Retirar o Awesomewhp do navegador

por Rosane Mira Qua 12 Fev 2014, 21:14

Olá, preciso de ajuda, não consigo excluir o awesomehp do IE e Goggle Crohme, o que faço???

por **Power Max** Qua 12 Fev 2014, 21:19

navegador - Retirar o Awesomewhp do navegador 648673379

Oi Rosane. Seja bem vinda ao Fórum PC Brasil.

navegador - Retirar o Awesomewhp do navegador 772309

Faça o download do [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].

*Execute-o e clique no botão Main Menu.

* Na próxima tela que surgirá clique em [Do a system scan and save a logfile].

*Um relatório será apresentado.

*Selecione todo o conteúdo deste relatório e copie (Ctrl+c).

Depois disso é só voltar aqui no fórum e postar este log do Hijackthis para que ele possa ser analisado.

Ficamos no aguardo de sua resposta.

por Rosane Mira Qua 12 Fev 2014, 21:26

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:22:59, on 12/02/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Windows\syswow64\wwahost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\FABIANO ARISTEU\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5

por **Power Max** Qua 12 Fev 2014, 21:30

O relatório está incompleto. Copie ele todo, por gentileza, e poste em sua próxima resposta.

por Rosane Mira Qua 12 Fev 2014, 21:42

Copiei tudo...

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:41:09, on 12/02/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Windows\syswow64\wwahost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\FABIANO ARISTEU\Downloads\HijackThis (1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5

por **Power Max** Qua 12 Fev 2014, 21:50

Ele continua incompleto.

Feche o Hijackthis, abra ele novamente e refaça o procedimento que te passei e depois poste o relatório completo dele.

por Rosane Mira Qua 12 Fev 2014, 21:56

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:55:24, on 12/02/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Windows\syswow64\wwahost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\FABIANO ARISTEU\Downloads\HijackThis (3).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5

por Rosane Mira Qua 12 Fev 2014, 21:58

copio tudo mas não está colando tudoLogfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:55:24, on 12/02/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Windows\syswow64\wwahost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\FABIANO ARISTEU\Downloads\HijackThis (3).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5

por **Power Max** Qua 12 Fev 2014, 22:04

|- Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.

|- Execute o ícone do pergaminho. ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

por Rosane Mira Qua 12 Fev 2014, 22:25

~ Relatório do ZHPDiag v2014.2.10.5 - Nicolas Coolman (10/02/2014)
~ Iniciado por FABIANO ARISTEU (12/02/2014 22:07:57)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user

---\\ Navegadores Internet
MSIE: Internet Explorer v10.0.9200.16750 (Defaut)
GCIE: Google Chrome v32.0.1700.102

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8 Single Language, 64-bit (Build 9200)
Windows Server License Manager Script : OK

---\\ Softwares de proteçao do sistema
AVG 2013 v13.0.3222
Windows Defender W8

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Reader XI - Português

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1861 MB (37% free)
System Restore: Activé (Enable)
System drive C: has 388 GB (87%) free of 446 GB

---\\ Modo de conexão ao sistema
~ Computer Name: FABIANO
~ User Name: FABIANO ARISTEU
~ All Users Names: Zane, FABIANO ARISTEU, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\FABIANO ARISTEU\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\FABIANO ARISTEU\AppData\Roaming\
~ %Desktop% : C:\Users\FABIANO ARISTEU\Desktop\
~ %Favorites% : C:\Users\FABIANO ARISTEU\Favorites\
~ %LocalAppData% : C:\Users\FABIANO ARISTEU\AppData\Local\
~ %StartMenu% : C:\Users\FABIANO ARISTEU\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 388 Go of 446 Go)
D: CD-ROM drive (Not Inserted)

---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s

---\\ Pesquisa particular de ficheiros genéricos
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Windows Explorer.) (.01/06/2013 - 08:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.26/07/2012 - 00:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.E7099336BF7531B6FCC920DCB5101259] - (.Microsoft Corporation - Internet Extensions para Win32.) (.25/10/2013 - 03:19:22.) -- C:\Windows\System32\wininet.dll [2241536]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.11/10/2012 - 02:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.26/07/2012 - 00:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.7C0E0EDF18D6CC565D7BFBB451709FA5] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.04/09/2013 - 00:11:23.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 02:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.25/07/2012 - 23:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.25/07/2012 - 23:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.25/07/2012 - 23:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 03:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Driver de porta i8042.) (.25/07/2012 - 23:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.25/07/2012 - 23:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.05/02/2013 - 19:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.25/07/2012 - 23:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.76929F4A69E425911A63B407E26C2589] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.02/02/2013 - 07:54:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1933544]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Driver de porta paralela.) (.25/07/2012 - 23:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.25/07/2012 - 23:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.25/07/2012 - 23:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 02:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.01/06/2013 - 08:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936]
~ Generic Processes: Scanned in 00mn 01s

---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/1126
~ Mes musiques (My Musics) : 3/610
~ Mes Videos (My Videos) : 1/36
~ Mes Favoris (My Favorites) : 1/5
~ Mes Documents (My Documents) : 1/2415
~ Mon Bureau (My Desktop) : 1/9
~ Menu demarrer (Programs) : 1/31
~ Hidden Files: Scanned in 00mn 10s

---\\ Processos lançados
[MD5.746D5A686D60B5FF19220D64F43DD21E] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe [1176688] [PID.3160]
[MD5.68B4E27EF0698FBDDD58753756C7EE6E] - (.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533568] [PID.4980]
[MD5.224F6B374852153C8C24BED141AE3A20] - (...) -- ysWOW64\rundll32.exe [0] [PID.5100]
[MD5.7AE4D6C70C2D7912AB2B4651DF595575] - (.CyberLink - MediaEspresso DeviceDetector.) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [990320] [PID.3520]
[MD5.60A3399135BEFC6F4BADBD6C13A4AC24] - (.Microsoft Corporation - Host WWA Microsoft.) -- C:\Windows\syswow64\wwahost.exe [333824] [PID.4940]
[MD5.9B593137FBCC7C1E5D0E4A422749D9A5] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [866584] [PID.4428]
[MD5.C5AC2D90D39224C7D84DD7E9B783BE31] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8333824] [PID.2668]
~ Processes Running: Scanned in 00mn 00s

---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\FABIANO ARISTEU\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [aaaaojmikegpiepcfdkkjaplodkpfmlo] Ask Toolbar v.7.15.23.42079 (Désactivé) =>Toolbar.Ask
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [bfcpnihmbfoaeoakalclfalkdepgiaje] SpecialSavings v.3.0.0.0 (Désactivé) =>PUP.SpecialSavings
G2 - GCE: Preference [User Data\Default] [dgjkhjdcljddbedokogakmmdjgnbeanf] Speed Analysis 2 v.3.0.0.0 (Désactivé) =>PUP.SpeedAnalysis
G2 - GCE: Preference [User Data\Default] [doobfiogmfmpjnoofjhhgjehmlofngfp] Meta Tab v.9.4.13 (Désactivé)
G2 - GCE: Preference [User Data\Default] [jplebhokgbenjckonibljahhnnjjnfgj] TXTFIeleesCoonvert v.3.1 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
~ Google Browser: 17 Legitimates Filtered in 00mn 01s

---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\FABIANO ARISTEU\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\prefs.js
C:\Users\FABIANO ARISTEU\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\user.js
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/abn] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\FABIANO ARISTEU\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\FABIANO ARISTEU\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll
~ Firefox Browser: 5 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
R3 - URLSearchHook: (no name) [64Bits] - {D8278076-BC68-4484-9233-6E7F1628B56C} . (.GAS Tecnologia - Internet Banking Helper.) (No version) -- (.not file.)
~ IE Browser: 22 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20

---\\ Browser Helper Objects do navegador (02)
O2 - BHO: SaveSense [64Bits] - {71e129ff-6c2a-4984-818c-7e2c998b8d99} . (.SaveSense - SaveSense for IE.) -- C:\Users\FABIANO ARISTEU\AppData\Local\SaveSense\SaveSenseIE.dll =>PUP.SaveSense
O2 - BHO: G-Buster Browser Defense [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbieh.dll
O2 - BHO: G-Buster Browser Defense Banco Real [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540007} . (.Banco Real - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbiehabn.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540008} . (.Banco Itaú Unibanco - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbiehuni.dll
~ BHO: 12 Legitimates Filtered in 00mn 00s

---\\ Barras do Internet Explorer (03))
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{724D43A0-0D85-11D4-9908-00400523E39A} Chave orfã
~ Toolbar: Scanned in 00mn 00s

---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Acer Backup Manager.lnk . (.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Help and Support.lnk - Chave orfã
O4 - GS\Desktop [Public]: LG PC Suite.Lnk . (...) -- C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe
O4 - GS\Desktop [Public]: Netflix.lnk . (...) -- C:\ProgramData\OEM_E471269A730D\Netflix\StartURL.exe
O4 - GS\Program [Public]: Desktop.lnk - Chave orfã
O4 - GS\QuickLaunch [Zane]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Zane]: Hao123.lnk . (...) -- C:\Users\FABIANO ARISTEU\AppData\Roaming\baidu\hao123-br\hao123.1.0.0.1108.exe (.not file.) =>Adware.BDSearch
O4 - GS\QuickLaunch [Zane]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Zane]: Amazon Weblink.lnk . (...) -- C:\Program Files (x86)\Amazon Weblink\AmazonWW.exe (.not file.)
O4 - GS\TaskBar [Zane]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Zane]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [Zane]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Zane]: Hao123.lnk . (...) -- C:\Users\FABIANO ARISTEU\AppData\Roaming\baidu\hao123-br\hao123.1.0.0.1108.exe (.not file.) =>Adware.BDSearch
O4 - GS\QuickLaunch [FABIANO ARISTEU]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
O4 - GS\QuickLaunch [FABIANO ARISTEU]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
O4 - GS\TaskBar [FABIANO ARISTEU]: Amazon Weblink.lnk . (...) -- C:\Program Files (x86)\Amazon Weblink\AmazonWW.exe (.not file.)
O4 - GS\TaskBar [FABIANO ARISTEU]: Docs.lnk . (...) -- C:\Program Files (x86)\Acer\AcerCloud Docs\AcerCloud Docs.exe
O4 - GS\TaskBar [FABIANO ARISTEU]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
O4 - GS\Program [FABIANO ARISTEU]: Imagens Públicas.lnk . (...) -- C:\Users\Public\Pictures
O4 - GS\Program [FABIANO ARISTEU]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
O4 - GS\Desktop [FABIANO ARISTEU]: LIVROS.lnk . (...) -- C:\Users\FABIANO ARISTEU\Documents\LIVROS
O4 - GS\Desktop [FABIANO ARISTEU]: Músicas.lnk . (...) -- C:\Users\FABIANO ARISTEU\AppData\Roaming\Microsoft\Windows\Libraries\Music.library-ms
O4 - GS\Desktop [FABIANO ARISTEU]: Sivolks.LNK . (.Rocket Software, Inc. - BlueZone Session Manager.) -- C:\Users\FABIANO ARISTEU\AppData\Local\Temp\BlueZone\bzsm.exe
O4 - GS\Desktop [FABIANO ARISTEU]: Video Downloader.lnk . (...) -- C:\Program Files (x86)\vGrabber-software\VideoDownloader.exe =>PUP.vGrabber
~ Global Startup: 65 Legitimates Filtered in 00mn 03s

---\\ Aplicações iniciadas por registo & pastas (04)
O4 - GS\Startup [Public]: Acer Backup Manager Tray.lnk . (.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O4 - GS\Startup [FABIANO ARISTEU]: PC App Store Uninstall 3.16.3.4537.lnk . (.Baidu Inc. - PC Faster Install Utility.) -- C:\Users\FABIANO ARISTEU\AppData\Roaming\Baidu Security\PC App Store\3.16.3.4537\Uninstall\PC App Store Uninstall\0\InstallUtility.dll =>Adware.BDSearch
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKCU\..\Run: [Spotify Web Helper] . (...) -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
O4 - HKCU\..\Run: [LiveSupport] C:\Program Files (x86)\LiveSupport\LiveSupport.exe (.not file.)
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\FABIANO ARISTEU\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] . (.Microsoft Corporation - Processador de comandos do Windows.) -- C:\Windows\system32\cmd.exe
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\FABIANO ARISTEU\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112] . (.Microsoft Corporation - Processador de comandos do Windows.) -- C:\Windows\system32\cmd.exe
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\FABIANO ARISTEU\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] . (.Microsoft Corporation - Processador de comandos do Windows.) -- C:\Windows\system32\cmd.exe
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\FABIANO ARISTEU\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811] . (.Microsoft Corporation - Processador de comandos do Windows.) -- C:\Windows\system32\cmd.exe
O4 - HKLM\..\Wow6432Node\Run: [DivXMediaServer] . (.DivX, LLC - DivX DLNA Media Server.) -- C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Wow6432Node\Run: [fst_br_55] Chave orfã
O4 - HKLM\..\Wow6432Node\Run: [fst_br_27] Chave orfã
O4 - HKLM\..\Wow6432Node\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe (.not file.) =>PUP.Mobogenie
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Windows® installer.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Windows® installer.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Windows® installer.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Windows® installer.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-21-162521791-1135024494-3347415711-1001\..\Run: [Spotify Web Helper] . (...) -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
O4 - HKUS\S-1-5-21-162521791-1135024494-3347415711-1001\..\Run: [LiveSupport] C:\Program Files (x86)\LiveSupport\LiveSupport.exe (.not file.)
O4 - HKUS\S-1-5-21-162521791-1135024494-3347415711-1001\..\RunOnce: [Uninstall C:\Users\FABIANO ARISTEU\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] . (.Microsoft Corporation - Processador de comandos do Windows.) -- C:\Windows\system32\cmd.exe
O4 - HKUS\S-1-5-21-162521791-1135024494-3347415711-1001\..\RunOnce: [Uninstall C:\Users\FABIANO ARISTEU\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112] . (.Microsoft Corporation - Processador de comandos do Windows.) -- C:\Windows\system32\cmd.exe
O4 - HKUS\S-1-5-21-162521791-1135024494-3347415711-1001\..\RunOnce: [Uninstall C:\Users\FABIANO ARISTEU\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] . (.Microsoft Corporation - Processador de comandos do Windows.) -- C:\Windows\system32\cmd.exe
O4 - HKUS\S-1-5-21-162521791-1135024494-3347415711-1001\..\RunOnce: [Uninstall C:\Users\FABIANO ARISTEU\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811] . (.Microsoft Corporation - Processador de comandos do Windows.) -- C:\Windows\system32\cmd.exe
~ Application: Scanned in 00mn 00s

---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.santander.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.santanderempresarial.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.santandernet.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.santandernetibe.com.br
~ IE Zone Confiance: Scanned in 00mn 00s

---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3CFA5362-859D-4194-969D-2362297244A8}: DhcpNameServer = 189.7.8.39 189.7.8.34
O17 - HKLM\System\CCS\Services\Tcpip\..\{E3A9058A-A64F-4EC1-9DCF-D0E4C7EC163E}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CS1\Services\Tcpip\..\{3CFA5362-859D-4194-969D-2362297244A8}: DhcpNameServer = 189.7.8.39 189.7.8.34
O17 - HKLM\System\CS1\Services\Tcpip\..\{E3A9058A-A64F-4EC1-9DCF-D0E4C7EC163E}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 189.7.8.39 189.7.8.34
~ Domain: Scanned in 00mn 00s

---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s

---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Optimizer Pro Crash Monitor (70e6ca8c) . (...) - C:\Program Files (x86)\optimi~1\OptProCrashSvc.dll (.not file.) =>PUP.OptimizerPro
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
O23 - Service: SaveSenseLive Service (savesenselive) (savesenselive) . (.SaveSense - SaveSenseLive Update.) - C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe =>PUP.SaveSense
O23 - Service: ZAtheros Wlan Agent (ZAtheros Wlan Agent) . (.Atheros - Atheros Coex Service Application.) - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
~ Services: 14 Legitimates Filtered in 00mn 03s

---\\ Tarefas planificadas automaticamente (039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\APSnotifierCA.job [378]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Digital Sites.job [334]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SaveSense.job [334] =>Hijacker.iHaveNet
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job [962] =>PUP.SaveSense
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job [966] =>PUP.SaveSense
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SpeedUpMyPC Maintenance.job [314] =>Rogue.SpeedUpMyPC
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SpeedUpMyPC Startup.job [308] =>Rogue.SpeedUpMyPC
[MD5.00000000000000000000000000000000] [APT] [APSnotifierCA] (...) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Digital Sites] (...) -- C:\Users\FABIANO ARISTEU\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Run RoboForm TaskBar Icon] (...) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [SaveSense] (...) -- C:\Users\FABIANO ARISTEU\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>PUP.SaveSense
[MD5.C495D8665A32539660625182D23D5C59] [APT] [SaveSenseLiveUpdateTaskMachineCore] (.SaveSense.) -- C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [146920] =>PUP.SaveSense
[MD5.C495D8665A32539660625182D23D5C59] [APT] [SaveSenseLiveUpdateTaskMachineUA] (.SaveSense.) -- C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [146920] =>PUP.SaveSense
[MD5.00000000000000000000000000000000] [APT] [SomotoUpdateCheckerAutoStart] (...) -- C:\Users\FABIANO ARISTEU\AppData\Local\FilesFrog Update Checker\update_checker.exe (.not file.) [0] =>Adware.MegaSearch
[MD5.00000000000000000000000000000000] [APT] [SpeedUpMyPC Maintenance] (...) -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe (.not file.) [0] =>Rogue.SpeedUpMyPC
[MD5.00000000000000000000000000000000] [APT] [SpeedUpMyPC Startup] (...) -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe (.not file.) [0] =>Rogue.SpeedUpMyPC
[MD5.00000000000000000000000000000000] [APT] [{76B67A0A-EC34-4808-AEA7-DF44F72C45B9}] (...) -- C:\Users\FABIANO ARISTEU\AppData\Roaming\0D0S1L2Z1P1B\Zip Extractor Packages\uninstaller.exe (.not file.) [0]
~ Scheduled Task: 36 Legitimates Filtered in 00mn 10s

---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (Bfilter) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\Windows\system32\drivers\Bfilter.sys =>Adware.BDSearch
O41 - Driver: (Bfmon) . (.Baidu, Inc. - Baidu FS Monitor Driver.) - C:\Windows\system32\drivers\Bfmon.sys =>Adware.BDSearch
O41 - Driver: (Bprotect) . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - C:\Windows\system32\drivers\Bprotect.sys =>Adware.BDSearch
~ Drivers: 46 Legitimates Filtered in 00mn 00s

---\\ Software instalados (042)
O42 - Logiciel: "Hao123.com" - (...) [HKLM][64Bits] -- "Hao123.com"
O42 - Logiciel: AppsHat Mobile Apps - (.Somoto Ltd..) [HKCU][64Bits] -- AppsHat Mobile Apps =>Adware.MegaSearch
O42 - Logiciel: GBBD Banco do Brasil - (...) [HKLM][64Bits] -- {36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1
O42 - Logiciel: Módulo de Proteção Santander 3.2.0.2 - (...) [HKLM][64Bits] -- {83033d93-48d0-48fc-9c5b-82e57e7e0dd6}_is1
O42 - Logiciel: iba revistas - (.iba.) [HKCU][64Bits] -- 3b291b42a34ebd2c
~ Logic: 35 Legitimates Filtered in 00mn 00s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\Allin1Convert_8h] =>Adware.Allin1Convert
[HKCU\Software\AnyProtect]
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\Baidu] =>Adware.BDSearch
[HKCU\Software\GbAs]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\SaveSenseLive] =>PUP.SaveSense
[HKCU\Software\SaveSense] =>PUP.SaveSense
[HKLM\Software\Wow6432Node\Allin1Convert_8h] =>Adware.Allin1Convert
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\SaveSenseLive] =>PUP.SaveSense
[HKLM\Software\Wow6432Node\Taronja]
[HKLM\Software\Wow6432Node\Wpm] =>PUP.WpManager
[HKLM\Software\Wow6432Node\baidu] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager
~ Key Software: 293 Legitimates Filtered in 00mn 00s

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 28/11/2013 - 00:03:52 - [0,063] ----D C:\Program Files (x86)\"Hao123.com"
O43 - CFD: 30/11/2013 - 22:47:45 - [14,993] ----D C:\Program Files (x86)\Baidu Security =>Adware.BDSearch
O43 - CFD: 09/02/2014 - 22:26:13 - [0] ----D C:\Program Files (x86)\BringStar
O43 - CFD: 06/02/2014 - 22:38:54 - [0] ----D C:\Program Files (x86)\deala4reaL
O43 - CFD: 09/02/2014 - 13:02:24 - [3,431] ----D C:\Program Files (x86)\SaveSenseLive =>PUP.SaveSense
O43 - CFD: 06/02/2014 - 22:38:16 - [0] ----D C:\Program Files (x86)\shopndrop
O43 - CFD: 06/02/2014 - 22:26:50 - [0,489] ----D C:\Program Files (x86)\SupTab =>PUP.SupTab
O43 - CFD: 06/02/2014 - 22:37:13 - [0] ----D C:\Program Files (x86)\TXTFIeleesCoonvert
O43 - CFD: 06/02/2014 - 22:29:02 - [0] ----D C:\Program Files (x86)\Uninstaller
O43 - CFD: 09/02/2014 - 15:31:24 - [0,001] ----D C:\ProgramData\Baidu =>Adware.BDSearch
O43 - CFD: 21/09/2013 - 13:34:36 - [11,015] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 07/02/2014 - 10:03:32 - [0] ----D C:\ProgramData\deala4reaL
O43 - CFD: 06/02/2014 - 22:38:55 - [0,027] ----D C:\ProgramData\ebf5ea96ed06fe7a
O43 - CFD: 06/02/2014 - 22:27:51 - [0] ----D C:\ProgramData\IePluginService =>Trojan.Trojan.SProtector
O43 - CFD: 31/01/2014 - 20:27:55 - [0,009] ----D C:\ProgramData\jplebhokgbenjckonibljahhnnjjnfgj
O43 - CFD: 29/01/2014 - 13:39:53 - [0,008] ----D C:\ProgramData\lgklajblddkabmgnocghfdcjbmipdbhm
O43 - CFD: 26/01/2014 - 17:20:30 - [0] ----D C:\ProgramData\NCOTEMP
O43 - CFD: 05/05/2013 - 20:47:53 - [0,125] ----D C:\ProgramData\OEM_E471269A730D
O43 - CFD: 09/02/2014 - 13:02:24 - [0,209] ----D C:\ProgramData\SaveSenseLive =>PUP.SaveSense
O43 - CFD: 07/02/2014 - 10:03:32 - [0] ----D C:\ProgramData\shopndrop
O43 - CFD: 07/02/2014 - 10:03:32 - [0] ----D C:\ProgramData\TXTFIeleesCoonvert
O43 - CFD: 06/02/2014 - 22:25:58 - [0] ----D C:\ProgramData\WPM =>PUP.WpManager
O43 - CFD: 12/02/2014 - 21:09:44 - [0] ----D C:\Users\FABIANO ARISTEU\AppData\Roaming\Baidu =>Adware.BDSearch
O43 - CFD: 26/09/2013 - 10:41:20 - [31,304] ----D C:\Users\FABIANO ARISTEU\AppData\Roaming\Baidu Security =>Adware.BDSearch
O43 - CFD: 26/09/2013 - 22:58:53 - [1,841] ----D C:\Users\FABIANO ARISTEU\AppData\Roaming\BlueZone Web
O43 - CFD: 05/05/2013 - 20:47:46 - [0,618] ----D C:\Users\FABIANO ARISTEU\AppData\Roaming\lm
O43 - CFD: 09/02/2014 - 13:02:21 - [0] ----D C:\Users\FABIANO ARISTEU\AppData\Roaming\SaveSense =>PUP.SaveSense
O43 - CFD: 28/11/2013 - 00:04:55 - [0,078] ----D C:\Users\FABIANO ARISTEU\AppData\Local\AppsHat Mobile Apps =>Adware.MegaSearch
O43 - CFD: 06/05/2013 - 15:23:58 - [34,121] ----D C:\Users\FABIANO ARISTEU\AppData\Local\Doc
O43 - CFD: 01/09/2013 - 01:27:39 - [0] ----D C:\Users\FABIANO ARISTEU\AppData\Local\MusicPlayer
O43 - CFD: 09/02/2014 - 13:02:08 - [1,280] ----D C:\Users\FABIANO ARISTEU\AppData\Local\SaveSense =>PUP.SaveSense
O43 - CFD: 09/02/2014 - 13:02:24 - [0] ----D C:\Users\FABIANO ARISTEU\AppData\Local\SaveSenseLive =>PUP.SaveSense
O43 - CFD: 09/02/2014 - 15:28:44 - [0,003] ----D C:\Users\FABIANO ARISTEU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat =>Adware.MegaSearch
O43 - CFD: 30/11/2013 - 22:47:14 - [0,003] ----D C:\Users\FABIANO ARISTEU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hao123-Brazil
O43 - CFD: 09/02/2014 - 21:34:51 - [0] ----D C:\Users\FABIANO ARISTEU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iba
O43 - CFD: 09/02/2014 - 13:02:09 - [0,001] ----D C:\Users\FABIANO ARISTEU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense =>PUP.SaveSense
~ Program Folder: 208 Legitimates Filtered in 01mn 49s

---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/02/2014 - 12:24:24 ---A- . (...) -- C:\autoexec.bat [0]
O44 - LFC:[MD5.385D6438CE0D3DB25705F907D3019920] - 09/02/2014 - 21:26:38 ---A- . (.Systweak Inc., ([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - Regclean Pro.) -- C:\Windows\System32\roboot64.exe [18816] =>Rogue.RegistryPowerCleaner
~ Files: 5 Legitimates Filtered in 00mn 05s

---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{49ea1fc8-1642-11e3-bf1e-dc0ea1c9b6fa}\AutoRun\command. (...) -- E:\iLinker.exe (.not file.)
O51 - MPSK:{733fb369-5301-11e3-bf85-dc0ea1c9b6fa}\AutoRun\command. (...) -- E:\LGAutoRun.exe (.not file.)
~ Keys: Scanned in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s

---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.CF54BC5630C200393369DDD1A5B63261] - 24/01/2014 - 12:02:46 R--A- . (.360.cn - 360杀毒文件监控驱动.) -- C:\Windows\System32\Drivers\360AvFlt.sys [71360]
O58 - SDL:[MD5.2E83D2621E87C493AB45DC6655BA77D4] - 05/07/2013 - 22:47:34 ---A- . (...) -- C:\Windows\System32\Drivers\aswSnx.sys.sum [175]
O58 - SDL:[MD5.A5F29AC2F0ADE8B995B49D7350CE3AC0] - 05/07/2013 - 22:47:34 ---A- . (...) -- C:\Windows\System32\Drivers\aswSP.sys.sum [175]
O58 - SDL:[MD5.E86C64478D9A90D62255FE9EB0150C6E] - 05/07/2013 - 22:47:34 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys.sum [175]
O58 - SDL:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 21/01/2014 - 11:14:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032] =>Adware.BDSearch
O58 - SDL:[MD5.DFC1681F6645CB2AEA83897588F05362] - 21/01/2014 - 11:14:50 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624] =>Adware.BDSearch
O58 - SDL:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992] =>Adware.BDSearch
O58 - SDL:[MD5.6E42F2E5B5BDE3FE4066C9B2D6091E17] - 26/01/2014 - 16:07:31 ---A- . (.360安全中心 - 360Efimon Driver.) -- C:\Windows\System32\Drivers\efimon.sys [23624]
O58 - SDL:[MD5.733A4767D59459282B55B6C780239F47] - 30/08/2012 - 06:05:12 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys [318864]
O58 - SDL:[MD5.0B3F6C8F93C5C25977EA5A8B2E656357] - 04/06/2013 - 09:15:02 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [103448]
O58 - SDL:[MD5.EA8F41484CCC5BA6A1455C2AD3D1BE3C] - 04/06/2013 - 09:15:00 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [203672]
O58 - SDL:[MD5.1B961A927BB155AC8A9AC7709BA77D72] - 04/06/2013 - 09:15:02 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG USB Mobile OBEX Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudobex.sys [203672]
O58 - SDL:[MD5.4E85355B94CFCB67C135F6521A4895A7] - 26/07/2012 - 02:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [30960]
O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 19/09/2013 - 12:56:12 ---A- . (...) -- C:\Windows\SysWOW64\drivers\AVKMGR.SYS [0]
O58 - SDL:[MD5.B7CC2AF3D5604EFDC5F82AF7A5B21FB1] - 12/02/2014 - 19:42:12 ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpndisrd.sys [31088]
~ Drivers: 17 Legitimates Filtered in 00mn 06s

---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.8DDB84FB5FD7958654F23ECE6EA14D0F] [SPRF][15/01/2014] (.Baidu, Inc. - Baidu Antivirus FileSplitUpLoad Library.) -- C:\ProgramData\FileSplitUpLoad.dll [167784] =>Adware.BDSearch
[MD5.2E906CA1331233AB75CE137063089531] [SPRF][08/06/2013] (...) -- C:\Users\FABIANO ARISTEU\AppData\Roaming\unins000.dat [12465]
[MD5.45D18DC0CA53BFFAA11F992BEF63280D] [SPRF][08/06/2013] (.No owner - Setup/Uninstall.) -- C:\Users\FABIANO ARISTEU\AppData\Roaming\unins000.exe [706250]
[MD5.F8B8767F83E257D157CD1871F66A43F1] [SPRF][25/08/2013] (...) -- C:\Users\FABIANO ARISTEU\AppData\Roaming\unins001.dat [16165]
[MD5.AD6E810B9CE3D8C0C1FF0203C68C6FA6] [SPRF][25/08/2013] (.No owner - Setup/Uninstall.) -- C:\Users\FABIANO ARISTEU\AppData\Roaming\unins001.exe [720082]
~ Files: 5 Legitimates Filtered in 00mn 00s

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 10/07/1658 0 | (70e6ca8c) . (...) - C:\Program Files (x86)\optimi~1\OptProCrashSvc.dll =>PUP.OptimizerPro
SS - | Demand 23/09/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 29/08/2012 276288 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 23/08/2012 468624 | (DeviceFastLaneService) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
SS - | Demand 12/07/2012 174160 | (EgisTec Ticket Service) . (.Egis Technology Inc..) - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
SS - | Demand 10/10/2012 655624 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 06/05/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 06/05/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 10/07/1658 0 | (McAfee SiteAdvisor Service) . (...) - C:\Program Files (x86)\mcafee\SITEAD~1\mcsacore.exe
SS - | Auto 09/02/2014 146920 | (savesenselive) . (.SaveSense.) - C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe =>PUP.SaveSense
SS - | Demand 09/02/2014 146920 | (savesenselivem) . (.SaveSense.) - C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe =>PUP.SaveSense
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Auto 20/09/2012 29696 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 20/08/2012 176640 | (BrcmCardReader) . (.Broadcom Corp..) - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
SR - | Auto 23/08/2012 2435728 | (CCDMonitorService) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
SR - | Auto 28/08/2012 348784 | (DsiWMIService) . (.Dritek System Inc..) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
SR - | Demand 22/08/2012 658576 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
SR - | Auto 30/08/2012 28560 | (ETDService) . (.ELAN Microelectronics Corp..) - C:\Program Files\Elantech\ETDService.exe
SR - | Auto 22/11/2013 449592 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
SR - | Auto 20/04/2012 635104 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 17/07/2012 165760 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 17/07/2012 276864 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 23/08/2012 259136 | (NTI IScheduleSvc) . (.NTI Corporation.) - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
SR - | Auto 10/10/2012 93296 | (RfButtonDriverService) . (.Dritek System INC..) - C:\Windows\RfBtnSvc64.exe
SR - | Auto 17/07/2012 364416 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 01/08/2012 81536 | (ZAtheros Wlan Agent) . (.Atheros.) - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe

~ Services: Scanned in 00mn 11s

---\\ Scâner Aditional (088)
Database Version : 13030 - (10/02/2014)
Clés trouvées (Keys found) : 42
Valeurs trouvées (Values found) : 9
Dossiers trouvés (Folders found) : 23
Fichiers trouvés (Files found) : 28

[HKLM\Software\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo] =>Toolbar.Ask^
[HKLM\Software\Google\Chrome\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje] =>PUP.SpecialSavings^
[HKLM\Software\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf] =>PUP.SpeedAnalysis^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71E129FF-6C2A-4984-818C-7E2C998B8D99}] =>PUP.SaveSense^
[HKLM\SYSTEM\CurrentControlSet\Services\70e6ca8c] =>PUP.OptimizerPro^
[HKLM\SYSTEM\CurrentControlSet\Services\savesenselive) (savesenselive] =>PUP.SaveSense^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AppsHat Mobile Apps] =>Adware.MegaSearch^
[HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9] =>Adware.MyWebSearch
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2] =>Toolbar.Ask
[HKCU\Software\AppDataLow\Software\SuperLyrics] =>Adware.AddLyrics
[HKCU\Software\VideoDownloadConverter_4z] =>Adware.VideoDownloadConverter
[HKCU\Software\AppDataLow\Software\VideoDownloadConverter_4z] =>Adware.VideoDownloadConverter
[HKLM\Software\Wow6432Node\VideoDownloadConverter_4z] =>Adware.VideoDownloadConverter
[HKCU\Software\Allin1Convert_8h] =>Adware.Allin1Convert
[HKCU\Software\AppDataLow\Software\Allin1Convert_8h] =>Adware.Allin1Convert
[HKLM\Software\Wow6432Node\Allin1Convert_8h] =>Adware.Allin1Convert
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dealply] =>PUP.DealPly
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus] =>Adware.BDSearch
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:mobilegeni daemon =>PUP.Mobogenie^
C:\Users\FABIANO ARISTEU\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo =>Toolbar.Ask^
C:\Users\FABIANO ARISTEU\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje =>PUP.SpecialSavings^
C:\Users\FABIANO ARISTEU\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf =>PUP.SpeedAnalysis^
C:\Program Files (x86)\Baidu Security =>Adware.BDSearch^
C:\Program Files (x86)\SaveSenseLive =>PUP.SaveSense^
C:\Program Files (x86)\SupTab =>PUP.SupTab^
C:\ProgramData\Baidu =>Adware.BDSearch^
C:\ProgramData\Baidu Security =>Adware.BDSearch^
C:\ProgramData\IePluginService =>Trojan.Trojan.SProtector^
C:\ProgramData\SaveSenseLive =>PUP.SaveSense^
C:\ProgramData\WPM =>PUP.WpManager^
C:\Users\FABIANO ARISTEU\AppData\Roaming\Baidu =>Adware.BDSearch^
C:\Users\FABIANO ARISTEU\AppData\Roaming\Baidu Security =>Adware.BDSearch^
C:\Users\FABIANO ARISTEU\AppData\Roaming\SaveSense =>PUP.SaveSense^
C:\Users\FABIANO ARISTEU\AppData\Local\AppsHat Mobile Apps =>Adware.MegaSearch^
C:\Users\FABIANO ARISTEU\AppData\Local\SaveSense =>PUP.SaveSense^
C:\Users\FABIANO ARISTEU\AppData\Local\SaveSenseLive =>PUP.SaveSense^
C:\Users\FABIANO ARISTEU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat =>Adware.MegaSearch^
C:\Users\FABIANO ARISTEU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense =>PUP.SaveSense^
C:\Program Files (x86)\vGrabber-software =>PUP.vGrabber
C:\Program Files (x86)\SuperLyrics =>Adware.AddLyrics
C:\Users\FABIANO ARISTEU\AppData\Local\Software =>Adware.Boxore
C:\Users\FABIANO ARISTEU\AppData\LocalLow\VideoDownloadConverter_4zEI =>Adware.VideoDownloadConverter
C:\Windows\Tasks\SaveSense.job =>Hijacker.iHaveNet^
C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job =>PUP.SaveSense^
C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job =>PUP.SaveSense^
C:\Windows\Tasks\SpeedUpMyPC Maintenance.job =>Rogue.SpeedUpMyPC^
C:\Windows\Tasks\SpeedUpMyPC Startup.job =>Rogue.SpeedUpMyPC^
C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe =>PUP.SaveSense^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKCU\Software\Baidu] =>Adware.BDSearch^
[HKCU\Software\SaveSenseLive] =>PUP.SaveSense^
[HKCU\Software\SaveSense] =>PUP.SaveSense^
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\SaveSenseLive] =>PUP.SaveSense^
[HKLM\Software\Wow6432Node\Wpm] =>PUP.WpManager^
[HKLM\Software\Wow6432Node\baidu] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab^
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^
C:\ProgramData\FileSplitUpLoad.dll =>Adware.BDSearch^
C:\Users\FABIANO ARISTEU\AppData\Local\Temp\appshat-distribution.exe =>Adware.MegaSearch
C:\Users\FABIANO ARISTEU\AppData\Local\Temp\minibar-master.exe =>Adware.MegaSearch
C:\Users\FABIANO ARISTEU\AppData\Local\Temp\nspCBF.tmp =>Adware.MegaSearch
C:\Users\FABIANO ARISTEU\AppData\Local\Temp\radA9825.tmp_update.exe =>Adware.MegaSearch
C:\Users\FABIANO ARISTEU\AppData\Local\Temp\UpdateCheckerSetup.exe =>Adware.MegaSearch
~ Additionnel Scan: 905485 Items scanned in 12mn 43s

---\\ Sumário das deteções encontradas na sua estação
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.Ask
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SpecialSavings
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SpeedAnalysis
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SaveSense
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.vGrabber
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Mobogenie
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.OptimizerPro
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.iHavenet
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Rogue.SpeedUpMyPC
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.MegaSearch
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.Allin1Convert
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.InstallCore
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.WpManager
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SupTab
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.SProtector
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Rogue.RegistryPowerCleaner
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.MyWebSearch
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Tarma
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.AddLyrics
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.VideoDownloadConverter
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.DealPly
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.Boxore
~ MSI: 24 link(s) detected in 12mn 43s

~ 997 Legitimates filtered by white list
End of the scan (648 lines in 15mn 45s)(0)

por **Power Max** Qua 12 Fev 2014, 22:33

Agora ficou completo o relatório, parabéns. isso aí!

Só que no momento estou acessando a Internet pelo celular e assim não tenho como montar o script para a remoção dos problemas.

Mas amanhã de manhã, se Deus quiser, postarei aqui para você.

por Rosane Mira Qua 12 Fev 2014, 22:39

Obrigada

Ficarei no aguardo. navegador - Retirar o Awesomewhp do navegador 960671

por **Power Max** Qui 13 Fev 2014, 12:09

Copie todo o texto destacado em vermelho que te passei (começando em script zhpfix e indo até SysRestore)

navegador - Retirar o Awesomewhp do navegador 772309

Vá no menu: Iniciar > Todos os programas > ZHP > Abra o Zhpfix > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.

por Rosane Mira Qui 13 Fev 2014, 22:20

Rapport de ZHPFix 2014.2.3.1 par Nicolas Coolman, Update du 03/02/2014
Fichier d'export Registre :
Run by FABIANO ARISTEU at 13/02/2014 22:17:10
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit (Build 9200)

Reciclagem vazia (01mn 29s)
Reparação de atalhos do navegador

========== Processo memória ==========
ELIMINÉ: Memory Process: C:\Users\FABIANO ARISTEU\AppData\Roaming\unins000.exe
ELIMINÉ: Memory Process: C:\Users\FABIANO ARISTEU\AppData\Roaming\unins001.exe
ELIMINÉ: Memory Process: C:\Users\FABIANO ARISTEU\AppData\Local\Temp\appshat-distribution.exe
ELIMINÉ: Memory Process: C:\Users\FABIANO ARISTEU\AppData\Local\Temp\minibar-master.exe
ELIMINÉ: Memory Process: C:\Users\FABIANO ARISTEU\AppData\Local\Temp\radA9825.tmp_update.exe
ELIMINÉ: Memory Process: C:\Users\FABIANO ARISTEU\AppData\Local\Temp\UpdateCheckerSetup.exe

========== Modulos memória ==========
ELIMINÉ: Memory Module: C:\ProgramData\FileSplitUpLoad.dll

========== Chaves do Registo ==========
ELIMINÉ: CLSID BHO: {71e129ff-6c2a-4984-818c-7e2c998b8d99}
ELIMINÉ: [HKLM\SOFTWARE\Classes\CLSID\{724D43A0-0D85-11D4-9908-00400523E39A}]
ELIMINÉ:* CLSID Extra Buttons: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
ELIMINÉ: [HKLM\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
ELIMINÉ: Service: 70e6ca8c
ELIMINÉ: Service: savesenselive
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bprotect
ELIMINÉ: HKCU\Software\Allin1Convert_8h
ELIMINÉ: HKCU\Software\AnyProtect
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKCU\Software\Baidu
ELIMINÉ: HKCU\Software\InstallCore
ELIMINÉ: HKCU\Software\SaveSenseLive
ELIMINÉ: HKCU\Software\SaveSense
ELIMINÉ: HKLM\Software\Wow6432Node\Allin1Convert_8h
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu_Drp_pos
ELIMINÉ: HKLM\Software\Wow6432Node\SaveSenseLive
ELIMINÉ: HKLM\Software\Wow6432Node\Wpm
ELIMINÉ: HKLM\Software\Wow6432Node\baidu
ELIMINÉ: HKLM\Software\Wow6432Node\supTab
ELIMINÉ: HKLM\Software\Wow6432Node\supWPM
ELIMINÉ CLSID MPSK: {49ea1fc8-1642-11e3-bf1e-dc0ea1c9b6fa}
ELIMINÉ CLSID MPSK: {733fb369-5301-11e3-bf85-dc0ea1c9b6fa}
ELIMINÉ: Service: savesenselivem
ELIMINÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AppsHat Mobile Apps
ELIMINÉ: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
ELIMINÉ: HKCU\Software\AppDataLow\Software\SuperLyrics
ELIMINÉ: HKCU\Software\VideoDownloadConverter_4z
ELIMINÉ: HKCU\Software\AppDataLow\Software\VideoDownloadConverter_4z
ELIMINÉ: HKLM\Software\Wow6432Node\VideoDownloadConverter_4z
ELIMINÉ: HKCU\Software\AppDataLow\Software\Allin1Convert_8h
ELIMINÉ:* HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dealply
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus

========== Valores do Registo ==========
ELIMINÉ: URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C}
ELIMINÉ: Toolbar: {724D43A0-0D85-11D4-9908-00400523E39A}
ELIMINÉ RunValue: LiveSupport
ELIMINÉ RunValue: fst_br_55
ELIMINÉ RunValue: fst_br_27
ELIMINÉ RunValue: mobilegeni daemon
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Elementos dos dados do Registo ==========
ELIMINÉ: R0 - Main,Start Page = KLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page
ELIMINÉ: R0 - Main,Start Page = KLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page
ELIMINÉ: R1 Search Page =

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ: c:\users\fabiano aristeu\appdata\local\google\chrome\user data\default\preferences
ELIMINÉ: c:\users\fabiano aristeu\appdata\local\savesense\savesenseie.dll
ELIMINÉ: c:\users\fabiano aristeu\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\amazon weblink.lnk
ELIMINÉ: c:\users\fabiano aristeu\appdata\roaming\microsoft\internet explorer\quick launch\google chrome.lnk (http://www.awesomehp.com)
CRIADO: C:\Users\FABIANO ARISTEU\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
ELIMINÉ: c:\users\fabiano aristeu\appdata\roaming\microsoft\internet explorer\quick launch\launch internet explorer browser.lnk (http://www.awesomehp.com)
CRIADO: C:\Users\FABIANO ARISTEU\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
ELIMINÉ: c:\users\fabiano aristeu\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\google chrome.lnk (http://www.awesomehp.com)
CRIADO: C:\Users\FABIANO ARISTEU\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
ELIMINÉ: c:\users\fabiano aristeu\appdata\roaming\microsoft\windows\start menu\programs\internet explorer.lnk (http://www.awesomehp.com)
CRIADO: C:\Users\FABIANO ARISTEU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
ELIMINÉ: c:\users\fabiano aristeu\desktop\sivolks.lnk
ELIMINÉ: c:\users\fabiano aristeu\appdata\local\temp\bluezone\bzsm.exe
ELIMINÉ: c:\users\fabiano aristeu\desktop\video downloader.lnk
ELIMINÉ: c:\program files (x86)\vgrabber-software\videodownloader.exe
ELIMINÉ: c:\users\fabiano aristeu\appdata\roaming\microsoft\windows\start menu\programs\startup\pc app store uninstall 3.16.3.4537.lnk
ELIMINA REINICIAR: c:\users\fabiano aristeu\appdata\roaming\baidu security\pc app store\3.16.3.4537\uninstall\pc app store uninstall\0\installutility.dll
ELIMINÉ: c:\windows\tasks\apsnotifierca.job
ELIMINÉ: c:\windows\tasks\digital sites.job
ELIMINÉ: c:\windows\tasks\savesense.job
ELIMINÉ: c:\windows\tasks\savesenseliveupdatetaskmachinecore.job
ELIMINÉ: c:\windows\tasks\savesenseliveupdatetaskmachineua.job
ELIMINÉ: c:\windows\tasks\speedupmypc maintenance.job
ELIMINÉ: c:\windows\tasks\speedupmypc startup.job
ELIMINA REINICIAR: c:\windows\system32\roboot64.exe
ELIMINA REINICIAR: c:\windows\system32\drivers\360avflt.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\efimon.sys
ELIMINÉ: C:\Users\FABIANO ARISTEU\AppData\Local\Temp\nspCBF.tmp
ELIMINÉ Temporários windows (0) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: APSnotifierCA
ELIMINÉ: Digital Sites
ELIMINÉ: Run RoboForm TaskBar Icon
ELIMINÉ: SaveSense
ELIMINÉ: SaveSense
ELIMINÉ: SaveSense
ELIMINÉ: SaveSense
ELIMINÉ: SaveSenseLiveUpdateTaskMachineCore
ELIMINÉ: SaveSenseLiveUpdateTaskMachineCore
ELIMINÉ: SaveSenseLiveUpdateTaskMachineUA
ELIMINÉ: SomotoUpdateCheckerAutoStart
ELIMINÉ: SpeedUpMyPC Maintenance
ELIMINÉ: SpeedUpMyPC Startup
ELIMINÉ: {76B67A0A-EC34-4808-AEA7-DF44F72C45B9}

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Recapitulativo ==========
6 : Processo memória
1 : Modulos memória
60 : Chaves do Registo
12 : Valores do Registo
3 : Elementos dos dados do Registo
1 : Pastas
33 : Ficheiros
14 : Tarefa planificada
1 : Restauração Sistema

End of clean in 06mn 49s

========== Caminho do ficheiro do relatório ==========
C:\Users\FABIANO ARISTEU\AppData\Roaming\ZHP\ZHPFix[R1].txt - 13/02/2014 22:18:39 [10591]

por **Power Max** Qui 13 Fev 2014, 22:59

Siga, por gentileza, as dicas dos tutoriais abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste, por gentileza, o log do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt e o log do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

por Rosane Mira Qui 13 Fev 2014, 23:26

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 8 Single Language x64
Ran by FABIANO ARISTEU on 13/02/2014 at 23:11:42,41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs

~~~ Registry Keys

Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{889F49D2-6CEA-40BE-BE5F-7217485F9745}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{2561FD25-FE31-4E56-A120-AF7FEAAE3124}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{889F49D2-6CEA-40BE-BE5F-7217485F9745}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{2561FD25-FE31-4E56-A120-AF7FEAAE3124}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-162521791-1135024494-3347415711-1001\Software\sweetim
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{889F49D2-6CEA-40BE-BE5F-7217485F9745}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{2561FD25-FE31-4E56-A120-AF7FEAAE3124}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{889F49D2-6CEA-40BE-BE5F-7217485F9745}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{2561FD25-FE31-4E56-A120-AF7FEAAE3124}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E58CDA9-3B21-4611-A859-26EE28950E61}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{46197f3d-30e7-4905-a14b-02bee3aaeb58}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\Internet Explorer\SearchScopes\{46197f3d-30e7-4905-a14b-02bee3aaeb58}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{46197f3d-30e7-4905-a14b-02bee3aaeb58}
Failed to delete: [Registry Key] "hkey_local_machine\software\classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9"

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Users\FABIANO ARISTEU\appdata\local\webplayer"
Successfully deleted: [Folder] "C:\Users\FABIANO ARISTEU\appdata\locallow\allin1convert_8hei"

~~~ Chrome

Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13/02/2014 at 23:23:20,06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v3.018 - Relatório criado 09/02/2014 às 15:28:30
# Atualizado 28/01/2014 por Xplode
# Sistema Operacional : Windows 8 Single Language (64 bits)
# Usuário : FABIANO ARISTEU - FABIANO
# Executando de : C:\Users\FABIANO ARISTEU\Downloads\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

[#] Serviço Deletada : IBUpdaterService

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\Ask
Pasta Deletada : C:\ProgramData\Babylon
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\BonanzaDealsLive
Pasta Deletada : C:\ProgramData\boost_interprocess
Pasta Deletada : C:\ProgramData\BrowserProtect
Pasta Deletada : C:\ProgramData\IBUpdaterService
Pasta Deletada : C:\ProgramData\Tarma Installer
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
Pasta Deletada : C:\Program Files (x86)\Ask.com
Pasta Deletada : C:\Program Files (x86)\baidu
Pasta Deletada : C:\Program Files (x86)\BonanzaDeals
Pasta Deletada : C:\Program Files (x86)\BonanzaDealsLive
Pasta Deletada : C:\Program Files (x86)\MetaCrawler
[!] Pasta Deletada : C:\Program Files (x86)\optimizer pro
Pasta Deletada : C:\Program Files (x86)\Uniblue\SpeedUpMyPC
Pasta Deletada : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Pasta Deletada : C:\Users\FABIANO ARISTEU\AppData\Local\apn
Pasta Deletada : C:\Users\FABIANO ARISTEU\AppData\Local\BonanzaDealsLive
Pasta Deletada : C:\Users\FABIANO ARISTEU\AppData\Local\FilesFrog Update Checker
Pasta Deletada : C:\Users\FABIANO ARISTEU\AppData\Local\iac
Pasta Deletada : C:\Users\FABIANO ARISTEU\AppData\Local\Minibar
Pasta Deletada : C:\Users\FABIANO ARISTEU\AppData\Local\Searchprotect
Pasta Deletada : C:\Users\FABIAN~1\AppData\Local\Temp\apn
Pasta Deletada : C:\Users\FABIANO ARISTEU\AppData\LocalLow\AskToolbar
Pasta Deletada : C:\Users\FABIANO ARISTEU\AppData\LocalLow\iac
Pasta Deletada : C:\Users\FABIANO ARISTEU\AppData\LocalLow\Softonic
Pasta Deletada : C:\Users\FABIANO ARISTEU\AppData\Roaming\Babylon
Pasta Deletada : C:\Users\FABIANO ARISTEU\AppData\Roaming\baidu
Pasta Deletada : C:\Users\FABIANO ARISTEU\AppData\Roaming\DealPly
Pasta Deletada : C:\Users\FABIANO ARISTEU\AppData\Roaming\DSite
Pasta Deletada : C:\Users\FABIANO ARISTEU\AppData\Roaming\file scout
Pasta Deletada : C:\Users\FABIANO ARISTEU\AppData\Roaming\Funmoods
Pasta Deletada : C:\Users\FABIANO ARISTEU\AppData\Roaming\MetaCrawler
Pasta Deletada : C:\Users\FABIANO ARISTEU\AppData\Roaming\optimizer pro
Pasta Deletada : C:\Users\FABIANO ARISTEU\AppData\Roaming\PerformerSoft
Pasta Deletada : C:\Users\FABIANO ARISTEU\AppData\Roaming\SpecialSavings
Pasta Deletada : C:\Users\FABIANO ARISTEU\AppData\Roaming\SpeedAnalysis2
Pasta Deletada : C:\Users\FABIANO ARISTEU\AppData\Roaming\Systweak
Pasta Deletada : C:\Users\FABIANO ARISTEU\AppData\Roaming\Uniblue\SpeedUpMyPC
Pasta Deletada : C:\Users\FABIANO ARISTEU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Pasta Deletada : C:\Users\FABIANO ARISTEU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video downloader
Pasta Deletada : C:\Users\FABIANO ARISTEU\Documents\optimizer pro
Arquivo Deletada : C:\END
Arquivo Deletada : C:\Windows\SysWOW64\p5PSSavr.scr
Arquivo Deletada : C:\Windows\System32\roboot64.exe
Arquivo Deletada : C:\Users\FABIAN~1\AppData\Local\Temp\Uninstall.exe
Arquivo Deletada : C:\Users\FABIANO ARISTEU\AppData\Roaming\speedanalysis.ico
Arquivo Deletada : C:\Users\FABIANO ARISTEU\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\user.js
Arquivo Deletada : C:\Users\FABIANO ARISTEU\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Arquivo Deletada : C:\Users\FABIANO ARISTEU\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Arquivo Deletada : C:\Users\FABIANO ARISTEU\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage
Arquivo Deletada : C:\Users\FABIANO ARISTEU\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage
Arquivo Deletada : C:\Users\FABIANO ARISTEU\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Arquivo Deletada : C:\Windows\System32\Tasks\Dealply
Arquivo Deletada : C:\Windows\Tasks\DSite.job
Arquivo Deletada : C:\Windows\System32\Tasks\DSite
Arquivo Deletada : C:\Windows\System32\Tasks\Funmoods
Arquivo Deletada : C:\Windows\Tasks\MetaCrawler.job
Arquivo Deletada : C:\Windows\System32\Tasks\MetaCrawler
Arquivo Deletada : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Atalhos ] *****

Atalho Desinfectada : C:\Users\FABIANO ARISTEU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat\Uninstall.lnk

***** [ Registro ] *****

Valor Deletedo : HKCU\Software\Mozilla\Firefox\Extensions [specialsavings@SpecialSavings.com]
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [specialsavings@SpecialSavings.com]
Valor Deletedo : HKCU\Software\Mozilla\Firefox\Extensions [speedanalysis02@SpeedAnalysis.com]
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [speedanalysis02@SpeedAnalysis.com]
Valor Deletedo : HKCU\Software\Mozilla\Firefox\Extensions [superlrcs@svenyor.net]
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\bgnjcnjlaajofpendibcoodneacalfho
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [AppsHat]
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Classes\speedupmypc
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe
Chave Deletedo : HKCU\Software\d2888de03fb815
Chave Deletedo : HKLM\SOFTWARE\d2888de03fb815
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [VideoDownloadConverter_4z Browser Plugin Loader 64]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Allin1Convert_8h Browser Plugin Loader 64]
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{41564952-412D-5637-00A7-7A786E7484D7}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\APN
Chave Deletedo : HKCU\Software\Ask.com
Chave Deletedo : HKCU\Software\BabSolution
Chave Deletedo : HKCU\Software\BI
Chave Deletedo : HKCU\Software\BonanzaDealsLive
Chave Deletedo : HKCU\Software\DataMngr
Chave Deletedo : HKCU\Software\DataMngr_Toolbar
Chave Deletedo : HKCU\Software\dsiteproducts
Chave Deletedo : HKCU\Software\filescout
Chave Deletedo : HKCU\Software\FreeSoftToday
Chave Deletedo : HKCU\Software\Funmoods
Chave Deletedo : HKCU\Software\Iminent
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\Minibar
Chave Deletedo : HKCU\Software\Optimizer Pro
Chave Deletedo : HKCU\Software\performersoft llc
Chave Deletedo : HKCU\Software\Somoto
Chave Deletedo : HKCU\Software\Tutorials
Chave Deletedo : HKCU\Software\TutoTag
Chave Deletedo : HKCU\Software\Webplayer
Chave Deletedo : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Deletedo : HKCU\Software\AppDataLow\Software\AskToolbar
Chave Deletedo : HKCU\Software\AppDataLow\Software\PopularScreensavers
Chave Deletedo : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Deletedo : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Chave Deletedo : HKLM\Software\APN
Chave Deletedo : HKLM\Software\AskToolbar
Chave Deletedo : HKLM\Software\Babylon
Chave Deletedo : HKLM\Software\BonanzaDealsLive
Chave Deletedo : HKLM\Software\Conduit
Chave Deletedo : HKLM\Software\DataMngr
Chave Deletedo : HKLM\Software\DealPlyLive
Chave Deletedo : HKLM\Software\FreeSoftToday
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKLM\Software\InstallCore
Chave Deletedo : HKLM\Software\Minibar
Chave Deletedo : HKLM\Software\systweak
Chave Deletedo : HKLM\Software\Tutorials
Chave Deletedo : HKLM\Software\Uniblue\SpeedUpMyPC
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video downloader
Chave Deletedo : [x64] HKLM\SOFTWARE\Tarma Installer
Dados Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL
Chave Deletedo : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Chave Deletedo : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

***** [ Navegadores ] *****

-\\ Internet Explorer v10.0.9200.16537

Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v

[ Arquivo : C:\Users\FABIANO ARISTEU\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\prefs.js ]

-\\ Google Chrome v32.0.1700.102

[ Arquivo : C:\Users\FABIANO ARISTEU\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [25245 octets] - [09/02/2014 15:26:39]
AdwCleaner[S0].txt - [22048 octets] - [09/02/2014 15:28:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [22109 octets] ##########

por **Power Max** Qui 13 Fev 2014, 23:37

Siga, por gentileza, as dicas deste tutorial para fazer uma limpeza de seu PC com o Malwarebytes:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Na sua próxima resposta poste este log do Malwarebytes.

Ficamos no aguardo.

por Rosane Mira Sex 14 Fev 2014, 21:49

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Versão da Base de Dados: v2014.02.14.09

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16798
FABIANO ARISTEU :: FABIANO [administrador]

Proteção: Permitir

14/02/2014 20:09:52
MBAM-log-2014-02-14 (21-47-48).txt

Tipo de Verificação: Verificação Completa (C:\|D:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 461050
Tempo decorrido: 1 hora(s), 37 minuto(s), 1 segundo(s)

Processos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Chaves de Registro Detectadas: 36
HKCR\AppID\{A2D3FB7A-6873-45E8-AF96-57092D721828} (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828} (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassSvc (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} (PUP.Optional.SupTab.A) -> Nenhuma ação foi feita.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SAVESENSELIVE.EXE (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLive.OneClickCtrl.9 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLive.OneClickProcessLauncherMachine (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLive.OneClickProcessLauncherMachine.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLive.Update3WebControl.3 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CoCreateAsync (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CoCreateAsync.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CoreClass (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CoreClass.1 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CoreMachineClass (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CoreMachineClass.1 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CredentialDialogMachine (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CredentialDialogMachine.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassMachine (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassMachine.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.ProcessLauncher (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.ProcessLauncher.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3COMClassService (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3COMClassService.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3WebMachine (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3WebMachine.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3WebMachineFallback (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3WebMachineFallback.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3WebSvc (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3WebSvc.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\AppID\SaveSenseLive.exe (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=3 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=9 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKLM\Software\awesomehpSoftware (PUP.Optional.Awesomehp.A) -> Nenhuma ação foi feita.

Valores de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Itens de Dados no Registro Detectadas: 2
HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command| (PUP.Optional.Awesomehp.A) -> Ruim: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Bom: (Chrome.exe) -> Nenhuma ação foi feita.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command| (PUP.Optional.Awesomehp.A) -> Ruim: (C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Bom: (iexplore.exe) -> Nenhuma ação foi feita.

Pastas Detectadas: 0
(Não foram detectados ítens maliciosos)

Arquivos Detectados: 30
C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptimizerPro.exe.vir (PUP.Optional.OptimizerPro) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProGuard.exe.vir (PUP.Optional.OptimizerPro) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProReminder.exe.vir (PUP.Optional.OptimizerPro) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProSchedule.exe.vir (PUP.Optional.OptimizerPro) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProSmartScan.exe.vir (PUP.Optional.OptimizerPro) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProStart.exe.vir (PUP.Optional.OptimizerPro) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Users\FABIANO ARISTEU\AppData\Local\FilesFrog Update Checker\uninstall.exe.vir (PUP.Optional.Somoto) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Users\FABIANO ARISTEU\AppData\Roaming\DSite\UpdateProc\UpdateTask.exe.vir (PUP.Optional.DigitalSites.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Users\FABIANO ARISTEU\AppData\Roaming\file scout\filescout.exe.vir (PUP.Optional.FileScout.A) -> Nenhuma ação foi feita.
C:\Users\FABIANO ARISTEU\AppData\Roaming\ZHP\Quarantine\appshat-distribution.exe.VIR (PUP.Optional.Somoto.A) -> Nenhuma ação foi feita.
C:\Users\FABIANO ARISTEU\AppData\Roaming\ZHP\Quarantine\minibar-master.exe.VIR (PUP.Optional.MiniBar.A) -> Nenhuma ação foi feita.
C:\Users\FABIANO ARISTEU\AppData\Roaming\ZHP\Quarantine\nspcbf.tmp.VIR (PUP.Optional.Somoto.A) -> Nenhuma ação foi feita.
C:\Users\FABIANO ARISTEU\AppData\Roaming\ZHP\Quarantine\rada9825.tmp_update.exe.VIR (PUP.Optional.Somoto) -> Nenhuma ação foi feita.
C:\Users\FABIANO ARISTEU\AppData\Roaming\ZHP\Quarantine\updatecheckersetup.exe.VIR (PUP.Optional.Somoto) -> Nenhuma ação foi feita.
C:\Users\FABIANO ARISTEU\AppData\Roaming\ZHP\Quarantine\AppsHat Mobile Apps.DIR\Uninstall.exe (PUP.Optional.Somoto.A) -> Nenhuma ação foi feita.
C:\Users\FABIANO ARISTEU\AppData\Roaming\ZHP\Quarantine\SaveSenseLive.DIR\Update\1.3.23.0\goopdate.dll (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\Users\FABIANO ARISTEU\AppData\Roaming\ZHP\Quarantine\SaveSenseLive.DIR\Update\1.3.23.0\npGoogleUpdate3.dll (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\Users\FABIANO ARISTEU\AppData\Roaming\ZHP\Quarantine\SaveSenseLive.DIR\Update\1.3.23.0\psmachine.dll (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\Users\FABIANO ARISTEU\AppData\Roaming\ZHP\Quarantine\SaveSenseLive.DIR\Update\1.3.23.0\psuser.dll (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\Users\FABIANO ARISTEU\AppData\Roaming\ZHP\Quarantine\SaveSenseLive.DIR\Update\1.3.23.0\SaveSenseLive.exe (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\Users\FABIANO ARISTEU\AppData\Roaming\ZHP\Quarantine\SaveSenseLive.DIR\Update\1.3.23.0\SaveSenseLiveBroker.exe (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\Users\FABIANO ARISTEU\AppData\Roaming\ZHP\Quarantine\SaveSenseLive.DIR\Update\1.3.23.0\SaveSenseLiveHandler.exe (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\Users\FABIANO ARISTEU\AppData\Roaming\ZHP\Quarantine\SaveSenseLive.DIR\Update\1.3.23.0\SaveSenseLiveOnDemand.exe (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\Users\FABIANO ARISTEU\AppData\Roaming\ZHP\Quarantine\SupTab.DIR\SupTab.dll (PUP.Optional.SupTab.A) -> Nenhuma ação foi feita.
C:\Users\FABIANO ARISTEU\AppData\Roaming\ZHP\Quarantine\vgrabber-software.DIR\Uninstall.exe (PUP.BundleInstaller.VG) -> Nenhuma ação foi feita.
C:\Users\FABIANO ARISTEU\Downloads\Setup (1).exe (PUP.Optional.BundleInstaller.A) -> Nenhuma ação foi feita.
C:\Users\FABIANO ARISTEU\Downloads\Setup.exe (PUP.Optional.Solimba) -> Nenhuma ação foi feita.
C:\Users\FABIANO ARISTEU\Downloads\ZipExtractorSetup (1).exe (PUP.Optional.JumpyApps) -> Nenhuma ação foi feita.
C:\Users\FABIANO ARISTEU\Downloads\ZipExtractorSetup.exe (PUP.Optional.JumpyApps) -> Nenhuma ação foi feita.
C:\Users\FABIANO ARISTEU\Local Settings\Application Data\Bundled software uninstaller\bi_client.exe (PUP.Optional.Somoto.A) -> Nenhuma ação foi feita.

(fim)

por **Power Max** Sáb 15 Fev 2014, 00:38

Vários problemas foram encontrados pelo Malwarebytes, mas está constando que nenhuma ação foi feita.

Faça, por gentileza, uma nova verificação completa com ele e remova todos os problemas que ele encontrar.

Depois disso poste o novo relatório que ele irá criar.

por **Power Max** Dom 02 Mar 2014, 12:42

TÓPICO ARQUIVADO

Como a autora não respondeu por mais de 15 dias, o tópico foi arquivado. Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.

por Conteúdo patrocinado

Retirar o Awesomewhp do navegador

Retirar o Awesomewhp do navegador

Re: Retirar o Awesomewhp do navegador

Re: Retirar o Awesomewhp do navegador

Re: Retirar o Awesomewhp do navegador

Re: Retirar o Awesomewhp do navegador

Re: Retirar o Awesomewhp do navegador

Re: Retirar o Awesomewhp do navegador

Re: Retirar o Awesomewhp do navegador

Re: Retirar o Awesomewhp do navegador

Re: Retirar o Awesomewhp do navegador

Re: Retirar o Awesomewhp do navegador

Re: Retirar o Awesomewhp do navegador

Re: Retirar o Awesomewhp do navegador

Re: Retirar o Awesomewhp do navegador

Re: Retirar o Awesomewhp do navegador

Re: Retirar o Awesomewhp do navegador

Re: Retirar o Awesomewhp do navegador

Re: Retirar o Awesomewhp do navegador

Re: Retirar o Awesomewhp do navegador

Re: Retirar o Awesomewhp do navegador

Re: Retirar o Awesomewhp do navegador

Seg	Ter	Qua	Qui	Sex	Sáb	Dom
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31