Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14838 usuários registradosO último membro registrado é Lanterna Verde com Disco
Os nossos membros postaram um total de 36058 mensagens em 3689 assuntos
Quem está conectado?
Há 13 usuários online :: 0 registrados, 0 invisíveis e 13 visitantes :: 1 motor de buscaNenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
Power Max | ||||
joram | ||||
Wings [In Memoriam] | ||||
caedurodrigues | ||||
Amigo Brasileiro | ||||
luizvilarinho | ||||
Danii | ||||
Admin | ||||
Danilo Marsaro | ||||
Andreata |
Como remover sweet page do meu note???
2 participantes
Página 1 de 1
Como remover sweet page do meu note???
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 01:14:09, on 11/02/2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Positivo Informática\Mundo Positivo Áudio\AudioPower.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Álen\Downloads\HijackThis.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\XTab\SupTab.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [PSafeSysTray] "C:\Program Files (x86)\PSafe\PSafeSysTray.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Álen\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Startup: Monitorar alertas de tinta - .lnk = ?
O4 - Startup: Monitorar alertas de tinta - HP Deskjet 1050 J410 series.lnk = ?
O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Windows Explorer.lnk = ?
O4 - Global Startup: Windows Explorer.lnk = ?
O8 - Extra context menu item: &Enviar para o OneNote - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: Battery Manager Service (BatteryManagerSrv) - Positivo Informática S.A - C:\Program Files (x86)\Positivo Informática\Mundo Positivo Bateria\BatteryManagerService.exe
O23 - Service: Click Caption 1.10.0.6 Client Service (ccsvc_1.10.0.6) - ClickCaption - C:\Program Files (x86)\ClickCaption_1.10.0.6\Service\ccsvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Tecnologia de armazenamento Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: IHProtect Service - XTab system - C:\Program Files (x86)\XTab\ProtectService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: PSafeLockBoxSvc - PSafe - C:\Program Files (x86)\PSafe\PSafeCategoryFinder.exe
O23 - Service: PSafeSVC - PSafe S/A - C:\Program Files (x86)\PSafe\PSafesvc.exe
O23 - Service: PSafeWD - PSafe - C:\Program Files (x86)\PSafe\PSafeWD.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - SysTool PasSame LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11929 bytes
Scan saved at 01:14:09, on 11/02/2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Positivo Informática\Mundo Positivo Áudio\AudioPower.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Álen\Downloads\HijackThis.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\XTab\SupTab.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [PSafeSysTray] "C:\Program Files (x86)\PSafe\PSafeSysTray.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Álen\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Startup: Monitorar alertas de tinta - .lnk = ?
O4 - Startup: Monitorar alertas de tinta - HP Deskjet 1050 J410 series.lnk = ?
O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Windows Explorer.lnk = ?
O4 - Global Startup: Windows Explorer.lnk = ?
O8 - Extra context menu item: &Enviar para o OneNote - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: Battery Manager Service (BatteryManagerSrv) - Positivo Informática S.A - C:\Program Files (x86)\Positivo Informática\Mundo Positivo Bateria\BatteryManagerService.exe
O23 - Service: Click Caption 1.10.0.6 Client Service (ccsvc_1.10.0.6) - ClickCaption - C:\Program Files (x86)\ClickCaption_1.10.0.6\Service\ccsvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Tecnologia de armazenamento Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: IHProtect Service - XTab system - C:\Program Files (x86)\XTab\ProtectService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: PSafeLockBoxSvc - PSafe - C:\Program Files (x86)\PSafe\PSafeCategoryFinder.exe
O23 - Service: PSafeSVC - PSafe S/A - C:\Program Files (x86)\PSafe\PSafesvc.exe
O23 - Service: PSafeWD - PSafe - C:\Program Files (x86)\PSafe\PSafeWD.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - SysTool PasSame LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11929 bytes
Alen Silveira- Iniciante
- Mensagens : 8
Reputação : 0
Data de inscrição : 11/02/2015
Idade : 36
Localização : Santiago - RS
Re: Como remover sweet page do meu note???
/!\ Bom Dia! Alen Silveira /!\
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Farbar )
> No banner àcima,é para sistemas 32bits!
< [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> No link àcima,é para sistemas 64bits!
> Salve-o no desktop! (Área de trabalho ...)
> Execute a ferramenta! Clique "Yes" >> "Scan".
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Antes de clicar "Scan",verifique se as caixinhas em "Whitelist" estão assinaladas.
> Em "Optional Scan",deixe marcada a checkbox "Addition.txt".
> Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na 1ª execução da ferramenta.
> Poste os relatórios! (FRST.txt + Addition.txt)
> Como o log será extenso,envie-o à [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> O link ao relatório,que é este assinalado,deverá ser colado em sua resposta.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Ou clique "Copier le lien (*)" e cole o link ao seu Post.
A+
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Farbar )
> No banner àcima,é para sistemas 32bits!
< [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> No link àcima,é para sistemas 64bits!
> Salve-o no desktop! (Área de trabalho ...)
> Execute a ferramenta! Clique "Yes" >> "Scan".
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Antes de clicar "Scan",verifique se as caixinhas em "Whitelist" estão assinaladas.
> Em "Optional Scan",deixe marcada a checkbox "Addition.txt".
> Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na 1ª execução da ferramenta.
> Poste os relatórios! (FRST.txt + Addition.txt)
> Como o log será extenso,envie-o à [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> O link ao relatório,que é este assinalado,deverá ser colado em sua resposta.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Ou clique "Copier le lien (*)" e cole o link ao seu Post.
A+
_________________
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> O que há de melhor,para desinfectar seu computador!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Não deixem de conhecer!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Tradição em informática!
joram- Administrador
- Mensagens : 4164
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Alen Silveira- Iniciante
- Mensagens : 8
Reputação : 0
Data de inscrição : 11/02/2015
Idade : 36
Localização : Santiago - RS
Re: Como remover sweet page do meu note???
/!\ Boa Tarde! Alen Silveira /!\
> Copie estas informações que estão em vermelho,para o Bloco de Notas.
> Salve-as com o nome fixlist. << Texto!
> Salve-as no desktop! ( Área de trabalho ... ) /!\ C:\Users\Álen\Desktop /!\
start
CloseProcesses:
emptytemp:
(PSafe) C:\Program Files (x86)\PSafe\PSafeCategoryFinder.exe
(PSafe S/A) C:\Program Files (x86)\PSafe\PSafesvc.exe
(PSafe) C:\Program Files (x86)\PSafe\PSafeWD.exe
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\Run: [Facebook Update] => C:\Users\Álen\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-12-08] (Facebook Inc.)
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {04f6e12e-7b41-11e3-8251-80ee734e5c74} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {324cdbcd-b09c-11e3-bf03-fa3de3151bc7} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {3afe2e28-a16a-11e4-bf32-80ee734e5c74} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {3f674688-2197-11e4-bf1e-80ee734e5c74} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {7120f91b-a319-11e4-bf32-d5cc2c9e18c7} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {7120f963-a319-11e4-bf32-d5cc2c9e18c7} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {97666567-2267-11e4-bf21-80ee734e5c74} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {b432fe66-219b-11e4-bf1f-80ee734e5c74} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {b8796485-2264-11e4-bf20-80ee734e5c74} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {b87964ae-2264-11e4-bf20-80ee734e5c74} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {f689405f-00e7-11e3-bec4-dc62cd32a13b} - "E:\AutoRun.exe"
ShellIconOverlayIdentifiers: [1PSafeOverlaySync] -> {A48EC0D3-3DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.2.1211.23401\PSafeShellExtensionx64.dll (PSafe S/A)
ShellIconOverlayIdentifiers: [2PSafeOverlayOk] -> {A48EC0D3-4DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.2.1211.23401\PSafeShellExtensionx64.dll (PSafe S/A)
ShellIconOverlayIdentifiers: [3PSafeOverlayOut] -> {A48EC0D3-5DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.2.1211.23401\PSafeShellExtensionx64.dll (PSafe S/A)
ShellIconOverlayIdentifiers-x32: [1PSafeOverlaySync] -> {A48EC0D3-3DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.2.1211.23401\PSafeShellExtensionx86.dll (PSafe S/A)
ShellIconOverlayIdentifiers-x32: [2PSafeOverlayOk] -> {A48EC0D3-4DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.2.1211.23401\PSafeShellExtensionx86.dll (PSafe S/A)
ShellIconOverlayIdentifiers-x32: [3PSafeOverlayOut] -> {A48EC0D3-5DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.2.1211.23401\PSafeShellExtensionx86.dll (PSafe S/A)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {08BE9BB0-03A3-4E39-8677-17827D135B4F} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {8B6506F1-ED42-4336-9827-F722319635A7} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {E7AE647A-7B7A-4988-8589-2DAEF3A11D11} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\sweet-page.xml
CHR StartupUrls: Default -> "hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal", "hxxp://www.sweet-page.com/?type=hp&ts=1397878392&from=cor&uid=ST500LM012XHN-M500MBB_S2SKJ5EC704434", "hxxp://rts.dsrlte.com/?affID=pr_345bbc2b-6a04-42c4-ba95-56a8d17d5bd7", "hxxp://br.search.yahoo.com/?fr=hp-ddc-bd&type=76_pr__alt__ddc_dsssyc_bd_com"
R2 PSafeLockBoxSvc; C:\Program Files (x86)\PSafe\PSafeCategoryFinder.exe [1211144 2012-11-23] (PSafe)
R2 PSafeSVC; C:\Program Files (x86)\PSafe\PSafesvc.exe [1544968 2012-11-23] (PSafe S/A)
R2 PSafeWD; C:\Program Files (x86)\PSafe\PSafeWD.exe [248072 2012-11-23] (PSafe)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [464384 2015-01-22] (SysTool PasSame LIMITED) [File not signed]
R1 {00aec75d-051f-41a9-9837-e94ac4f56303}w64; C:\Windows\System32\drivers\{00aec75d-051f-41a9-9837-e94ac4f56303}w64.sys [48784 2014-10-15] (StdLib)
R1 {51b9c91c-8e38-40ae-80de-58a590512b6b}w64; C:\Windows\System32\drivers\{51b9c91c-8e38-40ae-80de-58a590512b6b}w64.sys [48784 2014-11-18] (StdLib)
R1 {6b89253f-7097-40c7-9ead-2d5b1ceb02e2}w64; C:\Windows\System32\drivers\{6b89253f-7097-40c7-9ead-2d5b1ceb02e2}w64.sys [48776 2015-02-10] (StdLib)
R1 {94d62e35-4b43-494c-bf52-ba5935df36ef}w64; C:\Windows\System32\drivers\{94d62e35-4b43-494c-bf52-ba5935df36ef}w64.sys [48784 2015-01-04] (StdLib)
R1 {bb7b7a60-f574-47c2-8a0b-4c56f2da9802}w64; C:\Windows\System32\drivers\{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}w64.sys [48784 2014-09-28] (StdLib)
R1 {fc7329ef-e953-454c-8e78-ed2cf0acb2ef}w64; C:\Windows\System32\drivers\{fc7329ef-e953-454c-8e78-ed2cf0acb2ef}w64.sys [48832 2014-10-31] (StdLib)
2015-02-11 01:05 - 2015-02-11 01:14 - 00011931 _____ () C:\Users\Álen\Downloads\hijackthis.log
2015-02-11 01:04 - 2015-02-11 01:04 - 00388608 _____ (Trend Micro Inc.) C:\Users\Álen\Downloads\HijackThis.exe
2015-01-22 17:12 - 2015-01-22 17:12 - 00000000 ____D () C:\Users\Todos os Usuários\WindowsMangerProtect
2015-01-22 17:12 - 2015-01-22 17:12 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-01-15 21:32 - 2015-02-11 00:31 - 00020838 _____ () C:\WINDOWS\setupact.log
2015-01-15 21:32 - 2015-01-15 21:32 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-02-11 00:41 - 2014-04-19 01:33 - 00000000 ____D () C:\Users\Álen\AppData\Roaming\sweet-page
2015-02-11 00:30 - 2015-01-04 23:14 - 00010348 _____ () C:\WINDOWS\PFRO.log
Task: {E7AF28A9-0FD3-414C-904E-2127734FC6B1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2669598487-1635423111-3051878047-1001UA => C:\Users\Álen\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-08] (Facebook Inc.)
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2669598487-1635423111-3051878047-1001Core.job => C:\Users\Álen\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2669598487-1635423111-3051878047-1001UA.job => C:\Users\Álen\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Users\Álen\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Álen\AppData\Local\Temp\res.dll
end
> Execute FRST/FRST64 >> Clique "Fix" << Aguarde!
> Na mensagem,clique Executar.
> Poste o relatório! (Fixlog.txt)
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos irreparáveis aos mesmos! >
A+
> Copie estas informações que estão em vermelho,para o Bloco de Notas.
> Salve-as com o nome fixlist. << Texto!
> Salve-as no desktop! ( Área de trabalho ... ) /!\ C:\Users\Álen\Desktop /!\
start
CloseProcesses:
emptytemp:
(PSafe) C:\Program Files (x86)\PSafe\PSafeCategoryFinder.exe
(PSafe S/A) C:\Program Files (x86)\PSafe\PSafesvc.exe
(PSafe) C:\Program Files (x86)\PSafe\PSafeWD.exe
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\Run: [Facebook Update] => C:\Users\Álen\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-12-08] (Facebook Inc.)
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {04f6e12e-7b41-11e3-8251-80ee734e5c74} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {324cdbcd-b09c-11e3-bf03-fa3de3151bc7} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {3afe2e28-a16a-11e4-bf32-80ee734e5c74} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {3f674688-2197-11e4-bf1e-80ee734e5c74} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {7120f91b-a319-11e4-bf32-d5cc2c9e18c7} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {7120f963-a319-11e4-bf32-d5cc2c9e18c7} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {97666567-2267-11e4-bf21-80ee734e5c74} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {b432fe66-219b-11e4-bf1f-80ee734e5c74} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {b8796485-2264-11e4-bf20-80ee734e5c74} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {b87964ae-2264-11e4-bf20-80ee734e5c74} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {f689405f-00e7-11e3-bec4-dc62cd32a13b} - "E:\AutoRun.exe"
ShellIconOverlayIdentifiers: [1PSafeOverlaySync] -> {A48EC0D3-3DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.2.1211.23401\PSafeShellExtensionx64.dll (PSafe S/A)
ShellIconOverlayIdentifiers: [2PSafeOverlayOk] -> {A48EC0D3-4DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.2.1211.23401\PSafeShellExtensionx64.dll (PSafe S/A)
ShellIconOverlayIdentifiers: [3PSafeOverlayOut] -> {A48EC0D3-5DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.2.1211.23401\PSafeShellExtensionx64.dll (PSafe S/A)
ShellIconOverlayIdentifiers-x32: [1PSafeOverlaySync] -> {A48EC0D3-3DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.2.1211.23401\PSafeShellExtensionx86.dll (PSafe S/A)
ShellIconOverlayIdentifiers-x32: [2PSafeOverlayOk] -> {A48EC0D3-4DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.2.1211.23401\PSafeShellExtensionx86.dll (PSafe S/A)
ShellIconOverlayIdentifiers-x32: [3PSafeOverlayOut] -> {A48EC0D3-5DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.2.1211.23401\PSafeShellExtensionx86.dll (PSafe S/A)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {08BE9BB0-03A3-4E39-8677-17827D135B4F} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {8B6506F1-ED42-4336-9827-F722319635A7} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {E7AE647A-7B7A-4988-8589-2DAEF3A11D11} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\sweet-page.xml
CHR StartupUrls: Default -> "hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal", "hxxp://www.sweet-page.com/?type=hp&ts=1397878392&from=cor&uid=ST500LM012XHN-M500MBB_S2SKJ5EC704434", "hxxp://rts.dsrlte.com/?affID=pr_345bbc2b-6a04-42c4-ba95-56a8d17d5bd7", "hxxp://br.search.yahoo.com/?fr=hp-ddc-bd&type=76_pr__alt__ddc_dsssyc_bd_com"
R2 PSafeLockBoxSvc; C:\Program Files (x86)\PSafe\PSafeCategoryFinder.exe [1211144 2012-11-23] (PSafe)
R2 PSafeSVC; C:\Program Files (x86)\PSafe\PSafesvc.exe [1544968 2012-11-23] (PSafe S/A)
R2 PSafeWD; C:\Program Files (x86)\PSafe\PSafeWD.exe [248072 2012-11-23] (PSafe)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [464384 2015-01-22] (SysTool PasSame LIMITED) [File not signed]
R1 {00aec75d-051f-41a9-9837-e94ac4f56303}w64; C:\Windows\System32\drivers\{00aec75d-051f-41a9-9837-e94ac4f56303}w64.sys [48784 2014-10-15] (StdLib)
R1 {51b9c91c-8e38-40ae-80de-58a590512b6b}w64; C:\Windows\System32\drivers\{51b9c91c-8e38-40ae-80de-58a590512b6b}w64.sys [48784 2014-11-18] (StdLib)
R1 {6b89253f-7097-40c7-9ead-2d5b1ceb02e2}w64; C:\Windows\System32\drivers\{6b89253f-7097-40c7-9ead-2d5b1ceb02e2}w64.sys [48776 2015-02-10] (StdLib)
R1 {94d62e35-4b43-494c-bf52-ba5935df36ef}w64; C:\Windows\System32\drivers\{94d62e35-4b43-494c-bf52-ba5935df36ef}w64.sys [48784 2015-01-04] (StdLib)
R1 {bb7b7a60-f574-47c2-8a0b-4c56f2da9802}w64; C:\Windows\System32\drivers\{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}w64.sys [48784 2014-09-28] (StdLib)
R1 {fc7329ef-e953-454c-8e78-ed2cf0acb2ef}w64; C:\Windows\System32\drivers\{fc7329ef-e953-454c-8e78-ed2cf0acb2ef}w64.sys [48832 2014-10-31] (StdLib)
2015-02-11 01:05 - 2015-02-11 01:14 - 00011931 _____ () C:\Users\Álen\Downloads\hijackthis.log
2015-02-11 01:04 - 2015-02-11 01:04 - 00388608 _____ (Trend Micro Inc.) C:\Users\Álen\Downloads\HijackThis.exe
2015-01-22 17:12 - 2015-01-22 17:12 - 00000000 ____D () C:\Users\Todos os Usuários\WindowsMangerProtect
2015-01-22 17:12 - 2015-01-22 17:12 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-01-15 21:32 - 2015-02-11 00:31 - 00020838 _____ () C:\WINDOWS\setupact.log
2015-01-15 21:32 - 2015-01-15 21:32 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-02-11 00:41 - 2014-04-19 01:33 - 00000000 ____D () C:\Users\Álen\AppData\Roaming\sweet-page
2015-02-11 00:30 - 2015-01-04 23:14 - 00010348 _____ () C:\WINDOWS\PFRO.log
Task: {E7AF28A9-0FD3-414C-904E-2127734FC6B1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2669598487-1635423111-3051878047-1001UA => C:\Users\Álen\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-08] (Facebook Inc.)
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2669598487-1635423111-3051878047-1001Core.job => C:\Users\Álen\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2669598487-1635423111-3051878047-1001UA.job => C:\Users\Álen\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Users\Álen\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Álen\AppData\Local\Temp\res.dll
end
> Execute FRST/FRST64 >> Clique "Fix" << Aguarde!
> Na mensagem,clique Executar.
> Poste o relatório! (Fixlog.txt)
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos irreparáveis aos mesmos! >
A+
joram- Administrador
- Mensagens : 4164
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Re: Como remover sweet page do meu note???
Infelizmente não estou conseguindo salvar pelo bloco de notas, quando clico pra salvar ele diz que o bloco de notas parou de funcionar e só aparece a opção pra fechar o bloco, tem como salvar em outro programa??
Alen Silveira- Iniciante
- Mensagens : 8
Reputação : 0
Data de inscrição : 11/02/2015
Idade : 36
Localização : Santiago - RS
Re: Como remover sweet page do meu note???
/!\ Olá! Alen Silveira /!\Alen Silveira escreveu:Infelizmente não estou conseguindo salvar pelo bloco de notas, quando clico pra salvar ele diz que o bloco de notas parou de funcionar e só aparece a opção pra fechar o bloco, tem como salvar em outro programa??
< [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> Baixe-o daqui e salve-o ao desktop!
> Clique direito e escolha: Salvar link como ...
> Renomeie seu nome para fixlist.
A+
Última edição por joram em Sex 13 Fev 2015, 02:14, editado 1 vez(es)
_________________
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> O que há de melhor,para desinfectar seu computador!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Não deixem de conhecer!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Tradição em informática!
joram- Administrador
- Mensagens : 4164
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Re: Como remover sweet page do meu note???
Problema resolvido com o bloco de notas, ai está o fixlog.
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-02-2015 02
Ran by Álen at 2015-02-13 01:58:36 Run:2
Running from C:\Users\Álen\Desktop
Loaded Profiles: Álen (Available profiles: Álen)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
CloseProcesses:
emptytemp:
(PSafe) C:\Program Files (x86)\PSafe\PSafeCategoryFinder.exe
(PSafe S/A) C:\Program Files (x86)\PSafe\PSafesvc.exe
(PSafe) C:\Program Files (x86)\PSafe\PSafeWD.exe
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\Run: [Facebook Update] => C:\Users\Álen\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-12-08] (Facebook Inc.)
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {04f6e12e-7b41-11e3-8251-80ee734e5c74} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {324cdbcd-b09c-11e3-bf03-fa3de3151bc7} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {3afe2e28-a16a-11e4-bf32-80ee734e5c74} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {3f674688-2197-11e4-bf1e-80ee734e5c74} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {7120f91b-a319-11e4-bf32-d5cc2c9e18c7} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {7120f963-a319-11e4-bf32-d5cc2c9e18c7} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {97666567-2267-11e4-bf21-80ee734e5c74} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {b432fe66-219b-11e4-bf1f-80ee734e5c74} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {b8796485-2264-11e4-bf20-80ee734e5c74} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {b87964ae-2264-11e4-bf20-80ee734e5c74} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {f689405f-00e7-11e3-bec4-dc62cd32a13b} - "E:\AutoRun.exe"
ShellIconOverlayIdentifiers: [1PSafeOverlaySync] -> {A48EC0D3-3DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.2.1211.23401\PSafeShellExtensionx64.dll (PSafe S/A)
ShellIconOverlayIdentifiers: [2PSafeOverlayOk] -> {A48EC0D3-4DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.2.1211.23401\PSafeShellExtensionx64.dll (PSafe S/A)
ShellIconOverlayIdentifiers: [3PSafeOverlayOut] -> {A48EC0D3-5DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.2.1211.23401\PSafeShellExtensionx64.dll (PSafe S/A)
ShellIconOverlayIdentifiers-x32: [1PSafeOverlaySync] -> {A48EC0D3-3DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.2.1211.23401\PSafeShellExtensionx86.dll (PSafe S/A)
ShellIconOverlayIdentifiers-x32: [2PSafeOverlayOk] -> {A48EC0D3-4DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.2.1211.23401\PSafeShellExtensionx86.dll (PSafe S/A)
ShellIconOverlayIdentifiers-x32: [3PSafeOverlayOut] -> {A48EC0D3-5DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.2.1211.23401\PSafeShellExtensionx86.dll (PSafe S/A)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {08BE9BB0-03A3-4E39-8677-17827D135B4F} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {8B6506F1-ED42-4336-9827-F722319635A7} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {E7AE647A-7B7A-4988-8589-2DAEF3A11D11} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\sweet-page.xml
CHR StartupUrls: Default -> "hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal", "hxxp://www.sweet-page.com/?type=hp&ts=1397878392&from=cor&uid=ST500LM012XHN-M500MBB_S2SKJ5EC704434", "hxxp://rts.dsrlte.com/?affID=pr_345bbc2b-6a04-42c4-ba95-56a8d17d5bd7", "hxxp://br.search.yahoo.com/?fr=hp-ddc-bd&type=76_pr__alt__ddc_dsssyc_bd_com"
R2 PSafeLockBoxSvc; C:\Program Files (x86)\PSafe\PSafeCategoryFinder.exe [1211144 2012-11-23] (PSafe)
R2 PSafeSVC; C:\Program Files (x86)\PSafe\PSafesvc.exe [1544968 2012-11-23] (PSafe S/A)
R2 PSafeWD; C:\Program Files (x86)\PSafe\PSafeWD.exe [248072 2012-11-23] (PSafe)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [464384 2015-01-22] (SysTool PasSame LIMITED) [File not signed]
R1 {00aec75d-051f-41a9-9837-e94ac4f56303}w64; C:\Windows\System32\drivers\{00aec75d-051f-41a9-9837-e94ac4f56303}w64.sys [48784 2014-10-15] (StdLib)
R1 {51b9c91c-8e38-40ae-80de-58a590512b6b}w64; C:\Windows\System32\drivers\{51b9c91c-8e38-40ae-80de-58a590512b6b}w64.sys [48784 2014-11-18] (StdLib)
R1 {6b89253f-7097-40c7-9ead-2d5b1ceb02e2}w64; C:\Windows\System32\drivers\{6b89253f-7097-40c7-9ead-2d5b1ceb02e2}w64.sys [48776 2015-02-10] (StdLib)
R1 {94d62e35-4b43-494c-bf52-ba5935df36ef}w64; C:\Windows\System32\drivers\{94d62e35-4b43-494c-bf52-ba5935df36ef}w64.sys [48784 2015-01-04] (StdLib)
R1 {bb7b7a60-f574-47c2-8a0b-4c56f2da9802}w64; C:\Windows\System32\drivers\{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}w64.sys [48784 2014-09-28] (StdLib)
R1 {fc7329ef-e953-454c-8e78-ed2cf0acb2ef}w64; C:\Windows\System32\drivers\{fc7329ef-e953-454c-8e78-ed2cf0acb2ef}w64.sys [48832 2014-10-31] (StdLib)
2015-02-11 01:05 - 2015-02-11 01:14 - 00011931 _____ () C:\Users\Álen\Downloads\hijackthis.log
2015-02-11 01:04 - 2015-02-11 01:04 - 00388608 _____ (Trend Micro Inc.) C:\Users\Álen\Downloads\HijackThis.exe
2015-01-22 17:12 - 2015-01-22 17:12 - 00000000 ____D () C:\Users\Todos os Usuários\WindowsMangerProtect
2015-01-22 17:12 - 2015-01-22 17:12 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-01-15 21:32 - 2015-02-11 00:31 - 00020838 _____ () C:\WINDOWS\setupact.log
2015-01-15 21:32 - 2015-01-15 21:32 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-02-11 00:41 - 2014-04-19 01:33 - 00000000 ____D () C:\Users\Álen\AppData\Roaming\sweet-page
2015-02-11 00:30 - 2015-01-04 23:14 - 00010348 _____ () C:\WINDOWS\PFRO.log
Task: {E7AF28A9-0FD3-414C-904E-2127734FC6B1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2669598487-1635423111-3051878047-1001UA => C:\Users\Álen\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-08] (Facebook Inc.)
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2669598487-1635423111-3051878047-1001Core.job => C:\Users\Álen\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2669598487-1635423111-3051878047-1001UA.job => C:\Users\Álen\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Users\Álen\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Álen\AppData\Local\Temp\res.dll
end
*****************
Processes closed successfully.
C:\Program Files (x86)\PSafe\PSafeCategoryFinder.exe => No running process found
C:\Program Files (x86)\PSafe\PSafesvc.exe => No running process found
C:\Program Files (x86)\PSafe\PSafeWD.exe => No running process found
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => Value not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{04f6e12e-7b41-11e3-8251-80ee734e5c74} => Key not found.
HKCR\CLSID\{04f6e12e-7b41-11e3-8251-80ee734e5c74} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{324cdbcd-b09c-11e3-bf03-fa3de3151bc7} => Key not found.
HKCR\CLSID\{324cdbcd-b09c-11e3-bf03-fa3de3151bc7} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3afe2e28-a16a-11e4-bf32-80ee734e5c74} => Key not found.
HKCR\CLSID\{3afe2e28-a16a-11e4-bf32-80ee734e5c74} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3f674688-2197-11e4-bf1e-80ee734e5c74} => Key not found.
HKCR\CLSID\{3f674688-2197-11e4-bf1e-80ee734e5c74} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7120f91b-a319-11e4-bf32-d5cc2c9e18c7} => Key not found.
HKCR\CLSID\{7120f91b-a319-11e4-bf32-d5cc2c9e18c7} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7120f963-a319-11e4-bf32-d5cc2c9e18c7} => Key not found.
HKCR\CLSID\{7120f963-a319-11e4-bf32-d5cc2c9e18c7} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{97666567-2267-11e4-bf21-80ee734e5c74} => Key not found.
HKCR\CLSID\{97666567-2267-11e4-bf21-80ee734e5c74} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b432fe66-219b-11e4-bf1f-80ee734e5c74} => Key not found.
HKCR\CLSID\{b432fe66-219b-11e4-bf1f-80ee734e5c74} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b8796485-2264-11e4-bf20-80ee734e5c74} => Key not found.
HKCR\CLSID\{b8796485-2264-11e4-bf20-80ee734e5c74} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b87964ae-2264-11e4-bf20-80ee734e5c74} => Key not found.
HKCR\CLSID\{b87964ae-2264-11e4-bf20-80ee734e5c74} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f689405f-00e7-11e3-bec4-dc62cd32a13b} => Key not found.
HKCR\CLSID\{f689405f-00e7-11e3-bec4-dc62cd32a13b} => Key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\1PSafeOverlaySync => Key not found.
HKCR\CLSID\{A48EC0D3-3DDF-4A75-B35E-B1AFBC6E40F7} => Key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\2PSafeOverlayOk => Key not found.
HKCR\CLSID\{A48EC0D3-4DDF-4A75-B35E-B1AFBC6E40F7} => Key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\3PSafeOverlayOut => Key not found.
HKCR\CLSID\{A48EC0D3-5DDF-4A75-B35E-B1AFBC6E40F7} => Key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\1PSafeOverlaySync => Key not found.
HKCR\Wow6432Node\CLSID\{A48EC0D3-3DDF-4A75-B35E-B1AFBC6E40F7} => Key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\2PSafeOverlayOk => Key not found.
HKCR\Wow6432Node\CLSID\{A48EC0D3-4DDF-4A75-B35E-B1AFBC6E40F7} => Key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\3PSafeOverlayOut => Key not found.
HKCR\Wow6432Node\CLSID\{A48EC0D3-5DDF-4A75-B35E-B1AFBC6E40F7} => Key not found.
"C:\WINDOWS\system32\GroupPolicy\Machine" => File/Directory not found.
HKLM\SOFTWARE\Policies\Google => Key not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{08BE9BB0-03A3-4E39-8677-17827D135B4F} => Key not found.
HKCR\CLSID\{08BE9BB0-03A3-4E39-8677-17827D135B4F} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} => Key not found.
HKCR\CLSID\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8B6506F1-ED42-4336-9827-F722319635A7} => Key not found.
HKCR\CLSID\{8B6506F1-ED42-4336-9827-F722319635A7} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C} => Key not found.
HKCR\CLSID\{E733165D-CBCF-4FDA-883E-ADEF965B476C} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E7AE647A-7B7A-4988-8589-2DAEF3A11D11} => Key not found.
HKCR\CLSID\{E7AE647A-7B7A-4988-8589-2DAEF3A11D11} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => Key not found.
HKCR\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key not found.
HKCR\Wow6432Node\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} => Key not found.
HKCR\Wow6432Node\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Value not found.
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Key not found.
"C:\Program Files (x86)\mozilla firefox\searchplugins\sweet-page.xml" => not found.
Chrome StartupUrls deleted successfully.
PSafeLockBoxSvc => Service not found.
PSafeSVC => Service not found.
PSafeWD => Service not found.
WindowsMangerProtect => Service not found.
{00aec75d-051f-41a9-9837-e94ac4f56303}w64 => Service not found.
{51b9c91c-8e38-40ae-80de-58a590512b6b}w64 => Service not found.
{6b89253f-7097-40c7-9ead-2d5b1ceb02e2}w64 => Service not found.
{94d62e35-4b43-494c-bf52-ba5935df36ef}w64 => Service not found.
{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}w64 => Service not found.
{fc7329ef-e953-454c-8e78-ed2cf0acb2ef}w64 => Service not found.
"C:\Users\Álen\Downloads\hijackthis.log" => File/Directory not found.
"C:\Users\Álen\Downloads\HijackThis.exe" => File/Directory not found.
"C:\Users\Todos os Usuários\WindowsMangerProtect" => File/Directory not found.
"C:\ProgramData\WindowsMangerProtect" => File/Directory not found.
"C:\WINDOWS\setupact.log" => File/Directory not found.
"C:\WINDOWS\setuperr.log" => File/Directory not found.
"C:\Users\Álen\AppData\Roaming\sweet-page" => File/Directory not found.
"C:\WINDOWS\PFRO.log" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E7AF28A9-0FD3-414C-904E-2127734FC6B1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7AF28A9-0FD3-414C-904E-2127734FC6B1}" => Key deleted successfully.
C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2669598487-1635423111-3051878047-1001UA => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-2669598487-1635423111-3051878047-1001UA" => Key deleted successfully.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2669598487-1635423111-3051878047-1001Core.job => Moved successfully.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2669598487-1635423111-3051878047-1001UA.job => Moved successfully.
C:\Users\Álen\AppData\Local\Temp\jre-8u31-windows-au.exe => Moved successfully.
C:\Users\Álen\AppData\Local\Temp\res.dll => Moved successfully.
EmptyTemp: => Removed 734.8 MB temporary data.
The system needed a reboot.
==== End of Fixlog 01:59:33 ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-02-2015 02
Ran by Álen at 2015-02-13 01:58:36 Run:2
Running from C:\Users\Álen\Desktop
Loaded Profiles: Álen (Available profiles: Álen)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
CloseProcesses:
emptytemp:
(PSafe) C:\Program Files (x86)\PSafe\PSafeCategoryFinder.exe
(PSafe S/A) C:\Program Files (x86)\PSafe\PSafesvc.exe
(PSafe) C:\Program Files (x86)\PSafe\PSafeWD.exe
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\Run: [Facebook Update] => C:\Users\Álen\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-12-08] (Facebook Inc.)
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {04f6e12e-7b41-11e3-8251-80ee734e5c74} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {324cdbcd-b09c-11e3-bf03-fa3de3151bc7} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {3afe2e28-a16a-11e4-bf32-80ee734e5c74} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {3f674688-2197-11e4-bf1e-80ee734e5c74} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {7120f91b-a319-11e4-bf32-d5cc2c9e18c7} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {7120f963-a319-11e4-bf32-d5cc2c9e18c7} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {97666567-2267-11e4-bf21-80ee734e5c74} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {b432fe66-219b-11e4-bf1f-80ee734e5c74} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {b8796485-2264-11e4-bf20-80ee734e5c74} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {b87964ae-2264-11e4-bf20-80ee734e5c74} - "E:\AutoRun.exe"
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\...\MountPoints2: {f689405f-00e7-11e3-bec4-dc62cd32a13b} - "E:\AutoRun.exe"
ShellIconOverlayIdentifiers: [1PSafeOverlaySync] -> {A48EC0D3-3DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.2.1211.23401\PSafeShellExtensionx64.dll (PSafe S/A)
ShellIconOverlayIdentifiers: [2PSafeOverlayOk] -> {A48EC0D3-4DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.2.1211.23401\PSafeShellExtensionx64.dll (PSafe S/A)
ShellIconOverlayIdentifiers: [3PSafeOverlayOut] -> {A48EC0D3-5DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.2.1211.23401\PSafeShellExtensionx64.dll (PSafe S/A)
ShellIconOverlayIdentifiers-x32: [1PSafeOverlaySync] -> {A48EC0D3-3DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.2.1211.23401\PSafeShellExtensionx86.dll (PSafe S/A)
ShellIconOverlayIdentifiers-x32: [2PSafeOverlayOk] -> {A48EC0D3-4DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.2.1211.23401\PSafeShellExtensionx86.dll (PSafe S/A)
ShellIconOverlayIdentifiers-x32: [3PSafeOverlayOut] -> {A48EC0D3-5DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.2.1211.23401\PSafeShellExtensionx86.dll (PSafe S/A)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {08BE9BB0-03A3-4E39-8677-17827D135B4F} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {8B6506F1-ED42-4336-9827-F722319635A7} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {E7AE647A-7B7A-4988-8589-2DAEF3A11D11} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2669598487-1635423111-3051878047-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\sweet-page.xml
CHR StartupUrls: Default -> "hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal", "hxxp://www.sweet-page.com/?type=hp&ts=1397878392&from=cor&uid=ST500LM012XHN-M500MBB_S2SKJ5EC704434", "hxxp://rts.dsrlte.com/?affID=pr_345bbc2b-6a04-42c4-ba95-56a8d17d5bd7", "hxxp://br.search.yahoo.com/?fr=hp-ddc-bd&type=76_pr__alt__ddc_dsssyc_bd_com"
R2 PSafeLockBoxSvc; C:\Program Files (x86)\PSafe\PSafeCategoryFinder.exe [1211144 2012-11-23] (PSafe)
R2 PSafeSVC; C:\Program Files (x86)\PSafe\PSafesvc.exe [1544968 2012-11-23] (PSafe S/A)
R2 PSafeWD; C:\Program Files (x86)\PSafe\PSafeWD.exe [248072 2012-11-23] (PSafe)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [464384 2015-01-22] (SysTool PasSame LIMITED) [File not signed]
R1 {00aec75d-051f-41a9-9837-e94ac4f56303}w64; C:\Windows\System32\drivers\{00aec75d-051f-41a9-9837-e94ac4f56303}w64.sys [48784 2014-10-15] (StdLib)
R1 {51b9c91c-8e38-40ae-80de-58a590512b6b}w64; C:\Windows\System32\drivers\{51b9c91c-8e38-40ae-80de-58a590512b6b}w64.sys [48784 2014-11-18] (StdLib)
R1 {6b89253f-7097-40c7-9ead-2d5b1ceb02e2}w64; C:\Windows\System32\drivers\{6b89253f-7097-40c7-9ead-2d5b1ceb02e2}w64.sys [48776 2015-02-10] (StdLib)
R1 {94d62e35-4b43-494c-bf52-ba5935df36ef}w64; C:\Windows\System32\drivers\{94d62e35-4b43-494c-bf52-ba5935df36ef}w64.sys [48784 2015-01-04] (StdLib)
R1 {bb7b7a60-f574-47c2-8a0b-4c56f2da9802}w64; C:\Windows\System32\drivers\{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}w64.sys [48784 2014-09-28] (StdLib)
R1 {fc7329ef-e953-454c-8e78-ed2cf0acb2ef}w64; C:\Windows\System32\drivers\{fc7329ef-e953-454c-8e78-ed2cf0acb2ef}w64.sys [48832 2014-10-31] (StdLib)
2015-02-11 01:05 - 2015-02-11 01:14 - 00011931 _____ () C:\Users\Álen\Downloads\hijackthis.log
2015-02-11 01:04 - 2015-02-11 01:04 - 00388608 _____ (Trend Micro Inc.) C:\Users\Álen\Downloads\HijackThis.exe
2015-01-22 17:12 - 2015-01-22 17:12 - 00000000 ____D () C:\Users\Todos os Usuários\WindowsMangerProtect
2015-01-22 17:12 - 2015-01-22 17:12 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-01-15 21:32 - 2015-02-11 00:31 - 00020838 _____ () C:\WINDOWS\setupact.log
2015-01-15 21:32 - 2015-01-15 21:32 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-02-11 00:41 - 2014-04-19 01:33 - 00000000 ____D () C:\Users\Álen\AppData\Roaming\sweet-page
2015-02-11 00:30 - 2015-01-04 23:14 - 00010348 _____ () C:\WINDOWS\PFRO.log
Task: {E7AF28A9-0FD3-414C-904E-2127734FC6B1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2669598487-1635423111-3051878047-1001UA => C:\Users\Álen\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-08] (Facebook Inc.)
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2669598487-1635423111-3051878047-1001Core.job => C:\Users\Álen\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2669598487-1635423111-3051878047-1001UA.job => C:\Users\Álen\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Users\Álen\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Álen\AppData\Local\Temp\res.dll
end
*****************
Processes closed successfully.
C:\Program Files (x86)\PSafe\PSafeCategoryFinder.exe => No running process found
C:\Program Files (x86)\PSafe\PSafesvc.exe => No running process found
C:\Program Files (x86)\PSafe\PSafeWD.exe => No running process found
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => Value not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{04f6e12e-7b41-11e3-8251-80ee734e5c74} => Key not found.
HKCR\CLSID\{04f6e12e-7b41-11e3-8251-80ee734e5c74} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{324cdbcd-b09c-11e3-bf03-fa3de3151bc7} => Key not found.
HKCR\CLSID\{324cdbcd-b09c-11e3-bf03-fa3de3151bc7} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3afe2e28-a16a-11e4-bf32-80ee734e5c74} => Key not found.
HKCR\CLSID\{3afe2e28-a16a-11e4-bf32-80ee734e5c74} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3f674688-2197-11e4-bf1e-80ee734e5c74} => Key not found.
HKCR\CLSID\{3f674688-2197-11e4-bf1e-80ee734e5c74} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7120f91b-a319-11e4-bf32-d5cc2c9e18c7} => Key not found.
HKCR\CLSID\{7120f91b-a319-11e4-bf32-d5cc2c9e18c7} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7120f963-a319-11e4-bf32-d5cc2c9e18c7} => Key not found.
HKCR\CLSID\{7120f963-a319-11e4-bf32-d5cc2c9e18c7} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{97666567-2267-11e4-bf21-80ee734e5c74} => Key not found.
HKCR\CLSID\{97666567-2267-11e4-bf21-80ee734e5c74} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b432fe66-219b-11e4-bf1f-80ee734e5c74} => Key not found.
HKCR\CLSID\{b432fe66-219b-11e4-bf1f-80ee734e5c74} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b8796485-2264-11e4-bf20-80ee734e5c74} => Key not found.
HKCR\CLSID\{b8796485-2264-11e4-bf20-80ee734e5c74} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b87964ae-2264-11e4-bf20-80ee734e5c74} => Key not found.
HKCR\CLSID\{b87964ae-2264-11e4-bf20-80ee734e5c74} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f689405f-00e7-11e3-bec4-dc62cd32a13b} => Key not found.
HKCR\CLSID\{f689405f-00e7-11e3-bec4-dc62cd32a13b} => Key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\1PSafeOverlaySync => Key not found.
HKCR\CLSID\{A48EC0D3-3DDF-4A75-B35E-B1AFBC6E40F7} => Key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\2PSafeOverlayOk => Key not found.
HKCR\CLSID\{A48EC0D3-4DDF-4A75-B35E-B1AFBC6E40F7} => Key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\3PSafeOverlayOut => Key not found.
HKCR\CLSID\{A48EC0D3-5DDF-4A75-B35E-B1AFBC6E40F7} => Key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\1PSafeOverlaySync => Key not found.
HKCR\Wow6432Node\CLSID\{A48EC0D3-3DDF-4A75-B35E-B1AFBC6E40F7} => Key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\2PSafeOverlayOk => Key not found.
HKCR\Wow6432Node\CLSID\{A48EC0D3-4DDF-4A75-B35E-B1AFBC6E40F7} => Key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\3PSafeOverlayOut => Key not found.
HKCR\Wow6432Node\CLSID\{A48EC0D3-5DDF-4A75-B35E-B1AFBC6E40F7} => Key not found.
"C:\WINDOWS\system32\GroupPolicy\Machine" => File/Directory not found.
HKLM\SOFTWARE\Policies\Google => Key not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{08BE9BB0-03A3-4E39-8677-17827D135B4F} => Key not found.
HKCR\CLSID\{08BE9BB0-03A3-4E39-8677-17827D135B4F} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} => Key not found.
HKCR\CLSID\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8B6506F1-ED42-4336-9827-F722319635A7} => Key not found.
HKCR\CLSID\{8B6506F1-ED42-4336-9827-F722319635A7} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C} => Key not found.
HKCR\CLSID\{E733165D-CBCF-4FDA-883E-ADEF965B476C} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E7AE647A-7B7A-4988-8589-2DAEF3A11D11} => Key not found.
HKCR\CLSID\{E7AE647A-7B7A-4988-8589-2DAEF3A11D11} => Key not found.
HKU\S-1-5-21-2669598487-1635423111-3051878047-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => Key not found.
HKCR\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key not found.
HKCR\Wow6432Node\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} => Key not found.
HKCR\Wow6432Node\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Value not found.
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Key not found.
"C:\Program Files (x86)\mozilla firefox\searchplugins\sweet-page.xml" => not found.
Chrome StartupUrls deleted successfully.
PSafeLockBoxSvc => Service not found.
PSafeSVC => Service not found.
PSafeWD => Service not found.
WindowsMangerProtect => Service not found.
{00aec75d-051f-41a9-9837-e94ac4f56303}w64 => Service not found.
{51b9c91c-8e38-40ae-80de-58a590512b6b}w64 => Service not found.
{6b89253f-7097-40c7-9ead-2d5b1ceb02e2}w64 => Service not found.
{94d62e35-4b43-494c-bf52-ba5935df36ef}w64 => Service not found.
{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}w64 => Service not found.
{fc7329ef-e953-454c-8e78-ed2cf0acb2ef}w64 => Service not found.
"C:\Users\Álen\Downloads\hijackthis.log" => File/Directory not found.
"C:\Users\Álen\Downloads\HijackThis.exe" => File/Directory not found.
"C:\Users\Todos os Usuários\WindowsMangerProtect" => File/Directory not found.
"C:\ProgramData\WindowsMangerProtect" => File/Directory not found.
"C:\WINDOWS\setupact.log" => File/Directory not found.
"C:\WINDOWS\setuperr.log" => File/Directory not found.
"C:\Users\Álen\AppData\Roaming\sweet-page" => File/Directory not found.
"C:\WINDOWS\PFRO.log" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E7AF28A9-0FD3-414C-904E-2127734FC6B1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7AF28A9-0FD3-414C-904E-2127734FC6B1}" => Key deleted successfully.
C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2669598487-1635423111-3051878047-1001UA => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-2669598487-1635423111-3051878047-1001UA" => Key deleted successfully.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2669598487-1635423111-3051878047-1001Core.job => Moved successfully.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2669598487-1635423111-3051878047-1001UA.job => Moved successfully.
C:\Users\Álen\AppData\Local\Temp\jre-8u31-windows-au.exe => Moved successfully.
C:\Users\Álen\AppData\Local\Temp\res.dll => Moved successfully.
EmptyTemp: => Removed 734.8 MB temporary data.
The system needed a reboot.
==== End of Fixlog 01:59:33 ====
Alen Silveira- Iniciante
- Mensagens : 8
Reputação : 0
Data de inscrição : 11/02/2015
Idade : 36
Localização : Santiago - RS
Re: Como remover sweet page do meu note???
/!\ Olá! Alen Silveira /!\
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... par Xplode )
>
> Ou daqui: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> Ao acessar,clique em "Download Now".
>
> Salve-o no desktop!
< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >
> Clique direito em adwcleaner.exe,e escolha sua execução como administrador.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Ps: Dê início ao scan,clicando em "Examinar".
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Ao concluir,clique "Limpar" >> Ok >> Ok >> Ok.
> Copie o log ou clique "Relatório".
> Poste: < C:\AdwCleaner\AdwCleaner[S0].txt >
A+
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... par Xplode )
>
> Ou daqui: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> Ao acessar,clique em "Download Now".
>
> Salve-o no desktop!
< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >
> Clique direito em adwcleaner.exe,e escolha sua execução como administrador.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Ps: Dê início ao scan,clicando em "Examinar".
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Ao concluir,clique "Limpar" >> Ok >> Ok >> Ok.
> Copie o log ou clique "Relatório".
> Poste: < C:\AdwCleaner\AdwCleaner[S0].txt >
A+
joram- Administrador
- Mensagens : 4164
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Re: Como remover sweet page do meu note???
# AdwCleaner v4.110 - Logfile created 13/02/2015 at 02:45:27
# Updated 05/02/2015 by Xplode
# Database : 2015-02-12.1 [Server]
# Operating system : Windows 8.1 Single Language (x64)
# Username : Álen - ALEN
# Running from : C:\Users\Álen\Desktop\adwcleaner_4.110.exe
# Option : Cleaning
***** [ Services ] *****
Service Deleted : IHProtect Service
[#] Service Deleted : ccnfd_1_10_0_6
Service Deleted : ccsvc_1.10.0.6
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\baidu
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\IHProtectUpDate
Folder Deleted : C:\Program Files (x86)\XTab
Folder Deleted : C:\Program Files (x86)\ClickCaption_1.10.0.6
Folder Deleted : C:\Users\Álen\AppData\Local\pay-by-ads
Folder Deleted : C:\Users\Álen\AppData\Roaming\baidu
Folder Deleted : C:\Users\Álen\AppData\Roaming\DigitalSites
Folder Deleted : C:\Users\Álen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pagmklehiaheilihklokljahmoihkjni
File Deleted : C:\WINDOWS\System32\drivers\ccnfd_1_10_0_6.sys
File Deleted : C:\Users\Álen\AppData\Roaming\Mozilla\Firefox\Profiles\ekzwek90.default\searchplugins\dsrlte.xml
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKCU\Software\Classes\keepmysearch
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\sweet-pageSoftware
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Baidu
Key Deleted : HKLM\SOFTWARE\IHProtect
Key Deleted : HKLM\SOFTWARE\ClickCaption_1.10.0.6
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sweet-page uninstall
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ClickCaption_1.10.0.6
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v18.0 (pt-BR)
-\\ Google Chrome v40.0.2214.111
-\\ Chromium v
*************************
AdwCleaner[R0].txt - [3590 bytes] - [13/02/2015 02:40:56]
AdwCleaner[S0].txt - [3494 bytes] - [13/02/2015 02:45:27]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3553 bytes] ##########
# Updated 05/02/2015 by Xplode
# Database : 2015-02-12.1 [Server]
# Operating system : Windows 8.1 Single Language (x64)
# Username : Álen - ALEN
# Running from : C:\Users\Álen\Desktop\adwcleaner_4.110.exe
# Option : Cleaning
***** [ Services ] *****
Service Deleted : IHProtect Service
[#] Service Deleted : ccnfd_1_10_0_6
Service Deleted : ccsvc_1.10.0.6
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\baidu
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\IHProtectUpDate
Folder Deleted : C:\Program Files (x86)\XTab
Folder Deleted : C:\Program Files (x86)\ClickCaption_1.10.0.6
Folder Deleted : C:\Users\Álen\AppData\Local\pay-by-ads
Folder Deleted : C:\Users\Álen\AppData\Roaming\baidu
Folder Deleted : C:\Users\Álen\AppData\Roaming\DigitalSites
Folder Deleted : C:\Users\Álen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pagmklehiaheilihklokljahmoihkjni
File Deleted : C:\WINDOWS\System32\drivers\ccnfd_1_10_0_6.sys
File Deleted : C:\Users\Álen\AppData\Roaming\Mozilla\Firefox\Profiles\ekzwek90.default\searchplugins\dsrlte.xml
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKCU\Software\Classes\keepmysearch
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\sweet-pageSoftware
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Baidu
Key Deleted : HKLM\SOFTWARE\IHProtect
Key Deleted : HKLM\SOFTWARE\ClickCaption_1.10.0.6
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sweet-page uninstall
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ClickCaption_1.10.0.6
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v18.0 (pt-BR)
-\\ Google Chrome v40.0.2214.111
-\\ Chromium v
*************************
AdwCleaner[R0].txt - [3590 bytes] - [13/02/2015 02:40:56]
AdwCleaner[S0].txt - [3494 bytes] - [13/02/2015 02:45:27]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3553 bytes] ##########
Alen Silveira- Iniciante
- Mensagens : 8
Reputação : 0
Data de inscrição : 11/02/2015
Idade : 36
Localização : Santiago - RS
Re: Como remover sweet page do meu note???
/!\ Bom Dia! Alen Silveira /!\
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
> Abra a ferramenta AdwCleaner e clique em "Desinstalar".
> Confirme a solicitação!
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Oleg N. Scherbakov )
> Salve-o no desktop!
> Desabilite seu antivírus!
> Para Windows 7,clique direito em JRT.exe e execute-o ...
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
> Aguarde a conclusão e poste o relatório. ( JRT.txt )
A+
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
> Abra a ferramenta AdwCleaner e clique em "Desinstalar".
> Confirme a solicitação!
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Oleg N. Scherbakov )
> Salve-o no desktop!
> Desabilite seu antivírus!
> Para Windows 7,clique direito em JRT.exe e execute-o ...
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
> Aguarde a conclusão e poste o relatório. ( JRT.txt )
A+
joram- Administrador
- Mensagens : 4164
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Re: Como remover sweet page do meu note???
adw cleaner desinstalado.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 8.1 Single Language x64
Ran by µlen on 13/02/2015 at 9:26:18,99
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\ProgramData\AlawarWrapper
Successfully deleted: [Folder] "C:\ProgramData\baidu security"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13/02/2015 at 9:35:36,34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 8.1 Single Language x64
Ran by µlen on 13/02/2015 at 9:26:18,99
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\ProgramData\AlawarWrapper
Successfully deleted: [Folder] "C:\ProgramData\baidu security"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13/02/2015 at 9:35:36,34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Alen Silveira- Iniciante
- Mensagens : 8
Reputação : 0
Data de inscrição : 11/02/2015
Idade : 36
Localização : Santiago - RS
Re: Como remover sweet page do meu note???
/!\ Bom Dia! Alen Silveira /!\
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Smeenk )
< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> Salve-o ao desktop!
> Desabilite seu antivírus!
> Para Windows 7,execute Zoek.exe como administrador.
emptyfolderscheck;delete
ipconfig /flushdns;b
chromelook;
emptyclsid;
emptytemp;
quickscan;
autoclean;
> Copie e cole estas informações,que estão em vermelho,no campo da ferramenta.
> Clique "Run Script".
> Ps: Essas informações,podem permanecer estáticas na tela por 20 minutos ou mais.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Confirme o reboot!
> Poste o relatório,que estará em C:\zoek-results.txt <<
A+
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Smeenk )
< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> Salve-o ao desktop!
> Desabilite seu antivírus!
> Para Windows 7,execute Zoek.exe como administrador.
emptyfolderscheck;delete
ipconfig /flushdns;b
chromelook;
emptyclsid;
emptytemp;
quickscan;
autoclean;
> Copie e cole estas informações,que estão em vermelho,no campo da ferramenta.
> Clique "Run Script".
> Surgirão informações,pedindo-lhe que aguarde o surgimento do relatório.Zoek.exe is running now.
Do not start any browser windows, they will be closed automatically.
Please wait! This window will close when finished.
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
> Ps: Essas informações,podem permanecer estáticas na tela por 20 minutos ou mais.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Confirme o reboot!
> Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.zoek.hta failed by unknown error.
Restart computer, and try again.
> Poste o relatório,que estará em C:\zoek-results.txt <<
A+
joram- Administrador
- Mensagens : 4164
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Alen Silveira- Iniciante
- Mensagens : 8
Reputação : 0
Data de inscrição : 11/02/2015
Idade : 36
Localização : Santiago - RS
Re: Como remover sweet page do meu note???
/!\ Bom Dia! Alen Silveira /!\
> A sweet page,ainda,lhe incomoda?
> Caso não haja mais problemas,remova as ferramentas que foram utilizadas na desinfecção!
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... de Xplode )
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Estando na página,clique em Download Now.
> Salve-a em um local conveniente! ( desktop! )
> Feche aplicativos que estejam abertos.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Remover ferramentas de desinfecção
> Criar backup do registro
> Limpar pontos da restauração do sistema
> Com estas caixinhas marcadas,clique Executar!
> Reinicie o computador ao concluir!
> Tudo Ok?
A+
> A sweet page,ainda,lhe incomoda?
> Caso não haja mais problemas,remova as ferramentas que foram utilizadas na desinfecção!
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... de Xplode )
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Estando na página,clique em Download Now.
> Salve-a em um local conveniente! ( desktop! )
> Feche aplicativos que estejam abertos.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Remover ferramentas de desinfecção
> Criar backup do registro
> Limpar pontos da restauração do sistema
> Com estas caixinhas marcadas,clique Executar!
> Reinicie o computador ao concluir!
> Tudo Ok?
A+
joram- Administrador
- Mensagens : 4164
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Re: Como remover sweet page do meu note???
O sweet page sumiu dos programas e o chrome parece que está mais rapido novamente. Ferramentas excluidas.
Muito obrigado pela ajuda. Resolveu o problema rápido, excelente a página.
Muito obrigado pela ajuda. Resolveu o problema rápido, excelente a página.
Alen Silveira- Iniciante
- Mensagens : 8
Reputação : 0
Data de inscrição : 11/02/2015
Idade : 36
Localização : Santiago - RS
Re: Como remover sweet page do meu note???
Caso Resolvido
Necessitando nova verificação para este computador,basta abrir "Novo Tópico" e relatar o problema.
Necessitando nova verificação para este computador,basta abrir "Novo Tópico" e relatar o problema.
_________________
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> O que há de melhor,para desinfectar seu computador!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Não deixem de conhecer!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Tradição em informática!
joram- Administrador
- Mensagens : 4164
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Tópicos semelhantes
» Como posso remover o sweet page do meu PC.
» (RESOLVIDO) COMO REMOVER A SWEET PAGE DO NAVEGADOR INTERNET EXPLORER 10 DO WINDOWS 8
» REMOVER Sweet-page de sites
» Remover Malware SWEET-PAGE
» Como desistalar urgente o sweet-page
» (RESOLVIDO) COMO REMOVER A SWEET PAGE DO NAVEGADOR INTERNET EXPLORER 10 DO WINDOWS 8
» REMOVER Sweet-page de sites
» Remover Malware SWEET-PAGE
» Como desistalar urgente o sweet-page
Página 1 de 1
Permissões neste sub-fórum
Não podes responder a tópicos