Ir para conteúdo

BABOO e KTS 2018 no YouTube Loja online do BABOO

Entre para seguir isso  
zinhoooriginal

Computador infectado

Mensagem Recomendada

Bom dia colegas,fiz todo o procedimento e gostaria se possível que analisassem meu Log, pois meu Note está muito lento e abrindo páginas de Vírus o tempo todo,segue Log conforme orientação:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:14:14, on 11/01/2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\PROGRA~2\GbPlugin\GbpSv.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWoW64\cmd.exe
C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
C:\Users\J.P\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\3reedom Connection Manager\UIExec.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\HijackThis.exe
C:\Windows\SysWoW64\NOTEPAD.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://noblockingweb.com/wpad.dat?1ceea4cfe30f1ef3daedef55f2551c4f23003854
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: McAfee WebAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKLM\..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
O4 - HKLM\..\Run: [UIExec] "C:\Program Files (x86)\3reedom Connection Manager\UIExec.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\J.P\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [OSDownloaderUpdate] "C:\Program Files (x86)\OSDownloader\OSDownloaderUpdate.exe" "sleep"
O4 - HKCU\..\Run: [OSDownloader] "C:\Program Files (x86)\OSDownloader\OSDownloader.exe" AutoStart
O4 - HKCU\..\Run: [Advanced SystemCare 9] "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_F418A0558D832A2F494D8D0D97004497] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\J.P\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\J.P\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - Startup: Monitorar alertas de tinta - HP Deskjet 2540 series (Copy 1).lnk = ?
O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Fazer o download de todos os links usando o IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Fazer o download usando o IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: www.bancobrasil.com.br
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: aapj.bb.com.br
O15 - Trusted Zone: seg.bb.com.br
O15 - Trusted Zone: www.bb.com.br
O15 - Trusted Zone: http://www.bb.com.br
O15 - Trusted Zone: cloud.gastecnologia.com.br
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O20 - Winlogon Notify:  GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc.  - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Boot Delay Start Service (McBootDelayStartSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Service Controller (mfemms) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: McAfee Module Core Service (ModuleCoreService) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Intel Security PEF Service (PEFService) - Intel Security, Inc. - C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung Printer Dianostics Service - Unknown owner - C:\Windows\system32\\spdsvc.exe
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\Windows\SysWoW64\SecUPDUtilSvc.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: UI Assistant Service - Unknown owner - C:\Program Files (x86)\3reedom Connection Manager\AssistantServices.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Backup (WDBackup) - Western Digital  - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: WD Rules (WDRulesService) - Western Digital  - C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe

--
End of file - 17505 bytes
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia!

Baixe o Malwarebytes Anti-Malware (MBAM) e salve ou imprima estas instruções:

1. Execute o MBAM e prossiga com a instalação até chegar na tela abaixo. Você deve desmarcar a opção Ativar trial gratuito do Malwarebytes Anti-Malware Pro 

desclicar-mbam.png

2. O programa de instalação será finalizado e o MBAM será executado e automaticamente atualizará o seu banco de dados. Enquanto ele faz isso, clique no menu Configurações > Detecção e proteção (à esquerda) e clique na opção Procurar rootkits. Verifique também se as duas opções mostradas abaixo estão ambas configuradas como Tratar detecções como malware:

tratar-deteccoes.png

3. Clique no menu Painel para voltar à tela principal e clique no botão Verificar. O MBAM iniciará a verificação de malwares no seu computador. Essa tarefa pode demorar bastante se houverem muitos arquivos. Aguarde a finalização de todos os processos. Se no final o MBAM detectou algum malware, inicialmente clique na opção Salvar resultados > escolha a opção Arquivo de texto (*.txt) > Salve o arquivo:

salvar-txt.png

Agora clique no botão Remover selecionados para as ameaças serem removidas. 

Se o MBAM encontrar arquivos que não podem ser removidos, ele solicitará a reinicialização do computador (talvez mais de uma vez). Se isso acontecer, reinicie o computador imediatamente.

4. Agora abra o arquivo que você salvou no item anterior.  Selecione todo o conteúdo desse log (tecle CTRL+A), copie-o (CTRL+C) e cole-o (CTRL+V) na sua próxima resposta juntamente com um novo Log do HiJackThis .


assinatura-mrmillion.png

Compartilhar este post


Link para o post
Compartilhar em outros sites

Segue:

Malwarebytes
www.malwarebytes.com

-Detalhes de registro-
Data da análise: 11/01/17
Hora da análise: 09:56
Arquivo de registro: 
Administrador: Sim

-Informação do software-
Versão: 3.0.5.1299
Versão de componentes: 1.0.43
Versão do pacote de definições: 1.0.978
Licença: Versão de avaliação

-Informação do sistema-
Sistema operacional: Windows 10
CPU: x64
Sistema de arquivos: NTFS
Usuário: JPNOTE\J.P

-Resumo da análise-
Tipo de análise: Análise de Ameaças
Resultado: Concluído
Objetos verificados: 489033
Tempo decorrido: 9 min, 46 seg

-Opções da análise-
Memória: Habilitado
Inicialização: Habilitado
Sistema de arquivos: Habilitado
Arquivos compactados: Habilitado
Rootkits: Habilitado
Heurística: Habilitado
PUP: Habilitado
PUM: Habilitado

-Detalhes da análise-
Processo: 0
(Nenhum item malicioso detectado)

Módulo: 0
(Nenhum item malicioso detectado)

Chave de registro: 1
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, Nenhuma ação do usuário, [132], [-1],0.0.0

Valor de registro: 5
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-2723134861-882596846-4248002994-1001\SOFTWARE\MICROSOFT\Windows\CURRENTVERSION\INTERNET SETTINGS|AUTOCONFIGURL, Nenhuma ação do usuário, [132], [356708],1.0.978
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-2723134861-882596846-4248002994-1001\SOFTWARE\MICROSOFT\Windows\CURRENTVERSION\INTERNET SETTINGS|AUTOCONFIGURL, Nenhuma ação do usuário, [132], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-18\SOFTWARE\MICROSOFT\Windows\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Nenhuma ação do usuário, [132], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-2723134861-882596846-4248002994-1001\SOFTWARE\MICROSOFT\Windows\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Nenhuma ação do usuário, [132], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\.DEFAULT\SOFTWARE\MICROSOFT\Windows\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Nenhuma ação do usuário, [132], [-1],0.0.0

Fluxo de dados: 0
(Nenhum item malicioso detectado)

Pasta: 0
(Nenhum item malicioso detectado)

Arquivo: 0
(Nenhum item malicioso detectado)

Setor físico: 0
(Nenhum item malicioso detectado)


(end)

 

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:08:36, on 11/01/2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
C:\PROGRA~2\GbPlugin\GbpSv.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Users\J.P\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\3reedom Connection Manager\UIExec.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWoW64\cmd.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Windows\SysWoW64\NOTEPAD.EXE
C:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: McAfee WebAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKLM\..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
O4 - HKLM\..\Run: [UIExec] "C:\Program Files (x86)\3reedom Connection Manager\UIExec.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\J.P\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [OSDownloaderUpdate] "C:\Program Files (x86)\OSDownloader\OSDownloaderUpdate.exe" "sleep"
O4 - HKCU\..\Run: [OSDownloader] "C:\Program Files (x86)\OSDownloader\OSDownloader.exe" AutoStart
O4 - HKCU\..\Run: [Advanced SystemCare 9] "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_F418A0558D832A2F494D8D0D97004497] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\J.P\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\J.P\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO DE REDE')
O4 - Startup: Monitorar alertas de tinta - HP Deskjet 2540 series (Copy 1).lnk = ?
O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Fazer o download de todos os links usando o IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Fazer o download usando o IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: www.bancobrasil.com.br
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: aapj.bb.com.br
O15 - Trusted Zone: seg.bb.com.br
O15 - Trusted Zone: www.bb.com.br
O15 - Trusted Zone: http://www.bb.com.br
O15 - Trusted Zone: cloud.gastecnologia.com.br
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O20 - Winlogon Notify:  GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc.  - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Boot Delay Start Service (McBootDelayStartSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Service Controller (mfemms) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: McAfee Module Core Service (ModuleCoreService) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Intel Security PEF Service (PEFService) - Intel Security, Inc. - C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung Printer Dianostics Service - Unknown owner - C:\Windows\system32\\spdsvc.exe
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\Windows\SysWoW64\SecUPDUtilSvc.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: UI Assistant Service - Unknown owner - C:\Program Files (x86)\3reedom Connection Manager\AssistantServices.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Backup (WDBackup) - Western Digital  - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: WD Rules (WDRulesService) - Western Digital  - C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe

--
End of file - 17589 bytes
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

1. Desabilite o seu Antivírus e AntiSpyware para não haver conflitos e Mantenha-os desativados até terminar as instruções.

2. Faça download do AdwCleaner e salve-o na sua Área de Trabalho (desktop)

3. Execute o adwcleaner.exe

Usuários do Windows 7, 8.1 ou 10: clique com o botão direito do mouse no ícone do adwcleaner.exe e selecione  executar-como-administrador.png

adwcleaner.png

4. Clique no botão Verificar e depois em Limpar

5. Salve o Log criado

6. Faça download do JRT (Junkware Removal Tool) e salve-o na sua Área de Trabalho

7. Dê um duplo-clique no arquivo JRT para executá-lo

Usuários do Windows 7, 8.1 ou 10: clique com o botão direito do mouse no ícone do JRT.exe e selecione  executar-como-administrador.png

8. O JRT começará o exame do seu Sistema. Tenha paciência pois pode demorar alguns minutos dependendo da quantidades de itens examinados

9. No final um novo arquivo JRT.txt aparecerá na sua Área de Trabalho e uma janela se abrirá com o conteúdo deste arquivo (log do JRT)

10. Selecione todo o conteúdo desse log (tecle CTRL+A), copie-o (CTRL+C) e cole-o (CTRL+V) na sua próxima resposta juntamente com o Log do AdwCleaner (item 5 acima) e o novo log do HijackThis


assinatura-mrmillion.png

Compartilhar este post


Link para o post
Compartilhar em outros sites

Segue:

# AdwCleaner v6.042 - Relatório criado 11/01/2017 às 11:45:59
# *Updated on 06/01/2017 by Malwarebytes
# Banco de dados : 2017-01-11.1 [Servidor]
# Sistema operacional : Windows 10 Home Single Language  (X64)
# Usuário : J.P - JPNOTE
# Executando de : C:\Users\J.P\Desktop\AdwCleaner.exe
# *Mode: Scan
# Apoio : https://www.malwarebytes.com/support

***** [ Serviços ] *****

*No malicious services found.


***** [ Pastas ] *****

Encontrado C:\Users\J.P\AppData\Local\YSearchUtil


***** [ Arquivos ] *****

*No malicious files found.


***** [ DLL ] *****

*No malicious DLLs found.


***** [ WMI ] *****

*No malicious keys found.


***** [ Atalhos ] *****

Procurando por atalhos infectados ...


***** [ Tarefas agendadas ] *****

*No malicious task found.


***** [ Registro ] *****

Encontrado HKCU\Software\Microsoft\Internet Explorer\DOMStorage\colorask.com
Encontrado HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.torrentz.colorask.com
Encontrado [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\colorask.com
Encontrado [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.torrentz.colorask.com


***** [ Navegadores ] *****

Procurando por itens do registro 
*Chromium pref Found: [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://search.conduit.com/?ctid=CT3325592&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=5&UP=SPC953A994-C2D6-40A2-B850
*Chromium pref Found: [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://search.babylon.com/?affID=110823&tt=120912_ccp_3812_8&babsrc=HP_ss&mntrId=18f28271000000000000001d19efde55
*Chromium pref Found: [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://searchfunmoods.com/?f=1&a=01543&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0AyB0FzztAtD0AtDyCtCyEtN0D0Tzu0CyEyEzytN1L2XzutBtFt
*Chromium pref Found: [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://searchfunmoods.com/?f=1&a=1543n&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0AyB0FzztAtD0A0ByEyByEtN0D0Tzu0CyDyByCtN1L2XzutBtFt
*Chromium pref Found: [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://search.iminent.com/?appId=2C9193E3-DBC6-4A28-816D-A428312C2151
*Chromium pref Found: [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://searchfunmoods.com/?f=1&a=pc0102&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0CyB0EtDzy0E0AyDyByCtN0D0Tzu0SzztCtBtN1L2XzutBtF
*Chromium pref Found: [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://searchfunmoods.com/?f=1&a=pc0102&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0CyB0EtDzy0E0AyDyByCtN0D0Tzu0SzztCtBtN1L2XzutBtF
*Chromium pref Found: [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.awesomehp.com/?type=hp&ts=1395513602&from=pcm&uid=ST9500325AS_5VEW2AYBXXXX5VEW2AYB
*Chromium pref Found: [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.sweet-page.com/?type=hp&ts=1395514369&from=cor&uid=ST9500325AS_5VEW2AYBXXXX5VEW2AYB
*Chromium pref Found: [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.sweet-page.com/?type=hp&ts=1395515612&from=cor&uid=ST9500325AS_5VEW2AYBXXXX5VEW2AYB
*Chromium pref Found: [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://br.hao123.com/?tn=incore_pay_hp_05_hao123_br
*Chromium pref Found: [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.yessearches.com/?mode=nnnb&ptid=wak&uid=0EF38EFFEB19E131B74F1B2509B8A195&v=20160301&ts=AHEpBnMoA3MoAE..

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [3783 *Bytes] - [11/01/2017 11:45:59]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3857 *Bytes] ##########
 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 10 Home Single Language x64 
Ran by J.P (Administrator) on 11/01/2017 at 11:54:53,73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


File System: 5 

Successfully deleted: C:\ProgramData\osdownloader (Folder) 
Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\Users\J.P\AppData\Roaming\productdata (Folder) 
Successfully deleted: C:\Windows\system32\Tasks\Uninstaller_SkipUac_J.P (Task)
Successfully deleted: C:\Program Files (x86)\osdownloader (Folder) 

Registry: 2 

Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_F418A0558D832A2F494D8D0D97004497 (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A52FF9F7-79F8-4E87-8001-20B41DBC13A3} (Registry Key)


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11/01/2017 at 12:26:27,08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:02:56, on 11/01/2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\PROGRA~2\GbPlugin\GbpSv.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWoW64\cmd.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: McAfee WebAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKLM\..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
O4 - HKLM\..\Run: [UIExec] "C:\Program Files (x86)\3reedom Connection Manager\UIExec.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\J.P\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [OSDownloaderUpdate] "C:\Program Files (x86)\OSDownloader\OSDownloaderUpdate.exe" "sleep"
O4 - HKCU\..\Run: [OSDownloader] "C:\Program Files (x86)\OSDownloader\OSDownloader.exe" AutoStart
O4 - HKCU\..\Run: [Advanced SystemCare 9] "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\J.P\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\J.P\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_F418A0558D832A2F494D8D0D97004497] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO DE REDE')
O4 - Startup: Monitorar alertas de tinta - HP Deskjet 2540 series (Copy 1).lnk = ?
O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Fazer o download de todos os links usando o IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Fazer o download usando o IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: www.bancobrasil.com.br
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: aapj.bb.com.br
O15 - Trusted Zone: seg.bb.com.br
O15 - Trusted Zone: www.bb.com.br
O15 - Trusted Zone: http://www.bb.com.br
O15 - Trusted Zone: cloud.gastecnologia.com.br
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O20 - Winlogon Notify:  GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc.  - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Boot Delay Start Service (McBootDelayStartSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Service Controller (mfemms) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: McAfee Module Core Service (ModuleCoreService) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Intel Security PEF Service (PEFService) - Intel Security, Inc. - C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung Printer Dianostics Service - Unknown owner - C:\Windows\system32\\spdsvc.exe
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\Windows\SysWoW64\SecUPDUtilSvc.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: UI Assistant Service - Unknown owner - C:\Program Files (x86)\3reedom Connection Manager\AssistantServices.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Backup (WDBackup) - Western Digital  - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: WD Rules (WDRulesService) - Western Digital  - C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe

--
End of file - 16919 bytes
 

Compartilhar este post


Link para o post
Compartilhar em outros sites
1 hora atrás, zinhoooriginal disse:

# AdwCleaner v6.042 - Relatório criado 11/01/2017 às 11:45:59
# *Updated on 06/01/2017 by Malwarebytes
# Banco de dados : 2017-01-11.1 [Servidor]
# Sistema operacional : Windows 10 Home Single Language  (X64)
# Usuário : J.P - JPNOTE
# Executando de : C:\Users\J.P\Desktop\AdwCleaner.exe
# *Mode: Scan
# Apoio : https://www.malwarebytes.com/support

É pra usar LIMPAR e postar o Log do AdwCleaner


assinatura-mrmillion.png

Compartilhar este post


Link para o post
Compartilhar em outros sites

Perdão,eu tinha copiado o Log errado,segue:

 

# AdwCleaner v6.042 - Relatório criado 11/01/2017 às 11:47:59
# *Updated on 06/01/2017 by Malwarebytes
# Banco de dados : 2017-01-11.1 [Servidor]
# Sistema operacional : Windows 10 Home Single Language  (X64)
# Usuário : J.P - JPNOTE
# Executando de : C:\Users\J.P\Desktop\AdwCleaner.exe
# Limpar
# Apoio : https://www.malwarebytes.com/support

***** [ Serviços ] *****

***** [ Pastas ] *****

[-] RestauradoC:\Users\J.P\AppData\Local\YSearchUtil


***** [ Arquivos ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Atalhos ] *****

***** [ Tarefas agendadas ] *****

***** [ Registro ] *****

[-] RestauradoHKCU\Software\Microsoft\Internet Explorer\DOMStorage\colorask.com
[-] RestauradoHKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.torrentz.colorask.com
[#] *Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\colorask.com
[#] *Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.torrentz.colorask.com


***** [ Verificando navegadores ... ] *****

[-] [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Excluídohxxp://search.conduit.com/?ctid=CT3325592&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=5&UP=SPC953A994-C2D6-40A2-B850-9D0231340228&SSPV=
[-] [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Excluídohxxp://search.babylon.com/?affID=110823&tt=120912_ccp_3812_8&babsrc=HP_ss&mntrId=18f28271000000000000001d19efde55
[-] [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Excluídohxxp://searchfunmoods.com/?f=1&a=01543&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0AyB0FzztAtD0AtDyCtCyEtN0D0Tzu0CyEyEzytN1L2XzutBtFtBtFtCtFyDtCyDtN1L1CzutDtCyDyE&cr=649340180&ir=
[-] [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Excluídohxxp://searchfunmoods.com/?f=1&a=1543n&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0AyB0FzztAtD0A0ByEyByEtN0D0Tzu0CyDyByCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1CzutCyDyE&cr=1021918151&ir=
[-] [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Excluídohxxp://search.iminent.com/?appId=2C9193E3-DBC6-4A28-816D-A428312C2151
[-] [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Excluídohxxp://searchfunmoods.com/?f=1&a=pc0102&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0CyB0EtDzy0E0AyDyByCtN0D0Tzu0SzztCtBtN1L2XzutBtFtCzztFyCtFtDtN1L1Czu1E1RtDtCtDtBtN1L1G1B1V1N2Y1L1Qzu2StA0E0BtC0E0DzytAtGtDzytAtAtGyByB0C0EtG0FtDzy0DtGtCtD0E0FyBtB0AtC0EtC0BtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByBtAzy0CtA0DyEtG0CyBzzyEtG0A0CzyyEtG0F0BtDzztGyD0A0EyByDyByDtB0CyEyEyC2Q&cr=432758003&ir=
[-] [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Excluídohxxp://searchfunmoods.com/?f=1&a=pc0102&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0CyB0EtDzy0E0AyDyByCtN0D0Tzu0SzztCtBtN1L2XzutBtFtCzztFyCtFtDtN1L1Czu1E1RtDtCtDtBtN1L1G1B1V1N2Y1L1Qzu2StBtB0DyE0DyD0A0EtGtBtAzy0CtG0C0CyByCtGyBtA0C0DtGtAyE0DzytD0Czz0CyB0EtA0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByBtAzy0CtA0DyEtG0CyBzzyEtG0A0CzyyEtG0F0BtDzztGyD0A0EyByDyByDtB0CyEyEyC2Q&cr=105808977&ir=
[-] [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Excluídohxxp://www.awesomehp.com/?type=hp&ts=1395513602&from=pcm&uid=ST9500325AS_5VEW2AYBXXXX5VEW2AYB
[-] [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Excluídohxxp://www.sweet-page.com/?type=hp&ts=1395514369&from=cor&uid=ST9500325AS_5VEW2AYBXXXX5VEW2AYB
[-] [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Excluídohxxp://www.sweet-page.com/?type=hp&ts=1395515612&from=cor&uid=ST9500325AS_5VEW2AYBXXXX5VEW2AYB
[-] [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Excluídohxxp://br.hao123.com/?tn=incore_pay_hp_05_hao123_br
[-] [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Excluídohxxp://www.yessearches.com/?mode=nnnb&ptid=wak&uid=0EF38EFFEB19E131B74F1B2509B8A195&v=20160301&ts=AHEpBnMoA3MoAE..


*************************

:: Chaves "Tracing" excluídas
:: Configurações Winsock restauradas

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [4144 *Bytes] - [11/01/2017 11:47:59]
C:\AdwCleaner\AdwCleaner[S0].txt - [3945 *Bytes] - [11/01/2017 11:45:59]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4292 *Bytes] ##########
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

1. Desabilite o seu Antivírus e AntiSpyware para não haver conflitos e Mantenha-os desativados até terminar as instruções.

2. Faça download do Zoek e execute-o.

3. Copie as linhas abaixo (selecione-as e tecle CTRL+C) e cole (CTRL+V) no espaço do Zoek:

createsrpoint;
autoclean;
resetieproxy;
resethosts;
iedefaults;
chrdefaults;
emptyCHRcache;
ffdefaults;
firefoxlook;
emptyalltemp;
shortcutfix;

4. Feche todos os navegadores e clique em Run Script:

zoek-run.png

Durante o Scan a mensagem abaixo será apresentada. Seja paciente e aguarde o término da execução do script pois a análise pode demorar alguns minutos..

zoek-executando.PNG

5. Caso seja solicitada a reinicialização do computador, faça isso clicando em OK

6.  O Zoek abrirá uma janela com o resultado da análise. Poste o conteúdo dessa janela e também um novo Log do HijackThis.

ZOEK


assinatura-mrmillion.png

Compartilhar este post


Link para o post
Compartilhar em outros sites

Seguem Logs:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:15:12, on 11/01/2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\PROGRA~2\GbPlugin\GbpSv.exe
C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Users\J.P\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\3reedom Connection Manager\UIExec.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\3reedom Connection Manager\UIMain.exe
C:\Program Files (x86)\3reedom Connection Manager\CMUpdater.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: McAfee WebAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKLM\..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
O4 - HKLM\..\Run: [UIExec] "C:\Program Files (x86)\3reedom Connection Manager\UIExec.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\J.P\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [OSDownloaderUpdate] "C:\Program Files (x86)\OSDownloader\OSDownloaderUpdate.exe" "sleep"
O4 - HKCU\..\Run: [OSDownloader] "C:\Program Files (x86)\OSDownloader\OSDownloader.exe" AutoStart
O4 - HKCU\..\Run: [Advanced SystemCare 9] "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\J.P\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\J.P\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_F418A0558D832A2F494D8D0D97004497] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO DE REDE')
O4 - Startup: Monitorar alertas de tinta - HP Deskjet 2540 series (Copy 1).lnk = ?
O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Fazer o download de todos os links usando o IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Fazer o download usando o IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: www.bancobrasil.com.br
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: aapj.bb.com.br
O15 - Trusted Zone: seg.bb.com.br
O15 - Trusted Zone: www.bb.com.br
O15 - Trusted Zone: http://www.bb.com.br
O15 - Trusted Zone: cloud.gastecnologia.com.br
O17 - HKLM\System\CCS\Services\Tcpip\..\{ACC3866A-C9FB-4BDA-99E1-DFDF9DAF0B3E}: NameServer = 201.10.128.2 201.10.120.2
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O20 - Winlogon Notify:  GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc.  - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Boot Delay Start Service (McBootDelayStartSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Service Controller (mfemms) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: McAfee Module Core Service (ModuleCoreService) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Intel Security PEF Service (PEFService) - Intel Security, Inc. - C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung Printer Dianostics Service - Unknown owner - C:\Windows\system32\\spdsvc.exe
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\Windows\SysWoW64\SecUPDUtilSvc.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: UI Assistant Service - Unknown owner - C:\Program Files (x86)\3reedom Connection Manager\AssistantServices.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Backup (WDBackup) - Western Digital  - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: WD Rules (WDRulesService) - Western Digital  - C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe

--
End of file - 17417 bytes
 

 


Zoek.exe v5.0.0.1 Updated 19-September-2016
Tool run by J.P on 11/01/2017 at 16:05:09,25.
Microsoft Windows 10 Home Single Language 10.0.14393  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\J.P\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

11/01/2017 16:07:59 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp. 

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows. 

# This file contains the mappings of IP addresses to host names. Each 
# entry should be kept on an individual line. The IP address should 
# be placed in the first column followed by the corresponding host name. 
# The IP address and the host name should be separated by at least one 
# space. 

# Additionally, comments (such as these) may be inserted on individual 
# lines or following the machine name denoted by a '#' symbol. 

# For example: 

#      102.54.94.97     rhino.acme.com          # source server 
#       38.25.63.10     x.acme.com              # x client host 
 
127.0.0.1       localhost 

==== Empty Folders Check ======================

C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\COMMON~1\EAInstaller deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\IDM deleted successfully
C:\PROGRA~3\ProductData deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} deleted successfully
C:\Users\Administrador\AppData\LocalLow deleted successfully
C:\Users\Administrador\AppData\Local\ActiveSync deleted successfully
C:\Users\J.P\AppData\Local\ActiveSync deleted successfully
C:\Users\J.P\AppData\Local\CrashDumps deleted successfully
C:\Users\J.P\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2723134861-882596846-4248002994-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{50BD9674-014A-4879-9A4C-3CED93E78338} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~3\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} not found
C:\PROGRA~2\SamsungPrinterLiveUpdateInstaller deleted
C:\PROGRA~2\Universal Extractor deleted
C:\NetworkCfg.xml deleted
C:\HijackThis.exe deleted
C:\PROGRA~3\Package Cache deleted
C:\Windows\SysNative\tasks\ASC9_PerformanceMonitor deleted
C:\Users\Public\Desktop\OSDownloader.lnk deleted
"C:\Windows\Installer\4ac89.msi" deleted
"C:\Users\J.P\AppData\Roaming\MPC-HC" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi" [28/12/2016 07:04]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi" [28/12/2016 07:04]

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[13/06/2016 11:18]
jeaohhlajejodfjadcponpnjgkiikocn - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx[11/02/2016 10:49]
kpdmjodecdegfglgaapafjleomjjlpnh - No path found[]
ngpampappnmepgilojfohadhhmbhlaek - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx[11/02/2016 10:49]

Google Cast - J.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd
Videostream for Google Chromecastâ„¢ - J.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl
browse-by-netflixers - J.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\efpojaaaadkmgcgafajaapmehnenjflp
McAfee® WebAdvisor - J.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho
MagicScroll eBook Reader - J.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgnmgfdoiplfmhgghbmlphanpfmjble
IDM Integration Module - J.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek
Chrome Media Router - J.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Google Cast - J.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd
Videostream for Google Chromecastâ„¢ - J.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl
browse-by-netflixers - J.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\efpojaaaadkmgcgafajaapmehnenjflp
McAfee® WebAdvisor - J.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho
MagicScroll eBook Reader - J.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgnmgfdoiplfmhgghbmlphanpfmjble
IDM Integration Module - J.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek
Chrome Media Router - J.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Chromium Fix ======================

C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.localstorage deleted successfully
C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{A52FF9F7-79F8-4E87-8001-20B41DBC13A3}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A52FF9F7-79F8-4E87-8001-20B41DBC13A3}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{A52FF9F7-79F8-4E87-8001-20B41DBC13A3}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{A52FF9F7-79F8-4E87-8001-20B41DBC13A3} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&PC=MAARJS
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{A52FF9F7-79F8-4E87-8001-20B41DBC13A3}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{A52FF9F7-79F8-4E87-8001-20B41DBC13A3} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&PC=MAARJS
HKCU\SearchScopes "DefaultScope"="{A52FF9F7-79F8-4E87-8001-20B41DBC13A3}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{A52FF9F7-79F8-4E87-8001-20B41DBC13A3} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&PC=MAARJS

==== Reset Google Chrome ======================

C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\J.P\Desktop\api.dll - Atalho.lnk - C:\Users\J.P\Desktop\FSX\SP1_with_crack\Crack for SP1\api.dll 
C:\Users\J.P\Desktop\fsui.dll - Atalho.lnk - C:\Users\J.P\Desktop\FSX\SP1_with_crack\Crack for SP1\fsui.dll 
C:\Users\J.P\Desktop\Internet Download Manager.lnk - C:\Program Files (x86)\Internet Download Manager\IDMan.exe 
C:\Users\J.P\Desktop\KMPlayer.lnk - C:\KMPlayer\KMPlayer.exe 
C:\Users\J.P\Desktop\main.dll - Atalho.lnk - C:\Users\J.P\Desktop\FSX\SP1_with_crack\Crack for SP1\main.dll 
C:\Users\J.P\Desktop\Media Player Classic - HC.lnk - C:\Program Files (x86)\XP Codec Pack\mpc-hc\mpc-hc.exe 
C:\Users\J.P\Desktop\Spotify.lnk - C:\Users\J.P\AppData\Roaming\Spotify\Spotify.exe 
C:\Users\J.P\Desktop\UniExtract.exe - Atalho.lnk - C:\Program Files (x86)\Universal Extractor\UniExtract.exe 
C:\Users\J.P\Desktop\api.dll - Atalho.lnk - C:\Users\J.P\Desktop\FSX\SP1_with_crack\Crack for SP1\api.dll 
C:\Users\J.P\Desktop\fsui.dll - Atalho.lnk - C:\Users\J.P\Desktop\FSX\SP1_with_crack\Crack for SP1\fsui.dll 
C:\Users\J.P\Desktop\Internet Download Manager.lnk - C:\Program Files (x86)\Internet Download Manager\IDMan.exe 
C:\Users\J.P\Desktop\KMPlayer.lnk - C:\KMPlayer\KMPlayer.exe 
C:\Users\J.P\Desktop\main.dll - Atalho.lnk - C:\Users\J.P\Desktop\FSX\SP1_with_crack\Crack for SP1\main.dll 
C:\Users\J.P\Desktop\Media Player Classic - HC.lnk - C:\Program Files (x86)\XP Codec Pack\mpc-hc\mpc-hc.exe 
C:\Users\J.P\Desktop\Spotify.lnk - C:\Users\J.P\AppData\Roaming\Spotify\Spotify.exe 
C:\Users\J.P\Desktop\UniExtract.exe - Atalho.lnk - C:\Program Files (x86)\Universal Extractor\UniExtract.exe 

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\3reedom Connection Manager.lnk - C:\Program Files (x86)\3reedom Connection Manager\UIMain.exe 
C:\Users\Public\Desktop\Acer Backup Manager.lnk - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe 
C:\Users\Public\Desktop\Acrobat Reader DC.lnk - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe 
C:\Users\Public\Desktop\Advanced SystemCare 9.lnk -  
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe 
C:\Users\Public\Desktop\BlueSoleil.lnk - C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe 
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe 
C:\Users\Public\Desktop\CDBurnerXP.lnk - C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe 
C:\Users\Public\Desktop\Comprar suprimentos - HP Deskjet 2540 series.lnk - C:\Program Files (x86)\HP\HP Deskjet 2540 series\Bin\hpqDTSS.exe 
C:\Users\Public\Desktop\DAEMON Tools Pro.lnk - C:\Program Files (x86)\DAEMON Tools Pro\DTPro.exe 
C:\Users\Public\Desktop\Diagnóstico da impressora Samsung.lnk -  
C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk - C:\Program Files (x86)\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe 
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Public\Desktop\Help and Support.lnk -  
C:\Users\Public\Desktop\HP Deskjet 2540 series.lnk - C:\Program Files (x86)\HP\HP Deskjet 2540 series\Bin\HP Deskjet 2540 series.exe -Start UDCDevicePage
C:\Users\Public\Desktop\HP Photo Creations.lnk - C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe 
C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk - C:\Program Files (x86)\HP\Diagnostics\PSDR\HPPSDr.exe 
C:\Users\Public\Desktop\HP Support Assistant.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /p 2
C:\Users\Public\Desktop\IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe 
C:\Users\Public\Desktop\Malwarebytes.lnk - C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe 
C:\Users\Public\Desktop\McAfee Total Protection .lnk - C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe /desktopicon /platui
C:\Users\Public\Desktop\Microsoft Flight Simulator 2004.lnk - E:\Program Files (x86)\Microsoft Games\Flight Simulator 9\fs9.exe 
C:\Users\Public\Desktop\MV RegClean 6.9.lnk - C:\Program Files (x86)\Marcos Velasco Security\MV RegClean 6.9\MVREGCLEAN.EXE 
C:\Users\Public\Desktop\Prático Artigo.lnk -  
C:\Users\Public\Desktop\Prático TCC.lnk -  
C:\Users\Public\Desktop\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe 
C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk - C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe 
C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe 
C:\Users\Public\Desktop\Vuze.lnk - C:\Program Files (x86)\Vuze\Azureus.exe 
C:\Users\Public\Desktop\WD Drive Utilities.lnk - C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilities.exe 
C:\Users\Public\Desktop\WD Security.lnk - C:\Program Files (x86)\Western Digital\WD Security\WDDriveSecurity.exe 
C:\Users\Public\Desktop\WinSCP.lnk - C:\Program Files (x86)\WinSCP\WinSCP.exe 

==== shortcuts in Users Start Menu ======================

C:\Users\J.P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk - C:\Users\J.P\AppData\Roaming\Spotify\Spotify.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Deskjet 2540 series (Copy 1).lnk - C:\Windows\system32\RunDll32.exe "C:\Program Files\HP\HP Deskjet 2540 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=BR586FB3MB05XK;CONNECTION=USB;MONITOR=1;
C:\Users\J.P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk - C:\Users\J.P\AppData\Roaming\Spotify\Spotify.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Deskjet 2540 series (Copy 1).lnk - C:\Windows\system32\RunDll32.exe "C:\Program Files\HP\HP Deskjet 2540 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=BR586FB3MB05XK;CONNECTION=USB;MONITOR=1;
C:\Users\J.P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe 

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}\SC_Reader.ico 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk - C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk - C:\Program Files (x86)\WinSCP\WinSCP.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3reedom Connection Manager\3reedom Connection Manager.lnk - C:\Program Files (x86)\3reedom Connection Manager\UIMain.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3reedom Connection Manager\Uninstall.lnk - C:\Windows\SysWOW64\SupportAppCB\EXETimer.exe "C:\Windows\SysWoW64\SupportAppCB\Uninstall.bat"
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk - C:\Program Files\7-Zip\7zFM.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk - C:\Program Files\7-Zip\7-zip.chm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare\Advanced SystemCare 9.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Atualização HP.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Deskjet 2540 series\HP Deskjet 2540 series.lnk - C:\Program Files (x86)\HP\HP Deskjet 2540 series\Bin\HP Deskjet 2540 series.exe -Start UDCDevicePage
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photo Creations\Desinstalar HP Photo Creations.lnk - C:\Program Files (x86)\HP Photo Creations\uninst.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photo Creations\HP Photo Creations.lnk - C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP Support Assistant.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /p 1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_101\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre1.8.0_101\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_101\bin\javacpl.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Java Mission Control.lnk - C:\Program Files (x86)\Java\jdk1.7.0_45\bin\jmc.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Reference Documentation.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Malwarebytes.lnk - C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Uninstall Malwarebytes.lnk - C:\Program Files (x86)\Malwarebytes\Anti-Malware\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee\McAfee Total Protection .lnk - C:\Program Files (x86)\Common Files\mcafee\Platform\McUICnt.exe /desktopicon /platui
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Microsoft Flight Simulator 2004\Flight Instructor.lnk - E:\Program Files (x86)\Microsoft Games\Flight Simulator 9\fs9.exe /INSTRUCTOR
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Microsoft Flight Simulator 2004\Microsoft Flight Simulator 2004 Readme.lnk - E:\Program Files (x86)\Microsoft Games\Flight Simulator 9\Readme.rtf 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Microsoft Flight Simulator 2004\Microsoft Flight Simulator 2004.lnk - E:\Program Files (x86)\Microsoft Games\Flight Simulator 9\fs9.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Microsoft Flight Simulator 2004\Uninstall Microsoft Flight Simulator 2004.lnk - E:\Program Files (x86)\Microsoft Games\Flight Simulator 9\UNINSTAL.EXE /runtemp
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Microsoft Flight Simulator 2004\Troubleshooting\Configuration Support.lnk - E:\Program Files (x86)\Microsoft Games\Flight Simulator 9\Config\ConfigSupport.htm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Microsoft Flight Simulator 2004\Troubleshooting\Reset Defaults.lnk - E:\Program Files (x86)\Microsoft Games\Flight Simulator 9\fs9.exe -RESETINI
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Microsoft Flight Simulator 2004\Troubleshooting\Safe Mode.lnk - E:\Program Files (x86)\Microsoft Games\Flight Simulator 9\fs9.exe -SWREND
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories\Ajuda do Microsoft Xbox 360 Accessories.lnk - C:\Program Files (x86)\Microsoft Xbox 360 Accessories\Xboxhelp.chm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories\Status do Microsoft Xbox 360 Accessories.lnk - C:\Program Files (x86)\Microsoft Xbox 360 Accessories\XBoxStat.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories\Verificar se Há Atualizações.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\Diagnóstico da impressora Samsung.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\Order Supplies.lnk - C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\Samsung Easy Printer Manager.lnk - C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\Samsung Easy Wireless Setup.lnk - C:\Program Files (x86)\Samsung\Samsung Easy Wireless Setup\SEInstall\Setup\bin\SSWSPExe.exe /MSamsung /P"Easy Wireless Setup"
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\Samsung Printer Center.lnk - C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\Uninstall Samsung Printer Software.lnk - C:\Program Files (x86)\Samsung\TotalUninstaller\TotalUninstaller.exe /N"Samsung" /REMOVE_ALL
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\Update Software.lnk - C:\Program Files (x86)\Samsung\Samsung Printer Diagnostics\SEInstall\SPD\ESM.exe /J_Update /Target "PRINT_COMMON_SW"

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\OSDownloader.lnk - C:\Program Files (x86)\OSDownloader\OSDownloader.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk - C:\Program Files (x86)\Vuze\Azureus.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acer Device Fast-lane.lnk - C:\Program Files (x86)\Acer\Acer Device Fast-lane\DeviceFastLaneUI.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acer Power Button.lnk - C:\Program Files (x86)\Acer\Acer Power Management\ePowerButton.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AcerCloud Docs.lnk - C:\Program Files (x86)\Acer\AcerCloud Docs\AcerCloud Docs.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Advanced SystemCare 9.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\clear.fi Media.lnk - C:\Program Files (x86)\Acer\clear.fi Media\ClearfiMedia.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\clear.fi Photo.lnk - C:\Program Files (x86)\Acer\clear.fi Photo\ClearfiPhoto.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -  
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Flight Simulator®.lnk -  
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Videostream for Google Chromecast™.lnk -  
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\OSDownloader.lnk - C:\Program Files (x86)\OSDownloader\OSDownloader.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk - C:\Program Files (x86)\Vuze\Azureus.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acer Device Fast-lane.lnk - C:\Program Files (x86)\Acer\Acer Device Fast-lane\DeviceFastLaneUI.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acer Power Button.lnk - C:\Program Files (x86)\Acer\Acer Power Management\ePowerButton.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AcerCloud Docs.lnk - C:\Program Files (x86)\Acer\AcerCloud Docs\AcerCloud Docs.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Advanced SystemCare 9.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\clear.fi Media.lnk - C:\Program Files (x86)\Acer\clear.fi Media\ClearfiMedia.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\clear.fi Photo.lnk - C:\Program Files (x86)\Acer\clear.fi Photo\ClearfiPhoto.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -  
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Flight Simulator®.lnk -  
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Videostream for Google Chromecast™.lnk -  

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\203E62EEA6789D84098513925E9B9999 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE26E302-876A-48D9-9058-3129E5B99999} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\203E62EEA6789D84098513925E9B9999 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Administrador\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\J.P\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\J.P\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Users\J.P\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\J.P\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Administrador\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\J.P\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\J.P\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Users\J.P\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\J.P\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=222 folders=22 33602706 bytes)

==== Empty Temp Folders ======================

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\J.P\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 11/01/2017 at 20:07:03,53 ======================
 

Compartilhar este post


Link para o post
Compartilhar em outros sites
Ok, o PC está limpo (Y)
Finalizando.......
Limpe a Restauração do Sistema, criando um Ponto de Restauração do sistema limpo.
Clique com o botão direito do mouse em cima do MEU COMPUTADOR > Propiedades > Proteção do Sistema > Configurar > Excluir. Ainda em Proteção do Sistema > Criar.

assinatura-mrmillion.png

Compartilhar este post


Link para o post
Compartilhar em outros sites
Entre para seguir isso  

×