excluir o snap do

Olá amigos,

Gostaria de saber como proceder para excluir o snap do

Cordialmente,

PAulo

Boa Tarde! plins

< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >

> Poste o log do HijackThis,segundo a [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].

A+

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:56:58, on 17/10/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Users\Paulo Lins\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\RCP\RegCleanPro.exe
C:\Program Files (x86)\SupTab\HpUI.exe
C:\Program Files (x86)\SupTab\Loader32.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Paulo Lins\Downloads\HijackThis (4).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll
O2 - BHO: snipsmart - {68261aaa-dc9f-4c2b-a168-c323e304c3a2} - C:\Program Files (x86)\snipsmart\snipsmartbho.dll (file missing)
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: ASUS Browser Extension x86 - {78234974-0C4B-4111-BDEB-D9A104418771} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Paulo Lins\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Paulo Lins\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_786A8DA1FE86752365222017D93E6EDF] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [Browser Infrastructure Helper] C:\Users\Paulo Lins\AppData\Local\Smartbar\Application\Shopop.exe startup
O4 - HKCU\..\RunOnce: [Application Restart #5] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --restore-last-session -- [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe
O8 - Extra context menu item: &Enviar para o OneNote - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: Append Link Target to Existing PDF - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Console Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Agendamento (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: YAC Service (iSafeService) - Elex do Brasil Participações Ltda - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LPT System Updater Service (LPTSystemUpdater) - Unknown owner - C:\Program Files (x86)\LPT\srpts.exe
O23 - Service: mental ray Satellite for Autodesk 3ds Max 2014 64-bit (mi-raysat_3dsmax2014_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update snipsmart - Unknown owner - C:\Program Files (x86)\snipsmart\updatesnipsmart.exe (file missing)
O23 - Service: Util snipsmart - Unknown owner - C:\Program Files (x86)\snipsmart\bin\utilsnipsmart.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Wacom Professional Service (WTabletServicePro) - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 18785 bytes

Muito obrigado

Boa Tarde! plins

> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... par Xplode )
>
> Ou daqui: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> Ao acessar,clique em "Download Now".
>
> Salve-o no desktop!

< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >

> Clique direito em adwcleaner.exe,e escolha sua execução como administrador.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Ps: Dê início ao scan,clicando em "Examinar". 

< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >

> Ao concluir,clique "Limpar" >> Ok >> Ok >> Ok.
> Copie o log ou clique "Relatório".
> Poste: < C:\AdwCleaner\AdwCleaner[S0].txt > 

A+

Segue o log...

# AdwCleaner v4.000 - Relatório criado 17/10/2014 às 17:07:24
# DB v2014-10-17.9
# Atualizado 12/10/2014 por Xplode
# Sistema Operacional : Windows 7 Professional Service Pack 1 (64 bits)
# Usuário : Paulo Lins - PAULOLINS-PC
# Executando de : C:\Users\Paulo Lins\Downloads\AdwCleaner (1).exe
# Opção : Limpar

***** [ Serviços ] *****

Serviço Deletada : IePluginServices
Serviço Deletada : LPTSystemUpdater
Serviço Deletada : WindowsMangerProtect
[#] Serviço Deletada : Update snipsmart
[#] Serviço Deletada : Util snipsmart
Serviço Deletada : {6ccfd995-07be-49cf-8ad6-1422dc08761a}Gw64
Serviço Deletada : {f8290414-c8ea-4713-a233-52a7037a2967}Gw64

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\Program Files (x86)\ASP
Pasta Deletada : C:\ProgramData\IePluginServices
Pasta Deletada : C:\Users\PAULOL~1\AppData\Local\Temp\iSafeRightKeyScan
Pasta Deletada : C:\Program Files (x86)\LPT
Pasta Deletada : C:\Users\Paulo Lins\AppData\Local\LPT
[!] Pasta Deletada : C:\Program Files (x86)\SupTab
Pasta Deletada : C:\ProgramData\Systweak
Pasta Deletada : C:\Users\Paulo Lins\AppData\Roaming\Systweak
Pasta Deletada : C:\Users\Paulo Lins\AppData\Roaming\VOPackage
Pasta Deletada : C:\Users\Paulo Lins\AppData\Roaming\webssearches
Pasta Deletada : C:\ProgramData\WindowsMangerProtect
[!] Pasta Deletada : C:\Program Files (x86)\Elex-tech
[!] Pasta Deletada : C:\Users\Paulo Lins\AppData\Roaming\Elex-tech
Pasta Deletada : C:\Users\Paulo Lins\AppData\Roaming\RHEng
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced-System Protector
Pasta Deletada : C:\Program Files (x86)\snipsmart
Pasta Deletada : C:\Users\PAULOL~1\AppData\Local\Temp\snipsmart
Pasta Deletada : C:\Program Files (x86)\Zippy Zarp
Pasta Deletada : C:\Users\Paulo Lins\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio
Pasta Deletada : C:\Users\Paulo Lins\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Pasta Deletada : C:\Users\Paulo Lins\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
[!] Pasta Deletada : C:\Users\Paulo Lins\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Arquivo Deletada : C:\Users\Public\Desktop\advanced-System Protector.lnk
Arquivo Deletada : C:\Users\Paulo Lins\Desktop\Configure VO Package.lnk
Arquivo Deletada : C:\Windows\System32\drivers\iSafeKrnlBoot.sys
Arquivo Deletada : C:\Windows\System32\log\iSafeKrnlCall.log
Arquivo Deletada : C:\Windows\System32\roboot64.exe
Arquivo Deletada : C:\Windows\System32\sasnative64.exe
Arquivo Deletada : C:\Users\Public\Desktop\YAC.lnk
Arquivo Deletada : C:\Users\Paulo Lins\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\YAC.lnk
Arquivo Deletada : C:\Windows\System32\\drivers\{6ccfd995-07be-49cf-8ad6-1422dc08761a}Gw64.sys
Arquivo Deletada : C:\Windows\System32\\drivers\{f8290414-c8ea-4713-a233-52a7037a2967}Gw64.sys

***** [ Tarefas ] *****

Tarefa Deletedo : advanced-System Protector_startup

***** [ Atalhos ] *****

Atalho Desinfectada : C:\Users\Paulo Lins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Atalho Desinfectada : C:\Users\Paulo Lins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Inicializador de aplicativos do Google Chrome.lnk
Atalho Desinfectada : C:\Users\Paulo Lins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk

***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Chave Deletedo : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.bho
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\updatesnipsmart_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\updatesnipsmart_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\utilsnipsmart_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\utilsnipsmart_RASMANCS
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update snipsmart
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util snipsmart
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update Zippy Zarp
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util Zippy Zarp
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{68261aaa-dc9f-4c2b-a168-c323e304c3a2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4086DF47-C0E9-4EA0-A7E4-FDD954B182A1}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{9863E762-BACC-46E4-8CAA-2A6ADA06B65B}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{0c8e7de5-d3f4-4ff0-be7d-2547ff22a3bb}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68261aaa-dc9f-4c2b-a168-c323e304c3a2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EF41A4-BA24-4E49-A2C0-E1D047299287}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{130CCD34-0382-48E5-B307-0E7E72166828}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{26D25DD5-F17A-4D93-9A94-997E2124EEB4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{30279F40-D76B-443C-A34D-F43B35B35CE1}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{5411D116-5A37-47D4-B154-5F7FCD9062F0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{796D0AA0-DC0E-44C9-A398-C874F04D55A4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{CE2102F0-DF63-452E-9CA7-0F75FF4DDD4B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{DADFCC6F-66D2-4E1D-A01B-7064CAD2F583}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBE666C3-F26C-4CF6-8ABA-3D5F5D2625E1}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{4086DF47-C0E9-4EA0-A7E4-FDD954B182A1}
Chave Deletedo : HKCU\Software\smartbarlog
Chave Deletedo : HKCU\Software\SupHpUISoft
Chave Deletedo : HKCU\Software\systweak
Chave Deletedo : HKCU\Software\snipsmart
Chave Deletedo : HKCU\Software\Zippy Zarp
Chave Deletedo : HKLM\SOFTWARE\SupDp
Chave Deletedo : HKLM\SOFTWARE\SupTab
Chave Deletedo : HKLM\SOFTWARE\supWindowsMangerProtect
Chave Deletedo : HKLM\SOFTWARE\supWPM
Chave Deletedo : HKLM\SOFTWARE\systweak
Chave Deletedo : HKLM\SOFTWARE\webssearchesSoftware
Chave Deletedo : HKLM\SOFTWARE\snipsmart
Chave Deletedo : HKLM\SOFTWARE\Zippy Zarp
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E6B105B8-1F65-4428-9397-1DFD8A03B94D}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webssearches uninstall
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~4A5BE654_is1
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\snipsmart
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Zippy Zarp
Chave Deletedo : HKLM\SOFTWARE\Classes\Installer\Features\BD04C21DD7DC68D42958E5F22E63394E
Chave Deletedo : HKLM\SOFTWARE\Classes\Installer\Products\BD04C21DD7DC68D42958E5F22E63394E
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C19AC53289098045B06B0DD1D37CBAB
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23D9E9D21B4E77E41B9F50DD22F24E20
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23EEA1F105A7F45449974D9B95E7AC89
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26982796A8AFD1246B95E00265A95BF9
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\32DA746012E6D4F488AAD113D6FA4A44
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3FB1AAC4382437047A03618BF727B859
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\42D92D0D75AFEF74297E03876C8D9D33
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50FFE845C555A6E4BADB7CB7A145BFEB
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\715A3348920B6534690067594BB69F60
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7B7B13B037A7C2A42AC3E3EAF14D7107
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7D05B2942E9CC80499F397F6114DFB35
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8591B8948E1C4A04F90505B3CDEE8555
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D841C5FEC311624CB88D49DB3884FA7
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD746BF3B3B3FD8409B86604BA85982A
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F355F0DB7A2E3A14B8E7A568FBA25937
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BD04C21DD7DC68D42958E5F22E63394E
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17344

Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Google Chrome v37.0.2062.124

Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*************************

AdwCleaner[R0].txt - [5935 octets] - [28/02/2014 21:26:45]
AdwCleaner[R1].txt - [5216 octets] - [07/05/2014 03:21:06]
AdwCleaner[R2].txt - [1139 octets] - [07/05/2014 03:43:55]
AdwCleaner[R3].txt - [1353 octets] - [17/05/2014 11:02:15]
AdwCleaner[R4].txt - [17750 octets] - [17/10/2014 17:04:15]
AdwCleaner[S0].txt - [3696 octets] - [28/02/2014 23:17:15]
AdwCleaner[S1].txt - [6153 octets] - [07/05/2014 03:23:00]
AdwCleaner[S2].txt - [2341 octets] - [07/05/2014 03:45:26]
AdwCleaner[S3].txt - [2552 octets] - [17/05/2014 11:05:04]
AdwCleaner[S4].txt - [15056 octets] - [17/10/2014 17:07:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [15117 octets] ##########

O fato de o site [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] aparecer constantemente é ação do snap do? Obrigado pela ajuda

plins escreveu:O fato de o site [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] aparecer constantemente é ação do snap do? Obrigado pela ajuda

Boa Tarde! plins

> Costuma ser ação do iStartSurf.

> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Smeenk )

< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >

> Salve-o ao desktop!
> Desabilite seu antivírus!
> Para Windows 7,execute zoek.exe como administrador.

iedefaults;
autoclean;
chrdefaults;
emptyCHRcache;
emptyFFcache;
emptyIEcache;
ffdefaults; 
shortcutfix;
emptyalltemp; 

> Copie e cole estas informações,que estão em vermelho,no campo da ferramenta.
> Clique "Run Script". 

Zoek.exe is running now. 
Do not start any browser windows, they will be closed automatically. 
Please wait! This window will close when finished. 
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log

> Surgirão informações,pedindo-lhe que aguarde o surgimento do relatório.
> Ps: Essas informações,podem permanecer estáticas na tela por 20 minutos ou mais.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Confirme o reboot!

zoek.hta failed by unknown error.
Restart computer, and try again.

> Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
> Poste o relatório,que estará em C:\zoek-results.txt << 

A+

Zoek.exe v5.0.0.0 Updated 17-10-2014
Tool run by Paulo Lins on 17/10/2014 at 17:52:23,28.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Paulo Lins\Desktop\zoek.exe [Scan all users] [Script inserted]

===== Runcheck 17:53:25,37 =====

--- Create Environment Variables 17:53:26,31
--- Checking Input 17:53:33,61
--- AU AppData Check 17:53:36,88
--- Remove From Windows Installer 17:53:41,15
--- IE Startpage Check 17:54:58,46
--- Program Files DB Check 17:55:14,26
--- C:\Users\Default\AppData\Roaming DB Check 17:55:47,34
--- C:\Users\Default User\AppData\Roaming DB Check 17:55:47,34
--- C:\Users\Paulo Lins\AppData\Roaming DB Check 17:55:47,34
--- C:\Users\USURIO~1\AppData\Roaming DB Check 17:55:47,34
--- C:\Windows\SysNative\config\systemprofile\AppData\Roaming DB Check 17:55:47,34
--- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming DB Check 17:55:47,34
--- C:\Windows\serviceprofiles\networkservice\AppData\Roaming DB Check 17:55:47,34
--- C:\Windows\serviceprofiles\Localservice\AppData\Roaming DB Check 17:55:47,34
--- C:\Users\Paulo Lins DB Check 17:57:28,19
--- C:\PROGRA~3 DB Check 17:57:42,77
--- C:\Users\Default\AppData\Local DB Check 17:57:43,98
--- C:\Users\Default User\AppData\Local DB Check 17:57:43,98
--- C:\Users\Paulo Lins\AppData\Local DB Check 17:57:43,98
--- C:\Users\USURIO~1\AppData\Local DB Check 17:57:43,98
--- C:\Windows\SysNative\config\systemprofile\AppData\Local DB Check 17:57:43,98
--- C:\Windows\sysWoW64\config\systemprofile\AppData\Local DB Check 17:57:43,98
--- C:\Windows\serviceprofiles\networkservice\AppData\Local DB Check 17:57:43,98
--- C:\Windows\serviceprofiles\Localservice\AppData\Local DB Check 17:57:43,98
--- C:\ProgramData\Microsoft\Windows\Start Menu\Programs DB Check 17:58:53,23
--- C:\Users\Paulo Lins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs DB Check 17:58:59,60
--- Tasks DB Check 17:59:03,35
--- Downloads DB Check 17:59:05,87
--- C:\Users\Paulo Lins\AppData\LocalLow DB Check 17:59:09,24
--- C:\Windows\SysNative\config\systemprofile\AppData\LocalLow DB Check 17:59:09,24
--- C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow DB Check 17:59:09,24
--- C:\Windows\serviceprofiles\Localservice\AppData\LocalLow DB Check 17:59:09,24
--- Tasks2 DB Check 17:59:40,09
--- Documents DB Check 17:59:58,21
--- C:\Users\PAULOL~1\AppData\Roaming\ZHP\Quarantine\AskPartnerNetwork.DIR\Toolbar\AVIRA-V7C\Source\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder} DB Check 18:00:02,85
--- C:\Users\Public\Desktop DB Check 18:00:04,66
--- C:\Users\Paulo Lins\Desktop DB Check 18:00:07,18
--- Services DB Check 18:00:13,12
--- FF prefs.js DB Check 18:00:30,08

Grato

plins escreveu:Grato

Olá! plins

> O relatório veio incompleto! O que houve?
> Aguardou a conclusão do scan?

A+

Desculpe, farei novamente.

Zoek.exe v5.0.0.0 Updated 17-10-2014
Tool run by Paulo Lins on 17/10/2014 at 22:23:10,04.
Microsoft Windows 7 Professional  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Paulo Lins\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-03-01-164104.log 26450 bytes
C:\zoek-results2014-10-17-210549.log 24156 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\PAULOL~1\AppData\Roaming\ZHP\Quarantine\AskPartnerNetwork.DIR\Toolbar\AVIRA-V7C\Source\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\PAULOL~1\AppData\Roaming\ZHP\Quarantine\AskPartnerNetwork.DIR\Toolbar\AVIRA-V7C\Source\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF" [15/06/2014 23:49]

==== Firefox Extensions ======================

==== Firefox Plugins ======================


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
iikflkcanblccfahdhdonehdalibjnif - No path found[]

NihongoUp - Paulo Lins\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbccinjpiceapickopediffpmdflebll
Tradutor de Inglês para o texto na web - Paulo Lins\AppData\Local\Google\Chrome\User Data\Default\Extensions\deeejdggdfgapejjgafhdcgeaacogobh
Porteño Spanish - Learn Argentina Slang - Paulo Lins\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmcoiipkfeemlglbghegegknbcpjhpbj
SpeakIt - Paulo Lins\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgeolalilifpodheeocdmbhehgnkkbak
Learn Spanish - Paulo Lins\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmcdjmebmeoobmdghjbjhbifoocbcmaj

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Paulo Lins\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Paulo Lins\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Paulo Lins\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Paulo Lins\Desktop\Google Drive.lnk - C:\Users\Paulo Lins\Google Drive
C:\Users\Paulo Lins\Desktop\Norton Installation Files.lnk - C:\Users\Public\Downloads\Norton\{NISADM-B201-4abb-B07C-C084B04B4F12}
C:\Users\Paulo Lins\Desktop\cleaners\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Paulo Lins\Desktop\cleaners\ZHPDiag.lnk - C:\Program Files (x86)\ZHPDiag\ZHPhep.exe
C:\Users\Paulo Lins\Desktop\cleaners\ZHPFix.lnk - C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Avira.lnk - C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe /showMiniGui

==== shortcuts in Users Start Menu ======================

C:\Users\Paulo Lins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Paulo Lins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Paulo Lins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Inicializador de aplicativos do Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1046-7B44-AB0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\My Avira\Avira.lnk - C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe /showMiniGui
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)\CorelDRAW X7 (64-Bit).lnk - c:\Windows\Installer\{2C0DDC74-5234-43DD-BB5A-0645B8FE5289}\NewShortcut1_68427AB8B2C044C58AA777A4C3F75634.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)\Duplexing Wizard (64-Bit).lnk - c:\Windows\Installer\{2C0DDC74-5234-43DD-BB5A-0645B8FE5289}\NewShortcut10_BB562587DB944A668ECBA27E6BFD871C.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)\Video Tutorials X7 (64-Bit).lnk - C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X7\VideoBrowser64\VideoBrowser.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)\Documentation\Macro Programming Guide.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\DVDVideoSoft Free Studio.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Free AVI Video Converter.lnk - C:\Program Files (x86)\DVDVideoSoft\Free AVI Video Converter\FreeAVIVideoConverter.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Log Report.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\DVSSysReport.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Premium Membership.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\PremiumMembershipOffer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Uninstall.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free DAT to AVI Converter\Free DAT to AVI Converter.lnk - C:\Program Files (x86)\ConvertVideoFiles.Net\Free DAT to AVI Converter\FreeDATToAVIConverter.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free DAT to AVI Converter\Uninstall Free DAT to AVI Converter.lnk - C:\Program Files (x86)\ConvertVideoFiles.Net\Free DAT to AVI Converter\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\DirectVobSub.lnk - C:\Windows\SysWOW64\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\Filters\vsfilter.dll",DirectVobSub
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow audio decoder.lnk - C:\Windows\SysWOW64\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax",configureAudio
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow video decoder.lnk - C:\Windows\SysWOW64\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax",configure
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Haali Media Splitter.lnk - C:\Windows\SysWOW64\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\Filters\Haali\splitter.ax",Configure
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Audio.lnk - C:\Windows\system32\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\lavaudio.ax",OpenConfiguration
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Splitter.lnk - C:\Windows\system32\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\lavsplitter.ax",OpenConfiguration
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Video.lnk - C:\Windows\system32\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\lavvideo.ax",OpenConfiguration
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Reset to recommended settings.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe /showsections=reset_settings
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Help\Frequently Asked Questions.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Info\faq.htm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Win7DSFilterTweaker.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\Win7DSFilterTweaker.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Uninstall\Uninstall K-Lite Codec Pack.lnk - C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\accicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\xlicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Designer 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\inficon.exe  /design
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Filler 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\inficon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Lync 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneDrive for Business 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\grv_icons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\joticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\outicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pptico.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pubs.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Send to OneNote 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\joticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\wordicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Database Compare 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\dbcicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Lync Recording Manager.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Language Preferences.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\misc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Upload Center.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\msouc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Spreadsheet Compare 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\sscicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Telemetry Dashboard for Office 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\osmadminicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Telemetry Log for Office 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\osmclienticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\LiveUpdate.lnk - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\uistub.exe /lu
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\NBRT.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\Norton Internet Security.lnk - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\uistub.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\Support.lnk - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\symerr.exe /support
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\Uninstall Norton Internet Security.lnk - C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\21.6.0.32\inststub.exe /X /shortcut
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Paulo Lins\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Autodesk Maya 2013 64-bit.lnk - C:\Program Files (x86)\Autodesk\Maya2013\bin\maya.exe
C:\Users\Paulo Lins\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk - C:\Users\Paulo Lins\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Users\Paulo Lins\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Paulo Lins\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Paulo Lins\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Maya 2014.lnk - C:\Program Files (x86)\Autodesk\Maya2014\bin\maya.exe
C:\Users\Paulo Lins\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MotionBuilder 2014.lnk - C:\Program Files (x86)\Autodesk\MotionBuilder 2014\bin\x64\motionbuilder.exe
C:\Users\Paulo Lins\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mudbox 2014.lnk - C:\Program Files (x86)\Autodesk\Mudbox 2014\mudbox.exe
C:\Users\Paulo Lins\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Paulo Lins\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Paulo Lins\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\Paulo Lins\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Adobe Dreamweaver CS6.lnk - C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe
C:\Users\Paulo Lins\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Adobe Flash Professional CS6.lnk - C:\Program Files (x86)\Adobe\Adobe Flash CS6\Flash.exe
C:\Users\Paulo Lins\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Adobe Photoshop CS6 (64 Bit).lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe
C:\Users\Paulo Lins\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Limpa profundamente arquivos de Spam.lnk - C:\Program Files (x86)\Elex-tech\YAC\iStart.exe -divertop -param0=9 -param1=0 -param2=1
C:\Users\Paulo Lins\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Paulo Lins\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Paulo Lins\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Paulo Lins\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Paulo Lins\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=278 folders=127 31785866 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Paulo Lins\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\PAULOL~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on 17/10/2014 at 22:35:54,85 ======================

Creio que agora está correto.
Obrigado!

Boa Noite! plins

> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >  < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] > ( ... de Nicolas Coolman )
> Ou [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] << Link!
> Salve-o no disco local! ( C ou D )
> Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Execute o ícone do pergaminho. ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Clique "COMPLETA" e aguarde a conclusão!
> Clique OK e,ao concluir,poste o relatório! ( ZHPDiag.txt )
> Ps: Como o log será extenso,envie-o à [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].

> Ou acesse: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >

> Ou acesse: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >

> Ou anexe-o |[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]| << Link!

> Maiores informações: < |[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]| > << Hospedagem!

A+

Boa noite joram, segue o arquivo. Obrigado pela ajuda!

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Bom Dia! plins

> Execute este script na ferramenta ZHPFix.
> Selecione e copie estas informações que estão em vermelho,para o Bloco de Notas.
> Com o Bloco de Notas aberto,faça: ctrl+a >> ctrl+c ( Selecionar e Copiar )
> À seguir,minimize o Bloco de Notas.

Script ZHPFix
ShortcutFix
FirewallRaz
EmptyPrefetch
EmptyCLSID
EmptyTemp
EmptyFlash
SR - | Auto 08/10/2014 118048 |  (iSafeService) . (.Elex do Brasil Participações Ltda.) - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
[MD5.9D0767859EE938C0C4FAC30693109843] [WIS][07/05/2014] (.SupraSavings - SupraSavings.) -- C:\Windows\Installer\12c7be47.msi   [3162112]
[MD5.9A5263D3C011F34BFA10C5458CF27197] [WIS][07/05/2014] (.SupraSavings - SupraSavings.) -- C:\Windows\Installer\12c92e28.msi   [4997120]
[MD5.80F6142ECE40C47928B3181CE525E607] [WIS][06/10/2014] (.LPT - LPT System Updater Service.) -- C:\Windows\Installer\5122bc6.msi   [2134016]
[MD5.00000000000000000000000000000000] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS\AutoKMS.exe (.not file.)   [0]
[MD5.0A09297C37084FF74660F0390E1E4F9B] - (.Elex do Brasil Participações Ltda - YACTray.) -- C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe   [315520] [PID.3512]
[MD5.24388D5BF117C1B46FAABA36358EFEE6] [SPRF][17/10/2014] (...) -- C:\Users\Paulo Lins\Desktop\zoek.exe   [1290752]
O2 - BHO: (no name) [64Bits] - {78234974-0C4B-4111-BDEB-D9A104418772} Chave orfã
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Chave orfã
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{47833539-D0C5-4125-9FA8-0819E2EAAC93} Chave orfã
O23 - Service: YAC Service (iSafeService) . (.Elex do Brasil Participações Ltda - iSafeSvc.) - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
O41 - Driver:  (iSafeNetFilter) . (.Elex do Brasil Participações Ltda - iSafeNetFilter SDK WFP Driver (WPP).) - C:\Windows\System32\DRIVERS\iSafeNetFilter.sys
O41 - Driver:  (Bfilter) . (. - .) - C:\Windows\system32\drivers\Bfilter.sys (.not file.)
O41 - Driver:  (Bfmon) . (. - .) - C:\Windows\system32\drivers\Bfmon.sys (.not file.)
O41 - Driver: (Bnbase) . (. - .) - C:\Windows\System32\drivers\bnbasex64.sys (.not file.)
O41 - Driver:  (Bndef) . (. - .) - C:\Windows\system32\drivers\bndef64.sys (.not file.)
O41 - Driver:  (Bprotect) . (. - .) - C:\Windows\system32\drivers\Bprotect.sys (.not file.)
O41 - Driver:  (iSafeKrnl) . (.Elex do Brasil Participações Ltda - iSafe Kernel Driver.) - C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys
O41 - Driver:  (iSafeKrnlKit) . (.Elex do Brasil Participações Ltda - iSafe Kernel Kit Driver.) - C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys
O41 - Driver:  (iSafeKrnlR3) . (.Elex do Brasil Participações Ltda - iSafe Kernel Ring3 Driver.) - C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys
O43 - CFD: 18/04/2014 - 20:20:02 - [0] ----D C:\ProgramData\Alias
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 17/10/2014 - 22:23:05 ---A- . (...) -- C:\Windows\zoek-delete.exe   [24064]
O44 - LFC:[MD5.03EE205A8B645819DDC8233931957E1A] - 17/10/2014 - 14:50:36 ---A- . (...) -- C:\AdwCleaner[R1].txt   [2190]
O44 - LFC:[MD5.8B5A50568041F6F21BDF1908FEB37749] - 17/10/2014 - 14:52:06 ---A- . (...) -- C:\AdwCleaner[S1].txt   [2059]
O44 - LFC:[MD5.B560B6B27651A6764A290E5B4F7B4D92] - 17/10/2014 - 17:53:32 ---A- . (...) -- C:\zoek-results2014-03-01-164104.log   [26450]
O44 - LFC:[MD5.CCEBBF2948BEDF491174C07D1D361CA3] - 17/10/2014 - 18:05:49 ---A- . (...) -- C:\zoek-results2014-10-17-210549.log   [24156]
O44 - LFC:[MD5.BE17F600B044B7D0CF6E310374526F12] - 17/10/2014 - 22:35:54 ---A- . (...) -- C:\zoek-results.log   [21986]
O44 - LFC:[MD5.F7A5EDB11A6BDD2E73FC1DDA4C64A068] - 16/10/2014 - 17:59:12 ---A- . (.Elex do Brasil Participações Ltda - iSafeNetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\iSafeNetFilter.sys   [49320]
O45 - LFCP:[MD5.C2CE15051D67AF63D4B292F27D1C9DBC] - 17/10/2014 - 22:19:38 ---A- - C:\Windows\Prefetch\ISAFE.EXE-8FF402A6.pf
O58 - SDL:22/09/2014 - 09:13:46 ---A- . (.Elex do Brasil Participações Ltda - iSafeNetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\iSafeNetFilter.sys   [49320]
O61 - LFC: 16/10/2014 - 00:07:25 ---A- . (.Elex do Brasil Participações Ltda.) -- C:\Users\Paulo Lins\Downloads\yet_another_cleaner_sk_56386.exe   [15578360]
O61 - LFC: 17/10/2014 - 00:07:25 ---A- . (...) -- C:\Users\Paulo Lins\Desktop\zoek.exe   [1290752]
O61 - LFC: 17/10/2014 - 00:07:25 ---A- . (.Trend Micro Inc..) -- C:\Users\Paulo Lins\Desktop\HijackThis (4).exe   [388608]
O64 - Services: CurCS - 08/10/2014 - C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys (iSafeKrnlKit)  .(.Elex do Brasil Participações Ltda - iSafe Kernel Kit Driver.) - LEGACY_ISAFEKRNLKIT
O64 - Services: CurCS - 08/10/2014 - C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys (iSafeKrnlR3)  .(.Elex do Brasil Participações Ltda - iSafe Kernel Ring3 Driver.) - LEGACY_ISAFEKRNLR3
O64 - Services: CurCS - 22/09/2014 - C:\Windows\System32\DRIVERS\iSafeNetFilter.sys (iSafeNetFilter)  .(.Elex do Brasil Participações Ltda - iSafeNetFilter SDK WFP Driver (WPP).) - LEGACY_ISAFENETFILTER
O90 - PUC: "8B501B6E56F182443979D1DFA8309BD4" . (.SupraSavings.) -- c:\Windows\Installer\{E6B105B8-1F65-4428-9397-1DFD8A03B94D}\icon64.ico
[HKLM\SYSTEM\CurrentControlSet\Services\iSafeService]
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS]
C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
C:\Program Files (x86)\Elex-tech\YAC
C:\Windows\Installer\12c7be47.msi
C:\Windows\Installer\12c92e28.msi
C:\Windows\Installer\5122bc6.msi
ServiceStop:iSafeService
ServiceStop:iSafeNetFilter
ServiceStop:Bfilter
ServiceStop:Bfmon
ServiceStop:Bnbase
ServiceStop:Bndef
ServiceStop:Bprotect
ServiceStop:iSafeKrnl
ServiceStop:iSafeKrnlKit
ServiceStop:iSafeKrnlR3

> Abra a ferramenta ZHPFix. < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >
> Clique IMPORTAÇÃO >> OK.
> Ps: Ao clicar "OK",verifique se o campo está limpo para que receba,somente,as informações do script.
> Clique "GO".
> Poste o relatório!

A+

Boa noite joram, segue o relatório. Mais uma vez obrigado!

Rapport de ZHPFix 2014.8.3.6 par Nicolas Coolman, Update du 03/08/2014
Fichier d'export Registre :
Run by Paulo Lins at 18/10/2014 18:05:59
High Elevated Privileges : OK
Windows 7 Business Edition, 64-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 04s)
Prefetcher vazio
Reparação de atalhos do navegador

========== Processo memória ==========
ELIMINA REINICIAR: Memory Process: C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe

========== Estado dos serviços ==========
ISAFEKRNLKIT Parado
ISAFEKRNLR3 Parado
ISAFENETFILTER Parado
iSafeService Parado
iSafeNetFilter Parado
Bfilter Parado
Bfmon Parado
Bnbase Parado
Bndef Parado
Bprotect Parado
iSafeKrnl Parado
iSafeKrnlKit Parado
iSafeKrnlR3 Parado

========== Chaves do Registo ==========
ELIMINÉ:³ Service: iSafeService
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bnbase
ELIMINÉ Driver Key: Bndef
ELIMINÉ Driver Key: Bprotect
ELIMINÉ: [HKLM\Software\Classes\Installer\Products\\8B501B6E56F182443979D1DFA8309BD4]
ELIMINÉ: [HKLM\Software\Classes\Installer\Features\8B501B6E56F182443979D1DFA8309BD4]
ELIMINÉ:³ HKLM\SYSTEM\CurrentControlSet\Services\iSafeService

========== Valores do Registo ==========
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :
ELIMINÉ: FirewallRaz (Private) : TCP Query User{D4883FB0-0F1A-46E8-96A1-3F25FFD1F1C0}C:\program files (x86)\torntv.com\torntv downloader.exe
ELIMINÉ: FirewallRaz (Private) : UDP Query User{5F70BE3C-1E77-4C26-9ED9-C0611969513E}C:\program files (x86)\torntv.com\torntv downloader.exe
ELIMINÉ: Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
ELIMINÉ: Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93}

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
ELIMINÉ Temporários windows (122)
ELIMINÉ Flash Cookies (0)
ELIMINÉ: C:\ProgramData\Alias
ELIMINA REINICIAR:** c:\program files (x86)\elex-tech\yac

========== Ficheiros ==========
ELIMINÉ Temporários windows (336) (44.526.188 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
ELIMINA REINICIAR: c:\program files (x86)\elex-tech\yac\isafesvc.exe
ELIMINÉ: c:\windows\zoek-delete.exe
ELIMINÉ: c:\adwcleaner[r1].txt
ELIMINÉ: c:\adwcleaner[s1].txt
ELIMINÉ: c:\zoek-results2014-03-01-164104.log
ELIMINÉ: c:\zoek-results2014-10-17-210549.log
ELIMINÉ: c:\zoek-results.log
ELIMINA REINICIAR: c:\windows\system32\drivers\isafenetfilter.sys
ELIMINÉ: c:\windows\prefetch\isafe.exe-8ff402a6.pf
ELIMINÉ: c:\users\paulo lins\downloads\yet_another_cleaner_sk_56386.exe
ELIMINÉ: c:\users\paulo lins\desktop\zoek.exe
ELIMINÉ: c:\users\paulo lins\desktop\hijackthis (4).exe
ELIMINÉ: C:\Windows\Installer\12c7be47.msi
ELIMINÉ: C:\Windows\Installer\12c92e28.msi
ELIMINÉ: C:\Windows\Installer\5122bc6.msi

========== Tarefa planificada ==========
ELIMINÉ: AutoKMS
ELIMINÉ: AutoKMS


========== Recapitulativo ==========
1 : Processo memória
9 : Chaves do Registo
6 : Valores do Registo
5 : Pastas
17 : Ficheiros
13 : Estado dos serviços
2 : Tarefa planificada


End of clean in 01mn 01s

========== Caminho do ficheiro do relatório ==========
C:\Users\Paulo Lins\AppData\Roaming\ZHP\ZHPFix[R1].txt - 01/03/2014 13:05:20 [2988]
C:\Users\Paulo Lins\AppData\Roaming\ZHP\ZHPFix[R2].txt - 18/10/2014 18:06:04 [3247]

Boa Noite! plins

> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]> ( ... by Farbar )

> Para sistemas 32 bit!

> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]> (64 bit)

> Ou aqui,para sistemas 64bit!
> Salve-o no desktop! (Área de trabalho ...)
> Execute a ferramenta! Clique "Yes" >> "Scan".

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Antes de clicar "Scan",verifique se as caixinhas em "Whitelist" estão assinaladas.
> Em "Optional Scan",deixe marcada a checkbox "Addition.txt".
> Poste os relatórios! (FRST.txt + Addition.txt )
> Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na 1ª execução da ferramenta.

A+

Boa noite joram!
Seguem os links:
frst: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
addition: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Muito obrigado!!!

Bom Dia! plins

> Abra o Gerenciador de Tarefas e,caso os encontre,pare estes processos: iSafeSvc.exe e iSafeSvc2.exe
>
> Copie estas informações que estão em vermelho,para o Bloco de Notas.
> Salve-a com o nome fixlist.txt
> Salve-a no desktop! ( Área de trabalho ... ) (C:\Users\Paulo Lins\Desktop)

start
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
CHR DefaultSearchKeyword: Default -> webssearches
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [248488 2014-10-08] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [99496 2014-10-08] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [65704 2014-10-08] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [49320 2014-09-22] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; system32\DRIVERS\iSafeKrnlBoot.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
2014-10-18 18:06 - 2014-10-18 18:06 - 00003332 _____ () C:\Users\Paulo Lins\Desktop\ZHPFixReport.txt
2014-10-18 00:13 - 2014-10-18 00:13 - 00149463 _____ () C:\Users\Paulo Lins\Desktop\ZHPDiag.txt
2014-10-18 00:05 - 2014-10-18 00:05 - 00003178 _____ () C:\Windows\System32\Tasks\{910BA677-8DAC-4ACE-92E9-9FE18C1DE4DC}
2014-10-18 00:05 - 2014-10-18 00:05 - 00001991 _____ () C:\Users\Paulo Lins\Desktop\ZHPFix.lnk
2014-10-18 00:05 - 2014-10-18 00:05 - 00001864 _____ () C:\Users\Paulo Lins\Desktop\ZHPDiag.lnk
2014-10-18 00:03 - 2014-10-18 00:04 - 06860008 _____ (Nicolas Coolman ) C:\Users\Paulo Lins\Downloads\ZHPDiag2 (1).exe
2014-10-17 17:51 - 2014-10-17 17:02 - 01976320 _____ () C:\Users\Paulo Lins\Desktop\AdwCleaner (1).exe
2014-10-17 17:02 - 2014-10-17 17:02 - 01976320 _____ () C:\Users\Paulo Lins\Downloads\AdwCleaner (1).exe
2014-10-17 15:56 - 2014-10-17 15:56 - 00388608 _____ (Trend Micro Inc.) C:\Users\Paulo Lins\Downloads\HijackThis (4).exe
2014-10-16 17:59 - 2014-10-16 17:59 - 00000000 ____D () C:\Users\Paulo Lins\AppData\Roaming\Elex-tech
2014-10-16 17:59 - 2014-10-16 17:59 - 00000000 ____D () C:\Program Files (x86)\Elex-tech
2014-10-16 17:59 - 2014-09-22 09:13 - 00049320 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
2014-10-18 18:06 - 2014-03-01 11:27 - 00000000 ____D () C:\Users\Paulo Lins\AppData\Roaming\ZHP
2014-10-18 00:10 - 2014-04-29 09:27 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2014-10-18 00:05 - 2014-03-01 11:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-10-18 00:05 - 2014-03-01 11:27 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-10-17 17:09 - 2014-02-28 21:26 - 00000000 ____D () C:\AdwCleaner
2014-10-17 15:56 - 2014-02-28 20:00 - 00018787 _____ () C:\Users\Paulo Lins\Downloads\hijackthis.log
SupraSavings (Version: 1.0.0.0 - SupraSavings) Hidden <==== ATTENTION
2014-10-16 17:59 - 2014-10-08 07:10 - 00065696 ____N () C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll
2014-10-16 17:59 - 2014-10-08 07:10 - 00092320 ____N () C:\Program Files (x86)\Elex-tech\YAC\curlpp.dll
2014-10-16 17:59 - 2014-09-22 09:13 - 00176976 ____N () C:\Program Files (x86)\Elex-tech\YAC\tws\unrar.dll
2014-10-16 17:59 - 2014-09-22 09:13 - 00087744 ____N () C:\Program Files (x86)\Elex-tech\YAC\tws\unacev2.dll
2014-10-16 17:59 - 2014-10-08 07:09 - 00179200 ____N () C:\Program Files (x86)\Elex-tech\YAC\libpng.dll
AlternateDataStreams: C:\Users\Paulo Lins\Configurações locais:93VmEvhDAIqPCXCE2GH510Yghxkcf
AlternateDataStreams: C:\Users\Paulo Lins\AppData\Local:93VmEvhDAIqPCXCE2GH510Yghxkcf
AlternateDataStreams: C:\Users\Paulo Lins\AppData\Local\Dados de aplicativos:93VmEvhDAIqPCXCE2GH510Yghxkcf
C:\Program Files (x86)\Elex-tech\YAC
C:\Users\Paulo Lins\AppData\Local\Temp\avgnt.exe
end

> Execute FRST/FRST64 >> Clique "Fix". << Aguarde!
> Poste o relatório! (Fixlog.txt)

A+

Boa noite joram! Quando tento parar a execução do iSafeSvc.exe e iSafeSvc2.exe aparece uma mensagem de "acesso negado"...

como faço?

Obrigado.

plins escreveu:Boa noite joram! Quando tento parar a execução do iSafeSvc.exe e iSafeSvc2.exe aparece uma mensagem de "acesso negado"...

como faço?

Obrigado.

Bom Dia! plins

> Execute o script em Modo de Segurança.

A+

Boa tarde joram! Segue o relatorio

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Obrigado!!!

Boa Tarde! plins

> Ainda nota resquícios do YAC?
>
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by techsupportall.com )
> Salve-a no desktop!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Execute o arquivo Adware-Removal-Tool-v3.9.1.exe <<

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Dê início a verificação,clicando em Scan.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Ao concluir seu prescan,clique OK.
> Ps: Cada guia irá mostrar o que será removido!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Clique "Next" >> Aguarde!

< Computador >> Windows (C:) >> Program Files >> Adware-Removal-Tool >> Reports >> Repair_Logs_2014_10_dia_h_min_seg.txt <<

> Poste o relatório! 

Abs!