Boa Tarde! Luca Albuquerque

|- Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/AdwCleaner_Logo2_zps580bcd78.jpg&key=71530441ef1621c6398a69f0f5fae6f7f5c87897579baf8487ec306c4e109626" alt="AdwCleaner_Logo2_zps580bcd78.jpg" /> > ( ... par Xplode )

|- Ao acessar,clique na imagem: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/AdwCleaner_Tlcharger.jpg&key=2319bbcd35144166c25768473f26c7f193a7ab5036b9479bd1465d8257d6f6b2" alt="AdwCleaner_Tlcharger.jpg" /> >

|- Ps: Se utilizar o navegador IE9,desabilite o filtro "SmartScreen".
|- Salve-o no desktop!
|- Clique direito em adwcleaner.exe,e escolha sua execução como /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Executar_Administrador.jpg&key=29bbf2d3836c6859afe3923102565f782321b5a7a2787d5bb24cc9918d13e9bd" alt="Executar_Administrador.jpg" />

/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/advz4z8Y.jpg&key=d014b7c10974863cb53eb98c621165d7bed35f01f9fe6800257605fc7dc58eba" alt="advz4z8Y.jpg" />

|- Ps: Dê início à ferramenta,clicando em "Scan".
|- Ao concluir,clique "Clean" >> Clique "Report".
|- Poste: < C:\AdwCleaner\AdwCleaner[s1].txt >

A+

Tenho uma extensão no chrome e por isso desabilitei ela para não ser excluida.

Segue o log:

>

AdwCleaner v3.011 - Report created 09/11/2013 at 19:34:53

Updated 03/11/2013 by Xplode

Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)

Username : Luca - LUCA-PC

Running from : C:\Users\Luca\Desktop\AdwCleaner.exe

Option : Clean

*** [ Services ] ***

[#] Service Deleted : DefaultTabSearch
[#] Service Deleted : DefaultTabUpdate
Service Deleted : torchcrashhandler

*** [ Files / Folders ] ***

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Splashtop
Folder Deleted : C:\ProgramData\torchcrashhandler
Folder Deleted : C:\Program Files (x86)\LinkSwift
Folder Deleted : C:\Program Files (x86)\Splashtop
Folder Deleted : C:\Users\Luca\AppData\Local\Splashtop
Folder Deleted : C:\Users\Luca\AppData\Local\torch
Folder Deleted : C:\Users\Luca\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\torch
[x] Not Deleted : C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\9grtisnz.default\Extensions\addon@defaulttab.com.xpi
File Deleted : C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\9grtisnz.default\Extensions\firefox@linkswift.co.xpi
File Deleted : C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\9grtisnz.default\user.js
File Deleted : C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
File Deleted : C:\Windows\System32\Tasks\Browser Updater

*** [ Shortcuts ] ***

*** [ Registry ] ***

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\HomeTab.DLL
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{323420B6-65E5-4657-8106-A27392D4D4AA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{323420B6-65E5-4657-8106-A27392D4D4AA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\LinkSwift
Key Deleted : HKCU\Software\simplytech
Key Deleted : HKCU\Software\torch
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\Software\simplytech
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\LinkSwift
Key Deleted : HKLM\Software\torch
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Chrome
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LinkSwift

*** [ Browsers ] ***

-\\ Internet Explorer v10.0.9200.16635

-\\ Mozilla Firefox v22.0 (pt-BR)

[ File : C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\9grtisnz.default\prefs.js ]

-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [10257 octets] - [09/11/2013 19:33:43]
AdwCleaner[s0].txt - [9864 octets] - [09/11/2013 19:34:53]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [9924 octets] ##########

Boa Noite! Luca Albuquerque

Tenho uma extensão no chrome e por isso desabilitei ela para não ser excluida.

|- Pertence a qual programa?

-/-

|- Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i48.tinypic.com/1268r49.png&key=be85c7a026af0cb092d2f868777759c6b4bd667a01f00e36e91558a667424520" alt="1268r49.png" /> > ( ... by Oleg N. Scherbakov )
|- Salve-o no desktop!
|- Desabilite seu antivírus!
|- Para Windows 7,clique direito em JRT.exe e execute-o ... /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Executar_Administrador.jpg&key=29bbf2d3836c6859afe3923102565f782321b5a7a2787d5bb24cc9918d13e9bd" alt="Executar_Administrador.jpg" />
|- Aguarde a conclusão e poste o relatório. ( JRT.txt )

-/-

|- Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/My%2520Tools%25204/FRST_Logo.jpg&key=c15718bb8dd09587f9609594b5c08ed5e52c3c9d1c882702f6697f6f447d11bc" alt="FRST_Logo.jpg" /> > ( ... by Farbar )

|- Baixe: < Farbar Recovery Scan Tool > ( ... by Farbar )

|- Ou aqui...

< Farbar Recovery Scan Tool 64-Bits > ( ... by Farbar )

|- Ou aqui,para sistemas 64bits!
|- Salve-o no desktop! (Área de trabalho ...)
|- Execute a ferramenta! Clique "Yes" >> "Scan".

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/My%2520Tools%25204/FRST_Addition_Scan_zpsa9fe21c8.jpg&key=57413e2cacfcda8498eac29552ca9f75b4e4f153241a12d409a31b0737393661" alt="FRST_Addition_Scan_zpsa9fe21c8.jpg" />

|- Antes de clicar "Scan",verifique se as caixinhas em "Whitelist" estão assinaladas.
|- Em "Optional Scan",deixe marcada a checkbox "Addition.txt".
|- Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na 1ª execução da ferramenta.
|- Poste os relatórios! (FRST.txt + Addition.txt)
|- Ps: Se os logs forem extensos,envie-os à Pjjoint.malekal.

|- Ou acesse: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Cjoint_Logo.jpg&key=bc3f249ffa4fec167155636520ebfd1fed8f6c8d63b5aa0b8cd82fb55aa2edb7" alt="Cjoint_Logo.jpg" /> >

|- Maiores informações: < |Link| >

A+

Essa extensão é a newmetroTab para Chrome. Não é nada de mais, como se fosse uma página em branco personalizada estilo win 8.

Bom Dia! Luca Albuquerque

>

Essa extensão é a newmetroTab para Chrome. Não é nada de mais, como se fosse uma página em branco personalizada estilo win 8.

|- Ok! Siga,então,com as outras ferramentas.

A+

JRT:

>

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Ultimate x64
Ran by Luca on 10/11/2013 at 10:57:09,09
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E33C165B-A398-4817-8574-8DD55C7B3A45}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\opswat"
Successfully deleted: [Folder] "C:\Program Files (x86)\opswat"

~~~ FireFox

Successfully deleted: [File] C:\Users\Luca\AppData\Roaming\mozilla\firefox\profiles\9grtisnz.default\extensions\addon@defaulttab.com.xpi
Successfully deleted: [Folder] C:\Users\Luca\AppData\Roaming\mozilla\firefox\profiles\9grtisnz.default\extensions\staged

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10/11/2013 at 11:45:43,84
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST: http://pjjoint.malekal.com/files.php?read=20131110_q15d5t13p11v10

Addition: http://pjjoint.malekal.com/files.php?read=20131110_u15w12l14k9l14

Boa Tarde! Luca Albuquerque

|- Desinstale: C:\Program Files (x86)\IObit\Advanced SystemCare 7 <<
|- Desinstale: µTorrent (x32 Version: 3.3.0.29677) <<

|- Ps: Fica,portanto,ao seu critério,essas desinstalações.

-/-

==================== Scheduled Tasks (whitelisted) =============

Task: {1A7D3A13-5D40-4203-BEB1-D97075716CF7} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {2FB74E86-EE69-4658-A481-F688F202245A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {384C425F-DA1C-4911-82E0-3B9300C2FE05} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\Autoupdate.exe [2013-06-25] ()
Task: {45CEF5B1-F49D-418F-9563-F5B31D0F3A25} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {49D39A45-B3CC-47F8-A9F9-D5BEAA441005} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-03] (Google Inc.)
Task: {68B09EBB-9A9B-42DF-AF05-527D4A0B67F4} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Common\Red Giant Link.exe [2013-01-02] ()
Task: {699FA53B-E24A-4903-A47B-80705D5CB6E9} - System32\Tasks\ASC7_SkipUac_Luca => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2013-10-28] (IObit)
Task: {6DB07273-CE59-4DE1-8159-0D736B30581D} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2013-09-24] (COMODO)
Task: {85981413-7F51-4717-914A-A86604B1195A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {8D5C37D2-178B-403A-911D-96CFD414AB5A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {919802D7-BBBA-4491-AD86-2018E2FE44D1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: {96BD7680-C4AF-4C54-8E90-6F6C162F62AD} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe [2013-10-25] (IObit)
Task: {9F5AD028-AA73-48AA-9C22-7134D6974934} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-03] (Google Inc.)
Task: {B335FE32-0C67-47F7-9683-72FE2D0D12AD} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {BBA599B3-3F48-4A12-BD37-30D13CB4D8C7} - System32\Tasks\COMODO\COMODO Welcome {CEB54B45-2B5E-4FF5-9223-6735CD80FE69} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2013-10-19] (COMODO)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

|- São muitas as tarefas impostas por softwares,presentes em seu PC.

-/-

BHO-x32: No Name - {da2e16d5-254c-4e11-8fed-2a1b201de379} - No File
Toolbar: HKLM-x32 - No Name - {da2e16d5-254c-4e11-8fed-2a1b201de379} - No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\Windows\SysWOW64\npDeployJava1.dll No File
2013-11-07 23:41 - 2013-11-06 16:25 - 00006144 _____ C:\Users\Luca\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Task: {C646F9C4-96D4-464E-93D8-7B6D4E1DC2C4} - \Browser Updater\Browser Updater No Task File
AlternateDataStreams: C:\Users\Luca\AppData\Local\Temp:oOXe4NDKbL4TA7U0lHG2vz5C2
AlternateDataStreams: C:\Users\Luca\AppData\Local\Temporary Internet Files:IrqQCGiRY3YKpSo8jOkiwKNL2
C:\Users\Luca\AppData\Local\Temp\Quarantine.exe
C:\Users\Luca\AppData\Local\Temp\_unps.exe

|- Copie estas informações que estão em vermelho,para o Bloco de Notas.
|- Salve-as com o nome fixlist.txt.
|- Salve-as no desktop! ( Área de trabalho ... )
|- Execute FRST/FRST64 >> Clique "Fix".
|- Aguarde e,à seguir,poste o relatório! (Fixlog.txt)

A+

Log:

>

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-11-2013
Ran by Luca at 2013-11-10 13:35:52 Run:1
Running from C:\Users\Luca\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
BHO-x32: No Name - {da2e16d5-254c-4e11-8fed-2a1b201de379} - No File
Toolbar: HKLM-x32 - No Name - {da2e16d5-254c-4e11-8fed-2a1b201de379} - No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\Windows\SysWOW64\npDeployJava1.dll No File
2013-11-07 23:41 - 2013-11-06 16:25 - 00006144 _____ C:\Users\Luca\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Task: {C646F9C4-96D4-464E-93D8-7B6D4E1DC2C4} - \Browser Updater\Browser Updater No Task File
AlternateDataStreams: C:\Users\Luca\AppData\Local\Temp:oOXe4NDKbL4TA7U0lHG2vz5C2
AlternateDataStreams: C:\Users\Luca\AppData\Local\Temporary Internet Files:IrqQCGiRY3YKpSo8jOkiwKNL2
C:\Users\Luca\AppData\Local\Temp\Quarantine.exe
C:\Users\Luca\AppData\Local\Temp\_unps.exe
*****************

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{da2e16d5-254c-4e11-8fed-2a1b201de379} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{da2e16d5-254c-4e11-8fed-2a1b201de379} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{da2e16d5-254c-4e11-8fed-2a1b201de379} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{da2e16d5-254c-4e11-8fed-2a1b201de379} => Key not found.
C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll not found.

C:\Users\Luca\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C646F9C4-96D4-464E-93D8-7B6D4E1DC2C4} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C646F9C4-96D4-464E-93D8-7B6D4E1DC2C4} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Browser Updater\Browser Updater => Key deleted successfully.

C:\Users\Luca\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Luca\AppData\Local\Temp\_unps.exe => Moved successfully.

==== End of Fixlog ====

Boa Tarde! Luca Albuquerque

|- Baixe: < zoek > ( ... by Smeenk )

|- Ou aqui! < /applications/core/interface/imageproxy/imageproxy.php?img=http://www.imgdumper.nl/uploads6/51a612a8b2bc1/51a612a8b27e2-Zoek.png&key=b080d87f02699d418b53b08471d428294848da3b0e2385f0657dbc188036baad" alt="51a612a8b27e2-Zoek.png" /> zoek.exe >

|- Salve-o no desktop!
|- Desabilite seu antivírus!
|- Para Windows 7,execute zoek.exe como administrador.

hijackthis;
iedefaults;
autoclean;
emptyalltemp;

|- Copie e cole estas informações,em vermelho,no campo da ferramenta.
|- Clique "Run Script".

Zoek.exe is running now.

|- Surgirão estas informações,pedindo-lhe que aguarde o relatório.

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Zoek_Reboot_zpscf60b3cf.jpg&key=cd3dbc8b6058332b5ca134f03724ff8c45ff51d7f31a8c732301729c7a9e6c94" alt="Zoek_Reboot_zpscf60b3cf.jpg" />

|- Aceite e/ou confirme o reboot!

zoek.hta failed by unknown error.

|- Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
|- Poste o relatório,que estará em C:\zoek-results.txt <<

A+

Não está abrindo o programa. Aguardo resposta.

Boa Noite! Luca Albuquerque

Não está abrindo o programa. Aguardo resposta.

|- Reinicie o computador e tente novamente.

A+

Já reiniciei, mas nada! Eu executo como administrador mas ele não abre, eu reparei nos processos, ele abre e depois ele fecha. vou continuar tentando....

Boa Tarde! Luca Albuquerque

|- Já tentou em Modo de Segurança?

A+

Já, e não deu!

Boa Noite! Luca Albuquerque

|- Baixe: < RogueKiller > ( ... par tigzy ) ( 32 bits version )

|- Ou: < /applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/ablsEVeT.jpg&key=ebe62f6e6b003c3e23d8db0ff92a90e81df2d7816af5fecaeb9b0fd72c8fa9e7" alt="ablsEVeT.jpg" /> > ( ... par tigzy ) ( 64 bits version )

|- Salve-o no desktop! /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/RogueKiller_Logo.jpg&key=99f754ad8ac3afe28f2674c5df4045eed7cd3d0d73384947ed6af1127ec30157" alt="RogueKiller_Logo.jpg" />
|- Feche aplicativos que estejam abertos!
|- Execute RogueKiller.exe e aceite a Eula.

/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/abeo9i3V.jpg&key=28fdbc4031eead1b4262f4375d709e2ef75c8fa438c4d53edbfcfd7071cbb903" alt="abeo9i3V.jpg" />

|- Aguarde a finalização de seu Pre-scan.

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/RogueKiller_Scan2.jpg&key=02afd4d0311ea8fed8ddb59a023987cb25f7d895ebf760d1c7192afebdbba6f1" alt="RogueKiller_Scan2.jpg" />

|- Dê início ao diagnóstico,clicando no botão "Verificar".
|- Exemplo: Mode: Verificar -- Date: mm/dd/2013 00:52:24
|- Poste o relatório: RKreport[1].txt

A+

O Arquivo Hosts modificado é por causa do cantasia KKKKKKKKKK

Segue o log:

>

RogueKiller V8.7.7 [Nov 11 2013] Por Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/

Site : http://www.adlice.com/softwares/roguekiller/

Blog : http://tigzyrk.blogspot.com/

Sistema Operacional : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Iniciado em : Modo Normal
Usuario : Luca [Privilegios de Admnistrador]
Modo : Verificar -- Data : 11/11/2013 22:47:49
| ARK || FAK || MBR |

¤¤¤ Entradas ruins : 0 ¤¤¤

¤¤¤ Entradas do Registro : 4 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> ENCONTRADO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> ENCONTRADO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> ENCONTRADO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> ENCONTRADO

¤¤¤ As tarefas agendadas : 0 ¤¤¤

¤¤¤ entradas de inicialização : 0 ¤¤¤

¤¤¤ Os navegadores da Web : 0 ¤¤¤

¤¤¤ Arquivos / Pastas Pessoais: ¤¤¤

¤¤¤ Driver : [Não Carregado 0x0] ¤¤¤

¤¤¤ Hives externas: ¤¤¤

¤¤¤ Infecção : ¤¤¤

¤¤¤ Arquivo de Hosts: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 65.52.240.48
127.0.0.1 activation.cloud.techsmith.com

¤¤¤ Verificaçao do MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD6400BPVT-60HXZT3 +++++
--- User ---
[MBR] fe47d5f29936b34da4fa3173fe10d49a
[bSP] de69ce39ed3137eaef0d897ca8217757 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 0 Mo
1 - [ACTIVE] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
2 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 409600 | Size: 517091 Mo
3 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 1059411968 | Size: 93188 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 3ec15c1dad50f2e5084081ac4c47abf0
[bSP] de69ce39ed3137eaef0d897ca8217757 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 77823 Mo
1 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 159791104 | Size: 400 Mo

Concluido : << RKreport[0]_S_11112013_224749.txt >>

Boa Noite! Luca Albuquerque

|- Abra,novamente,a ferramenta RogueKiller.

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/RogueKiller_Registry_zps168e7585.jpg&key=687f0bb44f1f361a677bf23c50e2644a4e16819583a761607b704b8d688fde4c" alt="RogueKiller_Registry_zps168e7585.jpg" />

|- <1> Clique na guia "Registro" >> Deletar.

|- Aguarde a conclusão!

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/RogueKiller_Atualizado.jpg&key=0172c47c206813e7c9b9bee3f9524438470dd782fdca35036503f8ecbc358cef" alt="RogueKiller_Atualizado.jpg" />

|- <2> Clique na guia "Atalhos" >> Reparar Atalhos.
|- Aguarde a conclusão!
|- Poste todos os relatórios,que resultarão dessas operações!

A+

>

RogueKiller V8.7.7 [Nov 11 2013] Por Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/

Site : http://www.adlice.com/softwares/roguekiller/

Blog : http://tigzyrk.blogspot.com/

Sistema Operacional : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Iniciado em : Modo Normal
Usuario : Luca [Privilegios de Admnistrador]
Modo : Atalhos HJfix -- Data : 11/11/2013 23:08:49
| ARK || FAK || MBR |

¤¤¤ Entradas ruins : 0 ¤¤¤

¤¤¤ Driver : [Não Carregado 0x0] ¤¤¤

¤¤¤ Hives externas: ¤¤¤

¤¤¤ Atributos de arquivos restaurados: ¤¤¤
Área de trabalho: Success 3 / Fail 0
Barra de inicialização rapida: Success 0 / Fail 0
Programas: Success 0 / Fail 0
Menu Iniciar: Success 0 / Fail 0
Pasta do Usuario: Success 12 / Fail 0
Meus Documentos: Success 0 / Fail 0
Meus Favoritos: Success 0 / Fail 0
Minhas Imagens: Success 0 / Fail 0
Minhas Musicas: Success 0 / Fail 0
Meus Videos: Success 0 / Fail 0
Unidade Local: Success 5 / Fail 0
Backup: [NOT FOUND]

Drives:
[C:] \Device\HarddiskVolume3 -- 0x3 --> Restored
[D:] \Device\HarddiskVolume4 -- 0x3 --> Restored
[E:] \Device\CdRom0 -- 0x5 --> Skipped
[F:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[G:] \Device\CdRom2 -- 0x5 --> Skipped
[H:] \Device\CdRom1 -- 0x5 --> Skipped

¤¤¤ Infecção : ¤¤¤

Concluido : << RKreport[0]_SC_11112013_230849.txt >>
RKreport[0]_D_11112013_230821.txt;RKreport[0]_S_11112013_230751.txt

>

RogueKiller V8.7.7 [Nov 11 2013] Por Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/

Site : http://www.adlice.com/softwares/roguekiller/

Blog : http://tigzyrk.blogspot.com/

Sistema Operacional : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Iniciado em : Modo Normal
Usuario : Luca [Privilegios de Admnistrador]
Modo : Remover -- Data : 11/11/2013 23:08:21
| ARK || FAK || MBR |

¤¤¤ Entradas ruins : 0 ¤¤¤

¤¤¤ Entradas do Registro : 4 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> DELETADO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> DELETADO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> SUBSTITUIDO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> SUBSTITUIDO (0)

¤¤¤ As tarefas agendadas : 0 ¤¤¤

¤¤¤ entradas de inicialização : 0 ¤¤¤

¤¤¤ Os navegadores da Web : 0 ¤¤¤

¤¤¤ Arquivos / Pastas Pessoais: ¤¤¤

¤¤¤ Driver : [Não Carregado 0x0] ¤¤¤

¤¤¤ Hives externas: ¤¤¤

¤¤¤ Infecção : ¤¤¤

¤¤¤ Arquivo de Hosts: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 65.52.240.48
127.0.0.1 activation.cloud.techsmith.com

¤¤¤ Verificaçao do MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD6400BPVT-60HXZT3 +++++
--- User ---
[MBR] fe47d5f29936b34da4fa3173fe10d49a
[bSP] de69ce39ed3137eaef0d897ca8217757 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 0 Mo
1 - [ACTIVE] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
2 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 409600 | Size: 517091 Mo
3 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 1059411968 | Size: 93188 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 3ec15c1dad50f2e5084081ac4c47abf0
[bSP] de69ce39ed3137eaef0d897ca8217757 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 77823 Mo
1 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 159791104 | Size: 400 Mo

Concluido : << RKreport[0]_D_11112013_230821.txt >>
RKreport[0]_S_11112013_230751.txt

>

RogueKiller V8.7.7 [Nov 11 2013] Por Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/

Site : http://www.adlice.com/softwares/roguekiller/

Blog : http://tigzyrk.blogspot.com/

Sistema Operacional : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Iniciado em : Modo Normal
Usuario : Luca [Privilegios de Admnistrador]
Modo : Verificar -- Data : 11/11/2013 23:07:51
| ARK || FAK || MBR |

¤¤¤ Entradas ruins : 0 ¤¤¤

¤¤¤ Entradas do Registro : 4 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> ENCONTRADO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> ENCONTRADO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> ENCONTRADO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> ENCONTRADO

¤¤¤ As tarefas agendadas : 0 ¤¤¤

¤¤¤ entradas de inicialização : 0 ¤¤¤

¤¤¤ Os navegadores da Web : 0 ¤¤¤

¤¤¤ Arquivos / Pastas Pessoais: ¤¤¤

¤¤¤ Driver : [Não Carregado 0x0] ¤¤¤

¤¤¤ Hives externas: ¤¤¤

¤¤¤ Infecção : ¤¤¤

¤¤¤ Arquivo de Hosts: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 65.52.240.48
127.0.0.1 activation.cloud.techsmith.com

¤¤¤ Verificaçao do MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD6400BPVT-60HXZT3 +++++
--- User ---
[MBR] fe47d5f29936b34da4fa3173fe10d49a
[bSP] de69ce39ed3137eaef0d897ca8217757 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 0 Mo
1 - [ACTIVE] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
2 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 409600 | Size: 517091 Mo
3 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 1059411968 | Size: 93188 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 3ec15c1dad50f2e5084081ac4c47abf0
[bSP] de69ce39ed3137eaef0d897ca8217757 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 77823 Mo
1 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 159791104 | Size: 400 Mo

Concluido : << RKreport[0]_S_11112013_230751.txt >>

Boa Noite! Luca Albuquerque

|- Baixe: |DelFix| ( ... de Xplode )

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/DelFix_SetaVerde.jpg&key=a562af283f81224b0096f109e2c85fcde8abae0d109a59c91160b5f99a23e243" alt="DelFix_SetaVerde.jpg" />

|- Estando na página,clique na seta verde para o download.
|- Salve-a em um local conveniente! ( desktop! )
|- Feche aplicativos que estejam abertos.

/applications/core/interface/imageproxy/imageproxy.php?img=http://home.kpn.nl/stefsmeenk/delfix.gif&key=18033ed0d990b9dba10f3aa620c883e92b188e95ccac98a5e1a6286226c313b9" alt="delfix.gif" />

|- Execute-a!
|- Com as 3 checkbox marcadas!
|- Clique "Run".

-/-

|- Baixe: < JetClean 1.5.0 > ( ... by BlueSprig.com )

< Maiores informações! > << Leia aqui!

|- Salve-o em Arquivos de programas. ( jetclean-setup.exe )

/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/adzVh9sP.jpg&key=38fb084fc03b8990854fb91b7552a8f85295f866ef8fd174b17fb5ff781b3096" alt="adzVh9sP.jpg" />

|- Instale o software e na guia "1-Click",escolha a opção "Registry Clean".
|- Vá em "Scan Now" e escolha: Shut down PC after Repair

/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/adkBv5Jp.jpg&key=c700f4175eced202908bfccec005e9721a8ca45ba0ce25afa916688119fff330" alt="adkBv5Jp.jpg" />

|- Ou escolhendo a opção "Scan & Repair",sem o reboot do PC.

< JetBoost >

/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/adcx3QVr.jpg&key=f551791e9ccb6a3050f8f1a15bce3f5f34262d707bdf2d77ba275768c6193ec8" alt="adcx3QVr.jpg" />

|- À seguir,tente melhorar a performance com o JetBoost.
|- Tudo Ok?

Abs!

Delfix log:

>

DelFix v10.6 - Logfile created 12/11/2013 at 00:13:19

Updated 11/11/2013 by Xplode

Username : Luca - LUCA-PC

Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Luca\Desktop\RK_Quarantine
Deleted : C:\Program Files (x86)\Trend Micro\Hijackthis
Deleted : C:\zoek-results.log
Deleted : C:\zoek-results2013-11-10-233219.log
Deleted : C:\Users\Luca\Desktop\HiJackThis.lnk
Deleted : C:\Users\Luca\Desktop\RKreport[0]_D_11112013_230821.txt
Deleted : C:\Users\Luca\Desktop\RKreport[0]_SC_11112013_230849.txt
Deleted : C:\Users\Luca\Desktop\RKreport[0]_S_11112013_230751.txt
Deleted : C:\Users\Luca\Desktop\RogueKiller.exe
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Cleaning system restore ...

Deleted : RP #127 [installed Camtasia Studio 8 | 11/08/2013 01:08:48]
Deleted : RP #128 [installed Microsoft Fix it 50203 | 11/09/2013 14:15:08]
Deleted : RP #129 [installed HiJackThis | 11/09/2013 14:18:19]
Deleted : RP #130 [zoek.exe restore point | 11/10/2013 23:31:48]
Deleted : RP #131 [instalado Microsoft Camera Codec Pack | 11/11/2013 14:18:02]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########

Posso trocar o GameBooster pelo jetboost ou são duas ferramentas pra cada situação?

Bom Dia! Luca Albuquerque

Posso trocar o GameBooster pelo jetboost ou são duas ferramentas pra cada situação?

|- Nunca utilizei o GameBooster,mas vc pode criar um Ponto de Restauração e testar o software,que otimiza o PC para jogos.

A+

O problema do atalho dos Favoritos na janela de Abrir ou salvar um arquivo continua não aparecendo nada!

Bom Dia! Luca Albuquerque

< http://forum.techtudo.com.br/perguntas/17567/lista-de-atalhos-do-programa-menu-iniciar-nao-aparece'>
Lista de Atalhos do Programa (Menu Iniciar) não aparece
>

|- O seu problema bate com o deste?

A+

Não é do Menu iniciar, é quando vc vai Salvar um arquivo ou Abrir um arquivo através de um programa, que ele abre aquela janelinha pra vc escolher o local e tals.... é isso, não é do menu iniciar não.

Boa Tarde! Luca Albuquerque

< I have Windows 7 and cannot locate the "Send To" folder >

|- Vá a este link e estabeleça atalhos ao "Enviar para",que ficam alocados na pasta "Send To".

< C:\Users\%username%\AppData\Roaming\Microsoft\Windows\SendTo >

|- Verifique se existe a pasta "Send To",indo ao caminho dado àcima ou digitando no Executar: shell:sendto
|- Estando nessa pasta,estabeleça os atalhos que queira utilizar no "Enviar para" ou arraste os atalhos que estão no desktop e queira na pasta "Send To".

A+