Análise de Logs -

knalm550 disse:

Minha situação é a mesma do desse tópico:
https://www.hardware.com.br/comunidade/virus-indestrutivel/1373710/#post7172362

Já fiz vários procedimentos e o mesmo sempre retorna, instalando tudo novamente. Instalar o navegador crossbrowser, 3d bubble sound, search protect e outros. Altera o agendamento e outras coisas chatice. Vou postar os log´s adware e JKRT

"Adware"

Antes de Limpar
# AdwCleaner v4.206 - Relatório criado 11/06/2015 às 09:03:43
# Atualizado 01/06/2015 por Xplode
# Base de dados : 2015-06-09.1 [Servidor]
# Sistema operacional : Windows 8.1 Single Language (x64)
# Usuário : Alex - GERENCIAEAGLE
# Executando de : \\192.168.1.1\Exactus\Programas\adwcleaner_4.206.exe
# Opção : Verificar

***** [ Serviços ] *****

Serviço Encontrado : globalUpdate
Serviço Encontrado : globalUpdatem
Serviço Encontrado : IHProtect Service
Serviço Encontrado : WindowsMangerProtect

***** [ Arquivos / Pastas ] *****

Arquivo Encontrado : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0
Arquivo Encontrado : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\apfkeogliibfminiiihgdkkcaenchhia
Arquivo Encontrado : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\papbadoldddalgcjcicnikcfenodpghp
Arquivo Encontrado : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_apfkeogliibfminiiihgdkkcaenchhia_0.localstorage
Arquivo Encontrado : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_apfkeogliibfminiiihgdkkcaenchhia_0.localstorage-journal
Arquivo Encontrado : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oursurfing.com_0.localstorage
Arquivo Encontrado : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oursurfing.com_0.localstorage-journal
Arquivo Encontrado : C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\crossbrowse.lnk
Arquivo Encontrado : C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\crossbrowse.lnk
Arquivo Encontrado : C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk
Arquivo Encontrado : C:\Users\Alex\AppData\Roaming\TCW9bDbmEVlDRi5
Arquivo Encontrado : C:\Users\Alex\AppData\Roaming\TCW9bDbmEVlDRi5.exe
Arquivo Encontrado : C:\Users\Alex\Desktop\3D BubbleSound.lnk
Arquivo Encontrado : C:\Users\Public\Desktop\crossbrowse.lnk
Pasta Encontrado : C:\Program Files (x86)\BrowserV09.06
Pasta Encontrado : C:\Program Files (x86)\Crossbrowse
Pasta Encontrado : C:\Program Files (x86)\globalUpdate
Pasta Encontrado : C:\Program Files (x86)\miuitab
Pasta Encontrado : C:\Program Files (x86)\PRiiceLEss
Pasta Encontrado : C:\Program Files (x86)\SuperClick_1.10.0.16
Pasta Encontrado : C:\Program Files\BubbleSound
Pasta Encontrado : C:\ProgramData\5672904180213147303
Pasta Encontrado : C:\ProgramData\IHProtectUpDate
Pasta Encontrado : C:\ProgramData\lafgkajcfenmdlbakoaipnepnknedlbn
Pasta Encontrado : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
Pasta Encontrado : C:\ProgramData\WindowsMangerProtect
Pasta Encontrado : C:\Users\Alex\AppData\Local\Crossbrowse
Pasta Encontrado : C:\Users\Alex\AppData\Local\globalUpdate
Pasta Encontrado : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Pasta Encontrado : C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BubbleSound 1.0
Pasta Encontrado : C:\Users\Alex\AppData\Roaming\oursurfing

***** [ Tarefas agendadas ] *****

Tarefa Encontrado : Crossbrowse
Tarefa Encontrado : globalUpdateUpdateTaskMachineCore
Tarefa Encontrado : globalUpdateUpdateTaskMachineUA
Tarefa Encontrado : SuperClick Auto Updater 1.10.0.16 Pending Update
Tarefa Encontrado : SuperClick Auto Updater 1.10.0.16 Core
Tarefa Encontrado : TCW9bDbmEVlDRi5
Tarefa Encontrado : TCW9bDbmEVlDRi5
Tarefa Encontrado : 7b7c1752-3c2a-458d-b390-a901e4bf1e56-1-6
Tarefa Encontrado : 7b7c1752-3c2a-458d-b390-a901e4bf1e56-1-7
Tarefa Encontrado : 7b7c1752-3c2a-458d-b390-a901e4bf1e56-3
Tarefa Encontrado : 7b7c1752-3c2a-458d-b390-a901e4bf1e56-5
Tarefa Encontrado : 7b7c1752-3c2a-458d-b390-a901e4bf1e56-5_user
Tarefa Encontrado : 7b7c1752-3c2a-458d-b390-a901e4bf1e56-6
Tarefa Encontrado : 7b7c1752-3c2a-458d-b390-a901e4bf1e56-7
Tarefa Encontrado : 7b7c1752-3c2a-458d-b390-a901e4bf1e56-1-6
Tarefa Encontrado : 7b7c1752-3c2a-458d-b390-a901e4bf1e56-1-7
Tarefa Encontrado : 7b7c1752-3c2a-458d-b390-a901e4bf1e56-3
Tarefa Encontrado : 7b7c1752-3c2a-458d-b390-a901e4bf1e56-5
Tarefa Encontrado : 7b7c1752-3c2a-458d-b390-a901e4bf1e56-5_user
Tarefa Encontrado : 7b7c1752-3c2a-458d-b390-a901e4bf1e56-6
Tarefa Encontrado : 7b7c1752-3c2a-458d-b390-a901e4bf1e56-7

***** [ Atalhos ] *****

Atalho Infectado : C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Atalho Infectado : C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Atalho Infectado : C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Launch Internet Explorer Browser.lnk
Atalho Infectado : C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk

***** [ Registro ] *****

Chave Encontrado : HKCU\Software\AppDataLow\Software\Crossrider
Chave Encontrado : HKCU\Software\ArenaHD
Chave Encontrado : HKCU\Software\BrowserV09.06-nv
Chave Encontrado : HKCU\Software\BrowserV09.06-nv-ie
Chave Encontrado : HKCU\Software\Crossbrowse
Chave Encontrado : HKCU\Software\CrossBrowser
Chave Encontrado : HKCU\Software\GlobalUpdate
Chave Encontrado : HKCU\Software\HighDefAction
Chave Encontrado : HKCU\Software\InstalledBrowserExtensions
Chave Encontrado : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Chave Encontrado : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Chave Encontrado : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Chave Encontrado : HKCU\Software\YorkNewCin
Chave Encontrado : [x64] HKCU\Software\ArenaHD
Chave Encontrado : [x64] HKCU\Software\BrowserV09.06-nv
Chave Encontrado : [x64] HKCU\Software\BrowserV09.06-nv-ie
Chave Encontrado : [x64] HKCU\Software\Crossbrowse
Chave Encontrado : [x64] HKCU\Software\CrossBrowser
Chave Encontrado : [x64] HKCU\Software\GlobalUpdate
Chave Encontrado : [x64] HKCU\Software\HighDefAction
Chave Encontrado : [x64] HKCU\Software\InstalledBrowserExtensions
Chave Encontrado : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Chave Encontrado : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Chave Encontrado : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Chave Encontrado : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Chave Encontrado : [x64] HKCU\Software\YorkNewCin
Chave Encontrado : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Chave Encontrado : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Chave Encontrado : HKLM\SOFTWARE\ArenaHD
Chave Encontrado : HKLM\SOFTWARE\bf0c8460-64cf-456a-9220-05e2b0e3fe21
Chave Encontrado : HKLM\SOFTWARE\BrowserV09.06
Chave Encontrado : HKLM\SOFTWARE\BrowserV09.06-nv
Chave Encontrado : HKLM\SOFTWARE\BrowserV09.06-nv-ie
Chave Encontrado : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Chave Encontrado : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Chave Encontrado : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
Chave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{0AF0477B-21EB-475A-8731-1950C1C872AC}
Chave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Chave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Chave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Chave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Chave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Chave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Chave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Chave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Chave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Chave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Chave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Chave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{9EA24E45-6FA1-41EC-8BC0-ADBD129ACDE7}
Chave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Chave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Chave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Chave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Chave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Chave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Chave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Chave Encontrado : HKLM\SOFTWARE\Classes\CRSBRWSHTML
Chave Encontrado : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Chave Encontrado : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Chave Encontrado : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Chave Encontrado : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Chave Encontrado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Chave Encontrado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Chave Encontrado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Chave Encontrado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Chave Encontrado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Chave Encontrado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Chave Encontrado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Chave Encontrado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Chave Encontrado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Chave Encontrado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Chave Encontrado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Chave Encontrado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Chave Encontrado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Chave Encontrado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Chave Encontrado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Chave Encontrado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Chave Encontrado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Chave Encontrado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Chave Encontrado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Chave Encontrado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Chave Encontrado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Chave Encontrado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Chave Encontrado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Chave Encontrado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Chave Encontrado : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Encontrado : HKLM\SOFTWARE\Classes\P0AF0477B_21EB_475A_8731_1950C1C872AC_.P0AF0477B_21EB_475A_8731_1950C1C872AC_
Chave Encontrado : HKLM\SOFTWARE\Classes\P0AF0477B_21EB_475A_8731_1950C1C872AC_.P0AF0477B_21EB_475A_8731_1950C1C872AC_.9
Chave Encontrado : HKLM\SOFTWARE\Classes\P9EA24E45_6FA1_41EC_8BC0_ADBD129ACDE7_.P9EA24E45_6FA1_41EC_8BC0_ADBD129ACDE7_
Chave Encontrado : HKLM\SOFTWARE\Classes\P9EA24E45_6FA1_41EC_8BC0_ADBD129ACDE7_.P9EA24E45_6FA1_41EC_8BC0_ADBD129ACDE7_.9
Chave Encontrado : HKLM\SOFTWARE\Classes\TypeLib\{1F831F60-05FB-474D-93A3-42DA68E7EB8F}
Chave Encontrado : HKLM\SOFTWARE\Clients\StartMenuInternet\Crossbrowse
Chave Encontrado : HKLM\SOFTWARE\Crossbrowse
Chave Encontrado : HKLM\SOFTWARE\GlobalUpdate
Chave Encontrado : HKLM\SOFTWARE\HighDefAction
Chave Encontrado : HKLM\SOFTWARE\IHProtect
Chave Encontrado : HKLM\SOFTWARE\InstalledBrowserExtensions
Chave Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Chave Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Chave Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Chave Encontrado : HKLM\SOFTWARE\Microsoft\Mediaplayer\Shiminclusionlist\crossbrowse.exe
Chave Encontrado : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\globalupdate.exe
Chave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\crossbrowse.exe
Chave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0AF0477B-21EB-475A-8731-1950C1C872AC}
Chave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Chave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9EA24E45-6FA1-41EC-8BC0-ADBD129ACDE7}
Chave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0AF0477B-21EB-475A-8731-1950C1C872AC}
Chave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Chave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9EA24E45-6FA1-41EC-8BC0-ADBD129ACDE7}
Chave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Chave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Chave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Chave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{75F9BF4A-AF67-A478-A37B-31D73186D3F3}
Chave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Chave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowserV09.06
Chave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Crossbrowse
Chave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\oursurfing uninstall
Chave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Chave Encontrado : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Chave Encontrado : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Chave Encontrado : HKLM\SOFTWARE\oursurfingSoftware
Chave Encontrado : HKLM\SOFTWARE\searchult
Chave Encontrado : HKLM\SOFTWARE\SupDp
Chave Encontrado : HKLM\SOFTWARE\SupTab
Chave Encontrado : HKLM\SOFTWARE\supWindowsMangerProtect
Chave Encontrado : HKLM\SOFTWARE\YorkNewCin
Chave Encontrado : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Chave Encontrado : [x64] HKLM\SOFTWARE\ArenaHD
Chave Encontrado : [x64] HKLM\SOFTWARE\BubbleSound
Chave Encontrado : [x64] HKLM\SOFTWARE\Classes\CLSID\{0AF0477B-21EB-475A-8731-1950C1C872AC}
Chave Encontrado : [x64] HKLM\SOFTWARE\Classes\CLSID\{9EA24E45-6FA1-41EC-8BC0-ADBD129ACDE7}
Chave Encontrado : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Encontrado : [x64] HKLM\SOFTWARE\HighDefAction
Chave Encontrado : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Chave Encontrado : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0AF0477B-21EB-475A-8731-1950C1C872AC}
Chave Encontrado : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9EA24E45-6FA1-41EC-8BC0-ADBD129ACDE7}
Chave Encontrado : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BubbleSound
Chave Encontrado : [x64] HKLM\SOFTWARE\YorkNewCin
Chave Encontrado : HKU\.DEFAULT\Software\BrowserV09.06-nv
Chave Encontrado : HKU\.DEFAULT\Software\BrowserV09.06-nv-ie
Dados Encontrado : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command [(Default)] - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.oursurfing.com/?type=sc&ts=1434023504&z=47257ae81076912878cdf56gbzdc7z0eeofcdwaefo&from=age&uid=TOSHIBAXMQ01ABF032_93LTC2Y7TXX93LTC2Y7T
Dados Encontrado : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\IEXPLORE.EXE hxxp://www.oursurfing.com/?type=sc&ts=1434023504&z=47257ae81076912878cdf56gbzdc7z0eeofcdwaefo&from=age&uid=TOSHIBAXMQ01ABF032_93LTC2Y7TXX93LTC2Y7T
Valor Encontrado : HKLM\SOFTWARE\Classes\.htm\OpenWithProgids [CRSBRWSHTML]
Valor Encontrado : HKLM\SOFTWARE\Classes\.html\OpenWithProgids [CRSBRWSHTML]
Valor Encontrado : HKLM\SOFTWARE\RegisteredApplications [Crossbrowse]

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17840

Configuração Encontrado : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.oursurfing.com/web/?type=ds&ts=1434023504&z=47257ae81076912878cdf56gbzdc7z0eeofcdwaefo&from=age&uid=TOSHIBAXMQ01ABF032_93LTC2Y7TXX93LTC2Y7T&q={searchTerms}
Configuração Encontrado : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.oursurfing.com/?type=hppp&ts=1434023522&z=5037ccc58b4c89ee0786fa3g9z1c5zeeaofc6w5o1e&from=age&uid=TOSHIBAXMQ01ABF032_93LTC2Y7TXX93LTC2Y7T
Configuração Encontrado : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.oursurfing.com/?type=hppp&ts=1434023522&z=5037ccc58b4c89ee0786fa3g9z1c5zeeaofc6w5o1e&from=age&uid=TOSHIBAXMQ01ABF032_93LTC2Y7TXX93LTC2Y7T
Configuração Encontrado : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.oursurfing.com/web/?type=ds&ts=1434023504&z=47257ae81076912878cdf56gbzdc7z0eeofcdwaefo&from=age&uid=TOSHIBAXMQ01ABF032_93LTC2Y7TXX93LTC2Y7T&q={searchTerms}
Configuração Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.oursurfing.com/web/?type=ds&ts=1434023504&z=47257ae81076912878cdf56gbzdc7z0eeofcdwaefo&from=age&uid=TOSHIBAXMQ01ABF032_93LTC2Y7TXX93LTC2Y7T&q={searchTerms}
Configuração Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.oursurfing.com/?type=hppp&ts=1434023522&z=5037ccc58b4c89ee0786fa3g9z1c5zeeaofc6w5o1e&from=age&uid=TOSHIBAXMQ01ABF032_93LTC2Y7TXX93LTC2Y7T
Configuração Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.oursurfing.com/?type=hppp&ts=1434023522&z=5037ccc58b4c89ee0786fa3g9z1c5zeeaofc6w5o1e&from=age&uid=TOSHIBAXMQ01ABF032_93LTC2Y7TXX93LTC2Y7T
Configuração Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.oursurfing.com/web/?type=ds&ts=1434023504&z=47257ae81076912878cdf56gbzdc7z0eeofcdwaefo&from=age&uid=TOSHIBAXMQ01ABF032_93LTC2Y7TXX93LTC2Y7T&q={searchTerms}
Configuração Encontrado : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.oursurfing.com/?type=hppp&ts=1434023522&z=5037ccc58b4c89ee0786fa3g9z1c5zeeaofc6w5o1e&from=age&uid=TOSHIBAXMQ01ABF032_93LTC2Y7TXX93LTC2Y7T
Configuração Encontrado : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.oursurfing.com/?type=hppp&ts=1434023522&z=5037ccc58b4c89ee0786fa3g9z1c5zeeaofc6w5o1e&from=age&uid=TOSHIBAXMQ01ABF032_93LTC2Y7TXX93LTC2Y7T

-\\ Google Chrome v43.0.2357.124

[C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Web data] - Encontrado [Search Provider] : hxxp://search.searchult.com/?bd=ds&oem=clckmn&uid=TOSHIBAXMQ01ABF032_93LTC2Y7TXX93LTC2Y7T&version=2.3.0.8956&pid=414031160&tid=463&q={searchTerms}
[C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Web data] - Encontrado [Search Provider] : hxxp://www.oursurfing.com/web/?type=dspp&ts=1434023522&z=5037ccc58b4c89ee0786fa3g9z1c5zeeaofc6w5o1e&from=age&uid=TOSHIBAXMQ01ABF032_93LTC2Y7TXX93LTC2Y7T&q={searchTerms}
[C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Encontrado [Extension] : lccekmodgklaepjeofjdjpbminllajkg
[C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Encontrado [Extension] : lafgkajcfenmdlbakoaipnepnknedlbn
[C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Encontrado [Homepage] : hxxp://www.oursurfing.com/?type=hppp&ts=1434023522&z=5037ccc58b4c89ee0786fa3g9z1c5zeeaofc6w5o1e&from=age&uid=TOSHIBAXMQ01ABF032_93LTC2Y7TXX93LTC2Y7T

*************************

AdwCleaner[R0].txt - [34470 bytes] - [02/06/2015 14:13:07]
AdwCleaner[R1].txt - [22349 bytes] - [05/06/2015 16:02:41]
AdwCleaner[R2].txt - [20924 bytes] - [09/06/2015 11:20:24]
AdwCleaner[R3].txt - [21426 bytes] - [11/06/2015 09:03:43]
AdwCleaner[S0].txt - [26116 bytes] - [02/06/2015 14:24:47]
AdwCleaner[S1].txt - [18525 bytes] - [05/06/2015 16:05:36]
AdwCleaner[S2].txt - [17033 bytes] - [09/06/2015 11:22:23]

########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [21666 bytes] ##########

Adware Depois de Limpar

"AD"

# AdwCleaner v4.206 - Relatório criado 11/06/2015 às 09:07:03
# Atualizado 01/06/2015 por Xplode
# Base de dados : 2015-06-09.1 [Servidor]
# Sistema operacional : Windows 8.1 Single Language (x64)
# Usuário : Alex - GERENCIAEAGLE
# Executando de : \\192.168.1.1\Exactus\Programas\adwcleaner_4.206.exe
# Opção : Limpar

***** [ Serviços ] *****

[#] Serviço Excluído : globalUpdate
[#] Serviço Excluído : globalUpdatem
[#] Serviço Excluído : IHProtect Service
[#] Serviço Excluído : WindowsMangerProtect

***** [ Arquivos / Pastas ] *****

Pasta Excluído : C:\ProgramData\WindowsMangerProtect
Pasta Excluído : C:\ProgramData\IHProtectUpDate
Pasta Excluído : C:\ProgramData\5672904180213147303
Pasta Excluído : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
Pasta Excluído : C:\Program Files (x86)\globalUpdate
Pasta Excluído : C:\Program Files (x86)\Crossbrowse
Pasta Excluído : C:\Program Files (x86)\miuitab
Pasta Excluído : C:\Program Files (x86)\PRiiceLEss
Pasta Excluído : C:\Program Files (x86)\BrowserV09.06
Pasta Excluído : C:\Program Files (x86)\SuperClick_1.10.0.16
Pasta Excluído : C:\Program Files\BubbleSound
Pasta Excluído : C:\Users\Alex\AppData\Local\globalUpdate
Pasta Excluído : C:\Users\Alex\AppData\Local\Crossbrowse
Pasta Excluído : C:\Users\Alex\AppData\Roaming\oursurfing
Pasta Excluído : C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BubbleSound 1.0
Pasta Excluído : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Pasta Excluído : C:\ProgramData\lafgkajcfenmdlbakoaipnepnknedlbn
Arquivo Excluído : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0
Arquivo Excluído : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\papbadoldddalgcjcicnikcfenodpghp
Arquivo Excluído : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_apfkeogliibfminiiihgdkkcaenchhia_0.localstorage
Arquivo Excluído : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_apfkeogliibfminiiihgdkkcaenchhia_0.localstorage-journal
Arquivo Excluído : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\apfkeogliibfminiiihgdkkcaenchhia
Arquivo Excluído : C:\Users\Public\Desktop\crossbrowse.lnk
Arquivo Excluído : C:\Users\Alex\AppData\Roaming\TCW9bDbmEVlDRi5
Arquivo Excluído : C:\Users\Alex\AppData\Roaming\TCW9bDbmEVlDRi5.exe
Arquivo Excluído : C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\crossbrowse.lnk
Arquivo Excluído : C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\crossbrowse.lnk
Arquivo Excluído : C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk
Arquivo Excluído : C:\Users\Alex\Desktop\3D BubbleSound.lnk
Arquivo Excluído : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oursurfing.com_0.localstorage
Arquivo Excluído : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oursurfing.com_0.localstorage-journal

***** [ Tarefas agendadas ] *****

Tarefa Apagado : Crossbrowse
Tarefa Apagado : globalUpdateUpdateTaskMachineCore
Tarefa Apagado : globalUpdateUpdateTaskMachineUA
Tarefa Apagado : SuperClick Auto Updater 1.10.0.16 Pending Update
Tarefa Apagado : SuperClick Auto Updater 1.10.0.16 Core
Tarefa Apagado : TCW9bDbmEVlDRi5
Tarefa Apagado : 7b7c1752-3c2a-458d-b390-a901e4bf1e56-1-6
Tarefa Apagado : 7b7c1752-3c2a-458d-b390-a901e4bf1e56-1-7
Tarefa Apagado : 7b7c1752-3c2a-458d-b390-a901e4bf1e56-3
Tarefa Apagado : 7b7c1752-3c2a-458d-b390-a901e4bf1e56-5
Tarefa Apagado : 7b7c1752-3c2a-458d-b390-a901e4bf1e56-5_user
Tarefa Apagado : 7b7c1752-3c2a-458d-b390-a901e4bf1e56-6
Tarefa Apagado : 7b7c1752-3c2a-458d-b390-a901e4bf1e56-7

***** [ Atalhos ] *****

Atalho Desinfectado : C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Atalho Desinfectado : C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Atalho Desinfectado : C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Launch Internet Explorer Browser.lnk
Atalho Desinfectado : C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk

***** [ Registro ] *****

Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Chave Apagado : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Chave Apagado : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Chave Apagado : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Chave Apagado : HKLM\SOFTWARE\Microsoft\Mediaplayer\Shiminclusionlist\crossbrowse.exe
Chave Apagado : HKLM\SOFTWARE\Classes\CRSBRWSHTML
Chave Apagado : HKLM\SOFTWARE\Clients\StartMenuInternet\Crossbrowse
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\crossbrowse.exe
Valor Apagado : HKLM\SOFTWARE\Classes\.htm\OpenWithProgids [CRSBRWSHTML]
Valor Apagado : HKLM\SOFTWARE\Classes\.html\OpenWithProgids [CRSBRWSHTML]
Valor Apagado : HKLM\SOFTWARE\RegisteredApplications [Crossbrowse]
Chave Apagado : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
Chave Apagado : HKLM\SOFTWARE\Classes\P0AF0477B_21EB_475A_8731_1950C1C872AC_.P0AF0477B_21EB_475A_8731_1950C1C872AC_
Chave Apagado : HKLM\SOFTWARE\Classes\P0AF0477B_21EB_475A_8731_1950C1C872AC_.P0AF0477B_21EB_475A_8731_1950C1C872AC_.9
Chave Apagado : HKLM\SOFTWARE\Classes\P9EA24E45_6FA1_41EC_8BC0_ADBD129ACDE7_.P9EA24E45_6FA1_41EC_8BC0_ADBD129ACDE7_
Chave Apagado : HKLM\SOFTWARE\Classes\P9EA24E45_6FA1_41EC_8BC0_ADBD129ACDE7_.P9EA24E45_6FA1_41EC_8BC0_ADBD129ACDE7_.9
Chave Apagado : HKLM\SOFTWARE\bf0c8460-64cf-456a-9220-05e2b0e3fe21
Chave Apagado : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Chave Apagado : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{0AF0477B-21EB-475A-8731-1950C1C872AC}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{9EA24E45-6FA1-41EC-8BC0-ADBD129ACDE7}
Chave Apagado : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Apagado : HKLM\SOFTWARE\Classes\TypeLib\{1F831F60-05FB-474D-93A3-42DA68E7EB8F}
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0AF0477B-21EB-475A-8731-1950C1C872AC}
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9EA24E45-6FA1-41EC-8BC0-ADBD129ACDE7}
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0AF0477B-21EB-475A-8731-1950C1C872AC}
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9EA24E45-6FA1-41EC-8BC0-ADBD129ACDE7}
Chave Apagado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Chave Apagado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Chave Apagado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Chave Apagado : [x64] HKLM\SOFTWARE\Classes\CLSID\{0AF0477B-21EB-475A-8731-1950C1C872AC}
Chave Apagado : [x64] HKLM\SOFTWARE\Classes\CLSID\{9EA24E45-6FA1-41EC-8BC0-ADBD129ACDE7}
Chave Apagado : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Apagado : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0AF0477B-21EB-475A-8731-1950C1C872AC}
Chave Apagado : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9EA24E45-6FA1-41EC-8BC0-ADBD129ACDE7}
Chave Apagado : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Dados Restaurado : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Dados Restaurado : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Chave Apagado : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Chave Apagado : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Chave Apagado : HKCU\Software\GlobalUpdate
Chave Apagado : HKCU\Software\InstalledBrowserExtensions
Chave Apagado : HKCU\Software\CrossBrowser
Chave Apagado : HKCU\Software\Crossbrowse
Chave Apagado : HKCU\Software\YorkNewCin
Chave Apagado : HKCU\Software\HighDefAction
Chave Apagado : HKCU\Software\ArenaHD
Chave Apagado : HKCU\Software\BrowserV09.06-nv
Chave Apagado : HKCU\Software\BrowserV09.06-nv-ie
Chave Apagado : HKCU\Software\AppDataLow\Software\Crossrider
Chave Apagado : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Chave Apagado : HKLM\SOFTWARE\GlobalUpdate
Chave Apagado : HKLM\SOFTWARE\InstalledBrowserExtensions
Chave Apagado : HKLM\SOFTWARE\SupDp
Chave Apagado : HKLM\SOFTWARE\SupTab
Chave Apagado : HKLM\SOFTWARE\supWindowsMangerProtect
Chave Apagado : HKLM\SOFTWARE\IHProtect
Chave Apagado : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Chave Apagado : HKLM\SOFTWARE\Crossbrowse
Chave Apagado : HKLM\SOFTWARE\YorkNewCin
Chave Apagado : HKLM\SOFTWARE\HighDefAction
Chave Apagado : HKLM\SOFTWARE\oursurfingSoftware
Chave Apagado : HKLM\SOFTWARE\ArenaHD
Chave Apagado : HKLM\SOFTWARE\searchult
Chave Apagado : HKLM\SOFTWARE\BrowserV09.06
Chave Apagado : HKLM\SOFTWARE\BrowserV09.06-nv
Chave Apagado : HKLM\SOFTWARE\BrowserV09.06-nv-ie
Chave Apagado : HKU\.DEFAULT\Software\BrowserV09.06-nv
Chave Apagado : HKU\.DEFAULT\Software\BrowserV09.06-nv-ie
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Crossbrowse
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\oursurfing uninstall
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{75F9BF4A-AF67-A478-A37B-31D73186D3F3}
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowserV09.06
Chave Apagado : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Chave Apagado : [x64] HKLM\SOFTWARE\BubbleSound
Chave Apagado : [x64] HKLM\SOFTWARE\YorkNewCin
Chave Apagado : [x64] HKLM\SOFTWARE\HighDefAction
Chave Apagado : [x64] HKLM\SOFTWARE\ArenaHD
Chave Apagado : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BubbleSound
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\globalupdate.exe

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17840

Configuração Restaurado : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Configuração Restaurado : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Configuração Restaurado : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configuração Restaurado : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configuração Restaurado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configuração Restaurado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configuração Restaurado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configuração Restaurado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configuração Restaurado : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configuração Restaurado : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v43.0.2357.124

[C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Apagado [Search Provider] : hxxp://search.searchult.com/?bd=ds&oem=clckmn&uid=TOSHIBAXMQ01ABF032_93LTC2Y7TXX93LTC2Y7T&version=2.3.0.8956&pid=414031160&tid=463&q={searchTerms}
[C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Apagado [Search Provider] : hxxp://www.oursurfing.com/web/?type=dspp&ts=1434023522&z=5037ccc58b4c89ee0786fa3g9z1c5zeeaofc6w5o1e&from=age&uid=TOSHIBAXMQ01ABF032_93LTC2Y7TXX93LTC2Y7T&q={searchTerms}
[C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Apagado [Extension] : lccekmodgklaepjeofjdjpbminllajkg
[C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Apagado [Extension] : lafgkajcfenmdlbakoaipnepnknedlbn
[C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Apagado [Homepage] : hxxp://www.oursurfing.com/?type=hppp&ts=1434023522&z=5037ccc58b4c89ee0786fa3g9z1c5zeeaofc6w5o1e&from=age&uid=TOSHIBAXMQ01ABF032_93LTC2Y7TXX93LTC2Y7T

*************************

AdwCleaner[R0].txt - [34470 bytes] - [02/06/2015 14:13:07]
AdwCleaner[R1].txt - [22349 bytes] - [05/06/2015 16:02:41]
AdwCleaner[R2].txt - [20924 bytes] - [09/06/2015 11:20:24]
AdwCleaner[R3].txt - [21850 bytes] - [11/06/2015 09:03:43]
AdwCleaner[S0].txt - [26116 bytes] - [02/06/2015 14:24:47]
AdwCleaner[S1].txt - [18525 bytes] - [05/06/2015 16:05:36]
AdwCleaner[S2].txt - [17033 bytes] - [09/06/2015 11:22:23]
AdwCleaner[S3].txt - [17663 bytes] - [11/06/2015 09:07:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [17723 bytes] ##########

"JRT"

# AdwCleaner v4.206 - Relatório criado 11/06/2015 às 09:07:03
# Atualizado 01/06/2015 por Xplode
# Base de dados : 2015-06-09.1 [Servidor]
# Sistema operacional : Windows 8.1 Single Language (x64)
# Usuário : Alex - GERENCIAEAGLE
# Executando de : \\192.168.1.1\Exactus\Programas\adwcleaner_4.206.exe
# Opção : Limpar

***** [ Serviços ] *****

[#] Serviço Excluído : globalUpdate
[#] Serviço Excluído : globalUpdatem
[#] Serviço Excluído : IHProtect Service
[#] Serviço Excluído : WindowsMangerProtect

***** [ Arquivos / Pastas ] *****

Pasta Excluído : C:\ProgramData\WindowsMangerProtect
Pasta Excluído : C:\ProgramData\IHProtectUpDate
Pasta Excluído : C:\ProgramData\5672904180213147303
Pasta Excluído : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
Pasta Excluído : C:\Program Files (x86)\globalUpdate
Pasta Excluído : C:\Program Files (x86)\Crossbrowse
Pasta Excluído : C:\Program Files (x86)\miuitab
Pasta Excluído : C:\Program Files (x86)\PRiiceLEss
Pasta Excluído : C:\Program Files (x86)\BrowserV09.06
Pasta Excluído : C:\Program Files (x86)\SuperClick_1.10.0.16
Pasta Excluído : C:\Program Files\BubbleSound
Pasta Excluído : C:\Users\Alex\AppData\Local\globalUpdate
Pasta Excluído : C:\Users\Alex\AppData\Local\Crossbrowse
Pasta Excluído : C:\Users\Alex\AppData\Roaming\oursurfing
Pasta Excluído : C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BubbleSound 1.0
Pasta Excluído : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Pasta Excluído : C:\ProgramData\lafgkajcfenmdlbakoaipnepnknedlbn
Arquivo Excluído : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0
Arquivo Excluído : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\papbadoldddalgcjcicnikcfenodpghp
Arquivo Excluído : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_apfkeogliibfminiiihgdkkcaenchhia_0.localstorage
Arquivo Excluído : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_apfkeogliibfminiiihgdkkcaenchhia_0.localstorage-journal
Arquivo Excluído : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\apfkeogliibfminiiihgdkkcaenchhia
Arquivo Excluído : C:\Users\Public\Desktop\crossbrowse.lnk
Arquivo Excluído : C:\Users\Alex\AppData\Roaming\TCW9bDbmEVlDRi5
Arquivo Excluído : C:\Users\Alex\AppData\Roaming\TCW9bDbmEVlDRi5.exe
Arquivo Excluído : C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\crossbrowse.lnk
Arquivo Excluído : C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\crossbrowse.lnk
Arquivo Excluído : C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk
Arquivo Excluído : C:\Users\Alex\Desktop\3D BubbleSound.lnk
Arquivo Excluído : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oursurfing.com_0.localstorage
Arquivo Excluído : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oursurfing.com_0.localstorage-journal

***** [ Tarefas agendadas ] *****

Tarefa Apagado : Crossbrowse
Tarefa Apagado : globalUpdateUpdateTaskMachineCore
Tarefa Apagado : globalUpdateUpdateTaskMachineUA
Tarefa Apagado : SuperClick Auto Updater 1.10.0.16 Pending Update
Tarefa Apagado : SuperClick Auto Updater 1.10.0.16 Core
Tarefa Apagado : TCW9bDbmEVlDRi5
Tarefa Apagado : 7b7c1752-3c2a-458d-b390-a901e4bf1e56-1-6
Tarefa Apagado : 7b7c1752-3c2a-458d-b390-a901e4bf1e56-1-7
Tarefa Apagado : 7b7c1752-3c2a-458d-b390-a901e4bf1e56-3
Tarefa Apagado : 7b7c1752-3c2a-458d-b390-a901e4bf1e56-5
Tarefa Apagado : 7b7c1752-3c2a-458d-b390-a901e4bf1e56-5_user
Tarefa Apagado : 7b7c1752-3c2a-458d-b390-a901e4bf1e56-6
Tarefa Apagado : 7b7c1752-3c2a-458d-b390-a901e4bf1e56-7

***** [ Atalhos ] *****

Atalho Desinfectado : C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Atalho Desinfectado : C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Atalho Desinfectado : C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Launch Internet Explorer Browser.lnk
Atalho Desinfectado : C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk

***** [ Registro ] *****

Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Chave Apagado : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Chave Apagado : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Chave Apagado : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Chave Apagado : HKLM\SOFTWARE\Microsoft\Mediaplayer\Shiminclusionlist\crossbrowse.exe
Chave Apagado : HKLM\SOFTWARE\Classes\CRSBRWSHTML
Chave Apagado : HKLM\SOFTWARE\Clients\StartMenuInternet\Crossbrowse
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\crossbrowse.exe
Valor Apagado : HKLM\SOFTWARE\Classes\.htm\OpenWithProgids [CRSBRWSHTML]
Valor Apagado : HKLM\SOFTWARE\Classes\.html\OpenWithProgids [CRSBRWSHTML]
Valor Apagado : HKLM\SOFTWARE\RegisteredApplications [Crossbrowse]
Chave Apagado : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
Chave Apagado : HKLM\SOFTWARE\Classes\P0AF0477B_21EB_475A_8731_1950C1C872AC_.P0AF0477B_21EB_475A_8731_1950C1C872AC_
Chave Apagado : HKLM\SOFTWARE\Classes\P0AF0477B_21EB_475A_8731_1950C1C872AC_.P0AF0477B_21EB_475A_8731_1950C1C872AC_.9
Chave Apagado : HKLM\SOFTWARE\Classes\P9EA24E45_6FA1_41EC_8BC0_ADBD129ACDE7_.P9EA24E45_6FA1_41EC_8BC0_ADBD129ACDE7_
Chave Apagado : HKLM\SOFTWARE\Classes\P9EA24E45_6FA1_41EC_8BC0_ADBD129ACDE7_.P9EA24E45_6FA1_41EC_8BC0_ADBD129ACDE7_.9
Chave Apagado : HKLM\SOFTWARE\bf0c8460-64cf-456a-9220-05e2b0e3fe21
Chave Apagado : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Chave Apagado : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{0AF0477B-21EB-475A-8731-1950C1C872AC}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{9EA24E45-6FA1-41EC-8BC0-ADBD129ACDE7}
Chave Apagado : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Apagado : HKLM\SOFTWARE\Classes\TypeLib\{1F831F60-05FB-474D-93A3-42DA68E7EB8F}
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0AF0477B-21EB-475A-8731-1950C1C872AC}
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9EA24E45-6FA1-41EC-8BC0-ADBD129ACDE7}
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0AF0477B-21EB-475A-8731-1950C1C872AC}
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9EA24E45-6FA1-41EC-8BC0-ADBD129ACDE7}
Chave Apagado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Chave Apagado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Chave Apagado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Chave Apagado : [x64] HKLM\SOFTWARE\Classes\CLSID\{0AF0477B-21EB-475A-8731-1950C1C872AC}
Chave Apagado : [x64] HKLM\SOFTWARE\Classes\CLSID\{9EA24E45-6FA1-41EC-8BC0-ADBD129ACDE7}
Chave Apagado : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Apagado : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0AF0477B-21EB-475A-8731-1950C1C872AC}
Chave Apagado : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9EA24E45-6FA1-41EC-8BC0-ADBD129ACDE7}
Chave Apagado : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Dados Restaurado : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Dados Restaurado : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Chave Apagado : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Chave Apagado : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Chave Apagado : HKCU\Software\GlobalUpdate
Chave Apagado : HKCU\Software\InstalledBrowserExtensions
Chave Apagado : HKCU\Software\CrossBrowser
Chave Apagado : HKCU\Software\Crossbrowse
Chave Apagado : HKCU\Software\YorkNewCin
Chave Apagado : HKCU\Software\HighDefAction
Chave Apagado : HKCU\Software\ArenaHD
Chave Apagado : HKCU\Software\BrowserV09.06-nv
Chave Apagado : HKCU\Software\BrowserV09.06-nv-ie
Chave Apagado : HKCU\Software\AppDataLow\Software\Crossrider
Chave Apagado : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Chave Apagado : HKLM\SOFTWARE\GlobalUpdate
Chave Apagado : HKLM\SOFTWARE\InstalledBrowserExtensions
Chave Apagado : HKLM\SOFTWARE\SupDp
Chave Apagado : HKLM\SOFTWARE\SupTab
Chave Apagado : HKLM\SOFTWARE\supWindowsMangerProtect
Chave Apagado : HKLM\SOFTWARE\IHProtect
Chave Apagado : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Chave Apagado : HKLM\SOFTWARE\Crossbrowse
Chave Apagado : HKLM\SOFTWARE\YorkNewCin
Chave Apagado : HKLM\SOFTWARE\HighDefAction
Chave Apagado : HKLM\SOFTWARE\oursurfingSoftware
Chave Apagado : HKLM\SOFTWARE\ArenaHD
Chave Apagado : HKLM\SOFTWARE\searchult
Chave Apagado : HKLM\SOFTWARE\BrowserV09.06
Chave Apagado : HKLM\SOFTWARE\BrowserV09.06-nv
Chave Apagado : HKLM\SOFTWARE\BrowserV09.06-nv-ie
Chave Apagado : HKU\.DEFAULT\Software\BrowserV09.06-nv
Chave Apagado : HKU\.DEFAULT\Software\BrowserV09.06-nv-ie
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Crossbrowse
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\oursurfing uninstall
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{75F9BF4A-AF67-A478-A37B-31D73186D3F3}
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowserV09.06
Chave Apagado : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Chave Apagado : [x64] HKLM\SOFTWARE\BubbleSound
Chave Apagado : [x64] HKLM\SOFTWARE\YorkNewCin
Chave Apagado : [x64] HKLM\SOFTWARE\HighDefAction
Chave Apagado : [x64] HKLM\SOFTWARE\ArenaHD
Chave Apagado : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BubbleSound
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\globalupdate.exe

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17840

Configuração Restaurado : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Configuração Restaurado : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Configuração Restaurado : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configuração Restaurado : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configuração Restaurado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configuração Restaurado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configuração Restaurado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configuração Restaurado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configuração Restaurado : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configuração Restaurado : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v43.0.2357.124

[C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Apagado [Search Provider] : hxxp://search.searchult.com/?bd=ds&oem=clckmn&uid=TOSHIBAXMQ01ABF032_93LTC2Y7TXX93LTC2Y7T&version=2.3.0.8956&pid=414031160&tid=463&q={searchTerms}
[C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Apagado [Search Provider] : hxxp://www.oursurfing.com/web/?type=dspp&ts=1434023522&z=5037ccc58b4c89ee0786fa3g9z1c5zeeaofc6w5o1e&from=age&uid=TOSHIBAXMQ01ABF032_93LTC2Y7TXX93LTC2Y7T&q={searchTerms}
[C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Apagado [Extension] : lccekmodgklaepjeofjdjpbminllajkg
[C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Apagado [Extension] : lafgkajcfenmdlbakoaipnepnknedlbn
[C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Apagado [Homepage] : hxxp://www.oursurfing.com/?type=hppp&ts=1434023522&z=5037ccc58b4c89ee0786fa3g9z1c5zeeaofc6w5o1e&from=age&uid=TOSHIBAXMQ01ABF032_93LTC2Y7TXX93LTC2Y7T

*************************

AdwCleaner[R0].txt - [34470 bytes] - [02/06/2015 14:13:07]
AdwCleaner[R1].txt - [22349 bytes] - [05/06/2015 16:02:41]
AdwCleaner[R2].txt - [20924 bytes] - [09/06/2015 11:20:24]
AdwCleaner[R3].txt - [21850 bytes] - [11/06/2015 09:03:43]
AdwCleaner[S0].txt - [26116 bytes] - [02/06/2015 14:24:47]
AdwCleaner[S1].txt - [18525 bytes] - [05/06/2015 16:05:36]
AdwCleaner[S2].txt - [17033 bytes] - [09/06/2015 11:22:23]
AdwCleaner[S3].txt - [17663 bytes] - [11/06/2015 09:07:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [17723 bytes] ##########

knalm550 disse:

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Alex on 12/06/2015 at 15:22:35,10.
Microsoft Windows 8.1 Single Language 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Alex\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2015-06-05-192218.log 1209 bytes

==== System Restore Info ======================

12/06/2015 15:23:44 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\bbeb51f9-ece5-489b-a950-2f4173475b3a deleted successfully
C:\PROGRA~2\f4d08f9a-95c5-4801-8198-95ab3bf43d75 deleted successfully
C:\PROGRA~2\Panda Security deleted successfully
C:\PROGRA~2\COMMON~1\Windows Live deleted successfully
C:\PROGRA~3\CorelDRAW Graphics Suite X7 x64 deleted successfully
C:\PROGRA~3\Panda Security deleted successfully
C:\Users\Alex\AppData\Roaming\Corel deleted successfully
C:\Users\Alex\AppData\Roaming\Macromedia deleted successfully
C:\Users\Alex\AppData\Roaming\Opera Software deleted successfully
C:\Users\Alex\AppData\Roaming\Panda Security deleted successfully
C:\Users\leoku_000\AppData\Roaming\Panda Security deleted successfully
C:\Users\Alex\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Alex\AppData\Local\EmieSiteList deleted successfully
C:\Users\Alex\AppData\Local\EmieUserList deleted successfully
C:\Users\Alex\AppData\Local\Opera Software deleted successfully
C:\Users\Alex_2\AppData\Local\VirtualStore deleted successfully
C:\Users\leoku_000\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\381a0ef7 deleted successfully

==== Deleting Files \ Folders ======================

C:\PROGRA~2\bbeb51f9-ece5-489b-a950-2f4173475b3a not found
C:\PROGRA~2\f4d08f9a-95c5-4801-8198-95ab3bf43d75 not found
C:\PROGRA~2\Panda Security not found
C:\PROGRA~3\CorelDRAW Graphics Suite X7 x64 not found
C:\PROGRA~2\022d2256-c10a-47c3-84bd-a89bebd3310e deleted
C:\PROGRA~2\1d92130a-46a6-44b8-8bec-cebe8e000c98 deleted
C:\PROGRA~2\d85a9504-d29c-48b2-b3cc-f19245caada7 deleted
C:\PROGRA~2\RelaySoft deleted
C:\PROGRA~2\Project Naptha deleted
C:\Program Files (x86)\07a213aa-e3e6-4cdd-ab44-50bbc6f7c4d6\797f7fa2-b93a-4384-aa04-5eaa91a559cb.dll deleted
C:\Program Files (x86)\07a213aa-e3e6-4cdd-ab44-50bbc6f7c4d6\07a213aa-e3e6-4cdd-ab44-50bbc6f7c4d6.dll deleted
C:\PROGRA~3\{a1c7e093-349b-2f64-a1c7-7e093349824c} deleted
C:\PROGRA~2\GUTA033.tmp deleted
C:\PROGRA~2\GUMA032.tmp deleted
C:\PROGRA~2\07a213aa-e3e6-4cdd-ab44-50bbc6f7c4d6 deleted
C:\PROGRA~2\4bb95f01-294c-4889-a5d8-10a442466ffc deleted
C:\PROGRA~2\9ac5ae5b-3ca7-47ee-9595-2683ab141fe7 deleted
C:\PROGRA~3\SetStretch.VBS deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted
C:\WINDOWS\tasks\Jvs3VXPTf.job deleted
C:\windows\SysNative\tasks\Jvs3VXPTf deleted
C:\WINDOWS\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\Alex\AppData\Roaming\Jvs3VXPTf.exe deleted
C:\Users\Alex\AppData\Roaming\unins001.exe deleted
C:\Users\Alex\AppData\Roaming\unins002.exe deleted
"C:\Users\Alex\AppData\Roaming\9Ug2yr3ErM" deleted
"C:\WINDOWS\tasks\9Ug2yr3ErM.job" deleted
"C:\Users\Alex\AppData\Roaming\BM8DibvvKq6p6mOA8mgKz0" deleted
"C:\WINDOWS\tasks\BM8DibvvKq6p6mOA8mgKz0.job" deleted
"C:\Users\Alex\AppData\Roaming\Jvs3VXPTf" deleted

==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Alex_2\AppData\Local\Google\Chrome deleted

==== Chromium Look ======================

Google Chrome Version: 43.0.2357.124


Google Docs - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
BrowserV09.06 - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn
Project Naptha - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\molncoemjfmpgdkbdlbjmhlcgniigdnf
Google Wallet - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Preferences
nal":"y","commands":{},"content_settings":[],"creation_flags":137,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13078343446676103","lastpingday":"13078566002993652","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"pt_BR","default_locale":"en","description":"E-mail rápido e pesquisável com menos spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false}}},"homepage":"","homepage_changed":true,"homepage_is_newtabpage":false,"pinned_tabs":[],"prefs":{"preference_reset_time":"13078500417296519"},"protection":{"macs":{"browser":{"show_home_button":"BCF25E55A893DBEE449FEF71FF161B71989D09B10E7F3CBFBFABB2E898B3C92A"},"default_search_provider":{"keyword":"8DF3BF5C58FAE9203CD00CE0D4BA05F3B5F2AB518602F1FA1D428DF38ED3C39E","name":"C79828BF223A0BAEA222C52E9947BA288A26EA6B0E667F59F56B704DEFCC02D4","search_url":"C61036A206F86C0B1EC6EC1BF49D4724ABD0B09DA0ACABF00804313A686068B6"},"default_search_provider_data":{"template_url_data":"A60D3230ECE6D09D4FCB4953290CF6B5202CD213FCD25C3EF66F0211270CEE13"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":"E29F8B27EE4AC101995860F9B7282609AD5B90BD34C55A1F2500C4345B6715EF","aohghmighlieiainnegkcijnfilokake":"37AD0E1025187268483B17CA8AA6A15F502EFFDBA31E40D13D6016076B8CDB08","apdfllckaahabafndbhieahigkjlhalf":"E9A1A0E068A4C952F43C0039A4258465A18C8C84804BF7CE3DB2E4576811E787","bepbmhgboaologfdajaanbcjmnhjmhfn":"0F812AE93991576BB6045BDB2CA38037F200BFB32015467373B35F309106DAA5","blpcfgokakmgnkcojhhkbfbldkacnbeo":"A9F9D9748D62482922B5493C88411C9EF806C8E5C2B209A646F4F14B1ACA76FC","coobgpohoikkiipiblmjeljniedjpjpf":"5FF83D0FFA38B1852948B6F77A65E70EA2B7BC5EC9ABE87ADE1C656D20F1728E","eemcgdkfndhakfknompkggombfjjjeno":"8051819A79806355F3E49F7CBD69AF124C2D0037A4768B1937ACDA1EA1A4EADC","ennkphjdgehloodpbhlhldgbnhmacadg":"D75206062EC09873E0F2C75DF594BE3EA5A33994D3918EC4FBB64DAB578C4954","gfdkimpbcpahaombhbimeihdjnejgicl":"91CA460F8AAA5A4FA56651774B4F606D71091287A65274760943EF0ABFB8A21C","idhkmcfanijhphphomamdkaejjadkhgn":"9E1929FA45533EBE646307B72FA749D423994D3428E718438CB639035631266F","kmendfapggjehodndflmmgagdbamhnfd":"466D89F811C6CE5FA7181DD4C3681E7D58680CDBEBC4C5C8559DD8166D316954","mfehgcgbbipciphmccgaenjidiccnmng":"B285CEAD5EC2D038794E2C9E204189B3F5B15B9187BB753A7FB410F8B8EB8D5B","mgndgikekgjfcpckkfioiadnlibdjbkf":"C76A652FA85B9E9CFBBD6E5DE87057A57642FA20EF5304547ACE66589BA142DF","mhjfbmdgcfjbbpaeojofohoefgiehjai":"DBF7D23B141593815DA6AA54D57CE1C249E8A1CD5E34568CBDC18024E1BBDFB9","molncoemjfmpgdkbdlbjmhlcgniigdnf":"8070B3ED0F6526BEE17DBAED4D67BB487FD2AAB237B6177326E7015B665BF93F","nbpagnldghgfoolbancepceaanlmhfmd":"8917EBE9EFCF3942E6F0C1D06D6F2EB2F957794345FFE265B99F57716CC118FC","neajdppkdcdipfabeoofebfddakdcjhd":"C90F1795085D97E6854AE88B494E51A7988729E85642667D9F39A0351D0204B1","nkeimhogjdpnpccoofpliimaahmaaome":"8B9093CC1F7D03231ACCE535DACE8688136965EDEA63163091F6C1D9FF98297B","nmmhkkegccagdldgiimedpiccmgmieda":"457068DFBBB06A2F8A9A39626D5C02A6F2187DFF0EE9C3AE2FE35846D650F923","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"01459A8CFFB1B9071ADD1D54D766C4E9921DC053AC82E1B250E39CFEA85797A1","pjkljhegncpnkpknbcohdijeoejaedia":"747DD67B8D4CD49511F8A4B66102A576E8AEBD7FCE7A7A450FCF38014516F149"}},"google":{"services":{"last_username":"20EAC1323B578C4F2138B2BEDA30AA0079447966E60A54E17CB3FB7310CE861E","username":"C492B23941097178F5D2668E37D0C45A9B21CE31F12EE38A719D54FDB3EE3AF5"}},"homepage":"9B69E7105666B0B7F64D3FEFBEB2D1039910455653C702CFBCC0EAB0B8C337F0","homepage_is_newtabpage":"7EF733E78CABECE424C9F29A503AB746578198681CDBD6E6848C12109536B854","pinned_tabs":"DB9775B4C5F5D3DBBD7817F720161E041382CD97ABAA2A7ACA5BCFD5BE32872B","prefs":{"preference_reset_time":"4BFEF58F1B68FD012A75D5185DB23CE8AF1894ED90CB728DC330D4180C18F8C2"},"profile":{"reset_prompt_memento":"F3869B3D5D313A800FBBC98F3B81534243651097BA5BD10CA096A03F8C281418"},"safebrowsing":{"incidents_sent":"B0F6290A61F81A3B2587C09682DD5888638A52139E098325B86A054AEB7CF8DC"},"search_provider_overrides":"C763C43B53D41DFED573B618C1BE5033FA386FDEAA3985B176AE5C4B4CCCAAFC","session":{"restore_on_startup":"59DBF01BAB8F94A23C35E6369218C51BE2DF10F02A470F3CA91056867B2BE6E1","startup_urls":"588C81D112FE2254FCA40D5A15DEC69FC91F3D324A5FB030D1B0B903E1CA38F2"},"software_reporter":{"prompt_reason":"68670C7039110791AF77FC0853D5CA6F8716591665CCBBF845EFA50BF4D62063","prompt_seed":"F956F469CCB629B9C560BC2235EA0A7DDA13C78E0B053F50C6D21820ACC7F44A","prompt_version":"F3E89408B1BD87C606D12433E748BB528DC7FEEF7FB81EE6C1B31E3CA44728F0"},"sync":{"remaining_rollback_tries":"8D2B183E0DEF48F48A72C8AED16054A8CD461630B8E84F9D9AEEF9D0F4819BB3"}},"super_mac":"203871B2106DBA1E678C25A75E2ED2A159EFBB3179AE19A33510EC1EB393FA6E"},"safebrowsing":{"incidents_sent":{"1":{"extensions.settings":"1083720427"},"2":{"chrome.dll":"3774509266","chrome_child.dll":"3743713718"},"6":{"script_request_incident":"42"}}},"session":{"restore_on_startup":4,"startup_urls":["http://www.oursurfing.com/?type=hppp&ts=1434023522&z=5037ccc58b4c89ee0786fa3g9z1c5zeeaofc6w5o1e&from=age&uid=TOSHIBAXMQ01ABF032_93LTC2Y7TXX93LTC2Y7T"]},"software_reporter":{"prompt_reason":0,"prompt_seed":"20150601","prompt_version":"3.21.0"}}


==== Chromium Fix ======================

C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\molncoemjfmpgdkbdlbjmhlcgniigdnf deleted successfully
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_molncoemjfmpgdkbdlbjmhlcgniigdnf_0.localstorage deleted successfully
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_molncoemjfmpgdkbdlbjmhlcgniigdnf_0.localstorage-journal deleted successfully
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn deleted successfully
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_idhkmcfanijhphphomamdkaejjadkhgn_0.localstorage deleted successfully
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_idhkmcfanijhphphomamdkaejjadkhgn_0.localstorage-journal deleted successfully
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_idhkmcfanijhphphomamdkaejjadkhgn_0 deleted successfully
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\idhkmcfanijhphphomamdkaejjadkhgn deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Old Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
"Old Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF1486b41.TMP was reset successfully
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF161f4220.TMP was reset successfully
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF1d0e3a57.TMP was reset successfully
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF1d8c7cba.TMP was reset successfully
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF1ea2ea22.TMP was reset successfully
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF1ea4bb38.TMP was reset successfully
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF1ed61bf7.TMP was reset successfully
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF23f269b0.TMP was reset successfully
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Preferences~RFa2df9c99.TMP was reset successfully
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.bad was reset successfully
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences~RF3020e0a7.TMP was reset successfully
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Alex\Desktop\SpyHunter.lnk - C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe
C:\Users\Alex\Desktop\CorelDraw\Bitstream Font Navigator (64-Bit).lnk - C:\Program Files\Corel\CorelDRAW Graphics Suite X7\FontNav64\FontNav.exe
C:\Users\Alex\Desktop\CorelDraw\Corel CAPTURE X7 (64-Bit).lnk - c:\WINDOWS\Installer\{2C91CB9D-323D-43E5-A433-229B71CFB773}\NewShortcut8_65BCA6E0337A452DA55C0654EAAD7A0B.exe
C:\Users\Alex\Desktop\CorelDraw\Corel CONNECT X7 (64-Bit).lnk - C:\Program Files\Corel\CorelDRAW Graphics Suite X7\Connect64\Connect.exe
C:\Users\Alex\Desktop\CorelDraw\Corel PHOTO-PAINT X7 (64-Bit).lnk - c:\WINDOWS\Installer\{C922F325-DD52-4E22-B204-431A06E63E51}\NewShortcut2_EBB51BFEE10948A888CB7ADF96E8EC80.exe
C:\Users\Alex\Desktop\CorelDraw\CorelDRAW X7 (64-Bit).lnk - c:\WINDOWS\Installer\{2C0DDC74-5234-43DD-BB5A-0645B8FE5289}\NewShortcut1_68427AB8B2C044C58AA777A4C3F75634.exe
C:\Users\Alex\Desktop\Trabalhos diversos\Tim Communicator.lnk - C:\Program Files (x86)\Tim Communicator\Tim Communicator.url

==== shortcuts in Users Start Menu ======================

C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Desktop Search\Desktop Search FAQ.lnk -
C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Desktop Search\Uninstall Desktop Search.lnk - C:\ProgramData\DesktopSearch\uninstall.exe
C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk - C:\WINDOWS\system32\magnify.exe
C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk - C:\WINDOWS\system32\narrator.exe
C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk - C:\WINDOWS\system32\osk.exe
C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk - C:\WINDOWS\system32\notepad.exe
C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\SpyHunter.lnk - C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe
C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\Uninstall SpyHunter.lnk - C:\Windows\SysWOW64\msiexec.exe /X {4FC9DA9D-F608-454E-8191-D7EFFDCC5726}
C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr
C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk - C:\WINDOWS\system32\cmd.exe
C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -
C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -
C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -
C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Help.lnk -
C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -
C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -
C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files (x86)\WinRAR\Rar.txt
C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt
C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm
C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe
C:\Users\Alex_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk - C:\Users\Alex\Documents
C:\Users\Alex_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Alex_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk - C:\Users\Alex\Pictures
C:\Users\Alex_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk - C:\WINDOWS\system32\magnify.exe
C:\Users\Alex_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk - C:\WINDOWS\system32\narrator.exe
C:\Users\Alex_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk - C:\WINDOWS\system32\osk.exe
C:\Users\Alex_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk - C:\WINDOWS\system32\notepad.exe
C:\Users\Alex_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk - C:\WINDOWS\system32\cmd.exe
C:\Users\Alex_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -
C:\Users\Alex_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -
C:\Users\Alex_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -
C:\Users\Alex_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Help.lnk -
C:\Users\Alex_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -
C:\Users\Alex_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk - C:\Users\Alex\Documents
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk - C:\Users\Alex\Pictures
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk - C:\WINDOWS\system32\magnify.exe
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk - C:\WINDOWS\system32\narrator.exe
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk - C:\WINDOWS\system32\osk.exe
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk - C:\WINDOWS\system32\notepad.exe
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk - C:\WINDOWS\system32\cmd.exe
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Help.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk - C:\Users\Alex\Documents
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk - C:\Users\Alex\Pictures
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk - C:\WINDOWS\system32\magnify.exe
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk - C:\WINDOWS\system32\narrator.exe
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk - C:\WINDOWS\system32\osk.exe
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk - C:\WINDOWS\system32\notepad.exe
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk - C:\WINDOWS\system32\cmd.exe
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Help.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -
C:\Users\leoku_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk - C:\Users\Alex\Documents
C:\Users\leoku_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\leoku_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk - C:\Users\Alex\Pictures
C:\Users\leoku_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk - C:\WINDOWS\system32\magnify.exe
C:\Users\leoku_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk - C:\WINDOWS\system32\narrator.exe
C:\Users\leoku_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk - C:\WINDOWS\system32\osk.exe
C:\Users\leoku_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk - C:\WINDOWS\system32\notepad.exe
C:\Users\leoku_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk - C:\WINDOWS\system32\cmd.exe
C:\Users\leoku_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -
C:\Users\leoku_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -
C:\Users\leoku_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -
C:\Users\leoku_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Help.lnk -
C:\Users\leoku_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -
C:\Users\leoku_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk - C:\Users\Alex\Documents
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk - C:\Users\Alex\Pictures
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk - C:\WINDOWS\system32\magnify.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk - C:\WINDOWS\system32\narrator.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk - C:\WINDOWS\system32\osk.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk - C:\WINDOWS\system32\notepad.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk - C:\WINDOWS\system32\cmd.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Help.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk - C:\WINDOWS\Installer\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11\Cobian Backup 11 - Aplicação.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11\Cobian Backup 11 - Interface do usuário.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11\Desinstalar Cobian Backup 11.lnk - C:\Program Files (x86)\Cobian Backup 11\cbUninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11\Ferramenta de permissões.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11\Gerenciador Remoto.lnk - C:\Program Files (x86)\Cobian Backup 11\cbRemoteManager.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\AutoPico.lnk - C:\Program Files\KMSpico\AutoPico.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\KMSpico.lnk - C:\Program Files\KMSpico\KMSELDI.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Log KMSpico.lnk - C:\Program Files\KMSpico\scripts\Log.cmd
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Uninstall KMSpico.lnk - C:\Program Files\KMSpico\UninsHs.exe /u0=KMSpico

==== shortcuts in Quick Launch ======================

C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE /recycle
C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\ASUS Install.lnk - C:\eSupport\eDriver\AsInsWiz.exe
C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\ Catcher.lnk - C:\Program Files (x86)\DsNET Corp\ Catcher 2.0\yct.exe
C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\eManual.Lnk - C:\eSupport\Manual\eManual.exe
C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Outlook 2010.lnk - C:\Windows\Installer\{90140000-0012-0000-0000-0000000FF1CE}\outicon.exe
C:\Users\Alex_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Alex_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Alex_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\Alex_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\leoku_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\leoku_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\leoku_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\leoku_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\leoku_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcpltui_exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{381a0ef7} deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Users\Alex_2\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\leoku_000\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\leoku_000\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Users\Alex_2\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\leoku_000\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\leoku_000\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=263 folders=114 44822650 bytes)

==== Empty Temp Folders ======================

C:\Users\Alex\AppData\Local\Temp will be emptied at reboot
C:\Users\Alex_2\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\leoku_000\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Alex\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 12/06/2015 at 15:45:17,71 ======================