Flux 
Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 19 usuários online :: 0 registrados, 0 invisíveis e 19 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
| Power Max |
| |||
| joram |
| |||
| Wings [In Memoriam] |
| |||
| caedurodrigues |
| |||
| Amigo Brasileiro |
| |||
| luizvilarinho |
| |||
| Danii |
| |||
| Admin |
| |||
| Danilo Marsaro |
| |||
| Andreata |
|
(RESOLVIDO) como remover o awesomehp ?????
2 participantes
Página 1 de 1
(RESOLVIDO) como remover o awesomehp ?????
por aloisio Seg 03 Fev 2014, 14:56
tentei remover o awesomehp c/ o adwcleaner, e c/ o malwarebites , mas não consegui.....esses aplicativos não funcionaram !!!!
como poderia remove-lo ??
como poderia remove-lo ??
aloisio- Iniciante
- Mensagens : 33
Reputação : 0
Data de inscrição : 03/02/2014
Re: (RESOLVIDO) como remover o awesomehp ?????
por Power Max Seg 03 Fev 2014, 15:39
Olá Aloisio. Seja bem vindo ao Fórum PC Brasil.
|- Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.
|- Execute o ícone do pergaminho. ( ZHPDiag )
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) como remover o awesomehp ?????
por aloisio Seg 03 Fev 2014, 19:10
Relatório postado:
~ Relatório do ZHPDiag v2014.1.25.26 - Nicolas Coolman (25/01/2014)
~ Iniciado por Heloisa (03/02/2014 19:04:51)
~ Endereço do Website : http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.16476
MFIE: Mozilla Firefox 24.0
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Basic, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
avast! Free Antivirus v9.0.2013
Microsoft Security Client PT-BR Language Pack v2.1.1116.0
Windows Defender W7
---\\ Softwares d'optimização do sistema
CCleaner v4.07 =>Piriform Ltd
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 11 ActiveX
Adobe Reader X
Java 7 Update 45
---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3894 MB (65% free)
System Restore: Activé (Enable)
System drive C: has 222 GB (77%) free of 285 GB
---\\ Modo de conexão ao sistema
~ Computer Name: HELOISAMURO-PC
~ User Name: Heloisa
~ All Users Names: Heloisa, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Heloisa\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Heloisa\AppData\Roaming\
~ %Desktop% : C:\Users\Heloisa\Desktop\
~ %Favorites% : C:\Users\Heloisa\Favorites\
~ %LocalAppData% : C:\Users\Heloisa\AppData\Local\
~ %StartMenu% : C:\Users\Heloisa\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 222 Go of 285 Go)
D: CD-ROM drive (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 03:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9B6678DB9C6A232C5A84D2FDFFF8B0E1] - (.Microsoft Corporation - Internet Extensions para Win32.) (.26/11/2013 - 04:07:57.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.21/11/2010 - 00:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.27/09/2013 - 22:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.12/04/2013 - 11:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/11738
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/11
~ Mes Documents (My Documents) : 2/138
~ Mon Bureau (My Desktop) : 1/6
~ Menu demarrer (Programs) : 1/26
~ Hidden Files: Scanned in 00mn 04s
---\\ Processos lançados
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Google Installer.) -- C:\Users\Heloisa\AppData\Local\Google\Update\GoogleUpdate.exe [116648] [PID.3032]
[MD5.A78AAB0D2D70EF7DD56B7328AC502059] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096] [PID.3304]
[MD5.520A0F8683354CA7F36CEF1E0361B93D] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe [1057920] [PID.3320]
[MD5.9B593137FBCC7C1E5D0E4A422749D9A5] - (.Google Inc. - Google Chrome.) -- C:\Users\Heloisa\AppData\Local\Google\Chrome\Application\chrome.exe [866584] [PID.3676]
[MD5.CA25CAEEBDBE25D85565877219F684F8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8339968] [PID.3124]
[MD5.CC42F104172B4A62793083D380867317] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1380]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1868]
[MD5.5460828F8951D310B42B442877603B8D] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [268824] [PID.2020]
[MD5.CBCEC2C45E7D672EC6E46CBFF23BDF8E] - (.Sony Corporation - Device Information Provider.) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [479840] [PID.1472]
[MD5.39B1D0A636A400304565D4521FAD6D77] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [207528] [PID.2336]
[MD5.77C5A741A7452812F278EF2C18478862] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [523944] [PID.2496]
[MD5.FD557A50A65E44041CD2FCEF4BEB04DB] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822504] [PID.2616]
[MD5.9E89C2D6945389270DE067CE51FF7425] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2320920] [PID.1972]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Heloisa\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
~ Google Browser: 10 Legitimates Filtered in 00mn 00s
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\Heloisa\AppData\Roaming\Mozilla\Firefox\Profiles\3mdxfmoj.default\prefs.js
M3 - MFPP: Plugins - [Heloisa] -- C:\Users\Heloisa\AppData\Roaming\Mozilla\Firefox\Profiles\3mdxfmoj.default\searchplugins\visualbee-v1-customized-web-search.xml =>Adware.VisualBeeToolbar
M3 - MFPP: Plugins - [Heloisa] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\awesomehp.xml =>PUP.Awesomehp
M3 - MFPP: Plugins - [Heloisa] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\navegaki.xml
M2 - MFEP: prefs.js [Heloisa - 3mdxfmoj.default\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack] [] Extension_Protected v1.0.12 (..)
M2 - MFEP: prefs.js [Heloisa - 3mdxfmoj.default\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23}] [] SaveSense v3.0 (..) =>PUP.SaveSense
M2 - MFEP: prefs.js [Heloisa - 3mdxfmoj.default\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}] [] MySearchDial NewTab v3.0 (..) =>Adware.MyWebSearch
~ Firefox Browser: 14 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
~ IE Browser: 19 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects do navegador (02)
O2 - BHO: SaveSense [64Bits] - {71e129ff-6c2a-4984-818c-7e2c998b8d99} . (.SaveSense - SaveSense for IE.) -- C:\Users\Heloisa\AppData\Local\SaveSense\SaveSenseIE.dll =>PUP.SaveSense
~ BHO: 5 Legitimates Filtered in 00mn 00s
---\\ Barras do Internet Explorer (03))
O3 - Toolbar: Easy Photo Print - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION - Epson Easy Photo Print (TBL x64).) -- C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{1017A80C-6F09-4548-A84D-EDD6AC9525F0} Chave orfã
~ Toolbar: Scanned in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: CineMax Pro 2.2.lnk . (.Tv pela internet nunca foi tão facil! - CineMax Pro.) -- C:\Program Files (x86)\CineMax Pro 2.2\CineMax Pro.exe
O4 - GS\Desktop [Public]: Dell Backup and Recovery Manager.lnk . (...) -- C:\Windows\Installer\{50B4B603-A4C6-4739-AE96-6C76A0F8A388}\_54F0D65B7FC7D08A0877D4.exe
O4 - GS\Desktop [Public]: Epson Easy Photo Print.lnk . (.SEIKO EPSON CORPORATION - No Comment.) -- C:\Program Files (x86)\EPSON Software\Easy Photo Print\EPQuicker.exe
O4 - GS\Desktop [Public]: EPSON Scan.lnk . (.SEIKO EPSON CORP. - EPSON Scan.) -- C:\Windows\twain_32\escndv\escndv.exe
O4 - GS\Desktop [Public]: Manual Epson XP-211_XP-214.lnk . (...) -- C:\Program Files (x86)\epson\guide\xp-211_214_p\index.html
O4 - GS\Desktop [Public]: Roxio Creator Starter.lnk . (...) -- C:\Program Files (x86)\Roxio\OEM\Roxio Central 5\RoxioCentralFx.exe
O4 - GS\Program [Public]: Documentação de ajuda da Dell.lnk . (...) -- C:\Program Files (x86)\Dell Inc\Dell Edoc Viewer\EDocs.exe (.not file.)
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
O4 - GS\QuickLaunch [Heloisa]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Heloisa\AppData\Local\Google\Chrome\Application\chrome.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
O4 - GS\QuickLaunch [Heloisa]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
O4 - GS\TaskBar [Heloisa]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
O4 - GS\Program [Heloisa]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
O4 - GS\SystemTools [Heloisa]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
O4 - GS\Desktop [Heloisa]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Heloisa\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Heloisa]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
~ Global Startup: 58 Legitimates Filtered in 00mn 01s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe (.not file.)
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (.not file.)
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Heloisa\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILDE.exe =>.Epson Seiko Corporation
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-776195993-1085394623-2594960047-1000\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Heloisa\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-776195993-1085394623-2594960047-1000\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILDE.exe =>.Epson Seiko Corporation
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- c:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains] *.dell.com
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD22CF5A-B112-4AAC-868F-E0DBC7BD182B}: DhcpNameServer = 200.189.80.108 200.189.80.122
O17 - HKLM\System\CS1\Services\Tcpip\..\{CD22CF5A-B112-4AAC-868F-E0DBC7BD182B}: DhcpNameServer = 200.189.80.108 200.189.80.122
O17 - HKLM\System\CS2\Services\Tcpip\..\{CD22CF5A-B112-4AAC-868F-E0DBC7BD182B}: DhcpNameServer = 200.189.80.108 200.189.80.122
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.189.80.108 200.189.80.122
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Tarefas planificadas automaticamente (039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\EPSON XP-211 214 216 Series Invitation {4901437A-B167-430A-B4CD-54028DA90968}.job [727]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\EPSON XP-211 214 216 Series Update {4901437A-B167-430A-B4CD-54028DA90968}.job [913]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SaveSense.job [300] =>PUP.SaveSense
[MD5.00000000000000000000000000000000] [APT] [SaveSense] (...) -- C:\Users\Heloisa\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>PUP.SaveSense
[MD5.00000000000000000000000000000000] [APT] [{05B7ED1E-5E46-4D00-AC07-1C1228ED11F1}] (...) -- C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (.not file.) [0]
~ Scheduled Task: 29 Legitimates Filtered in 00mn 03s
---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (Bfilter) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\Windows\system32\drivers\Bfilter.sys =>Adware.BDSearch
O41 - Driver: (Bfmon) . (.Baidu, Inc. - Baidu FS Monitor Driver.) - C:\Windows\system32\drivers\Bfmon.sys =>Adware.BDSearch
O41 - Driver: (Bprotect) . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - C:\Windows\system32\drivers\Bprotect.sys =>Adware.BDSearch
~ Drivers: 78 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\UpdaterEX] =>PUP.Dealply
[HKCU\Software\getTube 2012]
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\baidu] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\supTab]
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager
~ Key Software: 262 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 02/02/2014 - 18:49:51 - [0] ----D C:\Program Files (x86)\Baidu Security =>Adware.BDSearch
O43 - CFD: 27/12/2012 - 19:01:33 - [52,426] ----D C:\Program Files (x86)\Cap
O43 - CFD: 09/12/2012 - 23:25:53 - [0] ----D C:\Program Files (x86)\DreaMule
O43 - CFD: 20/10/2012 - 23:15:41 - [0,359] ----D C:\Program Files (x86)\getTube
O43 - CFD: 17/10/2013 - 10:36:48 - [48,475] ----D C:\Program Files (x86)\GUMFDED.tmp
O43 - CFD: 30/01/2014 - 11:24:19 - [0] ----D C:\Program Files (x86)\milhao5
O43 - CFD: 03/02/2014 - 11:05:39 - [0] ----D C:\Program Files (x86)\SupTab
O43 - CFD: 27/12/2012 - 18:23:09 - [31,972] -SH-D C:\Program Files (x86)\Viky
O43 - CFD: 02/02/2014 - 18:07:43 - [0] ----D C:\ProgramData\IePluginService =>Trojan.SProtector
O43 - CFD: 20/03/2013 - 15:01:51 - [0] ----D C:\ProgramData\ThumbnailCache4R
O43 - CFD: 02/02/2014 - 18:08:49 - [0] ----D C:\ProgramData\WPM =>PUP.WpManager
O43 - CFD: 06/01/2013 - 11:35:03 - [92,751] ----D C:\Users\Heloisa\AppData\Roaming\WTS
O43 - CFD: 02/02/2014 - 19:12:06 - [0] ----D C:\Users\Heloisa\AppData\Local\genienext
O43 - CFD: 02/02/2014 - 18:49:27 - [1,280] ----D C:\Users\Heloisa\AppData\Local\SaveSense =>PUP.SaveSense
O43 - CFD: 02/02/2014 - 18:32:39 - [0,412] ----D C:\Users\Heloisa\AppData\Local\TempSweetIM_Temp_Folder_1381201 =>PUP.SweetIM
~ 142 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 330 Legitimates Filtered in 00mn 22s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 02/02/2014 - 19:09:05 ---A- . (...) -- C:\autoexec.bat [0]
O44 - LFC:[MD5.B9657A0AFF28C1CB114ACC0CB93EE4BB] - 03/02/2014 - 14:09:37 ---A- . (.Windows (R) Win 7 DDK provider - Spyware Terminator 2012 driver.) -- C:\Windows\System32\Drivers\stflt.sys [51496]
O44 - LFC:[MD5.503655F070DC486E7BC69A2F0BEE7FD3] - 03/02/2014 - 17:47:59 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [155108]
O44 - LFC:[MD5.9ECD75D47C49AE1D9CDDD7F5F66DC781] - 03/02/2014 - 17:47:59 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [728550]
O44 - LFC:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992] =>Adware.BDSearch
O44 - LFC:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 21/01/2014 - 11:14:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032] =>Adware.BDSearch
O44 - LFC:[MD5.DFC1681F6645CB2AEA83897588F05362] - 21/01/2014 - 11:14:50 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624] =>Adware.BDSearch
O44 - LFC:[MD5.C75CD00B08363C85032D797524DD924C] - 29/01/2014 - 19:49:10 ---A- . (...) -- C:\lxdn.log [690]
O44 - LFC:[MD5.11980814590ED00CCAA3F17DEDF6CEC9] - 29/01/2014 - 19:49:21 ---A- . (...) -- C:\Windows\System32\LexFiles.ulf [7286]
O44 - LFC:[MD5.7372C0FF6AEA4AEFE12AF187CCCDE6FD] - 31/01/2014 - 17:36:57 ---A- . (...) -- C:\Windows\setup.iss [308]
O44 - LFC:[MD5.B1AD9096B8045BCA9CE4172E9A716DA0] - 31/01/2014 - 17:43:12 ---A- . (...) -- C:\Windows\XP-211 214 216.ini [66]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 31/01/2014 - 22:34:42 ---A- . (...) -- C:\Windows\EEventManager.INI [0]
~ Files: 40 Legitimates Filtered in 00mn 20s
---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\FreeFallProtection [Key] . (...) -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe (.not file.)
~ SMSR Keys: 24 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.E388503069001F0797EC200CE19B265E] - 03/12/2009 - 03:24:38 ---A- . (.ST Microelectronics - Accelerometer Port I/O.) -- C:\Windows\System32\Drivers\Acceler.sys [25136]
O58 - SDL:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 30/10/2013 - 11:08:18 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O58 - SDL:[MD5.90399625F341AB76BA4B85A5E860EB1F] - 22/12/2013 - 18:48:43 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [207904]
O58 - SDL:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 21/01/2014 - 11:14:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032] =>Adware.BDSearch
O58 - SDL:[MD5.DFC1681F6645CB2AEA83897588F05362] - 21/01/2014 - 11:14:50 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624] =>Adware.BDSearch
O58 - SDL:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992] =>Adware.BDSearch
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.9C7BE3666B8953854FEFA2AD9C291D5A] - 09/07/2010 - 10:42:08 ---A- . (.ST Microelectronics - Disk Class Filter Driver for Accelerometer.) -- C:\Windows\System32\Drivers\stdcfltn.sys [21616]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.B9657A0AFF28C1CB114ACC0CB93EE4BB] - 03/02/2014 - 14:09:37 ---A- . (.Windows (R) Win 7 DDK provider - Spyware Terminator 2012 driver.) -- C:\Windows\System32\Drivers\stflt.sys [51496]
O58 - SDL:[MD5.3FE584503DC68CD206143BC334C43484] - 07/04/2010 - 09:35:04 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\Drivers\stwrt64.sys [505344]
~ Drivers: 16 Legitimates Filtered in 00mn 04s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 12/07/2011 - C:\Windows\System32\drivers\BCM42RLY.sys (BCM42RLY) .(.Broadcom Corporation - Broadcom iLine10(tm) PCI Network Adapter Pr.) - LEGACY_BCM42RLY
O64 - Services: CurCS - 21/01/2014 - C:\Windows\system32\drivers\Bfilter.sys (Bfilter) .(.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - LEGACY_BFILTER =>Adware.BDSearch
O64 - Services: CurCS - 21/01/2014 - C:\Windows\system32\drivers\Bfmon.sys (Bfmon) .(.Baidu, Inc. - Baidu FS Monitor Driver.) - LEGACY_BFMON =>Adware.BDSearch
O64 - Services: CurCS - 21/01/2014 - C:\Windows\system32\drivers\Bprotect.sys (Bprotect) .(.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - LEGACY_BPROTECT =>Adware.BDSearch
~ Legacy: 136 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Users\Heloisa\AppData\Local\Google\Chrome\Application\chrome.exe" [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {49606DC7-976D-4030-A74E-9FB5C842FA68} - (Funmoods) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Funmoods
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.8DDB84FB5FD7958654F23ECE6EA14D0F] [SPRF][15/01/2014] (.Baidu, Inc. - Baidu Antivirus FileSplitUpLoad Library.) -- C:\ProgramData\FileSplitUpLoad.dll [167784] =>Adware.BDSearch
[MD5.55DBA9F8D394DC3B628BB27D46A1B2BE] [SPRF][02/02/2014] (.Setup © - Setup.) -- C:\Users\Heloisa\AppData\Local\Temp\2496uninstall.exe [647680]
[MD5.047B5AF68447F3BA140DE1AAAC4E8A51] [SPRF][02/02/2014] (...) -- C:\Users\Heloisa\AppData\Local\Temp\BackupSetup.exe [10363208]
[MD5.47025DD5CBA8B43E9D26C960FF5B32A7] [SPRF][23/10/2013] (...) -- C:\Users\Heloisa\AppData\Local\Temp\Quarantine.exe [344355]
[MD5.86F046F5A93D054F2BA21CFFC0D01EC4] [SPRF][02/02/2014] (.Perion Network Ltd - SweetIM Installer by SweetPacks.) -- C:\Users\Heloisa\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe [7636240] =>PUP.SweetIM
[MD5.5C28E508C83A3B0DDBB224B04B1418B9] [SPRF][02/02/2014] (...) -- C:\Users\Heloisa\AppData\Local\Temp\SHSetup.exe [47329360] =>Crapware.SpyHunter
[MD5.5405413FFF79B8D9C747AA900F60F082] [SPRF][02/02/2014] (...) -- C:\Users\Heloisa\AppData\Local\Temp\Sqlite3.dll [599419]
[MD5.127C4C5D6216BE9C8BBE85D4FDE2EE96] [SPRF][02/02/2014] (...) -- C:\Users\Heloisa\AppData\Local\Temp\WSSetup.exe [3953864]
[MD5.884E144676C0C9679042E83574822FB9] [SPRF][02/02/2014] (...) -- C:\Users\Heloisa\AppData\LocalLow\SkwConfig.bin [8432]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][03/11/2013] (...) -- C:\Users\Heloisa\AppData\Roaming\WService.dll [0]
~ Files: 10 Legitimates Filtered in 00mn 08s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{3C51A7FB-2BAE-4042-A77E-13C4F3DCC5AB}" | In - Private - P6 - TRUE | .(.Perion Network Ltd - SweetIM Installer by SweetPacks.) -- C:\Users\Heloisa\AppData\Local\Temp\nscE6E6.tmp\DynamicOffer1\bundlesweetimsetup.exe =>PUP.SweetIM
O87 - FAEL: "{74ECF6C2-C47A-40C6-B0D8-CEFFB4256C70}" | In - Private - P17 - TRUE | .(.Perion Network Ltd - SweetIM Installer by SweetPacks.) -- C:\Users\Heloisa\AppData\Local\Temp\nscE6E6.tmp\DynamicOffer1\bundlesweetimsetup.exe =>PUP.SweetIM
O87 - FAEL: "{A9EEE9C8-9463-46EE-904B-0F5EA20A6977}" | In - Private - P6 - TRUE | .(.Perion Network Ltd - SweetIM Installer by SweetPacks.) -- C:\Users\Heloisa\AppData\Local\Temp\nsnF623.tmp\DynamicOffer1\bundlesweetimsetup.exe =>PUP.SweetIM
O87 - FAEL: "{122514F5-5064-4E36-A1FB-9A7D42313CDF}" | In - Private - P17 - TRUE | .(.Perion Network Ltd - SweetIM Installer by SweetPacks.) -- C:\Users\Heloisa\AppData\Local\Temp\nsnF623.tmp\DynamicOffer1\bundlesweetimsetup.exe =>PUP.SweetIM
~ Firewall: 177 Legitimates Filtered in 00mn 01s
---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "BD17006DC954C56429FE33E6561F4A63" . (.Software Updater.) -- C:\Windows\Installer\{D60071DB-459C-465C-92EF-336E65F1A436}\icon.ico =>PUP.Eorezo
~ Update Products: 49 Legitimates Filtered in 00mn 00s
---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.51CCDE7D5FC5FA428D0EE36E4212AF52] [WIS][27/12/2012] (.TI Software - TiMONITOR.) -- C:\Windows\Installer\866d7.msi [2635776]
~ WIS: 52 Legitimates Filtered in 00mn 15s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 11/12/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 16/10/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 16/10/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 10/09/2013 118680 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 25/11/2010 1116656 | (RoxMediaDB12OEM) . (.Sonic Solutions.) - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
SS - | Auto 25/11/2010 219632 | (RoxWatch12) . (.Sonic Solutions.) - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 08/11/2010 74392 | (stllssvr) . (.MicroVision Development, Inc..) - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
SR - | Auto 10/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 03/03/2009 89600 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d550fa1f2cf8996d\AESTSr64.exe
SR - | Auto 29/01/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 20/10/2009 873248 | (btwdins) . (.Broadcom Corporation..) - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SR - | Auto 20/09/2013 654400 | (EpsonCustomerParticipation) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
SR - | Auto 16/05/2012 144560 | (EpsonScanSvc) . (.Seiko Epson Corporation.) - C:\Windows\system32\EscSvc64.exe
SR - | Auto 04/11/2009 268824 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 27/11/2012 479840 | (PMBDeviceInfoProvider) . (.Sony Corporation.) - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
SR - | Auto 07/04/2010 247808 | (STacSV) . (.IDT, Inc..) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d550fa1f2cf8996d\STacSV64.exe
SR - | Auto 04/11/2009 2320920 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 12/07/2011 48128 | (wltrysvc) . (.Dell Inc..) - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.exe
SR - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 17s
---\\ Scâner Aditional (088)
Database Version : 13030 - (25/01/2014)
Clés trouvées (Keys found) : 8
Valeurs trouvées (Values found) : 7
Dossiers trouvés (Folders found) : 7
Fichiers trouvés (Files found) : 10
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71E129FF-6C2A-4984-818C-7E2C998B8D99}] =>PUP.SaveSense^
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\omigaplussvc] =>Hijacker.OmigaPlus
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate] =>PUP.DealPly
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dealply] =>PUP.DealPly
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus] =>Adware.BDSearch
C:\Users\Heloisa\AppData\Roaming\Mozilla\Firefox\Profiles\3mdxfmoj.default\extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23} =>PUP.SaveSense^
C:\Users\Heloisa\AppData\Roaming\Mozilla\Firefox\Profiles\3mdxfmoj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} =>Adware.MyWebSearch^
C:\Program Files (x86)\Baidu Security =>Adware.BDSearch^
C:\ProgramData\IePluginService =>Trojan.SProtector^
C:\ProgramData\WPM =>PUP.WpManager^
C:\Users\Heloisa\AppData\Local\SaveSense =>PUP.SaveSense^
C:\Users\Heloisa\AppData\Local\TempSweetIM_Temp_Folder_1381201 =>PUP.SweetIM^
C:\Windows\Tasks\SaveSense.job =>PUP.SaveSense^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKCU\Software\UpdaterEX] =>PUP.Dealply^
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\baidu] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^
C:\ProgramData\FileSplitUpLoad.dll =>Adware.BDSearch^
C:\Users\Heloisa\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe =>PUP.SweetIM^
C:\Users\Heloisa\AppData\Local\Temp\SHSetup.exe =>Crapware.SpyHunter^
C:\Users\Heloisa\Downloads\SaveAs.exe =>PUP.Offerware
~ Additionnel Scan: 258080 Items scanned in 00mn 22s
---\\ Sumário das deteções encontradas na sua estação
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.VisualBeeToolbar
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SaveSense
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.MyWebSearch
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.DealPly
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.WpManager
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.SProtector
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SweetIM
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Funmoods
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Crapware.SpyHunter
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.EoRezo
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.OmigaPlus
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Tarma
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Offerware
~ MSI: 15 link(s) detected in 00mn 22s
~ 1274 Legitimates filtered by white list
End of the scan (533 lines in 02mn 10s)(0)
~ Relatório do ZHPDiag v2014.1.25.26 - Nicolas Coolman (25/01/2014)
~ Iniciado por Heloisa (03/02/2014 19:04:51)
~ Endereço do Website : http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.16476
MFIE: Mozilla Firefox 24.0
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Basic, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
avast! Free Antivirus v9.0.2013
Microsoft Security Client PT-BR Language Pack v2.1.1116.0
Windows Defender W7
---\\ Softwares d'optimização do sistema
CCleaner v4.07 =>Piriform Ltd
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 11 ActiveX
Adobe Reader X
Java 7 Update 45
---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3894 MB (65% free)
System Restore: Activé (Enable)
System drive C: has 222 GB (77%) free of 285 GB
---\\ Modo de conexão ao sistema
~ Computer Name: HELOISAMURO-PC
~ User Name: Heloisa
~ All Users Names: Heloisa, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Heloisa\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Heloisa\AppData\Roaming\
~ %Desktop% : C:\Users\Heloisa\Desktop\
~ %Favorites% : C:\Users\Heloisa\Favorites\
~ %LocalAppData% : C:\Users\Heloisa\AppData\Local\
~ %StartMenu% : C:\Users\Heloisa\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 222 Go of 285 Go)
D: CD-ROM drive (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 03:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9B6678DB9C6A232C5A84D2FDFFF8B0E1] - (.Microsoft Corporation - Internet Extensions para Win32.) (.26/11/2013 - 04:07:57.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.21/11/2010 - 00:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.27/09/2013 - 22:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.12/04/2013 - 11:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/11738
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/11
~ Mes Documents (My Documents) : 2/138
~ Mon Bureau (My Desktop) : 1/6
~ Menu demarrer (Programs) : 1/26
~ Hidden Files: Scanned in 00mn 04s
---\\ Processos lançados
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Google Installer.) -- C:\Users\Heloisa\AppData\Local\Google\Update\GoogleUpdate.exe [116648] [PID.3032]
[MD5.A78AAB0D2D70EF7DD56B7328AC502059] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096] [PID.3304]
[MD5.520A0F8683354CA7F36CEF1E0361B93D] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe [1057920] [PID.3320]
[MD5.9B593137FBCC7C1E5D0E4A422749D9A5] - (.Google Inc. - Google Chrome.) -- C:\Users\Heloisa\AppData\Local\Google\Chrome\Application\chrome.exe [866584] [PID.3676]
[MD5.CA25CAEEBDBE25D85565877219F684F8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8339968] [PID.3124]
[MD5.CC42F104172B4A62793083D380867317] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1380]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1868]
[MD5.5460828F8951D310B42B442877603B8D] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [268824] [PID.2020]
[MD5.CBCEC2C45E7D672EC6E46CBFF23BDF8E] - (.Sony Corporation - Device Information Provider.) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [479840] [PID.1472]
[MD5.39B1D0A636A400304565D4521FAD6D77] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [207528] [PID.2336]
[MD5.77C5A741A7452812F278EF2C18478862] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [523944] [PID.2496]
[MD5.FD557A50A65E44041CD2FCEF4BEB04DB] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822504] [PID.2616]
[MD5.9E89C2D6945389270DE067CE51FF7425] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2320920] [PID.1972]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Heloisa\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
~ Google Browser: 10 Legitimates Filtered in 00mn 00s
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\Heloisa\AppData\Roaming\Mozilla\Firefox\Profiles\3mdxfmoj.default\prefs.js
M3 - MFPP: Plugins - [Heloisa] -- C:\Users\Heloisa\AppData\Roaming\Mozilla\Firefox\Profiles\3mdxfmoj.default\searchplugins\visualbee-v1-customized-web-search.xml =>Adware.VisualBeeToolbar
M3 - MFPP: Plugins - [Heloisa] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\awesomehp.xml =>PUP.Awesomehp
M3 - MFPP: Plugins - [Heloisa] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\navegaki.xml
M2 - MFEP: prefs.js [Heloisa - 3mdxfmoj.default\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack] [] Extension_Protected v1.0.12 (..)
M2 - MFEP: prefs.js [Heloisa - 3mdxfmoj.default\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23}] [] SaveSense v3.0 (..) =>PUP.SaveSense
M2 - MFEP: prefs.js [Heloisa - 3mdxfmoj.default\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}] [] MySearchDial NewTab v3.0 (..) =>Adware.MyWebSearch
~ Firefox Browser: 14 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
~ IE Browser: 19 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects do navegador (02)
O2 - BHO: SaveSense [64Bits] - {71e129ff-6c2a-4984-818c-7e2c998b8d99} . (.SaveSense - SaveSense for IE.) -- C:\Users\Heloisa\AppData\Local\SaveSense\SaveSenseIE.dll =>PUP.SaveSense
~ BHO: 5 Legitimates Filtered in 00mn 00s
---\\ Barras do Internet Explorer (03))
O3 - Toolbar: Easy Photo Print - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION - Epson Easy Photo Print (TBL x64).) -- C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{1017A80C-6F09-4548-A84D-EDD6AC9525F0} Chave orfã
~ Toolbar: Scanned in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: CineMax Pro 2.2.lnk . (.Tv pela internet nunca foi tão facil! - CineMax Pro.) -- C:\Program Files (x86)\CineMax Pro 2.2\CineMax Pro.exe
O4 - GS\Desktop [Public]: Dell Backup and Recovery Manager.lnk . (...) -- C:\Windows\Installer\{50B4B603-A4C6-4739-AE96-6C76A0F8A388}\_54F0D65B7FC7D08A0877D4.exe
O4 - GS\Desktop [Public]: Epson Easy Photo Print.lnk . (.SEIKO EPSON CORPORATION - No Comment.) -- C:\Program Files (x86)\EPSON Software\Easy Photo Print\EPQuicker.exe
O4 - GS\Desktop [Public]: EPSON Scan.lnk . (.SEIKO EPSON CORP. - EPSON Scan.) -- C:\Windows\twain_32\escndv\escndv.exe
O4 - GS\Desktop [Public]: Manual Epson XP-211_XP-214.lnk . (...) -- C:\Program Files (x86)\epson\guide\xp-211_214_p\index.html
O4 - GS\Desktop [Public]: Roxio Creator Starter.lnk . (...) -- C:\Program Files (x86)\Roxio\OEM\Roxio Central 5\RoxioCentralFx.exe
O4 - GS\Program [Public]: Documentação de ajuda da Dell.lnk . (...) -- C:\Program Files (x86)\Dell Inc\Dell Edoc Viewer\EDocs.exe (.not file.)
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
O4 - GS\QuickLaunch [Heloisa]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Heloisa\AppData\Local\Google\Chrome\Application\chrome.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
O4 - GS\QuickLaunch [Heloisa]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
O4 - GS\TaskBar [Heloisa]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
O4 - GS\Program [Heloisa]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
O4 - GS\SystemTools [Heloisa]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
O4 - GS\Desktop [Heloisa]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Heloisa\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Heloisa]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
~ Global Startup: 58 Legitimates Filtered in 00mn 01s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe (.not file.)
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (.not file.)
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Heloisa\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILDE.exe =>.Epson Seiko Corporation
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-776195993-1085394623-2594960047-1000\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Heloisa\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-776195993-1085394623-2594960047-1000\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILDE.exe =>.Epson Seiko Corporation
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- c:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains] *.dell.com
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD22CF5A-B112-4AAC-868F-E0DBC7BD182B}: DhcpNameServer = 200.189.80.108 200.189.80.122
O17 - HKLM\System\CS1\Services\Tcpip\..\{CD22CF5A-B112-4AAC-868F-E0DBC7BD182B}: DhcpNameServer = 200.189.80.108 200.189.80.122
O17 - HKLM\System\CS2\Services\Tcpip\..\{CD22CF5A-B112-4AAC-868F-E0DBC7BD182B}: DhcpNameServer = 200.189.80.108 200.189.80.122
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.189.80.108 200.189.80.122
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Tarefas planificadas automaticamente (039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\EPSON XP-211 214 216 Series Invitation {4901437A-B167-430A-B4CD-54028DA90968}.job [727]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\EPSON XP-211 214 216 Series Update {4901437A-B167-430A-B4CD-54028DA90968}.job [913]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SaveSense.job [300] =>PUP.SaveSense
[MD5.00000000000000000000000000000000] [APT] [SaveSense] (...) -- C:\Users\Heloisa\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>PUP.SaveSense
[MD5.00000000000000000000000000000000] [APT] [{05B7ED1E-5E46-4D00-AC07-1C1228ED11F1}] (...) -- C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (.not file.) [0]
~ Scheduled Task: 29 Legitimates Filtered in 00mn 03s
---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (Bfilter) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\Windows\system32\drivers\Bfilter.sys =>Adware.BDSearch
O41 - Driver: (Bfmon) . (.Baidu, Inc. - Baidu FS Monitor Driver.) - C:\Windows\system32\drivers\Bfmon.sys =>Adware.BDSearch
O41 - Driver: (Bprotect) . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - C:\Windows\system32\drivers\Bprotect.sys =>Adware.BDSearch
~ Drivers: 78 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\UpdaterEX] =>PUP.Dealply
[HKCU\Software\getTube 2012]
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\baidu] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\supTab]
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager
~ Key Software: 262 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 02/02/2014 - 18:49:51 - [0] ----D C:\Program Files (x86)\Baidu Security =>Adware.BDSearch
O43 - CFD: 27/12/2012 - 19:01:33 - [52,426] ----D C:\Program Files (x86)\Cap
O43 - CFD: 09/12/2012 - 23:25:53 - [0] ----D C:\Program Files (x86)\DreaMule
O43 - CFD: 20/10/2012 - 23:15:41 - [0,359] ----D C:\Program Files (x86)\getTube
O43 - CFD: 17/10/2013 - 10:36:48 - [48,475] ----D C:\Program Files (x86)\GUMFDED.tmp
O43 - CFD: 30/01/2014 - 11:24:19 - [0] ----D C:\Program Files (x86)\milhao5
O43 - CFD: 03/02/2014 - 11:05:39 - [0] ----D C:\Program Files (x86)\SupTab
O43 - CFD: 27/12/2012 - 18:23:09 - [31,972] -SH-D C:\Program Files (x86)\Viky
O43 - CFD: 02/02/2014 - 18:07:43 - [0] ----D C:\ProgramData\IePluginService =>Trojan.SProtector
O43 - CFD: 20/03/2013 - 15:01:51 - [0] ----D C:\ProgramData\ThumbnailCache4R
O43 - CFD: 02/02/2014 - 18:08:49 - [0] ----D C:\ProgramData\WPM =>PUP.WpManager
O43 - CFD: 06/01/2013 - 11:35:03 - [92,751] ----D C:\Users\Heloisa\AppData\Roaming\WTS
O43 - CFD: 02/02/2014 - 19:12:06 - [0] ----D C:\Users\Heloisa\AppData\Local\genienext
O43 - CFD: 02/02/2014 - 18:49:27 - [1,280] ----D C:\Users\Heloisa\AppData\Local\SaveSense =>PUP.SaveSense
O43 - CFD: 02/02/2014 - 18:32:39 - [0,412] ----D C:\Users\Heloisa\AppData\Local\TempSweetIM_Temp_Folder_1381201 =>PUP.SweetIM
~ 142 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 330 Legitimates Filtered in 00mn 22s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 02/02/2014 - 19:09:05 ---A- . (...) -- C:\autoexec.bat [0]
O44 - LFC:[MD5.B9657A0AFF28C1CB114ACC0CB93EE4BB] - 03/02/2014 - 14:09:37 ---A- . (.Windows (R) Win 7 DDK provider - Spyware Terminator 2012 driver.) -- C:\Windows\System32\Drivers\stflt.sys [51496]
O44 - LFC:[MD5.503655F070DC486E7BC69A2F0BEE7FD3] - 03/02/2014 - 17:47:59 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [155108]
O44 - LFC:[MD5.9ECD75D47C49AE1D9CDDD7F5F66DC781] - 03/02/2014 - 17:47:59 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [728550]
O44 - LFC:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992] =>Adware.BDSearch
O44 - LFC:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 21/01/2014 - 11:14:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032] =>Adware.BDSearch
O44 - LFC:[MD5.DFC1681F6645CB2AEA83897588F05362] - 21/01/2014 - 11:14:50 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624] =>Adware.BDSearch
O44 - LFC:[MD5.C75CD00B08363C85032D797524DD924C] - 29/01/2014 - 19:49:10 ---A- . (...) -- C:\lxdn.log [690]
O44 - LFC:[MD5.11980814590ED00CCAA3F17DEDF6CEC9] - 29/01/2014 - 19:49:21 ---A- . (...) -- C:\Windows\System32\LexFiles.ulf [7286]
O44 - LFC:[MD5.7372C0FF6AEA4AEFE12AF187CCCDE6FD] - 31/01/2014 - 17:36:57 ---A- . (...) -- C:\Windows\setup.iss [308]
O44 - LFC:[MD5.B1AD9096B8045BCA9CE4172E9A716DA0] - 31/01/2014 - 17:43:12 ---A- . (...) -- C:\Windows\XP-211 214 216.ini [66]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 31/01/2014 - 22:34:42 ---A- . (...) -- C:\Windows\EEventManager.INI [0]
~ Files: 40 Legitimates Filtered in 00mn 20s
---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\FreeFallProtection [Key] . (...) -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe (.not file.)
~ SMSR Keys: 24 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.E388503069001F0797EC200CE19B265E] - 03/12/2009 - 03:24:38 ---A- . (.ST Microelectronics - Accelerometer Port I/O.) -- C:\Windows\System32\Drivers\Acceler.sys [25136]
O58 - SDL:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 30/10/2013 - 11:08:18 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O58 - SDL:[MD5.90399625F341AB76BA4B85A5E860EB1F] - 22/12/2013 - 18:48:43 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [207904]
O58 - SDL:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 21/01/2014 - 11:14:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032] =>Adware.BDSearch
O58 - SDL:[MD5.DFC1681F6645CB2AEA83897588F05362] - 21/01/2014 - 11:14:50 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624] =>Adware.BDSearch
O58 - SDL:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992] =>Adware.BDSearch
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.9C7BE3666B8953854FEFA2AD9C291D5A] - 09/07/2010 - 10:42:08 ---A- . (.ST Microelectronics - Disk Class Filter Driver for Accelerometer.) -- C:\Windows\System32\Drivers\stdcfltn.sys [21616]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.B9657A0AFF28C1CB114ACC0CB93EE4BB] - 03/02/2014 - 14:09:37 ---A- . (.Windows (R) Win 7 DDK provider - Spyware Terminator 2012 driver.) -- C:\Windows\System32\Drivers\stflt.sys [51496]
O58 - SDL:[MD5.3FE584503DC68CD206143BC334C43484] - 07/04/2010 - 09:35:04 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\Drivers\stwrt64.sys [505344]
~ Drivers: 16 Legitimates Filtered in 00mn 04s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 12/07/2011 - C:\Windows\System32\drivers\BCM42RLY.sys (BCM42RLY) .(.Broadcom Corporation - Broadcom iLine10(tm) PCI Network Adapter Pr.) - LEGACY_BCM42RLY
O64 - Services: CurCS - 21/01/2014 - C:\Windows\system32\drivers\Bfilter.sys (Bfilter) .(.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - LEGACY_BFILTER =>Adware.BDSearch
O64 - Services: CurCS - 21/01/2014 - C:\Windows\system32\drivers\Bfmon.sys (Bfmon) .(.Baidu, Inc. - Baidu FS Monitor Driver.) - LEGACY_BFMON =>Adware.BDSearch
O64 - Services: CurCS - 21/01/2014 - C:\Windows\system32\drivers\Bprotect.sys (Bprotect) .(.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - LEGACY_BPROTECT =>Adware.BDSearch
~ Legacy: 136 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {49606DC7-976D-4030-A74E-9FB5C842FA68} - (Funmoods) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Funmoods
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.8DDB84FB5FD7958654F23ECE6EA14D0F] [SPRF][15/01/2014] (.Baidu, Inc. - Baidu Antivirus FileSplitUpLoad Library.) -- C:\ProgramData\FileSplitUpLoad.dll [167784] =>Adware.BDSearch
[MD5.55DBA9F8D394DC3B628BB27D46A1B2BE] [SPRF][02/02/2014] (.Setup © - Setup.) -- C:\Users\Heloisa\AppData\Local\Temp\2496uninstall.exe [647680]
[MD5.047B5AF68447F3BA140DE1AAAC4E8A51] [SPRF][02/02/2014] (...) -- C:\Users\Heloisa\AppData\Local\Temp\BackupSetup.exe [10363208]
[MD5.47025DD5CBA8B43E9D26C960FF5B32A7] [SPRF][23/10/2013] (...) -- C:\Users\Heloisa\AppData\Local\Temp\Quarantine.exe [344355]
[MD5.86F046F5A93D054F2BA21CFFC0D01EC4] [SPRF][02/02/2014] (.Perion Network Ltd - SweetIM Installer by SweetPacks.) -- C:\Users\Heloisa\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe [7636240] =>PUP.SweetIM
[MD5.5C28E508C83A3B0DDBB224B04B1418B9] [SPRF][02/02/2014] (...) -- C:\Users\Heloisa\AppData\Local\Temp\SHSetup.exe [47329360] =>Crapware.SpyHunter
[MD5.5405413FFF79B8D9C747AA900F60F082] [SPRF][02/02/2014] (...) -- C:\Users\Heloisa\AppData\Local\Temp\Sqlite3.dll [599419]
[MD5.127C4C5D6216BE9C8BBE85D4FDE2EE96] [SPRF][02/02/2014] (...) -- C:\Users\Heloisa\AppData\Local\Temp\WSSetup.exe [3953864]
[MD5.884E144676C0C9679042E83574822FB9] [SPRF][02/02/2014] (...) -- C:\Users\Heloisa\AppData\LocalLow\SkwConfig.bin [8432]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][03/11/2013] (...) -- C:\Users\Heloisa\AppData\Roaming\WService.dll [0]
~ Files: 10 Legitimates Filtered in 00mn 08s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{3C51A7FB-2BAE-4042-A77E-13C4F3DCC5AB}" | In - Private - P6 - TRUE | .(.Perion Network Ltd - SweetIM Installer by SweetPacks.) -- C:\Users\Heloisa\AppData\Local\Temp\nscE6E6.tmp\DynamicOffer1\bundlesweetimsetup.exe =>PUP.SweetIM
O87 - FAEL: "{74ECF6C2-C47A-40C6-B0D8-CEFFB4256C70}" | In - Private - P17 - TRUE | .(.Perion Network Ltd - SweetIM Installer by SweetPacks.) -- C:\Users\Heloisa\AppData\Local\Temp\nscE6E6.tmp\DynamicOffer1\bundlesweetimsetup.exe =>PUP.SweetIM
O87 - FAEL: "{A9EEE9C8-9463-46EE-904B-0F5EA20A6977}" | In - Private - P6 - TRUE | .(.Perion Network Ltd - SweetIM Installer by SweetPacks.) -- C:\Users\Heloisa\AppData\Local\Temp\nsnF623.tmp\DynamicOffer1\bundlesweetimsetup.exe =>PUP.SweetIM
O87 - FAEL: "{122514F5-5064-4E36-A1FB-9A7D42313CDF}" | In - Private - P17 - TRUE | .(.Perion Network Ltd - SweetIM Installer by SweetPacks.) -- C:\Users\Heloisa\AppData\Local\Temp\nsnF623.tmp\DynamicOffer1\bundlesweetimsetup.exe =>PUP.SweetIM
~ Firewall: 177 Legitimates Filtered in 00mn 01s
---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "BD17006DC954C56429FE33E6561F4A63" . (.Software Updater.) -- C:\Windows\Installer\{D60071DB-459C-465C-92EF-336E65F1A436}\icon.ico =>PUP.Eorezo
~ Update Products: 49 Legitimates Filtered in 00mn 00s
---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.51CCDE7D5FC5FA428D0EE36E4212AF52] [WIS][27/12/2012] (.TI Software - TiMONITOR.) -- C:\Windows\Installer\866d7.msi [2635776]
~ WIS: 52 Legitimates Filtered in 00mn 15s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 11/12/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 16/10/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 16/10/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 10/09/2013 118680 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 25/11/2010 1116656 | (RoxMediaDB12OEM) . (.Sonic Solutions.) - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
SS - | Auto 25/11/2010 219632 | (RoxWatch12) . (.Sonic Solutions.) - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 08/11/2010 74392 | (stllssvr) . (.MicroVision Development, Inc..) - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
SR - | Auto 10/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 03/03/2009 89600 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d550fa1f2cf8996d\AESTSr64.exe
SR - | Auto 29/01/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 20/10/2009 873248 | (btwdins) . (.Broadcom Corporation..) - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SR - | Auto 20/09/2013 654400 | (EpsonCustomerParticipation) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
SR - | Auto 16/05/2012 144560 | (EpsonScanSvc) . (.Seiko Epson Corporation.) - C:\Windows\system32\EscSvc64.exe
SR - | Auto 04/11/2009 268824 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 27/11/2012 479840 | (PMBDeviceInfoProvider) . (.Sony Corporation.) - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
SR - | Auto 07/04/2010 247808 | (STacSV) . (.IDT, Inc..) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d550fa1f2cf8996d\STacSV64.exe
SR - | Auto 04/11/2009 2320920 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 12/07/2011 48128 | (wltrysvc) . (.Dell Inc..) - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.exe
SR - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 17s
---\\ Scâner Aditional (088)
Database Version : 13030 - (25/01/2014)
Clés trouvées (Keys found) : 8
Valeurs trouvées (Values found) : 7
Dossiers trouvés (Folders found) : 7
Fichiers trouvés (Files found) : 10
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71E129FF-6C2A-4984-818C-7E2C998B8D99}] =>PUP.SaveSense^
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\omigaplussvc] =>Hijacker.OmigaPlus
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate] =>PUP.DealPly
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dealply] =>PUP.DealPly
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus] =>Adware.BDSearch
C:\Users\Heloisa\AppData\Roaming\Mozilla\Firefox\Profiles\3mdxfmoj.default\extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23} =>PUP.SaveSense^
C:\Users\Heloisa\AppData\Roaming\Mozilla\Firefox\Profiles\3mdxfmoj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} =>Adware.MyWebSearch^
C:\Program Files (x86)\Baidu Security =>Adware.BDSearch^
C:\ProgramData\IePluginService =>Trojan.SProtector^
C:\ProgramData\WPM =>PUP.WpManager^
C:\Users\Heloisa\AppData\Local\SaveSense =>PUP.SaveSense^
C:\Users\Heloisa\AppData\Local\TempSweetIM_Temp_Folder_1381201 =>PUP.SweetIM^
C:\Windows\Tasks\SaveSense.job =>PUP.SaveSense^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKCU\Software\UpdaterEX] =>PUP.Dealply^
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\baidu] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^
C:\ProgramData\FileSplitUpLoad.dll =>Adware.BDSearch^
C:\Users\Heloisa\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe =>PUP.SweetIM^
C:\Users\Heloisa\AppData\Local\Temp\SHSetup.exe =>Crapware.SpyHunter^
C:\Users\Heloisa\Downloads\SaveAs.exe =>PUP.Offerware
~ Additionnel Scan: 258080 Items scanned in 00mn 22s
---\\ Sumário das deteções encontradas na sua estação
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.VisualBeeToolbar
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SaveSense
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.MyWebSearch
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.DealPly
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.WpManager
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.SProtector
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SweetIM
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Funmoods
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Crapware.SpyHunter
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.EoRezo
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.OmigaPlus
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Tarma
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Offerware
~ MSI: 15 link(s) detected in 00mn 22s
~ 1274 Legitimates filtered by white list
End of the scan (533 lines in 02mn 10s)(0)
aloisio- Iniciante
- Mensagens : 33
Reputação : 0
Data de inscrição : 03/02/2014
Re: (RESOLVIDO) como remover o awesomehp ?????
por Power Max Seg 03 Fev 2014, 20:18
Copie todo este script que te enviei. Vá no menu: Iniciar > Todos os programas > ZHP > Abra o Zhpfix > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas. Copie este relatório e poste em sua próxima resposta.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) como remover o awesomehp ?????
por aloisio Ter 04 Fev 2014, 11:22
.....desculpe , mas como que posso copiar o texto em vermelho sem copiar o escrito em preto ????
aloisio- Iniciante
- Mensagens : 33
Reputação : 0
Data de inscrição : 03/02/2014
Re: (RESOLVIDO) como remover o awesomehp ?????
por Power Max Ter 04 Fev 2014, 11:29
a parte preta que está dentro do texto vermelho você copia também, copia tudo junto
Você deve começar a copiar em script zhpfix e vai até SysRestore
Você deve começar a copiar em script zhpfix e vai até SysRestore
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) como remover o awesomehp ?????
por aloisio Ter 04 Fev 2014, 12:29
Rapport de ZHPFix 2014.1.17.2 par Nicolas Coolman, Update du 17/01/2014
Fichier d'export Registre :
Run by Heloisa at 04/02/2014 12:26:53
High Elevated Privileges : OK
Windows 7 Home Basic Edition, 64-bit Service Pack 1 (Build 7601)
Reciclagem vazia (00mn 04s)
Reparação de atalhos do navegador
========== Processo memória ==========
ELIMINÉ: Memory Process: C:\Users\Heloisa\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe
ELIMINÉ: Memory Process: C:\Users\Heloisa\AppData\Local\Temp\SHSetup.exe
ELIMINÉ: Memory Process: C:\Users\Heloisa\AppData\Local\Temp\WSSetup.exe
ELIMINÉ: Memory Process: C:\Users\Heloisa\Downloads\SaveAs.exe
========== Modulos memória ==========
ELIMINÉ: Memory Module: C:\ProgramData\FileSplitUpLoad.dll
========== Estado dos serviços ==========
BFILTER Parado
BFMON Parado
BPROTECT Parado
========== Chaves do Registo ==========
ELIMINÉ: CLSID BHO: {71e129ff-6c2a-4984-818c-7e2c998b8d99}
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bprotect
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKCU\Software\UpdaterEX
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\baidu
ELIMINÉ: HKLM\Software\Wow6432Node\supTab
ELIMINÉ: HKLM\Software\Wow6432Node\supWPM
ELIMINÉ:* StartupReg: FreeFallProtection
ELIMINÉ: SearchScopes :{49606DC7-976D-4030-A74E-9FB5C842FA68}
ELIMINÉ: [HKLM\Software\Classes\Installer\Products\\BD17006DC954C56429FE33E6561F4A63]
ELIMINÉ: [HKLM\Software\Classes\Installer\Features\BD17006DC954C56429FE33E6561F4A63]
ELIMINÉ: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
ELIMINÉ: HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32
ELIMINÉ:* HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
ELIMINÉ:* HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dealply
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus
========== Valores do Registo ==========
ELIMINÉ: Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0}
ELIMINÉ RunValue: SpywareTerminatorShield
ELIMINÉ RunValue: SpywareTerminatorUpdater
ELIMINÉ MWPS Value: EnableLUA
ELIMINÉ MWPS Value: EnableUIADesktopToggle
ELIMINÉ MWPS Value: FilterAdministratorToken
ELIMINÉ MWPE Value: NoActiveDesktopChanges
ELIMINÉ: {3C51A7FB-2BAE-4042-A77E-13C4F3DCC5AB}
ELIMINÉ: {74ECF6C2-C47A-40C6-B0D8-CEFFB4256C70}
ELIMINÉ: {A9EEE9C8-9463-46EE-904B-0F5EA20A6977}
ELIMINÉ: {122514F5-5064-4E36-A1FB-9A7D42313CDF}
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
========== Elementos dos dados do Registo ==========
SUBSTITUI Value NoActiveDesktopChanges : Good (0) - Bad (1)
SUBSTITUI Value EnableLUA : Good (1) - Bad (0)
ELIMINÉ: R1 Search Page =
========== Pastas ==========
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{014F65D2-1EDD-4B93-A433-90DB3EC27F82}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{0630D4B2-021F-4AF0-8D3D-75B6CB7174D7}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{09C4AB21-7A8A-416D-BB5E-82D38DA03B93}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{0E034A2B-CF73-4534-8E89-F7C614ED5083}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{106F9D40-47F0-4124-B1DA-863F0DF1FECF}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{148F851A-33CC-4123-900D-6686D58E3171}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{15ABC4D4-5468-43DA-BBF0-6705DC143461}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{163FC4D9-05C5-49FF-BF84-951687447F46}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{17280F42-BEF0-463D-B7A2-0C3DB8F014C4}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{1746C383-81E4-4CA1-BA67-17DD56A14BA5}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{1B1DA5DD-6A90-41AC-84E2-AC0CFBAADDC5}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{22732DD1-721F-424E-A8EB-A1AE78B2CC2B}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{2AAC1F09-8E2C-4EC1-8D57-30B1EE8BE5E4}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{2C7DBD3E-0E1B-4F30-B418-CC34B5ED753B}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{2F7D0775-967B-4D4B-A55F-77789516AC36}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{2FCF3DAE-2155-4734-8B13-0448ADED7F98}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{30599825-129F-42AE-91BC-416B037F39F1}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{31ECB513-F923-4C71-977D-7996FA5835E5}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{33C4DB36-D68F-4714-B187-9E94772A353B}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{34392C96-C7A8-4D6F-8B96-3AB4EFA59B5D}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{356EA1F6-AE0F-4C58-8B0A-5079184D33CC}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{35A64357-7766-44C0-9B3D-CD57356606CD}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{377142C0-B57B-43B0-A21A-C21F7757C2D9}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{390DC587-822C-449D-9FD6-3494D81033D8}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{3B0C232A-1788-49B3-B7E7-850A8525E9C8}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{3C2F262E-224D-41D9-8A09-8D3618CE9BB1}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{3F559C52-D5CD-4484-B799-6C4CFBD6E011}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{3F5F8523-D75B-4BF8-B6EF-DBC578CBE5C2}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{450CC484-C6F9-4142-898F-D51C9B52A5CC}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{48028E0F-C9F4-43FB-9596-2CB846E40C6C}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{49EA9816-0DE3-410D-BA0A-7E30AA0058C3}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{4B45143A-C72C-4439-AF5F-04DBD82D0E99}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{4E40139C-F8ED-4797-8B6C-4575B9824186}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{4E8969DF-1E5D-4FA1-A77F-4315DFB78654}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{55BA0C2D-CAEF-46AE-947F-184C70AA3D36}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{561CFCF9-4260-4224-96C9-3EF930CD4E62}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{597FC80B-E0AA-4D89-98CA-65850E2607C8}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{5A3B6FF1-9B7E-4A36-AA28-0AF8AF57BC8E}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{5BA8D937-C3C1-41A4-A56A-2D0A5D5F86A6}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{5BCBA07B-8918-4555-8CD5-130F87F769B7}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{5E5BE8FB-95AC-4F8D-AFFE-5FE0ABAC391B}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{610E3C24-5D11-4664-A05C-02344E5DBFBC}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{615B80CE-2901-44A0-A99D-7C03969650D4}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{61DA623C-5E0D-49FE-9EFA-08951969AB65}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{6325EA8C-7D1C-4D18-9C8F-E127D241DCFE}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{638ABBB0-F408-41AA-8EBD-945276869503}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{6A793AAE-B7E9-44E7-A6C5-A7F072E54088}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{6B0DFDB4-58DD-4213-AAC9-434F1FBC4922}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{6FD5ABF1-B337-4B9D-B0E4-22A537FD280E}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{6FDCB4BE-03CE-4576-8B38-03EDABB37900}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{709776D0-6008-4DEF-8BD2-F0E8711368BA}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{71852684-D277-448F-96CC-B25A4A0F1999}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{7431129F-315E-4F70-95F8-B3B964199728}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{7531217D-CEB5-4179-B648-127BAB69A780}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{75602372-811D-46ED-8D3D-AF6FD880C3BA}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{768AA210-59E9-4D90-B0AC-6EA7E6E4082D}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{7898E6F9-E52A-4AE8-8736-F512218CA84D}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{7A0D3892-99C0-4211-A195-E35AC244A5EC}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{7A292F21-2207-4FCC-9559-C84051F9C1D8}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{80EEE3C3-D013-4244-BC9C-5F55593EE7E9}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{847C160D-C783-43BE-9752-7F69BF3F06B8}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{85D30A1F-9934-43D3-B07C-DDA52DE5DB73}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{87643753-B121-4939-AAB0-9BB523E5E6A6}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{885F4718-DFC9-4CC2-B1AC-86EB198E91D4}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{8AEE1BDE-D581-4D2C-A945-C409D4EECB9A}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{8F664F1B-7D6E-41AD-B471-E5E0CE7AD660}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{90F6A9D4-B5D7-4DA1-B632-12229576132A}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{919CDDC9-86C3-429D-9CB9-D358A688DF93}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{91BF33CF-65DF-46D4-99F5-E70A7A272009}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{923D8A43-3479-4CE2-B33D-59F60ACCEFF7}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{92DCA01C-8909-41A7-AC78-C6C89B9EA112}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{9A867FBA-F3E8-43B1-B98C-D06B05981D91}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{9BE8A5E9-1D54-4625-9DBF-0F7744C4F4C4}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{9C1F904A-3516-4C39-8F4C-B68C61FAFCCD}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{A0BA7F3B-68AA-4779-B6B2-5B11D2913A32}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{A24A6867-9499-4B45-9ACE-97039806A30D}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{A3F737CE-68AF-4B63-8703-5986FC2BFC0C}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{A50F97F3-8626-4601-A91C-5AFB73E1A552}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{A7B3E111-D0E3-4855-92F7-18C360DE3B77}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{A83AA510-303D-4FAC-B8E4-CDFFC37FCE22}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{A89D76C5-1D00-4BF6-8089-C9CE1F267F22}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{A8DC018E-72FF-41A9-A4A4-1C322DCA7C64}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{A97990A2-6C4A-4890-8287-9A723DC8F14A}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{A99F9D7D-941E-4C60-B4FA-A1649CB739D8}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{AC5AD2C0-5CD3-4C73-AE29-0B9D3717D08D}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{AE707E67-8752-4F20-B1EC-7C7674375167}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{B0792787-5E4D-4378-9AF8-71062373AF6D}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{B2D41D5C-2366-4466-8A23-F4354E9CE918}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{B39FD7BC-2BB6-4C2B-96C6-4EAA15675752}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{B4124FDE-F2C8-4BEF-BB47-074AB3BF5902}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{B9673667-B49E-4219-ACD1-B1668B521045}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{BAE443F6-45B8-4373-9191-0996E4B86A4E}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{BB3E2574-5A28-4767-8D6A-7356FA8D732B}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{BB4FEF87-A179-4EE5-9B57-EE3385109589}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{BCAD270C-8E69-4DFC-8DE0-DE65501DAA77}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{BD99E9E2-CB37-49B4-9940-148A67E9BFBE}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{BE856E4C-7EC3-40EA-B8A0-5F3D1128C3CB}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{C04001C5-FA6C-4F39-AA95-B3FF7D9344DF}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{C1609B9B-3867-4140-A6F8-5858515F811B}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{C2CCADC0-2C85-4555-92BC-619358D2C1FE}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{C384D433-76E7-49D4-A67F-DD624AC8AB22}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{C41C318A-4416-4218-9985-7D94FB6F140E}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{C53ADBE9-A33A-44BD-B4D7-D53CFFF48D70}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{C58D3BB4-D645-4A5E-B542-7DC91A106FE8}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{C61F8463-F55D-40A5-81F4-D7AFFC64E3C0}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{C89DA20E-6A10-4437-B76F-6A551CB11D5D}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{CBC5DD30-C8EE-4B37-90D3-8A05C63169E8}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{CE11D5FB-CBD5-4053-919C-4298BC8FF308}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{CF6E727C-D17D-45C4-AF3F-A0DD41554AFA}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{D07896E9-36E2-430C-894D-B489EC9B36CE}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{D0A4DE7A-EAC5-4DB4-8684-67E20D5DF7B5}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{D1E8645C-D18F-4DDB-83C8-BB7D2D7547C8}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{D393361E-B0DB-4687-BEAA-EF89947D4D0F}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{D9DEF8A5-A679-43D9-8AA9-DABBB8DD6A89}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{DB4863A3-7367-48F2-A5D0-4A52CC0282B8}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{DC8EDD91-3226-4541-A879-3D4862E120EC}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{DD5E58E0-94E0-4530-8B1C-E8FFE47CB365}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{DF66D03B-90B2-4A8D-B00D-C6B8EF9F2451}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{DFA308CE-D135-4E0B-B748-99134D1D75F9}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{DFE297E7-5149-486C-A364-0919DBB02E84}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{E01D5A9E-3F49-4510-B72F-B4F6595B7493}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{E037B52A-960E-48BB-9F12-00DC86E04C23}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{E0A18679-A348-46B8-B539-9EDCAE8FF681}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{E0B67D1D-5E8B-4B14-9A4D-21B7902D2578}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{E0BBBAF0-F189-4F65-904F-931B936AD2A0}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{E11DF952-34E5-4112-AE40-A1E5FDCBE5A4}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{E174A01A-B5AA-447B-8FFA-D682CCE9F958}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{E36CD883-7A8B-4208-918C-F5935681F1F1}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{E37526B7-01AF-4930-8065-EA53008A29A7}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{E9726751-CED5-463D-9D59-36E118BA2647}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{EA8BE349-A304-495E-AC6C-9077ED948350}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{EC15456B-71A6-4C1B-BE4C-CBDB52780F75}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{EEBB8251-3822-491F-A658-409C4B6CC846}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{EF2485D6-110E-4452-BE68-3E5D6E188FBA}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{EF3F799C-0795-40C7-8696-34ACD2D51F6D}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{F300D17E-C04C-4607-816B-5EFF93689047}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{F5F48331-0A66-41EC-827A-02B6D68C421E}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{F7788C90-B946-4B5A-94D7-9D1E4EAAE2D7}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{FBF68FCA-D9AC-476F-9A35-01C8BD796D09}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{FC15EAB6-0E91-4EC5-86A0-ABDF009D7E4D}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{FD02FC2A-9977-4315-A9C4-A668D75BB6C7}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{FD60CC9D-8057-4075-B211-72D4EAE31142}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{FFA38153-F052-4E2F-B81E-631B57AC17F9}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{FFAC576E-5130-4221-9FE7-BA76A25107C3}
========== Ficheiros ==========
ELIMINÉ: c:\users\heloisa\appdata\roaming\mozilla\firefox\profiles\3mdxfmoj.default\searchplugins\visualbee-v1-customized-web-search.xml
ELIMINÉ: c:\program files (x86)\mozilla firefox\searchplugins\awesomehp.xml
ELIMINÉ: c:\users\heloisa\appdata\local\savesense\savesenseie.dll
ELIMINÉ: c:\programdata\microsoft\windows\start menu\programs\documentação de ajuda da dell.lnk
ELIMINÉ: c:\programdata\microsoft\windows\start menu\programs\mozilla firefox.lnk (http://www.awesomehp.com)
CRIADO: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
ELIMINÉ: c:\users\heloisa\appdata\roaming\microsoft\internet explorer\quick launch\google chrome.lnk (http://www.awesomehp.com)
CRIADO: C:\Users\Heloisa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
ELIMINÉ: c:\users\heloisa\appdata\roaming\microsoft\internet explorer\quick launch\launch internet explorer browser.lnk (http://www.awesomehp.com)
CRIADO: C:\Users\Heloisa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
ELIMINÉ: c:\users\heloisa\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\internet explorer.lnk (http://www.awesomehp.com)
CRIADO: C:\Users\Heloisa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
ELIMINÉ: c:\users\heloisa\appdata\roaming\microsoft\windows\start menu\programs\internet explorer.lnk (http://www.awesomehp.com)
CRIADO: C:\Users\Heloisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
ELIMINÉ: c:\users\heloisa\appdata\roaming\microsoft\windows\start menu\programs\accessories\system tools\internet explorer (no add-ons).lnk (http://www.awesomehp.com)
CRIADO: C:\Users\Heloisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
ELIMINÉ: c:\users\heloisa\desktop\mozilla firefox.lnk (http://www.awesomehp.com)
CRIADO: C:\Users\Heloisa\Desktop\Mozilla Firefox.lnk
ELIMINÉ: c:\windows\tasks\savesense.job
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINÉ: C:\Users\Heloisa\AppData\LocalLow\SkwConfig.bin
ELIMINÉ Temporários windows (266) (167.479.500 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Tarefa planificada ==========
ELIMINÉ: SaveSense
ELIMINÉ: {05B7ED1E-5E46-4D00-AC07-1C1228ED11F1}
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
4 : Processo memória
1 : Modulos memória
21 : Chaves do Registo
17 : Valores do Registo
3 : Elementos dos dados do Registo
144 : Pastas
25 : Ficheiros
3 : Estado dos serviços
2 : Tarefa planificada
1 : Restauração Sistema
End of clean in 01mn 07s
========== Caminho do ficheiro do relatório ==========
C:\Users\Heloisa\AppData\Roaming\ZHP\ZHPFix[R1].txt - 04/02/2014 12:26:57 [17746]
Fichier d'export Registre :
Run by Heloisa at 04/02/2014 12:26:53
High Elevated Privileges : OK
Windows 7 Home Basic Edition, 64-bit Service Pack 1 (Build 7601)
Reciclagem vazia (00mn 04s)
Reparação de atalhos do navegador
========== Processo memória ==========
ELIMINÉ: Memory Process: C:\Users\Heloisa\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe
ELIMINÉ: Memory Process: C:\Users\Heloisa\AppData\Local\Temp\SHSetup.exe
ELIMINÉ: Memory Process: C:\Users\Heloisa\AppData\Local\Temp\WSSetup.exe
ELIMINÉ: Memory Process: C:\Users\Heloisa\Downloads\SaveAs.exe
========== Modulos memória ==========
ELIMINÉ: Memory Module: C:\ProgramData\FileSplitUpLoad.dll
========== Estado dos serviços ==========
BFILTER Parado
BFMON Parado
BPROTECT Parado
========== Chaves do Registo ==========
ELIMINÉ: CLSID BHO: {71e129ff-6c2a-4984-818c-7e2c998b8d99}
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bprotect
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKCU\Software\UpdaterEX
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\baidu
ELIMINÉ: HKLM\Software\Wow6432Node\supTab
ELIMINÉ: HKLM\Software\Wow6432Node\supWPM
ELIMINÉ:* StartupReg: FreeFallProtection
ELIMINÉ: SearchScopes :{49606DC7-976D-4030-A74E-9FB5C842FA68}
ELIMINÉ: [HKLM\Software\Classes\Installer\Products\\BD17006DC954C56429FE33E6561F4A63]
ELIMINÉ: [HKLM\Software\Classes\Installer\Features\BD17006DC954C56429FE33E6561F4A63]
ELIMINÉ: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
ELIMINÉ: HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32
ELIMINÉ:* HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
ELIMINÉ:* HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dealply
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus
========== Valores do Registo ==========
ELIMINÉ: Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0}
ELIMINÉ RunValue: SpywareTerminatorShield
ELIMINÉ RunValue: SpywareTerminatorUpdater
ELIMINÉ MWPS Value: EnableLUA
ELIMINÉ MWPS Value: EnableUIADesktopToggle
ELIMINÉ MWPS Value: FilterAdministratorToken
ELIMINÉ MWPE Value: NoActiveDesktopChanges
ELIMINÉ: {3C51A7FB-2BAE-4042-A77E-13C4F3DCC5AB}
ELIMINÉ: {74ECF6C2-C47A-40C6-B0D8-CEFFB4256C70}
ELIMINÉ: {A9EEE9C8-9463-46EE-904B-0F5EA20A6977}
ELIMINÉ: {122514F5-5064-4E36-A1FB-9A7D42313CDF}
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
========== Elementos dos dados do Registo ==========
SUBSTITUI Value NoActiveDesktopChanges : Good (0) - Bad (1)
SUBSTITUI Value EnableLUA : Good (1) - Bad (0)
ELIMINÉ: R1 Search Page =
========== Pastas ==========
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{014F65D2-1EDD-4B93-A433-90DB3EC27F82}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{0630D4B2-021F-4AF0-8D3D-75B6CB7174D7}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{09C4AB21-7A8A-416D-BB5E-82D38DA03B93}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{0E034A2B-CF73-4534-8E89-F7C614ED5083}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{106F9D40-47F0-4124-B1DA-863F0DF1FECF}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{148F851A-33CC-4123-900D-6686D58E3171}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{15ABC4D4-5468-43DA-BBF0-6705DC143461}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{163FC4D9-05C5-49FF-BF84-951687447F46}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{17280F42-BEF0-463D-B7A2-0C3DB8F014C4}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{1746C383-81E4-4CA1-BA67-17DD56A14BA5}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{1B1DA5DD-6A90-41AC-84E2-AC0CFBAADDC5}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{22732DD1-721F-424E-A8EB-A1AE78B2CC2B}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{2AAC1F09-8E2C-4EC1-8D57-30B1EE8BE5E4}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{2C7DBD3E-0E1B-4F30-B418-CC34B5ED753B}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{2F7D0775-967B-4D4B-A55F-77789516AC36}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{2FCF3DAE-2155-4734-8B13-0448ADED7F98}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{30599825-129F-42AE-91BC-416B037F39F1}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{31ECB513-F923-4C71-977D-7996FA5835E5}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{33C4DB36-D68F-4714-B187-9E94772A353B}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{34392C96-C7A8-4D6F-8B96-3AB4EFA59B5D}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{356EA1F6-AE0F-4C58-8B0A-5079184D33CC}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{35A64357-7766-44C0-9B3D-CD57356606CD}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{377142C0-B57B-43B0-A21A-C21F7757C2D9}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{390DC587-822C-449D-9FD6-3494D81033D8}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{3B0C232A-1788-49B3-B7E7-850A8525E9C8}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{3C2F262E-224D-41D9-8A09-8D3618CE9BB1}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{3F559C52-D5CD-4484-B799-6C4CFBD6E011}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{3F5F8523-D75B-4BF8-B6EF-DBC578CBE5C2}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{450CC484-C6F9-4142-898F-D51C9B52A5CC}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{48028E0F-C9F4-43FB-9596-2CB846E40C6C}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{49EA9816-0DE3-410D-BA0A-7E30AA0058C3}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{4B45143A-C72C-4439-AF5F-04DBD82D0E99}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{4E40139C-F8ED-4797-8B6C-4575B9824186}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{4E8969DF-1E5D-4FA1-A77F-4315DFB78654}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{55BA0C2D-CAEF-46AE-947F-184C70AA3D36}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{561CFCF9-4260-4224-96C9-3EF930CD4E62}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{597FC80B-E0AA-4D89-98CA-65850E2607C8}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{5A3B6FF1-9B7E-4A36-AA28-0AF8AF57BC8E}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{5BA8D937-C3C1-41A4-A56A-2D0A5D5F86A6}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{5BCBA07B-8918-4555-8CD5-130F87F769B7}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{5E5BE8FB-95AC-4F8D-AFFE-5FE0ABAC391B}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{610E3C24-5D11-4664-A05C-02344E5DBFBC}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{615B80CE-2901-44A0-A99D-7C03969650D4}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{61DA623C-5E0D-49FE-9EFA-08951969AB65}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{6325EA8C-7D1C-4D18-9C8F-E127D241DCFE}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{638ABBB0-F408-41AA-8EBD-945276869503}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{6A793AAE-B7E9-44E7-A6C5-A7F072E54088}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{6B0DFDB4-58DD-4213-AAC9-434F1FBC4922}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{6FD5ABF1-B337-4B9D-B0E4-22A537FD280E}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{6FDCB4BE-03CE-4576-8B38-03EDABB37900}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{709776D0-6008-4DEF-8BD2-F0E8711368BA}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{71852684-D277-448F-96CC-B25A4A0F1999}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{7431129F-315E-4F70-95F8-B3B964199728}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{7531217D-CEB5-4179-B648-127BAB69A780}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{75602372-811D-46ED-8D3D-AF6FD880C3BA}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{768AA210-59E9-4D90-B0AC-6EA7E6E4082D}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{7898E6F9-E52A-4AE8-8736-F512218CA84D}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{7A0D3892-99C0-4211-A195-E35AC244A5EC}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{7A292F21-2207-4FCC-9559-C84051F9C1D8}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{80EEE3C3-D013-4244-BC9C-5F55593EE7E9}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{847C160D-C783-43BE-9752-7F69BF3F06B8}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{85D30A1F-9934-43D3-B07C-DDA52DE5DB73}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{87643753-B121-4939-AAB0-9BB523E5E6A6}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{885F4718-DFC9-4CC2-B1AC-86EB198E91D4}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{8AEE1BDE-D581-4D2C-A945-C409D4EECB9A}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{8F664F1B-7D6E-41AD-B471-E5E0CE7AD660}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{90F6A9D4-B5D7-4DA1-B632-12229576132A}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{919CDDC9-86C3-429D-9CB9-D358A688DF93}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{91BF33CF-65DF-46D4-99F5-E70A7A272009}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{923D8A43-3479-4CE2-B33D-59F60ACCEFF7}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{92DCA01C-8909-41A7-AC78-C6C89B9EA112}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{9A867FBA-F3E8-43B1-B98C-D06B05981D91}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{9BE8A5E9-1D54-4625-9DBF-0F7744C4F4C4}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{9C1F904A-3516-4C39-8F4C-B68C61FAFCCD}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{A0BA7F3B-68AA-4779-B6B2-5B11D2913A32}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{A24A6867-9499-4B45-9ACE-97039806A30D}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{A3F737CE-68AF-4B63-8703-5986FC2BFC0C}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{A50F97F3-8626-4601-A91C-5AFB73E1A552}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{A7B3E111-D0E3-4855-92F7-18C360DE3B77}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{A83AA510-303D-4FAC-B8E4-CDFFC37FCE22}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{A89D76C5-1D00-4BF6-8089-C9CE1F267F22}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{A8DC018E-72FF-41A9-A4A4-1C322DCA7C64}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{A97990A2-6C4A-4890-8287-9A723DC8F14A}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{A99F9D7D-941E-4C60-B4FA-A1649CB739D8}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{AC5AD2C0-5CD3-4C73-AE29-0B9D3717D08D}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{AE707E67-8752-4F20-B1EC-7C7674375167}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{B0792787-5E4D-4378-9AF8-71062373AF6D}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{B2D41D5C-2366-4466-8A23-F4354E9CE918}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{B39FD7BC-2BB6-4C2B-96C6-4EAA15675752}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{B4124FDE-F2C8-4BEF-BB47-074AB3BF5902}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{B9673667-B49E-4219-ACD1-B1668B521045}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{BAE443F6-45B8-4373-9191-0996E4B86A4E}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{BB3E2574-5A28-4767-8D6A-7356FA8D732B}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{BB4FEF87-A179-4EE5-9B57-EE3385109589}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{BCAD270C-8E69-4DFC-8DE0-DE65501DAA77}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{BD99E9E2-CB37-49B4-9940-148A67E9BFBE}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{BE856E4C-7EC3-40EA-B8A0-5F3D1128C3CB}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{C04001C5-FA6C-4F39-AA95-B3FF7D9344DF}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{C1609B9B-3867-4140-A6F8-5858515F811B}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{C2CCADC0-2C85-4555-92BC-619358D2C1FE}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{C384D433-76E7-49D4-A67F-DD624AC8AB22}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{C41C318A-4416-4218-9985-7D94FB6F140E}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{C53ADBE9-A33A-44BD-B4D7-D53CFFF48D70}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{C58D3BB4-D645-4A5E-B542-7DC91A106FE8}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{C61F8463-F55D-40A5-81F4-D7AFFC64E3C0}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{C89DA20E-6A10-4437-B76F-6A551CB11D5D}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{CBC5DD30-C8EE-4B37-90D3-8A05C63169E8}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{CE11D5FB-CBD5-4053-919C-4298BC8FF308}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{CF6E727C-D17D-45C4-AF3F-A0DD41554AFA}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{D07896E9-36E2-430C-894D-B489EC9B36CE}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{D0A4DE7A-EAC5-4DB4-8684-67E20D5DF7B5}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{D1E8645C-D18F-4DDB-83C8-BB7D2D7547C8}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{D393361E-B0DB-4687-BEAA-EF89947D4D0F}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{D9DEF8A5-A679-43D9-8AA9-DABBB8DD6A89}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{DB4863A3-7367-48F2-A5D0-4A52CC0282B8}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{DC8EDD91-3226-4541-A879-3D4862E120EC}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{DD5E58E0-94E0-4530-8B1C-E8FFE47CB365}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{DF66D03B-90B2-4A8D-B00D-C6B8EF9F2451}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{DFA308CE-D135-4E0B-B748-99134D1D75F9}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{DFE297E7-5149-486C-A364-0919DBB02E84}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{E01D5A9E-3F49-4510-B72F-B4F6595B7493}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{E037B52A-960E-48BB-9F12-00DC86E04C23}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{E0A18679-A348-46B8-B539-9EDCAE8FF681}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{E0B67D1D-5E8B-4B14-9A4D-21B7902D2578}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{E0BBBAF0-F189-4F65-904F-931B936AD2A0}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{E11DF952-34E5-4112-AE40-A1E5FDCBE5A4}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{E174A01A-B5AA-447B-8FFA-D682CCE9F958}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{E36CD883-7A8B-4208-918C-F5935681F1F1}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{E37526B7-01AF-4930-8065-EA53008A29A7}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{E9726751-CED5-463D-9D59-36E118BA2647}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{EA8BE349-A304-495E-AC6C-9077ED948350}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{EC15456B-71A6-4C1B-BE4C-CBDB52780F75}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{EEBB8251-3822-491F-A658-409C4B6CC846}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{EF2485D6-110E-4452-BE68-3E5D6E188FBA}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{EF3F799C-0795-40C7-8696-34ACD2D51F6D}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{F300D17E-C04C-4607-816B-5EFF93689047}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{F5F48331-0A66-41EC-827A-02B6D68C421E}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{F7788C90-B946-4B5A-94D7-9D1E4EAAE2D7}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{FBF68FCA-D9AC-476F-9A35-01C8BD796D09}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{FC15EAB6-0E91-4EC5-86A0-ABDF009D7E4D}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{FD02FC2A-9977-4315-A9C4-A668D75BB6C7}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{FD60CC9D-8057-4075-B211-72D4EAE31142}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{FFA38153-F052-4E2F-B81E-631B57AC17F9}
ELIMINÉ: C:\Users\Heloisa\AppData\Local\{FFAC576E-5130-4221-9FE7-BA76A25107C3}
========== Ficheiros ==========
ELIMINÉ: c:\users\heloisa\appdata\roaming\mozilla\firefox\profiles\3mdxfmoj.default\searchplugins\visualbee-v1-customized-web-search.xml
ELIMINÉ: c:\program files (x86)\mozilla firefox\searchplugins\awesomehp.xml
ELIMINÉ: c:\users\heloisa\appdata\local\savesense\savesenseie.dll
ELIMINÉ: c:\programdata\microsoft\windows\start menu\programs\documentação de ajuda da dell.lnk
ELIMINÉ: c:\programdata\microsoft\windows\start menu\programs\mozilla firefox.lnk (http://www.awesomehp.com)
CRIADO: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
ELIMINÉ: c:\users\heloisa\appdata\roaming\microsoft\internet explorer\quick launch\google chrome.lnk (http://www.awesomehp.com)
CRIADO: C:\Users\Heloisa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
ELIMINÉ: c:\users\heloisa\appdata\roaming\microsoft\internet explorer\quick launch\launch internet explorer browser.lnk (http://www.awesomehp.com)
CRIADO: C:\Users\Heloisa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
ELIMINÉ: c:\users\heloisa\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\internet explorer.lnk (http://www.awesomehp.com)
CRIADO: C:\Users\Heloisa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
ELIMINÉ: c:\users\heloisa\appdata\roaming\microsoft\windows\start menu\programs\internet explorer.lnk (http://www.awesomehp.com)
CRIADO: C:\Users\Heloisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
ELIMINÉ: c:\users\heloisa\appdata\roaming\microsoft\windows\start menu\programs\accessories\system tools\internet explorer (no add-ons).lnk (http://www.awesomehp.com)
CRIADO: C:\Users\Heloisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
ELIMINÉ: c:\users\heloisa\desktop\mozilla firefox.lnk (http://www.awesomehp.com)
CRIADO: C:\Users\Heloisa\Desktop\Mozilla Firefox.lnk
ELIMINÉ: c:\windows\tasks\savesense.job
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINÉ: C:\Users\Heloisa\AppData\LocalLow\SkwConfig.bin
ELIMINÉ Temporários windows (266) (167.479.500 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Tarefa planificada ==========
ELIMINÉ: SaveSense
ELIMINÉ: {05B7ED1E-5E46-4D00-AC07-1C1228ED11F1}
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
4 : Processo memória
1 : Modulos memória
21 : Chaves do Registo
17 : Valores do Registo
3 : Elementos dos dados do Registo
144 : Pastas
25 : Ficheiros
3 : Estado dos serviços
2 : Tarefa planificada
1 : Restauração Sistema
End of clean in 01mn 07s
========== Caminho do ficheiro do relatório ==========
C:\Users\Heloisa\AppData\Roaming\ZHP\ZHPFix[R1].txt - 04/02/2014 12:26:57 [17746]
aloisio- Iniciante
- Mensagens : 33
Reputação : 0
Data de inscrição : 03/02/2014
Re: (RESOLVIDO) como remover o awesomehp ?????
por Power Max Ter 04 Fev 2014, 12:30
Vários problemas foram eliminados. Como está o PC depois desta limpeza?
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: (RESOLVIDO) como remover o awesomehp ?????
por aloisio Ter 04 Fev 2014, 13:09
o problema foi eliminado . muito obrigado pela atenção .
abraços.
abraços.
aloisio- Iniciante
- Mensagens : 33
Reputação : 0
Data de inscrição : 03/02/2014
Re: (RESOLVIDO) como remover o awesomehp ?????
por Power Max Ter 04 Fev 2014, 13:25
Fico feliz que o problema tenha sido resolvido.Só para finalizar faça estes últimos procedimentos, por gentileza:
Abra o Ccleaner que você já tem instalado em seu PC > clique no botão Limpeza > clique na opção Executar Limpeza. Isto é demonstrado na imagem abaixo:[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Confirme a operação acima clicando no botão OK. Aguarde a conclusão do procedimento.
Depois disto, clique no botão botão Registro > Procurar Erros > Corrigir erro(s) selecionado(s) > neste momento você poderá optar por fazer uma cópia das alterações que serão feitas no registro (por motivos de segurança), escolha a opção que desejar (sim ou não) > e confirme a limpeza clicando no botão Corrigir todos os erros selecionados > clique no botão Fechar (ou OK):
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
__________________________________________________________________________________________________________________ Depois disto siga também as dicas deste tutorial abaixo:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________
Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Xplode) e salve no Desktop (Área de Trabalho)*Depois disto é só executá-lo, deixar selecionadas as opções Remove disinfection tools e Purge system restore
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Clique em [Run]
Depois de executar o Delfix conforme descrito acima, é só deletar o DelFix e o arquivo C:\DelFix.txt
_______________________________________________________________________________________________________________________
Foi um prazer ajudar. Conte sempre conosco!
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: (RESOLVIDO) como remover o awesomehp ?????
por Power Max Qui 06 Fev 2014, 09:57
CASO RESOLVIDO
Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Página 1 de 1
Permissões neste sub-fórum
Não podes responder a tópicos|
|
|