Fórum PC Brasil
Gostaria de reagir a esta mensagem? Crie uma conta em poucos cliques ou inicie sessão para continuar.
Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking reddit      

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14807 usuários registrados
O último membro registrado é Costa24

Os nossos membros postaram um total de 36044 mensagens em 3685 assuntos
Últimos assuntos
» Problema no disco rígido do Windows 11
por Costa24 Hoje à(s) 10:19

Quem está conectado?
17 usuários online :: 0 registrados, 0 invisíveis e 17 visitantes :: 1 motor de busca

Nenhum

O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
 
 

Resultados por:
 


Rechercher Pesquisa avançada

março 2024
SegTerQuaQuiSexSábDom
    123
45678910
11121314151617
18192021222324
25262728293031

Calendário Calendário


Remover mystartsearch.com do navegador

2 participantes

Página 1 de 2 1, 2  Seguinte

Ir para baixo

Remover mystartsearch.com do navegador Empty Remover mystartsearch.com do navegador

Mensagem por walber luiz Sáb 20 Jun 2015, 23:49

Usei vários tutoriais da internet e não funcionou.
Usei o da google chrome e não deu certo.
walber luiz
walber luiz
Membro
Membro

Mensagens : 110
Reputação : 3
Data de inscrição : 29/05/2015

Ir para o topo Ir para baixo

Remover mystartsearch.com do navegador Empty Re: Remover mystartsearch.com do navegador

Mensagem por Power Max Dom 21 Jun 2015, 11:59

Olá Walber.

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Remover mystartsearch.com do navegador Empty Re: Remover mystartsearch.com do navegador

Mensagem por walber luiz Dom 21 Jun 2015, 21:02

segue

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
walber luiz
walber luiz
Membro
Membro

Mensagens : 110
Reputação : 3
Data de inscrição : 29/05/2015

Ir para o topo Ir para baixo

Remover mystartsearch.com do navegador Empty Re: Remover mystartsearch.com do navegador

Mensagem por Power Max Dom 21 Jun 2015, 21:04

Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Remover mystartsearch.com do navegador Empty Re: Remover mystartsearch.com do navegador

Mensagem por walber luiz Dom 21 Jun 2015, 21:19

segue

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
walber luiz
walber luiz
Membro
Membro

Mensagens : 110
Reputação : 3
Data de inscrição : 29/05/2015

Ir para o topo Ir para baixo

Remover mystartsearch.com do navegador Empty Re: Remover mystartsearch.com do navegador

Mensagem por Power Max Dom 21 Jun 2015, 21:32

Desative temporariamente seu antivírus para evitar conflitos.

* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Salve-o no Desktop (Área de Trabalho).

Para executá-lo corretamente siga as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Remover mystartsearch.com do navegador Empty Re: Remover mystartsearch.com do navegador

Mensagem por walber luiz Seg 22 Jun 2015, 18:37

segue

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by super385011 on 22/06/2015 at 17:23:39,91.
Microsoft Windows 8.1 Pro com Media Center 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\super385011\Desktop\PcBrasil\zoek.exe [Scan all users] [Quick Scan] [Auto Clean]

==== System Restore Info ======================

22/06/2015 17:25:48 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\Users\super385011\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-06-22 00:08:35 CA2A8AF1DBAD0F31F9B33A2827DFBC16 207 ----a-w- C:\Windows\tweaking.com-regbackup-WALBER-Windows-8.1-Pro-with-Media-Center-(64-bit).dat
2015-06-05 14:30:29 C5EA2F940ED8FF335FF37D6803AFD33C 35741 ----a-w- C:\Windows\ProfessionalWMC.xml
2015-06-01 02:47:19 965D6C38C8636147CB28F3099EB408E8 35781 ----a-w- C:\Windows\Professional.xml
2015-05-29 13:04:50 7826082B93262AB6460E77B91C61EA30 128512 ----a-w- C:\Windows\splwow64.exe
2015-05-24 01:53:15 6B84FABCBD099B83A67DC447BA94F00C 707354 ----a-w- C:\Windows\unins000.exe
2015-05-24 01:53:15 48A24C924141C38B6F5B1506BBE66E78 3641 ----a-w- C:\Windows\unins000.dat
2015-05-23 22:30:38 CA2A8AF1DBAD0F31F9B33A2827DFBC16 207 ----a-w- C:\Windows\tweaking.com-regbackup-WALBER-Windows-8.1-Single-Language-(64-bit).dat
====== C:\Users\SUPER3~1\AppData\Local\Temp ====
2015-06-22 00:07:49 FDD26A402322F212DCA153FF8B1FFB6E 78816 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\pcwintech_tasksch.dll
2015-06-22 00:07:49 E0DC8C6BBC787B972A9A468648DBFD85 1008128 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\libiconv2.dll
2015-06-22 00:07:49 DC7A3BC0FC185CD68848DC6F7D7B026B 40960 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\SSubTmr6.dll
2015-06-22 00:07:49 D202BAA425176287017FFE1FB5D1B77C 103424 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\libintl3.dll
2015-06-22 00:07:49 A107DE2D120C0571B544EEC53D1971AB 1406208 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\TweakingRegistryBackup.exe
2015-06-22 00:07:49 57CAC848FA14AE38F14F9441F8933282 140288 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\pcre3.dll
2015-06-22 00:07:49 547C43567AB8C08EB30F6C6BACB479A3 79360 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\regex2.dll
2015-06-22 00:07:49 1B128828BF5E4353811B6DA58156B7F4 6656 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\files\dosdev.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-06-14 14:03:01 03B0224FD1E2D8A6DBC2B18404092F21 1070352 ----a-w- C:\Windows\SysWOW64\MSCOMCTL.OCX
2015-06-10 01:47:09 38D724C261738F1C3FD90D21B130E06A 178168 ----a-w- C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-10 01:47:08 9B3EE3F42109B4115FFE053C225FC1C6 792568 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-10 01:20:44 B0EDCA1168C874812A180EBCD1A43EB5 549888 ----a-w- C:\Windows\SysWOW64\comctl32.dll
2015-06-10 01:20:32 975421AC32F9F6E27A58F75DAB4B5871 19607040 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2015-06-10 01:20:26 DB254D50B4527C2821C537E0587B44E8 12829696 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2015-06-10 01:20:25 E4EB138060BAE0DBAB1A3B71A3141FE7 1950720 ----a-w- C:\Windows\SysWOW64\wininet.dll
2015-06-10 01:20:23 3FD7E6DB5D81FE400DB4D81D278596E6 4305920 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2015-06-10 01:20:22 927E38A35E4DFC4E294BD130BAA6F759 2278912 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2015-06-10 01:20:22 7DBCBB1647B7CD71E2039C1B50A12717 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 01:20:22 53E9614ADFA6A40A452BA014CEF6F261 1309696 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2015-06-10 01:20:20 2DED8A99E45053C42DD21D6937D3960C 689152 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 01:20:19 96837E5864777688477AF6DE2332C06D 503808 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2015-06-10 01:20:18 EF853EA2A6A7BD891CCF31B0C2915352 341504 ----a-w- C:\Windows\SysWOW64\html.iec
2015-06-10 01:20:18 C27C8CACEBC712BE2AD791715E9734EC 664064 ----a-w- C:\Windows\SysWOW64\jscript.dll
2015-06-10 01:20:17 B6D8148C1C697A7BF04EE0FE82408B6A 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 01:20:16 F26680AF396F89F7ABFDA1D1D6B62011 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 01:20:16 4ABEEF30EA5B9F4718312DCB60B6C9BC 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 01:20:15 AE8F02C9B1DC7364A94ABEB6E396611C 327168 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 01:20:15 3B850134010B7CCC546C29D51405C9DA 1042944 ----a-w- C:\Windows\SysWOW64\actxprxy.dll
2015-06-10 01:20:14 8AE1E22527BC203BAD89212F6D09F038 880128 ----a-w- C:\Windows\SysWOW64\inetcomm.dll
2015-06-10 01:20:14 7467B0605897898F8F32B4B9B9041F51 128000 ----a-w- C:\Windows\SysWOW64\iepeers.dll
2015-06-10 01:20:14 6B7210618D7E2CE0404ECF748701253A 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-06-14 03:10:07 ED49F197ABFD5921CDD0F97A99863648 564160 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT
2015-06-10 01:20:51 16D44C27EE81892ED918DA21544665DC 1020928 ----a-w- C:\Windows\Sysnative\appraiser.dll
2015-06-10 01:20:51 009FD5658121B32791D55D0F34B63883 700416 ----a-w- C:\Windows\Sysnative\generaltel.dll
2015-06-10 01:20:50 FC504D3310BBDABA4449C598C3F8113B 45568 ----a-w- C:\Windows\Sysnative\acmigration.dll
2015-06-10 01:20:50 F0CACB26E37A19A8049F7C4448ECC2F5 1119232 ----a-w- C:\Windows\Sysnative\aeinv.dll
2015-06-10 01:20:50 E87D4371B24BC9E5BAE95AEA60FFD959 193536 ----a-w- C:\Windows\Sysnative\aepic.dll
2015-06-10 01:20:50 ACDA86BD8FE54376586173BD55F678F9 756736 ----a-w- C:\Windows\Sysnative\invagent.dll
2015-06-10 01:20:50 90BFB92CF2AB75A01BF40D22BD1670A8 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll
2015-06-10 01:20:50 2C14C7A76B728DF9F2A0425166FDEE8F 422912 ----a-w- C:\Windows\Sysnative\devinv.dll
2015-06-10 01:20:48 B0B46D29B9F34D19B819B48E208871A5 36864 ----a-w- C:\Windows\Sysnative\UtcResources.dll
2015-06-10 01:20:48 3ECB752A6963B1CBC9AD65ED89C8ACED 1430528 ----a-w- C:\Windows\Sysnative\diagtrack.dll
2015-06-10 01:20:47 6CCC851608DD076C13E37737BB75A9DC 4177920 ----a-w- C:\Windows\Sysnative\win32k.sys
2015-06-10 01:20:44 0341BF7622E0D547446DB254868EF965 653824 ----a-w- C:\Windows\Sysnative\comctl32.dll
2015-06-10 01:20:33 A29BAFC1543F9D2234AFFFEA9BCE76C8 24917504 ----a-w- C:\Windows\Sysnative\mshtml.dll
2015-06-10 01:20:27 CFA52E2FE8E623042A1EEF96EB1B9481 6026240 ----a-w- C:\Windows\Sysnative\jscript9.dll
2015-06-10 01:20:26 417F80E4AFBA1AA9EBBD618F1C6D9165 2426880 ----a-w- C:\Windows\Sysnative\wininet.dll
2015-06-10 01:20:25 AE5A2843B4A2E1E558B9EE13EF62CCE5 14404096 ----a-w- C:\Windows\Sysnative\ieframe.dll
2015-06-10 01:20:23 6E295C7364DAEB151CC0E98434B6AC92 2885632 ----a-w- C:\Windows\Sysnative\iertutil.dll
2015-06-10 01:20:23 6ABFC5736EC920C4436F32111F5CBCEE 1545728 ----a-w- C:\Windows\Sysnative\urlmon.dll
2015-06-10 01:20:21 7B4A7D55E905ED9A0A4B1263BA7C6944 2865152 ----a-w- C:\Windows\Sysnative\actxprxy.dll
2015-06-10 01:20:20 33B5F1A727FACDEA7CDA0E35FFAADDCF 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll
2015-06-10 01:20:19 FF84182188CA8F0DC28CFED06C9B7816 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
2015-06-10 01:20:19 2BC2D3A41BB755487FD55C09938F00BC 417792 ----a-w- C:\Windows\Sysnative\html.iec
2015-06-10 01:20:18 83781DF625A4448B39410D7FA2BDC48D 816640 ----a-w- C:\Windows\Sysnative\jscript.dll
2015-06-10 01:20:18 083BCA14FCE290D682D8DAC9372CBF23 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2015-06-10 01:20:17 7F8F9AE03D1BA4354671E05F07A40F1A 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll
2015-06-10 01:20:17 3854BFE1C0F14872C94501421CC40813 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll
2015-06-10 01:20:16 86FDFEA67833DB261EC01A777594EDCF 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll
2015-06-10 01:20:15 ACD6FE6C82B93813F023FC01A51CB940 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll
2015-06-10 01:20:15 614604C8D322D0779E426917CAFE4F3E 262144 ----a-w- C:\Windows\Sysnative\webcheck.dll
2015-06-10 01:20:14 9EFAF10AF9BFA6CDBDDE3D8C5EDC3453 145408 ----a-w- C:\Windows\Sysnative\iepeers.dll
2015-06-10 01:20:14 35622F5A652C4E16774234DCA0026E74 633856 ----a-w- C:\Windows\Sysnative\ieui.dll
2015-06-10 01:20:14 1E31F06BE53F11CF5E660284E68587AC 374272 ----a-w- C:\Windows\Sysnative\iedkcs32.dll
2015-06-10 01:20:14 11E5CD954CC38080471E7CC2CA1558AE 1032704 ----a-w- C:\Windows\Sysnative\inetcomm.dll
====== C:\Windows\Sysnative\drivers =====
2015-06-16 02:54:53 83586138F23A4C284EB68AFC852D7AFA 43576 ----a-w- C:\Windows\Sysnative\drivers\avnetflt.sys
2015-06-16 02:54:52 CC1ABBD9E61B7AA5CCBB45EA87CB033F 153256 ----a-w- C:\Windows\Sysnative\drivers\avgntflt.sys
2015-06-16 02:54:52 390184FAD8FCC1B6DA25AEBAE928C3B6 28600 ----a-w- C:\Windows\Sysnative\drivers\avkmgr.sys
2015-06-16 02:54:52 07C8454D3A94BA478752FAFA2B94E0FE 132656 ----a-w- C:\Windows\Sysnative\drivers\avipbb.sys
2015-06-15 20:44:29 F6C788978015E6C6D5D1C52AD1DAD869 52480 ----a-w- C:\Windows\Sysnative\drivers\BTOWSVF.sys
2015-06-15 20:44:29 D186196FDBB0C28DF3AD6F6D4E588BA5 52992 ----a-w- C:\Windows\Sysnative\drivers\KSafeDISK.sys
2015-06-15 20:44:29 8AFF20CEF200019108814FB0E43DA6A4 33024 ----a-w- C:\Windows\Sysnative\drivers\BTOWSFF.sys
2015-06-07 00:21:42 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_WinUsb_01009.Wdf
2015-05-29 13:13:12 B8F36CBC72FC5C8B8A30AD850165EA8E 72192 ----a-w- C:\Windows\Sysnative\drivers\ndproxy.sys
2015-05-29 13:13:12 23006D660C0E54BF1CE8253E15F5E995 80896 ----a-w- C:\Windows\Sysnative\drivers\wanarp.sys
2015-05-29 13:05:01 7EC9376D245D734791AD46738712E7D8 473408 ----a-w- C:\Windows\Sysnative\drivers\netio.sys
2015-05-29 13:05:00 1BD3022FD6E450B00DE560265638FD2A 112640 ----a-w- C:\Windows\Sysnative\drivers\rasl2tp.sys
2015-05-29 13:04:58 F6ECFD6128A16A4851CFE98D4E01B011 551232 ----a-w- C:\Windows\Sysnative\drivers\vhdmp.sys
2015-05-29 13:04:57 715ABA3DD164D06457A2A3C92F6EA9D5 136512 ----a-w- C:\Windows\Sysnative\drivers\wfplwfs.sys
2015-05-29 13:04:57 5917AFE4A3F695A54B99C1849C8207FE 59712 ----a-w- C:\Windows\Sysnative\drivers\kbdclass.sys
2015-05-29 13:04:57 49EE0AE9E5B64FFBBD06D55C4984B598 108544 ----a-w- C:\Windows\Sysnative\drivers\i8042prt.sys
2015-05-29 13:04:57 389C998C64319CD97625B0550E52ECFA 58176 ----a-w- C:\Windows\Sysnative\drivers\dam.sys
2015-05-29 13:04:57 08374E4E5B8914DE6067CBA99F61E930 51008 ----a-w- C:\Windows\Sysnative\drivers\mouclass.sys
2015-05-29 13:04:56 ED54A75050211DC77F9B98C41E026858 86336 ----a-w- C:\Windows\Sysnative\drivers\pdc.sys
2015-05-29 13:04:56 AD7F69237480F6CB6294EFD9EE4CD04C 428864 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS
2015-05-29 13:04:56 7AA01AB1C110916825E6E1389F1B9AF2 39744 ----a-w- C:\Windows\Sysnative\drivers\intelpep.sys
2015-05-29 13:04:56 3C2DF97A21A9BBE6355B0A51F288EFFF 2485056 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys
2015-05-29 13:04:54 DC1D9F692C2AD84C214584C28501C1F7 24576 ----a-w- C:\Windows\Sysnative\drivers\ndistapi.sys
2015-05-29 13:04:54 8CD840A062F6BDF41DDE3ACB96164B72 32256 ----a-w- C:\Windows\Sysnative\drivers\kbdhid.sys
2015-05-29 13:04:54 5FCBAB60598AE119E02B4C27DE6B99EA 30208 ----a-w- C:\Windows\Sysnative\drivers\mouhid.sys
2015-05-29 13:04:54 3EE5097945A7F680E320953271EB2D4F 96768 ----a-w- C:\Windows\Sysnative\drivers\agilevpn.sys
2015-05-29 13:04:54 148195AE95D9BC7375A08846439FDAC1 26112 ----a-w- C:\Windows\Sysnative\drivers\sermouse.sys
2015-05-29 13:03:49 44603DA5A87FB491EF59C889EBBB4DDB 325464 ----a-w- C:\Windows\Sysnative\drivers\USBXHCI.SYS
2015-05-24 00:56:42 E9CD058C79EA15B4AA93E259FA713B07 136408 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2015-05-24 00:56:16 54D70409DE6932E9EFA117779611E7A9 107736 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys
2015-05-24 00:56:16 28B597A61C9AC9B59BC0573D70A62CBF 64216 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys
2015-05-24 00:56:16 1E9E32AEC3E1EB1B31B8169F33168B56 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys
====== C:\Windows\Tasks ======
2015-06-21 01:03:40 FDDCC67A909D358F43719A538FE7D282 3614 ----a-w- C:\Windows\Sysnative\Tasks\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}{19F8DB95-4D78-4ddb-AC71-C610654FE37F}
2015-06-21 01:03:40 9ED8FC772D5E58DDC39E13F6D1EB90AA 644 ----a-w- C:\Windows\Tasks\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}{19F8DB95-4D78-4ddb-AC71-C610654FE37F}.job
2015-06-21 01:03:37 83FE67B89F0F348596D0AB833229856E 3360 ----a-w- C:\Windows\Sysnative\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}
2015-06-21 01:03:37 66651F4A178986CC0E91184D3BCDACDD 690 ----a-w- C:\Windows\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job
2015-06-21 01:03:33 9955E8B63485FB9E4FFD783FE0CC0FD1 3054 ----a-w- C:\Windows\Sysnative\Tasks\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}
2015-06-21 01:03:32 DE0D407D3EBE81DF5298A9FD6E27B5A9 386 ----a-w- C:\Windows\Tasks\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}.job
2015-06-18 14:39:17 1290C47C46EE78707ABB77A765E42CD5 3522 ----a-w- C:\Windows\Sysnative\Tasks\ToolsUpdatePlatform_ScheduledTask
2015-06-18 14:39:16 DDF5D77B016E981E1AAB3D03D20457FA 456 ----a-w- C:\Windows\Tasks\ToolsUpdatePlatform_ScheduledTask.job
2015-06-15 20:44:26 0C845197465DF29228D5029EC61DC57D 3294 ----a-w- C:\Windows\Sysnative\Tasks\ToolwizCareFree
2015-06-12 02:35:42 357EE89B26D0B0F5BC51522FCD236A32 5018 ----a-w- C:\Windows\Sysnative\Tasks\Microsoft Office 15 Sync Maintenance for WALBER-super385011 WALBER
2015-05-23 23:48:56 5967216AB31EB28C73A3A5ECC1D43C8C 3598 ----a-w- C:\Windows\Sysnative\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2537286444-1251575466-2462476524-1001
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-06-15 00:40:12 -------- d-----w- C:\Program Files\Microsoft.NET
2015-06-14 01:25:44 -------- d-----w- C:\Program Files\Corel
2015-06-13 20:18:26 -------- d-----w- C:\Program Files\Classic Shell
2015-06-12 02:17:57 -------- d-----w- C:\Program Files\Common Files\DESIGNER
2015-06-12 02:16:36 -------- d-----w- C:\Program Files\Microsoft SQL Server
2015-06-12 02:12:49 -------- d-----w- C:\Program Files\Microsoft Analysis Services
2015-06-12 02:12:36 -------- d-----w- C:\Program Files\Microsoft Office
2015-06-11 16:34:51 -------- d-----w- C:\Program Files\Microsoft Office 15
2015-06-07 03:56:36 -------- d-----w- C:\Program Files\Microsoft Silverlight
2015-06-03 20:54:17 -------- d-----w- C:\Program Files\Common Files\Corel
2015-05-31 22:59:06 -------- d-----w- C:\Program Files\Common Files\Protexis
======= C:\PROGRA~2 =====
2015-06-21 01:03:25 -------- d-----w- C:\PROGRA~2\CalendarTool
2015-06-18 14:39:14 -------- d-----w- C:\PROGRA~2\ToolsUpdatePlatform
2015-06-18 13:03:29 -------- d-----w- C:\PROGRA~2\Adobe
2015-06-16 02:54:48 -------- d-----w- C:\PROGRA~2\Avira
2015-06-14 14:07:55 -------- d-----w- C:\PROGRA~2\Unchecky
2015-06-14 01:29:56 -------- d-----w- C:\PROGRA~2\gs
2015-06-12 02:17:26 -------- d-----w- C:\PROGRA~2\Microsoft SQL Server
2015-06-12 02:12:49 -------- d-----w- C:\PROGRA~2\Microsoft Analysis Services
2015-06-07 03:56:36 -------- d-----w- C:\PROGRA~2\Microsoft Silverlight
2015-06-07 00:38:12 -------- d-----w- C:\PROGRA~2\MSXML 4.0
2015-06-05 19:04:50 -------- d-----w- C:\PROGRA~2\COMMON~1\Adobe
2015-05-28 23:45:43 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
2015-05-28 23:44:37 -------- d-----w- C:\PROGRA~2\Java
======= C: =====
2015-06-05 19:05:37 99C30B73B3F4F83086F85192EFE70DBB 40 ---ha-w- C:\686EEC4358AD
====== C:\Users\super385011\AppData\Roaming ======
2015-06-21 01:03:41 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\CalendarTool
2015-06-21 01:03:37 -------- d-----w- C:\Users\super385011\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}
2015-06-21 01:03:29 -------- d-----w- C:\Users\super385011\AppData\Roaming\CalendarTool
2015-06-18 13:24:15 -------- d-----w- C:\Users\super385011\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-17 21:01:53 -------- d-----w- C:\Users\super385011\AppData\Roaming\Stereoscopic Player
2015-06-16 15:10:12 -------- d-----w- C:\Users\super385011\AppData\Local\Apps
2015-06-16 15:10:11 -------- d-----w- C:\Users\super385011\AppData\Local\Deployment
2015-06-16 02:57:11 -------- d-----w- C:\Users\super385011\AppData\Roaming\Avira
2015-06-15 20:44:27 -------- d-----w- C:\Users\super385011\AppData\Local\ToolwizCareFree
2015-06-15 20:15:24 -------- d-----w- C:\Users\super385011\AppData\Local\AviraSpeedup
2015-06-15 20:15:18 -------- d-----w- C:\Users\super385011\AppData\Local\Temp
2015-06-15 12:31:09 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2015-06-15 12:31:08 -------- d-----w- C:\Users\USURIO~1\AppData\Local\Temp
2015-06-15 12:31:08 -------- d-----w- C:\Users\Default\AppData\Local\Temp
2015-06-15 12:31:08 -------- d-----w- C:\Users\Default User\AppData\Local\Temp
2015-06-14 23:22:31 -------- d-----w- C:\Users\super385011\AppData\Roaming\ZHP
2015-06-14 03:21:28 135BF2ADFD29A7192DC3F2F858AC6978 571016 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat
2015-06-14 01:44:03 -------- d-----w- C:\Users\super385011\AppData\Roaming\Corel
2015-06-13 20:28:34 -------- d-----w- C:\Users\super385011\AppData\Local\ClassicShell
2015-06-11 15:58:27 -------- d-----w- C:\Users\super385011\AppData\Local\GWX
2015-06-07 03:28:56 -------- d-----w- C:\Users\super385011\AppData\Roaming\uTorrent
2015-06-07 01:41:41 -------- d-----w- C:\Users\super385011\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-06-06 22:37:49 -------- d-----w- C:\Users\super385011\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2015-06-06 21:26:32 -------- d-----w- C:\Users\super385011\AppData\Roaming\LG Electronics
2015-06-06 21:16:47 -------- d-----w- C:\Users\super385011\AppData\Local\LG Electronics
2015-06-05 19:04:50 -------- d-----w- C:\Users\super385011\AppData\Local\Adobe
2015-06-05 19:04:49 -------- d-----w- C:\Users\super385011\AppData\Roaming\Adobe
2015-06-05 14:43:53 -------- d-----w- C:\Users\USURIO~1\AppData\Roaming\Media Center Programs
2015-06-05 14:43:53 -------- d-----w- C:\Users\Default\AppData\Roaming\Media Center Programs
2015-06-05 14:43:53 -------- d-----w- C:\Users\Default User\AppData\Roaming\Media Center Programs
2015-06-02 23:59:49 -------- d-----w- C:\Users\super385011\AppData\Local\paint.net
2015-05-30 04:01:30 -------- d-----w- C:\Users\USURIO~1\AppData\Local\Microsoft Help
2015-05-30 04:01:30 -------- d-----w- C:\Users\Default\AppData\Local\Microsoft Help
2015-05-30 04:01:30 -------- d-----w- C:\Users\Default User\AppData\Local\Microsoft Help
2015-05-30 03:17:39 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Identities
2015-05-28 23:42:30 -------- d-----w- C:\Users\super385011\AppData\Locallow\Sun
2015-05-25 00:59:16 -------- d-----w- C:\Users\super385011\AppData\Roaming\Mozilla
2015-05-25 00:59:16 -------- d-----w- C:\Users\super385011\AppData\Local\Mozilla
====== C:\Users\super385011 ======
2015-06-22 20:11:58 -------- d-----w- C:\Users\Public\Documents\Guid
2015-06-22 00:20:03 -------- d-----w- C:\Users\Public\Documents\PC Faster
2015-06-22 00:20:03 -------- d-----w- C:\Users\Public\Documents\Baidu
2015-06-21 23:45:00 1A6501B45306B3F5A125FAACE18C5FDE 2244096 ----a-w- C:\Users\super385011\Downloads\adwcleaner_4.207 (1).exe
2015-06-19 23:08:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-06-18 03:48:42 FE7373EF7A4CF252FE9357D20491E86D 25 ----a-w- C:\Users\super385011\Desktop\Ram.vbs
2015-06-17 22:39:20 D957D405B01A04DEB1C066F787B70B16 576456 ----a-w- C:\Users\TODOSO~1\ToolsUpdatePlatform\CallBackInstall.exe
2015-06-17 22:10:00 -------- d-----w- C:\Users\TODOSO~1\ToolsUpdatePlatform
2015-06-17 22:10:00 -------- d-----w- C:\ProgramData\ToolsUpdatePlatform
2015-06-17 20:51:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3dtv.at Stereoscopic Player
2015-06-17 20:24:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Essentials Codec Pack
2015-06-16 15:14:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-16 02:33:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2015-06-15 21:45:21 -------- d-----w- C:\Users\TODOSO~1\Avira
2015-06-15 21:45:21 -------- d-----w- C:\ProgramData\Avira
2015-06-15 20:44:27 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ToolwizCareFree
2015-06-15 20:15:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviraSpeedup
2015-06-15 20:12:28 -------- d-----w- C:\Users\Public\Speedup Sessions
2015-06-14 14:08:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky
2015-06-14 14:07:59 -------- d-----w- C:\Users\TODOSO~1\Unchecky
2015-06-14 14:07:59 -------- d-----w- C:\ProgramData\Unchecky
2015-06-14 14:03:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2015-06-14 01:27:26 -------- d-----w- C:\Users\Public\Documents\Corel
2015-06-14 01:26:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)
2015-06-13 20:18:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2015-06-11 16:39:17 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-06-10 01:05:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iRoot
2015-06-07 21:07:39 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-06-06 22:46:28 -------- d-----w- C:\Users\Public\Documents\CrashDump
2015-06-06 21:16:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite
2015-06-06 21:13:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-06-05 19:05:01 -------- d-----w- C:\Users\TODOSO~1\Adobe
2015-06-05 19:05:01 -------- d-----w- C:\ProgramData\Adobe
2015-06-05 14:43:53 -------- d-----r- C:\Users\Public\Recorded TV
2015-06-03 20:53:59 -------- d-----w- C:\Users\TODOSO~1\Protexis
2015-06-03 20:53:59 -------- d-----w- C:\ProgramData\Protexis
2015-06-03 02:17:30 -------- d-----w- C:\Users\TODOSO~1\Protexis64
2015-06-03 02:17:30 -------- d-----w- C:\ProgramData\Protexis64
2015-05-31 22:52:59 -------- d-----w- C:\Users\TODOSO~1\Corel
2015-05-31 22:52:59 -------- d-----w- C:\ProgramData\Corel
2015-05-31 20:19:35 -------- d-----w- C:\Users\TODOSO~1\Licenses
2015-05-31 20:19:35 -------- d-----w- C:\ProgramData\Licenses
2015-05-28 23:45:45 -------- d-----w- C:\Users\TODOSO~1\Sun
2015-05-28 23:45:45 -------- d-----w- C:\ProgramData\Sun
2015-05-28 23:45:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-05-28 23:44:41 -------- d-----w- C:\Users\TODOSO~1\Oracle
2015-05-28 23:44:41 -------- d-----w- C:\ProgramData\Oracle

====== C: exe-files ==
2015-06-22 02:08:20 D706A63A455D31900734313CE2050FDF 15968 --s-a-w- C:\$RECYCLE.BIN\S-1-5-21-2537286444-1251575466-2462476524-1001\$RKNO0IJ\C_PROGRA~3_InstallMate\{84481A87-2316-4923-8FAB-3BA8CA29323D}\Setup.exe
2015-06-22 00:07:49 A107DE2D120C0571B544EEC53D1971AB 1406208 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\TweakingRegistryBackup.exe
2015-06-22 00:07:49 1B128828BF5E4353811B6DA58156B7F4 6656 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\files\dosdev.exe
2015-06-22 00:07:09 CABCDE288C5C7F0C1F933CD2EB6F7834 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2537286444-1251575466-2462476524-1001\$IE371F2.exe
2015-06-22 00:06:57 7D4D2582898E865A7EEEDDFAC649231A 2950454 ----a-w- C:\Users\super385011\Desktop\PcBrasil\JRT.exe
2015-06-21 23:45:00 1A6501B45306B3F5A125FAACE18C5FDE 2244096 ----a-w- C:\Users\super385011\Downloads\adwcleaner_4.207 (1).exe
2015-06-21 23:44:36 1A6501B45306B3F5A125FAACE18C5FDE 2244096 ----a-w- C:\Users\super385011\Desktop\PcBrasil\adwcleaner_4.207.exe
2015-06-21 02:35:03 8D2A6A6659F60C6D718D9F9289AE1A61 1847296 ----a-w- C:\Users\super385011\Desktop\PcBrasil\ZHPCleaner.exe
2015-06-21 02:34:09 2F3BFECADEBFFB1C8C2248AEA01D643D 3521467 ----a-w- C:\Users\super385011\Desktop\PcBrasil\ZHPFix.exe
2015-06-21 02:27:38 1833923DA90E73C3A392F05069E3BA8B 6883618 ----a-w- C:\Users\super385011\Desktop\PcBrasil\ZHPDiag2.exe
2015-06-21 02:21:54 E0C27AAD0A97444BB001C0F2B976A6EA 781312 ----a-w- C:\Users\super385011\Desktop\PcBrasil\delfix_1.010.exe
2015-06-21 02:21:01 0DC9E740762A383BB935340EC5ABDBC3 1196032 ----a-w- C:\Users\super385011\Desktop\PcBrasil\CTR.exe
2015-06-21 02:20:14 8DA935E5025B2503DF2C77967A711C6A 1348096 ----a-w- C:\Users\super385011\Desktop\PcBrasil\SFTGC.exe
2015-06-21 02:19:36 2E7C383EA6EF472E08228AABA2A599D4 1148416 ----a-w- C:\Users\super385011\Desktop\PcBrasil\FRST.exe
2015-06-21 02:19:07 700B66BC8B579C3CA00DC36E6E48714C 646656 ----a-w- C:\Users\super385011\Desktop\PcBrasil\OTS.exe
2015-06-21 02:18:49 88B5B67C00BBB7958783E4880A401360 1019293 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2537286444-1251575466-2462476524-1001\$RE371F2.exe
2015-06-21 01:03:37 1D520DD9F756BF14B1252BD029758849 263448 ----a-w- C:\Users\super385011\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\CheckUpdate.exe
2015-06-21 01:03:37 0965CF41E461D0C872D09AEB4443F1A4 1324008 ----a-w- C:\Users\super385011\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\InstallHelp.exe
2015-06-19 22:37:00 6C92F98B6B3232838A695D22EE28D9A3 4737144 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avira_en____fm.exe
2015-06-18 21:39:42 31657ADA786863B73FAC28E5BD0753AD 382168 ----a-w- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\ReaderUpdater.exe
2015-06-18 21:39:41 31657ADA786863B73FAC28E5BD0753AD 382168 ----a-w- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AcrobatUpdater.exe
2015-06-17 22:39:20 D957D405B01A04DEB1C066F787B70B16 576456 ----a-w- C:\Users\Todos os Usuários\ToolsUpdatePlatform\CallBackInstall.exe
2015-06-17 22:39:20 D957D405B01A04DEB1C066F787B70B16 576456 ----a-w- C:\ProgramData\ToolsUpdatePlatform\CallBackInstall.exe
2015-06-16 15:54:00 B1798BC27E40983B12FEFD0D85C05B3F 873800 ----a-w- C:\Users\super385011\AppData\Local\Google\Chrome\User Data\SwReporter\3.21.0\software_reporter_tool.exe
2015-06-16 15:19:17 F6EEE6848E933962E12E7B3F25C73C88 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateBroker.exe
2015-06-16 15:19:17 C990A8EAD57DA59FA8156CC02D3B7DA5 931408 ----a-w- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateSetup.exe
2015-06-16 15:19:17 6732C4A894855042FD3618406B6BBD48 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe
2015-06-16 15:19:17 0894890F30B5F6510DF953BC50B5504F 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateWebPlugin.exe
2015-06-16 15:19:13 BB3045B399D898061B926B447C446E05 127816 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateComRegisterShell64.exe
2015-06-16 15:19:13 8715A0D10CFFC8DEE923957F07DAA042 244040 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
2015-06-16 15:19:13 6509A96DAE25340772B51AC020CB1094 304968 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
2015-06-16 15:19:12 0C03FB91E17987EED93F60007B08DAA0 144200 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdate.exe
2015-06-16 15:19:10 C990A8EAD57DA59FA8156CC02D3B7DA5 931408 ----a-w- C:\Program Files (x86)\Google\Update\Install\{C47A42F7-2AF1-4AA6-8673-ACEDC53F6B8B}\GoogleUpdateSetup.exe
2015-06-16 15:19:10 C990A8EAD57DA59FA8156CC02D3B7DA5 931408 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.27.5\GoogleUpdateSetup.exe
2015-06-16 15:14:09 E9E39FDA16E98FFB4722A24D572E0250 42089552 ----a-w- C:\Program Files (x86)\Google\Update\Install\{B4674BEF-A6BE-4FAD-AD70-9C47FB72FF13}\43.0.2357.124_chrome_installer.exe
2015-06-16 15:14:07 E9E39FDA16E98FFB4722A24D572E0250 42089552 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\43.0.2357.124\43.0.2357.124_chrome_installer.exe
2015-06-16 15:12:02 E1B44A75947137F4143308D566889837 107848 ----atw- C:\Program Files (x86)\Google\Update\GoogleGGupdate.exe
2015-06-16 15:11:36 F6414DD3B23979312F8EBB91DE794178 11080 ------w- C:\Users\super385011\AppData\Local\Apps\2.0\JYRAP86D.WCL\1VWQ5ELP.0XX\inst...app_86fd5b6b43e66935_0001.0003_3acec3780f16ae88\clickonce_bootstrap.exe
2015-06-16 15:11:36 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Users\super385011\AppData\Local\Apps\2.0\JYRAP86D.WCL\1VWQ5ELP.0XX\inst...app_86fd5b6b43e66935_0001.0003_3acec3780f16ae88\GoogleUpdateSetup.exe
2015-06-16 15:11:36 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Users\super385011\AppData\Local\Apps\2.0\JYRAP86D.WCL\1VWQ5ELP.0XX\clic...exe_86fd5b6b43e66935_0001.0003_none_f263691f58f224f9\GoogleUpdateSetup.exe
2015-06-16 14:29:01 5A89E2D96A4EEFA535FC8174EC1F7C68 1084664 ----a-w- C:\Users\Todos os Usuários\Avira\Antivirus\TEMP\SELFUPDATE\update.exe
2015-06-16 14:29:01 5A89E2D96A4EEFA535FC8174EC1F7C68 1084664 ----a-w- C:\ProgramData\Avira\Antivirus\TEMP\SELFUPDATE\update.exe
2015-06-16 14:29:01 42EF846B9E24D99D2558B7F913874A3B 394032 ----a-w- C:\Users\Todos os Usuários\Avira\Antivirus\TEMP\SELFUPDATE\updrgui.exe
2015-06-16 14:29:01 42EF846B9E24D99D2558B7F913874A3B 394032 ----a-w- C:\ProgramData\Avira\Antivirus\TEMP\SELFUPDATE\updrgui.exe
2015-06-16 14:28:30 44AAA7A2E7194603559DAB6F96CA6DD6 577784 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\AdministrativeRightsProvider.exe
2015-06-16 14:27:54 6C92F98B6B3232838A695D22EE28D9A3 4737144 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avira_ptbr____fm.exe
2015-06-16 02:55:05 24B128BBF0F67A8F43897314BA5C40DA 508152 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe
2015-06-16 02:54:55 5A89E2D96A4EEFA535FC8174EC1F7C68 1084664 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe
2015-06-16 02:54:55 42EF846B9E24D99D2558B7F913874A3B 394032 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\updrgui.exe
2015-06-16 02:54:54 E332704E2780E0B6389D915F109D3FEE 465864 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe
2015-06-16 02:54:54 CFA27AE04A26FF195E14040108DD8D92 668464 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\guardgui.exe
2015-06-16 02:54:54 C194EBC16FFE1A083387CD6D97CAE663 401200 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\checkt.exe
2015-06-16 02:54:54 A2452501EA665FF4493C678E42C49F08 1992440 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe
2015-06-16 02:54:54 574F75AD6CC659DC49F3EB9B57D9D90D 429304 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\setuppending.exe
2015-06-16 02:54:54 5295EBB03544AB98C5E971C6795C25C6 468728 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\ccuac.exe
2015-06-16 02:54:54 50D6125A1EAE284E1781118D6A24A709 68912 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\toastnotifier.exe
2015-06-16 02:54:54 2A46F5DC183853BEF1BC8347F7F672A0 460024 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\rscdwld.exe
2015-06-16 02:54:54 1B97B893DF21C8A36C4DE704FE538697 898808 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\fact.exe
2015-06-16 02:54:54 1892E1DB0B6431720B98B52AE9388C28 450808 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
2015-06-16 02:54:54 1093865849D6B27531E473791EF5BC19 490440 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\inssda64.exe
2015-06-16 02:54:54 0BD137E010D8CEE6AEF0EB3D6030E7CA 568112 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\licmgr.exe
2015-06-16 02:54:53 CCF7D341EBF8478BDDA6A2E54835881D 1058608 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avwsc.exe
2015-06-16 02:54:53 A9861F16762ABF8C1710E599FBBA6A7E 1187336 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
2015-06-16 02:54:53 8F86F2D64C6792C3AD14ED5EA4943F59 716808 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe
2015-06-16 02:54:53 6FD5165364D88FDABE4FA59E1768376F 1188360 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
2015-06-16 02:54:53 4511374AA9988B54CB97BA1D05DF65DD 1040688 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
2015-06-16 02:54:53 26ED091D10780563931A6961A19089FF 409392 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avupgsvc.exe
2015-06-16 02:54:53 24390030CBD3D3DED90F8FAF2F4B27B9 562936 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avrestart.exe
2015-06-16 02:54:53 11A94C65A29BBF0317302E1CF9CE5C9A 625912 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
2015-06-16 02:54:52 F5D67941905CE55DB26A71409245BBFA 543992 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avmcdlg.exe
2015-06-16 02:54:52 F5638F8625D4F608B416A55978B75664 715568 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
2015-06-16 02:54:52 A6ABD4AF02AB03676DEA55F383ABC7C2 730416 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
2015-06-16 02:54:52 6C82CA438DBBB56EBF46506360411BC9 825136 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
2015-06-16 02:54:52 4BDDF124CEB1342D3CE113BE97365FD2 838152 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avconfig.exe
2015-06-16 02:54:52 3358CAD1887DDDDD2A36B7796B579292 827184 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
2015-06-16 02:54:52 2D9F792E8129FE8ABC77AFCDBD6CF4D4 420144 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avadmin.exe
2015-06-16 02:54:52 1892E1DB0B6431720B98B52AE9388C28 450808 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
=== C: other files ==
2015-06-22 00:07:49 F206D8CBAD79E949AC9ADBE8AF2D60B7 2374 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\medfos.bat
2015-06-22 00:07:49 D574912A12CAAFD0E47A7757A0D9527F 9174 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\searchlnk.bat
2015-06-22 00:07:49 C16EBCAA02F2976408D2F5A68D2562FF 1771 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\delfolders.bat
2015-06-22 00:07:49 BD130F08F50D61C3859B6F819F3558A5 31138 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\iexplore.bat
2015-06-22 00:07:49 B23B16209341AEAE62A7D32117A36F55 1192 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\TDL4.bat
2015-06-22 00:07:49 A8F5541C419593F3ECAC0E0A3FB0F2BA 1162 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\surfvox.bat
2015-06-22 00:07:49 A6DEDFDFF4E2321F44790819C5F310F1 13907 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\chrome.bat
2015-06-22 00:07:49 A337A318BC530E1C231F4148DDFE4C60 7393 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\runvalues.bat
2015-06-22 00:07:49 93A6196509429319C854A941F14F1E7C 252 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\ev_clear.bat
2015-06-22 00:07:49 9246BABAAAE2978EABF6F0D784B0683D 34543 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\prelim.bat
2015-06-22 00:07:49 78551B6A98FF3EE95DB330BB742F7AD0 152662 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\firefox.bat
2015-06-22 00:07:49 749C44588AD7BD398F1BDCD030F2B081 21096 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\ask.bat
2015-06-22 00:07:49 654E99115CFEC77263269E5EB6717E4C 131287 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\misc.bat
2015-06-22 00:07:49 49B4FCAB4947D8A494C0108127101009 4756 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\chrome_pref.bat
2015-06-22 00:07:49 2719B06EF921402D7D820120D79D4E88 14504 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\mws.bat
2015-06-22 00:07:49 05E06D3F96DDF25998D8C3117035B7B6 17011 ----a-w- C:\Users\super385011\AppData\Local\Temp\jrt\get.bat
2015-06-18 03:48:42 FE7373EF7A4CF252FE9357D20491E86D 25 ----a-w- C:\Users\super385011\Desktop\Ram.vbs
2015-06-16 02:54:54 E00029BB9F70B7517852FF6965945463 7792 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\sweb.zip
2015-06-16 02:54:53 83586138F23A4C284EB68AFC852D7AFA 43576 ----a-w- C:\Windows\System32\drivers\avnetflt.sys
2015-06-16 02:54:53 83586138F23A4C284EB68AFC852D7AFA 43576 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avnetflt.sys
2015-06-16 02:54:52 CC1ABBD9E61B7AA5CCBB45EA87CB033F 153256 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2015-06-16 02:54:52 CC1ABBD9E61B7AA5CCBB45EA87CB033F 153256 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avgntflt.sys
2015-06-16 02:54:52 390184FAD8FCC1B6DA25AEBAE928C3B6 28600 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
2015-06-16 02:54:52 390184FAD8FCC1B6DA25AEBAE928C3B6 28600 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avkmgr.sys
2015-06-16 02:54:52 07C8454D3A94BA478752FAFA2B94E0FE 132656 ----a-w- C:\Windows\System32\drivers\avipbb.sys
2015-06-16 02:54:52 07C8454D3A94BA478752FAFA2B94E0FE 132656 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avipbb.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2537286444-1251575466-2462476524-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"ToolwizCareFree"="E:\ToolwizCareFree\ToolwizCareFree\ToolwizCares.exe -autorun"
"WinPatrol"="E:\BillP Studios\winpatrol.exe -expressboot"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"Malwarebytes Anti-Exploit"="E:\Malwarebytes Anti-Exploit\Malwarebytes Anti-Exploit\mbae.exe"
"avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe /min"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe /min"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"ToolwizCareFree"="E:\ToolwizCareFree\ToolwizCareFree\ToolwizCares.exe -autorun"
"WinPatrol"="E:\BillP Studios\winpatrol.exe -expressboot"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartUpManagerPositivo"="C:\Program Files\Positivo Inform tica\Mundo Positivo Gerenciador de Inicializa‡Æo\ManagerWindows.exe"
"Classic Start Menu"="C:\Program Files\Classic Shell\ClassicStartMenu.exe -autorun"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Task Scheduler Jobs ======================

C:\Windows\tasks\ToolsUpdatePlatform_ScheduledTask.job --a-------- C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe [06/05/2015 04:35]
C:\Windows\tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job --a-------- C:\C:\Users\super385011\AppData\Roaming\2F3AA0F6-976C-4b02-A66A-5D1DEA00811F\InstallHelp.exe []
C:\Windows\tasks\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}.job --a-------- C:\Program Files (x86)\CalendarTool\1.3.1.9691\InstallHelper.exe [14/05/2015 05:07]
C:\Windows\tasks\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}{19F8DB95-4D78-4ddb-AC71-C610654FE37F}.job --a-------- C:\Program Files (x86)\CalendarTool\1.3.1.9691\InstallHelper.exe [14/05/2015 05:07]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\Synaptics TouchPad Enhancements" ["C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"]
"C:\Windows\SysNative\tasks\ToolsUpdatePlatform_ScheduledTask" [C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe]
"C:\Windows\SysNative\tasks\ToolwizCareFree" [E:\ToolwizCareFree\ToolwizCareFree\ToolwizCares.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{FAFC7D89-08F8-4952-9030-56FCEE923ABB}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}" [C:\Users\super385011\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\InstallHelp.exe]
"C:\Windows\SysNative\tasks\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}" [C:\Program Files (x86)\CalendarTool\1.3.1.9691\InstallHelper.exe]
"C:\Windows\SysNative\tasks\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}{19F8DB95-4D78-4ddb-AC71-C610654FE37F}" [C:\Program Files (x86)\CalendarTool\1.3.1.9691\InstallHelper.exe]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\SUPER3~1\AppData\Roaming\Mozilla\Firefox\Profiles\ts05rh7v.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\SUPER3~1\AppData\Roaming\Mozilla\Firefox\Profiles\ts05rh7v.default
- Undetermined - C:\Users\super385011\AppData\Roaming\Mozilla\Firefox\Profiles\ts05rh7v.default\extensions\searchffv2@gmail.com
- Undetermined - C:\Users\super385011\AppData\Roaming\Mozilla\Firefox\Profiles\ts05rh7v.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
- Undetermined - C:\Users\super385011\AppData\Roaming\Mozilla\Firefox\Profiles\ts05rh7v.default\extensions\sweetsearch@gmail.com

==== Firefox Plugins ======================


==== Chromium Look ======================

Google Chrome Version: 43.0.2357.124


Google Slides - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
selector is not a valid CSS selector - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Google Search - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Avira Browser Safety - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk
Chrome Hotword Shared Module - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Google Wallet - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
ScriptSafe - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf
Gmail - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\super385011\AppData\Local\Google\Chrome\User Data\Default\Preferences
BzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/gcm","https://www.googleapis.com/auth/googlenow"]},"optional_permissions":["background"],"permissions":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate","*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/chromenow/v1/*","https://*.googleapis.com/gcm/*","https://*.googleusercontent.com/*"],"version":"1.2.0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.124\\resources\\google_now","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"pjkljhegncpnkpknbcohdijeoejaedia":{"ack_external":true,"active_bit":false,"active_permissions":{"api":["notifications"],"manifest_permissions":[]},"app_launcher_ordinal":"x","commands":{},"content_settings":[],"creation_flags":137,"disable_reasons":1,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13078941358889037","last_active_pingday":"13078998017909482","last_launch_time":"13078941652348361","lastpingday":"13079343634229251","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"pt_BR","default_locale":"en","description":"E-mail rápido e pesquisável com menos spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":0,"was_installed_by_default":true,"was_installed_by_oem":false}}},"google":{"services":{"last_username":"super385011@gmail.com","username":"super385011@gmail.com"}},"homepage":"http://www.google.com/","homepage_changed":true,"homepage_is_newtabpage":true,"pinned_tabs":[],"prefs":{"preference_reset_time":"13079405774507096"},"protection":{"macs":{"browser":{"show_home_button":"477E638E19BD34D26B38B2D9880612DF867EE3351F57BAEF7748B4608C392612"},"default_search_provider":{"keyword":"26E8B9D79A396DC2C1EE361BA7373CC084F656FFD5F2A9647F1D48CD8970E9DF","name":"6591108C0768244B1EB6B28FE4F5F7FC9521024CCF026ABAFA8B38219632C2F3","search_url":"88268D91AD646330308C1855C478D9B0AA481DFA14780501BADF43058538D7A0"},"default_search_provider_data":{"template_url_data":"9E32584553292FE8DBC22A36206C38BA9F30796EF4F6DD0717B98C582EF99867"},"extensions":{"settings":{"aaaaafhgaihilbkellglkpeiegabpjem":"A0ECD148C3734FE8CA2111E289529FF08046475250E5EE40B0CAB063F9B232EF","aapocclcgogkmnckokdopfmhonfmgoek":"0DF240755AB549698C366B57CC8679A462629D3F1EEC7AA62262E08410C00E24","ahfgeienlihckogmohjhadlkjgocpleb":"208ED8236634C9E4A4C8512D87A4A07BB0A025FCABEB94873BAF1E9D454F46D6","aohghmighlieiainnegkcijnfilokake":"F6B0BE3FF141C5229F6BD24F75705E88A03D3D1DFB1DB761251B872A30262A38","apdfllckaahabafndbhieahigkjlhalf":"640DAE167E2180B2B5BA445F5E6BC07F2854EF2D13701AE22BFA4C33D3FA3CA8","bepbmhgboaologfdajaanbcjmnhjmhfn":"7F013D4F572B6499244BF3516D723E2499CD1BEEA25E0EBE805B4C6FF5B968E4","blpcfgokakmgnkcojhhkbfbldkacnbeo":"93C13094BF8BBB382F8FF975C47A23591667F0B48B3B788569597095BA619CAC","cfhdojbkjhnklbpkdaibdccddilifddb":"8F7A8CD07EACF66357BA1BCFD362F12302D3625C88B9D8D937FE9BD63E108518","coobgpohoikkiipiblmjeljniedjpjpf":"B0E643757E16842A3E275200CFB606C3ECC9F7B871F2848502CF0EA8643EBFAD","eemcgdkfndhakfknompkggombfjjjeno":"9772FFD1B01547061535110CB027DADF3A17DF358D15E821D012B3EF7DAB7D91","ennkphjdgehloodpbhlhldgbnhmacadg":"9F7DD6321C7C763A16C6D8930E7EE1D84CE6C55ECB6B0AFDC5BD1935401E87A8","felcaaldnbdncclmgdcncolpebgiejap":"4FA136BED9FE4494AE72B0342123D157478FA5D7E21536C1482A3316EA82626E","flliilndjeohchalpbbcdekjklbdgfkk":"0EF6B5A42D9A139F3C4A84F56F28D11837A8957C896F9231C5A9ED8B94106813","gfdkimpbcpahaombhbimeihdjnejgicl":"DEB084D8F1E3AD28DCEC1A1CB79B21F2F6490E7B6925F5B613B5A38C89E0D66B","kmendfapggjehodndflmmgagdbamhnfd":"174BD529F299880F17106100773A0F362841A7714601E018CA5609040E924B50","lccekmodgklaepjeofjdjpbminllajkg":"DB4A24622BCAED894AA4AA9F8CF8B5B224A2CF82E82E3FE91DFFBB9DE6889B72","liihjkncaijcmlgmpnadmnkfapffgijd":"C4D72EA8A4E8FAD71D2DA0A091B737FDB59D117259CBD53BF5317F3018EE6DF4","mfehgcgbbipciphmccgaenjidiccnmng":"21F659CEA9631E5645C040B3C1EE45DF8A04F4024BE536C9CCD0CD2B09A37C88","mfffpogegjflfpflabcdkioaeobkgjik":"646E02FCA37409BEE0DA0EE6E33981AC1C4E23E0661C3B0E986066BB6AB2C464","mgndgikekgjfcpckkfioiadnlibdjbkf":"5C4DAB4E70FBCF0FC1E57A32E264D409BB4D1994BA605D6EBD3C938535A2ECD5","mhjfbmdgcfjbbpaeojofohoefgiehjai":"A504D193397099AC71057CD43F2CD1A562BE1A0D0AEAC4E7BB12A4230B1F0BE9","nbpagnldghgfoolbancepceaanlmhfmd":"650739019D908FA509A8A66E93229F8EB5F898840C411F052F419AE2769668B9","neajdppkdcdipfabeoofebfddakdcjhd":"F492903869A323AEB882F5C8D3D8FA7190400B6D8BAF3F9F1ABC5D59DCF9F39A","nkeimhogjdpnpccoofpliimaahmaaome":"0625F220A623A1412762A6936E613DF3E258BDFB4581229B83A7BE48F5F74961","nmmhkkegccagdldgiimedpiccmgmieda":"013D1EDB4988DADDC219214D61780311493FEC91DD5746194E88C2EEB3D7E25C","oiigbmnaadbkfbmpbfijlflahbdbdgdf":"1BE2AE9D602B290BB210B8F3C70E4996F34B7AA8C91E79E7194A60F401DE0E22","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"A59B1DF1FC61E9DB728E0D2B289764CAEC09FEE9857C83FBC2FD5C161B64B375","pjkljhegncpnkpknbcohdijeoejaedia":"64DB7AF6D597C539F8723044CE2509062AEEE820B4C459960BAD922073051CCD"}},"google":{"services":{"last_username":"503237B1B5C71C1E3818B2885FB4DBCAE6444C12BD8D6B6D890879E42AAC6EFA","username":"7B6C06541AFE1B4D3F8F8A0C617AC701AC02F609DE3639BE71BCFDDF91986742"}},"homepage":"389AC91814B04F9BE4B2C47078544DA833C013D9C4DCE2EBBAA425AD01B06B87","homepage_is_newtabpage":"957673045DE8CE37498AF46E2D9E70C058B1FAC8C91E4CC7F6BE5D24BBF32F3D","pinned_tabs":"BF507910C4BA2A1857A4E5CB7819F66AD8E00D3F47263C934C044C24DCA4BF65","prefs":{"preference_reset_time":"7949AB2379AB1DAFC9733BD7DC0C84F4C1A733DED78209CDF5CECD55E69C5AE5"},"profile":{"reset_prompt_memento":"5159CD29F3904274DFA8910BFB1191F2A9F3281F864208710066FF6CF934A0A5"},"safebrowsing":{"incidents_sent":"4D3653BFE2FEF02949CEDB6EBC50ECCFCC075ABFD9106F8FE9F18F4D72E186C7"},"search_provider_overrides":"29C53488423B41CACE0B642F6D335E172627D7F4966028CCDE65578422EB6D41","session":{"restore_on_startup":"41CCC1FCC6761D92F8DAFF8D050C6F97C57F0D22178ABEB0E71F8BFDD1FC11A9","startup_urls":"30B4379EE4B0511A9F5B6549061686BABC72D43241F4FA3D95D1979F513C7344"},"software_reporter":{"prompt_reason":"61136B0A724D27B27DB9EB0C12F165B316A4C78567E5487AC5D2F2ACE7DB07C5","prompt_seed":"CACB2B1FA1B984EFE30C3880D5578CF791531926847DAC852DD0AC94F1875CEC","prompt_version":"828860BBCFDDA9423D8B3443804EB0929C78F01CE988402BF1E30FB0175769FC"},"sync":{"remaining_rollback_tries":"271E8B6961462D5545B21386DCC110B39C96CB3AF93D8F3DB7C86C819E75F55D"}},"super_mac":"5DF5451B5E12FEECB29CDAEF98324DF0260E79F305F891354E322C194FE5863B"},"safebrowsing":{"incidents_sent":{"1":{"extensions.settings":"2685983767"},"2":{"chrome.dll":"3774509266","chrome_child.dll":"3743713718"}}},"session":{"restore_on_startup":4,"startup_urls":["http://www.google.com/"],"urls_to_restore_on_startup":null},"sync":{"remaining_rollback_tries":0}}
BzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/gcm","https://www.googleapis.com/auth/googlenow"]},"optional_permissions":["background"],"permissions":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate","*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/chromenow/v1/*","https://*.googleapis.com/gcm/*","https://*.googleusercontent.com/*"],"version":"1.2.0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.124\\resources\\google_now","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"pjkljhegncpnkpknbcohdijeoejaedia":{"ack_external":true,"active_bit":false,"active_permissions":{"api":["notifications"],"manifest_permissions":[]},"app_launcher_ordinal":"x","commands":{},"content_settings":[],"creation_flags":137,"disable_reasons":1,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13078941358889037","last_active_pingday":"13078998017909482","last_launch_time":"13078941652348361","lastpingday":"13079343634229251","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"pt_BR","default_locale":"en","description":"E-mail rápido e pesquisável com menos spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":0,"was_installed_by_default":true,"was_installed_by_oem":false}}},"google":{"services":{"last_username":"super385011@gmail.com","username":"super385011@gmail.com"}},"homepage":"http://www.google.com/","homepage_changed":true,"homepage_is_newtabpage":true,"pinned_tabs":[],"prefs":{"preference_reset_time":"13079405774507096"},"protection":{"macs":{"browser":{"show_home_button":"477E638E19BD34D26B38B2D9880612DF867EE3351F57BAEF7748B4608C392612"},"default_search_provider":{"keyword":"26E8B9D79A396DC2C1EE361BA7373CC084F656FFD5F2A9647F1D48CD8970E9DF","name":"6591108C0768244B1EB6B28FE4F5F7FC9521024CCF026ABAFA8B38219632C2F3","search_url":"88268D91AD646330308C1855C478D9B0AA481DFA14780501BADF43058538D7A0"},"default_search_provider_data":{"template_url_data":"9E32584553292FE8DBC22A36206C38BA9F30796EF4F6DD0717B98C582EF99867"},"extensions":{"settings":{"aaaaafhgaihilbkellglkpeiegabpjem":"A0ECD148C3734FE8CA2111E289529FF08046475250E5EE40B0CAB063F9B232EF","aapocclcgogkmnckokdopfmhonfmgoek":"0DF240755AB549698C366B57CC8679A462629D3F1EEC7AA62262E08410C00E24","ahfgeienlihckogmohjhadlkjgocpleb":"208ED8236634C9E4A4C8512D87A4A07BB0A025FCABEB94873BAF1E9D454F46D6","aohghmighlieiainnegkcijnfilokake":"F6B0BE3FF141C5229F6BD24F75705E88A03D3D1DFB1DB761251B872A30262A38","apdfllckaahabafndbhieahigkjlhalf":"640DAE167E2180B2B5BA445F5E6BC07F2854EF2D13701AE22BFA4C33D3FA3CA8","bepbmhgboaologfdajaanbcjmnhjmhfn":"7F013D4F572B6499244BF3516D723E2499CD1BEEA25E0EBE805B4C6FF5B968E4","blpcfgokakmgnkcojhhkbfbldkacnbeo":"93C13094BF8BBB382F8FF975C47A23591667F0B48B3B788569597095BA619CAC","cfhdojbkjhnklbpkdaibdccddilifddb":"8F7A8CD07EACF66357BA1BCFD362F12302D3625C88B9D8D937FE9BD63E108518","coobgpohoikkiipiblmjeljniedjpjpf":"B0E643757E16842A3E275200CFB606C3ECC9F7B871F2848502CF0EA8643EBFAD","eemcgdkfndhakfknompkggombfjjjeno":"9772FFD1B01547061535110CB027DADF3A17DF358D15E821D012B3EF7DAB7D91","ennkphjdgehloodpbhlhldgbnhmacadg":"9F7DD6321C7C763A16C6D8930E7EE1D84CE6C55ECB6B0AFDC5BD1935401E87A8","felcaaldnbdncclmgdcncolpebgiejap":"4FA136BED9FE4494AE72B0342123D157478FA5D7E21536C1482A3316EA82626E","flliilndjeohchalpbbcdekjklbdgfkk":"0EF6B5A42D9A139F3C4A84F56F28D11837A8957C896F9231C5A9ED8B94106813","gfdkimpbcpahaombhbimeihdjnejgicl":"DEB084D8F1E3AD28DCEC1A1CB79B21F2F6490E7B6925F5B613B5A38C89E0D66B","kmendfapggjehodndflmmgagdbamhnfd":"174BD529F299880F17106100773A0F362841A7714601E018CA5609040E924B50","lccekmodgklaepjeofjdjpbminllajkg":"DB4A24622BCAED894AA4AA9F8CF8B5B224A2CF82E82E3FE91DFFBB9DE6889B72","liihjkncaijcmlgmpnadmnkfapffgijd":"C4D72EA8A4E8FAD71D2DA0A091B737FDB59D117259CBD53BF5317F3018EE6DF4","mfehgcgbbipciphmccgaenjidiccnmng":"21F659CEA9631E5645C040B3C1EE45DF8A04F4024BE536C9CCD0CD2B09A37C88","mfffpogegjflfpflabcdkioaeobkgjik":"646E02FCA37409BEE0DA0EE6E33981AC1C4E23E0661C3B0E986066BB6AB2C464","mgndgikekgjfcpckkfioiadnlibdjbkf":"5C4DAB4E70FBCF0FC1E57A32E264D409BB4D1994BA605D6EBD3C938535A2ECD5","mhjfbmdgcfjbbpaeojofohoefgiehjai":"A504D193397099AC71057CD43F2CD1A562BE1A0D0AEAC4E7BB12A4230B1F0BE9","nbpagnldghgfoolbancepceaanlmhfmd":"650739019D908FA509A8A66E93229F8EB5F898840C411F052F419AE2769668B9","neajdppkdcdipfabeoofebfddakdcjhd":"F492903869A323AEB882F5C8D3D8FA7190400B6D8BAF3F9F1ABC5D59DCF9F39A","nkeimhogjdpnpccoofpliimaahmaaome":"0625F220A623A1412762A6936E613DF3E258BDFB4581229B83A7BE48F5F74961","nmmhkkegccagdldgiimedpiccmgmieda":"013D1EDB4988DADDC219214D61780311493FEC91DD5746194E88C2EEB3D7E25C","oiigbmnaadbkfbmpbfijlflahbdbdgdf":"1BE2AE9D602B290BB210B8F3C70E4996F34B7AA8C91E79E7194A60F401DE0E22","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"A59B1DF1FC61E9DB728E0D2B289764CAEC09FEE9857C83FBC2FD5C161B64B375","pjkljhegncpnkpknbcohdijeoejaedia":"64DB7AF6D597C539F8723044CE2509062AEEE820B4C459960BAD922073051CCD"}},"google":{"services":{"last_username":"503237B1B5C71C1E3818B2885FB4DBCAE6444C12BD8D6B6D890879E42AAC6EFA","username":"7B6C06541AFE1B4D3F8F8A0C617AC701AC02F609DE3639BE71BCFDDF91986742"}},"homepage":"389AC91814B04F9BE4B2C47078544DA833C013D9C4DCE2EBBAA425AD01B06B87","homepage_is_newtabpage":"957673045DE8CE37498AF46E2D9E70C058B1FAC8C91E4CC7F6BE5D24BBF32F3D","pinned_tabs":"BF507910C4BA2A1857A4E5CB7819F66AD8E00D3F47263C934C044C24DCA4BF65","prefs":{"preference_reset_time":"7949AB2379AB1DAFC9733BD7DC0C84F4C1A733DED78209CDF5CECD55E69C5AE5"},"profile":{"reset_prompt_memento":"5159CD29F3904274DFA8910BFB1191F2A9F3281F864208710066FF6CF934A0A5"},"safebrowsing":{"incidents_sent":"4D3653BFE2FEF02949CEDB6EBC50ECCFCC075ABFD9106F8FE9F18F4D72E186C7"},"search_provider_overrides":"29C53488423B41CACE0B642F6D335E172627D7F4966028CCDE65578422EB6D41","session":{"restore_on_startup":"41CCC1FCC6761D92F8DAFF8D050C6F97C57F0D22178ABEB0E71F8BFDD1FC11A9","startup_urls":"30B4379EE4B0511A9F5B6549061686BABC72D43241F4FA3D95D1979F513C7344"},"software_reporter":{"prompt_reason":"61136B0A724D27B27DB9EB0C12F165B316A4C78567E5487AC5D2F2ACE7DB07C5","prompt_seed":"CACB2B1FA1B984EFE30C3880D5578CF791531926847DAC852DD0AC94F1875CEC","prompt_version":"828860BBCFDDA9423D8B3443804EB0929C78F01CE988402BF1E30FB0175769FC"},"sync":{"remaining_rollback_tries":"271E8B6961462D5545B21386DCC110B39C96CB3AF93D8F3DB7C86C819E75F55D"}},"super_mac":"5DF5451B5E12FEECB29CDAEF98324DF0260E79F305F891354E322C194FE5863B"},"safebrowsing":{"incidents_sent":{"1":{"extensions.settings":"2685983767"},"2":{"chrome.dll":"3774509266","chrome_child.dll":"3743713718"}}},"session":{"restore_on_startup":4,"startup_urls":["http://www.google.com/"],"urls_to_restore_on_startup":null},"sync":{"remaining_rollback_tries":0}}


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Old Start Page"="http://www.google.com/"
"Default_Page_URL"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
"Old Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{4130DFFB-CBCB-4C93-98A2-582133655D92} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{84481A87-2316-4923-8FAB-3BA8CA29323D} deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Avira System Speedup_is1 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\super385011\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\super385011\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\super385011\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\super385011\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\super385011\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\SUPER3~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 22/06/2015 at 18:31:37,30 ======================
walber luiz
walber luiz
Membro
Membro

Mensagens : 110
Reputação : 3
Data de inscrição : 29/05/2015

Ir para o topo Ir para baixo

Remover mystartsearch.com do navegador Empty Re: Remover mystartsearch.com do navegador

Mensagem por Power Max Seg 22 Jun 2015, 21:18

Você não fez da forma mostrada no tutorial que te passei. Faça, por gentileza, uma nova limpeza com o Zoek exatamente como indicado no tutorial dele que te passei e depois poste o novo relatório que ele irá criar.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Remover mystartsearch.com do navegador Empty Re: Remover mystartsearch.com do navegador

Mensagem por walber luiz Seg 22 Jun 2015, 22:46

segue

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by super385011 on 22/06/2015 at 21:25:41,96.
Microsoft Windows 8.1 Pro com Media Center 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\super385011\Desktop\PcBrasil\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2015-06-22-213137.log 62595 bytes

==== System Restore Info ======================

22/06/2015 21:28:22 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\Users\super385011\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\SUPER3~1\AppData\Roaming\Mozilla\Firefox\Profiles\ts05rh7v.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\SUPER3~1\AppData\Roaming\Mozilla\Firefox\Profiles\ts05rh7v.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\Users\super385011\ZHPCleaner.exe deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\SUPER3~1\AppData\Roaming\Mozilla\Firefox\Profiles\ts05rh7v.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\SUPER3~1\AppData\Roaming\Mozilla\Firefox\Profiles\ts05rh7v.default
- Undetermined - C:\Users\super385011\AppData\Roaming\Mozilla\Firefox\Profiles\ts05rh7v.default\extensions\searchffv2@gmail.com
- Undetermined - C:\Users\super385011\AppData\Roaming\Mozilla\Firefox\Profiles\ts05rh7v.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
- Undetermined - C:\Users\super385011\AppData\Roaming\Mozilla\Firefox\Profiles\ts05rh7v.default\extensions\sweetsearch@gmail.com

==== Firefox Plugins ======================


==== Chromium Look ======================

Google Chrome Version: 43.0.2357.124


Google Slides - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
selector is not a valid CSS selector - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Google Search - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Avira Browser Safety - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk
Chrome Hotword Shared Module - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Google Wallet - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
ScriptSafe - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf
Gmail - super385011\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\super385011\AppData\Local\Google\Chrome\User Data\Default\Preferences
Vc9gDOHSIkBLbkkr6Sp3LGXCCM4L0DJgxdFwaLr5WBzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/gcm","https://www.googleapis.com/auth/googlenow"]},"optional_permissions":["background"],"permissions":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate","*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/chromenow/v1/*","https://*.googleapis.com/gcm/*","https://*.googleusercontent.com/*"],"version":"1.2.0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.124\\resources\\google_now","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"pjkljhegncpnkpknbcohdijeoejaedia":{"ack_external":true,"active_bit":false,"active_permissions":{"api":["notifications"],"manifest_permissions":[]},"app_launcher_ordinal":"x","commands":{},"content_settings":[],"creation_flags":137,"disable_reasons":1,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13078941358889037","last_active_pingday":"13078998017909482","last_launch_time":"13078941652348361","lastpingday":"13079430019963672","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"pt_BR","default_locale":"en","description":"E-mail rápido e pesquisável com menos spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":0,"was_installed_by_default":true,"was_installed_by_oem":false}}},"google":{"services":{"last_username":"super385011@gmail.com","username":"super385011@gmail.com"}},"homepage":"http://www.google.com/","homepage_changed":true,"homepage_is_newtabpage":true,"pinned_tabs":[],"prefs":{"preference_reset_time":"13079405774507096"},"protection":{"macs":{"browser":{"show_home_button":"477E638E19BD34D26B38B2D9880612DF867EE3351F57BAEF7748B4608C392612"},"default_search_provider":{"keyword":"26E8B9D79A396DC2C1EE361BA7373CC084F656FFD5F2A9647F1D48CD8970E9DF","name":"6591108C0768244B1EB6B28FE4F5F7FC9521024CCF026ABAFA8B38219632C2F3","search_url":"88268D91AD646330308C1855C478D9B0AA481DFA14780501BADF43058538D7A0"},"default_search_provider_data":{"template_url_data":"9E32584553292FE8DBC22A36206C38BA9F30796EF4F6DD0717B98C582EF99867"},"extensions":{"settings":{"aaaaafhgaihilbkellglkpeiegabpjem":"A0ECD148C3734FE8CA2111E289529FF08046475250E5EE40B0CAB063F9B232EF","aapocclcgogkmnckokdopfmhonfmgoek":"0DF240755AB549698C366B57CC8679A462629D3F1EEC7AA62262E08410C00E24","ahfgeienlihckogmohjhadlkjgocpleb":"208ED8236634C9E4A4C8512D87A4A07BB0A025FCABEB94873BAF1E9D454F46D6","aohghmighlieiainnegkcijnfilokake":"F6B0BE3FF141C5229F6BD24F75705E88A03D3D1DFB1DB761251B872A30262A38","apdfllckaahabafndbhieahigkjlhalf":"640DAE167E2180B2B5BA445F5E6BC07F2854EF2D13701AE22BFA4C33D3FA3CA8","bepbmhgboaologfdajaanbcjmnhjmhfn":"7F013D4F572B6499244BF3516D723E2499CD1BEEA25E0EBE805B4C6FF5B968E4","blpcfgokakmgnkcojhhkbfbldkacnbeo":"B32674B67A2E84F672D591315452A79BB481E697E90C7CB655BA90A2554132D0","cfhdojbkjhnklbpkdaibdccddilifddb":"40391C5A9BF5CCA57ED190B6284522888034311DCBBD84376DD15C28D03D0C71","coobgpohoikkiipiblmjeljniedjpjpf":"5DA8E38B3FE2018C58718FC33826655FDACE555B843763002B024C873C7E9615","eemcgdkfndhakfknompkggombfjjjeno":"9772FFD1B01547061535110CB027DADF3A17DF358D15E821D012B3EF7DAB7D91","ennkphjdgehloodpbhlhldgbnhmacadg":"9F7DD6321C7C763A16C6D8930E7EE1D84CE6C55ECB6B0AFDC5BD1935401E87A8","felcaaldnbdncclmgdcncolpebgiejap":"4FA136BED9FE4494AE72B0342123D157478FA5D7E21536C1482A3316EA82626E","flliilndjeohchalpbbcdekjklbdgfkk":"0EF6B5A42D9A139F3C4A84F56F28D11837A8957C896F9231C5A9ED8B94106813","gfdkimpbcpahaombhbimeihdjnejgicl":"DEB084D8F1E3AD28DCEC1A1CB79B21F2F6490E7B6925F5B613B5A38C89E0D66B","kmendfapggjehodndflmmgagdbamhnfd":"174BD529F299880F17106100773A0F362841A7714601E018CA5609040E924B50","lccekmodgklaepjeofjdjpbminllajkg":"DB4A24622BCAED894AA4AA9F8CF8B5B224A2CF82E82E3FE91DFFBB9DE6889B72","liihjkncaijcmlgmpnadmnkfapffgijd":"C4D72EA8A4E8FAD71D2DA0A091B737FDB59D117259CBD53BF5317F3018EE6DF4","mfehgcgbbipciphmccgaenjidiccnmng":"21F659CEA9631E5645C040B3C1EE45DF8A04F4024BE536C9CCD0CD2B09A37C88","mfffpogegjflfpflabcdkioaeobkgjik":"646E02FCA37409BEE0DA0EE6E33981AC1C4E23E0661C3B0E986066BB6AB2C464","mgndgikekgjfcpckkfioiadnlibdjbkf":"5C4DAB4E70FBCF0FC1E57A32E264D409BB4D1994BA605D6EBD3C938535A2ECD5","mhjfbmdgcfjbbpaeojofohoefgiehjai":"A504D193397099AC71057CD43F2CD1A562BE1A0D0AEAC4E7BB12A4230B1F0BE9","nbpagnldghgfoolbancepceaanlmhfmd":"650739019D908FA509A8A66E93229F8EB5F898840C411F052F419AE2769668B9","neajdppkdcdipfabeoofebfddakdcjhd":"F492903869A323AEB882F5C8D3D8FA7190400B6D8BAF3F9F1ABC5D59DCF9F39A","nkeimhogjdpnpccoofpliimaahmaaome":"0625F220A623A1412762A6936E613DF3E258BDFB4581229B83A7BE48F5F74961","nmmhkkegccagdldgiimedpiccmgmieda":"013D1EDB4988DADDC219214D61780311493FEC91DD5746194E88C2EEB3D7E25C","oiigbmnaadbkfbmpbfijlflahbdbdgdf":"ED7F2F049F01858CD5766E91F4C2D1D6F252B3DD6A2C8510F44D3F3492C73F63","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"A59B1DF1FC61E9DB728E0D2B289764CAEC09FEE9857C83FBC2FD5C161B64B375","pjkljhegncpnkpknbcohdijeoejaedia":"5D4328531A508C684580250E237CA09CD16ACBC31230939488C8FB411B571B26"}},"google":{"services":{"last_username":"503237B1B5C71C1E3818B2885FB4DBCAE6444C12BD8D6B6D890879E42AAC6EFA","username":"7B6C06541AFE1B4D3F8F8A0C617AC701AC02F609DE3639BE71BCFDDF91986742"}},"homepage":"389AC91814B04F9BE4B2C47078544DA833C013D9C4DCE2EBBAA425AD01B06B87","homepage_is_newtabpage":"957673045DE8CE37498AF46E2D9E70C058B1FAC8C91E4CC7F6BE5D24BBF32F3D","pinned_tabs":"BF507910C4BA2A1857A4E5CB7819F66AD8E00D3F47263C934C044C24DCA4BF65","prefs":{"preference_reset_time":"7949AB2379AB1DAFC9733BD7DC0C84F4C1A733DED78209CDF5CECD55E69C5AE5"},"profile":{"reset_prompt_memento":"5159CD29F3904274DFA8910BFB1191F2A9F3281F864208710066FF6CF934A0A5"},"safebrowsing":{"incidents_sent":"C59A30E1B1CA7CA1FBDFF935524D5B5EA64F01665A62149EBDFD2B3C56C6BD14"},"search_provider_overrides":"29C53488423B41CACE0B642F6D335E172627D7F4966028CCDE65578422EB6D41","session":{"restore_on_startup":"41CCC1FCC6761D92F8DAFF8D050C6F97C57F0D22178ABEB0E71F8BFDD1FC11A9","startup_urls":"30B4379EE4B0511A9F5B6549061686BABC72D43241F4FA3D95D1979F513C7344"},"software_reporter":{"prompt_reason":"61136B0A724D27B27DB9EB0C12F165B316A4C78567E5487AC5D2F2ACE7DB07C5","prompt_seed":"CACB2B1FA1B984EFE30C3880D5578CF791531926847DAC852DD0AC94F1875CEC","prompt_version":"828860BBCFDDA9423D8B3443804EB0929C78F01CE988402BF1E30FB0175769FC"},"sync":{"remaining_rollback_tries":"271E8B6961462D5545B21386DCC110B39C96CB3AF93D8F3DB7C86C819E75F55D"}},"super_mac":"063CD1FDCA7D12AC688A85EE2E945B0C11EBF1E0052FDE85B1E99129D1796DFD"},"safebrowsing":{"incidents_sent":{"1":{"extensions.settings":"2685983767"},"2":{"chrome.dll":"3774509266","chrome_child.dll":"3743713718"},"6":{"script_request_incident":"42"}}},"session":{"restore_on_startup":4,"startup_urls":["http://www.google.com/"],"urls_to_restore_on_startup":null},"sync":{"remaining_rollback_tries":0}}
Vc9gDOHSIkBLbkkr6Sp3LGXCCM4L0DJgxdFwaLr5WBzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/gcm","https://www.googleapis.com/auth/googlenow"]},"optional_permissions":["background"],"permissions":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate","*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/chromenow/v1/*","https://*.googleapis.com/gcm/*","https://*.googleusercontent.com/*"],"version":"1.2.0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.124\\resources\\google_now","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"pjkljhegncpnkpknbcohdijeoejaedia":{"ack_external":true,"active_bit":false,"active_permissions":{"api":["notifications"],"manifest_permissions":[]},"app_launcher_ordinal":"x","commands":{},"content_settings":[],"creation_flags":137,"disable_reasons":1,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13078941358889037","last_active_pingday":"13078998017909482","last_launch_time":"13078941652348361","lastpingday":"13079430019963672","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"pt_BR","default_locale":"en","description":"E-mail rápido e pesquisável com menos spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":0,"was_installed_by_default":true,"was_installed_by_oem":false}}},"google":{"services":{"last_username":"super385011@gmail.com","username":"super385011@gmail.com"}},"homepage":"http://www.google.com/","homepage_changed":true,"homepage_is_newtabpage":true,"pinned_tabs":[],"prefs":{"preference_reset_time":"13079405774507096"},"protection":{"macs":{"browser":{"show_home_button":"477E638E19BD34D26B38B2D9880612DF867EE3351F57BAEF7748B4608C392612"},"default_search_provider":{"keyword":"26E8B9D79A396DC2C1EE361BA7373CC084F656FFD5F2A9647F1D48CD8970E9DF","name":"6591108C0768244B1EB6B28FE4F5F7FC9521024CCF026ABAFA8B38219632C2F3","search_url":"88268D91AD646330308C1855C478D9B0AA481DFA14780501BADF43058538D7A0"},"default_search_provider_data":{"template_url_data":"9E32584553292FE8DBC22A36206C38BA9F30796EF4F6DD0717B98C582EF99867"},"extensions":{"settings":{"aaaaafhgaihilbkellglkpeiegabpjem":"A0ECD148C3734FE8CA2111E289529FF08046475250E5EE40B0CAB063F9B232EF","aapocclcgogkmnckokdopfmhonfmgoek":"0DF240755AB549698C366B57CC8679A462629D3F1EEC7AA62262E08410C00E24","ahfgeienlihckogmohjhadlkjgocpleb":"208ED8236634C9E4A4C8512D87A4A07BB0A025FCABEB94873BAF1E9D454F46D6","aohghmighlieiainnegkcijnfilokake":"F6B0BE3FF141C5229F6BD24F75705E88A03D3D1DFB1DB761251B872A30262A38","apdfllckaahabafndbhieahigkjlhalf":"640DAE167E2180B2B5BA445F5E6BC07F2854EF2D13701AE22BFA4C33D3FA3CA8","bepbmhgboaologfdajaanbcjmnhjmhfn":"7F013D4F572B6499244BF3516D723E2499CD1BEEA25E0EBE805B4C6FF5B968E4","blpcfgokakmgnkcojhhkbfbldkacnbeo":"B32674B67A2E84F672D591315452A79BB481E697E90C7CB655BA90A2554132D0","cfhdojbkjhnklbpkdaibdccddilifddb":"40391C5A9BF5CCA57ED190B6284522888034311DCBBD84376DD15C28D03D0C71","coobgpohoikkiipiblmjeljniedjpjpf":"5DA8E38B3FE2018C58718FC33826655FDACE555B843763002B024C873C7E9615","eemcgdkfndhakfknompkggombfjjjeno":"9772FFD1B01547061535110CB027DADF3A17DF358D15E821D012B3EF7DAB7D91","ennkphjdgehloodpbhlhldgbnhmacadg":"9F7DD6321C7C763A16C6D8930E7EE1D84CE6C55ECB6B0AFDC5BD1935401E87A8","felcaaldnbdncclmgdcncolpebgiejap":"4FA136BED9FE4494AE72B0342123D157478FA5D7E21536C1482A3316EA82626E","flliilndjeohchalpbbcdekjklbdgfkk":"0EF6B5A42D9A139F3C4A84F56F28D11837A8957C896F9231C5A9ED8B94106813","gfdkimpbcpahaombhbimeihdjnejgicl":"DEB084D8F1E3AD28DCEC1A1CB79B21F2F6490E7B6925F5B613B5A38C89E0D66B","kmendfapggjehodndflmmgagdbamhnfd":"174BD529F299880F17106100773A0F362841A7714601E018CA5609040E924B50","lccekmodgklaepjeofjdjpbminllajkg":"DB4A24622BCAED894AA4AA9F8CF8B5B224A2CF82E82E3FE91DFFBB9DE6889B72","liihjkncaijcmlgmpnadmnkfapffgijd":"C4D72EA8A4E8FAD71D2DA0A091B737FDB59D117259CBD53BF5317F3018EE6DF4","mfehgcgbbipciphmccgaenjidiccnmng":"21F659CEA9631E5645C040B3C1EE45DF8A04F4024BE536C9CCD0CD2B09A37C88","mfffpogegjflfpflabcdkioaeobkgjik":"646E02FCA37409BEE0DA0EE6E33981AC1C4E23E0661C3B0E986066BB6AB2C464","mgndgikekgjfcpckkfioiadnlibdjbkf":"5C4DAB4E70FBCF0FC1E57A32E264D409BB4D1994BA605D6EBD3C938535A2ECD5","mhjfbmdgcfjbbpaeojofohoefgiehjai":"A504D193397099AC71057CD43F2CD1A562BE1A0D0AEAC4E7BB12A4230B1F0BE9","nbpagnldghgfoolbancepceaanlmhfmd":"650739019D908FA509A8A66E93229F8EB5F898840C411F052F419AE2769668B9","neajdppkdcdipfabeoofebfddakdcjhd":"F492903869A323AEB882F5C8D3D8FA7190400B6D8BAF3F9F1ABC5D59DCF9F39A","nkeimhogjdpnpccoofpliimaahmaaome":"0625F220A623A1412762A6936E613DF3E258BDFB4581229B83A7BE48F5F74961","nmmhkkegccagdldgiimedpiccmgmieda":"013D1EDB4988DADDC219214D61780311493FEC91DD5746194E88C2EEB3D7E25C","oiigbmnaadbkfbmpbfijlflahbdbdgdf":"ED7F2F049F01858CD5766E91F4C2D1D6F252B3DD6A2C8510F44D3F3492C73F63","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"A59B1DF1FC61E9DB728E0D2B289764CAEC09FEE9857C83FBC2FD5C161B64B375","pjkljhegncpnkpknbcohdijeoejaedia":"5D4328531A508C684580250E237CA09CD16ACBC31230939488C8FB411B571B26"}},"google":{"services":{"last_username":"503237B1B5C71C1E3818B2885FB4DBCAE6444C12BD8D6B6D890879E42AAC6EFA","username":"7B6C06541AFE1B4D3F8F8A0C617AC701AC02F609DE3639BE71BCFDDF91986742"}},"homepage":"389AC91814B04F9BE4B2C47078544DA833C013D9C4DCE2EBBAA425AD01B06B87","homepage_is_newtabpage":"957673045DE8CE37498AF46E2D9E70C058B1FAC8C91E4CC7F6BE5D24BBF32F3D","pinned_tabs":"BF507910C4BA2A1857A4E5CB7819F66AD8E00D3F47263C934C044C24DCA4BF65","prefs":{"preference_reset_time":"7949AB2379AB1DAFC9733BD7DC0C84F4C1A733DED78209CDF5CECD55E69C5AE5"},"profile":{"reset_prompt_memento":"5159CD29F3904274DFA8910BFB1191F2A9F3281F864208710066FF6CF934A0A5"},"safebrowsing":{"incidents_sent":"C59A30E1B1CA7CA1FBDFF935524D5B5EA64F01665A62149EBDFD2B3C56C6BD14"},"search_provider_overrides":"29C53488423B41CACE0B642F6D335E172627D7F4966028CCDE65578422EB6D41","session":{"restore_on_startup":"41CCC1FCC6761D92F8DAFF8D050C6F97C57F0D22178ABEB0E71F8BFDD1FC11A9","startup_urls":"30B4379EE4B0511A9F5B6549061686BABC72D43241F4FA3D95D1979F513C7344"},"software_reporter":{"prompt_reason":"61136B0A724D27B27DB9EB0C12F165B316A4C78567E5487AC5D2F2ACE7DB07C5","prompt_seed":"CACB2B1FA1B984EFE30C3880D5578CF791531926847DAC852DD0AC94F1875CEC","prompt_version":"828860BBCFDDA9423D8B3443804EB0929C78F01CE988402BF1E30FB0175769FC"},"sync":{"remaining_rollback_tries":"271E8B6961462D5545B21386DCC110B39C96CB3AF93D8F3DB7C86C819E75F55D"}},"super_mac":"063CD1FDCA7D12AC688A85EE2E945B0C11EBF1E0052FDE85B1E99129D1796DFD"},"safebrowsing":{"incidents_sent":{"1":{"extensions.settings":"2685983767"},"2":{"chrome.dll":"3774509266","chrome_child.dll":"3743713718"},"6":{"script_request_incident":"42"}}},"session":{"restore_on_startup":4,"startup_urls":["http://www.google.com/"],"urls_to_restore_on_startup":null},"sync":{"remaining_rollback_tries":0}}


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Old Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Old Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{4130DFFB-CBCB-4C93-98A2-582133655D92} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== Reset Google Chrome ======================

C:\Users\super385011\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\super385011\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\super385011\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\super385011\Desktop\Avira System Speedup.lnk - E:\AviraAviraSpeedup\AviraSpeedup\avira_system_speedup_internetsecuritysuite.exe
C:\Users\super385011\Desktop\Command Prompt.lnk - C:\Windows\system32\cmd.exe
C:\Users\super385011\Desktop\dfrgui.lnk - C:\Windows\system32\dfrgui.exe
C:\Users\super385011\Desktop\Disk Cleanup.lnk - C:\Windows\system32\cleanmgr.exe
C:\Users\super385011\Desktop\Excel 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\xlicons.exe
C:\Users\super385011\Desktop\Format Factory.lnk - E:\Format Factory\FormatFactory.exe
C:\Users\super385011\Desktop\gpedit.msc - Atalho.lnk - C:\Windows\SysWOW64\gpedit.msc
C:\Users\super385011\Desktop\Inicializador de aplicativos do Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\super385011\Desktop\Malwarebytes Anti-Exploit.lnk - E:\Malwarebytes Anti-Exploit\Malwarebytes Anti-Exploit\mbae.exe
C:\Users\super385011\Desktop\Media Center.lnk - C:\Windows\ehome\ehshell.exe
C:\Users\super385011\Desktop\Notepad.lnk - C:\Windows\system32\notepad.exe
C:\Users\super385011\Desktop\PowerPoint 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\pptico.exe
C:\Users\super385011\Desktop\SCANUTILITY - Atalho.lnk - C:\Program Files (x86)\Canon\IJ Scan Utility\SCANUTILITY.exe
C:\Users\super385011\Desktop\Suporte Intelbras WRN240Slim.lnk -
C:\Users\super385011\Desktop\Toolwiz Care.lnk - E:\ToolwizCareFree\ToolwizCareFree\ToolwizCares.exe
C:\Users\super385011\Desktop\Word 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\wordicon.exe
C:\Users\super385011\Desktop\ZHPCleaner.lnk - C:\Users\super385011\AppData\Roaming\ZHP\ZHPCleaner.exe
C:\Users\super385011\Desktop\µTorrent.lnk -

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Avira Antivirus.lnk - C:\Program Files (x86)\Avira\AntiVir Desktop\SecurityCenter.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\CorelDRAW X7 (64-Bit).lnk - C:\Windows\Installer\{2C0DDC74-5234-43DD-BB5A-0645B8FE5289}\NewShortcut1_68427AB8B2C044C58AA777A4C3F75634.exe
C:\Users\Public\Desktop\Fotor.lnk - C:\Fabricante\Positivo Store Apps Atalhos\CallMetroApp.exe EverimagingCo.Limited.Fotor
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\iRoot.lnk - E:\iRoot\Root.exe
C:\Users\Public\Desktop\LG PC Suite.lnk - E:\LG PC Suite\LGPCSuite.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Manual do Usuário.lnk -
C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\McUICnt.exe SecurityScanner.dll
C:\Users\Public\Desktop\Movie Moments.lnk - C:\Fabricante\Positivo Store Apps Atalhos\CallMetroApp.exe Microsoft.MovieMoments
C:\Users\Public\Desktop\Mundo Positivo.lnk - C:\Fabricante\Positivo Store Apps Atalhos\CallMetroApp.exe 908F1E4E.MundoPositivo
C:\Users\Public\Desktop\Positivo 3D Incrível.lnk -
C:\Users\Public\Desktop\Positivo Dicas.lnk - C:\Fabricante\Positivo Store Apps Atalhos\CallMetroApp.exe 908F1E4E.PositivoAjudante
C:\Users\Public\Desktop\Positivo DJ.lnk - C:\Fabricante\Positivo Store Apps Atalhos\CallMetroApp.exe 4C0D1DF4.PositivoMsicasDJ
C:\Users\Public\Desktop\Positivo Horóscopo.lnk -
C:\Users\Public\Desktop\Positivo Jogos.lnk - C:\Fabricante\Positivo Jogos Atalhos
C:\Users\Public\Desktop\Positivo Mulher.lnk - C:\Fabricante\Positivo Store Apps Atalhos\CallMetroApp.exe 908F1E4E.PositivoMulher
C:\Users\Public\Desktop\Positivo Mídia.lnk -
C:\Users\Public\Desktop\Positivo Verde e Amarelo.lnk - C:\Fabricante\Positivo Store Apps Atalhos\CallMetroApp.exe 908F1E4E.PositivoVerdeeAmarelo
C:\Users\Public\Desktop\Samsung Kies 3.lnk - E:\Kies3\Kies3.exe
C:\Users\Public\Desktop\SpywareBlaster.lnk - E:\SpywareBlaster\SpywareBlaster\spywareblaster.exe
C:\Users\Public\Desktop\UltraISO.lnk - C:\Program Files (x86)\UltraISO\UltraISO.exe
C:\Users\Public\Desktop\Unchecky.lnk - C:\Program Files (x86)\Unchecky\unchecky.exe
C:\Users\Public\Desktop\Windows Live Movie Maker.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe
C:\Users\Public\Desktop\xbmc.lnk - C:\Program Files (x86)\XBMC\XBMC.exe

==== shortcuts in Users Start Menu ======================

C:\Users\super385011\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk - C:\Program Files (x86)\Classic Shell\ClassicStartMenu.exe -togglenew
C:\Users\super385011\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -
C:\Users\super385011\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\super385011\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\FormatFactory.lnk - E:\Format Factory\FormatFactory.exe
C:\Users\super385011\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Help.lnk - E:\Format Factory\FormatFactory.exe /help
C:\Users\super385011\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Uninstall.lnk - E:\Format Factory\uninst.exe
C:\Users\super385011\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Inicializador de aplicativos do Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\super385011\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm
C:\Users\super385011\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual do Console RAR.lnk - C:\Program Files (x86)\WinRAR\Rar.txt
C:\Users\super385011\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\O que há de novo na última versão.lnk -
C:\Users\super385011\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1046-7B44-AB0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Antivirus\Ajuda do Avira Antivirus.lnk - C:\Program Files (x86)\Avira\AntiVir Desktop\208\avwin.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Antivirus\Avira na Internet.lnk - C:\Program Files (x86)\Avira\AntiVir Desktop\weblink.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Antivirus\Iniciar Avira Antivirus.lnk - C:\Program Files (x86)\Avira\AntiVir Desktop\SecurityCenter.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviraSpeedup\Avira System Speedup.lnk - E:\AviraAviraSpeedup\AviraSpeedup\avira_system_speedup_internetsecuritysuite.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\IJ Scan Utility\IJ Scan Utility.lnk - C:\Program Files (x86)\Canon\IJ Scan Utility\SCANUTILITY.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell\Classic Shell Help.lnk - C:\Program Files (x86)\Classic Shell\ClassicShell.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell\Classic Shell Readme.lnk - C:\Program Files (x86)\Classic Shell\ClassicShellReadme.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell\Classic Start Menu Settings.lnk - C:\Program Files (x86)\Classic Shell\ClassicStartMenu.exe -settings
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)\CorelDRAW X7 (64-Bit).lnk - c:\Windows\Installer\{2C0DDC74-5234-43DD-BB5A-0645B8FE5289}\NewShortcut1_68427AB8B2C044C58AA777A4C3F75634.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)\Duplexing Wizard (64-Bit).lnk - c:\Windows\Installer\{2C0DDC74-5234-43DD-BB5A-0645B8FE5289}\NewShortcut10_BB562587DB944A668ECBA27E6BFD871C.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)\Video Tutorials X7 (64-Bit).lnk - E:\CorelDRAW Graphics Suite X7\VideoBrowser64\VideoBrowser.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)\Documentation\Macro Programming Guide.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Essentials Codec Pack\Audio Decoder Configuration.lnk - C:\Windows\System32\rundll32.exe ffdshow.ax,configureAudio
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Essentials Codec Pack\Video Decoder Configuration.lnk - C:\Windows\System32\rundll32.exe ffdshow.ax,configure
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Essentials Codec Pack\Video for Windows Configuration.lnk - C:\Windows\System32\rundll32.exe ff_vfw.dll,configureVFW
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iRoot\iRoot.lnk - E:\iRoot\Root.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iRoot\Uninstall iRoot.lnk - E:\iRoot\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configurar Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Obter Ajuda.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Sobre o Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Verificar Atualizações.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visite Java.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite\LG PC Suite.lnk - E:\LG PC Suite\LGPCSuite.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite\uninstall.lnk - E:\LG PC Suite\uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGMobile Support Tool\LGMobile Support Tool.lnk - C:\ProgramData\LGMOBILEAX\LGMLauncher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGMobile Support Tool\Uninstall.lnk - C:\ProgramData\LGMOBILEAX\B2C_Client\B2CAppUninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit\Uninstall Malwarebytes Anti-Exploit.lnk - E:\Malwarebytes Anti-Exploit\Malwarebytes Anti-Exploit\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\Desinstalar.lnk - C:\Program Files\McAfee Security Scan\uninstall.exe C:\Program Files\McAfee Security Scan\3.8.150\McAfee.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\McUICnt.exe SecurityScanner.dll
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\xlicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneDrive for Business 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\grv_icons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\pptico.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Skype for Business 2015.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\wordicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Centro de Carregamento do Office 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\msouc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Database Compare 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\dbcicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Gerenciador de Gravação do Lync.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Log de Telemetria do Office 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\osmclienticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Painel de Telemetria do Office 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\osmadminicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Preferências de Idioma do Office 2013.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Spreadsheet Compare 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\sscicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\Silverlight.Configuration.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies3\Samsung Kies 3.lnk - E:\Kies3\Kies3.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies3\Uninstall Kies 3.lnk - C:\Program Files (x86)\InstallShield Installation Information\{88547073-C566-4895-9005-EBE98EA3F7C7}\setup.exe /removeonly
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster\SpywareBlaster Help.lnk - E:\SpywareBlaster\SpywareBlaster\sbhelp.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster\SpywareBlaster.lnk - E:\SpywareBlaster\SpywareBlaster\spywareblaster.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ToolwizCareFree\Toolwiz Care.lnk - E:\ToolwizCareFree\ToolwizCareFree\ToolwizCares.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ToolwizCareFree\Uninstall.lnk - E:\ToolwizCareFree\ToolwizCareFree\UninstallToolwizCare.exe /REMOVE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO\UltraISO Help.lnk - C:\Program Files (x86)\UltraISO\ultraiso.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO\UltraISO.lnk - C:\Program Files (x86)\UltraISO\UltraISO.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO\Uninstall UltraISO.lnk - C:\Program Files (x86)\UltraISO\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky\Unchecky.lnk - C:\Program Files (x86)\Unchecky\unchecky.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky\Uninstall.lnk - C:\Program Files (x86)\Unchecky\uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol\Uninstall WinPatrol.lnk - C:\ProgramData\InstallMate\{84481A87-2316-4923-8FAB-3BA8CA29323D}\Setup.exe /remove /q0
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol\WinPatrol Explorer.lnk - E:\BillP Studios\WinPatrolEx.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol\WinPatrol Help.lnk - E:\BillP Studios\features.html
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol\WinPatrol.lnk - E:\BillP Studios\WinPatrol.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual do Console RAR.lnk - C:\Program Files (x86)\WinRAR\Rar.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\O que há de novo na última versão.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\super385011\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\super385011\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\super385011\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies 3.lnk - E:\Kies3\Kies3.exe
C:\Users\super385011\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\super385011\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\super385011\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\super385011\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\super385011\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\super385011\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\super385011\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mundo Positivo.lnk - C:\Fabricante\Positivo Store Apps Atalhos\CallMetroApp.exe 908F1E4E.MundoPositivo
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\super385011\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\super385011\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\super385011\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\super385011\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\super385011\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2 folders=0 1847893 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\super385011\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\SUPER3~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 22/06/2015 at 22:36:41,34 ======================
walber luiz
walber luiz
Membro
Membro

Mensagens : 110
Reputação : 3
Data de inscrição : 29/05/2015

Ir para o topo Ir para baixo

Remover mystartsearch.com do navegador Empty Re: Remover mystartsearch.com do navegador

Mensagem por Power Max Seg 22 Jun 2015, 23:01

Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPCleaner para baixá-lo, tal como mostra a imagem abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Para executá-lo corretamente siga as dicas desta postagem:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Após a utilização dele, copie todo o conteúdo do seu relatório ZHPCleaner.txt e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Remover mystartsearch.com do navegador Empty Re: Remover mystartsearch.com do navegador

Mensagem por walber luiz Seg 22 Jun 2015, 23:18

segue

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

~ ZHPCleaner v2015.6.21.281 by Nicolas Coolman (2015\06\21)
~ Run by super385011 (Administrator) (22/06/2015 23:14:51)
~ Site : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Facebook : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ State version : Version OK
~ Type : Reparo
~ Report : C:\Users\super385011\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\super385011\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
~ Windows 8.1, 64-bit (Build 9600)


---\\ Serviços (0)
~ Nenhum ítem malicioso foi encontrado.


---\\ Navegadores de Internet (3)
SUPRIMIDO: [ts05rh7v.default] - user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); (PUP.SearchEngine)
SUPRIMIDO: [ts05rh7v.default] - user_pref("browser.search.searchengine.ptid", "amt"); (PUP.SearchEngine)
SUPRIMIDO: [ts05rh7v.default] - user_pref("browser.search.searchengine.uid", "WDCXWD5000LPVX-00V0TT0_WD-WX61AA4C1LDNC1LDN"); (PUP.SearchEngine)


---\\ Arquivo hosts (2)
SUBSTITUIDO:
Número de redirecionamentos encontrados 1/58


---\\ Tarefas automáticas agendadas. (0)
~ Nenhum ítem malicioso foi encontrado.


---\\ Explorer ( Arquivos, Pastas) (27)
MOVIDO pasta: C:\Users\super385011\Desktop\Avira System Speedup.lnk (PUP.SystemSpeedup)
MOVIDO pasta: C:\Users\super385011\Downloads\KMSpico.rar (PUA.KMSpico)
MOVIDO arquivo: C:\Windows\Installer\MSI12E1.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI1313.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI1883.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI1B1B.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI1BC0.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI1E61.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI2150.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI283.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI2ABC.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI3FA2.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI433B.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI68A3.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI7859.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI7F62.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI8108.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI8AFD.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI9232.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSI9F6.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSIA127.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSIA677.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSIAC62.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSIB2CF.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSIDD5A.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSIDDF.tmp- (Empty)
MOVIDO arquivo: C:\Windows\Installer\MSIDFFB.tmp- (Empty)


---\\ Registro ( Chaves, Valores, Dados ) (2)
SUPRIMIDO chave*: HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} [] (Adware.Graftor)
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} [] (Adware.Graftor)


---\\ Resultado de reparação
Reparação efectuada com sucesso
~ Este navegador está faltando ! (Opera Software)


---\\ Estatísticas
~ Items scan : 1470
~ Items encontrado : 1
~ items cancelados : 0
~ Items réparo : 32


End of clean at 23:15:25
===================
ZHPCleaner-[R]-22062015-23_15_25.txt
ZHPCleaner-[S]-22062015-19_04_33.txt
ZHPCleaner-[S]-22062015-23_14_05.txt
walber luiz
walber luiz
Membro
Membro

Mensagens : 110
Reputação : 3
Data de inscrição : 29/05/2015

Ir para o topo Ir para baixo

Remover mystartsearch.com do navegador Empty Re: Remover mystartsearch.com do navegador

Mensagem por Power Max Seg 22 Jun 2015, 23:34

Remover mystartsearch.com do navegador 772309 Faça o download do Malwarebytes em um destes links abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Obs: Depois de acessar um destes links acima, clique no botão DOWNLOAD, como mostra a imagem abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Para instalá-lo e executá-lo corretamente siga, por gentileza, as dicas desta postagem:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Na sua próxima resposta poste este log (relatório) do Malwarebytes.

Ficamos no aguardo

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Remover mystartsearch.com do navegador Empty Re: Remover mystartsearch.com do navegador

Mensagem por walber luiz Ter 23 Jun 2015, 17:28

segue

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Data da Verificação: 23/06/2015
Hora da Verificação: 03:37:41
Arquivo de Log: Malwarebytes.txt
Administrador: Sim

Versão: 2.01.6.1022
Base de Dados de Malware: v2015.06.23.02
Base de Dados de Rootkit: v2015.06.22.01
Licença: Premium
Proteção de Malware: Habilitado
Proteção de Site Malicioso: Habilitado
Auto-Proteção: Desabilitado

SO: Windows 8.1
Processador: x64
Sistema de Arquivos: NTFS
Usuário: super385011

Tipo da Verificação: Verificar Ameaça
Resultado: Terminado
Objetos Verificados: 391807
Tempo Decorrido: 21 min, 54 seg

Memória: Habilitado
Inicialização: Habilitado
Sistema de Arquivos: Habilitado
Arquivos Compactados: Habilitado
Rootkits: Desabilitado
Heurística: Habilitado
PUP: Habilitado
PUM: Habilitado

Processos: 0
(Nenhum item malicioso detectado)

Módulos: 0
(Nenhum item malicioso detectado)

Chaves de Registro: 0
(Nenhum item malicioso detectado)

Valores de Registro: 0
(Nenhum item malicioso detectado)

Dados de Registro: 0
(Nenhum item malicioso detectado)

Pastas: 0
(Nenhum item malicioso detectado)

Arquivos: 0
(Nenhum item malicioso detectado)

Setores Físicos: 0
(Nenhum item malicioso detectado)


(end)
walber luiz
walber luiz
Membro
Membro

Mensagens : 110
Reputação : 3
Data de inscrição : 29/05/2015

Ir para o topo Ir para baixo

Remover mystartsearch.com do navegador Empty Re: Remover mystartsearch.com do navegador

Mensagem por Power Max Qua 24 Jun 2015, 11:37

Você usou só a verificação de ameaças, que não é tão completa como a que é mostrada no tutorial que te passei. Siga as dicas abaixo para fazer a limpeza completa:

Como executar uma verificação personalizada com o Malwarebytes:

- Abra o Malwarebytes > Clique em Verificar > clique em Verificação Personalizada > Clique em Configurar Varredura:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Surgirá mais esta tela abaixo na qual você marcará todas as caixinhas do lado direito da tela para que todas as áreas de seu PC e mídias removíveis ligadas a ele possam ser escaneadas. E do lado esquerdo da tela deixe marcadas todas estas opções:

Verificar Objetos na Memória
Verificar Inicialização e Registro
Verificar Arquivos Compactados
Verificar Rootkits


Quanto ao restante, deixe da forma já pré-configurada pelo Malwarebytes.

Depois disto clique no botão Verificar Agora como mostra a imagem abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Aguarde enquanto o escaneamento é realizado. Ele demora de acordo com a quantidade de arquivos que você possua em seu computador:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Assim que a verificação terminar, aparecerá a frase Verificação Personalizada completada com sucesso. Caso seu PC esteja seguro e sem ameaças, uma mensagem parecida com esta abaixo aparecerá informando que "Ameaças Identificadas: 0" (Ou seja: Nenhum ítem malicioso foi detectado). Neste caso tudo está certo, seu computador está normal e você clicará no botão Terminar:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Caso seja detectada alguma ameaça em seu PC surgirá uma mensagem como esta abaixo próximo ao relógio do Windows com a frase Verificação Terminada - Malware Detectado na qual você clicará nela:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Neste momento aparecerá quais os malwares e itens potencialmente indesejáveis que foram detectados e os locais onde eles se encontram. Para remover a infecção, deixe todas as caixinhas marcadas em todos os itens que queira remover e clique no botão Remover Selecionadas, como mostra esta imagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Surgirá então uma outra tela parecida com esta abaixo informando que as ameaças foram enviadas à quarentena, na qual você clicará no botão Terminar:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Alguns malwares são rebeldes e podem necessitar de uma reinicialização do PC para que sejam removidos. Caso isto seja solicitado pelo Malwarebytes, aceite esta reinicialização pelo Malwarebytes.

Depois disto é só postar o novo Scan Log (log de verificação) que o Malwarebytes irá criar em sua próxima resposta:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Remover mystartsearch.com do navegador Empty Re: Remover mystartsearch.com do navegador

Mensagem por walber luiz Dom 28 Jun 2015, 18:45

boa noite
o malwarebytes só está gerando o Protection Log
walber luiz
walber luiz
Membro
Membro

Mensagens : 110
Reputação : 3
Data de inscrição : 29/05/2015

Ir para o topo Ir para baixo

Remover mystartsearch.com do navegador Empty Re: Remover mystartsearch.com do navegador

Mensagem por Power Max Dom 28 Jun 2015, 19:15

Você tem certeza que executou os passos exatamente como lhe indiquei? Se tiver seguido, você notou se algum vírus foi detectado e removido pelo Malwarebytes nesta verificação personalizada?
_____________________________________________________________

Remover mystartsearch.com do navegador 772309 Desative temporariamente seu antivirus para evitar conflitos.

Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo.

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.
_____________________________________________________________________________

Obs: Caso o relatório do ZHPDiag fique muito grande e não couber na sua resposta, acesse o site Cjoint:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Clique no botão Parcourir... > Selecione o arquivo do log (relatório) e clique no botão Abrir.

Clique no botão Créer le lien Cjoint

Copie o link que aparecerá ao lado da frase Le lien a été créé e poste este link em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Remover mystartsearch.com do navegador Empty Re: Remover mystartsearch.com do navegador

Mensagem por walber luiz Dom 28 Jun 2015, 21:54

o procedimento foi feito igual ao tutorial, os vírus encontrados são do tipo PUP's

segue

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
walber luiz
walber luiz
Membro
Membro

Mensagens : 110
Reputação : 3
Data de inscrição : 29/05/2015

Ir para o topo Ir para baixo

Remover mystartsearch.com do navegador Empty Re: Remover mystartsearch.com do navegador

Mensagem por Power Max Seg 29 Jun 2015, 10:56

walber luiz escreveu:o procedimento foi feito igual ao tutorial, os vírus encontrados são do tipo PUP's
E você removeu estes vírus que o Malwarebytes encontrou? Confira na quarentena do Malwarebytes se eles estão lá, se eles estiverem na quarentena, está certo.
___________________________________________________________________________

Remover mystartsearch.com do navegador 772309 Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho abaixo e cole-o no espaço em branco do Zoek:

C:\ProgramData\cmcm;vs
C:\Users\super385011\AppData\Local\Setup546828;vs
emptyfolderscheck;delete


*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]
____________________________________________________________________________________

Remover mystartsearch.com do navegador 772309 Selecione e copie todo o texto destacado em vermelho abaixo (começando em script zhpfix e indo até emptyclsid)

script zhpfix
SysRestore
[MD5.1D520DD9F756BF14B1252BD029758849] - (.Baidu, Inc. - CheckUpdate.) -- C:\Users\super385011\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\CheckUpdate.exe [263448] [PID.3756]
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKUS\S-1-5-21-2537286444-1251575466-2462476524-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
[MD5.0965CF41E461D0C872D09AEB4443F1A4] [APT] [{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}] (...) -- C:\Users\super385011\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\InstallHelp.exe [1324008]
O39 - APT: {2A6A6C0A-6DF1-4478-807F-2FF9BF46B935} - (...) -- C:\Windows\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job [690]
O39 - APT: {2A6A6C0A-6DF1-4478-807F-2FF9BF46B935} - (...) -- C:\Windows\System32\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935} [690]
[HKCU\Software\Baidu Security]
[HKCU\Software\Baidu]
[HKCU\Software\FVCR74MwTggnXvlY]
[HKLM\Software\Wow6432Node\23538_2015/05/31]
[HKLM\Software\Wow6432Node\CloudOPTInfo]
[HKLM\Software\Wow6432Node\CloudOpt]
[HKLM\Software\Wow6432Node\NtIObits]
O43 - CFD: 22/06/2015 - 19:25:13 - [] ----D C:\ProgramData\Baidu
O43 - CFD: 24/06/2015 - 16:32:50 - [] ----D C:\ProgramData\ToolsUpdatePlatform
O43 - CFD: 20/06/2015 - 22:03:37 - [] ----D C:\Users\super385011\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}
O58 - SDL:05/01/2015 - 16:41:52 ---A- . (.Kingsoft Corporation - Kingsoft KSAPI Module.) -- C:\Windows\System32\Drivers\ksapi64.sys [56680]
O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {4130DFFB-CBCB-4C93-98A2-582133655D92} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[HKLM\Software\Wow6432Node\23538_2015/05/31]:last="13077479879959"
ShortcutFix
EmptyTemp
EmptyFlash
emptyclsid

_____________________________________________________________________________________________________________

Remover mystartsearch.com do navegador 772309 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta juntamente com o log do Zoek que estará em C:\zoek-results.txt

Nota: Esse script foi elaborado somente para este computador, de acordo com os arquivos e chaves presentes.

Aos visitantes: Se estiverem com um problema semelhante, não utilizem esse script, pois o uso sem supervisão pode causar danos ao sistema.


_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Remover mystartsearch.com do navegador Empty Re: Remover mystartsearch.com do navegador

Mensagem por walber luiz Seg 29 Jun 2015, 17:30

Os eu fisso a exclusão de todos

arquivo relatório ZHPfix

Rapport de ZHPFix 2015.4.9.5 par Nicolas Coolman, Update du 18/03/2015
Fichier d'export Registre :
Run by super385011 at 29/06/2015 17:18:58
High Elevated Privileges : OK
Windows 8 Business Edition, 64-bit Service Pack 1 (9600)

Reciclagem vazia (00mn 08s)
Reparação de atalhos do navegador

========== Processo memória ==========
ELIMINÉ: Memory Process: C:\Users\super385011\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\CheckUpdate.exe

========== Chaves do Registo ==========
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKCU\Software\Baidu
ELIMINÉ: HKCU\Software\FVCR74MwTggnXvlY
ELIMINÉ: HKLM\Software\Wow6432Node\23538_2015/05/31
ELIMINÉ: HKLM\Software\Wow6432Node\CloudOPTInfo
ELIMINÉ: HKLM\Software\Wow6432Node\CloudOpt
ELIMINÉ: HKLM\Software\Wow6432Node\NtIObits
ELIMINÉ: SearchScopes :{012E1000-F331-11DB-8314-0800200C9A66}
ELIMINÉ: SearchScopes :{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
ELIMINÉ: SearchScopes :{4130DFFB-CBCB-4C93-98A2-582133655D92}

========== Valores do Registo ==========
ELIMINÉ RunValue: SynTPEnh
ELIMINÉ RunValue: CCleaner Monitoring

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\program files\ccleaner\ccleaner64.exe
ELIMINA REINICIAR: c:\windows\system32\drivers\ksapi64.sys
ELIMINÉ Temporários windows (Cool (22.097.751 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: {2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
1 : Processo memória
10 : Chaves do Registo
2 : Valores do Registo
1 : Pastas
4 : Ficheiros
1 : Tarefa planificada
1 : Restauração Sistema


End of clean in 00mn 40s

========== Caminho do ficheiro do relatório ==========
C:\Users\super385011\AppData\Roaming\ZHP\ZHPFix[R1].txt - 15/06/2015 08:02:27 [3731]
C:\Users\super385011\AppData\Roaming\ZHP\ZHPFix[R2].txt - 15/06/2015 16:51:33 [1461]
C:\Users\super385011\AppData\Roaming\ZHP\ZHPFix[R3].txt - 29/06/2015 17:19:07 [2063]

relatório Zoek

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
walber luiz
walber luiz
Membro
Membro

Mensagens : 110
Reputação : 3
Data de inscrição : 29/05/2015

Ir para o topo Ir para baixo

Remover mystartsearch.com do navegador Empty Re: Remover mystartsearch.com do navegador

Mensagem por Power Max Ter 30 Jun 2015, 11:58

Abra novamente o ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "COMPLETA" e aguarde a conclusão:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
_______________________________________________

Obs: Caso o relatório do ZHPDiag fique muito grande e não couber na sua resposta, acesse o site Cjoint:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Clique no botão Parcourir... > Selecione o arquivo do log (relatório) e clique no botão Abrir.

Clique no botão Créer le lien Cjoint

Copie o link que aparecerá ao lado da frase Le lien a été créé e poste este link em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Remover mystartsearch.com do navegador Empty Re: Remover mystartsearch.com do navegador

Mensagem por walber luiz Ter 30 Jun 2015, 17:08

segue

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
walber luiz
walber luiz
Membro
Membro

Mensagens : 110
Reputação : 3
Data de inscrição : 29/05/2015

Ir para o topo Ir para baixo

Remover mystartsearch.com do navegador Empty Re: Remover mystartsearch.com do navegador

Mensagem por Power Max Qua 01 Jul 2015, 09:11

Remover mystartsearch.com do navegador 772309 Sugiro que desinstale o McAfee Security Scan Plus, que é desnecessário.
______________________________________________________________________

Remover mystartsearch.com do navegador 772309 Como está seu computador depois destes procedimentos? Os problemas foram resolvidos?

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Remover mystartsearch.com do navegador Empty Re: Remover mystartsearch.com do navegador

Mensagem por walber luiz Qua 01 Jul 2015, 16:56

sim
só google que está demorando a abrir
walber luiz
walber luiz
Membro
Membro

Mensagens : 110
Reputação : 3
Data de inscrição : 29/05/2015

Ir para o topo Ir para baixo

Remover mystartsearch.com do navegador Empty Re: Remover mystartsearch.com do navegador

Mensagem por Power Max Qua 01 Jul 2015, 17:32

Remover mystartsearch.com do navegador 772309 Acesse: < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... de glax24 )

Ao acessar o link acima, haverá um botão como este da imagem abaixo no qual você clicará para baixar o programa:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Salve-o no Desktop (Área de trabalho).

Utilize-o seguindo as dicas desta postagem:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Em sua próxima resposta poste, por gentileza, o log (relatório) criado pelo SecurityCheck para que possamos analisá-lo.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Remover mystartsearch.com do navegador Empty Re: Remover mystartsearch.com do navegador

Mensagem por walber luiz Qua 01 Jul 2015, 17:47

segue

SecurityCheck by glax24 v.1.4.0.22 [18.06.15]
WebSite: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DateLog: 01.07.2015 17:47:03
Path starting: C:\Users\super385011\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: super385011
VersionXML: 1.49is
___________________________________________________________________________

Windows 8.1(6.3.9600) (x64) ProfessionalWMC Lang: Portuguese(0416)
Installation date OS: 02.05.2015 02:47:21
LicenseStatus: Windows(R), ProfessionalWMC edition Volume activation will expire : 28783 minutes
LicenseStatus: Office 15, OfficeProPlusR_Grace edition Windows is in Notification mode
LicenseStatus: Office 15, OfficeProPlusVL_KMS_Client edition Volume activation will expire : 230738 minutes
Boot Mode: Normal
Default Browser: Internet Explorer (iexplore.exe)
SystemDrive: C: FS: [NTFS] Capacity: [226.2 Gb] Used: [81 Gb] Free: [145.2 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.9600.17842
UAC DISABLED (-1)
^It is recommended to enable: Win+R typing UserAccountControlSettings and Enter^
Запрос на повышение прав для администраторов disabled (-1)
Запрос на повышение прав для обычных пользователей disabled (-1)
Automatic download and scheduled installation
Date install updates: 2015-06-28 21:35:26
Windows Update (wuauserv) - The service is running
Central de Segurança (wscsvc) - The service is running
---------------------------- [ Antivirus_WMI ] ----------------------------
Avira Antivirus (включен и обновлен)
Windows Defender (выключен и обновлен)
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Avira Antivirus (включен и обновлен)
Windows Defender (выключен и обновлен)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Avira Antivirus v.15.0.11.574
--------------------------- [ OtherUtilities ] ----------------------------
Microsoft Silverlight v.5.1.40416.0
Malwarebytes Anti-Malware versão 2.1.8.1057 v.2.1.8.1057
SpywareBlaster 5.0 v.5.0.0
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 45 v.8.0.450
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Reader XI (11.0.11) - Português v.11.0.11
------------------------------- [ Browser ] -------------------------------
Google Chrome v.43.0.2357.130
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.43.0.2357.130
----------------------------- [ End of Log ] ------------------------------
walber luiz
walber luiz
Membro
Membro

Mensagens : 110
Reputação : 3
Data de inscrição : 29/05/2015

Ir para o topo Ir para baixo

Remover mystartsearch.com do navegador Empty Re: Remover mystartsearch.com do navegador

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Ir para o topo Ir para baixo

Página 1 de 2 1, 2  Seguinte

Ir para o topo


 
Permissões neste sub-fórum
Não podes responder a tópicos