Boa tarde. Outro dia baixei o utorrent e vieram de brinde sites que abrem novas abas -- como "jogostempo", "megaofertas", "nuterre.me/ud" -- ou que aparecem na forma de pops-up. Como fazer para impedir que isso aconteça, isto é, que esses sites se abram em novas janelas ou apareçam em sites que abri?
Grato desde já.
- Home
- >
- Fórum
- >
- Windows, Softwa...
- >
- Análise de log,...
- >
- Como eliminar sites indes...
Luiz Eduardo Brandão disse: Boa tarde. Outro dia baixei o utorrent e vieram de brinde sites que abrem novas abas -- como "jogostempo", "megaofertas", "nuterre.me/ud" -- ou que aparecem na forma de pops-up. Como fazer para impedir que isso aconteça, isto é, que esses sites se abram em novas janelas ou apareçam em sites que abri?
Grato desde já.
Boa tarde
Navegadores contaminados [ou o PC]
Use este aplicativo e depois poste o log
Remova adwares e toolbars maliciosas com o Adwcleaner
AMD Duron 900mhz/mobo PCCHIPS
mouse em forma de arco leadrshhep
256mb RAM SDR=WINDOWS 98
Video integrado SiS
edutango, segue o log. Mas parece que não adiantou nada passar o adw: quando reabriu não só voltaram a aparecer páginas indesejáveis, como foi alterada a página inicial do Firefox para um tal de 123.
# AdwCleaner v4.203 - Relatório criado 11/05/2015 às 14:07:11
# Atualizado 30/04/2015 por Xplode
# Base de dados : 2015-05-09.1 [Servidor]
# Sistema operacional : Windows 8 Single Language (x64)
# Usuário : Luiz Eduardo - NOTE2014
# Executando de : C:\Users\Luiz Eduardo\Downloads\adwcleaner_4.203.exe
# Opção : Limpar
***** [ Serviços ] *****
[x] Não Excluído : IHProtect Service
[x] Não Excluído : WindowsMangerProtect
Serviço Excluído : {9edd0ea8-2819-47c2-8320-b007d5996f8a}w64
***** [ Arquivos / Pastas ] *****
[!] Pasta Excluído : C:\ProgramData\Browser
Pasta Excluído : C:\ProgramData\ParetoLogic
Pasta Excluído : C:\ProgramData\Systweak
Pasta Excluído : C:\ProgramData\WindowsMangerProtect
Pasta Excluído : C:\ProgramData\IHProtectUpDate
Pasta Excluído : C:\ProgramData\NetEngine
Pasta Excluído : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced~System Protector
Pasta Excluído : C:\Program Files (x86)\AnyProtectEx
Pasta Excluído : C:\Program Files (x86)\ASP
Pasta Excluído : C:\Program Files (x86)\predm
Pasta Excluído : C:\Program Files (x86)\XTab
Pasta Excluído : C:\Users\Luiz Eduardo\AppData\Local\SmartWeb
Pasta Excluído : C:\Users\Luiz Eduardo\AppData\Local\BreakingNewsAlert
Pasta Excluído : C:\Users\Luiz Eduardo\AppData\LocalLow\SmartWeb
Pasta Excluído : C:\Users\Luiz Eduardo\AppData\Roaming\AnyProtectEx
Pasta Excluído : C:\Users\Luiz Eduardo\AppData\Roaming\ParetoLogic
Pasta Excluído : C:\Users\Luiz Eduardo\AppData\Roaming\Systweak
Pasta Excluído : C:\Users\Luiz Eduardo\AppData\Roaming\0004022F-1430858707-382A-FFFF-74D02BAC6CFC
Pasta Excluído : C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
Pasta Excluído : C:\Users\Luiz Eduardo\AppData\Roaming\Mozilla\Firefox\Profiles\gk70kyht.default-1400951411541\Extensions\[email]sweetsearch@gmail.com[/email]
Pasta Excluído : C:\Users\Luiz Eduardo\AppData\Roaming\Mozilla\Firefox\Profiles\gk70kyht.default-1400951411541\Extensions\[email]quick_searchff@gmail.com[/email]
Arquivo Excluído : C:\END
Arquivo Excluído : C:\Users\Public\Desktop\Advanced~System Protector.lnk
Arquivo Excluído : C:\Users\LUIZED~1\AppData\Local\Temp\Uninstall.exe
Arquivo Excluído : C:\Windows\System32\roboot64.exe
Arquivo Excluído : C:\Windows\System32\sasnative64.exe
Arquivo Excluído : C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}w64.sys
Arquivo Excluído : C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk
Arquivo Excluído : C:\Users\Luiz Eduardo\AppData\Roaming\Mozilla\Firefox\Profiles\gk70kyht.default-1400951411541\searchplugins\mystartsearch.xml
Arquivo Excluído : C:\Users\Luiz Eduardo\AppData\Roaming\Mozilla\Firefox\Profiles\gk70kyht.default-1400951411541\user.js
***** [ Tarefas agendadas ] *****
[x] Não Apagado : SmartWeb Upgrade Trigger Task
[x] Não Apagado : NetEngine
[x] Não Apagado : Advanced~System Protector_startup
***** [ Atalhos ] *****
Atalho Desinfectado : C:\Users\Public\Desktop\Google Chrome.lnk
Atalho Desinfectado : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Atalho Desinfectado : C:\Users\Public\Desktop\Opera.lnk
Atalho Desinfectado : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Atalho Desinfectado : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
Atalho Desinfectado : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Atalho Desinfectado : C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Atalho Desinfectado : C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Atalho Desinfectado : C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Atalho Desinfectado : C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Atalho Desinfectado : C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
Atalho Desinfectado : C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk
***** [ Registro ] *****
Valor Apagado : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email]sweetsearch@gmail.com[/email]]
Valor Apagado : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email]quick_searchff@gmail.com[/email]]
Chave Apagado : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee
Chave Apagado : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Chave Apagado : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Chave Apagado : HKCU\Software\Mozilla\Extends
Valor Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SmartWeb]
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Chave Apagado : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Apagado : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Chave Apagado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Apagado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Chave Apagado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Apagado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Chave Apagado : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Chave Apagado : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Chave Apagado : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Apagado : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Dados Restaurado : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Chave Apagado : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Chave Apagado : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Apagado : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Chave Apagado : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Apagado : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Apagado : HKCU\Software\AnyProtect
Chave Apagado : HKCU\Software\ParetoLogic
Chave Apagado : HKCU\Software\systweak
Chave Apagado : HKCU\Software\Tune
Chave Apagado : HKCU\Software\TutoTag
Chave Apagado : HKCU\Software\Baidu
Chave Apagado : HKCU\Software\AppDataLow\Software\DynConIE
Chave Apagado : HKCU\Software\AppDataLow\Software\SmartWeb
Chave Apagado : HKLM\SOFTWARE\ParetoLogic
Chave Apagado : HKLM\SOFTWARE\SupDp
Chave Apagado : HKLM\SOFTWARE\SupTab
Chave Apagado : HKLM\SOFTWARE\supWindowsMangerProtect
Chave Apagado : HKLM\SOFTWARE\systweak
Chave Apagado : HKLM\SOFTWARE\Tune
Chave Apagado : HKLM\SOFTWARE\Tutorials
Chave Apagado : HKLM\SOFTWARE\mystartsearchSoftware
Chave Apagado : HKLM\SOFTWARE\Baidu
Chave Apagado : HKLM\SOFTWARE\IHProtect
Chave Apagado : HKU\.DEFAULT\Software\Baidu
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ConvertAd
Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SmartWeb
***** [ Navegadores ] *****
-\\ Internet Explorer v10.0.9200.17267
Configuração Restaurado : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Configuração Restaurado : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Configuração Restaurado : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configuração Restaurado : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configuração Restaurado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configuração Restaurado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configuração Restaurado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configuração Restaurado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configuração Restaurado : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configuração Restaurado : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configuração Restaurado : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configuração Restaurado : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v37.0.2 (x86 pt-BR)
[gk70kyht.default-1400951411541\prefs.js] - Linha Apagado : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[gk70kyht.default-1400951411541\prefs.js] - Linha Apagado : user_pref("browser.search.defaultenginename", "mystartsearch");
[gk70kyht.default-1400951411541\prefs.js] - Linha Apagado : user_pref("browser.search.searchengine.alias", "mystartsearch");
[gk70kyht.default-1400951411541\prefs.js] - Linha Apagado : user_pref("browser.search.searchengine.iconURL", "hxxp://www.mystartsearch.com/web/favicon.ico");
[gk70kyht.default-1400951411541\prefs.js] - Linha Apagado : user_pref("browser.search.searchengine.name", "mystartsearch");
[gk70kyht.default-1400951411541\prefs.js] - Linha Apagado : user_pref("browser.search.searchengine.url", "hxxp://"]www.mystartsearch.com/web/?type=dspp&ts=1430858730&z=357f10104cdb53bfaf4ddbdgazac4e8b4w2bbm1c2e&from=slbnew&uid=HitachiXHTS545050A7E380_TE851749H1R[...]
[gk70kyht.default-1400951411541\prefs.js] - Linha Apagado : user_pref("browser.search.selectedEngine", "mystartsearch");
[gk70kyht.default-1400951411541\prefs.js] - Linha Apagado : user_pref("extensions.quick_start.enable_search1", false);
[gk70kyht.default-1400951411541\prefs.js] - Linha Apagado : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
-\\ Google Chrome v
[C:\Users\Luiz Eduardo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Apagado [Default_Search_Provider_Data] :
-\\ Opera v29.0.1795.47
*************************
AdwCleaner[R0].txt - [25651 bytes] - [11/05/2015 12:58:14]
AdwCleaner[R1].txt - [25711 bytes] - [11/05/2015 13:12:34]
AdwCleaner[S0].txt - [11240 bytes] - [11/05/2015 14:07:11]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11300 bytes] ##########
NOTEBOOK ASUS
CORE i3
4 GB - HD 500 GB
WINDOWS 10
; Dica, baixe sempre do Site original...
Brazilian Game Player:| Brawl Stars BR |
- Atenção:Não seja um idiota, não saia de casa sem máscara.!.
- Continue utilizando máscara em ambientes abertos e fechados.!.
- A Pandemia não acabou, não faça festas / não faça aglomeração /
não fique em lugares com muitas pessoas próximas /
- Brasil: +22.590 novos casos. Situação atual. | Japão: +53.911 novos casos | Cachaceiro L detonando o Brasil |
Olá Luiz Eduardo.
Baixe o programa Junkware Removal Tool no link abaixo:
http://thisisudax.org/downloads/JRT.exe
Para executar corretamente o programa acima é só seguir as dicas deste tutorial:
Tutorial do Junkware Removal Tool
* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt
Ficamos na espera.
<><><><><><><><><><><><><><><><>
Caixa de Dicas = Sempre com novos tutoriais e atualidades em informática e tecnologia.
Super Links = Mensagens de fé e esperança ao seu coração.
Aqui vai o log:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.0 (05.09.2015:1)
OS: Windows 8 Single Language x64
Ran by Luiz Eduardo on 13/05/2015 at 16:40:40,13
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
Successfully deleted: [Task] C:\Windows\system32\tasks\Advanced~System Protector_startup
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-3566295101-3051360901-2891763386-1001
Successfully deleted: [Task] C:\Windows\system32\tasks\SmartWeb Upgrade Trigger Task
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3566295101-3051360901-2891763386-1001\Software\Microsoft\Internet Explorer\Main\\Start Page
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\ProgramData\browser
~~~ FireFox
Successfully deleted the following from C:\Users\Luiz Eduardo\AppData\Roaming\mozilla\firefox\profiles\gk70kyht.default-1400951411541\prefs.js
user_pref(browser.search.searchengine.desc, this is my first firefox searchEngine);
user_pref(browser.search.searchengine.ptid, slbnew);
user_pref(browser.search.searchengine.uid, HitachiXHTS545050A7E380_TE851749H1R9ALH1R9ALX);
user_pref(extensions.xpiState, {\app-profile\:{\[email]iobitascsurfingprotection@iobit.com[/email]\:{\d\:\C:\\\\Users\\\\Luiz Eduardo\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\
Emptied folder: C:\Users\Luiz Eduardo\AppData\Roaming\mozilla\firefox\profiles\gk70kyht.default-1400951411541\minidumps [5 files]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13/05/2015 at 16:48:25,08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
NOTEBOOK ASUS
CORE i3
4 GB - HD 500 GB
WINDOWS 10
Estás em boas mão: Edutango e Power Max
Mas dando uma ajudinha...
Siga essa dica:
Leia atentamente para fazer o procedimento correto.
Tutorial do Malwarebytes Anti-Malware
Na sua próxima resposta poste este log (relatório) do Malwarebytes.
Ficaremos aguardando.
*Lembrando que esse procedimento é relativamente demorado.
"Nascer, morrer, renascer ainda e progredir sempre, tal é a lei"
Allan Kardec
Outra dica;
Se puder desinstale o Iobit- geralmente é o Advanced System Care=\[EMAIL]iobitascsurfingprotection@iobit.com[/EMAIL]\:{\d\:\C:\\\\Users\\\\Luiz Eduardo\\\\AppData
AMD Duron 900mhz/mobo PCCHIPS
mouse em forma de arco leadrshhep
256mb RAM SDR=WINDOWS 98
Video integrado SiS
Aqui vai o log do Malware anti-m:
Malwarebytes Anti-Malware
www.malwarebytes.org
Data da Verificação: 13/05/2015
Hora da Verificação: 21:31:00
Arquivo de Log:
Administrador: Sim
Versão: 2.01.6.1022
Base de Dados de Malware: v2015.05.13.06
Base de Dados de Rootkit: v2015.04.21.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Auto-Proteção: Desabilitado
SO: Windows 8
Processador: x64
Sistema de Arquivos: NTFS
Usuário: Luiz Eduardo
Tipo da Verificação: Verificar Ameaça
Resultado: Terminado
Objetos Verificados: 352942
Tempo Decorrido: 29 min, 0 seg
Memória: Habilitado
Inicialização: Habilitado
Sistema de Arquivos: Habilitado
Arquivos Compactados: Habilitado
Rootkits: Desabilitado
Heurística: Habilitado
PUP: Habilitado
PUM: Habilitado
Processos: 1
PUP.Optional.MultiPlug.A, C:\Users\Luiz Eduardo\AppData\Local\0004022F-1430848191-382A-FFFF-74D02BAC6CFC\cnsdE5FD.tmp, 3928, Apagar ao Reiniciar, [38f27e15ec9ea29437110462c63fd828]
Módulos: 0
(Nenhum item malicioso detectado)
Chaves de Registro: 3
PUP.Optional.BreakingNewsAlert.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\vykWFyBuoV, Quarentena, [2703efa4ed9d75c145153cf559a94eb2],
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\zepyxizo, Quarentena, [38f27e15ec9ea29437110462c63fd828],
PUP.Optional.FFPluginHp.A, HKLM\SOFTWARE\WOW6432NODE\FFPluginHp, Quarentena, [bf6b99fad0ba072f3bf94093679cb848],
Valores de Registro: 3
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\zepyxizo|ImagePath, C:\Users\Luiz Eduardo\AppData\Local\0004022F-1430848191-382A-FFFF-74D02BAC6CFC\cnsdE5FD.tmp, Quarentena, [002a3e556d1d5dd91bb7006420e546ba]
PUP.Optional.Jogostempo.A, HKU\S-1-5-21-3566295101-3051360901-2891763386-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\GROUP POLICY OBJECTS\{7FE9A53E-4E9A-4DF4-AEEC-116C5244632F}Machine\SOFTWARE\POLICIES\GOOGLE\CHROME|HomepageLocation, www.jogostempo.com?oem=mbtkv3&uid=TE851749H1R9AL_HitachiHTS545050A7E380&tm=1430876805, Quarentena, [7cae7b18a1e90531e5fcda8c4abbba46]
PUP.Optional.Jogostempo.A, HKU\S-1-5-21-3566295101-3051360901-2891763386-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\GROUP POLICY OBJECTS\{8F6987A9-EAB3-4405-BC6B-518AF27FC551}Machine\SOFTWARE\POLICIES\GOOGLE\CHROME|HomepageLocation, www.jogostempo.com?oem=mbtkv3&uid=TE851749H1R9AL_HitachiHTS545050A7E380&tm=1430876805, Quarentena, [f139870c107ab08611d03e28ae5728d8]
Dados de Registro: 0
(Nenhum item malicioso detectado)
Pastas: 7
PUP.Optional.BreakingNewsAlert.A, C:\Users\Luiz Eduardo\AppData\Local\BreakingNewsAlert, Quarentena, [91993063444677bfdba8509b04ff12ee],
PUP.Optional.MultiPlug.A, C:\Users\Luiz Eduardo\AppData\Local\0004022F-1430848191-382A-FFFF-74D02BAC6CFC, Apagar ao Reiniciar, [38f27e15ec9ea29437110462c63fd828],
PUP.Optional.NetEngine.A, C:\ProgramData\NetEngine, Quarentena, [f931167d404a92a4006e77f18e7728d8],
PUP.Optional.NetEngine.A, C:\ProgramData\NetEngine\bin, Quarentena, [f931167d404a92a4006e77f18e7728d8],
PUP.Optional.NetEngine.A, C:\ProgramData\NetEngine\bin\D10, Quarentena, [f931167d404a92a4006e77f18e7728d8],
PUP.Optional.PullUpdate.A, C:\ProgramData\PKrcCjYk\dat, Quarentena, [5fcbfe95820802345b09be9ab35310f0],
PUP.Optional.PullUpdate.A, C:\ProgramData\PKrcCjYk, Quarentena, [5fcbfe95820802345b09be9ab35310f0],
Arquivos: 22
PUP.Optional.BreakingNewsAlert.A, C:\ProgramData\PKrcCjYk\vykWFyBuoV.exe, Quarentena, [2703efa4ed9d75c145153cf559a94eb2],
PUP.Optional.PullUpdate.A, C:\ProgramData\PKrcCjYk\dat\hBvhCZol.dll, Quarentena, [ef3baee52f5be650ee1e2f28679f6b95],
PUP.Optional.BreakingNewsAlert.A, C:\ProgramData\PKrcCjYk\dat\kYYGaQSec.exe, Quarentena, [3af0eda60783c076f06aa988b64c827e],
PUP.Optional.BreakingNewsAlert.A, C:\ProgramData\PKrcCjYk\dat\ojvtcfqw.exe, Quarentena, [4ae06f241b6f2d0908522b0625dd619f],
PUP.Optional.ZombieInvasion.A, C:\ProgramData\PKrcCjYk\dat\UvcuFmPdn.dll, Quarentena, [3feb82116129d2647af824e17591e719],
PUP.Optional.Popeler, C:\Users\Luiz Eduardo\Downloads\uTorrent.exe, Quarentena, [b07a098a593174c25159b6a0b353c43c],
PUP.Optional.Solimba, C:\Users\Luiz Eduardo\Downloads\Opera.exe, Quarentena, [52d8fd968a005cdabff1f3f6ba47e21e],
PUP.Optional.Solimba, C:\Users\Luiz Eduardo\Downloads\BitTorrent.exe, Quarentena, [7dadf69d7416979f5327c1469b67ac54],
PUP.Optional.BreakingNewsAlert.A, C:\Users\Luiz Eduardo\AppData\Local\BreakingNewsAlert\data2.dat, Quarentena, [91993063444677bfdba8509b04ff12ee],
PUP.Optional.MultiPlug.A, C:\Users\Luiz Eduardo\AppData\Local\0004022F-1430848191-382A-FFFF-74D02BAC6CFC\cnsdE5FD.tmp, Apagar ao Reiniciar, [38f27e15ec9ea29437110462c63fd828],
PUP.Optional.MultiPlug.A, C:\Users\Luiz Eduardo\AppData\Local\0004022F-1430848191-382A-FFFF-74D02BAC6CFC\anscD85F.exe, Quarentena, [38f27e15ec9ea29437110462c63fd828],
PUP.Optional.MultiPlug.A, C:\Users\Luiz Eduardo\AppData\Local\0004022F-1430848191-382A-FFFF-74D02BAC6CFC\Uninstall.exe, Quarentena, [38f27e15ec9ea29437110462c63fd828],
PUP.Optional.NetEngine.A, C:\ProgramData\NetEngine\dat.dat, Quarentena, [f931167d404a92a4006e77f18e7728d8],
PUP.Optional.NetEngine.A, C:\ProgramData\NetEngine\bin\D10\netengine.exe, Quarentena, [f931167d404a92a4006e77f18e7728d8],
PUP.Optional.NetEngine.A, C:\ProgramData\NetEngine\bin\D10\netengine.exe.config, Quarentena, [f931167d404a92a4006e77f18e7728d8],
PUP.Optional.NetEngine.A, C:\ProgramData\NetEngine\bin\D10\sqlite3.dll, Quarentena, [f931167d404a92a4006e77f18e7728d8],
PUP.Optional.NetEngine.A, C:\Windows\System32\Tasks\NetEngine, Quarentena, [ae7cbcd77614f83ed61f57140ff6e21e],
PUP.Optional.PullUpdate.A, C:\ProgramData\PKrcCjYk\dat\kYYGaQSec.exe.config, Quarentena, [5fcbfe95820802345b09be9ab35310f0],
PUP.Optional.PullUpdate.A, C:\ProgramData\PKrcCjYk\dat\ojvtcfqw.exe.config, Quarentena, [5fcbfe95820802345b09be9ab35310f0],
PUP.Optional.PullUpdate.A, C:\ProgramData\PKrcCjYk\info.dat, Quarentena, [5fcbfe95820802345b09be9ab35310f0],
PUP.Optional.PullUpdate.A, C:\ProgramData\PKrcCjYk\vykWFyBuoV.dat, Quarentena, [5fcbfe95820802345b09be9ab35310f0],
PUP.Optional.PullUpdate.A, C:\ProgramData\PKrcCjYk\vykWFyBuoV.exe.config, Quarentena, [5fcbfe95820802345b09be9ab35310f0],
Setores Físicos: 0
(Nenhum item malicioso detectado)
(end)
NOTEBOOK ASUS
CORE i3
4 GB - HD 500 GB
WINDOWS 10
Olá Luiz Eduardo.
Você usou só a verificação de ameaças no Malwarebytes, que não é tão completa como a que é mostrada no tutorial que o tadeuboato te indicou. Siga as dicas abaixo para fazer a limpeza completa:
Alterando o idioma do Malwarebytes para o português:
Caso o idioma do seu Malwarebytes esteja em inglês é bem simples mudá-lo para nossa língua. Para isto abra o Malwarebytes e clique em Settings > Clique na palavra English > Clique na opção Português (Brasil) > como mostra esta imagem:
___________________________________________________________________________
Como executar uma verificação personalizada com o Malwarebytes:
- Abra o Malwarebytes > Clique em Verificar > clique em Verificação Personalizada > Clique em Configurar Varredura:
Surgirá mais esta tela abaixo na qual você marcará todas as caixinhas do lado direito da tela para que todas as áreas de seu PC e mídias removíveis ligadas a ele possam ser escaneadas. E do lado esquerdo da tela deixe marcadas todas estas opções:
Verificar Objetos na Memória
Verificar Inicialização e Registro
Verificar Arquivos Compactados
Verificar Rootkits
Quanto ao restante, deixe da forma já pré-configurada pelo Malwarebytes.
Depois disto clique no botão Verificar Agora como mostra a imagem abaixo:
Aguarde enquanto o escaneamento é realizado. Ele demora de acordo com a quantidade de arquivos que você possua em seu computador:
Assim que a verificação terminar, aparecerá a frase Verificação Personalizada completada com sucesso. Caso seu PC esteja seguro e sem ameaças, uma mensagem parecida com esta abaixo aparecerá informando que "Ameaças Identificadas: 0" (Ou seja: Nenhum ítem malicioso foi detectado). Neste caso tudo está certo, seu computador está normal e você clicará no botão Terminar:
Caso seja detectada alguma ameaça em seu PC surgirá uma mensagem como esta abaixo próximo ao relógio do Windows com a frase Verificação Terminada - Malware Detectado na qual você clicará nela:
Neste momento aparecerá quais os malwares e itens potencialmente indesejáveis que foram detectados e os locais onde eles se encontram. Para remover a infecção, deixe todas as caixinhas marcadas em todos os itens que queira remover e clique no botão Remover Selecionadas, como mostra esta imagem:
Surgirá então uma outra tela parecida com esta abaixo informando que as ameaças foram enviadas à quarentena, na qual você clicará no botão Terminar:
Alguns malwares são rebeldes e podem necessitar de uma reinicialização do PC para que sejam removidos. Caso isto seja solicitado pelo Malwarebytes, aceite esta reinicialização pelo Malwarebytes.
Depois disto é só postar o novo Scan Log (log de verificação) que o Malwarebytes irá criar em sua próxima resposta:
<><><><><><><><><><><><><><><><>
Caixa de Dicas = Sempre com novos tutoriais e atualidades em informática e tecnologia.
Super Links = Mensagens de fé e esperança ao seu coração.
Opa, Max, que cochilada. Aqui vai o log, da forma indicada. Reiniciei o micro, depois de passar o MaM. Hoje de manhã, qdo liguei, estava lá o tal site 123. Ah, seguindo a dica do edutango, desistalei (com o Revo uninstaller) o Iobit, antes de reiniciar.
Malwarebytes Anti-Malware
www.malwarebytes.org
Data da Verificação: 14/05/2015
Hora da Verificação: 11:48:14
Arquivo de Log:
Administrador: Sim
Versão: 2.01.6.1022
Base de Dados de Malware: v2015.05.14.03
Base de Dados de Rootkit: v2015.04.21.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Auto-Proteção: Desabilitado
SO: Windows 8
Processador: x64
Sistema de Arquivos: NTFS
Usuário: Luiz Eduardo
Tipo da Verificação: Verificação Personalizada
Resultado: Terminado
Objetos Verificados: 531117
Tempo Decorrido: 2 hr, 55 min, 17 seg
Memória: Habilitado
Inicialização: Habilitado
Sistema de Arquivos: Habilitado
Arquivos Compactados: Habilitado
Rootkits: Habilitado
Heurística: Habilitado
PUP: Habilitado
PUM: Habilitado
Processos: 0
(Nenhum item malicioso detectado)
Módulos: 0
(Nenhum item malicioso detectado)
Chaves de Registro: 0
(Nenhum item malicioso detectado)
Valores de Registro: 0
(Nenhum item malicioso detectado)
Dados de Registro: 1
PUP.Optional.Hao123.A, HKU\S-1-5-21-3566295101-3051360901-2891763386-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://br.hao123.com/?tn=sdkp_inner_hp_02_hao123_br, Bom: (www.google.com), Ruim: (http://br.hao123.com/?tn=sdkp_inner_hp_02_hao123_br),Substituído,[7a111f749feb55e1e46e2ee4eb1b9769]
Pastas: 0
(Nenhum item malicioso detectado)
Arquivos: 13
PUP.Optional.Browserwatch, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowerWatchCH.dll.vir, Quarentena, [c0cb6330e8a27db918e268a518ee629e],
PUP.Optional.Browserwatch, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowerWatchFF.dll.vir, Quarentena, [d2b91c774b3f65d1bc3e51bc4eb8e11f],
PUP.Optional.SearchProtect, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowserAction.dll.vir, Quarentena, [cebd1b785535e452143a98ade919e818],
PUP.Optional.Giner, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\CmdShell.exe.vir, Quarentena, [6f1cdfb43b4f43f306c12c2b7294f10f],
PUP.Optional.ELEX, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\HPNotify.exe.vir, Quarentena, [7813563d58320d2984502a0b9e64b44c],
PUP.Optional.SearchProtect, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\IeWatchDog.dll.vir, Quarentena, [ddae3f5492f84ee8f133e12a74929c64],
PUP.Optional.XTab.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\ProtectService.exe.vir, Quarentena, [3c4f781baae004324ea5888c61a126da],
PUP.Optional.SupTab.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\SupTab.dll.vir, Quarentena, [5635e7ac7d0d89ad6a2f84b332cea759],
PUP.Optional.Elex, C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir, Quarentena, [f09b3360404af1451be4e88d4bb5837d],
PUP.Optional.SmartWeb.A, C:\AdwCleaner\Quarantine\C\Users\Luiz Eduardo\AppData\Local\SmartWeb\SmartWebApp.exe.vir, Quarentena, [1477bdd6e4a674c2848d976c659dfd03],
PUP.Optional.SmartWeb.A, C:\AdwCleaner\Quarantine\C\Users\Luiz Eduardo\AppData\Local\SmartWeb\SmartWebHelper.exe.vir, Quarentena, [a1ea0291ccbe191d868bf70c689a9070],
PUP.Optional.SmartWeb.A, C:\AdwCleaner\Quarantine\C\Users\Luiz Eduardo\AppData\Local\SmartWeb\swhk.dll.vir, Quarentena, [7d0e147f6c1e9b9bc24f61a2cb3716ea],
PUP.Optional.AdvancedSystemProtector, C:\AdwCleaner\Quarantine\C\Windows\System32\sasnative64.exe.vir, Quarentena, [90fbbcd7800a0f27760003cc926ff907],
Setores Físicos: 0
(Nenhum item malicioso detectado)
(end)
NOTEBOOK ASUS
CORE i3
4 GB - HD 500 GB
WINDOWS 10
* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
http://www.hijackthis.nl/smeenk/
Salve-o no Desktop (Área de Trabalho).
Para executá-lo corretamente siga as dicas deste tutorial:
Exclua adwares e outras ameaças de seu PC e browsers com o aplicativo Zoek
* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.
<><><><><><><><><><><><><><><><>
Caixa de Dicas = Sempre com novos tutoriais e atualidades em informática e tecnologia.
Super Links = Mensagens de fé e esperança ao seu coração.
Aqui vai o log. Bato na madeira, mas depois do Zoek o 123rede não apareceu quando recarreguei o FF e o Chrome (abria uma aba em ambos).
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Luiz Eduardo on 14/05/2015 at 16:26:36,11.
Microsoft Windows 8 Single Language 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Luiz Eduardo\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
14/05/2015 16:31:51 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\Citrix deleted successfully
C:\PROGRA~2\McAfee deleted successfully
C:\PROGRA~3\FolderView deleted successfully
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\LUIZED~1\AppData\Roaming\Mozilla\Firefox\Profiles\gk70kyht.default-1400951411541\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "www.123rede.com?oem=mbtkv3&uid=TE851749H1R9AL_HitachiHTS545050A7E380&tm=1431365200");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\LUIZED~1\AppData\Roaming\Mozilla\Firefox\Profiles\gk70kyht.default-1400951411541\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\LUIZED~1\AppData\Roaming\Mozilla\Firefox\Profiles\gk70kyht.default-1400951411541
user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 3);
---- FireFox user.js and prefs.js backups ----
prefs_052015_1652_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~2\Citrix not found
C:\PROGRA~2\McAfee not found
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} not found
C:\Users\Luiz Eduardo\AppData\Local\Aplicativo Itau deleted
C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\search_the_web.xml deleted
C:\Users\Luiz Eduardo\AppData\Roaming\LogFile.txt deleted
C:\Users\Luiz Eduardo\AppData\Roaming\ProductData deleted
C:\PROGRA~3\SetStretch.VBS deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Luiz Eduardo\AppData\Local\nsh39F1.tmp deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\Luiz Eduardo\AppData\Roaming\unins000.exe deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\LUIZED~1\AppData\Roaming\Mozilla\Firefox\Profiles\gk70kyht.default-1400951411541
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions Registry ======================
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{87F8774F-B485-47E2-A755-A40A8A5E8873}"="C:\Users\Luiz Eduardo\AppData\Local\GAS Tecnologia\GBBD\uni\xpi" [26/08/2014 16:23]
==== Firefox Extensions ======================
ProfilePath: C:\Users\LUIZED~1\AppData\Roaming\Mozilla\Firefox\Profiles\gk70kyht.default-1400951411541
- Guardio - Ita 30 horas - C:\Users\Luiz Eduardo\AppData\Local\GAS Tecnologia\GBBD\uni\xpi
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\[email]iobitascsurfingprotection@iobit.com[/email]
- Gmail Notifier restartless - %ProfilePath%\extensions\[email]jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi[/email]
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Luiz Eduardo\AppData\Roaming\Mozilla\Firefox\Profiles\gk70kyht.default-1400951411541
9AE02005247DA91AB1743F5208DBEF76 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll - Shockwave Flash
F6419D3B99616C80C947B9D7B427348B - C:\Users\Luiz Eduardo\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll - Guardião Itaú 30 horas
E3B4EA121F7BDEB0F6366E2BA9608CB5 - C:\Users\Luiz Eduardo\AppData\Local\Citrix\Plugins\104\npappdetector.dll - Citrix Online Web Deployment Plugin 1.0.0.104
B8CFF778A75C685AAC275BFC00BB8FD8 - C:\Users\Luiz Eduardo\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll - Guardião Itaú 30 horas
==== Chromium Look ======================
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]
Google Docs - Luiz Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Luiz Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Untitled audio - Luiz Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne
Bookmark Manager - Luiz Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
Chrome Hotword Shared Module - Luiz Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Google Drive App Launcher - Luiz Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh
Google Maps - Luiz Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh
Google Mail Checker - Luiz Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff
Google Wallet - Luiz Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
==== Chromium Startpages ======================
C:\Users\Luiz Eduardo\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com.br/ig?hl=pt-BR",
"startup_urls": [ "https://www.google.com.br/?gws_rd=ssl", "http://www.wordreference.com/", "http://www.rae.es/recursos/diccionarios/drae", "http://www.diccionarios.com/", "http://www.collinsdictionary.com/dictionary/spanish-english", "http://www.aulete.com.br/", "http://www.corpusdoportugues.org/", "http://www.corpusdelespanol.org/" ]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://br.hao123.com/?tn=sdkp_inner_hp_02_hao123_br"
"Search Page"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
==== Reset Google Chrome ======================
C:\Users\Luiz Eduardo\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Luiz Eduardo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Luiz Eduardo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.bad was reset successfully
C:\Users\Luiz Eduardo\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Luiz Eduardo\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Luiz Eduardo\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Luiz Eduardo\AppData\Local\Google\Chrome\User Data\Default\Web Data.ReadOnly was reset successfully
C:\Users\Luiz Eduardo\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3566295101-3051360901-2891763386-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-3566295101-3051360901-2891763386-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
==== shortcuts on Users Desktops ======================
C:\Users\Luiz Eduardo\Desktop\FeedDemon - Atalho.lnk - C:\Program Files (x86)\FeedDemon\FeedDemon.exe
C:\Users\Luiz Eduardo\Desktop\Google Drive.lnk - C:\Users\Luiz Eduardo\Google Drive
C:\Users\Luiz Eduardo\Desktop\IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk -
C:\Users\Luiz Eduardo\Desktop\Itaú.lnk -
C:\Users\Luiz Eduardo\Desktop\Kindle.lnk - C:\Users\Luiz Eduardo\AppData\Local\Amazon\Kindle\application\Kindle.exe
C:\Users\Luiz Eduardo\Desktop\Revo Uninstaller.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\avast Free Antivirus.lnk -
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\Central de Soluções HP.lnk -
C:\Users\Public\Desktop\Dicionário eletrônico Houaiss.lnk -
C:\Users\Public\Desktop\Driver Booster 2.lnk - C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
C:\Users\Public\Desktop\Glary Utilities 5.lnk - C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe www.123rede.com?oem=mbtkv3&uid=TE851749H1R9AL_HitachiHTS545050A7E380&tm=1431365200
C:\Users\Public\Desktop\Google Docs.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_document
C:\Users\Public\Desktop\Google Sheets.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_spreadsheet
C:\Users\Public\Desktop\Google Slides.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_presentation
C:\Users\Public\Desktop\IObit Unlocker.lnk - C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.exe
C:\Users\Public\Desktop\Loja de Suprimentos HP.lnk - C:\Program Files (x86)\HP\HPSSUPPLY\hpqSSupply.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe www.123rede.com?oem=mbtkv3&uid=TE851749H1R9AL_HitachiHTS545050A7E380&tm=1431365200
C:\Users\Public\Desktop\Receitanet 1.07 .lnk - C:\Program Files (x86)\Programas RFB\Receitanet\Windows\Receitanet.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe
==== shortcuts in Users Start Menu ======================
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe www.123rede.com?oem=mbtkv3&uid=TE851749H1R9AL_HitachiHTS545050A7E380&tm=1431365200
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativo Itaú\Desinstalador.lnk -
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativo Itaú\Itaú.lnk -
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Ajuda do IRPF2015.lnk -
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Desinstalar IRPF2015.lnk -
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk -
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Leia-me do IRPF2015.lnk -
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_56998202.lnk - C:\Users\Luiz Eduardo\AppData\Local\Temp\_uninst_56998202.bat
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe www.123rede.com?oem=mbtkv3&uid=TE851749H1R9AL_HitachiHTS545050A7E380&tm=1431365200
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk - C:\Program Files (x86)\Opera\launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dicionário Houaiss 2009\Desinstalar Dicionário eletrônico Houaiss 2009.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dicionário Houaiss 2009\Dicionário eletrônico Houaiss.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dicionário Houaiss 2009\Manual do Dicionário Houaiss.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2\Desinstalar Driver Booster 2.lnk - C:\Program Files (x86)\IObit\Driver Booster\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2\Driver Booster 2.lnk - C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe www.123rede.com?oem=mbtkv3&uid=TE851749H1R9AL_HitachiHTS545050A7E380&tm=1431365200
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Docs.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_document
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Sheets.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_spreadsheet
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Slides.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_presentation
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configurar Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Obter Ajuda.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Sobre o Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Verificar Atualizações.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visite Java.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB\Receitanet\Ajuda do Receitanet 1.07 .lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB\Receitanet\Desinstalar o Receitanet 1.07.lnk - C:\Program Files (x86)\Programas RFB\Receitanet\Desinstalador.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB\Receitanet\Receitanet 1.07 .lnk - C:\Program Files (x86)\Programas RFB\Receitanet\Windows\Receitanet.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4\Desinstalar Smart Defrag 4.lnk - C:\Program Files (x86)\IObit\Smart Defrag 4\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4\Smart Defrag 4.lnk - C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8\Desinstalar Start Menu 8.lnk - C:\Program Files (x86)\IObit\Start Menu 8\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8\Start Menu 8.lnk - C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe startmenu
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Glary Utilities 5.lnk - C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe www.123rede.com?oem=mbtkv3&uid=TE851749H1R9AL_HitachiHTS545050A7E380&tm=1431365200
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe www.123rede.com?oem=mbtkv3&uid=TE851749H1R9AL_HitachiHTS545050A7E380&tm=1431365200
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acrobat Reader DC.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}\SC_Reader.ico
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Advanced SystemCare 8 (2).lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe /manual
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Advanced SystemCare 8.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe /manual
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CCleaner.lnk - C:\Users\Luiz Eduardo\Documents\MANUTENÇÃO\CCleaner\CCleaner64.exe
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Control Panel.lnk -
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Dicionário eletrônico Houaiss.lnk -
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Driver Booster 2.lnk - C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\FeedDemon.lnk - C:\Program Files (x86)\FeedDemon\FeedDemon.exe
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Windows\Libraries
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe www.123rede.com?oem=mbtkv3&uid=TE851749H1R9AL_HitachiHTS545050A7E380&tm=1431365200
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Itaú.lnk -
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Excel 2010.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Word 2010.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe www.123rede.com?oem=mbtkv3&uid=TE851749H1R9AL_HitachiHTS545050A7E380&tm=1431365200
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk - C:\Program Files (x86)\Opera\launcher.exe
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Task Manager.lnk - C:\Windows\system32\taskmgr.exe /7
==== shortcuts After Repair ======================
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Luiz Eduardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Luiz Eduardo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Luiz Eduardo\AppData\Local\Mozilla\Firefox\Profiles\gk70kyht.default-1400951411541\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Luiz Eduardo\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Luiz Eduardo\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=106 folders=21 103343983 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Luiz Eduardo\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\LUIZED~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 14/05/2015 at 17:30:08,00 ======================
NOTEBOOK ASUS
CORE i3
4 GB - HD 500 GB
WINDOWS 10
Faça o download do < ZHPCleaner > <
Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPCleaner para baixá-lo, tal como mostra a imagem abaixo:
Para executá-lo corretamente siga as dicas desta postagem:
Tutorial completo do ZHPCleaner
Após a utilização dele, copie todo o conteúdo do seu relatório ZHPCleaner.txt e poste em sua próxima resposta.
<><><><><><><><><><><><><><><><>
Caixa de Dicas = Sempre com novos tutoriais e atualidades em informática e tecnologia.
Super Links = Mensagens de fé e esperança ao seu coração.
Parece que o problema está resolvido. Obrigado a todos.
NOTEBOOK ASUS
CORE i3
4 GB - HD 500 GB
WINDOWS 10