Possível vírus na minha Rede Wi-Fi?

Densen Olp disse:

Adendo: Já coloquei o AdBlock e nada adiantou, e o pop-up do Chrome fica bloqueando mil itens.

Densen Olp disse:

[spoiler] # AdwCleaner v4.207 - Logfile created 25/06/2015 at 11:13:19
# Updated 21/06/2015 by Xplode
# Database : 2015-06-23.1 [Server]
# Operating system : Windows 8.1 Single Language (x64)
# Username : Guilherme - GUILHERME
# Running from : C:\Users\Guilherme\Downloads\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\{0f39d5e6-34c7-22ec-0f39-9d5e634c5798}
File Deleted : C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{10F67E56-58A9-4A52-A48A-A28A75FF9FBB}
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Google Chrome v43.0.2357.130

[C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://br.ask.com/web?q={searchTerms}
[C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.coolsearches.info/?l=1&q={searchTerms}&pid=20473&r=2015/04/05&hid=3990119580498039518&lg=EN&cc=BR&unqvl=85
[C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] : 6F4E5F8D7D5ACC07899B1C728CC9E2426F079AD772F3B1778B8D74CAA280EE0B","homepage_is_newtabpage":"10E3EC5E16D3A367CFB3ED7F29B57E11C41CB692FF3A715F100AA8D2078E17AE","pinned_tabs":"B99C348B7D17B887C88020D13E0EE0904A0DF46B3499D3D0B516FDF82CA90F89","prefs":{"preference_reset_time":"E7F45014470CEC1B08F7FDC851B9631BD27C8C03544E70E8C12F0FEC93C62EFD"},"profile":{"reset_prompt_memento":"7474E266C681A97795735CDC3F9C0633E1122213A865FA9AAA2FBAB8EC005DBD"},"safebrowsing":{"incidents_sent":"5D998902909101351A84891DF3DFE6C7133441F4D5714612E2BBEA4D48262169"},"search_provider_overrides":"D5AEDBDE3DF2BA91E9D7F37703B5A20287C797C739767E6B654653484584341C","session":{"restore_on_startup":"70654452B4B4448A734C327A91DB5418BD52EE3D517C442898A40B42E71A2425","startup_urls":"3AF9A91E1EA4ED703ED375F1477477BB6E21BCC40769482E18D82DB1C1A738E4"},"software_reporter":{"prompt_reason":"60F8D5967B368B8ADA012AE0D2F8245FC58473BBF266D6747AB108CB9113BAE4","prompt_seed":"8869AED1106A0D07863352344E92D6BF47586A8152236391E0B6F3711FA512F4","prompt_version":"44A44A570CC732427443E2E9987678F9C8AE4031839F9A7F57D35D22DE71EC58"},"sync":{"remaining_rollback_tries":"5F616829DB1B67E62EDDCB41D4496C32E11A8E967FA08E398AC14EBE6B6DF0CD"}},"super_mac":"B2B47FE44865D1467572C79CCD116B59C383381AB687FF599C1D2317C0F2ED95"},"safebrowsing":{"incidents_sent":{"2":{"chrome.dll":"3774509266","chrome_child.dll":"3743713718"},"6":{"script_request_incident":"42"}}},"session":{"startup_urls":["hxxp://websearch.coolsearches.info/?pid=20473&r=2015/04/05&hid=3990119580498039518&lg=EN&cc=BR&unqvl=85
[C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Startup_URLs] : 3AF9A91E1EA4ED703ED375F1477477BB6E21BCC40769482E18D82DB1C1A738E4"},"software_reporter":{"prompt_reason":"60F8D5967B368B8ADA012AE0D2F8245FC58473BBF266D6747AB108CB9113BAE4","prompt_seed":"8869AED1106A0D07863352344E92D6BF47586A8152236391E0B6F3711FA512F4","prompt_version":"44A44A570CC732427443E2E9987678F9C8AE4031839F9A7F57D35D22DE71EC58"},"sync":{"remaining_rollback_tries":"5F616829DB1B67E62EDDCB41D4496C32E11A8E967FA08E398AC14EBE6B6DF0CD"}},"super_mac":"B2B47FE44865D1467572C79CCD116B59C383381AB687FF599C1D2317C0F2ED95"},"safebrowsing":{"incidents_sent":{"2":{"chrome.dll":"3774509266","chrome_child.dll":"3743713718"},"6":{"script_request_incident":"42"}}},"session":{"startup_urls":["hxxp://websearch.coolsearches.info/?pid=20473&r=2015/04/05&hid=3990119580498039518&lg=EN&cc=BR&unqvl=85

*************************

AdwCleaner[R0].txt - [3836 bytes] - [25/06/2015 11:07:59]
AdwCleaner[R1].txt - [4267 bytes] - [25/06/2015 11:12:42]
AdwCleaner[S0].txt - [4212 bytes] - [25/06/2015 11:13:19]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4271 bytes] ##########[/spoiller][/spoiler] Dentro do spoiler ta o log.

Detalhe agora amigo, abriu uma pagina chamada "webmilhonarios.com" que começou a baixar um "Adobe_Flash_Player.exe" SOZINHO pois meu adblock foi apagado.

Densen Olp disse:

@edutango :
[spoiler]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.1.4 (06.25.2015:1)
OS: Windows 8.1 Single Language x64
Ran by Guilherme on 25/06/2015 at 21:39:13,63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1005411456-4131167616-2088348521-1002\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}



~~~ Files

Successfully deleted: [File] C:\Users\Guilherme\appdata\local\google\chrome\user data\default\local storage\hxxp_st.chatango.com_0.localstorage
Successfully deleted: [File] C:\Users\Guilherme\appdata\local\google\chrome\user data\default\local storage\hxxp_st.chatango.com_0.localstorage-journal



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\652630503235922459



~~~ Chrome


[C:\Users\Guilherme\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Guilherme\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Guilherme\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Guilherme\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25/06/2015 at 21:41:12,44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[/spoiler]
Segue o Log no spoiler.

Densen Olp disse:

@edutango :
Resultado com os Logs no spoiler abaixo:
[spoiler]

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Guilherme on 25/06/2015 at 21:54:28,41.
Microsoft Windows 8.1 Single Language 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Guilherme\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

25/06/2015 21:56:38 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\COMMON~1\Blizzard Entertainment deleted successfully
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\PROGRA~3\Riot Games deleted successfully
C:\Users\Guilherme\AppData\Roaming\Media Player Classic deleted successfully
C:\Users\Guilherme\AppData\Local\CrashDumps deleted successfully
C:\Users\Guilherme\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Guilherme\AppData\Local\EmieSiteList deleted successfully
C:\Users\Guilherme\AppData\Local\EmieUserList deleted successfully
C:\Users\Guilherme\AppData\Local\MigWiz deleted successfully
C:\Users\Guilherme\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
C:\Users\Guilherme\AppData\Roaming\unins000.exe deleted
C:\PROGRA~3\MakeMarkerFile.exe deleted

==== Chromium Look ======================

Google Chrome Version: 43.0.2357.130

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[01/05/2015 11:17]

selector is not a valid CSS selector - Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
AdBlock - Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Chrome Hotword Shared Module - Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Google Wallet - Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
GBBD Caixa Economica Federal - Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi

==== Chromium Startpages ======================

C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Preferences
BFD1047E6F5C49F7819208570BEC604953FB7320B276C5A734415DAB66D0E"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":"8C9FF64FFDCF86368E634D7B492C06A6E512099E6CC57687D5794C18BC484F9E","bepbmhgboaologfdajaanbcjmnhjmhfn":"F7712FC9E5D0D13BE2DC355694A74257781E5E7BBA8B7EFB0A6E64B69A9DC519","cfhdojbkjhnklbpkdaibdccddilifddb":"D0AFB42BBD93FAA2A8B74CB3080C187E1994CD3BA90047FAFA622B0FDEA74A68","eemcgdkfndhakfknompkggombfjjjeno":"A05088887DC9795797EDE8A0A96897BA1D93F6A35BDF886BBB0B3638F63B11A0","ennkphjdgehloodpbhlhldgbnhmacadg":"B47DF94088AE1E7A4EE68C54F4F5C41990F0118CCFE833C91E612CD145C54D0A","gfdkimpbcpahaombhbimeihdjnejgicl":"75A721D6E9030E884D6E14784B3753738746ABDC73E016CDF98FFA85C4E190B4","gighmmpiobklfepjocnamgkkbiglidom":"EF6E9B1B05F153472459491CB31E228170ADB10ECD74263AF96FBDB235FC6DAB","kmendfapggjehodndflmmgagdbamhnfd":"748DCF18D13A55A9894B19BC8F45B77E1808AA0F9D21A0A4C67E70903A2945A8","lccekmodgklaepjeofjdjpbminllajkg":"2F149441B62521A8BDCE999312E42C364D87A5033C5FDC2FFC1A3C9BF80A903F","lifbcibllhkdhoafpjfnlhfpfgnpldfl":"0F8DCF09108F558B899CC6F0D87991D8E8452C6B3A4BE6685D383730491D9517","mfehgcgbbipciphmccgaenjidiccnmng":"3E4CB08E7322CCDFDCF7C0C25E89FDEAEAF58CCCFF186738A0479860516B460C","mfffpogegjflfpflabcdkioaeobkgjik":"467E1F65289BA45B37BFA0C837C08EF0584F40F44989F53C64D9CDC2374BC102","mgndgikekgjfcpckkfioiadnlibdjbkf":"4AA0FE584975C9582CD40CE41A133DF8724BF2672E8713D15D4154E041728EC6","mhjfbmdgcfjbbpaeojofohoefgiehjai":"3DCD38B6822E25BE09D6971DAA7B7B02D4B36D63C5E2D94C21053D4ED5C21127","nbpagnldghgfoolbancepceaanlmhfmd":"D76837C7D2ECB2769F39593DF68C06895C2474D74BBE0AD045F56C95E7940467","neajdppkdcdipfabeoofebfddakdcjhd":"8D30AEFA0A189A957D7D0B186B36A2689F281449E0FC3A98B4A4F88F129A7414","nkeimhogjdpnpccoofpliimaahmaaome":"DF1115D8488E951F71476A0B29F697ABF29F82D4C447FFC35A5A1CD0CF0A5D0D","nmmhkkegccagdldgiimedpiccmgmieda":"786EE37A3CE342894CB3BE514246911F7E43658199AD0E53679E01577C7A94A4","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"42748D01E1F4FD6A543465143EE7F9522C0642CE249D0246196CA8C70CC8F218","pbcaplhfkihhldmlbjhgajdeghjdbffi":"7C84726D657DFB38376B12D295D05EFEB33A787C4212D8F39817821605B43523"}},"google":{"services":{"last_username":"CBC2E3F9C7B7097754A4A7F9F682BA402DACFFC7D64BCF8C11EA70BBF031C213","username":"3BB27E66A4228EBCB8D873C1BE2B8CE18BD7A073F5B6EA0A55C09904AE5EAF4F"}},"homepage":"6F4E5F8D7D5ACC07899B1C728CC9E2426F079AD772F3B1778B8D74CAA280EE0B","homepage_is_newtabpage":"10E3EC5E16D3A367CFB3ED7F29B57E11C41CB692FF3A715F100AA8D2078E17AE","pinned_tabs":"B99C348B7D17B887C88020D13E0EE0904A0DF46B3499D3D0B516FDF82CA90F89","prefs":{"preference_reset_time":"2159921B8846840683AF0A93D1EE8E449297D000CEDA493207DB31BE6113DA4B"},"profile":{"reset_prompt_memento":"7474E266C681A97795735CDC3F9C0633E1122213A865FA9AAA2FBAB8EC005DBD"},"safebrowsing":{"incidents_sent":"56CA28D8E14BBB631350963881574238322A592E1FFBFB5C1FCB4631F1432F25"},"search_provider_overrides":"D5AEDBDE3DF2BA91E9D7F37703B5A20287C797C739767E6B654653484584341C","session":{"restore_on_startup":"70654452B4B4448A734C327A91DB5418BD52EE3D517C442898A40B42E71A2425","startup_urls":"3AF9A91E1EA4ED703ED375F1477477BB6E21BCC40769482E18D82DB1C1A738E4"},"software_reporter":{"prompt_reason":"60F8D5967B368B8ADA012AE0D2F8245FC58473BBF266D6747AB108CB9113BAE4","prompt_seed":"8869AED1106A0D07863352344E92D6BF47586A8152236391E0B6F3711FA512F4","prompt_version":"44A44A570CC732427443E2E9987678F9C8AE4031839F9A7F57D35D22DE71EC58"},"sync":{"remaining_rollback_tries":"5F616829DB1B67E62EDDCB41D4496C32E11A8E967FA08E398AC14EBE6B6DF0CD"}},"super_mac":"3965E74E1EF2B9F736E27D5671C7313EFCB93013DCE0ABE671DAA2EFCDAB1E90"},"safebrowsing":{"incidents_sent":{"6":{"script_request_incident":"42"}}},"session":{"startup_urls":["http://websearch.coolsearches.info/?pid=20473&r=2015/04/05&hid=3990119580498039518&lg=EN&cc=BR&unqvl=85"]},"sync":{"remaining_rollback_tries":0}}


==== Chromium Fix ======================

C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Old Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Old Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{CB1099E5-0B5C-4AE1-B65A-340CEFC57BED} Unknown Url="Not_Found"

==== Reset Google Chrome ======================

C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.bad was reset successfully
C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1005411456-4131167616-2088348521-1002\Software\Microsoft\Internet Explorer\SearchScopes\{CB1099E5-0B5C-4AE1-B65A-340CEFC57BED} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{CB1099E5-0B5C-4AE1-B65A-340CEFC57BED} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CB1099E5-0B5C-4AE1-B65A-340CEFC57BED} deleted successfully

==== Deleting CLSID Registry Values ======================


==== shortcuts on Users Desktops ======================

C:\Users\Guilherme\Desktop\Cross Fire.lnk - C:\Users\Guilherme\Documents\Jogos\CrossFire BR\cfPT_launcher.exe
C:\Users\Guilherme\Desktop\League of Legends.lnk - C:\Users\Guilherme\Documents\Jogos\Riot Games1\League of Legends\lol.launcher.exe
C:\Users\Guilherme\Desktop\MPC-HC.lnk - C:\Program Files (x86)\MPC-HC\mpc-hc.exe
C:\Users\Guilherme\Desktop\Popcorn Time.lnk - C:\Users\Guilherme\AppData\Local\Popcorn Time\node-webkit\Popcorn Time.exe .
C:\Users\Guilherme\Desktop\Spotify.lnk - C:\Users\Guilherme\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Guilherme\Desktop\µTorrent.lnk -

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Arc.lnk - C:\Program Files (x86)\Arc\ArcLauncher.exe
C:\Users\Public\Desktop\ Catcher.lnk - C:\Program Files (x86)\DsNET Corp\ Catcher 2.0\yct.exe
C:\Users\Public\Desktop\Battle.net.lnk - C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\DAEMON Tools Lite.lnk - C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\GS Auto Clicker.lnk - C:\Program Files (x86)\GSAutoClicker3\GSAutoClicker.exe
C:\Users\Public\Desktop\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Public\Desktop\LibreOffice 4.3.lnk - C:\Program Files (x86)\LibreOffice 4\program\soffice.exe
C:\Users\Public\Desktop\Skype.lnk - C:\windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe
C:\Users\Public\Desktop\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Guilherme\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -
C:\Users\Guilherme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Guilherme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk - C:\Program Files (x86)\Samsung\S Agent\CommonAgent.exe
C:\Users\Guilherme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk - C:\Users\Guilherme\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Guilherme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Popcorn Time.lnk - C:\Users\Guilherme\AppData\Local\Popcorn Time\node-webkit\Popcorn Time.exe .
C:\Users\Guilherme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Uninstall Popcorn Time.lnk - C:\Users\Guilherme\AppData\Local\Popcorn Time\Uninstall.exe
C:\Users\Guilherme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ativador office 2013 definitivo - atualizado 2014 - ph downs.lnk - C:\ProgramData\{0f39d5e6-34c7-22ec-0f39-9d5e634c5798}\ativador office 2013 definitivo - atualizado 2014 - ph downs.exe --startup=1
C:\Users\Guilherme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Guilherme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm
C:\Users\Guilherme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual do Console RAR.lnk - C:\Program Files (x86)\WinRAR\Rar.txt
C:\Users\Guilherme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\O que há de novo na última versão.lnk -
C:\Users\Guilherme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Catcher\ Catcher.lnk - C:\Program Files (x86)\DsNET Corp\ Catcher 2.0\yct.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net\Battle.net.lnk - C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DAEMON Tools Lite.lnk - C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GS Auto Clicker\GS Auto Clicker.lnk - C:\Program Files (x86)\GSAutoClicker3\GSAutoClicker.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GS Auto Clicker\Uninstall GS Auto Clicker.lnk - C:\Program Files (x86)\GSAutoClicker3\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends\League of Legends.lnk - C:\Riot Games\League of Legends\lol.launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3\LibreOffice Base.lnk - C:\Program Files (x86)\LibreOffice 4\program\sbase.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3\LibreOffice Calc.lnk - C:\Program Files (x86)\LibreOffice 4\program\scalc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3\LibreOffice Draw.lnk - C:\Program Files (x86)\LibreOffice 4\program\sdraw.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3\LibreOffice Impress.lnk - C:\Program Files (x86)\LibreOffice 4\program\simpress.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3\LibreOffice Math.lnk - C:\Program Files (x86)\LibreOffice 4\program\smath.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3\LibreOffice Writer.lnk - C:\Program Files (x86)\LibreOffice 4\program\swriter.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3\LibreOffice.lnk - C:\Program Files (x86)\LibreOffice 4\program\soffice.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC\Changelog.lnk - C:\Program Files (x86)\MPC-HC\Changelog.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC\Desinstalar MPC-HC.lnk - C:\Program Files (x86)\MPC-HC\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC\MPC-HC.lnk - C:\Program Files (x86)\MPC-HC\mpc-hc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment\Arc\Arc.lnk - C:\Program Files (x86)\Arc\ArcLauncher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment\Arc\Desinstalar o Arc.lnk - C:\Program Files (x86)\InstallShield Installation Information\{CED8E25B-122A-4E80-B612-7F99B93284B3}\setup.exe -runfromtemp -l0x0416 -removeonly
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment\Arc\Reparar o Arc.lnk - C:\Program Files (x86)\Arc\ArcRepair.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer\Razer Synapse\Razer Synapse.lnk - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe -launch
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype para a área de trabalho.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual do Console RAR.lnk - C:\Program Files (x86)\WinRAR\Rar.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\O que há de novo na última versão.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Guilherme\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Guilherme\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Guilherme\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Guilherme\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Guilherme\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\Guilherme\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\Guilherme\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Guilherme\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Guilherme\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Guilherme\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Guilherme\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Guilherme\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=18 folders=16 16869031 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Guilherme\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\GUILHE~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found
"C:\windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on 25/06/2015 at 22:08:32,10 ======================
[/spoiler]

Adendo: Nunca nem vi esse link que você mandou, é sobre o que?