Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking digg  Social bookmarking delicious  Social bookmarking reddit  Social bookmarking stumbleupon  Social bookmarking slashdot  Social bookmarking yahoo  Social bookmarking google  Social bookmarking blogmarks  Social bookmarking live      

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14523 usuários registrados
O último usuário registrado atende pelo nome de Fabio Oliveira

Os nossos membros postaram um total de 35499 mensagens em 3606 assuntos
Últimos assuntos
» Computador lento
por lucasbitt Sex 31 Jan 2020, 11:20

Quem está conectado
2 usuários online :: Nenhum usuário registrado, Nenhum Invisível e 2 Visitantes :: 1 Motor de busca

Nenhum

O recorde de usuários online foi de 163 em Seg 02 Set 2019, 16:28
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Fevereiro 2020
SegTerQuaQuiSexSabDom
     12
3456789
10111213141516
17181920212223
242526272829 

Calendário Calendário


Remoção de sites e programas intrusos.

Ir em baixo

sites - Remoção de sites e programas intrusos. Empty Remoção de sites e programas intrusos.

Mensagem por tiaolima em Ter 13 Maio 2014, 20:37

Sempre que estou "navegando" páginas de sites e programas indesejados começam a me importunar. Confesso que tenho vonttade de desligar o computador, e as vezes cabo por fazer isso. Me ajudem a resolver essa coisa chata.sites - Remoção de sites e programas intrusos. 849755 
tiaolima
tiaolima
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 13/05/2014

Voltar ao Topo Ir em baixo

sites - Remoção de sites e programas intrusos. Empty Re: Remoção de sites e programas intrusos.

Mensagem por Power Max em Ter 13 Maio 2014, 20:38

sites - Remoção de sites e programas intrusos. 648673379  Olá Tião Lima.

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Você precisa estar registrado e conectado para ver este link.]

sites - Remoção de sites e programas intrusos. 772309 Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

Remova adwares e toolbars maliciosas com o Adwcleaner

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

sites - Remoção de sites e programas intrusos. Empty Relatório do AdwCleaner

Mensagem por tiaolima em Ter 13 Maio 2014, 21:00

# AdwCleaner v3.208 - Relatório criado 13/05/2014 às 21:30:01
# Atualizado 11/05/2014 por Xplode
# Sistema Operacional : Windows 8.1 Single Language (64 bits)
# Usuário : Tião Lima - TIAOLIMA
# Executando de : C:\Users\Tião Lima\Downloads\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

Serviço Deletada : hlnfd
Serviço Deletada : hlsvc
Serviço Deletada : IePluginService
Serviço Deletada : MgAssistService
[#] Serviço Deletada : pricemeterliveUpdate
[#] Serviço Deletada : pricemeterliveUpdatem
Serviço Deletada : xmkysecqun64

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\CostMin
Pasta Deletada : C:\ProgramData\IePluginService
[!] Pasta Deletada : C:\ProgramData\PriceMeterLiveUpdate
Pasta Deletada : C:\ProgramData\WPM
Pasta Deletada : C:\Program Files (x86)\CostMin
Pasta Deletada : C:\Program Files (x86)\Highlightly
Pasta Deletada : C:\Program Files (x86)\IminentToolbar
Pasta Deletada : C:\Program Files (x86)\Mobogenie
Pasta Deletada : C:\Program Files (x86)\orbitdownloader
Pasta Deletada : C:\Program Files (x86)\predm
[!] Pasta Deletada : C:\Program Files (x86)\PriceMeterLiveUpdate
Pasta Deletada : C:\Program Files (x86)\RegClean Pro
Pasta Deletada : C:\Program Files (x86)\SupTab
Pasta Deletada : C:\Program Files\003
Pasta Deletada : C:\Program Files\Highlightly
Pasta Deletada : C:\Users\Administrador\AppData\Local\torch
Pasta Deletada : C:\Users\TIOLIM~1\AppData\Local\Temp\BrowseMark
Pasta Deletada : C:\Users\TIOLIM~1\AppData\Local\Temp\Iminent
Pasta Deletada : C:\Users\TIOLIM~1\AppData\Local\Temp\WiseEnhance
Pasta Deletada : C:\Users\Convidado\AppData\Local\torch
Pasta Deletada : C:\Users\Jordana\AppData\Local\torch
Pasta Deletada : C:\Users\Júlia Lima\AppData\Local\Pokki
Pasta Deletada : C:\Users\Júlia Lima\AppData\Local\torch
Pasta Deletada : C:\Users\Public\Pokki
Pasta Deletada : C:\Users\Public\Documents\baidu
Pasta Deletada : C:\Users\Tião Lima\AppData\Local\Genesis
Pasta Deletada : C:\Users\Tião Lima\AppData\Local\lollipop
Pasta Deletada : C:\Users\Tião Lima\AppData\Local\Mobogenie
Pasta Deletada : C:\Users\Tião Lima\AppData\Local\PriceMeterLiveUpdate
Pasta Deletada : C:\Users\Tião Lima\AppData\Local\torch
Pasta Deletada : C:\Users\Tião Lima\AppData\Roaming\0D0S1L2Z1P1B
Pasta Deletada : C:\Users\Tião Lima\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
Pasta Deletada : C:\Users\Tião Lima\AppData\Roaming\pdfforge
Pasta Deletada : C:\Users\Tião Lima\AppData\Roaming\PriceMeterUpdater
Pasta Deletada : C:\Users\Tião Lima\AppData\Roaming\SupTab
Pasta Deletada : C:\Users\Tião Lima\AppData\Roaming\sweet-page
Pasta Deletada : C:\Users\Tião Lima\AppData\Roaming\Systweak
Arquivo Deletada : C:\Users\Tião Lima\daemonprocess.txt

***** [ Atalhos ] *****


***** [ Registro ] *****

Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\Software\Wpm

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17037


-\\ Google Chrome v34.0.1847.131

[ Arquivo : C:\Users\Jordana\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]

[ Arquivo : C:\Users\Júlia Lima\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]

[ Arquivo : C:\Users\Tião Lima\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Homepage] : [Você precisa estar registrado e conectado para ver este link.]

*************************

AdwCleaner[R0].txt - [17241 octets] - [13/05/2014 20:52:47]
AdwCleaner[R1].txt - [4456 octets] - [13/05/2014 21:17:41]
AdwCleaner[R2].txt - [4516 octets] - [13/05/2014 21:26:40]
AdwCleaner[S0].txt - [15737 octets] - [13/05/2014 21:06:32]
AdwCleaner[S1].txt - [4537 octets] - [13/05/2014 21:30:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [4597 octets] ##########


Última edição por tiaolima em Ter 13 Maio 2014, 21:46, editado 1 vez(es) (Razão : Inclui (postei) a resposta errada.)
tiaolima
tiaolima
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 13/05/2014

Voltar ao Topo Ir em baixo

sites - Remoção de sites e programas intrusos. Empty Re: Remoção de sites e programas intrusos.

Mensagem por Power Max em Ter 13 Maio 2014, 21:03

Clique no botão Limpar para que os problemas sejam removidos. Depois disto poste o novo relatório que estará em C:\AdwCleaner\AdwCleaner[S0].txt

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

sites - Remoção de sites e programas intrusos. Empty Persistencia

Mensagem por tiaolima em Ter 13 Maio 2014, 22:09

Tive grande parte dos problemas resolvidos, e, de agora em diante já sei com fazer, graças a voçê é claro. Mas há algumas coisas que persistem, tais como: ver em anexos
tiaolima
tiaolima
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 13/05/2014

Voltar ao Topo Ir em baixo

sites - Remoção de sites e programas intrusos. Empty Re: Remoção de sites e programas intrusos.

Mensagem por Power Max em Ter 13 Maio 2014, 22:27

Poste o relatório que está em C:\AdwCleaner\AdwCleaner[S0].txt para que possamos analisar.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

sites - Remoção de sites e programas intrusos. Empty Relatório

Mensagem por tiaolima em Ter 13 Maio 2014, 23:13

# AdwCleaner v3.208 - Relatório criado 13/05/2014 às 21:55:56
# Atualizado 11/05/2014 por Xplode
# Sistema Operacional : Windows 8.1 Single Language (64 bits)
# Usuário : Tião Lima - TIAOLIMA
# Executando de : C:\Users\Tião Lima\Downloads\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****


***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17037


-\\ Google Chrome v34.0.1847.137

[ Arquivo : C:\Users\Jordana\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Arquivo : C:\Users\Júlia Lima\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Arquivo : C:\Users\Tião Lima\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Homepage] : [Você precisa estar registrado e conectado para ver este link.]

*************************

AdwCleaner[R0].txt - [17241 octets] - [13/05/2014 20:52:47]
AdwCleaner[R1].txt - [4456 octets] - [13/05/2014 21:17:41]
AdwCleaner[R2].txt - [4516 octets] - [13/05/2014 21:26:40]
AdwCleaner[R3].txt - [1487 octets] - [13/05/2014 21:54:38]
AdwCleaner[S0].txt - [4677 octets] - [13/05/2014 21:06:32]
AdwCleaner[S2].txt - [1401 octets] - [13/05/2014 21:55:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1461 octets] ##########
tiaolima
tiaolima
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 13/05/2014

Voltar ao Topo Ir em baixo

sites - Remoção de sites e programas intrusos. Empty Re: Remoção de sites e programas intrusos.

Mensagem por Power Max em Ter 13 Maio 2014, 23:16

Desative temporariamente seu antivírus para evitar conflitos.

 Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Você precisa estar registrado e conectado para ver este link.]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Qua 14 Maio 2014, 17:30, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

sites - Remoção de sites e programas intrusos. Empty Log do Zoek

Mensagem por tiaolima em Qua 14 Maio 2014, 17:25

Quando reiniciei a máquina, após o "scan", abriu a mensagem do "QtCorel 4".

Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by TiÆo Lima on 14/05/2014 at 17:03:37,15.
Microsoft Windows 8.1 Single Language 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\TIOLIM~1\Downloads\zoek (1).exe [Scan all users] [Script inserted]

==== System Restore Info ======================

14/05/2014 17:05:22 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

127.0.0.1       localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3197968177-1490830103-2037007426-1001\Software\Microsoft\Internet Explorer\SearchScopes\{86c83f9e-48a4-4cd2-a763-64fea5df35f7} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\TIOLIM~1\.android deleted
C:\PROGRA~3\FileSplitUpLoad.dll deleted
C:\PROGRA~3\boost_interprocess deleted
C:\PROGRA~3\Allmyapps deleted
C:\Users\Default\AppData\Local\Pokki deleted
C:\Users\TIOLIM~1\AppData\Local\cache deleted
C:\Users\TIOLIM~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\1stBrowser\Links\EBay.lnk deleted
"C:\PROGRA~3\5333c877cd6c39b4\{2F5F003B-C71B-72E3-42B4-DE51AB079EB2}" deleted
"C:\PROGRA~3\5333c877cd6c39b4\{2F5F003B-C71B-72E3-42B4-DE51AB079EB2}.old" deleted
"C:\PROGRA~3\5333c877cd6c39b4" deleted

==== Chrome Look ======================

CostMin - Administrador\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc
CostMin - Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc
CostMin - Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc
CostMin - Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc
CostMin - Convidado\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc
CostMin - Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc
CostMin - Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc
CostMin - Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc
CostMin - Jordana\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc
CostMin - Jordana\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc
Google Docs - Jordana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Jordana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Jordana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Jordana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
SiteAdvisor - Jordana\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho
Google Wallet - Jordana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
CostMin - Jordana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc
Gmail - Jordana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
CostMin - Jordana\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc
CostMin - JLIALI~1\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc
CostMin - JLIALI~1\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc
Google Docs - JLIALI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - JLIALI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - JLIALI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - JLIALI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
CostMin - JLIALI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc
Gmail - JLIALI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
CostMin - JLIALI~1\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc
CostMin - TIOLIM~1\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc
CostMin - TIOLIM~1\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc
Google Docs - TIOLIM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - TIOLIM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - TIOLIM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - TIOLIM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - TIOLIM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
CostMin - TIOLIM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc
Gmail - TIOLIM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
CostMin - TIOLIM~1\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc

==== Chrome Fix ======================

C:\Users\Jordana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_start.iminent.com_0.localstorage deleted successfully
C:\Users\Jordana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_start.iminent.com_0.localstorage-journal deleted successfully
C:\Users\Administrador\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc deleted successfully
C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc deleted successfully
C:\Users\Convidado\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc deleted successfully
C:\Users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc deleted successfully
C:\Users\Jordana\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc deleted successfully
C:\Users\Jordana\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc deleted successfully
C:\Users\Jordana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc deleted successfully
C:\Users\Jordana\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc deleted successfully
C:\Users\JLIALI~1\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc deleted successfully
C:\Users\JLIALI~1\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc deleted successfully
C:\Users\JLIALI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc deleted successfully
C:\Users\JLIALI~1\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc deleted successfully
C:\Users\TIOLIM~1\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc deleted successfully
C:\Users\TIOLIM~1\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc deleted successfully
C:\Users\TIOLIM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc deleted successfully
C:\Users\TIOLIM~1\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nnkinnghnmbalgoojloliogjhglkabjc deleted successfully
C:\Users\Jordana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nnkinnghnmbalgoojloliogjhglkabjc_0.localstorage deleted successfully
C:\Users\Jordana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nnkinnghnmbalgoojloliogjhglkabjc_0.localstorage-journal deleted successfully
C:\Users\TIOLIM~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nnkinnghnmbalgoojloliogjhglkabjc_0.localstorage deleted successfully
C:\Users\TIOLIM~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nnkinnghnmbalgoojloliogjhglkabjc_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com.br/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com.br/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Jordana\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\JLIALI~1\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\TIOLIM~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Jordana\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\JLIALI~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\TIOLIM~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3197968177-1490830103-2037007426-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} deleted successfully
HKEY_USERS\S-1-5-21-3197968177-1490830103-2037007426-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} deleted successfully

==== Deleting CLSID Registry Values ======================


==== shortcuts on Users Desktops ======================

C:\Users\TIOLIM~1\Desktop\KMPlayer.lnk - C:\The KMPlayer\KMPlayer.exe
C:\Users\TIOLIM~1\Desktop\Orbit.lnk - C:\Program Files (x86)\Orbitdownloader\orbitdm.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Video Search.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe  /VIDEOSEARCH

==== shortcuts in Users Start Menu ======================

C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AdwCleaner.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RtkGUI.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Amazon.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Facebook.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\GMail.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Hotmail.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Yahoo.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Youtube.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Allmyapps\Allmyapps.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Reader\PDF Reader.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Reader\Uninstall PDF Reader.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer Setup Wizard.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\Uninstall KMPlayer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AdwCleaner.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RtkGUI.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Amazon.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Facebook.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\GMail.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Hotmail.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Yahoo.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Youtube.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Allmyapps\Allmyapps.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Reader\PDF Reader.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Reader\Uninstall PDF Reader.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer Setup Wizard.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\Uninstall KMPlayer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AdwCleaner.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RtkGUI.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Amazon.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Facebook.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\GMail.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Hotmail.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Yahoo.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Youtube.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Allmyapps\Allmyapps.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Reader\PDF Reader.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Reader\Uninstall PDF Reader.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer Setup Wizard.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\Uninstall KMPlayer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AdwCleaner.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RtkGUI.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Amazon.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Facebook.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\GMail.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Hotmail.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Yahoo.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Youtube.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Allmyapps\Allmyapps.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Reader\PDF Reader.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Reader\Uninstall PDF Reader.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer Setup Wizard.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\Uninstall KMPlayer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AdwCleaner.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RtkGUI.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Amazon.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Facebook.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\GMail.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Hotmail.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Yahoo.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Youtube.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Allmyapps\Allmyapps.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Reader\PDF Reader.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Reader\Uninstall PDF Reader.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer Setup Wizard.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\Uninstall KMPlayer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AdwCleaner.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RtkGUI.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Amazon.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Facebook.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\GMail.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Hotmail.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Yahoo.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Youtube.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Allmyapps\Allmyapps.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Reader\PDF Reader.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Reader\Uninstall PDF Reader.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer Setup Wizard.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\Uninstall KMPlayer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AdwCleaner.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RtkGUI.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Amazon.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Facebook.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\GMail.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Hotmail.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Yahoo.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Youtube.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Allmyapps\Allmyapps.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Reader\PDF Reader.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Reader\Uninstall PDF Reader.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer Setup Wizard.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\Uninstall KMPlayer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AdwCleaner.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RtkGUI.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Amazon.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Facebook.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\GMail.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Hotmail.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Yahoo.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Youtube.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Allmyapps\Allmyapps.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Reader\PDF Reader.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Reader\Uninstall PDF Reader.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer Setup Wizard.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\Uninstall KMPlayer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AdwCleaner.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RtkGUI.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Amazon.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Facebook.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\GMail.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Hotmail.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Yahoo.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Youtube.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Allmyapps\Allmyapps.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Reader\PDF Reader.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Reader\Uninstall PDF Reader.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer Setup Wizard.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\Uninstall KMPlayer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AdwCleaner.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RtkGUI.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Amazon.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Facebook.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\GMail.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Hotmail.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Yahoo.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Youtube.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Allmyapps\Allmyapps.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Reader\PDF Reader.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Reader\Uninstall PDF Reader.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer Setup Wizard.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\Uninstall KMPlayer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AdwCleaner.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RtkGUI.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Amazon.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Facebook.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\GMail.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Hotmail.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Yahoo.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Youtube.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Allmyapps\Allmyapps.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Reader\PDF Reader.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Reader\Uninstall PDF Reader.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer Setup Wizard.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\Uninstall KMPlayer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AdwCleaner.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RtkGUI.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Amazon.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Facebook.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\GMail.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Hotmail.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Yahoo.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser\Links\Youtube.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Allmyapps\Allmyapps.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Reader\PDF Reader.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Reader\Uninstall PDF Reader.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer Setup Wizard.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer.lnk -  
C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\Uninstall KMPlayer.lnk -  

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.2\LibreOffice Base.lnk - C:\Program Files (x86)\LibreOffice 4\program\sbase.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.2\LibreOffice Calc.lnk - C:\Program Files (x86)\LibreOffice 4\program\scalc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.2\LibreOffice Draw.lnk - C:\Program Files (x86)\LibreOffice 4\program\sdraw.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.2\LibreOffice Impress.lnk - C:\Program Files (x86)\LibreOffice 4\program\simpress.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.2\LibreOffice Math.lnk - C:\Program Files (x86)\LibreOffice 4\program\smath.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.2\LibreOffice Writer.lnk - C:\Program Files (x86)\LibreOffice 4\program\swriter.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.2\LibreOffice.lnk - C:\Program Files (x86)\LibreOffice 4\program\soffice.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\MSACCESS.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Enviar para o OneNote 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\EXCEL.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\ONENOTE.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\OUTLOOK.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\POWERPNT.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\MSPUB.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\WINWORD.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Office 2013 Upload Center.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\MSOUC.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Preferências de Idioma do Office 2013.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orbit\Orbit.lnk - C:\Program Files (x86)\Orbitdownloader\orbitdm.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orbit\Uninstall Orbit.lnk - C:\Program Files (x86)\Orbitdownloader\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 2\PDF Architect 2.lnk - C:\Program Files (x86)\PDF Architect 2\PDF Architect 2.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 2\Uninstall or Modify PDF Architect 2.lnk - C:\ProgramData\PDF Architect 2\Installation\PDFArchitect2Installer.exe /uninstall
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Doe ao PDFCreator.lnk - C:\Program Files (x86)\PDFCreator\Doe ao PDFCreator.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Histórico.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\PDFCreator Ajuda.lnk - C:\Program Files (x86)\PDFCreator\PDFCreator_english.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\PDFCreator na Internet.lnk - C:\Program Files (x86)\PDFCreator\PDFCreator.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\PDFCreator.lnk - C:\Program Files (x86)\PDFCreator\PDFCreator.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Translation Tool.lnk - C:\Program Files (x86)\PDFCreator\languages\TransTool.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Images2PDF\Images2PDF Console Application.lnk - C:\Windows\System32\cmd.exe /k "C:\Program Files (x86)\PDFCreator\Images2PDF\Images2PDFC.exe"
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Images2PDF\Images2PDF.lnk - C:\Program Files (x86)\PDFCreator\Images2PDF\Images2PDF.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Licenses\AFPL License.lnk - C:\Program Files (x86)\PDFCreator\AFPL License.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Licenses\FairPlay License.lnk - C:\Program Files (x86)\PDFCreator\FairPlay License.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Licenses\GPL License.lnk - C:\Program Files (x86)\PDFCreator\GNU License.txt

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyOverride"="<-loopback>"
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jordana\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Jordana\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Users\JLIALI~1\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\JLIALI~1\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Users\TIOLIM~1\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\TIOLIM~1\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Jordana\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\JLIALI~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\TIOLIM~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1405 folders=160 316257930 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Jordana\AppData\Local\Temp emptied successfully
C:\Users\JLIALI~1\AppData\Local\Temp emptied successfully
C:\Users\TIOLIM~1\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\TIOLIM~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 14/05/2014 at 17:19:18,14 ======================
tiaolima
tiaolima
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 13/05/2014

Voltar ao Topo Ir em baixo

sites - Remoção de sites e programas intrusos. Empty Re: Remoção de sites e programas intrusos.

Mensagem por Power Max em Qua 14 Maio 2014, 17:29

Baixe o programa Junkware Removal Tool no link abaixo:
[Você precisa estar registrado e conectado para ver este link.]

sites - Remoção de sites e programas intrusos. 772309 Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

Tutorial do Junkware Removal Tool

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

sites - Remoção de sites e programas intrusos. Empty Log Junkware Removal Tool (JRT)

Mensagem por tiaolima em Qua 14 Maio 2014, 21:39

Acho que me livrei da "dor-de-cabeça". Muito obrigado por tudo! Valeu demais!

Tião Lima


Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 Single Language x64
Ran by TiÆo Lima on 14/05/2014 at 21:22:09,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu



~~~ Files






~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14/05/2014 at 21:27:52,11
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Última edição por tiaolima em Qua 14 Maio 2014, 21:42, editado 1 vez(es) (Razão : Foi só uma "falhazinha"!)
tiaolima
tiaolima
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 13/05/2014

Voltar ao Topo Ir em baixo

sites - Remoção de sites e programas intrusos. Empty Re: Remoção de sites e programas intrusos.

Mensagem por Power Max em Qua 14 Maio 2014, 21:46

Sugiro que faça mais este procedimento abaixo para termos mais certeza que o PC está limpo ou não:

sites - Remoção de sites e programas intrusos. 772309 Faça o download do < ZHPDiag2.exe > < [Você precisa estar registrado e conectado para ver esta imagem.]> ( ... de Nicolas Coolman )

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

Tutorial de instalação e execução do aplicativo ZHPDiag

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

sites - Remoção de sites e programas intrusos. Empty Relatorio ZHPDiag.txt

Mensagem por tiaolima em Qua 14 Maio 2014, 22:54

~ Relatório do ZHPDiag v2014.5.14.63 - Nicolas Coolman (14/05/2014)
~ Iniciado por Tião Lima (14/05/2014 22:48:32)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Blog de análise de software : [Você precisa estar registrado e conectado para ver este link.]
~ Fóruns de suporte gratuito para desinfecção : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17107
GCIE: Google Chrome v34.0.1847.137 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8.1 Single Language, 64-bit (Build 9600)
Windows Server License Manager Script : OK

---\\ Softwares de proteçao do sistema
Windows Defender W8

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 69 Stepping 1, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1928 MB (43% free)
System Restore: Activé (Enable)
System drive C: has 403 GB (89%) free of 448 GB

---\\ Modo de conexão ao sistema
~ Computer Name: TIAOLIMA
~ User Name: Tião Lima
~ All Users Names: Tião Lima, Júlia Lima, Jordana, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Tião Lima\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Tião Lima\AppData\Roaming\
~ %Desktop% : C:\Users\Tião Lima\Desktop\
~ %Favorites% : C:\Users\Tião Lima\Favorites\
~ %LocalAppData% : C:\Users\Tião Lima\AppData\Local\
~ %StartMenu% : C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 403 Go of 448 Go)
D: CD-ROM drive (Not Inserted)
E: Floppy drive, Flash card reader, USB Key (Free 2 Go of 2 Go)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.81394C91B7B5A7C799E249AE82491F13] - (.Microsoft Corporation - Windows Explorer.) (.04/03/2014 - 09:25:49.) -- C:\Windows\Explorer.exe [2373784]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.22/08/2013 - 06:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.65C36A29A131A3A5D64B29FAC4EF6DD6] - (.Microsoft Corporation - Internet Extensions para Win32.) (.22/02/2014 - 06:11:56.) -- C:\Windows\System32\wininet.dll [2262016]
[MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.22/02/2014 - 06:45:48.) -- C:\Windows\System32\Winlogon.exe [562176]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/12/2013 - 05:54:07.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.239268BAB58EAE9A3FF4E08334C00451] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\AFD.sys [567296]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 09:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 08:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 05:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.06/03/2014 - 06:22:50.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.22/08/2013 - 08:38:38.) -- C:\Windows\system32\Drivers\HDAudBus.sys [78336]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Driver de porta i8042.) (.22/08/2013 - 08:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.27/11/2013 - 09:02:29.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.C997E6A37BA8915224B3FB5024A34F69] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.06/03/2014 - 06:20:23.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402944]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 08:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.1C80517BE6836A812F6A9B99B8321351] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.20/03/2014 - 00:41:24.) -- C:\Windows\system32\Drivers\ntfs.sys [2013016]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Driver de porta paralela.) (.22/08/2013 - 08:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 08:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Microsoft.) (.22/08/2013 - 16:12:11.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.3595FBDF25F8BA6256072D103937D7D6] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.22/02/2014 - 12:44:13.) -- C:\Windows\system32\Drivers\volsnap.sys [311640]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/8
~ Mes musiques (My Musics) : 1/276
~ Mes Videos (My Videos) : 1/150
~ Mes Favoris (My Favorites) : 1/5
~ Mes Documents (My Documents) : 1/8
~ Mon Bureau (My Desktop) : 1/26
~ Menu demarrer (Programs) : 1/38
~ Hidden Files: Scanned in 00mn 01s



---\\ Processos lançados
[MD5.345B1798395CEA9C178AFF1784FA2A37] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032] [PID.2264]
[MD5.E1B4EE856AD8A31B64D9E2AB20542D96] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7874560] [PID.3992]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Tião Lima\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 15 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/cef] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Tião Lima\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll
~ Firefox Browser: 1 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 19



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: Zebar [64Bits] - {26e67fb2-111e-417f-966e-547ac43968cf} . (.Zebar - Zebar.) -- C:\Program Files (x86)\Zebar\Zebarbho.dll
O2 - BHO: G-Buster Browser Defense CEF [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540003} . (.Caixa Economica Federal - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbiehcef.dll
O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} Chave orfã
O2 - BHO: (no name) [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} Chave orfã
~ BHO: 4 Legitimates Filtered in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKCU\..\Run: [Allmyapps] . (.Allmyapps - Allmyapps Desktop.) -- C:\Users\Tião Lima\AppData\Roaming\Allmyapps\Allmyapps.exe
O4 - HKCU\..\Run: [Allmyapps Update] C:\Users\Tião Lima\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [fst_br_114] Chave orfã
O4 - HKLM\..\policies\Explorer\Run: [BtvStack] . (.Atheros Communications - Bluetooth Stack Server.) -- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
O4 - HKUS\S-1-5-21-3197968177-1490830103-2037007426-1001\..\Run: [Allmyapps] . (.Allmyapps - Allmyapps Desktop.) -- C:\Users\Tião Lima\AppData\Roaming\Allmyapps\Allmyapps.exe
O4 - HKUS\S-1-5-21-3197968177-1490830103-2037007426-1001\..\Run: [Allmyapps Update] C:\Users\Tião Lima\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe (.not file.)
~ Application: Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B2094CC4-BE69-4EAA-87D9-8AF53702D2DA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{D3406E5B-B89A-4114-9368-9DC337A5F07E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{B2094CC4-BE69-4EAA-87D9-8AF53702D2DA}: DhcpDomain = domain.name
O17 - HKLM\System\CCS\Services\Tcpip\..\{D3406E5B-B89A-4114-9368-9DC337A5F07E}: DhcpDomain = domain.name
O17 - HKLM\System\CS1\Services\Tcpip\..\{B2094CC4-BE69-4EAA-87D9-8AF53702D2DA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{D3406E5B-B89A-4114-9368-9DC337A5F07E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B2094CC4-BE69-4EAA-87D9-8AF53702D2DA}: DhcpDomain = domain.name
O17 - HKLM\System\CS1\Services\Tcpip\..\{D3406E5B-B89A-4114-9368-9DC337A5F07E}: DhcpDomain = domain.name
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: AtherosSvc (AtherosSvc) . (.Windows (R) Win 7 DDK provider - Windows Setup API.) - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: Baidu AntiVirus Service (bavsvc) . (...) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bavsvc.exe (.not file.)
O23 - Service: Baidu Hips Service (bhipssvc) . (...) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bhipssvc.exe (.not file.)
O23 - Service: GamesAppIntegrationService (GamesAppIntegrationService) . (.TODO: - TODO: .) - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
O23 - Service: Update Zebar (Update Zebar) . (...) - C:\Program Files (x86)\Zebar\updateZebar.exe
~ Services: 13 Legitimates Filtered in 00mn 05s



---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [Price Meter Updater] (...) -- C:\Users\Tião Lima\AppData\Roaming\PRICEM~1\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>PUP.PriceMeter
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1088]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1092]
O39 - APT: Price Meter Updater - (...) -- C:\Windows\Tasks\Price Meter Updater.job [324] =>PUP.PriceMeter
O39 - APT: Price Meter Updater - (...) -- C:\Windows\System32\Tasks\Price Meter Updater [324] =>PUP.PriceMeter
~ Scheduled Task: 14 Legitimates Filtered in 00mn 08s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (Bfilter) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\Windows\system32\drivers\Bfilter.sys
O41 - Driver: (Bfmon) . (.Baidu, Inc. - Baidu FS Monitor Driver.) - C:\Windows\system32\drivers\Bfmon.sys =>Adware.BDSearch
O41 - Driver: (Bprotect) . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - C:\Windows\system32\drivers\Bprotect.sys
~ Drivers: 38 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: GBBD Caixa Economica Federal - (...) [HKLM][64Bits] -- {5d01f486-f32d-462e-8830-cc1d116e8ece}_is1
O42 - Logiciel: Highlightly - (.Highlightly.) [HKLM][64Bits] -- Highlightly
O42 - Logiciel: Puxa Rápido - (...) [HKLM][64Bits] -- Puxa Rápido
O42 - Logiciel: Zebar - (.Zebar.) [HKLM][64Bits] -- Zebar
~ Logic: 34 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\1stBrowser]
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\Beamrise] =>Hijacker.Beamrise
[HKCU\Software\PriceMeterUpdater] =>PUP.PriceMeter
[HKCU\Software\Puxa Rápido]
[HKCU\Software\Zebar]
[HKLM\Software\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Zebar]
[HKLM\Software\Wow6432Node\test]
~ Key Software: 226 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 15/04/2014 - 13:27:37 - [] ----D C:\Program Files (x86)\Baidu Security =>Adware.BDSearch
O43 - CFD: 13/04/2014 - 00:02:02 - [] ----D C:\Program Files (x86)\Puxa Rápido
O43 - CFD: 11/05/2014 - 16:52:10 - [] ----D C:\Program Files (x86)\Zebar
O43 - CFD: 15/04/2014 - 13:42:52 - [] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 11/04/2014 - 22:40:02 - [] ----D C:\ProgramData\OEM_YAHOO
O43 - CFD: 15/04/2014 - 13:42:52 - [] ----D C:\Users\Tião Lima\AppData\Roaming\Baidu Security =>Adware.BDSearch
O43 - CFD: 10/05/2014 - 00:33:20 - [] ----D C:\Users\Tião Lima\AppData\Roaming\rmi
O43 - CFD: 15/04/2014 - 13:34:55 - [] ----D C:\Users\Tião Lima\AppData\Local\1stBrowserUninstall
O43 - CFD: 15/04/2014 - 16:09:47 - [] ----D C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1stBrowser
O43 - CFD: 08/05/2014 - 13:44:57 - [] ----D C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMetér
O43 - CFD: 12/04/2014 - 23:59:48 - [0] ----D C:\Users\Tião Lima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Puxa Rápido
~ Program Folder: 140 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.385AF1C48CE3E86B37B9E66749FFEC1B] - 08/05/2014 - 16:20:52 ---A- . (...) -- C:\Windows\System32\srms.dat [50053]
O44 - LFC:[MD5.E7B53AF004BEE5112F787A6E5B04D737] - 08/05/2014 - 16:20:56 ---A- . (...) -- C:\Windows\System32\connectedsearch-results.searchconnector-ms [11109]
O44 - LFC:[MD5.F1DB86EA935C13CDFF27AB957297136A] - 08/05/2014 - 16:21:06 ---A- . (...) -- C:\Windows\System32\connectedsearch-suggestions.searchconnector-ms [7762]
O44 - LFC:[MD5.1FDF29F970E2E843B4DC5D0626D0EDD5] - 08/05/2014 - 16:21:06 ---A- . (...) -- C:\Windows\System32\connectedsearch-zeroinput.searchconnector-ms [7130]
O44 - LFC:[MD5.DE461B86C05946D10E519F512D09E389] - 08/05/2014 - 16:21:07 ---A- . (...) -- C:\Windows\System32\RacRules.xml [100197]
O44 - LFC:[MD5.119E0F7A71775A5CFB208B036ECE35E1] - 08/05/2014 - 16:21:53 ---A- . (...) -- C:\Windows\System32\WimBootCompress.ini [2255]
O44 - LFC:[MD5.DCF2510E0745720E543E84F5E921FCC0] - 08/05/2014 - 16:23:41 ---A- . (...) -- C:\Windows\System32\dfpinc.dat [262335]
O44 - LFC:[MD5.FFFCC3C3ED6886A95D3C0E1B49C652BA] - 08/05/2014 - 16:25:39 ---A- . (...) -- C:\Windows\System32\systemsf.ebd [139600]
O44 - LFC:[MD5.12B0701B1CEC1A7BB0E4C71D97661E23] - 08/05/2014 - 16:31:16 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [387210]
O44 - LFC:[MD5.08750A50CF027F93070C8BB78E27C3B7] - 09/05/2014 - 21:59:08 -SH-- . (...) -- C:\Windows\System32\desktop.ini [75]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 14/05/2014 - 17:03:29 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.06D7D58DD79230E597D4B9CD56A26E99] - 14/05/2014 - 17:19:18 ---A- . (...) -- C:\zoek-results.log [42671]
O44 - LFC:[MD5.682187C3C851099D17041828F5954FC7] - 14/05/2014 - 22:09:36 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [158494]
O44 - LFC:[MD5.F7DF6DAD4C5DFF0E0C47E5BE0C79AEB9] - 14/05/2014 - 22:09:36 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [774900]
~ Files: 561 Legitimates Filtered in 00mn 17s



---\\ Exportar a chave da aplicação autorizada (047)
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Puxa Rápido\PuxaRapido.exe" [Enabled] .(.No owner.) -- C:\Program Files (x86)\Puxa Rápido\PuxaRapido.exe
~ Keys Export: 1 Legitimates Filtered in 00mn 00s



---\\ Negação do serviço (Local Security Authority) (048)
~ LSA: 3 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
O55 - MWPS:[HKLM\...\Policies\System] - "SafeModeBlockNonAdmins"=1
~ MWPS: 23 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:12/08/2013 - 20:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:21/01/2014 - 11:14:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032]
O58 - SDL:21/01/2014 - 11:14:50 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624] =>Adware.BDSearch
O58 - SDL:21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992]
O58 - SDL:01/04/2014 - 17:00:50 ---A- . (.Highlightly - Highlightly Driver x64.) -- C:\Windows\System32\Drivers\hlnfd.sys [58256]
O58 - SDL:22/08/2013 - 09:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
O58 - SDL:28/04/2014 - 18:48:47 ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpndisrd.sys [31088]
~ Drivers: 62 Legitimates Filtered in 00mn 06s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.169180F02ABCECA5DE72FC5EEBC861BB] [SPRF][14/04/2014] (.No owner - Setup/Uninstall.) -- C:\Users\Tião Lima\AppData\Roaming\unins000.exe [730322]
~ Files: 1 Legitimates Filtered in 00mn 00s



---\\ Listagem dos dados da chave NameSpace (MNS) (O92)
O92 - MNS: - {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
O92 - MNS: - {374DE290-123F-4565-9164-39C4925E467B}
O92 - MNS: - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
O92 - MNS: - {A0953C92-50DC-43bf-BE83-3742FED03C9C}
O92 - MNS: - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
O92 - MNS: - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
~ MNS: 6 Legitimates Filtered in 00mn 00s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\melondrea_RASAPI32 =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\melondrea_RASMANCS =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatemelondrea_RASAPI32 =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatemelondrea_RASMANCS =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateWiseEnhance_RASAPI32 =>PUP.WiseEnhance
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateWiseEnhance_RASMANCS =>PUP.WiseEnhance
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilmelondrea_RASAPI32 =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilmelondrea_RASMANCS =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32 =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WiseEnhance_RASAPI32 =>PUP.WiseEnhance
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WiseEnhance_RASMANCS =>PUP.WiseEnhance
~ BTK: 50 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 10/07/1658 0 | (bavsvc) . (...) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bavsvc.exe
SS - | Auto 10/07/1658 0 | (bhipssvc) . (...) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bhipssvc.exe
SS - | Demand 19/11/2013 279024 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 28/04/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 28/04/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 11/05/2013 822232 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Auto 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 07/09/2013 312448 | (AtherosSvc) . (.Windows (R) Win 7 DDK provider.) - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
SR - | Auto 26/07/2013 2650696 | (CCDMonitorService) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
SR - | Demand 05/07/2013 663592 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
SR - | Auto 16/07/2013 235008 | (GamesAppIntegrationService) . (.TODO: .) - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
SR - | Auto 26/02/2014 520520 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
SR - | Auto 11/05/2013 733696 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 03/09/2013 169432 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 03/09/2013 390616 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 02/08/2013 457768 | (LMSvc) . (.Acer Incorporate.) - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
SR - | Auto 17/03/2014 219752 | (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
SR - | Auto 17/03/2014 185792 | (mfevtp) . (.McAfee, Inc..) - C:\Windows\system32\mfevtps.exe
SR - | Auto 13/07/2012 769432 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 09/05/2014 350488 | (Update Zebar) . (...) - C:\Program Files (x86)\Zebar\updateZebar.exe
SR - | Demand 10/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
~ Services: Scanned in 00mn 10s



---\\ Scâner Aditional (088)
Database Version : 13045 - (14/05/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 3
Fichiers trouvés (Files found) : 9

C:\Program Files (x86)\Baidu Security =>Adware.BDSearch^
C:\ProgramData\Baidu Security =>Adware.BDSearch^
C:\Users\Tião Lima\AppData\Roaming\Baidu Security =>Adware.BDSearch^
C:\Windows\Tasks\Price Meter Updater.job =>PUP.PriceMeter^
C:\Windows\System32\Tasks\Price Meter Updater =>PUP.PriceMeter^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKCU\Software\Beamrise] =>Hijacker.Beamrise^
[HKCU\Software\PriceMeterUpdater] =>PUP.PriceMeter^
[HKLM\Software\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch^
C:\Users\Tião Lima\Downloads\SaveAs.exe =>PUP.Offerware
~ Additionnel Scan: 197670 Items scanned in 00mn 31s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.] =>PUP.PriceMeter
[Você precisa estar registrado e conectado para ver este link.] =>Adware.BDSearch
[Você precisa estar registrado e conectado para ver este link.] =>Hijacker.Beamrise
[Você precisa estar registrado e conectado para ver este link.] =>PUP.Melondrea
[Você precisa estar registrado e conectado para ver este link.] =>PUP.WiseEnhance
[Você precisa estar registrado e conectado para ver este link.] =>PUP.Wajam
[Você precisa estar registrado e conectado para ver este link.] =>PUP.Offerware
~ MSI: 7 link(s) detected in 00mn 00s



~ 1128 Legitimates filtered by white list
End of the scan (470 lines in 01mn 43s)(0)
tiaolima
tiaolima
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 13/05/2014

Voltar ao Topo Ir em baixo

sites - Remoção de sites e programas intrusos. Empty Re: Remoção de sites e programas intrusos.

Mensagem por Power Max em Qua 14 Maio 2014, 23:12

sites - Remoção de sites e programas intrusos. 772309  Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

sites - Remoção de sites e programas intrusos. 772309  Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

sites - Remoção de sites e programas intrusos. Empty Relatorio ZHPFix.txt

Mensagem por tiaolima em Qui 15 Maio 2014, 10:20

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Tião Lima at 15/05/2014 10:18:50
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit Service Pack 1 (9600)

Reciclagem vazia (00mn 02s)
Reparação de atalhos do navegador

========== Softwares ==========
AUSENTE Uninstall Process: c:\program files (x86)\highlightly\uninstall.exe

========== Processo memória ==========
ELIMINÉ: Memory Process: C:\Users\Tião Lima\Downloads\SaveAs.exe

========== Chaves do Registo ==========
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Highlightly]
ELIMINÉ: CLSID BHO: {26e67fb2-111e-417f-966e-547ac43968cf}
ELIMINÉ: Service: bavsvc
ELIMINÉ: Service: bhipssvc
ELIMINÉ: Service: Update Zebar
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bprotect
ELIMINÉ: HKCU\Software\1stBrowser
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKCU\Software\Beamrise
ELIMINÉ: HKCU\Software\PriceMeterUpdater
ELIMINÉ: HKCU\Software\Zebar
ELIMINÉ:* HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu_Drp_pos
ELIMINÉ: HKLM\Software\Wow6432Node\Zebar
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\melondrea_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\melondrea_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatemelondrea_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatemelondrea_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateWiseEnhance_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateWiseEnhance_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilmelondrea_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilmelondrea_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WiseEnhance_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WiseEnhance_RASMANCS

========== Valores do Registo ==========
ELIMINÉ RunValue: Allmyapps Update
ELIMINÉ RunValue: fst_br_114
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ: c:\program files (x86)\zebar\zebarbho.dll
ELIMINA REINICIAR: c:\program files (x86)\zebar\updatezebar.exe
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\hlnfd.sys
ELIMINÉ Temporários windows (0) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: Price Meter Updater

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
1 : Processo memória
28 : Chaves do Registo
8 : Valores do Registo
1 : Pastas
8 : Ficheiros
1 : Softwares
1 : Tarefa planificada
1 : Restauração Sistema


End of clean in 00mn 20s

========== Caminho do ficheiro do relatório ==========
C:\Users\Tião Lima\AppData\Roaming\ZHP\ZHPFix[R1].txt - 15/05/2014 10:18:53 [3463]
 :rindo_atoa: 
tiaolima
tiaolima
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 13/05/2014

Voltar ao Topo Ir em baixo

sites - Remoção de sites e programas intrusos. Empty Re: Remoção de sites e programas intrusos.

Mensagem por Power Max em Qui 15 Maio 2014, 10:25

sites - Remoção de sites e programas intrusos. 772309 Abra novamente o ( ZHPDiag )

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Você precisa estar registrado e conectado para ver esta imagem.]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

sites - Remoção de sites e programas intrusos. Empty Re: Remoção de sites e programas intrusos.

Mensagem por Danii em Sab 31 Maio 2014, 11:28

TÓPICO ARQUIVADO

Como o autor não respondeu por mais de 15 dias, o tópico foi arquivado. Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da Equipe da Moderação solicitando o desbloqueio.
Danii
Danii
Membro Pleno
Membro Pleno

Mensagens : 562
Reputação : 78
Data de inscrição : 04/04/2014
Localização : Brasil

Voltar ao Topo Ir em baixo

sites - Remoção de sites e programas intrusos. Empty Re: Remoção de sites e programas intrusos.

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum