIA Network Service.) - (1.0.5.16) = C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
1696 | [Owner : SYSTEM |Parent : 656] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (2.1.214.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
2256 | [Owner : NETWORK SERVICE |Parent : 1696] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (2.1.214.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
2604 | [Owner : LOCAL SERVICE |Parent : 340] - (.Microsoft Corporation - Windows Driver Foundation - User-mode Driver Framework Host Process.) - (6.2.9200.16384) = C:\Windows\System32\WUDFHost.exe
2652 | [Owner : SYSTEM |Parent : 656] - (.F-Secure Corporation - F-Secure Management Agent.) - (8.30.43112.0) = C:\Program Files (x86)\GVT\apps\ComputerSecurity\Common\FSMA32.EXE
2948 | [Owner : SYSTEM |Parent : 2652] - (.F-Secure Corporation - F-Secure DLL Hosting Plugin.) - (8.30.43112.0) = C:\Program Files (x86)\GVT\apps\ComputerSecurity\Common\FSHDLL64.EXE
3852 | [Owner : SYSTEM |Parent : 656] - (.Intel Corporation - IAStorDataSvc.) - (12.8.0.1016) = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
3248 | [Owner : SYSTEM |Parent : 656] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (9.5.12.1682) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
2852 | [Owner : SYSTEM |Parent : 656] - (.Intel Corporation - Intel(R) Local Management Service.) - (9.5.10.1628) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
1792 | [Owner : SYSTEM |Parent : 656] - (.Microsoft Corporation - Microsoft Windows Search Indexer.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe
3964 | [Owner : Gabriel |Parent : 656] - (.Microsoft Corporation - Host Process for Windows Tasks.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe
2144 | [Owner : Gabriel |Parent : 4060] - (.Microsoft Corporation - Windows Explorer.) - (6.1.7601.17567) = C:\Windows\explorer.exe
2468 | [Owner : Gabriel |Parent : 2144] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) - (14.6.22.1) = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
3176 | [Owner : Gabriel |Parent : 2144] - (.DT Soft Ltd - DAEMON Tools Shell Extensions Helper.) - (5.2.0.350) = C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
3348 | [Owner : Gabriel |Parent : 3388] - (.Intel Corporation - iusb3mon.) - (2.5.0.19) = C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
3480 | [Owner : Gabriel |Parent : 3388] - (.D-Link - D-Link Wireless LAN Monitor.) - (4.1.3.923) = C:\Program Files (x86)\D-Link\RangeBooster G WUA-2340\AirPlusCFG.exe
3676 | [Owner : Gabriel |Parent : 3388] - (.F-Secure Corporation - F-Secure Host Process.) - (1.4.36005.0) = C:\Program Files (x86)\GVT\fshoster32.exe
3440 | [Owner : Gabriel |Parent : 3388] - (.F-Secure Corporation - F-Secure Settings and Statistics.) - (8.30.43112.0) = C:\Program Files (x86)\GVT\apps\ComputerSecurity\Common\FSM32.EXE
4368 | [Owner : SYSTEM |Parent : 1696] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (2.1.214.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
4380 | [Owner : SYSTEM |Parent : 616] - (.Microsoft Corporation - Console Window Host.) - (6.1.7601.18229) = C:\Windows\System32\conhost.exe
4724 | [Owner : Gabriel |Parent : 1408] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.3788) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
5040 | [Owner : NETWORK SERVICE |Parent : 656] - (.Microsoft Corporation - Windows Media Player Network Sharing Service.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe
5952 | [Owner : Gabriel |Parent : 4056] - (.Intel Corporation - IAStorIcon.) - (12.8.0.1016) = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
4284 | [Owner : Gabriel |Parent : 3612] - (.Intel Corporation - Intel(R) Management and Security Status.) - (9.5.20.1628) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
5212 | [Owner : SYSTEM |Parent : 656] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.31.8.1) = C:\Program Files\Intel\iCLS Client\HeciServer.exe

¤¤¤¤¤¤¤¤¤¤ | Running processes

296 | [Owner : SYSTEM |Parent : 4] - (.Microsoft Corporation - Windows Session Manager.) - (6.1.7601.18229) = C:\Windows\System32\smss.exe
504 | [Owner : SYSTEM |Parent : 496] - (.Microsoft Corporation - Client Server Runtime Process.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe
588 | [Owner : SYSTEM |Parent : 496] - (.Microsoft Corporation - Windows Start-Up Application.) - (6.1.7600.16385) = C:\Windows\System32\wininit.exe
616 | [Owner : SYSTEM |Parent : 600] - (.Microsoft Corporation - Client Server Runtime Process.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe
656 | [Owner : SYSTEM |Parent : 588] - (.Microsoft Corporation - Services and Controller app.) - (6.1.7600.16385) = C:\Windows\System32\services.exe
688 | [Owner : SYSTEM |Parent : 588] - (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7601.18443) = C:\Windows\System32\lsass.exe
696 | [Owner : SYSTEM |Parent : 600] - (.Microsoft Corporation - Windows Logon Application.) - (6.1.7601.18409) = C:\Windows\System32\winlogon.exe
704 | [Owner : SYSTEM |Parent : 588] - (.Microsoft Corporation - Local Session Manager Service.) - (6.1.7601.17514) = C:\Windows\System32\lsm.exe
844 | [Owner : SYSTEM |Parent : 656] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
972 | [Owner : NETWORK SERVICE |Parent : 656] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
512 | [Owner : LOCAL SERVICE |Parent : 656] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
340 | [Owner : SYSTEM |Parent : 656] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
388 | [Owner : LOCAL SERVICE |Parent : 656] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1028 | [Owner : SYSTEM |Parent : 656] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1276 | [Owner : NETWORK SERVICE |Parent : 656] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1564 | [Owner : LOCAL SERVICE |Parent : 656] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
3160 | [Owner : LOCAL SERVICE |Parent : 656] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
3420 | [Owner : SYSTEM |Parent : 656] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
784 | [Owner : Gabriel |Parent : 340] - (.Microsoft Corporation - Desktop Window Manager.) - (6.1.7600.16385) = C:\Windows\System32\dwm.exe
4048 | [Owner : LOCAL SERVICE |Parent : 512] - (.Microsoft Corporation - Windows Audio Device Graph Isolation .) - (6.1.7601.17514) = C:\Windows\System32\audiodg.exe
5620 | [Owner : NETWORK SERVICE |Parent : 844] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\System32\wbem\WmiPrvSE.exe
1336 | [Owner : Gabriel |Parent : 2144] - (. - Shortcut_Module.) - (3.6.2014.2) = C:\Users\Gabriel\Desktop\Shortcut_Module.exe
5076 | [Owner : LOCAL SERVICE |Parent : 340] - (.Microsoft Corporation - Windows Driver Foundation - User-mode Driver Framework Host Process.) - (6.2.9200.16384) = C:\Windows\System32\WUDFHost.exe
6096 | [Owner : SYSTEM |Parent : 656] - (. - .) - (0.0.0.0) = C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
5816 | [Owner : Gabriel |Parent : 1336] - (. - Process Stopper.) - (1.0.0.0) = C:\Shortcut_Module\Protect_Module.exe

¤¤¤¤¤¤¤¤¤¤ | RUN

04 - [64] HKLM\..\Run : [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
04 - [64] HKLM\..\Run : [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
04 - [64] HKLM\..\Run : [D-Link RangeBooster G WUA-2340] C:\Program Files (x86)\D-Link\RangeBooster G WUA-2340\AirPlusCFG.exe
04 - [64] HKLM\..\Run : [F-Secure Hoster (51855)] "C:\Program Files (x86)\GVT\fshoster32.exe" -app -hosterid:1
04 - [64] HKLM\..\Run : [F-Secure Manager] "C:\Program Files (x86)\GVT\apps\ComputerSecurity\Common\FSM32.EXE" /splash
04 - [32] HKLM\..\Run : [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
04 - [32] HKLM\..\Run : [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
04 - [32] HKLM\..\Run : [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
04 - [32] HKLM\..\Run : [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

¤¤¤¤¤¤¤¤¤¤ | Services


Service in functioning : WINDEFEND
Stopped service : WINDEFEND
Service in functioning : MMCSS
Service in functioning : Dhcp
Stopped service : Dhcp
Service in functioning : TcpIp
Service in functioning : SSDPSRV
Stopped service : SSDPSRV
Service in functioning : MPSSvc
Stopped service : MPSSvc
Service in functioning : LanmanServer
Service in functioning : DNScache
Stopped service : DNScache

¤¤¤¤¤¤¤¤¤¤ | Hosts

C:\Windows\System32\Drivers\etc\hosts : Reseted successfully

¤¤¤¤¤¤¤¤¤¤ | Register

Deleted successfully : [64]HKLM\Software\Classes\AppID\SoftwareUpdate.exe
Deleted successfully : [64]HKLM\Software\Classes\AppID\{6A070EEA-E3F8-411E-9D3A-F3814ED6D1A8} : SoftwareUpdateApp
Deleted successfully : [32]HKLM\Software\Classes\AppID\SoftwareUpdateAdmin.DLL
Deleted successfully : [64]HKLM\Software\Classes\TypeLib\{7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4} : SoftwareUpdate
Deleted successfully : [64]HKLM\Software\Classes\Interface\{06437ABB-C419-4B11-A474-1A2B02FBD646} : _ISelfEvents
Deleted successfully : [64]HKLM\Software\Classes\Interface\{422CA428-AACB-496A-8FDD-86758BCFB756} : {7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4}
Deleted successfully : [64]HKLM\Software\Classes\Interface\{84A97748-13F3-4BB5-A20F-31709B134F25} : INVAssemblyActionPair
Deleted successfully : [64]HKLM\Software\Classes\Interface\{9397FF55-EE06-4F02-8F2A-BE3AE249D4BB} : IConversationHistoryActionAvailabilityEventData
Deleted successfully : [64]HKLM\Software\Classes\Interface\{995E123A-2A19-4E52-872F-774C5589459C} : {7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4}
Deleted successfully : [64]HKLM\Software\Classes\Interface\{A52621AD-E10F-477B-9ACB-B6181610788B} : {7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4}
Deleted successfully : [64]HKLM\Software\Classes\Interface\{DEDDD7BD-4763-41D2-9AAA-B2C143457CA4} : IModalityActionAvailabilityChangedEventData
Deleted successfully : [32]HKLM\Software\Classes\Interface\{422CA428-AACB-496A-8FDD-86758BCFB756} : {7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4}
Deleted successfully : [32]HKLM\Software\Classes\Interface\{84A97748-13F3-4BB5-A20F-31709B134F25} : INVAssemblyActionPair
Deleted successfully : [32]HKLM\Software\Classes\Interface\{995E123A-2A19-4E52-872F-774C5589459C} : {7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4}
Deleted successfully : [32]HKLM\Software\Classes\Interface\{A52621AD-E10F-477B-9ACB-B6181610788B} : {7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4}
Deleted successfully : [64]HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Deleted successfully : [64]HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Deleted successfully : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465} : ShopperReports.dll
Deleted successfully : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} : alotBHO.dll;alotBHO.dll
Deleted successfully : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{22D8E815-4A5E-4DFB-845E-AAB64207F5BD} : eBayTB.dll
Deleted successfully : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754} : ShoppingReport.dll
Deleted successfully : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7} : PCTBrowserDefender.dll
Deleted successfully : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B} : BabylonToolbar.dll
Deleted successfully : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825} : PCTBrowserDefender.dll
Deleted successfully : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{57F02779-3D88-4958-8AD3-83C12D86ADC7} : advancedsearchbar.dll
Deleted successfully : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7} : alot.dll;alot.dll
Deleted successfully : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{69ABB8E4-3A44-461C-93BC-C3BB6BDF2DF3} : Backcountry.com.Steepandcheap.Toolbar.dll
Deleted successfully : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} : SuperfishIEAddon.dll;SuperfishIEAddon.dll
Deleted successfully : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{92085AD4-F48A-450D-BD93-B28CC7DF67CE} : eBayTB.dll
Deleted successfully : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} : BabylonToolbar.dll
Deleted successfully : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} : ShoppingReport.dll
Deleted successfully : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CDEEC43D-3572-4E95-A2A5-F519D29F00C0} : advancedsearchbar.dll
Deleted successfully : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{F98BA7F6-48D8-4CE7-A8D0-39D13FD6F14F} : Backcountry.com.Steepandcheap.Toolbar.dll
Deleted successfully : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC} : BabylonToolbarTlbr.dll

¤¤¤¤¤¤¤¤¤¤ | IFEO


¤¤¤¤¤¤¤¤¤¤ | Folders

Deleted successfully : C:\Windows\System32\NdfEventView.xml ()
Deleted successfully : C:\Users\All Users\f-secure\FSAUA\guts.sp.f-secure.com\content\orsp-win-v2\1370467978\orspupd.exe (© 2007-2013, F-Secure Corporation.-.F-Secure ORSP Client)[OFN : orspupd.exe]
Deleted successfully : C:\Users\All Users\f-secure\latebound\200\localization\trustedsites.pt-BR.xml (.-.)
Deleted successfully : C:\Users\All Users\Real\RealConverter\DeviceProfiles\archos7hometablet.xml (.-.)
Deleted successfully : C:\Users\All Users\Real\RealConverter\DeviceProfiles\blackberrytorch.xml (.-.)

¤¤¤¤¤¤¤¤¤¤ | Hijack.Shortcut


¤¤¤¤¤¤¤¤¤¤ | Proxy

Repaired : [HKU\S-1-5-21-2685067900-1822866205-979970078-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[WarnonZoneCrossing] : 0 -> 1

¤¤¤¤¤¤¤¤¤¤ | Hijack.Internet Explorer

Repaired : [HKU\S-1-5-21-2685067900-1822866205-979970078-1000\Software\Microsoft\Internet Explorer\Main]|[Start Page] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [HKU\S-1-5-21-2685067900-1822866205-979970078-1000\Software\Microsoft\Internet Explorer\Main]|[Local Page] : C:\Windows\system32\blank.htm -> C:\Windows\SysWOW64\blank.htm
Repaired : [HKU\S-1-5-21-2685067900-1822866205-979970078-1000\Software\Microsoft\Internet Explorer\Main]|[Search Page] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [HKU\S-1-5-21-2685067900-1822866205-979970078-1000\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : about:blank -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [64][HKLM\Software\Microsoft\Internet Explorer\Main\Window Title]|[] : -> Internet Explorer
Repaired : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[Search Bar] : -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[Start Page] : about:blank -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[Search Page] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : about:blank -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[BrowserMngr Start Page] : -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[CustomizeSearch] : -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [64][HKLM\Software\Microsoft\Internet Explorer\Search]|[Search Bar] : -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [64][HKLM\Software\Microsoft\Internet Explorer\Search]|[Start Page] : -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [64][HKLM\Software\Microsoft\Internet Explorer\Search]|[Local Page] : -> C:\Windows\SysWOW64\blank.htm
Repaired : [64][HKLM\Software\Microsoft\Internet Explorer\Search]|[Search Page] : -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [64][HKLM\Software\Microsoft\Internet Explorer\Search]|[Default_Search_URL] : -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [64][HKLM\Software\Microsoft\Internet Explorer\Search]|[Default_Page_URL] : -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [64][HKLM\Software\Microsoft\Internet Explorer\Search]|[BrowserMngr Start Page] : -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [64][HKLM\Software\Microsoft\Internet Explorer\Search]|[CustomizeSearch] : -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Main\Window Title]|[] : -> Internet Explorer
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[Search Bar] : -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[Start Page] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[Local Page] : C:\Windows\System32\blank.htm -> C:\Windows\SysWOW64\blank.htm
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[Search Page] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[BrowserMngr Start Page] : -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[CustomizeSearch] : -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Search]|[Search Bar] : -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Search]|[Start Page] : -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Search]|[Local Page] : -> C:\Windows\SysWOW64\blank.htm
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Search]|[Search Page] : -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Search]|[Default_Search_URL] : -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Search]|[Default_Page_URL] : -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Search]|[BrowserMngr Start Page] : -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Search]|[CustomizeSearch] : -> [Você precisa estar registrado e conectado para ver este link.]

¤¤¤¤¤¤¤¤¤¤ | Hijack.Google Chrome


Deleted successfully : [64]HKLM\Software\Policies\Google
[Gabriel] Reseted successfully : SearchURL
[Gabriel] Reseted successfully : Preferences

[Gabriel] : aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co
[Gabriel] : apdfllckaahabafndbhieahigkjlhalf = : Google & co - [Você precisa estar registrado e conectado para ver este link.] - Google & co
[Gabriel] : blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - [Você precisa estar registrado e conectado para ver este link.] - [Você precisa estar registrado e conectado para ver este link.] - Google & co
[Gabriel] : coobgpohoikkiipiblmjeljniedjpjpf = : Google & co - [Você precisa estar registrado e conectado para ver este link.] - Google & co
[Gabriel] : lgbeldbnadmemecalekdfnffgobkpafc = : Unfriend Alerts alerts you any time someone removes you from their friend list. - Unfriend Alerts
[Gabriel] : mihcahmgecmbnbcchbopgniflfhgnkff = : __MSG_gmailcheck_description__ - __MSG_gmailcheck_name__
[Gabriel] : nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co
[Gabriel] : pbcaplhfkihhldmlbjhgajdeghjdbffi = : Módulo de Proteção - Caixa Economica Federal - GBBD Caixa Economica Federal
[Gabriel] : pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - [Você precisa estar registrado e conectado para ver este link.] - Google & co

¤¤¤¤¤¤¤¤¤¤ | Hijack.Firefox



¤¤¤¤¤¤¤¤¤¤ | Opera


¤¤¤¤¤¤¤¤¤¤ | Hijack.StartMenuInternet

Repaired : [64][HKLM\Software\Clients\StartMenuInternet\IExplore.exe\shell\open\command] : C:\Program Files\Internet Explorer\iexplore.exe -> "C:\Program Files\Internet Explorer\iexplore.exe"
Repaired : [64][HKLM\Software\Clients\StartMenuInternet\Google Chrome\shell\open\command] : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -> "C:\Program Files\Google\Chrome\Application\chrome.exe"

¤¤¤¤¤¤¤¤¤¤ | AppInit_DLLs

[64][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 1
[32][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 1

¤¤¤¤¤¤¤¤¤¤ | Hijack.Javascript


¤¤¤¤¤¤¤¤¤¤ | Firewall

Repaired : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]|[EnableFirewall] : 1 -> 0
Repaired : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]|[EnableFirewall] : 1 -> 0
Repaired : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]|[EnableFirewall] : 1 -> 0


¤¤¤¤¤¤¤¤¤¤ | Temporary files

[All Users] Temporary files deleted : 0 Ko
[Default] Temporary files deleted : 0 Ko
[Default User] Temporary files deleted : 0 Ko
[Gabriel] Temporary files deleted : 654167 Ko
[Public] Temporary files deleted : 0 Ko
[C:\Windows\Temp] Temporary files deleted : 0 Ko
[C:\Temp] Temporary files deleted : 0 Ko

Restarted service : MPSsvc

Other(s) report(s)


[X] : [204 Ko]

Analyzed elements : 245769 | Infected : 82

¤¤¤¤¤¤¤¤¤¤ |EOF| ¤¤¤¤¤¤¤¤¤¤ | 00:20:49 | [27 Ko]
avatar
TaranisBsb
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 01/06/2014

Voltar ao Topo Ir em baixo

Re: Sweetpages - Já tentei usar o Adwcleaner e nada

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Página 1 de 2 1, 2  Seguinte

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum