Este fórum foi descontinuado. LEIA AQUI e participe da Comunidade BABOO :)

Ir para conteúdo
turca

Pc trava totalmente quando abre mozila firefox

Mensagem Recomendada

Pc trava totalmente quando abre Mozila Firefox

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:08:21, on 12/04/2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\NOT\Desktop\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_71\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Program Files\GbPlugin\gbiehabn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_71\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [SH_AutoBackup] C:\SHARMAQ\SHOficina\SHRecovery.exe /BACKUP
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://www.bancoreal.com.br
O15 - Trusted Zone: http://www.bancosantander.com.br
O15 - Trusted Zone: wwws.realsecureweb.com.br
O15 - Trusted Zone: www.santander.com.br
O15 - Trusted Zone: http://www.santander.com.br
O15 - Trusted Zone: www.santanderempresarial.com.br
O15 - Trusted Zone: http://www.santanderempresarial.com.br
O15 - Trusted Zone: www.santandernet.com.br
O15 - Trusted Zone: wwws.santandernet.com.br
O15 - Trusted Zone: wwws2.santandernet.com.br
O15 - Trusted Zone: www.santandernetibe.com.br
O15 - Trusted Zone: www.secureweb.com.br
O20 - Winlogon Notify:  GbPluginAbn - C:\Program Files\GbPlugin\gbiehAbn.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast antivírus (avast! antivírus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Motorola Device Manager Service (Motorola Device Manager) - Motorola Mobility LLC - C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PST Service - Motorola - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe

--
End of file - 7511 bytes
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Baixe o Novo Malwarebytes'Anti-Malware (MBAM)

Salve ou imprima estas instruções:

Dê um duplo-clique no mbam-setup.exe, escolha a linguagem. Antes de concluir a instalação, desmarque a opção “Ativar trial gratuito do Malwarebytes Anti-Malware PRO”

Verifique se as caixas Atualizar Malwarebytes Anti-Malware e Executar Malwarebytes Anti-Malware estão marcadas e clique então, em Concluir. Se houver Atualizações a serem feitas, serão baixadas e instaladas.
 
Clique em Settings e no campo Language mude para Portuguese (Brasil). Ainda na tela de Configurações clique em Detecção e proteção, marque "Verificar por Rootkits". Em "Detecções PUP" (programas potencialmente indesejados):, selecione "Tratar detecções como Malware".

Clique em Verificar e em seguida Verificar ameaça, clique em Verificar Agora. Começará então o exame. Aguarde, pois pode demorar........Ao acabar o exame, se houver itens encontrados, clique no botão "Mover todos para a Quarentena"...Clique em Aplicar Ações

O Log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Histórico -> Logs de aplicativos > Log de Verificação , na janela principal do Programa. Utilize o formato .txt para exportar o Log. Poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo)

Selecione, copie e cole o conteúdo do Log do MBAM na sua próxima resposta + um novo Log do HijackThis .

NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar.


assinatura-mrmillion.png65301516_windows-insider-mvp-logo(Custom).png.36263cb7b506cc6935fb37f39e504cec.png

Compartilhar este post


Link para o post
Compartilhar em outros sites

Malwarebytes Anti-Malware
www.malwarebytes.org

Data da verificação: 12/04/2016
Hora da verificação: 16:00
Arquivo de registro: MBAM.txt
Administrador: Sim

Versão: 2.2.1.1043
Banco de dados de malware: v2016.04.12.07
Banco de dados de rootkit: v2016.04.09.01
Licença: Gratuita
Proteção contra malware: Desabilitado
Proteção contra website malicioso: Desabilitado
Autoproteção: Desabilitado

Sistema operacional: Windows 7 Service Pack 1
CPU: x86
Sistema de arquivos: NTFS
Usuário: NOT

Tipo de verificação: Verificação da ameaça
Resultado: Concluído
Objetos verificados: 341062
Tempo decorrido: 40 min, 34 seg

Memória: Habilitado
Inicialização: Habilitado
Sistema de arquivos: Habilitado
Arquivos compactados: Habilitado
Rootkits: Habilitado
Heurística: Habilitado
PUP: Habilitado
PUM: Habilitado

Processos: 0
(Nenhum item malicioso detectado)

Módulos: 0
(Nenhum item malicioso detectado)

Chaves de registro: 0
(Nenhum item malicioso detectado)

Valores de registro: 0
(Nenhum item malicioso detectado)

Dados de registro: 0
(Nenhum item malicioso detectado)

Pastas: 0
(Nenhum item malicioso detectado)

Arquivos: 0
(Nenhum item malicioso detectado)

Setores físicos: 0
(Nenhum item malicioso detectado)


(end)

 

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:46:47, on 12/04/2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\SHARMAQ\SHOficina\shoficina3.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\NOT\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_71\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Program Files\GbPlugin\gbiehabn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_71\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [SH_AutoBackup] C:\SHARMAQ\SHOficina\SHRecovery.exe /BACKUP
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://www.bancoreal.com.br
O15 - Trusted Zone: http://www.bancosantander.com.br
O15 - Trusted Zone: wwws.realsecureweb.com.br
O15 - Trusted Zone: www.santander.com.br
O15 - Trusted Zone: http://www.santander.com.br
O15 - Trusted Zone: www.santanderempresarial.com.br
O15 - Trusted Zone: http://www.santanderempresarial.com.br
O15 - Trusted Zone: www.santandernet.com.br
O15 - Trusted Zone: wwws.santandernet.com.br
O15 - Trusted Zone: wwws2.santandernet.com.br
O15 - Trusted Zone: www.santandernetibe.com.br
O15 - Trusted Zone: www.secureweb.com.br
O20 - Winlogon Notify:  GbPluginAbn - C:\Program Files\GbPlugin\gbiehAbn.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast antivírus (avast! antivírus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Motorola Device Manager Service (Motorola Device Manager) - Motorola Mobility LLC - C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PST Service - Motorola - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe

--
End of file - 7625 bytes
 

 

Valeu

Compartilhar este post


Link para o post
Compartilhar em outros sites

Desabilite o seu Antivírus, AntiSpyware e Firewall para não haver conflitos. Mantenha-os desativados até terminar as instruções

Download AdwCleaner dlsymb.jpg  Salve-o no Desktop. (Área de Trabalho). Execute o adwcleaner.exe

OBS: Usuários do Windows Vista, 7, 8, 8.1 ou 10, clicar com o botão direito do mouse no arquivo e selecionar: run_as_adm1.png

AdwCleanerMobile_zps74904f3e.jpg

Clique [Scan e depois em Clean] Salve o Log criado.

Donload 1268r49.png Salve no seu Desktop (Área de trabalho).

Dê um duplo-clique para executar o Junkware Removal Tool (JRT)
* No Windows Vista, 7, 8, 8.1 ou 10 Clique com o botão direito do mouse sobre o JRT.exe e selecione run_as_adm1.png
A Ferramenta começará o exame do seu Sistema. Tenha paciência pois pode demorar um pouco, dependendo da quantidades de ítens a serem examinados.
Ao final, um Log se abrirá e salvo no Desktop com o nome de JRT.txt..Selecione, copie e cole o conteúdo deste Log na sua próxima resposta + o Log do AdwCleaner e um novo Log do HijackThis.


assinatura-mrmillion.png65301516_windows-insider-mvp-logo(Custom).png.36263cb7b506cc6935fb37f39e504cec.png

Compartilhar este post


Link para o post
Compartilhar em outros sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 7 Professional x86 
Ran by NOT (Administrator) on 12/04/2016 at 19:29:09,61
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


File System: 16 

Successfully deleted: C:\Program Files\mozilla firefox\defaults\pref\itms.js (File) 
Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\ProgramData\thunder network (Folder) 
Successfully deleted: C:\Users\NOT\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal (File) 
Successfully deleted: C:\Users\NOT\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage (File) 
Successfully deleted: C:\Users\NOT\AppData\Roaming\productdata (Folder) 
Successfully deleted: C:\Users\Public\thunder network (Folder) 
Successfully deleted: C:\Windows\System32\Tasks\Uninstaller_SkipUac_NOT (Task)
Successfully deleted: C:\Users\NOT\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WJ4IS6U (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\NOT\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DA4YG483 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\NOT\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQESQ3SA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\NOT\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VVA64A2K (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WJ4IS6U (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DA4YG483 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQESQ3SA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VVA64A2K (Temporary Internet Files Folder) 

Registry: 0 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12/04/2016 at 19:33:10,85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 

# AdwCleaner v5.029 - Relatório criado 12/01/2016 às 23:43:55
# Atualizado 11/01/2016 por Xplode
# Banco de dados : 2016-01-12.1 [Servidor]
# Sistema operacional : Windows 7 Professional Service Pack 1 (x86)
# Usuário : NOT - ATENDIMENTO
# Executando de : C:\Users\NOT\Desktop\AdwCleaner.exe
# Opção : Limpar
# Apoio : http://toolslib.net/forum

***** [ Serviços ] *****


***** [ Pastas ] *****


***** [ Arquivos ] *****

[-] Arquivo Excluído : C:\Users\NOT\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.emaildefendsearch.com_0.localstorage
[-] Arquivo Excluído : C:\Users\NOT\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.emaildefendsearch.com_0.localstorage-journal

***** [ DLLs ] *****


***** [ Atalhos ] *****


***** [ Tarefas agendadas ] *****


***** [ Registro ] *****


***** [ Navegadores ] *****


*************************

:: Chaves "Tracing" excluídas
:: Configurações Winsock restauradas

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1009 bytes] ##########
# AdwCleaner v5.110 - Relatório criado 12/04/2016 às 19:24:09
# Atualizado 10/04/2016 por Xplode
# Banco de dados : 2016-04-11.4 [Servidor]
# Sistema operacional : Windows 7 Professional Service Pack 1 (X86)
# Usuário : NOT - ATENDIMENTO
# Executando de : C:\Users\NOT\Desktop\AdwCleaner.exe
# Opção : Limpar
# Apoio : http://toolslib.net/forum

***** [ Serviços ] *****


***** [ Pastas ] *****

[#] Pasta Excluído : C:\ProgramData\mntemp
[#] Pasta Excluído : C:\ProgramData\Application Data\mntemp
[-] Pasta Excluído : C:\Users\NOT\AppData\Local\Temp\WebUpdater

***** [ Arquivos ] *****


***** [ DLLs ] *****


***** [ Atalhos ] *****


***** [ Tarefas agendadas ] *****


***** [ Registro ] *****

[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}

***** [ Navegadores ] *****


*************************

:: Chaves "Tracing" excluídas
:: Configurações Winsock restauradas

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [2089 bytes] - [12/01/2016 22:43:55]
C:\AdwCleaner\AdwCleaner[S1].txt - [2093 bytes] - [12/01/2016 22:31:56]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2235 bytes] ##########
 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:34:45, on 12/04/2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\iRoot\Root.exe
C:\Program Files\iRoot\RomasterConnection.exe
C:\Program Files\iRoot\romaster_daemon.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\NOT\Desktop\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_71\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Program Files\GbPlugin\gbiehabn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_71\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [SH_AutoBackup] C:\SHARMAQ\SHOficina\SHRecovery.exe /BACKUP
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://www.bancoreal.com.br
O15 - Trusted Zone: http://www.bancosantander.com.br
O15 - Trusted Zone: wwws.realsecureweb.com.br
O15 - Trusted Zone: www.santander.com.br
O15 - Trusted Zone: http://www.santander.com.br
O15 - Trusted Zone: www.santanderempresarial.com.br
O15 - Trusted Zone: http://www.santanderempresarial.com.br
O15 - Trusted Zone: www.santandernet.com.br
O15 - Trusted Zone: wwws.santandernet.com.br
O15 - Trusted Zone: wwws2.santandernet.com.br
O15 - Trusted Zone: www.santandernetibe.com.br
O15 - Trusted Zone: www.secureweb.com.br
O20 - Winlogon Notify:  GbPluginAbn - C:\Program Files\GbPlugin\gbiehAbn.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast antivírus (avast! antivírus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Motorola Device Manager Service (Motorola Device Manager) - Motorola Mobility LLC - C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PST Service - Motorola - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe

--
End of file - 7116 bytes
 

 

valeu novamente

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Desabilite o seu Antivírus e AntiSpyware para não haver conflitos. Mantenha-os desativados até terminar as instruções

Download Zoek

Descompacte o Arquivo Zoek.exe para Área de Trabalho (Desktop)

Execute-o e copie e cole as linhas abaixo no espaço do Zoek

createsrpoint;
autoclean;
resetieproxy;
resethosts;
iedefaults;
chrdefaults;
emptyCHRcache;
ffdefaults;
firefoxlook;
emptyalltemp;
shortcutfix;

Feche o seu Navegador e clique Run Script

(Durante o Scan a mensagem abaixo será apresentada. Aguarde o término, pode demorar um pouquinho.....

Zoek.exe is running now.
Do not start any browser windows, they will be closed automatically.
Please wait! This window will close when finished.
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log

Caso seja solicitada a Reinicialização do PC, clique em OK .

Poste o Relatório gerado + um novo Log do HijackThis.


assinatura-mrmillion.png65301516_windows-insider-mvp-logo(Custom).png.36263cb7b506cc6935fb37f39e504cec.png

Compartilhar este post


Link para o post
Compartilhar em outros sites


Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by NOT on 12/04/2016 at 19:48:37,96.
Microsoft Windows 7 Professional  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\NOT\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== Older Logs ======================

C:\zoek-results2016-01-14-005048.log    34009 bytes

==== System Restore Info ======================

12/04/2016 19:52:28 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp. 

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows. 

# This file contains the mappings of IP addresses to host names. Each 
# entry should be kept on an individual line. The IP address should 
# be placed in the first column followed by the corresponding host name. 
# The IP address and the host name should be separated by at least one 
# space. 

# Additionally, comments (such as these) may be inserted on individual 
# lines or following the machine name denoted by a '#' symbol. 

# For example: 

#      102.54.94.97     rhino.acme.com          # source server 
#       38.25.63.10     x.acme.com              # x client host 
 
# localhost name resolution is handled within DNS itself. 
127.0.0.1       localhost 
::1             localhost 

==== Empty Folders Check ======================

C:\Program Files\TomTom DesktopSuite deleted successfully
C:\Program Files\Tracksource deleted successfully
C:\Program Files\Wondershare deleted successfully
C:\Users\NOT\AppData\Local\pangu deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\NOT\AppData\Roaming\Mozilla\Firefox\Profiles\06zmhirm.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\NOT\AppData\Roaming\Mozilla\Firefox\Profiles\06zmhirm.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\NOT\AppData\Roaming\Mozilla\Firefox\Profiles\06zmhirm.default

user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 3);
---- FireFox user.js and prefs.js backups ---- 

prefs_042016_2025_.backup

==== Deleting Files \ Folders ======================

C:\Program Files\TomTom DesktopSuite not found
C:\Program Files\Tracksource not found
C:\Program Files\Wondershare not found
C:\Users\NOT\AppData\Local\Wondershare deleted
C:\Users\NOT\.android deleted
C:\Program Files\Common Files\Wondershare deleted
C:\PROGRA~2\Package Cache deleted
"C:\Windows\Installer\19bd71.msi" deleted

==== Orphaned Tasks deleted from Registry ======================

avast Emergency Update deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\NOT\AppData\Roaming\Mozilla\Firefox\Profiles\06zmhirm.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [17/03/2016 15:35]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [20/06/2015 13:43]

==== Firefox Extensions ======================

ProfilePath: C:\Users\NOT\AppData\Roaming\Mozilla\Firefox\Profiles\06zmhirm.default
- Modulo de Protecao - Banco Santander Brasil S.A. - %ProfilePath%\extensions\{87F8774F-B485-47E2-A755-A40A8A5E8874}
- DownThemAll - %ProfilePath%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\NOT\AppData\Roaming\Mozilla\Firefox\Profiles\06zmhirm.default
999A833D87C8CD918B5EE8C3F8149D2B    - C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll -    Adobe Acrobat
AF8A94BCB98C299C49B28CC12EBC0ED2    - C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll -    Google Update
E439DF843602310272E14127DE7D1D69    - C:\Program Files\Java\jre1.8.0_71\bin\plugin2\npjp2.dll -    Java(TM) Platform SE 8 U71
8C0AEF702165656571EFA1A7CF24759A    - C:\Program Files\Java\jre1.8.0_71\bin\dtplugin\npdeployJava1.dll -    Java Deployment Toolkit 8.0.710.15
46A59E6F7F7C1679AC7C4655E055326D    - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll -    iTunes Application Detector
57C7E359ED8D049132EED23EFA444C63    - C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll -    Shockwave Flash
3CD19649B2C3023D65E67C056457A2BC    - C:\Users\NOT\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll -    Facebook Video Calling Plugin


==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[17/03/2016 15:00]

Avast Online Security - NOT\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

==== Chromium Fix ======================

C:\Users\NOT\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pan.baidu.com_0.localstorage deleted successfully
C:\Users\NOT\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pan.baidu.com_0.localstorage-journal deleted successfully
C:\Users\NOT\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pos.baidu.com_0.localstorage deleted successfully
C:\Users\NOT\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pos.baidu.com_0.localstorage-journal deleted successfully
C:\Users\NOT\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad-emea.doubleclick.net_0.localstorage deleted successfully
C:\Users\NOT\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad-emea.doubleclick.net_0.localstorage-journal deleted successfully
C:\Users\NOT\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.doubleclick.net_0.localstorage deleted successfully
C:\Users\NOT\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.doubleclick.net_0.localstorage-journal deleted successfully
C:\Users\NOT\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.lkqd.net_0.localstorage deleted successfully
C:\Users\NOT\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.lkqd.net_0.localstorage-journal deleted successfully
C:\Users\NOT\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads6m.depositfiles.org_0.localstorage deleted successfully
C:\Users\NOT\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads6m.depositfiles.org_0.localstorage-journal deleted successfully
C:\Users\NOT\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adstract.adk2x.com_0.localstorage deleted successfully
C:\Users\NOT\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adstract.adk2x.com_0.localstorage-journal deleted successfully
C:\Users\NOT\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\NOT\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
C:\Users\NOT\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\NOT\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\NOT\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\NOT\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{9CB96984-43C3-4D44-90EF-01466EFCF7BB}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
HKCU\SearchScopes\{40C9361E-0C57-4009-9798-BEC63BB370CC} - http://www.google.com/search?hl=en&q={searchTerms}
HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR

==== Reset Google Chrome ======================

C:\Users\NOT\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\NOT\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\NOT\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\NOT\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\NOT\Desktop\AdvanceBox - Atalho.lnk - C:\AdvanceBox Turbo Flasher\AdvanceBox.exe 
C:\Users\NOT\Desktop\Auslogics DiskDefrag.lnk - C:\Program Files\Auslogics\DiskDefrag\DiskDefrag.exe 
C:\Users\NOT\Desktop\BACKUP (D).lnk - D:\ 
C:\Users\NOT\Desktop\Flashtool.lnk - C:\Flashtool\FlashTool.exe 
C:\Users\NOT\Desktop\GPGeMMC - Atalho.lnk - D:\BOX\GPGEMMC\GPGeMMC_v1.35\GPGeMMC.exe 
C:\Users\NOT\Desktop\iPhone Software Updates - Atalho.lnk - C:\Users\NOT\AppData\Roaming\Apple Computer\iTunes\iPhone Software Updates 
C:\Users\NOT\Desktop\Jogos.lnk -  
C:\Users\NOT\Desktop\LGE Tool.lnk - C:\Program Files\LGE Tool\LGETool.exe 
C:\Users\NOT\Desktop\LGFlashTool2014.lnk - D:\LG\LG Flash Tool 2014\LGFlashTool2014.exe 
C:\Users\NOT\Desktop\LGMobile Support Tool.lnk - C:\ProgramData\LGMOBILEAX\LGMLauncher.exe 
C:\Users\NOT\Desktop\MEGAsync.lnk - C:\Users\NOT\AppData\Local\MEGAsync\MEGAsync.exe 
C:\Users\NOT\Desktop\Octoplus LG Tool.lnk - C:\Program Files\Octoplus\Octoplus_LG\OctoplusLG.exe 
C:\Users\NOT\Desktop\Octoplus Samsung Tool.lnk - C:\Program Files\Octoplus\Octoplus_Samsung\OctoplusSamsung.exe 
C:\Users\NOT\Desktop\Odin3 v3.10.7 - Atalho.lnk - D:\SAMSUNG\Odin3_v3.10.7\Odin3 v3.10.7.exe 
C:\Users\NOT\Desktop\ONETOUCH Center.lnk - C:\Program Files\ONE TOUCH Center\OneTouchCenter.exe 
C:\Users\NOT\Desktop\Paint.lnk - C:\Windows\system32\mspaint.exe 
C:\Users\NOT\Desktop\Revo Uninstaller.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe 
C:\Users\NOT\Desktop\SCout.lnk - C:\Program Files\GsmServer\SCout\SCout.exe 
C:\Users\NOT\Desktop\SHOficina Segunda Abertura.lnk - C:\SHARMAQ\SHOficina Segunda Abertura\shoficina3.exe 
C:\Users\NOT\Desktop\SHOficina5.lnk - C:\SHARMAQ\SHOficina\shoficina3.exe 
C:\Users\NOT\Desktop\SHVendas.lnk - C:\SHARMAQ\SHOficina\shvenda.exe 
C:\Users\NOT\Desktop\TABELA DE PREÇOS.lnk -  
C:\Users\NOT\Desktop\µTorrent.lnk -  
C:\Users\NOT\Desktop\VELASCO\MV AntiSpy 4.0.lnk - C:\Program Files\Marcos Velasco Security\MV AntiSpy 4.0\ANTISPY.EXE 
C:\Users\NOT\Desktop\VELASCO\MV Defrag 1.9.lnk - C:\Program Files\Marcos Velasco Security\MV Defrag 1.9\MVDEFRAG.EXE 
C:\Users\NOT\Desktop\VELASCO\MV Internet Optimizer 1.0.lnk - C:\Program Files\Marcos Velasco Security\MV Internet Optimizer 1.0\MVINTOPT.EXE 
C:\Users\NOT\Desktop\VELASCO\MV RegCompact 1.3.lnk - C:\Program Files\Marcos Velasco Security\MV RegCompact 1.3\MVREGCOMPACT.EXE 

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Acrobat Reader DC.lnk - C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe 
C:\Users\Public\Desktop\Activator.lnk - C:\Program Files\SPT\Activator\activator.exe 
C:\Users\Public\Desktop\ASANSAMBOX.lnk - C:\ASANSAM3\HST.exe 
C:\Users\Public\Desktop\Avast SafeZone 1 Browser.lnk - C:\Program Files\AVAST Software\SZBrowser\launcher.exe 
C:\Users\Public\Desktop\Boot-Loader Download Manager.lnk - C:\Program Files\Boot-Loader Download Manager\BLDM.exe 
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe 
C:\Users\Public\Desktop\Garmin Express.lnk - C:\Program Files\Garmin\Express\express.exe 
C:\Users\Public\Desktop\InfinityBox BEST.lnk - C:\InfinityBox\BEST\BEST.exe 
C:\Users\Public\Desktop\InfinityBox CM2MTK.lnk - C:\InfinityBox\CM2MTK\CM2MTK.exe 
C:\Users\Public\Desktop\InfinityBox CM2RKT.lnk - C:\InfinityBox\CM2RKT\CM2RKT.exe 
C:\Users\Public\Desktop\InfinityBox iosFileUploader.lnk - C:\InfinityBox\iosFileUploader\iosFileUploader.exe 
C:\Users\Public\Desktop\IObit Uninstaller.lnk - C:\Program Files\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe 
C:\Users\Public\Desktop\iRoot.lnk - C:\Program Files\iRoot\Root.exe 
C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files\iTunes\iTunes.exe 
C:\Users\Public\Desktop\Kingo ROOT.lnk - C:\Program Files\Kingo ROOT\Kingo Root.exe 
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes Anti-Malware\mbam.exe 
C:\Users\Public\Desktop\MEGAsync.lnk - C:\ProgramData\MEGAsync\MEGAsync.exe 
C:\Users\Public\Desktop\Mobile Upgrade S 4.3.9.lnk - C:\Mobile Upgrade S 4.3.9\Mobile Upgrade S.exe 
C:\Users\Public\Desktop\MotoFlasher.lnk - C:\Program Files\MotoFlasher\MotoFlasher.exe 
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe 
C:\Users\Public\Desktop\MV RegClean 6.9.1.lnk - C:\Program Files\Marcos Velasco Security\MV RegClean 6.9.1\MVREGCLEAN.EXE 
C:\Users\Public\Desktop\Recuva.lnk - C:\Program Files\Recuva\recuva.exe 
C:\Users\Public\Desktop\RSD Lite.lnk - C:\Windows\Installer\{494CAE58-BBC3-4782-B59F-02F163E4A32B}\_7DAB413A1EA7F2B6E80F1D.exe 
C:\Users\Public\Desktop\Samsung Kies (Lite).lnk - C:\Program Files\Samsung\Kies\KiesAgent.exe /lite
C:\Users\Public\Desktop\Samsung Kies 3.lnk - C:\Program Files\Samsung\Kies3\Kies3.exe 
C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files\Samsung\Kies\KiesAgent.exe 
C:\Users\Public\Desktop\Smart Switch.lnk - C:\Program Files\Samsung\Smart Switch PC\SmartSwitchPC.exe 
C:\Users\Public\Desktop\SPT.lnk - C:\Program Files\SPT\SPT.exe 
C:\Users\Public\Desktop\Win32DiskImager.lnk - C:\Program Files\ImageWriter\Win32DiskImager.exe 

==== shortcuts in Users Start Menu ======================

C:\Users\NOT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Garmin\MapSource Manual.lnk - C:\Program Files\Garmin\MapsourceManual.pdf 
C:\Users\NOT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Garmin\MapSource.lnk - C:\Program Files\Garmin\MapSource.exe 
C:\Users\NOT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe 
C:\Users\NOT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Run Hunter Mode.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe -hunter
C:\Users\NOT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Uninstall.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe 
C:\Users\NOT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Website.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller\Revo Uninstaller.url 
C:\Users\NOT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.chm 
C:\Users\NOT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual do Console RAR.lnk - C:\Program Files\WinRAR\Rar.txt 
C:\Users\NOT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\O que há de novo na última versão.lnk -  
C:\Users\NOT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.exe 

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}\SC_Reader.ico 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk - C:\Windows\Installer\{56EC47AA-5813-4FF6-8E75-544026FBEA83}\AppleSoftwareUpdateIco.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone 1 Browser.lnk - C:\Program Files\AVAST Software\SZBrowser\launcher.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASANSAMBOX (BY HUA TEAM)\ASANSAMBOX.lnk - C:\ASANSAM3\HST.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics\DiskDefrag\Auslogics DiskDefrag.lnk - C:\Program Files\Auslogics\DiskDefrag\DiskDefrag.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software\Avast Free antivírus.lnk - C:\Program Files\AVAST Software\Avast\AvastUI.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin\BaseCamp (2D only).lnk - C:\Program Files\Garmin\BaseCamp /Disable3D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin\BaseCamp.lnk - C:\Program Files\Garmin\BaseCamp\BaseCamp.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin\Garmin Express.lnk - C:\Program Files\Garmin\Express\express.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin\MapInstall.lnk - C:\Program Files\Garmin\MapInstall\MapInstall.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin\POI Loader.lnk - C:\Program Files\Garmin\POI Loader\POILoader.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin\WebUpdater.lnk - C:\Program Files\Garmin\WebUpdater\WebUpdater.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InfinityBox\BEST\InfinityBox BEST.lnk - C:\InfinityBox\BEST\BEST.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InfinityBox\BEST\Uninstall InfinityBox BEST.lnk - C:\InfinityBox\BEST\BEST_uninstall.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InfinityBox\CM2RKT\InfinityBox CM2RKT.lnk - C:\InfinityBox\CM2RKT\CM2RKT.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InfinityBox\CM2RKT\Uninstall InfinityBox CM2RKT.lnk - C:\InfinityBox\CM2RKT\CM2RKT_uninstall.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iRoot\iRoot.lnk - C:\Program Files\iRoot\Root.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iRoot\Uninstall iRoot.lnk - C:\Program Files\iRoot\unins001.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk - C:\Program Files\iTunes\iTunes.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Sobre o iTunes.lnk - C:\Program Files\iTunes\iTunes.Resources\pt.lproj\About iTunes.rtf 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configurar Java.lnk - C:\Program Files\Java\jre1.8.0_71\bin\javacpl.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Sobre o Java.lnk - C:\Program Files\Java\jre1.8.0_71\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Verificar Atualizações.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingo ROOT\Kingo ROOT.lnk - C:\Program Files\Kingo ROOT\Kingo Root.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingo ROOT\Uninstall Kingo ROOT.lnk - C:\Program Files\Kingo ROOT\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes Anti-Malware\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes Anti-Malware\mbam.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGAsync\MEGA Website.lnk - C:\ProgramData\MEGAsync\MEGA Website.url 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGAsync\MEGAsync.lnk - C:\ProgramData\MEGAsync\MEGAsync.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGAsync\Uninstall.lnk - C:\ProgramData\MEGAsync\uninst.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Moto Flasher\MotoFlasher.lnk - C:\Program Files\MotoFlasher\MotoFlasher.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Moto Flasher\Uninstall MotoFasher.lnk - C:\Program Files\MotoFlasher\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Octoplus\Octoplus LG\Desinstalar Octoplus tool.lnk - C:\Program Files\Octoplus\Octoplus_LG\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Octoplus\Octoplus LG\Octoplus LG Tool.lnk - C:\Program Files\Octoplus\Octoplus_LG\OctoplusLG.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Octoplus\Octoplus LG\Update dongle.lnk - C:\Program Files\Octoplus\Octoplus_LG\LGUpdater.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Octoplus\Octoplus Samsung\Desinstalar Octoplus Samsung Tool.lnk - C:\Program Files\Octoplus\Octoplus_Samsung\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Octoplus\Octoplus Samsung\Octoplus Samsung Tool.lnk - C:\Program Files\Octoplus\Octoplus_Samsung\OctoplusSamsung.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Octoplus\Octoplus Samsung\Update dongle.lnk - C:\Program Files\Octoplus\Octoplus_Samsung\Updater.exe update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Desinstalar o QuickTime.lnk - C:\Windows\System32\msiexec.exe /i {FF59BD75-466A-4D5A-AD23-AAD87C5FD44C} /qf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk - C:\Windows\Installer\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}\QTPlayer.ico 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Sobre o QuickTime.lnk - C:\Windows\Installer\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}\RichText.ico 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva\Recuva.lnk - C:\Program Files\Recuva\recuva.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva\Uninstall Recuva.lnk - C:\Program Files\Recuva\uninst.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SPT\SPT.lnk - C:\Program Files\SPT\SPT.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SPT\Uninstall  SPT.lnk - C:\Program Files\SPT\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SPT\Uninstall SPT.lnk - C:\Program Files\SPT\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.chm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual do Console RAR.lnk - C:\Program Files\WinRAR\Rar.txt 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\O que há de novo na última versão.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.exe 

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\NOT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe 
C:\Users\NOT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe 
C:\Users\NOT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\LGE Tool.lnk - C:\Program Files\LGE Tool\LGETool.exe 
C:\Users\NOT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Octoplus Box Samsung software.lnk - C:\Program Files\Octoplus\Octoplus_Samsung\OctoplusSamsung.exe 
C:\Users\NOT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Octopus LG Tool.lnk - C:\Program Files\Octoplus\Octoplus_LG\OctoplusLG.exe 
C:\Users\NOT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk - C:\Program Files\Samsung\Kies\KiesAgent.exe /lite
C:\Users\NOT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies 3.lnk - C:\Program Files\Samsung\Kies3\Kies3.exe 
C:\Users\NOT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\NOT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Smart Switch.lnk - C:\Program Files\Samsung\Smart Switch PC\SmartSwitchPC.exe 
C:\Users\NOT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SPT.lnk - C:\Program Files\SPT\SPT.exe 
C:\Users\NOT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\NOT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -  
C:\Users\NOT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe 
C:\Users\NOT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Uninstall Programs.lnk - C:\Program Files\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe 
C:\Users\NOT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Welcome Center.lnk - C:\Windows\system32\rundll32.exe C:\Windows\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
C:\Users\NOT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AdvanceBox - Atalho.lnk - C:\AdvanceBox Turbo Flasher\AdvanceBox.exe 
C:\Users\NOT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe 
C:\Users\NOT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe 
C:\Users\NOT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Octoplus LG Tool.lnk - C:\Program Files\Octoplus\Octoplus_LG\OctoplusLG.exe 
C:\Users\NOT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Octoplus Samsung Tool.lnk - C:\Program Files\Octoplus\Octoplus_Samsung\OctoplusSamsung.exe 
C:\Users\NOT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe 
C:\Users\NOT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E85CE1EACA2B95944A2C3C28202A2593 deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AE1EC58E-B2AC-4959-A4C2-C38202A25239} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\E85CE1EACA2B95944A2C3C28202A2593 deleted successfully

==== Empty IE Cache ======================

C:\Users\NOT\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\NOT\AppData\Local\Mozilla\Firefox\Profiles\06zmhirm.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\NOT\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\NOT\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=100 folders=42 81288431 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\NOT\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\USURIO~1\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\NOT\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\NOT\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\52DTDHU9\cdn.vidible.tv"  not found

==== EOF on 12/04/2016 at 20:57:50,75 ======================
 

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:03:21, on 12/04/2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\notepad.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Users\NOT\Desktop\HijackThis.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Java\jre1.8.0_71\bin\jp2launcher.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_71\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Program Files\GbPlugin\gbiehabn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_71\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [SH_AutoBackup] C:\SHARMAQ\SHOficina\SHRecovery.exe /BACKUP
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://www.bancoreal.com.br
O15 - Trusted Zone: http://www.bancosantander.com.br
O15 - Trusted Zone: wwws.realsecureweb.com.br
O15 - Trusted Zone: www.santander.com.br
O15 - Trusted Zone: http://www.santander.com.br
O15 - Trusted Zone: www.santanderempresarial.com.br
O15 - Trusted Zone: http://www.santanderempresarial.com.br
O15 - Trusted Zone: www.santandernet.com.br
O15 - Trusted Zone: wwws.santandernet.com.br
O15 - Trusted Zone: wwws2.santandernet.com.br
O15 - Trusted Zone: www.santandernetibe.com.br
O15 - Trusted Zone: www.secureweb.com.br
O20 - Winlogon Notify:  GbPluginAbn - C:\Program Files\GbPlugin\gbiehAbn.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast antivírus (avast! antivírus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Motorola Device Manager Service (Motorola Device Manager) - Motorola Mobility LLC - C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PST Service - Motorola - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe

--
End of file - 7548 bytes
 

 

valeu

Compartilhar este post


Link para o post
Compartilhar em outros sites

Não é problema de Vírus/ Malwares e sim do próprio Navegador, desinstale com a remoção de Todos os Complementos, faça uma limpeza completa de Registro com o CCleaner e reinstale.

Por aqui nada mais a fazer.

Boa sorte!

 


assinatura-mrmillion.png65301516_windows-insider-mvp-logo(Custom).png.36263cb7b506cc6935fb37f39e504cec.png

Compartilhar este post


Link para o post
Compartilhar em outros sites

×
×
  • Criar Novo...