Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14412 usuários registrados
O último usuário registrado atende pelo nome de LucasDrBr

Os nossos membros postaram um total de 35075 mensagens em 3551 assuntos
Quem está conectado
1 usuário online :: Nenhum usuário registrado, Nenhum Invisível e 1 Visitante :: 1 Motor de busca

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Julho 2017
SegTerQuaQuiSexSabDom
     12
3456789
10111213141516
17181920212223
24252627282930
31      

Calendário Calendário

Palavras chave


Remover mystartsearch.com do navegador

Página 1 de 2 1, 2  Seguinte

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

Remover mystartsearch.com do navegador

Mensagem por walber luiz em Sab 20 Jun 2015, 23:49

Usei vários tutoriais da internet e não funcionou.
Usei o da google chrome e não deu certo.
avatar
walber luiz
Membro
Membro

Mensagens : 98
Reputação : 1
Data de inscrição : 29/05/2015

Voltar ao Topo Ir em baixo

Re: Remover mystartsearch.com do navegador

Mensagem por Power Max em Dom 21 Jun 2015, 11:59

Olá Walber.

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

Remova adwares e toolbars maliciosas com o Adwcleaner

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Remover mystartsearch.com do navegador

Mensagem por walber luiz em Dom 21 Jun 2015, 21:02

segue

[Você precisa estar registrado e conectado para ver este link.]
avatar
walber luiz
Membro
Membro

Mensagens : 98
Reputação : 1
Data de inscrição : 29/05/2015

Voltar ao Topo Ir em baixo

Re: Remover mystartsearch.com do navegador

Mensagem por Power Max em Dom 21 Jun 2015, 21:04

Baixe o programa Junkware Removal Tool no link abaixo:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

Tutorial do Junkware Removal Tool

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Remover mystartsearch.com do navegador

Mensagem por walber luiz em Dom 21 Jun 2015, 21:19

segue

[Você precisa estar registrado e conectado para ver este link.]
avatar
walber luiz
Membro
Membro

Mensagens : 98
Reputação : 1
Data de inscrição : 29/05/2015

Voltar ao Topo Ir em baixo

Re: Remover mystartsearch.com do navegador

Mensagem por Power Max em Dom 21 Jun 2015, 21:32

Desative temporariamente seu antivírus para evitar conflitos.

* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Você precisa estar registrado e conectado para ver este link.]

Salve-o no Desktop (Área de Trabalho).

Para executá-lo corretamente siga as dicas deste tutorial:

Exclua adwares e outras ameaças de seu PC e browsers com o aplicativo Zoek

* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Remover mystartsearch.com do navegador

Mensagem por walber luiz em Seg 22 Jun 2015, 18:37

segue

[Você precisa estar registrado e conectado para ver este link.]

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by super385011 on 22/06/2015 at 17:23:39,91.
Microsoft Windows 8.1 Pro com Media Center 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\super385011\Desktop\PcBrasil\zoek.exe [Scan all users] [Quick Scan] [Auto Clean]

==== System Restore Info ======================

22/06/2015 17:25:48 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\Users\super385011\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-06-22 00:08:35 CA2A8AF1DBAD0F31F9B33A2827DFBC16 207 ----a-w- C:\Windows\tweaking.com-regbackup-WALBER-Windows-8.1-Pro-with-Media-Center-(64-bit).dat
2015-06-05 14:30:29 C5EA2F940ED8FF335FF37D6803AFD33C 35741 ----a-w- C:\Windows\ProfessionalWMC.xml
2015-06-01 02:47:19 965D6C38C8636147CB28F3099EB408E8 35781 ----a-w- C:\Windows\Professional.xml
2015-05-29 13:04:50 7826082B93262AB6460E77B91C61EA30 128512 ----a-w- C:\Windows\splwow64.exe
2015-05-24 01:53:15 6B84FABCBD099B83A67DC447BA94F00C 707354 ----a-w- C:\Windows\unins000.exe
2015-05-24 01:53:15 48A24C924141C38B6F5B1506BBE66E78 3641 ----a-w- C:\Windows\unins000.dat
2015-05-23 22:30:38 CA2A8AF1DBAD0F31F9B33A2827DFBC16 207 ----a-w- C:\Windows\tweaking.com-regbackup-WALBER-Windows-8.1-Single-Language-(64-bit).dat
====== C:\Users\SUPER3~1\AppData\Local\Temp ====
2015-06-22 00:07:49 FDD26A402322F212DCA153FF8B1FFB6E 78816 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\pcwintech_tasksch.dll
2015-06-22 00:07:49 E0DC8C6BBC787B972A9A468648DBFD85 1008128 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\libiconv2.dll
2015-06-22 00:07:49 DC7A3BC0FC185CD68848DC6F7D7B026B 40960 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\SSubTmr6.dll
2015-06-22 00:07:49 D202BAA425176287017FFE1FB5D1B77C 103424 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\libintl3.dll
2015-06-22 00:07:49 A107DE2D120C0571B544EEC53D1971AB 1406208 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\TweakingRegistryBackup.exe
2015-06-22 00:07:49 57CAC848FA14AE38F14F9441F8933282 140288 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\pcre3.dll
2015-06-22 00:07:49 547C43567AB8C08EB30F6C6BACB479A3 79360 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\regex2.dll
2015-06-22 00:07:49 1B128828BF5E4353811B6DA58156B7F4 6656 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\files\dosdev.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-06-14 14:03:01 03B0224FD1E2D8A6DBC2B18404092F21 1070352 ----a-w- C:\Windows\SysWOW64\MSCOMCTL.OCX
2015-06-10 01:47:09 38D724C261738F1C3FD90D21B130E06A 178168 ----a-w- C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-10 01:47:08 9B3EE3F42109B4115FFE053C225FC1C6 792568 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-10 01:20:44 B0EDCA1168C874812A180EBCD1A43EB5 549888 ----a-w- C:\Windows\SysWOW64\comctl32.dll
2015-06-10 01:20:32 975421AC32F9F6E27A58F75DAB4B5871 19607040 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2015-06-10 01:20:26 DB254D50B4527C2821C537E0587B44E8 12829696 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2015-06-10 01:20:25 E4EB138060BAE0DBAB1A3B71A3141FE7 1950720 ----a-w- C:\Windows\SysWOW64\wininet.dll
2015-06-10 01:20:23 3FD7E6DB5D81FE400DB4D81D278596E6 4305920 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2015-06-10 01:20:22 927E38A35E4DFC4E294BD130BAA6F759 2278912 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2015-06-10 01:20:22 7DBCBB1647B7CD71E2039C1B50A12717 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 01:20:22 53E9614ADFA6A40A452BA014CEF6F261 1309696 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2015-06-10 01:20:20 2DED8A99E45053C42DD21D6937D3960C 689152 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 01:20:19 96837E5864777688477AF6DE2332C06D 503808 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2015-06-10 01:20:18 EF853EA2A6A7BD891CCF31B0C2915352 341504 ----a-w- C:\Windows\SysWOW64\html.iec
2015-06-10 01:20:18 C27C8CACEBC712BE2AD791715E9734EC 664064 ----a-w- C:\Windows\SysWOW64\jscript.dll
2015-06-10 01:20:17 B6D8148C1C697A7BF04EE0FE82408B6A 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 01:20:16 F26680AF396F89F7ABFDA1D1D6B62011 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 01:20:16 4ABEEF30EA5B9F4718312DCB60B6C9BC 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 01:20:15 AE8F02C9B1DC7364A94ABEB6E396611C 327168 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 01:20:15 3B850134010B7CCC546C29D51405C9DA 1042944 ----a-w- C:\Windows\SysWOW64\actxprxy.dll
2015-06-10 01:20:14 8AE1E22527BC203BAD89212F6D09F038 880128 ----a-w- C:\Windows\SysWOW64\inetcomm.dll
2015-06-10 01:20:14 7467B0605897898F8F32B4B9B9041F51 128000 ----a-w- C:\Windows\SysWOW64\iepeers.dll
2015-06-10 01:20:14 6B7210618D7E2CE0404ECF748701253A 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-06-14 03:10:07 ED49F197ABFD5921CDD0F97A99863648 564160 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT
2015-06-10 01:20:51 16D44C27EE81892ED918DA21544665DC 1020928 ----a-w- C:\Windows\Sysnative\appraiser.dll
2015-06-10 01:20:51 009FD5658121B32791D55D0F34B63883 700416 ----a-w- C:\Windows\Sysnative\generaltel.dll
2015-06-10 01:20:50 FC504D3310BBDABA4449C598C3F8113B 45568 ----a-w- C:\Windows\Sysnative\acmigration.dll
2015-06-10 01:20:50 F0CACB26E37A19A8049F7C4448ECC2F5 1119232 ----a-w- C:\Windows\Sysnative\aeinv.dll
2015-06-10 01:20:50 E87D4371B24BC9E5BAE95AEA60FFD959 193536 ----a-w- C:\Windows\Sysnative\aepic.dll
2015-06-10 01:20:50 ACDA86BD8FE54376586173BD55F678F9 756736 ----a-w- C:\Windows\Sysnative\invagent.dll
2015-06-10 01:20:50 90BFB92CF2AB75A01BF40D22BD1670A8 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll
2015-06-10 01:20:50 2C14C7A76B728DF9F2A0425166FDEE8F 422912 ----a-w- C:\Windows\Sysnative\devinv.dll
2015-06-10 01:20:48 B0B46D29B9F34D19B819B48E208871A5 36864 ----a-w- C:\Windows\Sysnative\UtcResources.dll
2015-06-10 01:20:48 3ECB752A6963B1CBC9AD65ED89C8ACED 1430528 ----a-w- C:\Windows\Sysnative\diagtrack.dll
2015-06-10 01:20:47 6CCC851608DD076C13E37737BB75A9DC 4177920 ----a-w- C:\Windows\Sysnative\win32k.sys
2015-06-10 01:20:44 0341BF7622E0D547446DB254868EF965 653824 ----a-w- C:\Windows\Sysnative\comctl32.dll
2015-06-10 01:20:33 A29BAFC1543F9D2234AFFFEA9BCE76C8 24917504 ----a-w- C:\Windows\Sysnative\mshtml.dll
2015-06-10 01:20:27 CFA52E2FE8E623042A1EEF96EB1B9481 6026240 ----a-w- C:\Windows\Sysnative\jscript9.dll
2015-06-10 01:20:26 417F80E4AFBA1AA9EBBD618F1C6D9165 2426880 ----a-w- C:\Windows\Sysnative\wininet.dll
2015-06-10 01:20:25 AE5A2843B4A2E1E558B9EE13EF62CCE5 14404096 ----a-w- C:\Windows\Sysnative\ieframe.dll
2015-06-10 01:20:23 6E295C7364DAEB151CC0E98434B6AC92 2885632 ----a-w- C:\Windows\Sysnative\iertutil.dll
2015-06-10 01:20:23 6ABFC5736EC920C4436F32111F5CBCEE 1545728 ----a-w- C:\Windows\Sysnative\urlmon.dll
2015-06-10 01:20:21 7B4A7D55E905ED9A0A4B1263BA7C6944 2865152 ----a-w- C:\Windows\Sysnative\actxprxy.dll
2015-06-10 01:20:20 33B5F1A727FACDEA7CDA0E35FFAADDCF 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll
2015-06-10 01:20:19 FF84182188CA8F0DC28CFED06C9B7816 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
2015-06-10 01:20:19 2BC2D3A41BB755487FD55C09938F00BC 417792 ----a-w- C:\Windows\Sysnative\html.iec
2015-06-10 01:20:18 83781DF625A4448B39410D7FA2BDC48D 816640 ----a-w- C:\Windows\Sysnative\jscript.dll
2015-06-10 01:20:18 083BCA14FCE290D682D8DAC9372CBF23 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2015-06-10 01:20:17 7F8F9AE03D1BA4354671E05F07A40F1A 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll
2015-06-10 01:20:17 3854BFE1C0F14872C94501421CC40813 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll
2015-06-10 01:20:16 86FDFEA67833DB261EC01A777594EDCF 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll
2015-06-10 01:20:15 ACD6FE6C82B93813F023FC01A51CB940 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll
2015-06-10 01:20:15 614604C8D322D0779E426917CAFE4F3E 262144 ----a-w- C:\Windows\Sysnative\webcheck.dll
2015-06-10 01:20:14 9EFAF10AF9BFA6CDBDDE3D8C5EDC3453 145408 ----a-w- C:\Windows\Sysnative\iepeers.dll
2015-06-10 01:20:14 35622F5A652C4E16774234DCA0026E74 633856 ----a-w- C:\Windows\Sysnative\ieui.dll
2015-06-10 01:20:14 1E31F06BE53F11CF5E660284E68587AC 374272 ----a-w- C:\Windows\Sysnative\iedkcs32.dll
2015-06-10 01:20:14 11E5CD954CC38080471E7CC2CA1558AE 1032704 ----a-w- C:\Windows\Sysnative\inetcomm.dll
====== C:\Windows\Sysnative\drivers =====
2015-06-16 02:54:53 83586138F23A4C284EB68AFC852D7AFA 43576 ----a-w- C:\Windows\Sysnative\drivers\avnetflt.sys
2015-06-16 02:54:52 CC1ABBD9E61B7AA5CCBB45EA87CB033F 153256 ----a-w- C:\Windows\Sysnative\drivers\avgntflt.sys
2015-06-16 02:54:52 390184FAD8FCC1B6DA25AEBAE928C3B6 28600 ----a-w- C:\Windows\Sysnative\drivers\avkmgr.sys
2015-06-16 02:54:52 07C8454D3A94BA478752FAFA2B94E0FE 132656 ----a-w- C:\Windows\Sysnative\drivers\avipbb.sys
2015-06-15 20:44:29 F6C788978015E6C6D5D1C52AD1DAD869 52480 ----a-w- C:\Windows\Sysnative\drivers\BTOWSVF.sys
2015-06-15 20:44:29 D186196FDBB0C28DF3AD6F6D4E588BA5 52992 ----a-w- C:\Windows\Sysnative\drivers\KSafeDISK.sys
2015-06-15 20:44:29 8AFF20CEF200019108814FB0E43DA6A4 33024 ----a-w- C:\Windows\Sysnative\drivers\BTOWSFF.sys
2015-06-07 00:21:42 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_WinUsb_01009.Wdf
2015-05-29 13:13:12 B8F36CBC72FC5C8B8A30AD850165EA8E 72192 ----a-w- C:\Windows\Sysnative\drivers\ndproxy.sys
2015-05-29 13:13:12 23006D660C0E54BF1CE8253E15F5E995 80896 ----a-w- C:\Windows\Sysnative\drivers\wanarp.sys
2015-05-29 13:05:01 7EC9376D245D734791AD46738712E7D8 473408 ----a-w- C:\Windows\Sysnative\drivers\netio.sys
2015-05-29 13:05:00 1BD3022FD6E450B00DE560265638FD2A 112640 ----a-w- C:\Windows\Sysnative\drivers\rasl2tp.sys
2015-05-29 13:04:58 F6ECFD6128A16A4851CFE98D4E01B011 551232 ----a-w- C:\Windows\Sysnative\drivers\vhdmp.sys
2015-05-29 13:04:57 715ABA3DD164D06457A2A3C92F6EA9D5 136512 ----a-w- C:\Windows\Sysnative\drivers\wfplwfs.sys
2015-05-29 13:04:57 5917AFE4A3F695A54B99C1849C8207FE 59712 ----a-w- C:\Windows\Sysnative\drivers\kbdclass.sys
2015-05-29 13:04:57 49EE0AE9E5B64FFBBD06D55C4984B598 108544 ----a-w- C:\Windows\Sysnative\drivers\i8042prt.sys
2015-05-29 13:04:57 389C998C64319CD97625B0550E52ECFA 58176 ----a-w- C:\Windows\Sysnative\drivers\dam.sys
2015-05-29 13:04:57 08374E4E5B8914DE6067CBA99F61E930 51008 ----a-w- C:\Windows\Sysnative\drivers\mouclass.sys
2015-05-29 13:04:56 ED54A75050211DC77F9B98C41E026858 86336 ----a-w- C:\Windows\Sysnative\drivers\pdc.sys
2015-05-29 13:04:56 AD7F69237480F6CB6294EFD9EE4CD04C 428864 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS
2015-05-29 13:04:56 7AA01AB1C110916825E6E1389F1B9AF2 39744 ----a-w- C:\Windows\Sysnative\drivers\intelpep.sys
2015-05-29 13:04:56 3C2DF97A21A9BBE6355B0A51F288EFFF 2485056 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys
2015-05-29 13:04:54 DC1D9F692C2AD84C214584C28501C1F7 24576 ----a-w- C:\Windows\Sysnative\drivers\ndistapi.sys
2015-05-29 13:04:54 8CD840A062F6BDF41DDE3ACB96164B72 32256 ----a-w- C:\Windows\Sysnative\drivers\kbdhid.sys
2015-05-29 13:04:54 5FCBAB60598AE119E02B4C27DE6B99EA 30208 ----a-w- C:\Windows\Sysnative\drivers\mouhid.sys
2015-05-29 13:04:54 3EE5097945A7F680E320953271EB2D4F 96768 ----a-w- C:\Windows\Sysnative\drivers\agilevpn.sys
2015-05-29 13:04:54 148195AE95D9BC7375A08846439FDAC1 26112 ----a-w- C:\Windows\Sysnative\drivers\sermouse.sys
2015-05-29 13:03:49 44603DA5A87FB491EF59C889EBBB4DDB 325464 ----a-w- C:\Windows\Sysnative\drivers\USBXHCI.SYS
2015-05-24 00:56:42 E9CD058C79EA15B4AA93E259FA713B07 136408 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2015-05-24 00:56:16 54D70409DE6932E9EFA117779611E7A9 107736 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys
2015-05-24 00:56:16 28B597A61C9AC9B59BC0573D70A62CBF 64216 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys
2015-05-24 00:56:16 1E9E32AEC3E1EB1B31B8169F33168B56 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys
====== C:\Windows\Tasks ======
2015-06-21 01:03:40 FDDCC67A909D358F43719A538FE7D282 3614 ----a-w- C:\Windows\Sysnative\Tasks\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}{19F8DB95-4D78-4ddb-AC71-C610654FE37F}
2015-06-21 01:03:40 9ED8FC772D5E58DDC39E13F6D1EB90AA 644 ----a-w- C:\Windows\Tasks\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}{19F8DB95-4D78-4ddb-AC71-C610654FE37F}.job
2015-06-21 01:03:37 83FE67B89F0F348596D0AB833229856E 3360 ----a-w- C:\Windows\Sysnative\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}
2015-06-21 01:03:37 66651F4A178986CC0E91184D3BCDACDD 690 ----a-w- C:\Windows\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job
2015-06-21 01:03:33 9955E8B63485FB9E4FFD783FE0CC0FD1 3054 ----a-w- C:\Windows\Sysnative\Tasks\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}
2015-06-21 01:03:32 DE0D407D3EBE81DF5298A9FD6E27B5A9 386 ----a-w- C:\Windows\Tasks\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}.job
2015-06-18 14:39:17 1290C47C46EE78707ABB77A765E42CD5 3522 ----a-w- C:\Windows\Sysnative\Tasks\ToolsUpdatePlatform_ScheduledTask
2015-06-18 14:39:16 DDF5D77B016E981E1AAB3D03D20457FA 456 ----a-w- C:\Windows\Tasks\ToolsUpdatePlatform_ScheduledTask.job
2015-06-15 20:44:26 0C845197465DF29228D5029EC61DC57D 3294 ----a-w- C:\Windows\Sysnative\Tasks\ToolwizCareFree
2015-06-12 02:35:42 357EE89B26D0B0F5BC51522FCD236A32 5018 ----a-w- C:\Windows\Sysnative\Tasks\Microsoft Office 15 Sync Maintenance for WALBER-super385011 WALBER
2015-05-23 23:48:56 5967216AB31EB28C73A3A5ECC1D43C8C 3598 ----a-w- C:\Windows\Sysnative\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2537286444-1251575466-2462476524-1001
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-06-15 00:40:12 -------- d-----w- C:\Program Files\Microsoft.NET
2015-06-14 01:25:44 -------- d-----w- C:\Program Files\Corel
2015-06-13 20:18:26 -------- d-----w- C:\Program Files\Classic Shell
2015-06-12 02:17:57 -------- d-----w- C:\Program Files\Common Files\DESIGNER
2015-06-12 02:16:36 -------- d-----w- C:\Program Files\Microsoft SQL Server
2015-06-12 02:12:49 -------- d-----w- C:\Program Files\Microsoft Analysis Services
2015-06-12 02:12:36 -------- d-----w- C:\Program Files\Microsoft Office
2015-06-11 16:34:51 -------- d-----w- C:\Program Files\Microsoft Office 15
2015-06-07 03:56:36 -------- d-----w- C:\Program Files\Microsoft Silverlight
2015-06-03 20:54:17 -------- d-----w- C:\Program Files\Common Files\Corel
2015-05-31 22:59:06 -------- d-----w- C:\Program Files\Common Files\Protexis
======= C:\PROGRA~2 =====
2015-06-21 01:03:25 -------- d-----w- C:\PROGRA~2\CalendarTool
2015-06-18 14:39:14 -------- d-----w- C:\PROGRA~2\ToolsUpdatePlatform
2015-06-18 13:03:29 -------- d-----w- C:\PROGRA~2\Adobe
2015-06-16 02:54:48 -------- d-----w- C:\PROGRA~2\Avira
2015-06-14 14:07:55 -------- d-----w- C:\PROGRA~2\Unchecky
2015-06-14 01:29:56 -------- d-----w- C:\PROGRA~2\gs
2015-06-12 02:17:26 -------- d-----w- C:\PROGRA~2\Microsoft SQL Server
2015-06-12 02:12:49 -------- d-----w- C:\PROGRA~2\Microsoft Analysis Services
2015-06-07 03:56:36 -------- d-----w- C:\PROGRA~2\Microsoft Silverlight
2015-06-07 00:38:12 -------- d-----w- C:\PROGRA~2\MSXML 4.0
2015-06-05 19:04:50 -------- d-----w- C:\PROGRA~2\COMMON~1\Adobe
2015-05-28 23:45:43 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
2015-05-28 23:44:37 -------- d-----w- C:\PROGRA~2\Java
======= C: =====
2015-06-05 19:05:37 99C30B73B3F4F83086F85192EFE70DBB 40 ---ha-w- C:\686EEC4358AD
====== C:\Users\super385011\AppData\Roaming ======
2015-06-21 01:03:41 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\CalendarTool
2015-06-21 01:03:37 -------- d-----w- C:\Users\super385011\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}
2015-06-21 01:03:29 -------- d-----w- C:\Users\super385011\AppData\Roaming\CalendarTool
2015-06-18 13:24:15 -------- d-----w- C:\Users\super385011\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-17 21:01:53 -------- d-----w- C:\Users\super385011\AppData\Roaming\Stereoscopic Player
2015-06-16 15:10:12 -------- d-----w- C:\Users\super385011\AppData\Local\Apps
2015-06-16 15:10:11 -------- d-----w- C:\Users\super385011\AppData\Local\Deployment
2015-06-16 02:57:11 -------- d-----w- C:\Users\super385011\AppData\Roaming\Avira
2015-06-15 20:44:27 -------- d-----w- C:\Users\super385011\AppData\Local\ToolwizCareFree
2015-06-15 20:15:24 -------- d-----w- C:\Users\super385011\AppData\Local\AviraSpeedup
2015-06-15 20:15:18 -------- d-----w- C:\Users\super385011\AppData\Local\Temp
2015-06-15 12:31:09 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2015-06-15 12:31:08 -------- d-----w- C:\Users\USURIO~1\AppData\Local\Temp
2015-06-15 12:31:08 -------- d-----w- C:\Users\Default\AppData\Local\Temp
2015-06-15 12:31:08 -------- d-----w- C:\Users\Default User\AppData\Local\Temp
2015-06-14 23:22:31 -------- d-----w- C:\Users\super385011\AppData\Roaming\ZHP
2015-06-14 03:21:28 135BF2ADFD29A7192DC3F2F858AC6978 571016 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat
2015-06-14 01:44:03 -------- d-----w- C:\Users\super385011\AppData\Roaming\Corel
2015-06-13 20:28:34 -------- d-----w- C:\Users\super385011\AppData\Local\ClassicShell
2015-06-11 15:58:27 -------- d-----w- C:\Users\super385011\AppData\Local\GWX
2015-06-07 03:28:56 -------- d-----w- C:\Users\super385011\AppData\Roaming\uTorrent
2015-06-07 01:41:41 -------- d-----w- C:\Users\super385011\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-06-06 22:37:49 -------- d-----w- C:\Users\super385011\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2015-06-06 21:26:32 -------- d-----w- C:\Users\super385011\AppData\Roaming\LG Electronics
2015-06-06 21:16:47 -------- d-----w- C:\Users\super385011\AppData\Local\LG Electronics
2015-06-05 19:04:50 -------- d-----w- C:\Users\super385011\AppData\Local\Adobe
2015-06-05 19:04:49 -------- d-----w- C:\Users\super385011\AppData\Roaming\Adobe
2015-06-05 14:43:53 -------- d-----w- C:\Users\USURIO~1\AppData\Roaming\Media Center Programs
2015-06-05 14:43:53 -------- d-----w- C:\Users\Default\AppData\Roaming\Media Center Programs
2015-06-05 14:43:53 -------- d-----w- C:\Users\Default User\AppData\Roaming\Media Center Programs
2015-06-02 23:59:49 -------- d-----w- C:\Users\super385011\AppData\Local\paint.net
2015-05-30 04:01:30 -------- d-----w- C:\Users\USURIO~1\AppData\Local\Microsoft Help
2015-05-30 04:01:30 -------- d-----w- C:\Users\Default\AppData\Local\Microsoft Help
2015-05-30 04:01:30 -------- d-----w- C:\Users\Default User\AppData\Local\Microsoft Help
2015-05-30 03:17:39 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Identities
2015-05-28 23:42:30 -------- d-----w- C:\Users\super385011\AppData\Locallow\Sun
2015-05-25 00:59:16 -------- d-----w- C:\Users\super385011\AppData\Roaming\Mozilla
2015-05-25 00:59:16 -------- d-----w- C:\Users\super385011\AppData\Local\Mozilla
====== C:\Users\super385011 ======
2015-06-22 20:11:58 -------- d-----w- C:\Users\Public\Documents\Guid
2015-06-22 00:20:03 -------- d-----w- C:\Users\Public\Documents\PC Faster
2015-06-22 00:20:03 -------- d-----w- C:\Users\Public\Documents\Baidu
2015-06-21 23:45:00 1A6501B45306B3F5A125FAACE18C5FDE 2244096 ----a-w- C:\Users\super385011\Downloads\adwcleaner_4.207 (1).exe
2015-06-19 23:08:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-06-18 03:48:42 FE7373EF7A4CF252FE9357D20491E86D 25 ----a-w- C:\Users\super385011\Desktop\Ram.vbs
2015-06-17 22:39:20 D957D405B01A04DEB1C066F787B70B16 576456 ----a-w- C:\Users\TODOSO~1\ToolsUpdatePlatform\CallBackInstall.exe
2015-06-17 22:10:00 -------- d-----w- C:\Users\TODOSO~1\ToolsUpdatePlatform
2015-06-17 22:10:00 -------- d-----w- C:\ProgramData\ToolsUpdatePlatform
2015-06-17 20:51:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3dtv.at Stereoscopic Player
2015-06-17 20:24:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Essentials Codec Pack
2015-06-16 15:14:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-16 02:33:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2015-06-15 21:45:21 -------- d-----w- C:\Users\TODOSO~1\Avira
2015-06-15 21:45:21 -------- d-----w- C:\ProgramData\Avira
2015-06-15 20:44:27 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ToolwizCareFree
2015-06-15 20:15:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviraSpeedup
2015-06-15 20:12:28 -------- d-----w- C:\Users\Public\Speedup Sessions
2015-06-14 14:08:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky
2015-06-14 14:07:59 -------- d-----w- C:\Users\TODOSO~1\Unchecky
2015-06-14 14:07:59 -------- d-----w- C:\ProgramData\Unchecky
2015-06-14 14:03:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2015-06-14 01:27:26 -------- d-----w- C:\Users\Public\Documents\Corel
2015-06-14 01:26:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)
2015-06-13 20:18:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2015-06-11 16:39:17 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-06-10 01:05:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iRoot
2015-06-07 21:07:39 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-06-06 22:46:28 -------- d-----w- C:\Users\Public\Documents\CrashDump
2015-06-06 21:16:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite
2015-06-06 21:13:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-06-05 19:05:01 -------- d-----w- C:\Users\TODOSO~1\Adobe
2015-06-05 19:05:01 -------- d-----w- C:\ProgramData\Adobe
2015-06-05 14:43:53 -------- d-----r- C:\Users\Public\Recorded TV
2015-06-03 20:53:59 -------- d-----w- C:\Users\TODOSO~1\Protexis
2015-06-03 20:53:59 -------- d-----w- C:\ProgramData\Protexis
2015-06-03 02:17:30 -------- d-----w- C:\Users\TODOSO~1\Protexis64
2015-06-03 02:17:30 -------- d-----w- C:\ProgramData\Protexis64
2015-05-31 22:52:59 -------- d-----w- C:\Users\TODOSO~1\Corel
2015-05-31 22:52:59 -------- d-----w- C:\ProgramData\Corel
2015-05-31 20:19:35 -------- d-----w- C:\Users\TODOSO~1\Licenses
2015-05-31 20:19:35 -------- d-----w- C:\ProgramData\Licenses
2015-05-28 23:45:45 -------- d-----w- C:\Users\TODOSO~1\Sun
2015-05-28 23:45:45 -------- d-----w- C:\ProgramData\Sun
2015-05-28 23:45:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-05-28 23:44:41 -------- d-----w- C:\Users\TODOSO~1\Oracle
2015-05-28 23:44:41 -------- d-----w- C:\ProgramData\Oracle

====== C: exe-files ==
2015-06-22 02:08:20 D706A63A455D31900734313CE2050FDF 15968 --s-a-w- C:\$RECYCLE.BIN\S-1-5-21-2537286444-1251575466-2462476524-1001\$RKNO0IJ\C_PROGRA~3_InstallMate\{84481A87-2316-4923-8FAB-3BA8CA29323D}\Setup.exe
2015-06-22 00:07:49 A107DE2D120C0571B544EEC53D1971AB 1406208 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\TweakingRegistryBackup.exe
2015-06-22 00:07:49 1B128828BF5E4353811B6DA58156B7F4 6656 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\files\dosdev.exe
2015-06-22 00:07:09 CABCDE288C5C7F0C1F933CD2EB6F7834 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2537286444-1251575466-2462476524-1001\$IE371F2.exe
2015-06-22 00:06:57 7D4D2582898E865A7EEEDDFAC649231A 2950454 ----a-w- C:\Users\super385011\Desktop\PcBrasil\JRT.exe
2015-06-21 23:45:00 1A6501B45306B3F5A125FAACE18C5FDE 2244096 ----a-w- C:\Users\super385011\Downloads\adwcleaner_4.207 (1).exe
2015-06-21 23:44:36 1A6501B45306B3F5A125FAACE18C5FDE 2244096 ----a-w- C:\Users\super385011\Desktop\PcBrasil\adwcleaner_4.207.exe
2015-06-21 02:35:03 8D2A6A6659F60C6D718D9F9289AE1A61 1847296 ----a-w- C:\Users\super385011\Desktop\PcBrasil\ZHPCleaner.exe
2015-06-21 02:34:09 2F3BFECADEBFFB1C8C2248AEA01D643D 3521467 ----a-w- C:\Users\super385011\Desktop\PcBrasil\ZHPFix.exe
2015-06-21 02:27:38 1833923DA90E73C3A392F05069E3BA8B 6883618 ----a-w- C:\Users\super385011\Desktop\PcBrasil\ZHPDiag2.exe
2015-06-21 02:21:54 E0C27AAD0A97444BB001C0F2B976A6EA 781312 ----a-w- C:\Users\super385011\Desktop\PcBrasil\delfix_1.010.exe
2015-06-21 02:21:01 0DC9E740762A383BB935340EC5ABDBC3 1196032 ----a-w- C:\Users\super385011\Desktop\PcBrasil\CTR.exe
2015-06-21 02:20:14 8DA935E5025B2503DF2C77967A711C6A 1348096 ----a-w- C:\Users\super385011\Desktop\PcBrasil\SFTGC.exe
2015-06-21 02:19:36 2E7C383EA6EF472E08228AABA2A599D4 1148416 ----a-w- C:\Users\super385011\Desktop\PcBrasil\FRST.exe
2015-06-21 02:19:07 700B66BC8B579C3CA00DC36E6E48714C 646656 ----a-w- C:\Users\super385011\Desktop\PcBrasil\OTS.exe
2015-06-21 02:18:49 88B5B67C00BBB7958783E4880A401360 1019293 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2537286444-1251575466-2462476524-1001\$RE371F2.exe
2015-06-21 01:03:37 1D520DD9F756BF14B1252BD029758849 263448 ----a-w- C:\Users\super385011\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\CheckUpdate.exe
2015-06-21 01:03:37 0965CF41E461D0C872D09AEB4443F1A4 1324008 ----a-w- C:\Users\super385011\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\InstallHelp.exe
2015-06-19 22:37:00 6C92F98B6B3232838A695D22EE28D9A3 4737144 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avira_en____fm.exe
2015-06-18 21:39:42 31657ADA786863B73FAC28E5BD0753AD 382168 ----a-w- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\ReaderUpdater.exe
2015-06-18 21:39:41 31657ADA786863B73FAC28E5BD0753AD 382168 ----a-w- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AcrobatUpdater.exe
2015-06-17 22:39:20 D957D405B01A04DEB1C066F787B70B16 576456 ----a-w- C:\Users\Todos os Usuários\ToolsUpdatePlatform\CallBackInstall.exe
2015-06-17 22:39:20 D957D405B01A04DEB1C066F787B70B16 576456 ----a-w- C:\ProgramData\ToolsUpdatePlatform\CallBackInstall.exe
2015-06-16 15:54:00 B1798BC27E40983B12FEFD0D85C05B3F 873800 ----a-w- C:\Users\super385011\AppData\Local\Google\Chrome\User Data\SwReporter\3.21.0\software_reporter_tool.exe
2015-06-16 15:19:17 F6EEE6848E933962E12E7B3F25C73C88 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateBroker.exe
2015-06-16 15:19:17 C990A8EAD57DA59FA8156CC02D3B7DA5 931408 ----a-w- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateSetup.exe
2015-06-16 15:19:17 6732C4A894855042FD3618406B6BBD48 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe
2015-06-16 15:19:17 0894890F30B5F6510DF953BC50B5504F 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateWebPlugin.exe
2015-06-16 15:19:13 BB3045B399D898061B926B447C446E05 127816 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateComRegisterShell64.exe
2015-06-16 15:19:13 8715A0D10CFFC8DEE923957F07DAA042 244040 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
2015-06-16 15:19:13 6509A96DAE25340772B51AC020CB1094 304968 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
2015-06-16 15:19:12 0C03FB91E17987EED93F60007B08DAA0 144200 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdate.exe
2015-06-16 15:19:10 C990A8EAD57DA59FA8156CC02D3B7DA5 931408 ----a-w- C:\Program Files (x86)\Google\Update\Install\{C47A42F7-2AF1-4AA6-8673-ACEDC53F6B8B}\GoogleUpdateSetup.exe
2015-06-16 15:19:10 C990A8EAD57DA59FA8156CC02D3B7DA5 931408 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.27.5\GoogleUpdateSetup.exe
2015-06-16 15:14:09 E9E39FDA16E98FFB4722A24D572E0250 42089552 ----a-w- C:\Program Files (x86)\Google\Update\Install\{B4674BEF-A6BE-4FAD-AD70-9C47FB72FF13}\43.0.2357.124_chrome_installer.exe
2015-06-16 15:14:07 E9E39FDA16E98FFB4722A24D572E0250 42089552 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\43.0.2357.124\43.0.2357.124_chrome_installer.exe
2015-06-16 15:12:02 E1B44A75947137F4143308D566889837 107848 ----atw- C:\Program Files (x86)\Google\Update\GoogleGGupdate.exe
2015-06-16 15:11:36 F6414DD3B23979312F8EBB91DE794178 11080 ------w- C:\Users\super385011\AppData\Local\Apps\2.0\JYRAP86D.WCL\1VWQ5ELP.0XX\inst...app_86fd5b6b43e66935_0001.0003_3acec3780f16ae88\clickonce_bootstrap.exe
2015-06-16 15:11:36 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Users\super385011\AppData\Local\Apps\2.0\JYRAP86D.WCL\1VWQ5ELP.0XX\inst...app_86fd5b6b43e66935_0001.0003_3acec3780f16ae88\GoogleUpdateSetup.exe
2015-06-16 15:11:36 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Users\super385011\AppData\Local\Apps\2.0\JYRAP86D.WCL\1VWQ5ELP.0XX\clic...exe_86fd5b6b43e66935_0001.0003_none_f263691f58f224f9\GoogleUpdateSetup.exe
2015-06-16 14:29:01 5A89E2D96A4EEFA535FC8174EC1F7C68 1084664 ----a-w- C:\Users\Todos os Usuários\Avira\Antivirus\TEMP\SELFUPDATE\update.exe
2015-06-16 14:29:01 5A89E2D96A4EEFA535FC8174EC1F7C68 1084664 ----a-w- C:\ProgramData\Avira\Antivirus\TEMP\SELFUPDATE\update.exe
2015-06-16 14:29:01 42EF846B9E24D99D2558B7F913874A3B 394032 ----a-w- C:\Users\Todos os Usuários\Avira\Antivirus\TEMP\SELFUPDATE\updrgui.exe
2015-06-16 14:29:01 42EF846B9E24D99D2558B7F913874A3B 394032 ----a-w- C:\ProgramData\Avira\Antivirus\TEMP\SELFUPDATE\updrgui.exe
2015-06-16 14:28:30 44AAA7A2E7194603559DAB6F96CA6DD6 577784 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\AdministrativeRightsProvider.exe
2015-06-16 14:27:54 6C92F98B6B3232838A695D22EE28D9A3 4737144 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avira_ptbr____fm.exe
2015-06-16 02:55:05 24B128BBF0F67A8F43897314BA5C40DA 508152 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe
2015-06-16 02:54:55 5A89E2D96A4EEFA535FC8174EC1F7C68 1084664 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe
2015-06-16 02:54:55 42EF846B9E24D99D2558B7F913874A3B 394032 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\updrgui.exe
2015-06-16 02:54:54 E332704E2780E0B6389D915F109D3FEE 465864 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe
2015-06-16 02:54:54 CFA27AE04A26FF195E14040108DD8D92 668464 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\guardgui.exe
2015-06-16 02:54:54 C194EBC16FFE1A083387CD6D97CAE663 401200 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\checkt.exe
2015-06-16 02:54:54 A2452501EA665FF4493C678E42C49F08 1992440 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe
2015-06-16 02:54:54 574F75AD6CC659DC49F3EB9B57D9D90D 429304 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\setuppending.exe
2015-06-16 02:54:54 5295EBB03544AB98C5E971C6795C25C6 468728 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\ccuac.exe
2015-06-16 02:54:54 50D6125A1EAE284E1781118D6A24A709 68912 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\toastnotifier.exe
2015-06-16 02:54:54 2A46F5DC183853BEF1BC8347F7F672A0 460024 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\rscdwld.exe
2015-06-16 02:54:54 1B97B893DF21C8A36C4DE704FE538697 898808 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\fact.exe
2015-06-16 02:54:54 1892E1DB0B6431720B98B52AE9388C28 450808 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
2015-06-16 02:54:54 1093865849D6B27531E473791EF5BC19 490440 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\inssda64.exe
2015-06-16 02:54:54 0BD137E010D8CEE6AEF0EB3D6030E7CA 568112 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\licmgr.exe
2015-06-16 02:54:53 CCF7D341EBF8478BDDA6A2E54835881D 1058608 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avwsc.exe
2015-06-16 02:54:53 A9861F16762ABF8C1710E599FBBA6A7E 1187336 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
2015-06-16 02:54:53 8F86F2D64C6792C3AD14ED5EA4943F59 716808 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe
2015-06-16 02:54:53 6FD5165364D88FDABE4FA59E1768376F 1188360 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
2015-06-16 02:54:53 4511374AA9988B54CB97BA1D05DF65DD 1040688 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
2015-06-16 02:54:53 26ED091D10780563931A6961A19089FF 409392 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avupgsvc.exe
2015-06-16 02:54:53 24390030CBD3D3DED90F8FAF2F4B27B9 562936 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avrestart.exe
2015-06-16 02:54:53 11A94C65A29BBF0317302E1CF9CE5C9A 625912 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
2015-06-16 02:54:52 F5D67941905CE55DB26A71409245BBFA 543992 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avmcdlg.exe
2015-06-16 02:54:52 F5638F8625D4F608B416A55978B75664 715568 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
2015-06-16 02:54:52 A6ABD4AF02AB03676DEA55F383ABC7C2 730416 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
2015-06-16 02:54:52 6C82CA438DBBB56EBF46506360411BC9 825136 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
2015-06-16 02:54:52 4BDDF124CEB1342D3CE113BE97365FD2 838152 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avconfig.exe
2015-06-16 02:54:52 3358CAD1887DDDDD2A36B7796B579292 827184 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
2015-06-16 02:54:52 2D9F792E8129FE8ABC77AFCDBD6CF4D4 420144 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avadmin.exe
2015-06-16 02:54:52 1892E1DB0B6431720B98B52AE9388C28 450808 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
=== C: other files ==
2015-06-22 00:07:49 F206D8CBAD79E949AC9ADBE8AF2D60B7 2374 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\medfos.bat
2015-06-22 00:07:49 D574912A12CAAFD0E47A7757A0D9527F 9174 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\searchlnk.bat
2015-06-22 00:07:49 C16EBCAA02F2976408D2F5A68D2562FF 1771 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\delfolders.bat
2015-06-22 00:07:49 BD130F08F50D61C3859B6F819F3558A5 31138 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\iexplore.bat
2015-06-22 00:07:49 B23B16209341AEAE62A7D32117A36F55 1192 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\TDL4.bat
2015-06-22 00:07:49 A8F5541C419593F3ECAC0E0A3FB0F2BA 1162 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\surfvox.bat
2015-06-22 00:07:49 A6DEDFDFF4E2321F44790819C5F310F1 13907 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\chrome.bat
2015-06-22 00:07:49 A337A318BC530E1C231F4148DDFE4C60 7393 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\runvalues.bat
2015-06-22 00:07:49 93A6196509429319C854A941F14F1E7C 252 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\ev_clear.bat
2015-06-22 00:07:49 9246BABAAAE2978EABF6F0D784B0683D 34543 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\prelim.bat
2015-06-22 00:07:49 78551B6A98FF3EE95DB330BB742F7AD0 152662 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\firefox.bat
2015-06-22 00:07:49 749C44588AD7BD398F1BDCD030F2B081 21096 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\ask.bat
2015-06-22 00:07:49 654E99115CFEC77263269E5EB6717E4C 131287 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\misc.bat
2015-06-22 00:07:49 49B4FCAB4947D8A494C0108127101009 4756 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\chrome_pref.bat
2015-06-22 00:07:49 2719B06EF921402D7D820120D79D4E88 14504 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\mws.bat
2015-06-22 00:07:49 05E06D3F96DDF25998D8C3117035B7B6 17011 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\get.bat
2015-06-18 03:48:42 FE7373EF7A4CF252FE9357D20491E86D 25 ----a-w- C:\Users\super385011\Desktop\Ram.vbs
2015-06-16 02:54:54 E00029BB9F70B7517852FF6965945463 7792 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\sweb.zip
2015-06-16 02:54:53 83586138F23A4C284EB68AFC852D7AFA 43576 ----a-w- C:\Windows\System32\drivers\avnetflt.sys
2015-06-16 02:54:53 83586138F23A4C284EB68AFC852D7AFA 43576 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avnetflt.sys
2015-06-16 02:54:52 CC1ABBD9E61B7AA5CCBB45EA87CB033F 153256 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2015-06-16 02:54:52 CC1ABBD9E61B7AA5CCBB45EA87CB033F 153256 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avgntflt.sys
2015-06-16 02:54:52 390184FAD8FCC1B6DA25AEBAE928C3B6 28600 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
2015-06-16 02:54:52 390184FAD8FCC1B6DA25AEBAE928C3B6 28600 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avkmgr.sys
2015-06-16 02:54:52 07C8454D3A94BA478752FAFA2B94E0FE 132656 ----a-w- C:\Windows\System32\drivers\avipbb.sys
2015-06-16 02:54:52 07C8454D3A94BA478752FAFA2B94E0FE 132656 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avipbb.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2537286444-1251575466-2462476524-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"ToolwizCareFree"="E:\ToolwizCareFree\ToolwizCareFree\ToolwizCares.exe -autorun"
"WinPatrol"="E:\BillP Studios\winpatrol.exe -expressboot"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"Malwarebytes Anti-Exploit"="E:\Malwarebytes Anti-Exploit\Malwarebytes Anti-Exploit\mbae.exe"
"avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe /min"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe /min"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"ToolwizCareFree"="E:\ToolwizCareFree\ToolwizCareFree\ToolwizCares.exe -autorun"
"WinPatrol"="E:\BillP Studios\winpatrol.exe -expressboot"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartUpManagerPositivo"="C:\Program Files\Positivo Inform tica\Mundo Positivo Gerenciador de Inicializa‡Æo\ManagerWindows.exe"
"Classic Start Menu"="C:\Program Files\Classic Shell\ClassicStartMenu.exe -autorun"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Task Scheduler Jobs ======================

C:\Windows\tasks\ToolsUpdatePlatform_ScheduledTask.job --a-------- C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe [06/05/2015 04:35]
C:\Windows\tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job --a-------- C:\C:\Users\super385011\AppData\Roaming\2F3AA0F6-976C-4b02-A66A-5D1DEA00811F\InstallHelp.exe []
C:\Windows\tasks\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}.job --a-------- C:\Program Files (x86)\CalendarTool\1.3.1.9691\InstallHelper.exe [14/05/2015 05:07]
C:\Windows\tasks\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}{19F8DB95-4D78-4ddb-AC71-C610654FE37F}.job --a-------- C:\Program Files (x86)\CalendarTool\1.3.1.9691\InstallHelper.exe [14/05/2015 05:07]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\Synaptics TouchPad Enhancements" ["C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"]
"C:\Windows\SysNative\tasks\ToolsUpdatePlatform_ScheduledTask" [C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe]
"C:\Windows\SysNative\tasks\ToolwizCareFree" [E:\ToolwizCareFree\ToolwizCareFree\ToolwizCares.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{FAFC7D89-08F8-4952-9030-56FCEE923ABB}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}" [C:\Users\super385011\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\InstallHelp.exe]
"C:\Windows\SysNative\tasks\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}" [C:\Program Files (x86)\CalendarTool\1.3.1.9691\InstallHelper.exe]
"C:\Windows\SysNative\tasks\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}{19F8DB95-4D78-4ddb-AC71-C610654FE37F}" [C:\Program Files (x86)\CalendarTool\1.3.1.9691\InstallHelper.exe]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\SUPER3~1\AppData\Roaming\Mozilla\Firefox\Profiles\ts05rh7v.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\SUPER3~1\AppData\Roaming\Mozilla\Firefox\Profiles\ts05rh7v.default
- Undetermined - C:\Users\super385011\AppData\Roaming\Mozilla\Firefox\Profiles\ts05rh7v.default\extensions\searchffv2@gmail.com
- Undetermined - C:\Users\super385011\AppData\Roaming\Mozilla\Firefox\Profiles\ts05rh7v.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
- Undetermined - C:\Users\super385011\AppData\Roaming\Mozilla\Firefox\Profiles\ts05rh7v.default\extensions\sweetsearch@gmail.com

==== Firefox Plugins ======================


==== Chromium Look ======================

Google Chrome Version: 43.0.2357.124


Google Slides - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
selector is not a valid CSS selector - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Google Search - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Avira Browser Safety - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk
Chrome Hotword Shared Module - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Google Wallet - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
ScriptSafe - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf
Gmail - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\super385011\AppData\Local\Google\Chrome\User Data\Default\Preferences
BzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/gcm","https://www.googleapis.com/auth/googlenow"]},"optional_permissions":["background"],"permissions":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate","*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/chromenow/v1/*","https://*.googleapis.com/gcm/*","https://*.googleusercontent.com/*"],"version":"1.2.0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.124\\resources\\google_now","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"pjkljhegncpnkpknbcohdijeoejaedia":{"ack_external":true,"active_bit":false,"active_permissions":{"api":["notifications"],"manifest_permissions":[]},"app_launcher_ordinal":"x","commands":{},"content_settings":[],"creation_flags":137,"disable_reasons":1,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13078941358889037","last_active_pingday":"13078998017909482","last_launch_time":"13078941652348361","lastpingday":"13079343634229251","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"pt_BR","default_locale":"en","description":"E-mail rápido e pesquisável com menos spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":0,"was_installed_by_default":true,"was_installed_by_oem":false}}},"google":{"services":{"last_username":"super385011@gmail.com","username":"super385011@gmail.com"}},"homepage":"http://www.google.com/","homepage_changed":true,"homepage_is_newtabpage":true,"pinned_tabs":[],"prefs":{"preference_reset_time":"13079405774507096"},"protection":{"macs":{"browser":{"show_home_button":"477E638E19BD34D26B38B2D9880612DF867EE3351F57BAEF7748B4608C392612"},"default_search_provider":{"keyword":"26E8B9D79A396DC2C1EE361BA7373CC084F656FFD5F2A9647F1D48CD8970E9DF","name":"6591108C0768244B1EB6B28FE4F5F7FC9521024CCF026ABAFA8B38219632C2F3","search_url":"88268D91AD646330308C1855C478D9B0AA481DFA14780501BADF43058538D7A0"},"default_search_provider_data":{"template_url_data":"9E32584553292FE8DBC22A36206C38BA9F30796EF4F6DD0717B98C582EF99867"},"extensions":{"settings":{"aaaaafhgaihilbkellglkpeiegabpjem":"A0ECD148C3734FE8CA2111E289529FF08046475250E5EE40B0CAB063F9B232EF","aapocclcgogkmnckokdopfmhonfmgoek":"0DF240755AB549698C366B57CC8679A462629D3F1EEC7AA62262E08410C00E24","ahfgeienlihckogmohjhadlkjgocpleb":"208ED8236634C9E4A4C8512D87A4A07BB0A025FCABEB94873BAF1E9D454F46D6","aohghmighlieiainnegkcijnfilokake":"F6B0BE3FF141C5229F6BD24F75705E88A03D3D1DFB1DB761251B872A30262A38","apdfllckaahabafndbhieahigkjlhalf":"640DAE167E2180B2B5BA445F5E6BC07F2854EF2D13701AE22BFA4C33D3FA3CA8","bepbmhgboaologfdajaanbcjmnhjmhfn":"7F013D4F572B6499244BF3516D723E2499CD1BEEA25E0EBE805B4C6FF5B968E4","blpcfgokakmgnkcojhhkbfbldkacnbeo":"93C13094BF8BBB382F8FF975C47A23591667F0B48B3B788569597095BA619CAC","cfhdojbkjhnklbpkdaibdccddilifddb":"8F7A8CD07EACF66357BA1BCFD362F12302D3625C88B9D8D937FE9BD63E108518","coobgpohoikkiipiblmjeljniedjpjpf":"B0E643757E16842A3E275200CFB606C3ECC9F7B871F2848502CF0EA8643EBFAD","eemcgdkfndhakfknompkggombfjjjeno":"9772FFD1B01547061535110CB027DADF3A17DF358D15E821D012B3EF7DAB7D91","ennkphjdgehloodpbhlhldgbnhmacadg":"9F7DD6321C7C763A16C6D8930E7EE1D84CE6C55ECB6B0AFDC5BD1935401E87A8","felcaaldnbdncclmgdcncolpebgiejap":"4FA136BED9FE4494AE72B0342123D157478FA5D7E21536C1482A3316EA82626E","flliilndjeohchalpbbcdekjklbdgfkk":"0EF6B5A42D9A139F3C4A84F56F28D11837A8957C896F9231C5A9ED8B94106813","gfdkimpbcpahaombhbimeihdjnejgicl":"DEB084D8F1E3AD28DCEC1A1CB79B21F2F6490E7B6925F5B613B5A38C89E0D66B","kmendfapggjehodndflmmgagdbamhnfd":"174BD529F299880F17106100773A0F362841A7714601E018CA5609040E924B50","lccekmodgklaepjeofjdjpbminllajkg":"DB4A24622BCAED894AA4AA9F8CF8B5B224A2CF82E82E3FE91DFFBB9DE6889B72","liihjkncaijcmlgmpnadmnkfapffgijd":"C4D72EA8A4E8FAD71D2DA0A091B737FDB59D117259CBD53BF5317F3018EE6DF4","mfehgcgbbipciphmccgaenjidiccnmng":"21F659CEA9631E5645C040B3C1EE45DF8A04F4024BE536C9CCD0CD2B09A37C88","mfffpogegjflfpflabcdkioaeobkgjik":"646E02FCA37409BEE0DA0EE6E33981AC1C4E23E0661C3B0E986066BB6AB2C464","mgndgikekgjfcpckkfioiadnlibdjbkf":"5C4DAB4E70FBCF0FC1E57A32E264D409BB4D1994BA605D6EBD3C938535A2ECD5","mhjfbmdgcfjbbpaeojofohoefgiehjai":"A504D193397099AC71057CD43F2CD1A562BE1A0D0AEAC4E7BB12A4230B1F0BE9","nbpagnldghgfoolbancepceaanlmhfmd":"650739019D908FA509A8A66E93229F8EB5F898840C411F052F419AE2769668B9","neajdppkdcdipfabeoofebfddakdcjhd":"F492903869A323AEB882F5C8D3D8FA7190400B6D8BAF3F9F1ABC5D59DCF9F39A","nkeimhogjdpnpccoofpliimaahmaaome":"0625F220A623A1412762A6936E613DF3E258BDFB4581229B83A7BE48F5F74961","nmmhkkegccagdldgiimedpiccmgmieda":"013D1EDB4988DADDC219214D61780311493FEC91DD5746194E88C2EEB3D7E25C","oiigbmnaadbkfbmpbfijlflahbdbdgdf":"1BE2AE9D602B290BB210B8F3C70E4996F34B7AA8C91E79E7194A60F401DE0E22","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"A59B1DF1FC61E9DB728E0D2B289764CAEC09FEE9857C83FBC2FD5C161B64B375","pjkljhegncpnkpknbcohdijeoejaedia":"64DB7AF6D597C539F8723044CE2509062AEEE820B4C459960BAD922073051CCD"}},"google":{"services":{"last_username":"503237B1B5C71C1E3818B2885FB4DBCAE6444C12BD8D6B6D890879E42AAC6EFA","username":"7B6C06541AFE1B4D3F8F8A0C617AC701AC02F609DE3639BE71BCFDDF91986742"}},"homepage":"389AC91814B04F9BE4B2C47078544DA833C013D9C4DCE2EBBAA425AD01B06B87","homepage_is_newtabpage":"957673045DE8CE37498AF46E2D9E70C058B1FAC8C91E4CC7F6BE5D24BBF32F3D","pinned_tabs":"BF507910C4BA2A1857A4E5CB7819F66AD8E00D3F47263C934C044C24DCA4BF65","prefs":{"preference_reset_time":"7949AB2379AB1DAFC9733BD7DC0C84F4C1A733DED78209CDF5CECD55E69C5AE5"},"profile":{"reset_prompt_memento":"5159CD29F3904274DFA8910BFB1191F2A9F3281F864208710066FF6CF934A0A5"},"safebrowsing":{"incidents_sent":"4D3653BFE2FEF02949CEDB6EBC50ECCFCC075ABFD9106F8FE9F18F4D72E186C7"},"search_provider_overrides":"29C53488423B41CACE0B642F6D335E172627D7F4966028CCDE65578422EB6D41","session":{"restore_on_startup":"41CCC1FCC6761D92F8DAFF8D050C6F97C57F0D22178ABEB0E71F8BFDD1FC11A9","startup_urls":"30B4379EE4B0511A9F5B6549061686BABC72D43241F4FA3D95D1979F513C7344"},"software_reporter":{"prompt_reason":"61136B0A724D27B27DB9EB0C12F165B316A4C78567E5487AC5D2F2ACE7DB07C5","prompt_seed":"CACB2B1FA1B984EFE30C3880D5578CF791531926847DAC852DD0AC94F1875CEC","prompt_version":"828860BBCFDDA9423D8B3443804EB0929C78F01CE988402BF1E30FB0175769FC"},"sync":{"remaining_rollback_tries":"271E8B6961462D5545B21386DCC110B39C96CB3AF93D8F3DB7C86C819E75F55D"}},"super_mac":"5DF5451B5E12FEECB29CDAEF98324DF0260E79F305F891354E322C194FE5863B"},"safebrowsing":{"incidents_sent":{"1":{"extensions.settings":"2685983767"},"2":{"chrome.dll":"3774509266","chrome_child.dll":"3743713718"}}},"session":{"restore_on_startup":4,"startup_urls":["http://www.google.com/"],"urls_to_restore_on_startup":null},"sync":{"remaining_rollback_tries":0}}
BzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/gcm","https://www.googleapis.com/auth/googlenow"]},"optional_permissions":["background"],"permissions":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate","*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/chromenow/v1/*","https://*.googleapis.com/gcm/*","https://*.googleusercontent.com/*"],"version":"1.2.0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.124\\resources\\google_now","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"pjkljhegncpnkpknbcohdijeoejaedia":{"ack_external":true,"active_bit":false,"active_permissions":{"api":["notifications"],"manifest_permissions":[]},"app_launcher_ordinal":"x","commands":{},"content_settings":[],"creation_flags":137,"disable_reasons":1,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13078941358889037","last_active_pingday":"13078998017909482","last_launch_time":"13078941652348361","lastpingday":"13079343634229251","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"pt_BR","default_locale":"en","description":"E-mail rápido e pesquisável com menos spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":0,"was_installed_by_default":true,"was_installed_by_oem":false}}},"google":{"services":{"last_username":"super385011@gmail.com","username":"super385011@gmail.com"}},"homepage":"http://www.google.com/","homepage_changed":true,"homepage_is_newtabpage":true,"pinned_tabs":[],"prefs":{"preference_reset_time":"13079405774507096"},"protection":{"macs":{"browser":{"show_home_button":"477E638E19BD34D26B38B2D9880612DF867EE3351F57BAEF7748B4608C392612"},"default_search_provider":{"keyword":"26E8B9D79A396DC2C1EE361BA7373CC084F656FFD5F2A9647F1D48CD8970E9DF","name":"6591108C0768244B1EB6B28FE4F5F7FC9521024CCF026ABAFA8B38219632C2F3","search_url":"88268D91AD646330308C1855C478D9B0AA481DFA14780501BADF43058538D7A0"},"default_search_provider_data":{"template_url_data":"9E32584553292FE8DBC22A36206C38BA9F30796EF4F6DD0717B98C582EF99867"},"extensions":{"settings":{"aaaaafhgaihilbkellglkpeiegabpjem":"A0ECD148C3734FE8CA2111E289529FF08046475250E5EE40B0CAB063F9B232EF","aapocclcgogkmnckokdopfmhonfmgoek":"0DF240755AB549698C366B57CC8679A462629D3F1EEC7AA62262E08410C00E24","ahfgeienlihckogmohjhadlkjgocpleb":"208ED8236634C9E4A4C8512D87A4A07BB0A025FCABEB94873BAF1E9D454F46D6","aohghmighlieiainnegkcijnfilokake":"F6B0BE3FF141C5229F6BD24F75705E88A03D3D1DFB1DB761251B872A30262A38","apdfllckaahabafndbhieahigkjlhalf":"640DAE167E2180B2B5BA445F5E6BC07F2854EF2D13701AE22BFA4C33D3FA3CA8","bepbmhgboaologfdajaanbcjmnhjmhfn":"7F013D4F572B6499244BF3516D723E2499CD1BEEA25E0EBE805B4C6FF5B968E4","blpcfgokakmgnkcojhhkbfbldkacnbeo":"93C13094BF8BBB382F8FF975C47A23591667F0B48B3B788569597095BA619CAC","cfhdojbkjhnklbpkdaibdccddilifddb":"8F7A8CD07EACF66357BA1BCFD362F12302D3625C88B9D8D937FE9BD63E108518","coobgpohoikkiipiblmjeljniedjpjpf":"B0E643757E16842A3E275200CFB606C3ECC9F7B871F2848502CF0EA8643EBFAD","eemcgdkfndhakfknompkggombfjjjeno":"9772FFD1B01547061535110CB027DADF3A17DF358D15E821D012B3EF7DAB7D91","ennkphjdgehloodpbhlhldgbnhmacadg":"9F7DD6321C7C763A16C6D8930E7EE1D84CE6C55ECB6B0AFDC5BD1935401E87A8","felcaaldnbdncclmgdcncolpebgiejap":"4FA136BED9FE4494AE72B0342123D157478FA5D7E21536C1482A3316EA82626E","flliilndjeohchalpbbcdekjklbdgfkk":"0EF6B5A42D9A139F3C4A84F56F28D11837A8957C896F9231C5A9ED8B94106813","gfdkimpbcpahaombhbimeihdjnejgicl":"DEB084D8F1E3AD28DCEC1A1CB79B21F2F6490E7B6925F5B613B5A38C89E0D66B","kmendfapggjehodndflmmgagdbamhnfd":"174BD529F299880F17106100773A0F362841A7714601E018CA5609040E924B50","lccekmodgklaepjeofjdjpbminllajkg":"DB4A24622BCAED894AA4AA9F8CF8B5B224A2CF82E82E3FE91DFFBB9DE6889B72","liihjkncaijcmlgmpnadmnkfapffgijd":"C4D72EA8A4E8FAD71D2DA0A091B737FDB59D117259CBD53BF5317F3018EE6DF4","mfehgcgbbipciphmccgaenjidiccnmng":"21F659CEA9631E5645C040B3C1EE45DF8A04F4024BE536C9CCD0CD2B09A37C88","mfffpogegjflfpflabcdkioaeobkgjik":"646E02FCA37409BEE0DA0EE6E33981AC1C4E23E0661C3B0E986066BB6AB2C464","mgndgikekgjfcpckkfioiadnlibdjbkf":"5C4DAB4E70FBCF0FC1E57A32E264D409BB4D1994BA605D6EBD3C938535A2ECD5","mhjfbmdgcfjbbpaeojofohoefgiehjai":"A504D193397099AC71057CD43F2CD1A562BE1A0D0AEAC4E7BB12A4230B1F0BE9","nbpagnldghgfoolbancepceaanlmhfmd":"650739019D908FA509A8A66E93229F8EB5F898840C411F052F419AE2769668B9","neajdppkdcdipfabeoofebfddakdcjhd":"F492903869A323AEB882F5C8D3D8FA7190400B6D8BAF3F9F1ABC5D59DCF9F39A","nkeimhogjdpnpccoofpliimaahmaaome":"0625F220A623A1412762A6936E613DF3E258BDFB4581229B83A7BE48F5F74961","nmmhkkegccagdldgiimedpiccmgmieda":"013D1EDB4988DADDC219214D61780311493FEC91DD5746194E88C2EEB3D7E25C","oiigbmnaadbkfbmpbfijlflahbdbdgdf":"1BE2AE9D602B290BB210B8F3C70E4996F34B7AA8C91E79E7194A60F401DE0E22","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"A59B1DF1FC61E9DB728E0D2B289764CAEC09FEE9857C83FBC2FD5C161B64B375","pjkljhegncpnkpknbcohdijeoejaedia":"64DB7AF6D597C539F8723044CE2509062AEEE820B4C459960BAD922073051CCD"}},"google":{"services":{"last_username":"503237B1B5C71C1E3818B2885FB4DBCAE6444C12BD8D6B6D890879E42AAC6EFA","username":"7B6C06541AFE1B4D3F8F8A0C617AC701AC02F609DE3639BE71BCFDDF91986742"}},"homepage":"389AC91814B04F9BE4B2C47078544DA833C013D9C4DCE2EBBAA425AD01B06B87","homepage_is_newtabpage":"957673045DE8CE37498AF46E2D9E70C058B1FAC8C91E4CC7F6BE5D24BBF32F3D","pinned_tabs":"BF507910C4BA2A1857A4E5CB7819F66AD8E00D3F47263C934C044C24DCA4BF65","prefs":{"preference_reset_time":"7949AB2379AB1DAFC9733BD7DC0C84F4C1A733DED78209CDF5CECD55E69C5AE5"},"profile":{"reset_prompt_memento":"5159CD29F3904274DFA8910BFB1191F2A9F3281F864208710066FF6CF934A0A5"},"safebrowsing":{"incidents_sent":"4D3653BFE2FEF02949CEDB6EBC50ECCFCC075ABFD9106F8FE9F18F4D72E186C7"},"search_provider_overrides":"29C53488423B41CACE0B642F6D335E172627D7F4966028CCDE65578422EB6D41","session":{"restore_on_startup":"41CCC1FCC6761D92F8DAFF8D050C6F97C57F0D22178ABEB0E71F8BFDD1FC11A9","startup_urls":"30B4379EE4B0511A9F5B6549061686BABC72D43241F4FA3D95D1979F513C7344"},"software_reporter":{"prompt_reason":"61136B0A724D27B27DB9EB0C12F165B316A4C78567E5487AC5D2F2ACE7DB07C5","prompt_seed":"CACB2B1FA1B984EFE30C3880D5578CF791531926847DAC852DD0AC94F1875CEC","prompt_version":"828860BBCFDDA9423D8B3443804EB0929C78F01CE988402BF1E30FB0175769FC"},"sync":{"remaining_rollback_tries":"271E8B6961462D5545B21386DCC110B39C96CB3AF93D8F3DB7C86C819E75F55D"}},"super_mac":"5DF5451B5E12FEECB29CDAEF98324DF0260E79F305F891354E322C194FE5863B"},"safebrowsing":{"incidents_sent":{"1":{"extensions.settings":"2685983767"},"2":{"chrome.dll":"3774509266","chrome_child.dll":"3743713718"}}},"session":{"restore_on_startup":4,"startup_urls":["http://www.google.com/"],"urls_to_restore_on_startup":null},"sync":{"remaining_rollback_tries":0}}


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Old Start Page"="http://www.google.com/"
"Default_Page_URL"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
"Old Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{4130DFFB-CBCB-4C93-98A2-582133655D92} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{84481A87-2316-4923-8FAB-3BA8CA29323D} deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Avira System Speedup_is1 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\super385011\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\super385011\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\super385011\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\super385011\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\super385011\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\SUPER3~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 22/06/2015 at 18:31:37,30 ======================
avatar
walber luiz
Membro
Membro

Mensagens : 98
Reputação : 1
Data de inscrição : 29/05/2015

Voltar ao Topo Ir em baixo

Re: Remover mystartsearch.com do navegador

Mensagem por Power Max em Seg 22 Jun 2015, 21:18

Você não fez da forma mostrada no tutorial que te passei. Faça, por gentileza, uma nova limpeza com o Zoek exatamente como indicado no tutorial dele que te passei e depois poste o novo relatório que ele irá criar.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Remover mystartsearch.com do navegador

Mensagem por walber luiz em Seg 22 Jun 2015, 22:46

segue

[Você precisa estar registrado e conectado para ver este link.]

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by super385011 on 22/06/2015 at 21:25:41,96.
Microsoft Windows 8.1 Pro com Media Center 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\super385011\Desktop\PcBrasil\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2015-06-22-213137.log 62595 bytes

==== System Restore Info ======================

22/06/2015 21:28:22 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\Users\super385011\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\SUPER3~1\AppData\Roaming\Mozilla\Firefox\Profiles\ts05rh7v.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\SUPER3~1\AppData\Roaming\Mozilla\Firefox\Profiles\ts05rh7v.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\Users\super385011\ZHPCleaner.exe deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\SUPER3~1\AppData\Roaming\Mozilla\Firefox\Profiles\ts05rh7v.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\SUPER3~1\AppData\Roaming\Mozilla\Firefox\Profiles\ts05rh7v.default
- Undetermined - C:\Users\super385011\AppData\Roaming\Mozilla\Firefox\Profiles\ts05rh7v.default\extensions\searchffv2@gmail.com
- Undetermined - C:\Users\super385011\AppData\Roaming\Mozilla\Firefox\Profiles\ts05rh7v.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
- Undetermined - C:\Users\super385011\AppData\Roaming\Mozilla\Firefox\Profiles\ts05rh7v.default\extensions\sweetsearch@gmail.com

==== Firefox Plugins ======================


==== Chromium Look ======================

Google Chrome Version: 43.0.2357.124


Google Slides - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
selector is not a valid CSS selector - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Google Search - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Avira Browser Safety - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk
Chrome Hotword Shared Module - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Google Wallet - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
ScriptSafe - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf
Gmail - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\super385011\AppData\Local\Google\Chrome\User Data\Default\Preferences
Vc9gDOHSIkBLbkkr6Sp3LGXCCM4L0DJgxdFwaLr5WBzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/gcm","https://www.googleapis.com/auth/googlenow"]},"optional_permissions":["background"],"permissions":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate","*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/chromenow/v1/*","https://*.googleapis.com/gcm/*","https://*.googleusercontent.com/*"],"version":"1.2.0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.124\\resources\\google_now","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"pjkljhegncpnkpknbcohdijeoejaedia":{"ack_external":true,"active_bit":false,"active_permissions":{"api":["notifications"],"manifest_permissions":[]},"app_launcher_ordinal":"x","commands":{},"content_settings":[],"creation_flags":137,"disable_reasons":1,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13078941358889037","last_active_pingday":"13078998017909482","last_launch_time":"13078941652348361","lastpingday":"13079430019963672","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"pt_BR","default_locale":"en","description":"E-mail rápido e pesquisável com menos spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":0,"was_installed_by_default":true,"was_installed_by_oem":false}}},"google":{"services":{"last_username":"super385011@gmail.com","username":"super385011@gmail.com"}},"homepage":"http://www.google.com/","homepage_changed":true,"homepage_is_newtabpage":true,"pinned_tabs":[],"prefs":{"preference_reset_time":"13079405774507096"},"protection":{"macs":{"browser":{"show_home_button":"477E638E19BD34D26B38B2D9880612DF867EE3351F57BAEF7748B4608C392612"},"default_search_provider":{"keyword":"26E8B9D79A396DC2C1EE361BA7373CC084F656FFD5F2A9647F1D48CD8970E9DF","name":"6591108C0768244B1EB6B28FE4F5F7FC9521024CCF026ABAFA8B38219632C2F3","search_url":"88268D91AD646330308C1855C478D9B0AA481DFA14780501BADF43058538D7A0"},"default_search_provider_data":{"template_url_data":"9E32584553292FE8DBC22A36206C38BA9F30796EF4F6DD0717B98C582EF99867"},"extensions":{"settings":{"aaaaafhgaihilbkellglkpeiegabpjem":"A0ECD148C3734FE8CA2111E289529FF08046475250E5EE40B0CAB063F9B232EF","aapocclcgogkmnckokdopfmhonfmgoek":"0DF240755AB549698C366B57CC8679A462629D3F1EEC7AA62262E08410C00E24","ahfgeienlihckogmohjhadlkjgocpleb":"208ED8236634C9E4A4C8512D87A4A07BB0A025FCABEB94873BAF1E9D454F46D6","aohghmighlieiainnegkcijnfilokake":"F6B0BE3FF141C5229F6BD24F75705E88A03D3D1DFB1DB761251B872A30262A38","apdfllckaahabafndbhieahigkjlhalf":"640DAE167E2180B2B5BA445F5E6BC07F2854EF2D13701AE22BFA4C33D3FA3CA8","bepbmhgboaologfdajaanbcjmnhjmhfn":"7F013D4F572B6499244BF3516D723E2499CD1BEEA25E0EBE805B4C6FF5B968E4","blpcfgokakmgnkcojhhkbfbldkacnbeo":"B32674B67A2E84F672D591315452A79BB481E697E90C7CB655BA90A2554132D0","cfhdojbkjhnklbpkdaibdccddilifddb":"40391C5A9BF5CCA57ED190B6284522888034311DCBBD84376DD15C28D03D0C71","coobgpohoikkiipiblmjeljniedjpjpf":"5DA8E38B3FE2018C58718FC33826655FDACE555B843763002B024C873C7E9615","eemcgdkfndhakfknompkggombfjjjeno":"9772FFD1B01547061535110CB027DADF3A17DF358D15E821D012B3EF7DAB7D91","ennkphjdgehloodpbhlhldgbnhmacadg":"9F7DD6321C7C763A16C6D8930E7EE1D84CE6C55ECB6B0AFDC5BD1935401E87A8","felcaaldnbdncclmgdcncolpebgiejap":"4FA136BED9FE4494AE72B0342123D157478FA5D7E21536C1482A3316EA82626E","flliilndjeohchalpbbcdekjklbdgfkk":"0EF6B5A42D9A139F3C4A84F56F28D11837A8957C896F9231C5A9ED8B94106813","gfdkimpbcpahaombhbimeihdjnejgicl":"DEB084D8F1E3AD28DCEC1A1CB79B21F2F6490E7B6925F5B613B5A38C89E0D66B","kmendfapggjehodndflmmgagdbamhnfd":"174BD529F299880F17106100773A0F362841A7714601E018CA5609040E924B50","lccekmodgklaepjeofjdjpbminllajkg":"DB4A24622BCAED894AA4AA9F8CF8B5B224A2CF82E82E3FE91DFFBB9DE6889B72","liihjkncaijcmlgmpnadmnkfapffgijd":"C4D72EA8A4E8FAD71D2DA0A091B737FDB59D117259CBD53BF5317F3018EE6DF4","mfehgcgbbipciphmccgaenjidiccnmng":"21F659CEA9631E5645C040B3C1EE45DF8A04F4024BE536C9CCD0CD2B09A37C88","mfffpogegjflfpflabcdkioaeobkgjik":"646E02FCA37409BEE0DA0EE6E33981AC1C4E23E0661C3B0E986066BB6AB2C464","mgndgikekgjfcpckkfioiadnlibdjbkf":"5C4DAB4E70FBCF0FC1E57A32E264D409BB4D1994BA605D6EBD3C938535A2ECD5","mhjfbmdgcfjbbpaeojofohoefgiehjai":"A504D193397099AC71057CD43F2CD1A562BE1A0D0AEAC4E7BB12A4230B1F0BE9","nbpagnldghgfoolbancepceaanlmhfmd":"650739019D908FA509A8A66E93229F8EB5F898840C411F052F419AE2769668B9","neajdppkdcdipfabeoofebfddakdcjhd":"F492903869A323AEB882F5C8D3D8FA7190400B6D8BAF3F9F1ABC5D59DCF9F39A","nkeimhogjdpnpccoofpliimaahmaaome":"0625F220A623A1412762A6936E613DF3E258BDFB4581229B83A7BE48F5F74961","nmmhkkegccagdldgiimedpiccmgmieda":"013D1EDB4988DADDC219214D61780311493FEC91DD5746194E88C2EEB3D7E25C","oiigbmnaadbkfbmpbfijlflahbdbdgdf":"ED7F2F049F01858CD5766E91F4C2D1D6F252B3DD6A2C8510F44D3F3492C73F63","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"A59B1DF1FC61E9DB728E0D2B289764CAEC09FEE9857C83FBC2FD5C161B64B375","pjkljhegncpnkpknbcohdijeoejaedia":"5D4328531A508C684580250E237CA09CD16ACBC31230939488C8FB411B571B26"}},"google":{"services":{"last_username":"503237B1B5C71C1E3818B2885FB4DBCAE6444C12BD8D6B6D890879E42AAC6EFA","username":"7B6C06541AFE1B4D3F8F8A0C617AC701AC02F609DE3639BE71BCFDDF91986742"}},"homepage":"389AC91814B04F9BE4B2C47078544DA833C013D9C4DCE2EBBAA425AD01B06B87","homepage_is_newtabpage":"957673045DE8CE37498AF46E2D9E70C058B1FAC8C91E4CC7F6BE5D24BBF32F3D","pinned_tabs":"BF507910C4BA2A1857A4E5CB7819F66AD8E00D3F47263C934C044C24DCA4BF65","prefs":{"preference_reset_time":"7949AB2379AB1DAFC9733BD7DC0C84F4C1A733DED78209CDF5CECD55E69C5AE5"},"profile":{"reset_prompt_memento":"5159CD29F3904274DFA8910BFB1191F2A9F3281F864208710066FF6CF934A0A5"},"safebrowsing":{"incidents_sent":"C59A30E1B1CA7CA1FBDFF935524D5B5EA64F01665A62149EBDFD2B3C56C6BD14"},"search_provider_overrides":"29C53488423B41CACE0B642F6D335E172627D7F4966028CCDE65578422EB6D41","session":{"restore_on_startup":"41CCC1FCC6761D92F8DAFF8D050C6F97C57F0D22178ABEB0E71F8BFDD1FC11A9","startup_urls":"30B4379EE4B0511A9F5B6549061686BABC72D43241F4FA3D95D1979F513C7344"},"software_reporter":{"prompt_reason":"61136B0A724D27B27DB9EB0C12F165B316A4C78567E5487AC5D2F2ACE7DB07C5","prompt_seed":"CACB2B1FA1B984EFE30C3880D5578CF791531926847DAC852DD0AC94F1875CEC","prompt_version":"828860BBCFDDA9423D8B3443804EB0929C78F01CE988402BF1E30FB0175769FC"},"sync":{"remaining_rollback_tries":"271E8B6961462D5545B21386DCC110B39C96CB3AF93D8F3DB7C86C819E75F55D"}},"super_mac":"063CD1FDCA7D12AC688A85EE2E945B0C11EBF1E0052FDE85B1E99129D1796DFD"},"safebrowsing":{"incidents_sent":{"1":{"extensions.settings":"2685983767"},"2":{"chrome.dll":"3774509266","chrome_child.dll":"3743713718"},"6":{"script_request_incident":"42"}}},"session":{"restore_on_startup":4,"startup_urls":["http://www.google.com/"],"urls_to_restore_on_startup":null},"sync":{"remaining_rollback_tries":0}}
Vc9gDOHSIkBLbkkr6Sp3LGXCCM4L0DJgxdFwaLr5WBzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/gcm","https://www.googleapis.com/auth/googlenow"]},"optional_permissions":["background"],"permissions":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate","*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/chromenow/v1/*","https://*.googleapis.com/gcm/*","https://*.googleusercontent.com/*"],"version":"1.2.0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.124\\resources\\google_now","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"pjkljhegncpnkpknbcohdijeoejaedia":{"ack_external":true,"active_bit":false,"active_permissions":{"api":["notifications"],"manifest_permissions":[]},"app_launcher_ordinal":"x","commands":{},"content_settings":[],"creation_flags":137,"disable_reasons":1,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13078941358889037","last_active_pingday":"13078998017909482","last_launch_time":"13078941652348361","lastpingday":"13079430019963672","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"pt_BR","default_locale":"en","description":"E-mail rápido e pesquisável com menos spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":0,"was_installed_by_default":true,"was_installed_by_oem":false}}},"google":{"services":{"last_username":"super385011@gmail.com","username":"super385011@gmail.com"}},"homepage":"http://www.google.com/","homepage_changed":true,"homepage_is_newtabpage":true,"pinned_tabs":[],"prefs":{"preference_reset_time":"13079405774507096"},"protection":{"macs":{"browser":{"show_home_button":"477E638E19BD34D26B38B2D9880612DF867EE3351F57BAEF7748B4608C392612"},"default_search_provider":{"keyword":"26E8B9D79A396DC2C1EE361BA7373CC084F656FFD5F2A9647F1D48CD8970E9DF","name":"6591108C0768244B1EB6B28FE4F5F7FC9521024CCF026ABAFA8B38219632C2F3","search_url":"88268D91AD646330308C1855C478D9B0AA481DFA14780501BADF43058538D7A0"},"default_search_provider_data":{"template_url_data":"9E32584553292FE8DBC22A36206C38BA9F30796EF4F6DD0717B98C582EF99867"},"extensions":{"settings":{"aaaaafhgaihilbkellglkpeiegabpjem":"A0ECD148C3734FE8CA2111E289529FF08046475250E5EE40B0CAB063F9B232EF","aapocclcgogkmnckokdopfmhonfmgoek":"0DF240755AB549698C366B57CC8679A462629D3F1EEC7AA62262E08410C00E24","ahfgeienlihckogmohjhadlkjgocpleb":"208ED8236634C9E4A4C8512D87A4A07BB0A025FCABEB94873BAF1E9D454F46D6","aohghmighlieiainnegkcijnfilokake":"F6B0BE3FF141C5229F6BD24F75705E88A03D3D1DFB1DB761251B872A30262A38","apdfllckaahabafndbhieahigkjlhalf":"640DAE167E2180B2B5BA445F5E6BC07F2854EF2D13701AE22BFA4C33D3FA3CA8","bepbmhgboaologfdajaanbcjmnhjmhfn":"7F013D4F572B6499244BF3516D723E2499CD1BEEA25E0EBE805B4C6FF5B968E4","blpcfgokakmgnkcojhhkbfbldkacnbeo":"B32674B67A2E84F672D591315452A79BB481E697E90C7CB655BA90A2554132D0","cfhdojbkjhnklbpkdaibdccddilifddb":"40391C5A9BF5CCA57ED190B6284522888034311DCBBD84376DD15C28D03D0C71","coobgpohoikkiipiblmjeljniedjpjpf":"5DA8E38B3FE2018C58718FC33826655FDACE555B843763002B024C873C7E9615","eemcgdkfndhakfknompkggombfjjjeno":"9772FFD1B01547061535110CB027DADF3A17DF358D15E821D012B3EF7DAB7D91","ennkphjdgehloodpbhlhldgbnhmacadg":"9F7DD6321C7C763A16C6D8930E7EE1D84CE6C55ECB6B0AFDC5BD1935401E87A8","felcaaldnbdncclmgdcncolpebgiejap":"4FA136BED9FE4494AE72B0342123D157478FA5D7E21536C1482A3316EA82626E","flliilndjeohchalpbbcdekjklbdgfkk":"0EF6B5A42D9A139F3C4A84F56F28D11837A8957C896F9231C5A9ED8B94106813","gfdkimpbcpahaombhbimeihdjnejgicl":"DEB084D8F1E3AD28DCEC1A1CB79B21F2F6490E7B6925F5B613B5A38C89E0D66B","kmendfapggjehodndflmmgagdbamhnfd":"174BD529F299880F17106100773A0F362841A7714601E018CA5609040E924B50","lccekmodgklaepjeofjdjpbminllajkg":"DB4A24622BCAED894AA4AA9F8CF8B5B224A2CF82E82E3FE91DFFBB9DE6889B72","liihjkncaijcmlgmpnadmnkfapffgijd":"C4D72EA8A4E8FAD71D2DA0A091B737FDB59D117259CBD53BF5317F3018EE6DF4","mfehgcgbbipciphmccgaenjidiccnmng":"21F659CEA9631E5645C040B3C1EE45DF8A04F4024BE536C9CCD0CD2B09A37C88","mfffpogegjflfpflabcdkioaeobkgjik":"646E02FCA37409BEE0DA0EE6E33981AC1C4E23E0661C3B0E986066BB6AB2C464","mgndgikekgjfcpckkfioiadnlibdjbkf":"5C4DAB4E70FBCF0FC1E57A32E264D409BB4D1994BA605D6EBD3C938535A2ECD5","mhjfbmdgcfjbbpaeojofohoefgiehjai":"A504D193397099AC71057CD43F2CD1A562BE1A0D0AEAC4E7BB12A4230B1F0BE9","nbpagnldghgfoolbancepceaanlmhfmd":"650739019D908FA509A8A66E93229F8EB5F898840C411F052F419AE2769668B9","neajdppkdcdipfabeoofebfddakdcjhd":"F492903869A323AEB882F5C8D3D8FA7190400B6D8BAF3F9F1ABC5D59DCF9F39A","nkeimhogjdpnpccoofpliimaahmaaome":"0625F220A623A1412762A6936E613DF3E258BDFB4581229B83A7BE48F5F74961","nmmhkkegccagdldgiimedpiccmgmieda":"013D1EDB4988DADDC219214D61780311493FEC91DD5746194E88C2EEB3D7E25C","oiigbmnaadbkfbmpbfijlflahbdbdgdf":"ED7F2F049F01858CD5766E91F4C2D1D6F252B3DD6A2C8510F44D3F3492C73F63","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"A59B1DF1FC61E9DB728E0D2B289764CAEC09FEE9857C83FBC2FD5C161B64B375","pjkljhegncpnkpknbcohdijeoejaedia":"5D4328531A508C684580250E237CA09CD16ACBC31230939488C8FB411B571B26"}},"google":{"services":{"last_username":"503237B1B5C71C1E3818B2885FB4DBCAE6444C12BD8D6B6D890879E42AAC6EFA","username":"7B6C06541AFE1B4D3F8F8A0C617AC701AC02F609DE3639BE71BCFDDF91986742"}},"homepage":"389AC91814B04F9BE4B2C47078544DA833C013D9C4DCE2EBBAA425AD01B06B87","homepage_is_newtabpage":"957673045DE8CE37498AF46E2D9E70C058B1FAC8C91E4CC7F6BE5D24BBF32F3D","pinned_tabs":"BF507910C4BA2A1857A4E5CB7819F66AD8E00D3F47263C934C044C24DCA4BF65","prefs":{"preference_reset_time":"7949AB2379AB1DAFC9733BD7DC0C84F4C1A733DED78209CDF5CECD55E69C5AE5"},"profile":{"reset_prompt_memento":"5159CD29F3904274DFA8910BFB1191F2A9F3281F864208710066FF6CF934A0A5"},"safebrowsing":{"incidents_sent":"C59A30E1B1CA7CA1FBDFF935524D5B5EA64F01665A62149EBDFD2B3C56C6BD14"},"search_provider_overrides":"29C53488423B41CACE0B642F6D335E172627D7F4966028CCDE65578422EB6D41","session":{"restore_on_startup":"41CCC1FCC6761D92F8DAFF8D050C6F97C57F0D22178ABEB0E71F8BFDD1FC11A9","startup_urls":"30B4379EE4B0511A9F5B6549061686BABC72D43241F4FA3D95D1979F513C7344"},"software_reporter":{"prompt_reason":"61136B0A724D27B27DB9EB0C12F165B316A4C78567E5487AC5D2F2ACE7DB07C5","prompt_seed":"CACB2B1FA1B984EFE30C3880D5578CF791531926847DAC852DD0AC94F1875CEC","prompt_version":"828860BBCFDDA9423D8B3443804EB0929C78F01CE988402BF1E30FB0175769FC"},"sync":{"remaining_rollback_tries":"271E8B6961462D5545B21386DCC110B39C96CB3AF93D8F3DB7C86C819E75F55D"}},"super_mac":"063CD1FDCA7D12AC688A85EE2E945B0C11EBF1E0052FDE85B1E99129D1796DFD"},"safebrowsing":{"incidents_sent":{"1":{"extensions.settings":"2685983767"},"2":{"chrome.dll":"3774509266","chrome_child.dll":"3743713718"},"6":{"script_request_incident":"42"}}},"session":{"restore_on_startup":4,"startup_urls":["http://www.google.com/"],"urls_to_restore_on_startup":null},"sync":{"remaining_rollback_tries":0}}


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Old Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Old Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{4130DFFB-CBCB-4C93-98A2-582133655D92} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== Reset Google Chrome ======================

C:\Users\super385011\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\super385011\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\super385011\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\super385011\Desktop\Avira System Speedup.lnk - E:\AviraAviraSpeedup\AviraSpeedup\avira_system_speedup_internetsecuritysuite.exe
C:\Users\super385011\Desktop\Command Prompt.lnk - C:\Windows\system32\cmd.exe
C:\Users\super385011\Desktop\dfrgui.lnk - C:\Windows\system32\dfrgui.exe
C:\Users\super385011\Desktop\Disk Cleanup.lnk - C:\Windows\system32\cleanmgr.exe
C:\Users\super385011\Desktop\Excel 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\xlicons.exe
C:\Users\super385011\Desktop\Format Factory.lnk - E:\Format Factory\FormatFactory.exe
C:\Users\super385011\Desktop\gpedit.msc - Atalho.lnk - C:\Windows\SysWOW64\gpedit.msc
C:\Users\super385011\Desktop\Inicializador de aplicativos do Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\super385011\Desktop\Malwarebytes Anti-Exploit.lnk - E:\Malwarebytes Anti-Exploit\Malwarebytes Anti-Exploit\mbae.exe
C:\Users\super385011\Desktop\Media Center.lnk - C:\Windows\ehome\ehshell.exe
C:\Users\super385011\Desktop\Notepad.lnk - C:\Windows\system32\notepad.exe
C:\Users\super385011\Desktop\PowerPoint 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\pptico.exe
C:\Users\super385011\Desktop\SCANUTILITY - Atalho.lnk - C:\Program Files (x86)\Canon\IJ Scan Utility\SCANUTILITY.exe
C:\Users\super385011\Desktop\Suporte Intelbras WRN240Slim.lnk -
C:\Users\super385011\Desktop\Toolwiz Care.lnk - E:\ToolwizCareFree\ToolwizCareFree\ToolwizCares.exe
C:\Users\super385011\Desktop\Word 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\wordicon.exe
C:\Users\super385011\Desktop\ZHPCleaner.lnk - C:\Users\super385011\AppData\Roaming\ZHP\ZHPCleaner.exe
C:\Users\super385011\Desktop\µTorrent.lnk -

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Avira Antivirus.lnk - C:\Program Files (x86)\Avira\AntiVir Desktop\SecurityCenter.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\CorelDRAW X7 (64-Bit).lnk - C:\Windows\Installer\{2C0DDC74-5234-43DD-BB5A-0645B8FE5289}\NewShortcut1_68427AB8B2C044C58AA777A4C3F75634.exe
C:\Users\Public\Desktop\Fotor.lnk - C:\Fabricante\Positivo Store Apps Atalhos\CallMetroApp.exe EverimagingCo.Limited.Fotor
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\iRoot.lnk - E:\iRoot\Root.exe
C:\Users\Public\Desktop\LG PC Suite.lnk - E:\LG PC Suite\LGPCSuite.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Manual do Usuário.lnk -
C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\McUICnt.exe SecurityScanner.dll
C:\Users\Public\Desktop\Movie Moments.lnk - C:\Fabricante\Positivo Store Apps Atalhos\CallMetroApp.exe Microsoft.MovieMoments
C:\Users\Public\Desktop\Mundo Positivo.lnk - C:\Fabricante\Positivo Store Apps Atalhos\CallMetroApp.exe 908F1E4E.MundoPositivo
C:\Users\Public\Desktop\Positivo 3D Incrível.lnk -
C:\Users\Public\Desktop\Positivo Dicas.lnk - C:\Fabricante\Positivo Store Apps Atalhos\CallMetroApp.exe 908F1E4E.PositivoAjudante
C:\Users\Public\Desktop\Positivo DJ.lnk - C:\Fabricante\Positivo Store Apps Atalhos\CallMetroApp.exe 4C0D1DF4.PositivoMsicasDJ
C:\Users\Public\Desktop\Positivo Horóscopo.lnk -
C:\Users\Public\Desktop\Positivo Jogos.lnk - C:\Fabricante\Positivo Jogos Atalhos
C:\Users\Public\Desktop\Positivo Mulher.lnk - C:\Fabricante\Positivo Store Apps Atalhos\CallMetroApp.exe 908F1E4E.PositivoMulher
C:\Users\Public\Desktop\Positivo Mídia.lnk -
C:\Users\Public\Desktop\Positivo Verde e Amarelo.lnk - C:\Fabricante\Positivo Store Apps Atalhos\CallMetroApp.exe 908F1E4E.PositivoVerdeeAmarelo
C:\Users\Public\Desktop\Samsung Kies 3.lnk - E:\Kies3\Kies3.exe
C:\Users\Public\Desktop\SpywareBlaster.lnk - E:\SpywareBlaster\SpywareBlaster\spywareblaster.exe
C:\Users\Public\Desktop\UltraISO.lnk - C:\Program Files (x86)\UltraISO\UltraISO.exe
C:\Users\Public\Desktop\Unchecky.lnk - C:\Program Files (x86)\Unchecky\unchecky.exe
C:\Users\Public\Desktop\Windows Live Movie Maker.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe
C:\Users\Public\Desktop\xbmc.lnk - C:\Program Files (x86)\XBMC\XBMC.exe

==== shortcuts in Users Start Menu ======================

C:\Users\super385011\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk - C:\Program Files (x86)\Classic Shell\ClassicStartMenu.exe -togglenew
C:\Users\super385011\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -
C:\Users\super385011\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\super385011\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\FormatFactory.lnk - E:\Format Factory\FormatFactory.exe
C:\Users\super385011\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Help.lnk - E:\Format Factory\FormatFactory.exe /help
C:\Users\super385011\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Uninstall.lnk - E:\Format Factory\uninst.exe
C:\Users\super385011\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Inicializador de aplicativos do Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\super385011\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm
C:\Users\super385011\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual do Console RAR.lnk - C:\Program Files (x86)\WinRAR\Rar.txt
C:\Users\super385011\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\O que há de novo na última versão.lnk -
C:\Users\super385011\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1046-7B44-AB0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Antivirus\Ajuda do Avira Antivirus.lnk - C:\Program Files (x86)\Avira\AntiVir Desktop\208\avwin.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Antivirus\Avira na Internet.lnk - C:\Program Files (x86)\Avira\AntiVir Desktop\weblink.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Antivirus\Iniciar Avira Antivirus.lnk - C:\Program Files (x86)\Avira\AntiVir Desktop\SecurityCenter.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviraSpeedup\Avira System Speedup.lnk - E:\AviraAviraSpeedup\AviraSpeedup\avira_system_speedup_internetsecuritysuite.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\IJ Scan Utility\IJ Scan Utility.lnk - C:\Program Files (x86)\Canon\IJ Scan Utility\SCANUTILITY.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell\Classic Shell Help.lnk - C:\Program Files (x86)\Classic Shell\ClassicShell.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell\Classic Shell Readme.lnk - C:\Program Files (x86)\Classic Shell\ClassicShellReadme.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell\Classic Start Menu Settings.lnk - C:\Program Files (x86)\Classic Shell\ClassicStartMenu.exe -settings
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)\CorelDRAW X7 (64-Bit).lnk - c:\Windows\Installer\{2C0DDC74-5234-43DD-BB5A-0645B8FE5289}\NewShortcut1_68427AB8B2C044C58AA777A4C3F75634.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)\Duplexing Wizard (64-Bit).lnk - c:\Windows\Installer\{2C0DDC74-5234-43DD-BB5A-0645B8FE5289}\NewShortcut10_BB562587DB944A668ECBA27E6BFD871C.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)\Video Tutorials X7 (64-Bit).lnk - E:\CorelDRAW Graphics Suite X7\VideoBrowser64\VideoBrowser.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)\Documentation\Macro Programming Guide.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Essentials Codec Pack\Audio Decoder Configuration.lnk - C:\Windows\System32\rundll32.exe ffdshow.ax,configureAudio
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Essentials Codec Pack\Video Decoder Configuration.lnk - C:\Windows\System32\rundll32.exe ffdshow.ax,configure
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Essentials Codec Pack\Video for Windows Configuration.lnk - C:\Windows\System32\rundll32.exe ff_vfw.dll,configureVFW
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iRoot\iRoot.lnk - E:\iRoot\Root.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iRoot\Uninstall iRoot.lnk - E:\iRoot\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configurar Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Obter Ajuda.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Sobre o Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Verificar Atualizações.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visite Java.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite\LG PC Suite.lnk - E:\LG PC Suite\LGPCSuite.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite\uninstall.lnk - E:\LG PC Suite\uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGMobile Support Tool\LGMobile Support Tool.lnk - C:\ProgramData\LGMOBILEAX\LGMLauncher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGMobile Support Tool\Uninstall.lnk - C:\ProgramData\LGMOBILEAX\B2C_Client\B2CAppUninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit\Uninstall Malwarebytes Anti-Exploit.lnk - E:\Malwarebytes Anti-Exploit\Malwarebytes Anti-Exploit\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\Desinstalar.lnk - C:\Program Files\McAfee Security Scan\uninstall.exe C:\Program Files\McAfee Security Scan\3.8.150\McAfee.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\McUICnt.exe SecurityScanner.dll
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\xlicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneDrive for Business 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\grv_icons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\pptico.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Skype for Business 2015.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\wordicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Centro de Carregamento do Office 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\msouc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Database Compare 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\dbcicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Gerenciador de Gravação do Lync.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Log de Telemetria do Office 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\osmclienticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Painel de Telemetria do Office 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\osmadminicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Preferências de Idioma do Office 2013.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Spreadsheet Compare 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\sscicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\Silverlight.Configuration.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies3\Samsung Kies 3.lnk - E:\Kies3\Kies3.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies3\Uninstall Kies 3.lnk - C:\Program Files (x86)\InstallShield Installation Information\{88547073-C566-4895-9005-EBE98EA3F7C7}\setup.exe /removeonly
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster\SpywareBlaster Help.lnk - E:\SpywareBlaster\SpywareBlaster\sbhelp.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster\SpywareBlaster.lnk - E:\SpywareBlaster\SpywareBlaster\spywareblaster.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ToolwizCareFree\Toolwiz Care.lnk - E:\ToolwizCareFree\ToolwizCareFree\ToolwizCares.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ToolwizCareFree\Uninstall.lnk - E:\ToolwizCareFree\ToolwizCareFree\UninstallToolwizCare.exe /REMOVE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO\UltraISO Help.lnk - C:\Program Files (x86)\UltraISO\ultraiso.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO\UltraISO.lnk - C:\Program Files (x86)\UltraISO\UltraISO.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO\Uninstall UltraISO.lnk - C:\Program Files (x86)\UltraISO\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky\Unchecky.lnk - C:\Program Files (x86)\Unchecky\unchecky.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky\Uninstall.lnk - C:\Program Files (x86)\Unchecky\uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol\Uninstall WinPatrol.lnk - C:\ProgramData\InstallMate\{84481A87-2316-4923-8FAB-3BA8CA29323D}\Setup.exe /remove /q0
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol\WinPatrol Explorer.lnk - E:\BillP Studios\WinPatrolEx.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol\WinPatrol Help.lnk - E:\BillP Studios\features.html
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol\WinPatrol.lnk - E:\BillP Studios\WinPatrol.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual do Console RAR.lnk - C:\Program Files (x86)\WinRAR\Rar.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\O que há de novo na última versão.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\super385011\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\super385011\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\super385011\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies 3.lnk - E:\Kies3\Kies3.exe
C:\Users\super385011\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\super385011\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\super385011\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\super385011\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\super385011\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\super385011\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\super385011\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mundo Positivo.lnk - C:\Fabricante\Positivo Store Apps Atalhos\CallMetroApp.exe 908F1E4E.MundoPositivo
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\super385011\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\super385011\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\super385011\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\super385011\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\super385011\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2 folders=0 1847893 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\super385011\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\SUPER3~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 22/06/2015 at 22:36:41,34 ======================
avatar
walber luiz
Membro
Membro

Mensagens : 98
Reputação : 1
Data de inscrição : 29/05/2015

Voltar ao Topo Ir em baixo

Re: Remover mystartsearch.com do navegador

Mensagem por Power Max em Seg 22 Jun 2015, 23:01

Faça o download do < ZHPCleaner > < [Você precisa estar registrado e conectado para ver esta imagem.]> ( ... de Nicolas Coolman )

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPCleaner para baixá-lo, tal como mostra a imagem abaixo:

[Você precisa estar registrado e conectado para ver esta imagem.]

Para executá-lo corretamente siga as dicas desta postagem:

Tutorial completo do ZHPCleaner

Após a utilização dele, copie todo o conteúdo do seu relatório ZHPCleaner.txt e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Remover mystartsearch.com do navegador

Mensagem por walber luiz em Seg 22 Jun 2015, 23:18

segue

[Você precisa estar registrado e conectado para ver este link.]

~ ZHPCleaner v2015.6.21.281 by Nicolas Coolman (2015\06\21)
~ Run by super385011 (Administrator) (22/06/2015 23:14:51)
~ Site : [Você precisa estar registrado e conectado para ver este link.]
~ Facebook : [Você precisa estar registrado e conectado para ver este link.]
~ State version : Version OK
~ Type : Reparo
~ Report : C:\Users\super385011\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\super385011\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
~ Windows 8.1, 64-bit (Build 9600)


---\\ Serviços (0)
~ Nenhum ítem malicioso foi encontrado.


---\\ Navegadores de Internet (3)
SUPRIMIDO: [ts05rh7v.default] - user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); (PUP.SearchEngine)
SUPRIMIDO: [ts05rh7v.default] - user_pref("browser.search.searchengine.ptid", "amt"); (PUP.SearchEngine)
SUPRIMIDO: [ts05rh7v.default] - user_pref("browser.search.searchengine.uid", "WDCXWD5000LPVX-00V0TT0_WD-WX61AA4C1LDNC1LDN"); (PUP.SearchEngine)


---\\ Arquivo hosts (2)
SUBSTITUIDO:
Número de redirecionamentos encontrados 1/58


---\\ Tarefas automáticas agendadas. (0)
~ Nenhum ítem malicioso foi encontrado.


---\\ Explorer ( Arquivos, Pastas) (27)
MOVIDO pasta: C:\Users\super385011\Desktop\Avira System Speedup.lnk (PUP.SystemSpeedup)
MOVIDO pasta: C:\Users\super385011\Downloads\KMSpico.rar (PUA.KMSpico)
MOVIDO arquivo: C:\Windows\Installer\MSI12E1.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI1313.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI1883.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI1B1B.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI1BC0.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI1E61.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI2150.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI283.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI2ABC.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI3FA2.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI433B.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI68A3.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI7859.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI7F62.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI8108.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI8AFD.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI9232.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI9F6.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSIA127.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSIA677.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSIAC62.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSIB2CF.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSIDD5A.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSIDDF.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSIDFFB.tmp- (Empty)


---\\ Registro ( Chaves, Valores, Dados ) (2)
SUPRIMIDO chave*: HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} [] (Adware.Graftor)
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} [] (Adware.Graftor)


---\\ Resultado de reparação
Reparação efectuada com sucesso
~ Este navegador está faltando ! (Opera Software)


---\\ Estatísticas
~ Items scan : 1470
~ Items encontrado : 1
~ items cancelados : 0
~ Items réparo : 32


End of clean at 23:15:25
===================
ZHPCleaner-[R]-22062015-23_15_25.txt
ZHPCleaner-[S]-22062015-19_04_33.txt
ZHPCleaner-[S]-22062015-23_14_05.txt
avatar
walber luiz
Membro
Membro

Mensagens : 98
Reputação : 1
Data de inscrição : 29/05/2015

Voltar ao Topo Ir em baixo

Re: Remover mystartsearch.com do navegador

Mensagem por Power Max em Seg 22 Jun 2015, 23:34

Faça o download do Malwarebytes em um destes links abaixo:
[Você precisa estar registrado e conectado para ver este link.]
[Você precisa estar registrado e conectado para ver este link.]

Obs: Depois de acessar um destes links acima, clique no botão DOWNLOAD, como mostra a imagem abaixo:

[Você precisa estar registrado e conectado para ver esta imagem.]

Para instalá-lo e executá-lo corretamente siga, por gentileza, as dicas desta postagem:

Tutorial do Malwarebytes Anti-Malware

Na sua próxima resposta poste este log (relatório) do Malwarebytes.

Ficamos no aguardo

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Remover mystartsearch.com do navegador

Mensagem por walber luiz em Ter 23 Jun 2015, 17:28

segue

[Você precisa estar registrado e conectado para ver este link.]

Malwarebytes Anti-Malware
[Você precisa estar registrado e conectado para ver este link.]

Data da Verificação: 23/06/2015
Hora da Verificação: 03:37:41
Arquivo de Log: Malwarebytes.txt
Administrador: Sim

Versão: 2.01.6.1022
Base de Dados de Malware: v2015.06.23.02
Base de Dados de Rootkit: v2015.06.22.01
Licença: Premium
Proteção de Malware: Habilitado
Proteção de Site Malicioso: Habilitado
Auto-Proteção: Desabilitado

SO: Windows 8.1
Processador: x64
Sistema de Arquivos: NTFS
Usuário: super385011

Tipo da Verificação: Verificar Ameaça
Resultado: Terminado
Objetos Verificados: 391807
Tempo Decorrido: 21 min, 54 seg

Memória: Habilitado
Inicialização: Habilitado
Sistema de Arquivos: Habilitado
Arquivos Compactados: Habilitado
Rootkits: Desabilitado
Heurística: Habilitado
PUP: Habilitado
PUM: Habilitado

Processos: 0
(Nenhum item malicioso detectado)

Módulos: 0
(Nenhum item malicioso detectado)

Chaves de Registro: 0
(Nenhum item malicioso detectado)

Valores de Registro: 0
(Nenhum item malicioso detectado)

Dados de Registro: 0
(Nenhum item malicioso detectado)

Pastas: 0
(Nenhum item malicioso detectado)

Arquivos: 0
(Nenhum item malicioso detectado)

Setores Físicos: 0
(Nenhum item malicioso detectado)


(end)
avatar
walber luiz
Membro
Membro

Mensagens : 98
Reputação : 1
Data de inscrição : 29/05/2015

Voltar ao Topo Ir em baixo

Re: Remover mystartsearch.com do navegador

Mensagem por Power Max em Qua 24 Jun 2015, 11:37

Você usou só a verificação de ameaças, que não é tão completa como a que é mostrada no tutorial que te passei. Siga as dicas abaixo para fazer a limpeza completa:

Como executar uma verificação personalizada com o Malwarebytes:

- Abra o Malwarebytes > Clique em Verificar > clique em Verificação Personalizada > Clique em Configurar Varredura:
[Você precisa estar registrado e conectado para ver esta imagem.]

Surgirá mais esta tela abaixo na qual você marcará todas as caixinhas do lado direito da tela para que todas as áreas de seu PC e mídias removíveis ligadas a ele possam ser escaneadas. E do lado esquerdo da tela deixe marcadas todas estas opções:

Verificar Objetos na Memória
Verificar Inicialização e Registro
Verificar Arquivos Compactados
Verificar Rootkits


Quanto ao restante, deixe da forma já pré-configurada pelo Malwarebytes.

Depois disto clique no botão Verificar Agora como mostra a imagem abaixo:
[Você precisa estar registrado e conectado para ver esta imagem.]

Aguarde enquanto o escaneamento é realizado. Ele demora de acordo com a quantidade de arquivos que você possua em seu computador:

[Você precisa estar registrado e conectado para ver esta imagem.]

Assim que a verificação terminar, aparecerá a frase Verificação Personalizada completada com sucesso. Caso seu PC esteja seguro e sem ameaças, uma mensagem parecida com esta abaixo aparecerá informando que "Ameaças Identificadas: 0" (Ou seja: Nenhum ítem malicioso foi detectado). Neste caso tudo está certo, seu computador está normal e você clicará no botão Terminar:

[Você precisa estar registrado e conectado para ver esta imagem.]

Caso seja detectada alguma ameaça em seu PC surgirá uma mensagem como esta abaixo próximo ao relógio do Windows com a frase Verificação Terminada - Malware Detectado na qual você clicará nela:

[Você precisa estar registrado e conectado para ver esta imagem.]

Neste momento aparecerá quais os malwares e itens potencialmente indesejáveis que foram detectados e os locais onde eles se encontram. Para remover a infecção, deixe todas as caixinhas marcadas em todos os itens que queira remover e clique no botão Remover Selecionadas, como mostra esta imagem:
[Você precisa estar registrado e conectado para ver esta imagem.]

Surgirá então uma outra tela parecida com esta abaixo informando que as ameaças foram enviadas à quarentena, na qual você clicará no botão Terminar:

[Você precisa estar registrado e conectado para ver esta imagem.]

Alguns malwares são rebeldes e podem necessitar de uma reinicialização do PC para que sejam removidos. Caso isto seja solicitado pelo Malwarebytes, aceite esta reinicialização pelo Malwarebytes.

Depois disto é só postar o novo Scan Log (log de verificação) que o Malwarebytes irá criar em sua próxima resposta:

[Você precisa estar registrado e conectado para ver esta imagem.]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Remover mystartsearch.com do navegador

Mensagem por walber luiz em Dom 28 Jun 2015, 18:45

boa noite
o malwarebytes só está gerando o Protection Log
avatar
walber luiz
Membro
Membro

Mensagens : 98
Reputação : 1
Data de inscrição : 29/05/2015

Voltar ao Topo Ir em baixo

Re: Remover mystartsearch.com do navegador

Mensagem por Power Max em Dom 28 Jun 2015, 19:15

Você tem certeza que executou os passos exatamente como lhe indiquei? Se tiver seguido, você notou se algum vírus foi detectado e removido pelo Malwarebytes nesta verificação personalizada?
_____________________________________________________________

Desative temporariamente seu antivirus para evitar conflitos.

Faça o download do < ZHPDiag > < [Você precisa estar registrado e conectado para ver esta imagem.]> ( ... de Nicolas Coolman )

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo.

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

Tutorial de instalação e execução do aplicativo ZHPDiag

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.
_____________________________________________________________________________

Obs: Caso o relatório do ZHPDiag fique muito grande e não couber na sua resposta, acesse o site Cjoint:
[Você precisa estar registrado e conectado para ver este link.]

Clique no botão Parcourir... > Selecione o arquivo do log (relatório) e clique no botão Abrir.

Clique no botão Créer le lien Cjoint

Copie o link que aparecerá ao lado da frase Le lien a été créé e poste este link em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Remover mystartsearch.com do navegador

Mensagem por walber luiz em Dom 28 Jun 2015, 21:54

o procedimento foi feito igual ao tutorial, os vírus encontrados são do tipo PUP's

segue

[Você precisa estar registrado e conectado para ver este link.]
avatar
walber luiz
Membro
Membro

Mensagens : 98
Reputação : 1
Data de inscrição : 29/05/2015

Voltar ao Topo Ir em baixo

Re: Remover mystartsearch.com do navegador

Mensagem por Power Max em Seg 29 Jun 2015, 10:56

walber luiz escreveu:o procedimento foi feito igual ao tutorial, os vírus encontrados são do tipo PUP's
E você removeu estes vírus que o Malwarebytes encontrou? Confira na quarentena do Malwarebytes se eles estão lá, se eles estiverem na quarentena, está certo.
___________________________________________________________________________

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho abaixo e cole-o no espaço em branco do Zoek:

C:\ProgramData\cmcm;vs
C:\Users\super385011\AppData\Local\Setup546828;vs
emptyfolderscheck;delete


*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]
____________________________________________________________________________________

Selecione e copie todo o texto destacado em vermelho abaixo (começando em script zhpfix e indo até emptyclsid)

script zhpfix
SysRestore
[MD5.1D520DD9F756BF14B1252BD029758849] - (.Baidu, Inc. - CheckUpdate.) -- C:\Users\super385011\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\CheckUpdate.exe [263448] [PID.3756]
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKUS\S-1-5-21-2537286444-1251575466-2462476524-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
[MD5.0965CF41E461D0C872D09AEB4443F1A4] [APT] [{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}] (...) -- C:\Users\super385011\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\InstallHelp.exe [1324008]
O39 - APT: {2A6A6C0A-6DF1-4478-807F-2FF9BF46B935} - (...) -- C:\Windows\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job [690]
O39 - APT: {2A6A6C0A-6DF1-4478-807F-2FF9BF46B935} - (...) -- C:\Windows\System32\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935} [690]
[HKCU\Software\Baidu Security]
[HKCU\Software\Baidu]
[HKCU\Software\FVCR74MwTggnXvlY]
[HKLM\Software\Wow6432Node\23538_2015/05/31]
[HKLM\Software\Wow6432Node\CloudOPTInfo]
[HKLM\Software\Wow6432Node\CloudOpt]
[HKLM\Software\Wow6432Node\NtIObits]
O43 - CFD: 22/06/2015 - 19:25:13 - [] ----D C:\ProgramData\Baidu
O43 - CFD: 24/06/2015 - 16:32:50 - [] ----D C:\ProgramData\ToolsUpdatePlatform
O43 - CFD: 20/06/2015 - 22:03:37 - [] ----D C:\Users\super385011\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}
O58 - SDL:05/01/2015 - 16:41:52 ---A- . (.Kingsoft Corporation - Kingsoft KSAPI Module.) -- C:\Windows\System32\Drivers\ksapi64.sys [56680]
O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} - (Google) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {4130DFFB-CBCB-4C93-98A2-582133655D92} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
[HKLM\Software\Wow6432Node\23538_2015/05/31]:last="13077479879959"
ShortcutFix
EmptyTemp
EmptyFlash
emptyclsid

_____________________________________________________________________________________________________________

Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta juntamente com o log do Zoek que estará em C:\zoek-results.txt

Nota: Esse script foi elaborado somente para este computador, de acordo com os arquivos e chaves presentes.

Aos visitantes: Se estiverem com um problema semelhante, não utilizem esse script, pois o uso sem supervisão pode causar danos ao sistema.


_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Remover mystartsearch.com do navegador

Mensagem por walber luiz em Seg 29 Jun 2015, 17:30

Os eu fisso a exclusão de todos

arquivo relatório ZHPfix

Rapport de ZHPFix 2015.4.9.5 par Nicolas Coolman, Update du 18/03/2015
Fichier d'export Registre :
Run by super385011 at 29/06/2015 17:18:58
High Elevated Privileges : OK
Windows 8 Business Edition, 64-bit Service Pack 1 (9600)

Reciclagem vazia (00mn 08s)
Reparação de atalhos do navegador

========== Processo memória ==========
ELIMINÉ: Memory Process: C:\Users\super385011\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\CheckUpdate.exe

========== Chaves do Registo ==========
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKCU\Software\Baidu
ELIMINÉ: HKCU\Software\FVCR74MwTggnXvlY
ELIMINÉ: HKLM\Software\Wow6432Node\23538_2015/05/31
ELIMINÉ: HKLM\Software\Wow6432Node\CloudOPTInfo
ELIMINÉ: HKLM\Software\Wow6432Node\CloudOpt
ELIMINÉ: HKLM\Software\Wow6432Node\NtIObits
ELIMINÉ: SearchScopes :{012E1000-F331-11DB-8314-0800200C9A66}
ELIMINÉ: SearchScopes :{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
ELIMINÉ: SearchScopes :{4130DFFB-CBCB-4C93-98A2-582133655D92}

========== Valores do Registo ==========
ELIMINÉ RunValue: SynTPEnh
ELIMINÉ RunValue: CCleaner Monitoring

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\program files\ccleaner\ccleaner64.exe
ELIMINA REINICIAR: c:\windows\system32\drivers\ksapi64.sys
ELIMINÉ Temporários windows (Cool (22.097.751 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: {2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
1 : Processo memória
10 : Chaves do Registo
2 : Valores do Registo
1 : Pastas
4 : Ficheiros
1 : Tarefa planificada
1 : Restauração Sistema


End of clean in 00mn 40s

========== Caminho do ficheiro do relatório ==========
C:\Users\super385011\AppData\Roaming\ZHP\ZHPFix[R1].txt - 15/06/2015 08:02:27 [3731]
C:\Users\super385011\AppData\Roaming\ZHP\ZHPFix[R2].txt - 15/06/2015 16:51:33 [1461]
C:\Users\super385011\AppData\Roaming\ZHP\ZHPFix[R3].txt - 29/06/2015 17:19:07 [2063]

relatório Zoek

[Você precisa estar registrado e conectado para ver este link.]
avatar
walber luiz
Membro
Membro

Mensagens : 98
Reputação : 1
Data de inscrição : 29/05/2015

Voltar ao Topo Ir em baixo

Re: Remover mystartsearch.com do navegador

Mensagem por Power Max em Ter 30 Jun 2015, 11:58

Abra novamente o ( ZHPDiag )

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique "COMPLETA" e aguarde a conclusão:

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Ao concluir, poste o relatório ZHPDiag.txt

[Você precisa estar registrado e conectado para ver esta imagem.]
_______________________________________________

Obs: Caso o relatório do ZHPDiag fique muito grande e não couber na sua resposta, acesse o site Cjoint:
[Você precisa estar registrado e conectado para ver este link.]

Clique no botão Parcourir... > Selecione o arquivo do log (relatório) e clique no botão Abrir.

Clique no botão Créer le lien Cjoint

Copie o link que aparecerá ao lado da frase Le lien a été créé e poste este link em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Remover mystartsearch.com do navegador

Mensagem por walber luiz em Ter 30 Jun 2015, 17:08

segue

[Você precisa estar registrado e conectado para ver este link.]
avatar
walber luiz
Membro
Membro

Mensagens : 98
Reputação : 1
Data de inscrição : 29/05/2015

Voltar ao Topo Ir em baixo

Re: Remover mystartsearch.com do navegador

Mensagem por Power Max em Qua 01 Jul 2015, 09:11

Sugiro que desinstale o McAfee Security Scan Plus, que é desnecessário.
______________________________________________________________________

Como está seu computador depois destes procedimentos? Os problemas foram resolvidos?

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Remover mystartsearch.com do navegador

Mensagem por walber luiz em Qua 01 Jul 2015, 16:56

sim
só google que está demorando a abrir
avatar
walber luiz
Membro
Membro

Mensagens : 98
Reputação : 1
Data de inscrição : 29/05/2015

Voltar ao Topo Ir em baixo

Re: Remover mystartsearch.com do navegador

Mensagem por Power Max em Qua 01 Jul 2015, 17:32

Acesse: < [Você precisa estar registrado e conectado para ver esta imagem.] SecurityCheck > ( ... de glax24 )

Ao acessar o link acima, haverá um botão como este da imagem abaixo no qual você clicará para baixar o programa:

[Você precisa estar registrado e conectado para ver esta imagem.]

Salve-o no Desktop (Área de trabalho).

Utilize-o seguindo as dicas desta postagem:

Tutorial do SecurityCheck

Em sua próxima resposta poste, por gentileza, o log (relatório) criado pelo SecurityCheck para que possamos analisá-lo.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Remover mystartsearch.com do navegador

Mensagem por walber luiz em Qua 01 Jul 2015, 17:47

segue

SecurityCheck by glax24 v.1.4.0.22 [18.06.15]
WebSite: [Você precisa estar registrado e conectado para ver este link.]
DateLog: 01.07.2015 17:47:03
Path starting: C:\Users\super385011\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: super385011
VersionXML: 1.49is
___________________________________________________________________________

Windows 8.1(6.3.9600) (x64) ProfessionalWMC Lang: Portuguese(0416)
Installation date OS: 02.05.2015 02:47:21
LicenseStatus: Windows(R), ProfessionalWMC edition Volume activation will expire : 28783 minutes
LicenseStatus: Office 15, OfficeProPlusR_Grace edition Windows is in Notification mode
LicenseStatus: Office 15, OfficeProPlusVL_KMS_Client edition Volume activation will expire : 230738 minutes
Boot Mode: Normal
Default Browser: Internet Explorer (iexplore.exe)
SystemDrive: C: FS: [NTFS] Capacity: [226.2 Gb] Used: [81 Gb] Free: [145.2 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.9600.17842
UAC DISABLED (-1)
^It is recommended to enable: Win+R typing UserAccountControlSettings and Enter^
Запрос на повышение прав для администраторов disabled (-1)
Запрос на повышение прав для обычных пользователей disabled (-1)
Automatic download and scheduled installation
Date install updates: 2015-06-28 21:35:26
Windows Update (wuauserv) - The service is running
Central de Segurança (wscsvc) - The service is running
---------------------------- [ Antivirus_WMI ] ----------------------------
Avira Antivirus (включен и обновлен)
Windows Defender (выключен и обновлен)
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Avira Antivirus (включен и обновлен)
Windows Defender (выключен и обновлен)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Avira Antivirus v.15.0.11.574
--------------------------- [ OtherUtilities ] ----------------------------
Microsoft Silverlight v.5.1.40416.0
Malwarebytes Anti-Malware versão 2.1.8.1057 v.2.1.8.1057
SpywareBlaster 5.0 v.5.0.0
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 45 v.8.0.450
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Reader XI (11.0.11) - Português v.11.0.11
------------------------------- [ Browser ] -------------------------------
Google Chrome v.43.0.2357.130
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.43.0.2357.130
----------------------------- [ End of Log ] ------------------------------
avatar
walber luiz
Membro
Membro

Mensagens : 98
Reputação : 1
Data de inscrição : 29/05/2015

Voltar ao Topo Ir em baixo

Re: Remover mystartsearch.com do navegador

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Página 1 de 2 1, 2  Seguinte

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum