Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14428 usuários registrados
O último usuário registrado atende pelo nome de RS_Computadores

Os nossos membros postaram um total de 35112 mensagens em 3557 assuntos
Últimos assuntos
» Notebook Travando!
por RS_Computadores Qui 21 Set 2017, 10:37

Quem está conectado
Não há nenhum usuário online :: Nenhum usuário registrado, Nenhum Invisível e nenhuma Visita :: 1 Motor de busca

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Setembro 2017
SegTerQuaQuiSexSabDom
    123
45678910
11121314151617
18192021222324
252627282930 

Calendário Calendário

Palavras chave


Remover istart.webssearches

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

Remover istart.webssearches

Mensagem por Fuçador em Qua 25 Jun 2014, 11:55

estou precisando de sua ajuda novamente para remover esse istart e melhorar o desempenho deste pc
desde ja fico grato

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:48:53, on 25/6/2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Java\jre7\bin\jqs.exe
C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe
C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe
C:\WINDOWS\system32\msiexec.exe
C:\Arquivos de programas\AskPartnerNetwork\Toolbar\apnmcp.exe
C:\Arquivos de programas\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Documents and Settings\cliente\Configurações locais\Dados de aplicativos\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\cliente\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = [Você precisa estar registrado e conectado para ver este link.]
O2 - BHO: SaveSense - {0f21b1e5-5afc-43c9-9c66-515046e92ec2} - C:\Arquivos de programas\SaveSense\SaveSenseIE.dll
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Arquivos de programas\SupTab\SupTab.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre7\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [avast] "C:\Arquivos de programas\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [upfst_br_3.exe] C:\Documents and Settings\cliente\Configurações locais\Dados de aplicativos\fst_br_3\upfst_br_3.exe -runhelper
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ApnTBMon] "C:\Arquivos de programas\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\RunOnce: [gcncagkkhfoombgbihckkccmkjemhohl Upgrader] "C:\DOCUME~1\cliente\CONFIG~1\Temp\gcn195.tmp\UPDATER.EXE"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Você precisa estar registrado e conectado para ver este link.]
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Serviço de atualização Ask (APNMCP) - APN LLC. - C:\Arquivos de programas\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IePlugin Service (IePluginService) - Unknown owner - C:\Documents and Settings\All Users\Dados de aplicativos\IePluginService\PluginService.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Arquivos de programas\Java\jre7\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SaveSenseLive Service (savesenselive) (savesenselive) - SaveSense - C:\Arquivos de programas\SaveSenseLive\Update\SaveSenseLive.exe
O23 - Service: SaveSenseLive Service (savesenselivem) (savesenselivem) - SaveSense - C:\Arquivos de programas\SaveSenseLive\Update\SaveSenseLive.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Arquivos de programas\Skype\Updater\Updater.exe
O23 - Service: Software Updater (SrvUpdater) - Unknown owner - C:\Arquivos de programas\SoftwareUpdater\UpdaterService.exe (file missing)
O23 - Service: WindowsProtectManger Service (WindowsProtectManger) - Unknown owner - C:\Documents and Settings\All Users\Dados de aplicativos\WindowsProtectManger\wprotectmanager.exe (file missing)

--
End of file - 8984 bytes
avatar
Fuçador
Membro
Membro

Mensagens : 129
Reputação : 1
Data de inscrição : 30/09/2013

Voltar ao Topo Ir em baixo

Re: Remover istart.webssearches

Mensagem por Power Max em Qua 25 Jun 2014, 12:11

Olá!

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

Remova adwares e toolbars maliciosas com o Adwcleaner

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Remover istart.webssearches

Mensagem por Fuçador em Qua 25 Jun 2014, 12:46

relatorio do adwcleaner

# AdwCleaner v3.213 - Relatório criado 25/06/2014 às 12:41:04
# Atualizado 23/06/2014 por Xplode
# Sistema Operacional : Microsoft Windows XP Service Pack 3 (32 bits)
# Usuário : cliente - CLIENTE-D87712E
# Executando de : C:\Documents and Settings\cliente\Desktop\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

Serviço Deletada : APNMCP
[#] Serviço Deletada : IePluginService
[#] Serviço Deletada : savesenselive
[#] Serviço Deletada : savesenselivem
[#] Serviço Deletada : SrvUpdater
[#] Serviço Deletada : WindowsProtectManger

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\Documents and Settings\All Users\Dados de aplicativos\apn
Pasta Deletada : C:\Documents and Settings\All Users\Dados de aplicativos\AskPartnerNetwork
Pasta Deletada : C:\Documents and Settings\All Users\Dados de aplicativos\Babylon
Pasta Deletada : C:\Documents and Settings\All Users\Dados de aplicativos\baidu
Pasta Deletada : C:\Documents and Settings\All Users\Dados de aplicativos\BonanzaDealsLive
Pasta Deletada : C:\Documents and Settings\All Users\Dados de aplicativos\IePluginService
Pasta Deletada : C:\Documents and Settings\All Users\Dados de aplicativos\SaveSenseLive
Pasta Deletada : C:\Documents and Settings\All Users\Dados de aplicativos\WindowsProtectManger
Pasta Deletada : C:\Arquivos de programas\AskPartnerNetwork
Pasta Deletada : C:\Arquivos de programas\BonanzaDeals
Pasta Deletada : C:\Arquivos de programas\BonanzaDealsLive
Pasta Deletada : C:\Arquivos de programas\LinkSwift
Pasta Deletada : C:\Arquivos de programas\predm
Pasta Deletada : C:\Arquivos de programas\SaveSense
Pasta Deletada : C:\Arquivos de programas\SaveSenseLive
Pasta Deletada : C:\Arquivos de programas\SoftwareUpdater
Pasta Deletada : C:\Arquivos de programas\SupTab
Pasta Deletada : C:\Arquivos de programas\Vittalia
Pasta Deletada : C:\Documents and Settings\cliente\Configurações locais\Dados de aplicativos\AskPartnerNetwork
Pasta Deletada : C:\Documents and Settings\cliente\Configurações locais\Dados de aplicativos\BonanzaDealsLive
Pasta Deletada : C:\Documents and Settings\cliente\Configurações locais\Dados de aplicativos\Freesofttoday
Pasta Deletada : C:\Documents and Settings\cliente\Configurações locais\Dados de aplicativos\lollipop
Pasta Deletada : C:\Documents and Settings\cliente\Configurações locais\Dados de aplicativos\SaveSenseLive
Pasta Deletada : C:\DOCUME~1\cliente\CONFIG~1\Temp\apn
Pasta Deletada : C:\Documents and Settings\cliente\Dados de aplicativos\Babylon
Pasta Deletada : C:\Documents and Settings\cliente\Dados de aplicativos\baidu
Pasta Deletada : C:\Documents and Settings\cliente\Dados de aplicativos\SaveSense
Pasta Deletada : C:\Documents and Settings\cliente\Dados de aplicativos\SupTab
Pasta Deletada : C:\Documents and Settings\cliente\Dados de aplicativos\UpdaterEX
Pasta Deletada : C:\Documents and Settings\cliente\Dados de aplicativos\webssearches
Pasta Deletada : C:\Documents and Settings\cliente\Menu Iniciar\Programas\SaveSense
Arquivo Deletada : C:\Documents and Settings\cliente\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\newtabv3.crx
Arquivo Deletada : C:\WINDOWS\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
Arquivo Deletada : C:\WINDOWS\Tasks\SaveSenseLiveUpdateTaskMachineUA.job

***** [ Atalhos ] *****

Atalho Desinfectada : C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
Atalho Desinfectada : C:\Documents and Settings\All Users\Menu Iniciar\Programas\Google Chrome\Google Chrome.lnk
Atalho Desinfectada : C:\Documents and Settings\cliente\Menu Iniciar\Programas\Internet Explorer.lnk

***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pljcgbedjplidkdjahbaalanadmjfgop
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\SaveSenseLive.exe
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Chave Deletedo : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Chave Deletedo : HKLM\SOFTWARE\Classes\SaveSenseLive.OneClickCtrl.9
Chave Deletedo : HKLM\SOFTWARE\Classes\SaveSenseLive.OneClickProcessLauncherMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\SaveSenseLive.OneClickProcessLauncherMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\SaveSenseLive.Update3WebControl.3
Chave Deletedo : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoCreateAsync
Chave Deletedo : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoCreateAsync.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoreClass
Chave Deletedo : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoreClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoreMachineClass
Chave Deletedo : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoreMachineClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CredentialDialogMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CredentialDialogMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback
Chave Deletedo : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.ProcessLauncher
Chave Deletedo : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.ProcessLauncher.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3COMClassService
Chave Deletedo : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3COMClassService.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebMachineFallback
Chave Deletedo : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebMachineFallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebSvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=3
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=9
Chave Deletedo : HKCU\Software\526dbd9b268ef41
Chave Deletedo : HKLM\SOFTWARE\526dbd9b268ef41
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{A2D3FB7A-6873-45E8-AF96-57092D721828}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{0F21B1E5-5AFC-43C9-9C66-515046E92EC2}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F21B1E5-5AFC-43C9-9C66-515046E92EC2}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F21B1E5-5AFC-43C9-9C66-515046E92EC2}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\AskPartnerNetwork
Chave Deletedo : HKCU\Software\BabSolution
Chave Deletedo : HKCU\Software\BI
Chave Deletedo : HKCU\Software\BonanzaDealsLive
Chave Deletedo : HKCU\Software\DataMngr
[#] Chave Deletedo : HKCU\Software\DataMngr_Toolbar
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\LinkSwift
Chave Deletedo : HKCU\Software\lollipop
Chave Deletedo : HKCU\Software\SaveSense
Chave Deletedo : HKCU\Software\SaveSenseLive
Chave Deletedo : HKCU\Software\Tutorials
Chave Deletedo : HKCU\Software\TutoTag
Chave Deletedo : HKCU\Software\UpdaterEX
Chave Deletedo : HKLM\Software\AskPartnerNetwork
Chave Deletedo : HKLM\Software\BonanzaDealsLive
Chave Deletedo : HKLM\Software\DataMngr
Chave Deletedo : HKLM\Software\DealPlyLive
Chave Deletedo : HKLM\Software\FreeSoftToday
Chave Deletedo : HKLM\Software\LinkSwift
Chave Deletedo : HKLM\Software\SaveSense
Chave Deletedo : HKLM\Software\SaveSenseLive
Chave Deletedo : HKLM\Software\SoftwareUpdater
Chave Deletedo : HKLM\Software\SupTab
Chave Deletedo : HKLM\Software\Tutorials
Chave Deletedo : HKLM\Software\Vittalia
Chave Deletedo : HKLM\Software\webssearchesSoftware
Chave Deletedo : HKLM\Software\Wpm
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SaveSense
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LinkSwift
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SaveSense
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vittalia
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webssearches uninstaller
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SaveSense
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FilesFrog Update Checker
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\LinkSwift
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SaveSense
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Vittalia
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\webssearches uninstaller
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SaveSenseLive.exe

***** [ Navegadores ] *****

-\\ Internet Explorer v6.0.2900.5512

Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]

-\\ Google Chrome v35.0.1916.153

[ Arquivo : C:\Documents and Settings\cliente\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\preferences ]

Deletedo [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Homepage] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Extension] : nchpfiddbhbdnagofhkjlaiaejmkdcla
Deletedo [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma
Deletedo [Extension] : pljcgbedjplidkdjahbaalanadmjfgop

*************************

AdwCleaner[R0].txt - [13896 octets] - [25/06/2014 12:24:26]
AdwCleaner[S0].txt - [13388 octets] - [25/06/2014 12:41:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13449 octets] ##########
avatar
Fuçador
Membro
Membro

Mensagens : 129
Reputação : 1
Data de inscrição : 30/09/2013

Voltar ao Topo Ir em baixo

Re: Remover istart.webssearches

Mensagem por Power Max em Qua 25 Jun 2014, 12:48

Desative temporariamente seu antivírus para evitar conflitos.

 Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Você precisa estar registrado e conectado para ver este link.]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Qui 26 Jun 2014, 12:57, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Remover istart.webssearches

Mensagem por Fuçador em Qua 25 Jun 2014, 13:38


Zoek.exe v5.0.0.0 Updated 22-06-2014
Tool run by cliente on qua 25/06/2014 at 13:19:40,96.
Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\cliente\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

25/6/2014 13:20:11 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{86c83f9e-48a4-4cd2-a763-64fea5df35f7} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Arquivos de programas\GUM6F.tmp deleted
C:\Documents and Settings\cliente\vga1D1.tmp deleted
C:\Documents and Settings\cliente\vga1D2.tmp deleted
C:\WINDOWS\tasks\At1.job deleted
C:\WINDOWS\System32\searchplugins deleted
C:\WINDOWS\System32\Extensions deleted

==== Folders Found ======================

2013-10-09 22:18:20 2013-10-09 22:24:42 -------- d-----w- C:\BaiduDownloads
2014-06-25 15:41:14 2014-06-25 15:41:14 -------- d-----w- C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Dados de aplicativos\baidu
2014-06-25 15:41:27 2014-06-25 15:41:27 -------- d-----w- C:\AdwCleaner\Quarantine\C\Documents and Settings\cliente\Dados de aplicativos\baidu
2014-06-25 15:41:27 2014-06-25 15:41:27 -------- d-----w- C:\AdwCleaner\Quarantine\C\Documents and Settings\cliente\Dados de aplicativos\baidu\Baidu Antivirus
2013-10-09 20:20:40 2014-02-23 19:22:12 -------- d-----w- C:\Arquivos de programas\Baidu Security
2014-02-23 19:22:12 2014-06-25 14:30:03 -------- d-----w- C:\Arquivos de programas\Baidu Security\Baidu Antivirus
2014-02-23 19:22:30 2014-02-23 19:22:30 -------- d-----w- C:\Documents and Settings\All Users\Application Data\baidu
2013-10-09 20:19:16 2014-05-27 01:19:06 -------- d-----w- C:\Documents and Settings\All Users\Dados de aplicativos\Baidu Security
2014-05-27 01:17:19 2014-05-27 01:17:19 -------- d-----w- C:\Documents and Settings\All Users\Documentos\Baidu
2013-10-09 20:20:23 2013-10-09 21:57:27 -------- d-----w- C:\Documents and Settings\All Users\Documentos\Baidu Security
2013-10-09 20:23:44 2013-10-09 21:57:26 -------- d-----w- C:\Documents and Settings\cliente\Dados de aplicativos\Baidu Security
2013-11-04 18:01:26 2013-11-04 18:01:26 -------- d-----w- C:\Documents and Settings\cliente\Dados de aplicativos\Baidu Security\PC Faster\3.7.0.0\Uninstall\Baidu PC Faster Uninstall
2013-11-04 18:01:28 2013-11-04 18:01:28 -------- d-----w- C:\Documents and Settings\cliente\Dados de aplicativos\Baidu Security\PC Faster\3.7.0.0\Uninstall\Baidu PC Faster Uninstall HK

==== Files Found ======================


--- C:\Documents and Settings\cliente\Cookies\cliente@baidu[1].txt ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 101
Created time: 2014-05-27 01:11:08
Modified time: 2014-05-27 01:11:08
MD5: 5E1C5976E099DD3A974475129AAA45C8
SHA1: C7ADD70276A9386356FFE80EC19CCB313551FA41


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\baidu]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"="C:\\Documents and Settings\\All Users\\Application Data\\baidu\\commondll\\splitupload\\DllVersion_2.0\\FileSplitUpLoad.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"="http://sync.br.bav.baidu.com/cgi-bin/report_uu_msg_bavv2.cgi"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bhbase]
"DisplayName"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BHipsEx]
"DisplayName"="Baidu HipsEx Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bndef]
"DisplayName"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bprotect]
"InstPath"="C:\\Arquivos de programas\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BprotectEx]
"InstPath"="C:\\Arquivos de programas\\Baidu Security\\PC Faster\\3.7.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Arquivos de programas\\Baidu Security\\PC Faster\\3.7.0.0\\PCFApiUtil.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bhbase]
"DisplayName"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BHipsEx]
"DisplayName"="Baidu HipsEx Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bndef]
"DisplayName"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect]
"InstPath"="C:\\Arquivos de programas\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BprotectEx]
"InstPath"="C:\\Arquivos de programas\\Baidu Security\\PC Faster\\3.7.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Arquivos de programas\\Baidu Security\\PC Faster\\3.7.0.0\\PCFApiUtil.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bhbase]
"DisplayName"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsEx]
"DisplayName"="Baidu HipsEx Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bndef]
"DisplayName"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect]
"InstPath"="C:\\Arquivos de programas\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx]
"InstPath"="C:\\Arquivos de programas\\Baidu Security\\PC Faster\\3.7.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Arquivos de programas\\Baidu Security\\PC Faster\\3.7.0.0\\PCFApiUtil.sys"

[HKEY_USERS\.DEFAULT\Software\Baidu]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BHipsSvc.exe]

[HKEY_USERS\.DEFAULT\Software\Baidu Security]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\Mini111713-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store\3.8.8.1435]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store\3.8.8.1435\LastReportTime]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\DataReport]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu\Hao123-br]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu\Hao123-br\hao123desk]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC App Store]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC App Store\3.8.8.1435]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC App Store\3.8.8.1435\Install]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC App Store\3.8.8.1435\Install\173078]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC App Store\3.8.8.1435\Install\173078]
"url"="http://sync.pcfaster.baidu.com/cgi-bin-py-appstore/get_channel_info_appstore.cgi?install_channel=pcf&version=3.8.8.1435&errorcode=0&errortext=&userid=4JV79C7W-0040A70BF26C!77169398-07dc-4ff4-aefd-6f57ac120e08@#0040A70BF26C&install_time=2013-10-09 21:57:31"

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC App Store\3.8.8.1435\LastReportTime]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC App Store\DataReport]

"c:\\documents and settings\\cliente\\dados de aplicativos\\baidu security\\pc app store\\rpdata\\2013-10-09 19_44_34_[0281]rpdata.dat"="http://sync.security.baidu.co.th/cgi-bin-py/get_appstore_statistic_info.cgi"

"c:\\documents and settings\\cliente\\dados de aplicativos\\baidu security\\pc app store\\rpdata\\2013-10-09 19_18_18_[0390]rpdata.dat"="http://sync.security.baidu.co.th/cgi-bin-py/get_appstore_statistic_info.cgi"

"c:\\documents and settings\\cliente\\dados de aplicativos\\baidu security\\pc app store\\rpdata\\2013-10-10 09_38_19_[0515]rpdata.dat"="http://sync.security.baidu.co.th/cgi-bin-py/get_appstore_statistic_info.cgi"

"c:\\documents and settings\\cliente\\dados de aplicativos\\baidu security\\pc app store\\rpdata\\2013-10-10 22_06_56_[0312]rpdata.dat"="http://sync.security.baidu.co.th/cgi-bin-py/get_appstore_statistic_info.cgi"

"c:\\documents and settings\\cliente\\dados de aplicativos\\baidu security\\pc app store\\rpdata\\2013-10-11 15_06_51_[0296]rpdata.dat"="http://sync.security.baidu.co.th/cgi-bin-py/get_appstore_statistic_info.cgi"

"c:\\documents and settings\\cliente\\dados de aplicativos\\baidu security\\pc app store\\rpdata\\2013-10-19 15_52_40_[0562]rpdata.dat"="http://sync.security.baidu.co.th/cgi-bin-py/get_appstore_statistic_info.cgi"

"c:\\documents and settings\\cliente\\dados de aplicativos\\baidu security\\pc app store\\rpdata\\2013-10-19 20_47_12_[0796]rpdata.dat"="http://sync.security.baidu.co.th/cgi-bin-py/get_appstore_statistic_info.cgi"

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC App Store\Setup]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\CleanRecord]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Install]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\InstalledPatchesRecord]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\alluser]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\curuser]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hkcu]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hkcu]
"swg_BaiDuSafe_RegType"=dword:00000002

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm]
"Adobe ARM_BaiDuSafe_RegType"=dword:00000001

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm]
"HP Component Manager_BaiDuSafe_RegType"=dword:00000001

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm]
"HP Software Update_BaiDuSafe_RegType"=dword:00000001

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm]
"SoundMan_BaiDuSafe_RegType"=dword:00000001

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Statistic]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\UUReport]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\DataReport]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\Setup]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Baidu Antivirus]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Baidu PC Faster]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Arquivos de programas\\Baidu Security\\Baidu Antivirus\\BavTray.exe"="Baidu Antivirus Tray Application"

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Arquivos de programas\\Baidu Security\\Baidu Antivirus\\Investigate.exe"="Baidu Antivirus Investigate Application"

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Arquivos de programas\\Baidu Security\\Baidu Antivirus\\uninstall.exe"="Baidu Antivirus Uninstall"

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Arquivos de programas\\Baidu Security\\Baidu Antivirus\\BavSvc.exe"="Baidu Antivirus Service"

[HKEY_USERS\S-1-5-18\Software\Baidu]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BHipsSvc.exe]

[HKEY_USERS\S-1-5-18\Software\Baidu Security]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\Mini111713-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store\3.8.8.1435]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store\3.8.8.1435\LastReportTime]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\DataReport]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
odpccdgkmiicgocepijnaeihjnjnomca - C:\Arquivos de programas\LinkSwift\odpccdgkmiicgocepijnaeihjnjnomca.crx[]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://br.hao123.com/?tn=bav_inner_hp_01_hao123_br"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
"Start Page"="http://br.hao123.com/?tn=bav_inner_hp_01_hao123_br"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com"
"CustomizeSearch"="http://www.google.com"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

Nothing found to reset

==== shortcuts on All Users Desktop ======================

C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk - C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\All Users\Desktop\HP Deskjet 3740 Series Guia do usuário.lnk -
C:\Documents and Settings\All Users\Desktop\Impressão de foto HP.lnk -
C:\Documents and Settings\All Users\Desktop\LMania 8.lnk - C:\LMania80\LMania.exe
C:\Documents and Settings\All Users\Desktop\Nero Home.lnk - C:\Arquivos de programas\Nero\Nero8\Nero Home\NeroHome.exe -ScParameter=65
C:\Documents and Settings\All Users\Desktop\Nero StartSmart.lnk - C:\Arquivos de programas\Nero\Nero8\Nero StartSmart\NeroStartSmart.exe -ScParameter=65
C:\Documents and Settings\All Users\Desktop\Skype.lnk - C:\WINDOWS\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe

==== shortcuts in Users Start Menu ======================

C:\Documents and Settings\cliente\Menu Iniciar\Programas\Internet Explorer.lnk - C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\cliente\Menu Iniciar\Programas\Aplicativos do Google Chrome\Until AM for Chrome.lnk - C:\Arquivos de programas\Google\Chrome\Application\chrome.exe

==== shortcuts in All Users Start Menu ======================

C:\Documents and Settings\All Users\Menu Iniciar\Programas\Google Chrome\Google Chrome.lnk - C:\Arquivos de programas\Google\Chrome\Application\chrome.exe

==== shortcuts in Quick Launch ======================

C:\Documents and Settings\cliente\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\cliente\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\Iniciar o navegador Internet Explorer.lnk - C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\cliente\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\Nero Home.lnk - C:\Arquivos de programas\Nero\Nero8\Nero Home\NeroHome.exe -ScParameter=65
C:\Documents and Settings\cliente\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Arquivos de programas\Nero\Nero8\Nero StartSmart\NeroStartSmart.exe -ScParameter=65
C:\Documents and Settings\cliente\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk - C:\Arquivos de programas\Windows Media Player\wmplayer.exe /prefetch:1

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\odpccdgkmiicgocepijnaeihjnjnomca deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WindowsProtectManger deleted successfully

==== Empty IE Cache ======================

C:\Documents and Settings\cliente\Configurações locais\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\cliente\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Default User\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Configurações locais\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=5 folders=2 918 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\cliente\CONFIG~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== EOF on qua 25/06/2014 at 13:34:45,03 ======================
avatar
Fuçador
Membro
Membro

Mensagens : 129
Reputação : 1
Data de inscrição : 30/09/2013

Voltar ao Topo Ir em baixo

Re: Remover istart.webssearches

Mensagem por Power Max em Qua 25 Jun 2014, 19:22

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Qui 26 Jun 2014, 12:57, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Remover istart.webssearches

Mensagem por Fuçador em Qua 25 Jun 2014, 20:22


Zoek.exe v5.0.0.0 Updated 22-06-2014
Tool run by cliente on qua 25/06/2014 at 19:54:02,73.
Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\cliente\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-25-163445.log 28812 bytes

==== System Restore Info ======================

25/6/2014 19:54:42 Zoek.exe System Restore Point Created Succesfully.

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bhbase deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bhbase deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsEx deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bndef deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bndef deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BprotectEx deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCFApiUtil deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\PCFApiUtil deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bhbase]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bhbase]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BHipsEx]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BHipsEx]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bprotect]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BprotectEx]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BprotectEx]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BprotectEx]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCFApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCFApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bhbase]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bhbase]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BHipsEx]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BHipsEx]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BprotectEx]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BprotectEx]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BprotectEx]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\PCFApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\PCFApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bhbase]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bhbase]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsEx]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsEx]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCFApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCFApiUtil]
[-HKEY_USERS\.DEFAULT\Software\Baidu]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BHipsSvc.exe]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\Mini111713-01.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store\3.8.8.1435]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store\3.8.8.1435\LastReportTime]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\DataReport]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu\Hao123-br]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu\Hao123-br\hao123desk]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC App Store]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC App Store\3.8.8.1435]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC App Store\3.8.8.1435\Install]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC App Store\3.8.8.1435\Install\173078]
[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC App Store\3.8.8.1435\Install\173078]
"url"=-
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC App Store\3.8.8.1435\LastReportTime]
[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC App Store\DataReport]
"c:\\documents and settings\\cliente\\dados de aplicativos\\baidu security\\pc app store\\rpdata\\2013-10-09 19_44_34_[0281]rpdata.dat"=-
"c:\\documents and settings\\cliente\\dados de aplicativos\\baidu security\\pc app store\\rpdata\\2013-10-09 19_18_18_[0390]rpdata.dat"=-
"c:\\documents and settings\\cliente\\dados de aplicativos\\baidu security\\pc app store\\rpdata\\2013-10-10 09_38_19_[0515]rpdata.dat"=-
"c:\\documents and settings\\cliente\\dados de aplicativos\\baidu security\\pc app store\\rpdata\\2013-10-10 22_06_56_[0312]rpdata.dat"=-
"c:\\documents and settings\\cliente\\dados de aplicativos\\baidu security\\pc app store\\rpdata\\2013-10-11 15_06_51_[0296]rpdata.dat"=-
"c:\\documents and settings\\cliente\\dados de aplicativos\\baidu security\\pc app store\\rpdata\\2013-10-19 15_52_40_[0562]rpdata.dat"=-
"c:\\documents and settings\\cliente\\dados de aplicativos\\baidu security\\pc app store\\rpdata\\2013-10-19 20_47_12_[0796]rpdata.dat"=-
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC App Store\Setup]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\CleanRecord]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Install]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\InstalledPatchesRecord]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\alluser]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\curuser]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hkcu]
[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hkcu]
"swg_BaiDuSafe_RegType"=-
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm]
[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm]
"Adobe ARM_BaiDuSafe_RegType"=-
[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm]
"HP Component Manager_BaiDuSafe_RegType"=-
[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm]
"HP Software Update_BaiDuSafe_RegType"=-
[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm]
"SoundMan_BaiDuSafe_RegType"=-
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Statistic]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\UUReport]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\DataReport]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\Setup]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Baidu Antivirus]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Baidu PC Faster]
[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Arquivos de programas\\Baidu Security\\Baidu Antivirus\\BavTray.exe"=-
[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Arquivos de programas\\Baidu Security\\Baidu Antivirus\\Investigate.exe"=-
[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Arquivos de programas\\Baidu Security\\Baidu Antivirus\\uninstall.exe"=-
[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Arquivos de programas\\Baidu Security\\Baidu Antivirus\\BavSvc.exe"=-
[-HKEY_USERS\S-1-5-18\Software\Baidu]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BHipsSvc.exe]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\Mini111713-01.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store\3.8.8.1435]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store\3.8.8.1435\LastReportTime]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\DataReport]

==== Deleting Files \ Folders ======================

C:\BaiduDownloads deleted
C:\Arquivos de programas\Baidu Security deleted
C:\Documents and Settings\All Users\Application Data\baidu deleted
C:\Documents and Settings\All Users\Dados de aplicativos\Baidu Security deleted
C:\Documents and Settings\All Users\Documentos\Baidu deleted
C:\Documents and Settings\All Users\Documentos\Baidu Security deleted
C:\Documents and Settings\cliente\Dados de aplicativos\Baidu Security deleted

==== Folders Found ======================

2014-06-25 15:41:14 2014-06-25 15:41:14 -------- d-----w- C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Dados de aplicativos\baidu
2014-06-25 15:41:27 2014-06-25 15:41:27 -------- d-----w- C:\AdwCleaner\Quarantine\C\Documents and Settings\cliente\Dados de aplicativos\baidu
2014-06-25 15:41:27 2014-06-25 15:41:27 -------- d-----w- C:\AdwCleaner\Quarantine\C\Documents and Settings\cliente\Dados de aplicativos\baidu\Baidu Antivirus
2014-06-25 22:55:52 2014-06-25 22:55:52 -------- d---a-w- C:\zoek_backup\C_Arquivos de programas_Baidu Security
2014-06-25 22:55:52 2014-06-25 22:55:52 -------- d---a-w- C:\zoek_backup\C_Arquivos de programas_Baidu Security_Baidu Antivirus
2014-06-25 22:55:50 2014-06-25 22:55:51 -------- d---a-w- C:\zoek_backup\C_BaiduDownloads
2014-06-25 22:55:52 2014-06-25 22:55:52 -------- d---a-w- C:\zoek_backup\C_Documents and Settings_All Users_Application Data_baidu
2014-06-25 22:55:52 2014-06-25 22:56:18 -------- d---a-w- C:\zoek_backup\C_Documents and Settings_All Users_Dados de aplicativos_Baidu Security
2014-06-25 22:56:18 2014-06-25 22:56:18 -------- d---a-w- C:\zoek_backup\C_Documents and Settings_All Users_Documentos_Baidu
2014-06-25 22:56:18 2014-06-25 22:56:18 -------- d---a-w- C:\zoek_backup\C_Documents and Settings_All Users_Documentos_Baidu Security
2014-06-25 22:56:18 2014-06-25 22:56:24 -------- d---a-w- C:\zoek_backup\C_Documents and Settings_cliente_Dados de aplicativos_Baidu Security
2014-06-25 22:56:25 2014-06-25 22:56:25 -------- d---a-w- C:\zoek_backup\C_Documents and Settings_cliente_Dados de aplicativos_Baidu Security_PC Faster_3.7.0.0_Uninstall_Baidu PC Faster Uninstall
2014-06-25 22:56:25 2014-06-25 22:56:25 -------- d---a-w- C:\zoek_backup\C_Documents and Settings_cliente_Dados de aplicativos_Baidu Security_PC Faster_3.7.0.0_Uninstall_Baidu PC Faster Uninstall HK
2014-06-25 22:55:52 2014-06-25 22:55:52 -------- d---a-w- C:\zoek_backup\C_Arquivos de programas_Baidu Security\Baidu Antivirus
2014-06-25 22:56:24 2014-06-25 22:56:24 -------- d---a-w- C:\zoek_backup\C_Documents and Settings_cliente_Dados de aplicativos_Baidu Security\PC Faster\3.7.0.0\Uninstall\Baidu PC Faster Uninstall
2014-06-25 22:56:25 2014-06-25 22:56:25 -------- d---a-w- C:\zoek_backup\C_Documents and Settings_cliente_Dados de aplicativos_Baidu Security\PC Faster\3.7.0.0\Uninstall\Baidu PC Faster Uninstall HK

==== Files Found ======================


--- C:\Documents and Settings\cliente\Cookies\cliente@baidu[1].txt ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 101
Created time: 2014-05-27 01:11:08
Modified time: 2014-05-27 01:11:08
MD5: 5E1C5976E099DD3A974475129AAA45C8
SHA1: C7ADD70276A9386356FFE80EC19CCB313551FA41


--- C:\zoek_backup\C_Documents and Settings_cliente_Cookies_cliente@baidu[1].txt.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 101
Created time: 2014-06-25 22:56:25
Modified time: 2014-05-27 01:11:08
MD5: 5E1C5976E099DD3A974475129AAA45C8
SHA1: C7ADD70276A9386356FFE80EC19CCB313551FA41


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\baidu]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

[HKEY_USERS\.DEFAULT\Software\Baidu Security]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC App Store]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC App Store\3.8.8.1435]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC App Store\3.8.8.1435\Install]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC App Store\3.8.8.1435\Install\173078]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC App Store\DataReport]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hkcu]

[HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm]

[HKEY_USERS\S-1-5-18\Software\Baidu Security]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=161 folders=63 191762393 bytes)

==== EOF on qua 25/06/2014 at 19:57:29,75 ======================
avatar
Fuçador
Membro
Membro

Mensagens : 129
Reputação : 1
Data de inscrição : 30/09/2013

Voltar ao Topo Ir em baixo

Re: Remover istart.webssearches

Mensagem por Power Max em Qua 25 Jun 2014, 21:15

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Qui 26 Jun 2014, 12:58, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Remover istart.webssearches

Mensagem por Fuçador em Qua 25 Jun 2014, 22:28


Zoek.exe v5.0.0.0 Updated 22-06-2014
Tool run by cliente on qua 25/06/2014 at 21:39:34,34.
Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\cliente\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-25-163445.log 28812 bytes
C:\zoek-results2014-06-25-225729.log 24783 bytes

==== System Restore Info ======================

25/6/2014 21:40:12 Zoek.exe System Restore Point Created Succesfully.

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\Antivirus\web]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC App Store]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC App Store\3.8.8.1435]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC App Store\3.8.8.1435\Install]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC App Store\3.8.8.1435\Install\173078]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC App Store\DataReport]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hkcu]
[-HKEY_USERS\S-1-5-21-1417001333-602162358-1801674531-1003\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]

==== Registry Search Results for "Baidu" ======================

No instances of string "Baidu" found.

==== C:\zoek_backup content ======================

C:\zoek_backup (files=161 folders=63 191762393 bytes)

==== EOF on qua 25/06/2014 at 21:40:47,46 ======================
avatar
Fuçador
Membro
Membro

Mensagens : 129
Reputação : 1
Data de inscrição : 30/09/2013

Voltar ao Topo Ir em baixo

Re: Remover istart.webssearches

Mensagem por Power Max em Qua 25 Jun 2014, 22:33

Baixe o programa Junkware Removal Tool no link abaixo:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

Tutorial do Junkware Removal Tool

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Remover istart.webssearches

Mensagem por Fuçador em Qui 26 Jun 2014, 10:31

só nao consegui executar como admistrador pq esse pc é do meu cunhado aqui em goiania, e quando vou executar no modo admnistrador pede uma senha e nao temos essa senha pois ele comprou o pc usado



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x86
Ran by cliente on qui 26/06/2014 at 10:21:07,10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1417001333-602162358-1801674531-1003\Software\sweetim



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on qui 26/06/2014 at 10:28:02,64
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Última edição por Fuçador em Qui 26 Jun 2014, 10:50, editado 1 vez(es)
avatar
Fuçador
Membro
Membro

Mensagens : 129
Reputação : 1
Data de inscrição : 30/09/2013

Voltar ao Topo Ir em baixo

Re: Remover istart.webssearches

Mensagem por Power Max em Qui 26 Jun 2014, 10:36

Faça o download do < ZHPDiag > < [Você precisa estar registrado e conectado para ver esta imagem.]> ( ... de Nicolas Coolman )

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:

[Você precisa estar registrado e conectado para ver esta imagem.]

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

Tutorial de instalação e execução do aplicativo ZHPDiag

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Remover istart.webssearches

Mensagem por Fuçador em Qui 26 Jun 2014, 11:07

~ Relatório do ZHPDiag v2014.6.25.98 - Nicolas Coolman (25/6/2014)
~ Iniciado por cliente (26/6/2014 11:05:01)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Not Found


---\\ Navegadores Internet
MSIE: Internet Explorer v6.0.2900.5512
GCIE: Google Chrome v35.0.1916.153 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO

---\\ Softwares de proteçao do sistema
AVG 2014 v14.0.3972

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: x86 Family 15 Model 4 Stepping 1, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1518 MB (61% free)
System Restore: Activé (Enable)
System drive C: has 52 GB (70%) free of 75 GB

---\\ Modo de conexão ao sistema
~ Computer Name: CLIENTE-D87712E
~ User Name: cliente
~ All Users Names: SUPPORT_388945a0, HelpAssistant, Convidado, cliente, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\cliente\Dados de aplicativos\ZHP\
~ %AppData% : C:\Documents and Settings\cliente\Dados de aplicativos\
~ %Desktop% : C:\Documents and Settings\cliente\Desktop\
~ %Favorites% : C:\Documents and Settings\cliente\Favoritos\
~ %LocalAppData% : C:\Documents and Settings\cliente\Configurações locais\Dados de aplicativos\
~ %StartMenu% : C:\Documents and Settings\cliente\Menu Iniciar\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 52 Go of 75 Go)
D: CD-ROM drive (Not Inserted)
E: Hard drive, Flash drive, Thumb drive (Free 149 Go of 149 Go)



---\\ Estado do Centro de Segurança do Windows
~ Security Center: 44 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.064EC7FF5F58B928C3E119402977FA6D] - (.Microsoft Corporation - Windows Explorer.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\Explorer.exe [1035776]
[MD5.DF6D0F37A71883BE3505DD517EB8AD83] - (.Microsoft Corporation - Internet Extensions para Win32.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\wininet.dll [668160]
[MD5.71D440F79B711627B12B567FB2EADB42] - (.Microsoft Corporation - Aplicativo de logon do Windows NT.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [509952]
[MD5.322D0E36693D6E24A2398BEE62A268CD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138112]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.A8D31E836CCF2F51009CE7DFFECF6D51] - (.Microsoft Corporation - FIPS Crypto Driver.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.485BC6BEB778B5E9702E6AA3D384C0CB] - (.Microsoft Corporation - Driver de porta i8042.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [53504]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.68755F0FF16070178B54674FE5B847B0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456576]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.9BADEE6B698BF1AF36E25A1A64A89EAB] - (.Microsoft Corporation - Driver de porta paralela.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/4/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.68D749B04BFBBD4D4D15CC5185AFA4DD] - (.Microsoft Corporation - Redbook Audio Filter Driver.) (.13/4/2008 - 15:53:18.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58240]
[MD5.EB6B1E2C984D84470FF4FE7EF98CD44A] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53248]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/2
~ Mes musiques (My Musics) : 1/3
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 1/121
~ Mon Bureau (My Desktop) : 0/1274
~ Menu demarrer (Programs) : 1/27
~ Hidden Files: Scanned in 00mn 01s



---\\ Processos lançados
[MD5.FD32127449AF0B96EBECA3CAAB74E423] - (.HP - No Comment.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [172032] [PID.580]
[MD5.3E2142D5AF7492EA16D4D96ECBDE790D] - (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.exe [577536] [PID.616]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe [254336] [PID.200]
[MD5.58F7F8D02D438B5AAE4005FE81DE30CF] - (.Nero AG - Nero Home.) -- C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe [1840424] [PID.1048]
[MD5.B9436A665A8621073A12338B16D7BFD4] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe [182696] [PID.1432]
[MD5.78073F606AE3B24F6C1F555759AA8511] - (.Nero AG - Nero BackItUp.) -- C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe [877864] [PID.1668]
[MD5.875E4E0661F3A5994DF9E5E3A0A4F96B] - (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) -- C:\WINDOWS\system32\IoctlSvc.exe [81920] [PID.1904]
[MD5.37A39E3271842BAE754540FE004D9CB5] - (.Nero AG - Nero Home.) -- C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe [537896] [PID.816]
[MD5.7DCE7A74764EB7C67D21A32BC579453D] - (.Oracle Corporation - Java(TM) Update Checker.) -- C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jucheck.exe [507264] [PID.792]
[MD5.A5FCD42334CCC682DA1882A54338686C] - (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe [860488] [PID.3352]
[MD5.1F62DCBF33A67CAA5E68ADECBB25C3C7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Arquivos de programas\ZHPDiag\ZHPDiag.exe [8071680] [PID.556]
~ Processes Running: Scanned in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 19



---\\ Barras do Internet Explorer (03))
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Chave orfã
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Chave orfã
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Chave orfã
~ Toolbar: Scanned in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [SiSPower] . (.Silicon Integrated Systems Corporation - Dynamic link library for setting Power Sche.) -- C:\WINDOWS\system32\SiSPower.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] . (.HP - No Comment.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [fst_br_3] Chave orfã
O4 - HKLM\..\Run: [upfst_br_3.exe] C:\Documents and Settings\cliente\Configurações locais\Dados de aplicativos\fst_br_3\upfst_br_3.exe (.not file.)
O4 - HKLM\..\Run: [SoundMan] . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.exe
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] . (.Nero AG - Nero BackItUp.) -- C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
O4 - HKLM\..\Run: [KernelFaultCheck] Chave orfã
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-1417001333-602162358-1801674531-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1417001333-602162358-1801674531-1003\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-1417001333-602162358-1801674531-1003\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe
~ Application: Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Arquivos de programas\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Chave orfã
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Arquivos de programas\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Piratagem da Opção " Redefinir Configurações da Web " (014)
O14 - IERESET.INF: SEARCH_PAGE_URL=SEARCH_PAGE_URL="&http://home.microsoft.com/intl/br/access/allinone.asp"
O14 - IERESET.INF: SAFESITE_VALUE=SAFESITE_VALUE="search.msn.com.br"
~ IE Paramètres WEB: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{011B3690-11D2-46AA-A25F-85BAB628E9B4}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{011B3690-11D2-46AA-A25F-85BAB628E9B4}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{011B3690-11D2-46AA-A25F-85BAB628E9B4}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agente de rede off-line.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL de notificação do serviço de logon secu.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Chave do Registo autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Biblioteca da interface de usuário do naveg.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Pré-carregador Browseui - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioteca da interface de usuário do naveg.) -- C:\WINDOWS\system32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s



---\\ Enumeração Ativa do Ambiente de trabalho & Editor MHTML (024)
O24 - Desktop Component 0: Minha página inicial atual - file:About:Home
O24 - Desktop General: BackupWallPaper - .(...) - C:\WINDOWS\web\wallpaper\Alegria.bmp
O24 - Desktop General: WallPaper - .(...) - C:\WINDOWS\web\wallpaper\Alegria.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s



---\\ Tarefas planificadas automaticamente (039)
O39 - APT: - (..) -- C:\WINDOWS\Tasks\060184C3-9766-46a0-B258-F4518A0B2633.job [456]
~ Scheduled Task: 6 Legitimates Filtered in 00mn 00s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (Bnbase) . (. - .) - C:\WINDOWS\system32\drivers\bnbase.sys (.not file.)
~ Drivers: 66 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: Ask Toolbar - (.APN, LLC.) [HKLM] -- {4F524A2D-5637-4300-76A7-A758B70C0F01} =>Toolbar.Avira
~ Logic: 15 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 8/10/2013 - 17:18:49 - [] ----D C:\Arquivos de programas\Serviços on-line
O43 - CFD: 8/10/2013 - 17:18:12 - [] ----D C:\Arquivos de programas\Arquivos comuns\Serviços
O43 - CFD: 8/10/2013 - 17:28:11 - [] R---D C:\Documents and Settings\cliente\Menu Iniciar\Programas\Acessórios
O43 - CFD: 14/5/2014 - 10:56:50 - [] R---D C:\Documents and Settings\cliente\Menu Iniciar\Programas\Inicializar
~ Program Folder: 79 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.DBFD437D23A55C0734C0D8D19A62FF0D] - 19/6/2014 - 13:57:15 ---A- . (...) -- C:\WINDOWS\wmsetup.log [44454]
O44 - LFC:[MD5.0DC5AF80D059DEC792B665ED598C6567] - 25/6/2014 - 12:25:27 ---A- . (.SQLite Development Team - SQLite Dynamic Link Library (No TCL).) -- C:\WINDOWS\system32\sqlite3.dll [536576]
O44 - LFC:[MD5.E014E44D126A4701F4D9BDC78952B99F] - 25/6/2014 - 13:34:45 ---A- . (...) -- C:\zoek-results2014-06-25-163445.log [28812]
O44 - LFC:[MD5.25F81C74E33853869EA70705B3326028] - 25/6/2014 - 19:57:29 ---A- . (...) -- C:\zoek-results2014-06-25-225729.log [24783]
O44 - LFC:[MD5.7388926CE7DFED19928F98610C838733] - 25/6/2014 - 21:40:47 ---A- . (...) -- C:\zoek-results.log [3124]
O44 - LFC:[MD5.6C9E0F5197F4E686F7C672F5073D55B7] - 26/6/2014 - 10:18:04 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.C7610CE42FD9BBC058D3AA6185A5C469] - 26/6/2014 - 10:18:04 ---A- . (...) -- C:\WINDOWS\wiaservc.log [49]
~ Files: 19 Legitimates Filtered in 00mn 02s



---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:8/10/2013 - 17:43:33 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswSnx.sys.sum [175]
O58 - SDL:8/10/2013 - 17:43:33 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswSP.sys.sum [175]
O58 - SDL:8/10/2013 - 17:43:33 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswVmm.sys.sum [175] =>.ALWIL Software
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C 1.2 WDM Main Driver.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys [262528]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\hdaudbus.sys [144384]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys [17792]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\Drivers\vdmindvd.sys [58112]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9032]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4896]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27900]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [33984]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
~ Drivers: 42 Legitimates Filtered in 00mn 02s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 10 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Arquivos de programas\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.954EEB12152F96B6C76240AA5A848FF7] [SPRF][25/6/2014] (...) -- C:\Documents and Settings\cliente\Desktop\AdwCleaner.exe [1342659]
[MD5.352E8561E633B17ED22012366721FFDC] [SPRF][25/6/2014] (...) -- C:\Documents and Settings\cliente\Desktop\zoek.exe [1285120]
~ Files: 5 Legitimates Filtered in 00mn 00s



---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "D2A425F473650034677A7A857BC0F010" . (.Ask Toolbar.) -- C:\WINDOWS\Installer\{4F524A2D-5637-4300-76A7-A758B70C0F01}\ToolbarIcon.exe =>Toolbar.Ask
~ Update Products: 1 Legitimates Filtered in 00mn 00s



---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.AF958D73F022FB44D6B87AC01B98130A] [WIS][25/6/2014] (.APN, LLC - Ask Toolbar.) -- C:\Windows\Installer\896a8.msi [480768] =>Toolbar.Avira
~ WIS: 1 Legitimates Filtered in 00mn 02s



---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{1070C156-160B-47A0-B7D9-1860396BAB57}] (SaveSenseLive Broker Class Factory) =>PUP.SaveSense
[HKCR\CLSID\{27CE191D-733B-4450-AFCD-096D105288C3}] (SaveSenseLive.OneClickProcessLauncher) =>PUP.SaveSense
[HKCR\CLSID\{39A29266-D3E4-462D-AB05-F93B1053F6CF}] (SaveSenseLive Legacy On Demand) =>PUP.SaveSense
[HKCR\CLSID\{73192D81-6D24-4C40-BF7B-2507C6FA0B1A}] (SaveSenseLive Core Class) =>PUP.SaveSense
[HKCR\CLSID\{88C606E7-BA26-41CB-8CC3-D1E313E34E75}] (SaveSenseLive Process Launcher Class) =>PUP.SaveSense
[HKCR\CLSID\{9E0546FF-D44F-4FE4-A324-995FCACB8D33}] (SaveSenseLive Broker Class Factory) =>PUP.SaveSense
[HKCR\CLSID\{F4B8D46C-4EEE-401B-8607-DC03025F34B1}] (SaveSenseLive Core Class) =>PUP.SaveSense
~ BCK: 4841 Legitimates Filtered in 00mn 12s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 10/7/1658 0 | (aspnet_state) . (...) - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
SS - | Demand 14/4/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Auto 8/10/2013 116648 | (gupdate) . (.Google Inc..) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
SS - | Demand 8/10/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
SS - | Demand 8/10/2013 194032 | (gusvc) . (.Google.) - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 25/7/2013 162672 | (SkypeUpdate) . (.Skype Technologies.) - C:\Arquivos de programas\Skype\Updater\Updater.exe
SR - | Auto 18/12/2013 182696 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Arquivos de programas\Java\jre7\bin\jqs.exe
SR - | Auto 2/12/2008 877864 | (Nero BackItUp Scheduler 3) . (.Nero AG.) - C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe
SR - | Demand 25/3/2009 537896 | (NMIndexingService) . (.Nero AG.) - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe
SR - | Auto 19/12/2006 81920 | (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\WINDOWS\system32\IoctlSvc.exe
~ Services: Scanned in 00mn 12s



---\\ Scâner Aditional (088)
Database Version : 13026 - (25/6/2014)
Clés trouvées (Keys found) : 2
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 8

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5637-4300-76A7-A758B70C0F01}] =>Toolbar.Avira^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\FilesFrog Update Checker] =>Adware.Agent
C:\Windows\Installer\896a8.msi =>Toolbar.Avira^
[HKCR\CLSID\{1070C156-160B-47A0-B7D9-1860396BAB57}] (SaveSenseLive Broker Class Factory) =>PUP.SaveSense^
[HKCR\CLSID\{27CE191D-733B-4450-AFCD-096D105288C3}] (SaveSenseLive.OneClickProcessLauncher) =>PUP.SaveSense^
[HKCR\CLSID\{39A29266-D3E4-462D-AB05-F93B1053F6CF}] (SaveSenseLive Legacy On Demand) =>PUP.SaveSense^
[HKCR\CLSID\{73192D81-6D24-4C40-BF7B-2507C6FA0B1A}] (SaveSenseLive Core Class) =>PUP.SaveSense^
[HKCR\CLSID\{88C606E7-BA26-41CB-8CC3-D1E313E34E75}] (SaveSenseLive Process Launcher Class) =>PUP.SaveSense^
[HKCR\CLSID\{9E0546FF-D44F-4FE4-A324-995FCACB8D33}] (SaveSenseLive Broker Class Factory) =>PUP.SaveSense^
[HKCR\CLSID\{F4B8D46C-4EEE-401B-8607-DC03025F34B1}] (SaveSenseLive Core Class) =>PUP.SaveSense^
~ Additionnel Scan: 139052 Items scanned in 00mn 30s



---\\ Informações complémentaires do módulos
~ [Você precisa estar registrado e conectado para ver este link.] =>.Internet Explorer, Gestão do Proxy (R5)
~ [Você precisa estar registrado e conectado para ver este link.] =>.Barras do Internet Explorer (03))
~ [Você precisa estar registrado e conectado para ver este link.] =>.Aplicações iniciadas por registo & pastas (04)
~ [Você precisa estar registrado e conectado para ver este link.] =>.Image File Execution Options (IFEO) (O50)
~ AMI: 4 Legitimates Filtered in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.] =>Toolbar.Ask
[Você precisa estar registrado e conectado para ver este link.] =>PUP.SaveSense
~ MSI: 2 link(s) detected in 00mn 00s



~ 618 Legitimates filtered by white list
End of the scan (435 lines in 01mn 09s)(0)
avatar
Fuçador
Membro
Membro

Mensagens : 129
Reputação : 1
Data de inscrição : 30/09/2013

Voltar ao Topo Ir em baixo

Re: Remover istart.webssearches

Mensagem por Power Max em Qui 26 Jun 2014, 11:58

 Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:

Escolhendo Programas que Iniciam com o PC

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC.
______________________________________________________________________________________

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.


Última edição por Power Max em Qui 26 Jun 2014, 12:58, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Remover istart.webssearches

Mensagem por Fuçador em Qui 26 Jun 2014, 12:13

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by cliente at 26/6/2014 12:12:10
High Elevated Privileges : OK
Windows XP Professional Service Pack 3 (Build 2600)

Reciclagem vazia (00mn 01s)
Reparação de atalhos do navegador

========== Chaves do Registo ==========
ELIMINÉ Driver Key: Bnbase

========== Valores do Registo ==========
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ Temporários windows (0) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
1 : Chaves do Registo
6 : Valores do Registo
1 : Pastas
2 : Ficheiros
1 : Restauração Sistema


End of clean in 00mn 05s

========== Caminho do ficheiro do relatório ==========
C:\Documents and Settings\cliente\Dados de aplicativos\ZHP\ZHPFix[R1].txt - 26/6/2014 12:11:52 [2759]
C:\Documents and Settings\cliente\Dados de aplicativos\ZHP\ZHPFix[R2].txt - 26/6/2014 12:12:12 [1217]
avatar
Fuçador
Membro
Membro

Mensagens : 129
Reputação : 1
Data de inscrição : 30/09/2013

Voltar ao Topo Ir em baixo

Re: Remover istart.webssearches

Mensagem por Power Max em Qui 26 Jun 2014, 12:33

Abra novamente o ( ZHPDiag )

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Você precisa estar registrado e conectado para ver esta imagem.]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Remover istart.webssearches

Mensagem por Fuçador em Qui 26 Jun 2014, 12:43

~ Relatório do ZHPDiag v2014.6.25.98 - Nicolas Coolman (25/6/2014)
~ Iniciado por cliente (26/6/2014 12:42:18)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Not Found


---\\ Navegadores Internet
MSIE: Internet Explorer v6.0.2900.5512
GCIE: Google Chrome v35.0.1916.153 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO

---\\ Softwares de proteçao do sistema
AVG 2014 v14.0.3972

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: x86 Family 15 Model 4 Stepping 1, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1518 MB (48% free)
System Restore: Activé (Enable)
System drive C: has 52 GB (70%) free of 75 GB

---\\ Modo de conexão ao sistema
~ Computer Name: CLIENTE-D87712E
~ User Name: cliente
~ All Users Names: SUPPORT_388945a0, HelpAssistant, Convidado, cliente, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\cliente\Dados de aplicativos\ZHP\
~ %AppData% : C:\Documents and Settings\cliente\Dados de aplicativos\
~ %Desktop% : C:\Documents and Settings\cliente\Desktop\
~ %Favorites% : C:\Documents and Settings\cliente\Favoritos\
~ %LocalAppData% : C:\Documents and Settings\cliente\Configurações locais\Dados de aplicativos\
~ %StartMenu% : C:\Documents and Settings\cliente\Menu Iniciar\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 52 Go of 75 Go)
D: CD-ROM drive (Not Inserted)
E: Hard drive, Flash drive, Thumb drive (Free 149 Go of 149 Go)



---\\ Estado do Centro de Segurança do Windows
~ Security Center: 44 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.064EC7FF5F58B928C3E119402977FA6D] - (.Microsoft Corporation - Windows Explorer.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\Explorer.exe [1035776]
[MD5.DF6D0F37A71883BE3505DD517EB8AD83] - (.Microsoft Corporation - Internet Extensions para Win32.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\wininet.dll [668160]
[MD5.71D440F79B711627B12B567FB2EADB42] - (.Microsoft Corporation - Aplicativo de logon do Windows NT.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [509952]
[MD5.322D0E36693D6E24A2398BEE62A268CD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138112]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.A8D31E836CCF2F51009CE7DFFECF6D51] - (.Microsoft Corporation - FIPS Crypto Driver.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.485BC6BEB778B5E9702E6AA3D384C0CB] - (.Microsoft Corporation - Driver de porta i8042.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [53504]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.68755F0FF16070178B54674FE5B847B0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456576]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.9BADEE6B698BF1AF36E25A1A64A89EAB] - (.Microsoft Corporation - Driver de porta paralela.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/4/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.68D749B04BFBBD4D4D15CC5185AFA4DD] - (.Microsoft Corporation - Redbook Audio Filter Driver.) (.13/4/2008 - 15:53:18.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58240]
[MD5.EB6B1E2C984D84470FF4FE7EF98CD44A] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53248]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/2
~ Mes musiques (My Musics) : 1/3
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 1/122
~ Mon Bureau (My Desktop) : 0/1275
~ Menu demarrer (Programs) : 1/27
~ Hidden Files: Scanned in 00mn 00s



---\\ Processos lançados
[MD5.FD32127449AF0B96EBECA3CAAB74E423] - (.HP - No Comment.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [172032] [PID.580]
[MD5.3E2142D5AF7492EA16D4D96ECBDE790D] - (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.exe [577536] [PID.616]
[MD5.58F7F8D02D438B5AAE4005FE81DE30CF] - (.Nero AG - Nero Home.) -- C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe [1840424] [PID.1048]
[MD5.78073F606AE3B24F6C1F555759AA8511] - (.Nero AG - Nero BackItUp.) -- C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe [877864] [PID.1668]
[MD5.875E4E0661F3A5994DF9E5E3A0A4F96B] - (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) -- C:\WINDOWS\system32\IoctlSvc.exe [81920] [PID.1904]
[MD5.37A39E3271842BAE754540FE004D9CB5] - (.Nero AG - Nero Home.) -- C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe [537896] [PID.816]
[MD5.A5FCD42334CCC682DA1882A54338686C] - (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe [860488] [PID.3476]
[MD5.1F62DCBF33A67CAA5E68ADECBB25C3C7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Arquivos de programas\ZHPDiag\ZHPDiag.exe [8071680] [PID.2780]
~ Processes Running: Scanned in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 19



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [SiSPower] . (.Silicon Integrated Systems Corporation - Dynamic link library for setting Power Sche.) -- C:\WINDOWS\system32\SiSPower.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] . (.HP - No Comment.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [SoundMan] . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.exe
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] . (.Nero AG - Nero BackItUp.) -- C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-1417001333-602162358-1801674531-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1417001333-602162358-1801674531-1003\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-1417001333-602162358-1801674531-1003\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe
~ Application: Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Arquivos de programas\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Chave orfã
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Arquivos de programas\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Piratagem da Opção " Redefinir Configurações da Web " (014)
O14 - IERESET.INF: SEARCH_PAGE_URL=SEARCH_PAGE_URL="&http://home.microsoft.com/intl/br/access/allinone.asp"
O14 - IERESET.INF: SAFESITE_VALUE=SAFESITE_VALUE="search.msn.com.br"
~ IE Paramètres WEB: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{011B3690-11D2-46AA-A25F-85BAB628E9B4}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{011B3690-11D2-46AA-A25F-85BAB628E9B4}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{011B3690-11D2-46AA-A25F-85BAB628E9B4}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agente de rede off-line.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL de notificação do serviço de logon secu.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Chave do Registo autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Biblioteca da interface de usuário do naveg.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Pré-carregador Browseui - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioteca da interface de usuário do naveg.) -- C:\WINDOWS\system32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s



---\\ Enumeração Ativa do Ambiente de trabalho & Editor MHTML (024)
O24 - Desktop Component 0: Minha página inicial atual - file:About:Home
O24 - Desktop General: BackupWallPaper - .(...) - C:\WINDOWS\web\wallpaper\Alegria.bmp
O24 - Desktop General: WallPaper - .(...) - C:\WINDOWS\web\wallpaper\Alegria.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 8/10/2013 - 17:18:49 - [] ----D C:\Arquivos de programas\Serviços on-line
O43 - CFD: 8/10/2013 - 17:18:12 - [] ----D C:\Arquivos de programas\Arquivos comuns\Serviços
O43 - CFD: 8/10/2013 - 17:28:11 - [] R---D C:\Documents and Settings\cliente\Menu Iniciar\Programas\Acessórios
O43 - CFD: 14/5/2014 - 10:56:50 - [] R---D C:\Documents and Settings\cliente\Menu Iniciar\Programas\Inicializar
~ Program Folder: 79 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.DBFD437D23A55C0734C0D8D19A62FF0D] - 19/6/2014 - 13:57:15 ---A- . (...) -- C:\WINDOWS\wmsetup.log [44454]
O44 - LFC:[MD5.0DC5AF80D059DEC792B665ED598C6567] - 25/6/2014 - 12:25:27 ---A- . (.SQLite Development Team - SQLite Dynamic Link Library (No TCL).) -- C:\WINDOWS\system32\sqlite3.dll [536576]
O44 - LFC:[MD5.E014E44D126A4701F4D9BDC78952B99F] - 25/6/2014 - 13:34:45 ---A- . (...) -- C:\zoek-results2014-06-25-163445.log [28812]
O44 - LFC:[MD5.25F81C74E33853869EA70705B3326028] - 25/6/2014 - 19:57:29 ---A- . (...) -- C:\zoek-results2014-06-25-225729.log [24783]
O44 - LFC:[MD5.7388926CE7DFED19928F98610C838733] - 25/6/2014 - 21:40:47 ---A- . (...) -- C:\zoek-results.log [3124]
O44 - LFC:[MD5.6C9E0F5197F4E686F7C672F5073D55B7] - 26/6/2014 - 10:18:04 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.C7610CE42FD9BBC058D3AA6185A5C469] - 26/6/2014 - 10:18:04 ---A- . (...) -- C:\WINDOWS\wiaservc.log [49]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 26/6/2014 - 11:12:22 ---A- . (...) -- C:\WINDOWS\system32\jupdate-1.7.0_60-b19.log [0]
~ Files: 20 Legitimates Filtered in 00mn 01s



---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:8/10/2013 - 17:43:33 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswSnx.sys.sum [175]
O58 - SDL:8/10/2013 - 17:43:33 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswSP.sys.sum [175]
O58 - SDL:8/10/2013 - 17:43:33 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswVmm.sys.sum [175] =>.ALWIL Software
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C 1.2 WDM Main Driver.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys [262528]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\hdaudbus.sys [144384]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys [17792]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\Drivers\vdmindvd.sys [58112]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9032]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4896]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27900]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [33984]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
~ Drivers: 42 Legitimates Filtered in 00mn 00s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 10 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Arquivos de programas\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.954EEB12152F96B6C76240AA5A848FF7] [SPRF][25/6/2014] (...) -- C:\Documents and Settings\cliente\Desktop\AdwCleaner.exe [1342659]
[MD5.352E8561E633B17ED22012366721FFDC] [SPRF][25/6/2014] (...) -- C:\Documents and Settings\cliente\Desktop\zoek.exe [1285120]
~ Files: 5 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 10/7/1658 0 | (aspnet_state) . (...) - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
SS - | Demand 14/4/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Auto 8/10/2013 116648 | (gupdate) . (.Google Inc..) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
SS - | Demand 8/10/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
SS - | Demand 8/10/2013 194032 | (gusvc) . (.Google.) - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 25/7/2013 162672 | (SkypeUpdate) . (.Skype Technologies.) - C:\Arquivos de programas\Skype\Updater\Updater.exe
SR - | Auto 2/12/2008 877864 | (Nero BackItUp Scheduler 3) . (.Nero AG.) - C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe
SR - | Demand 25/3/2009 537896 | (NMIndexingService) . (.Nero AG.) - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe
SR - | Auto 19/12/2006 81920 | (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\WINDOWS\system32\IoctlSvc.exe
~ Services: Scanned in 00mn 10s



---\\ Scâner Aditional (088)
Database Version : 13026 - (25/6/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

~ Additionnel Scan: 130965 Items scanned in 00mn 26s



---\\ Informações complémentaires do módulos
~ [Você precisa estar registrado e conectado para ver este link.] =>.Internet Explorer, Gestão do Proxy (R5)
~ [Você precisa estar registrado e conectado para ver este link.] =>.Aplicações iniciadas por registo & pastas (04)
~ [Você precisa estar registrado e conectado para ver este link.] =>.Image File Execution Options (IFEO) (O50)
~ AMI: 3 Legitimates Filtered in 00mn 00s



~ 606 Legitimates filtered by white list
End of the scan (360 lines in 00mn 52s)(0)
avatar
Fuçador
Membro
Membro

Mensagens : 129
Reputação : 1
Data de inscrição : 30/09/2013

Voltar ao Topo Ir em baixo

Re: Remover istart.webssearches

Mensagem por Power Max em Qui 26 Jun 2014, 12:48

Como está o PC depois destes procedimentos?

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Remover istart.webssearches

Mensagem por Fuçador em Qui 26 Jun 2014, 12:54

Max vc é o cara sumiu ask e esse istartwebssearches entre outros
apesar de ser um celeron esta rodando perfeito
eu e meu cunhado estamos muito grato
vlw outra vez!
avatar
Fuçador
Membro
Membro

Mensagens : 129
Reputação : 1
Data de inscrição : 30/09/2013

Voltar ao Topo Ir em baixo

Re: Remover istart.webssearches

Mensagem por Power Max em Qui 26 Jun 2014, 12:56

isso aí! Fico feliz que o problema tenha sido resolvido.

Só para finalizar siga estes tutoriais abaixo, por gentileza:

Excluindo erros e otimizando seu PC com o CCleaner

Elimine arquivos inúteis de seu PC com o PureRa
_______________________________________________________________________________________________________________________

Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas deste tutorial.
_______________________________________________________________________________________________________________________

Foi um prazer ajudar. Conte sempre conosco!

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Remover istart.webssearches

Mensagem por Power Max em Qui 26 Jun 2014, 12:59

CASO RESOLVIDO

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da Equipe da Moderação solicitando o desbloqueio.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Remover istart.webssearches

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum