vírus: http://pthacker.no-ip.org:8080/is-ready

por Ramos Qua 26 Mar 2014, 12:18

Oi Pessoal, Boa Tarde
Estou com um problema, ao utilizar pen drive no meu computador, este foi infectado pelo seguinte vírus: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Sempre que acesso alguma página da internet aparece uma mensagem do antivírus Avast informando: uma ameaça foi detectada.
Preciso da ajuda de vocês, para tentar resolver esse problema, Obrigado Pela Atenção. Sad

por **Power Max** Qua 26 Mar 2014, 12:55

vírus: http://pthacker.no-ip.org:8080/is-ready 648673379

Olá Ramos.

vírus: http://pthacker.no-ip.org:8080/is-ready 772309

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

por Ramos Qua 26 Mar 2014, 13:43

# AdwCleaner v3.022 - Relatório criado 26/03/2014 às 13:30:26
# Atualizado 13/03/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate Service Pack 1 (64 bits)
# Usuário : Ramos - RAMOS-PC
# Executando de : C:\Users\Ramos\Desktop\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

Serviço Deletada : dealplylive
[#] Serviço Deletada : dealplylivem
[#] Serviço Deletada : MgAssistService
[#] Serviço Deletada : savesenselive
[#] Serviço Deletada : savesenselivem
Serviço Deletada : winzipersvc
[#] Serviço Deletada : WsysSvc

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\AskPartnerNetwork
Pasta Deletada : C:\ProgramData\Babylon
Pasta Deletada : C:\ProgramData\baidu
[!] Pasta Deletada : C:\ProgramData\BitGuard
Pasta Deletada : C:\ProgramData\boost_interprocess
Pasta Deletada : C:\ProgramData\DealPlyLive
Pasta Deletada : C:\ProgramData\eSafe
Pasta Deletada : C:\ProgramData\rvlkl
Pasta Deletada : C:\ProgramData\SaveSenseLive
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Pasta Deletada : C:\Program Files (x86)\AskPartnerNetwork
Pasta Deletada : C:\Program Files (x86)\Conduit
Pasta Deletada : C:\Program Files (x86)\DealPly
Pasta Deletada : C:\Program Files (x86)\DealPlyLive
Pasta Deletada : C:\Program Files (x86)\LyriXeeker
Pasta Deletada : C:\Program Files (x86)\Mobogenie
Pasta Deletada : C:\Program Files (x86)\RegClean Pro
Pasta Deletada : C:\Program Files (x86)\SaveSense
Pasta Deletada : C:\Program Files (x86)\SaveSenseLive
Pasta Deletada : C:\Program Files (x86)\SimilarSites
Pasta Deletada : C:\Program Files (x86)\TornTV.com
Pasta Deletada : C:\Program Files (x86)\WebConnect
Pasta Deletada : C:\Program Files (x86)\WinZipper
Pasta Deletada : C:\Program Files (x86)\Plus-HD-4.4
Pasta Deletada : C:\Users\Ramos\AppData\Local\Babylon
Pasta Deletada : C:\Users\Ramos\AppData\Local\DealPlyLive
Pasta Deletada : C:\Users\Ramos\AppData\Local\genienext
Pasta Deletada : C:\Users\Ramos\AppData\Local\lollipop
Pasta Deletada : C:\Users\Ramos\AppData\Local\Mobogenie
Pasta Deletada : C:\Users\Ramos\AppData\Local\SaveSenseLive
Pasta Deletada : C:\Users\Ramos\AppData\LocalLow\Plus-HD-4.4
Pasta Deletada : C:\Users\Ramos\AppData\Roaming\Babylon
Pasta Deletada : C:\Users\Ramos\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Ramos\AppData\Roaming\DealPly
Pasta Deletada : C:\Users\Ramos\AppData\Roaming\eUpdate
Pasta Deletada : C:\Users\Ramos\AppData\Roaming\file scout
Pasta Deletada : C:\Users\Ramos\AppData\Roaming\Funmoods
Pasta Deletada : C:\Users\Ramos\AppData\Roaming\newnext.me
Pasta Deletada : C:\Users\Ramos\AppData\Roaming\OpenCandy
Pasta Deletada : C:\Users\Ramos\AppData\Roaming\SaveSense
Pasta Deletada : C:\Users\Ramos\AppData\Roaming\SimilarSites
Pasta Deletada : C:\Users\Ramos\AppData\Roaming\Systweak
Pasta Deletada : C:\Users\Ramos\AppData\Roaming\UpdaterEX
Pasta Deletada : C:\Users\Ramos\AppData\Roaming\WinZipper
Pasta Deletada : C:\Users\Ramos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Pasta Deletada : C:\Users\Ramos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Pasta Deletada : C:\Users\Ramos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
Pasta Deletada : C:\Users\Ramos\Documents\Mobogenie
Pasta Deletada : C:\Users\Lucineia\AppData\Local\DealPlyLive
Pasta Deletada : C:\Users\Lucineia\AppData\Local\Mobogenie
Pasta Deletada : C:\Users\Lucineia\AppData\Local\Temp\apn
Pasta Deletada : C:\Users\Lucineia\AppData\Local\Temp\eIntaller
Pasta Deletada : C:\Users\Lucineia\AppData\Local\Temp\Iminent
Pasta Deletada : C:\Users\Lucineia\AppData\LocalLow\Conduit
Pasta Deletada : C:\Users\Lucineia\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Lucineia\AppData\Roaming\DealPly
Pasta Deletada : C:\Users\Lucineia\AppData\Roaming\eUpdate
Pasta Deletada : C:\Users\Lucineia\AppData\Roaming\Funmoods
Pasta Deletada : C:\Users\Lucineia\AppData\Roaming\WinZipper
Pasta Deletada : C:\Users\Lucineia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Pasta Deletada : C:\Users\Lucineia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Pasta Deletada : C:\Users\Ramos\AppData\Roaming\Mozilla\Firefox\Profiles\ymgxrr49.default\Extensions\7d04e0dd-e717-4311-bcbc-b7636adb99a5@300322bc-0824-4364-854a-6105e7ba1d2f.com
Pasta Deletada : C:\Users\Lucineia\AppData\Roaming\Mozilla\Firefox\Profiles\g6dexgp3.default\Extensions\7d04e0dd-e717-4311-bcbc-b7636adb99a5@300322bc-0824-4364-854a-6105e7ba1d2f.com
Pasta Deletada : C:\Users\Ramos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieakfmpjhljbpbfpldjkddkjmmgjmgon
Pasta Deletada : C:\Users\Lucineia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieakfmpjhljbpbfpldjkddkjmmgjmgon
Pasta Deletada : C:\Users\Lucineia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Pasta Deletada : C:\Users\Ramos\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka
Pasta Deletada : C:\Users\Lucineia\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka
Pasta Deletada : C:\Users\Ramos\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdebcffgnijbblbinknkbefciofebcda
Pasta Deletada : C:\Users\Lucineia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdebcffgnijbblbinknkbefciofebcda
[!] Pasta Deletada : C:\Users\Ramos\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdebcffgnijbblbinknkbefciofebcda
[!] Pasta Deletada : C:\Users\Lucineia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdebcffgnijbblbinknkbefciofebcda
[!] Pasta Deletada : C:\Users\Ramos\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdebcffgnijbblbinknkbefciofebcda
[!] Pasta Deletada : C:\Users\Lucineia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdebcffgnijbblbinknkbefciofebcda
Arquivo Deletada : C:\Users\Ramos\AppData\Roaming\Mozilla\Firefox\Profiles\ymgxrr49.default\Extensions\firefox@webconnect.co.xpi
Arquivo Deletada : C:\Users\Public\Desktop\RegClean Pro.lnk
Arquivo Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\rvlkl.lnk
Arquivo Deletada : C:\Windows\System32\roboot64.exe
Arquivo Deletada : C:\Users\Ramos\AppData\Roaming\Mozilla\Firefox\Profiles\ymgxrr49.default\bprotector_extensions.sqlite
Arquivo Deletada : C:\Users\Lucineia\AppData\Roaming\Mozilla\Firefox\Profiles\g6dexgp3.default\bprotector_extensions.sqlite
Arquivo Deletada : C:\Program Files (x86)\Mozilla Firefox\searchplugins\delta-homes.xml
Arquivo Deletada : C:\Program Files (x86)\Mozilla Firefox\searchplugins\portaldosites.xml
Arquivo Deletada : C:\Users\Lucineia\AppData\Roaming\Mozilla\Firefox\Profiles\g6dexgp3.default\user.js
Arquivo Deletada : C:\Users\Ramos\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Arquivo Deletada : C:\Users\Lucineia\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Arquivo Deletada : C:\Users\Ramos\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Arquivo Deletada : C:\Users\Lucineia\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Arquivo Deletada : C:\Users\Ramos\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
Arquivo Deletada : C:\Users\Ramos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
Arquivo Deletada : C:\Users\Ramos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
Arquivo Deletada : C:\Windows\System32\Tasks\BitGuard
Arquivo Deletada : C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
Arquivo Deletada : C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineCore
Arquivo Deletada : C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
Arquivo Deletada : C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA
Arquivo Deletada : C:\Windows\System32\Tasks\DealPlyUpdate
Arquivo Deletada : C:\Windows\Tasks\Funmoods.job
Arquivo Deletada : C:\Windows\System32\Tasks\Funmoods
Arquivo Deletada : C:\Windows\Tasks\RegClean Pro_DEFAULT.job
Arquivo Deletada : C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
Arquivo Deletada : C:\Windows\Tasks\RegClean Pro_UPDATES.job
Arquivo Deletada : C:\Windows\System32\Tasks\RegClean Pro_UPDATES
Arquivo Deletada : C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
Arquivo Deletada : C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineCore
Arquivo Deletada : C:\Windows\Tasks\Plus-HD-4.4-chromeinstaller.job
Arquivo Deletada : C:\Windows\System32\Tasks\Plus-HD-4.4-chromeinstaller
Arquivo Deletada : C:\Windows\Tasks\Plus-HD-4.4-codedownloader.job
Arquivo Deletada : C:\Windows\System32\Tasks\Plus-HD-4.4-codedownloader
Arquivo Deletada : C:\Windows\Tasks\Plus-HD-4.4-enabler.job
Arquivo Deletada : C:\Windows\System32\Tasks\Plus-HD-4.4-enabler
Arquivo Deletada : C:\Windows\Tasks\Plus-HD-4.4-firefoxinstaller.job
Arquivo Deletada : C:\Windows\System32\Tasks\Plus-HD-4.4-firefoxinstaller
Arquivo Deletada : C:\Windows\Tasks\Plus-HD-4.4-updater.job
Arquivo Deletada : C:\Windows\System32\Tasks\Plus-HD-4.4-updater

***** [ Atalhos ] *****

***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ejnmnhkgiphcaeefbaooconkceehicfi
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ieakfmpjhljbpbfpldjkddkjmmgjmgon
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\mdebcffgnijbblbinknkbefciofebcda
Chave Deletedo : HKCU\Software\Classes\pokki
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Chave Deletedo : HKLM\SOFTWARE\Classes\*\shell\filescout
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\dealplylive.exe
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickCtrl.9
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLive.Update3WebControl.3
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.coreclass
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachine
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclasssvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Classes\speedupmypc
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=3
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=9
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0039676.BHO
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0039676.BHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0039676.Sandbox
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0039676.Sandbox.1
Chave Deletedo : HKCU\Software\5e558c8bb13fba44
Chave Deletedo : HKLM\SOFTWARE\5e558c8bb13fba44
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_revealer-keylogger_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_revealer-keylogger_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_malwarebytes-anti-malware_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_malwarebytes-anti-malware_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_utorrent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_utorrent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{0F21B1E5-5AFC-43C9-9C66-515046E92EC2}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{2316C625-B487-4410-A1A5-FF040B65245F}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3728BA43-F94F-42A4-9E8D-00B930D1DB28}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3A4DBD3A-98CC-41CE-AD21-352D42B6F754}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9CF699CA-2174-4ED8-BEC1-BA82095EDCE0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C536F080-57B7-46D6-8894-C647553F2889}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311961176}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322962276}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7C28CEF1-A4A6-4B6A-8B97-C44F1267753C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355965576}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366966676}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{D8CAF2DF-52D3-42CF-9DDB-F4FF828DB4F8}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344964476}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F21B1E5-5AFC-43C9-9C66-515046E92EC2}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2316C625-B487-4410-A1A5-FF040B65245F}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3728BA43-F94F-42A4-9E8D-00B930D1DB28}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CF699CA-2174-4ED8-BEC1-BA82095EDCE0}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311961176}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F21B1E5-5AFC-43C9-9C66-515046E92EC2}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2316C625-B487-4410-A1A5-FF040B65245F}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3728BA43-F94F-42A4-9E8D-00B930D1DB28}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CF699CA-2174-4ED8-BEC1-BA82095EDCE0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311961176}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0F21B1E5-5AFC-43C9-9C66-515046E92EC2}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2316C625-B487-4410-A1A5-FF040B65245F}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3728BA43-F94F-42A4-9E8D-00B930D1DB28}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CF699CA-2174-4ED8-BEC1-BA82095EDCE0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{34f1cd4f-81c0-4ecb-af50-8a90170bfd83}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9048e7b3-8818-45cf-a950-2997c3160cee}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d3a44bac-2896-4bb1-844e-078ba2d453d4}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f863c0d1-6d2f-41f1-88a6-02aef6724c28}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa553786-9d0e-4799-9e4c-4dc552b691c9}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311961176}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322962276}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{7C28CEF1-A4A6-4B6A-8B97-C44F1267753C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355965576}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366966676}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311961176}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{34f1cd4f-81c0-4ecb-af50-8a90170bfd83}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9048e7b3-8818-45cf-a950-2997c3160cee}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d3a44bac-2896-4bb1-844e-078ba2d453d4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f863c0d1-6d2f-41f1-88a6-02aef6724c28}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa553786-9d0e-4799-9e4c-4dc552b691c9}
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Chave Deletedo : HKCU\Software\1ClickDownload
Chave Deletedo : HKCU\Software\BabSolution
Chave Deletedo : HKCU\Software\DataMngr
Chave Deletedo : HKCU\Software\DataMngr_Toolbar
Chave Deletedo : HKCU\Software\DealPly
Chave Deletedo : HKCU\Software\DealPlyLive
Chave Deletedo : HKCU\Software\filescout
Chave Deletedo : HKCU\Software\Headlight
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\installedbrowserextensions
Chave Deletedo : HKCU\Software\lollipop
Chave Deletedo : HKCU\Software\SaveSenseLive
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\systweak
Chave Deletedo : HKCU\Software\UpdaterEX
Chave Deletedo : HKCU\Software\WebConnect
Chave Deletedo : HKCU\Software\AppDataLow\Software\Crossrider
Chave Deletedo : HKCU\Software\AppDataLow\Software\lyrixeeker
Chave Deletedo : HKCU\Software\AppDataLow\Software\Plus-HD-4.4
Chave Deletedo : HKLM\Software\Conduit
Chave Deletedo : HKLM\Software\DataMngr
Chave Deletedo : HKLM\Software\DealPly
Chave Deletedo : HKLM\Software\DealPlyLive
Chave Deletedo : HKLM\Software\delta-homesSoftware
Chave Deletedo : HKLM\Software\eSafeSecControl
Chave Deletedo : HKLM\Software\hdcode
Chave Deletedo : HKLM\Software\portaldositesSoftware
Chave Deletedo : HKLM\Software\SaveSenseLive
Chave Deletedo : HKLM\Software\systweak
Chave Deletedo : HKLM\Software\Uniblue
Chave Deletedo : HKLM\Software\V9
Chave Deletedo : HKLM\Software\winzipersvc
Chave Deletedo : HKLM\Software\Plus-HD-4.4
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Desk 365
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\lyrix@lyrixeeker.co
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-4.4
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebConnect

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.16521

Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]

-\\ Mozilla Firefox v26.0 (pt-BR)

[ Arquivo : C:\Users\Ramos\AppData\Roaming\Mozilla\Firefox\Profiles\ymgxrr49.default\prefs.js ]

Linha deletada : user_pref("browser.newtab.url", "hxxp://www.delta-homes.com/newtab/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=nt&from=newgdp&uid=HGSTXHTS545050A7E380_TE8521491R0L3C1R0L3CX&ts=1380296[...]
Linha deletada : user_pref("browser.search.order.1", "portaldosites");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.InstallationThankYouPage", false);
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.InstallationTime", 1387147875);
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676_dbWasSet", true);
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676_dbWasSet_FF25_FIX", true[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.active", true);
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.addressbar", "NA");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.addressbarenhanced", "");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.asyncdb.was_copied", "true");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.asyncdb_dbWasSet", true);
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.asyncdb_dbWasSet_FF25_FIX", true);
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.asyncinternaldb.was_copied", "true");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.asyncinternaldb_dbWasSet", true);
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.asyncinternaldb_dbWasSet_FF25_FIX", true);
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.backgroundver", 2);
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.certdomaininstaller", "");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.changeprevious", false);
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil)")[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.cookie.InstallationTime.value", "%221387147875%22");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil)");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22000760%22%2C%22sub_id%22%3A%220%22%2C%22uz[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.cookie.iframe-exists.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil)");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.cookie.iframe-exists.value", "true");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.cookie.jw_token.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil)");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.cookie.jw_token.value", "%2262308b2c-465c-bc53-5f0f-cd72be2462f4%22");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.cookie.load_balancer.expiration", "Mon Mar 10 2014 17:01:23 GMT-0300 (Hora oficial do Brasil)");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.cookie.load_balancer.value", "%22%7B%20%5C%22Status%5C%22%3A%201%2C%5C%22Endpoint%5C%22%3A%20%5C%2[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.cookie.previous_page.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.cookie.previous_page.value", "%22hxxp%3A//search.localstrike.net/%22");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.cookie.user_id.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil)");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.cookie.user_id.value", "%221434e86bbbc8eaea26f2e97f36685c8f%22");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.description", "Turn YouTube videos to High Definition by default");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.domain", "");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.enablesearch", false);
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.homepage", "");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.iframe", false);
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do B[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%22059F0EA1FF7A493BA780A9916CDB3[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22000760%22%2C%22sub_id%22%3A%220%22%2C%[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22000760%22%2C%22sub_id%22%3A%220%2[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A%22059F0EA1FF7A493BA780[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.Resources_appVer.value", "96");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.Resources_lastVersion.value", "1");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.Resources_meta.value", "%7B%7D");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.Resources_nextCheck.expiration", "Mon Mar 10 2014 17:01:15 GMT-0300 (Hora oficial do Br[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.Resources_nextCheck.value", "true");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.Resources_queue.value", "%7B%7D");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_DOWNLOADS__global_rules.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_DOWNLOADS__global_rules.value", "%5B%7B%22rules%22%3A%7B%22delay_between_ads_in_s[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_DOWNLOADS__global_rules_verion.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_DOWNLOADS__global_rules_verion.value", "2");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_DOWNLOADS__is_send_log.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_DOWNLOADS__is_send_log.value", "false");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_DOWNLOADS__marketing_rules.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_DOWNLOADS__marketing_rules.value", "%7B%22rules%22%3A%5B%7B%22ad_type%22%3A%22sit[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_DOWNLOADS__marketing_rules_verion.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_DOWNLOADS__marketing_rules_verion.value", "14");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_DOWNLOADS__pages_visited_count.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_DOWNLOADS__pages_visited_count.value", "8");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_DOWNLOADS__pagevies_count_11.2.2014.expiration", "Fri Mar 21 2014 05:00:00 GMT-03[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_DOWNLOADS__pagevies_count_11.2.2014.value", "1");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_DOWNLOADS__pagevies_count_3.2.2014.expiration", "Thu Mar 13 2014 05:00:00 GMT-030[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_DOWNLOADS__pagevies_count_3.2.2014.value", "1");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_DOWNLOADS__pagevies_count_5.2.2014.expiration", "Sat Mar 15 2014 05:00:00 GMT-030[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_DOWNLOADS__pagevies_count_5.2.2014.value", "1");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_DOWNLOADS__pagevies_count_7.2.2014.expiration", "Mon Mar 17 2014 05:00:00 GMT-030[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_DOWNLOADS__pagevies_count_7.2.2014.value", "1");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_DOWNLOADS__pagevies_count_8.2.2014.expiration", "Tue Mar 18 2014 05:00:00 GMT-030[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_DOWNLOADS__pagevies_count_8.2.2014.value", "1");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_DOWNLOADS__pagevies_count_9.2.2014.expiration", "Wed Mar 19 2014 05:00:00 GMT-030[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_DOWNLOADS__pagevies_count_9.2.2014.value", "1");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_DOWNLOADS__send_log_percent.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_DOWNLOADS__send_log_percent.value", "0.0005");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_DOWNLOADS__verions_data.expiration", "Mon Mar 10 2014 17:01:24 GMT-0300 (Hora ofi[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_DOWNLOADS__verions_data.value", "%7B%22global_rules_version%22%3A2%2C%22marketing[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_LITE__global_rules.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_LITE__global_rules.value", "%5B%7B%22rules%22%3A%7B%22delay_between_ads_in_second[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_LITE__global_rules_verion.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_LITE__global_rules_verion.value", "4");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_LITE__is_send_log.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial d[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_LITE__is_send_log.value", "false");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_LITE__marketing_rules.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_LITE__marketing_rules.value", "%7B%22rules%22%3A%5B%7B%22ad_type%22%3A%22siteunde[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_LITE__marketing_rules_verion.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_LITE__marketing_rules_verion.value", "12");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_LITE__pages_visited_count.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_LITE__pages_visited_count.value", "5");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_LITE__send_log_percent.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora ofic[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.__ICM_LITE__send_log_percent.value", "0.0005");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb._country_code_.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil)[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb._country_code_.value", "%22BR%22");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.cache/530e52021dc20843b1aa62957edeb9f8.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200"[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.cache/530e52021dc20843b1aa62957edeb9f8_expire.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.cache/530e52021dc20843b1aa62957edeb9f8_expire.value", "%221392515118004%22");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.cache/530e52021dc20843b1aa62957edeb9f8_version.expiration", "Fri Feb 01 2030 00:00:00 G[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.cache/530e52021dc20843b1aa62957edeb9f8_version.value", "%229693743641f428de58752a013757[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200"[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9.value", "%22function%20tcmMarkWindow%28a%29%7Bva[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9_expire.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9_expire.value", "%221392515117712%22");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9_version.expiration", "Fri Feb 01 2030 00:00:00 G[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9_version.value", "%22a64db70efdf0ace7131e2fcedb58[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil)");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%22059F0EA1[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.monetization_plugin_bundledUrls.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.monetization_plugin_bundledWithHash.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.monetization_plugin_bundledWithHash.value", "null");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.monetization_plugin_notBundledArr_.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.monetization_plugin_notBundledArr_.value", "%5B%5D");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.tcm2.aliveNotificationMarker.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.tcm2.aliveNotificationMarker.value", "%221%22");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.tcm2.aliveNotificationMarker_Expiration.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.tcm2.aliveNotificationMarker_Expiration.value", "%221392519600001%22");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.tcm2.globalDoubleImpressionProtection.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 ([...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.tcm2.globalDoubleImpressionProtection.value", "%221%22");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.tcm2.globalDoubleImpressionProtection_Expiration.expiration", "Fri Feb 01 2030 00:00:00[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.tcm2.globalDoubleImpressionProtection_Expiration.value", "%221391651912234%22");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.tcm2.initialDayDelayMarker.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.tcm2.initialDayDelayMarker.value", "%221%22");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.tcm2.initialDayDelayMarker_Expiration.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200")[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.tcm2.initialDayDelayMarker_Expiration.value", "%221392515301406%22");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.tcm2.openFirstTimeBrowserToday.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.tcm2.openFirstTimeBrowserToday.value", "%221%22");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.tcm2.openFirstTimeBrowserToday_Expiration.expiration", "Fri Feb 01 2030 00:00:00 GMT-02[...]
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.tcm2.openFirstTimeBrowserToday_Expiration.value", "%221392519600000%22");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.tcm2.quirksCount.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.tcm2.quirksCount.value", "%220%22");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.tcm2.quirksCount_Expiration.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.tcm2.quirksCount_Expiration.value", "%22%22");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.tcm2.version.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.tcm2.version.value", "%220.3%22");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.tcm2.version_Expiration.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.internaldb.tcm2.version_Expiration.value", "%221392519600001%22");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.lastDailyReport", "1394460073937");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.lastUpdate", "1394460070377");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.manifesturl", "");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.name", "Plus-HD-4.4");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.newtab", "");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.opensearch", "");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/39676/plugins/094/ff/plugins.json");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.pluginsversion", 90);
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.publisher", "Plus HD");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.searchstatus", 0);
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.setnewtab", false);
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.thankyou", "");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.updateinterval", 360);
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.39676.ver", 96);
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.FilesValidatorDueTime", "1394253952106");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.apps", "39676");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.bic", "1434e86bbbc8eaea26f2e97f36685c8f");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.cid", 39676);
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.firstrun", false);
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.hadappinstalled", true);
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.installationdate", 1390491620);
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.modetype", "production");
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.reportInstall", true);
Linha deletada : user_pref("extensions.a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676.statsDailyCounter", 18);
Linha deletada : user_pref("extensions.crossrider.bic", "1434e86bbbc8eaea26f2e97f36685c8f");

[ Arquivo : C:\Users\Lucineia\AppData\Roaming\Mozilla\Firefox\Profiles\g6dexgp3.default\prefs.js ]

Linha deletada : user_pref("browser.newtab.url", "hxxp://www.delta-homes.com/newtab/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=nt&from=newgdp&uid=HGSTXHTS545050A7E380_TE8521491R0L3C1R0L3CX&ts=1380236[...]
Linha deletada : user_pref("browser.search.defaultenginename", "delta-homes");
Linha deletada : user_pref("browser.search.selectedEngine", "delta-homes");
Linha deletada : user_pref("browser.startup.homepage", "hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=hp&from=newgdp&uid=HGSTXHTS545050A7E380_TE8521491R0L3C1R0L3CX&ts=13802360[...]

-\\ Google Chrome v33.0.1750.154

[ Arquivo : C:\Users\Ramos\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ Arquivo : C:\Users\Lucineia\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo : homepage
Deletedo : icon_url
Deletedo : search_url
Deletedo : keyword

*************************

AdwCleaner[R0].txt - [62747 octets] - [26/03/2014 13:27:10]
AdwCleaner[S0].txt - [58174 octets] - [26/03/2014 13:30:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [58235 octets] ##########

por **Power Max** Qua 26 Mar 2014, 13:45

Faça o download do Malwarebytes em um destes links abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para instalá-lo e executá-lo corretamente siga, por gentileza, as dicas desta postagem:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Na sua próxima resposta poste este log (relatório) do Malwarebytes.

Ficamos no aguardo.

por Ramos Qui 27 Mar 2014, 13:48

Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Scan Date: 26/03/2014
Scan Time: 21:27:05
Logfile:
Administrator: Yes

Version: 2.00.0.1000
Malware Database: v2014.03.26.06
Rootkit Database: v2014.03.25.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Ramos

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 304606
Time Elapsed: 1 hr, 12 min, 39 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 88
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\APPID\{A2D3FB7A-6873-45E8-AF96-57092D721828}, Quarantined, [3ca20ef96e0d1a1c440324e2669ce21e],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc, Quarantined, [3ca20ef96e0d1a1c440324e2669ce21e],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0, Quarantined, [3ca20ef96e0d1a1c440324e2669ce21e],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc, Quarantined, [3ca20ef96e0d1a1c440324e2669ce21e],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0, Quarantined, [3ca20ef96e0d1a1c440324e2669ce21e],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{A2D3FB7A-6873-45E8-AF96-57092D721828}, Quarantined, [3ca20ef96e0d1a1c440324e2669ce21e],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828}, Quarantined, [3ca20ef96e0d1a1c440324e2669ce21e],
PUP.Optional.LyricXeeker.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{17E58097-6CA5-448B-830F-2A19678248FB}, Quarantined, [ca1416f1bebd0d290b68e257907253ad],
PUP.Optional.LyricXeeker.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{BB705064-D600-4F0E-B5F1-868EFB973F5E}, Quarantined, [ca1416f1bebd0d290b68e257907253ad],
PUP.Optional.LyricXeeker.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{85DE85E5-D992-4276-9B06-60948364EA14}, Quarantined, [ca1416f1bebd0d290b68e257907253ad],
PUP.Optional.LyricXeeker.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{85DE85E5-D992-4276-9B06-60948364EA14}, Quarantined, [ca1416f1bebd0d290b68e257907253ad],
PUP.Optional.LyricXeeker.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{BB705064-D600-4F0E-B5F1-868EFB973F5E}, Quarantined, [ca1416f1bebd0d290b68e257907253ad],
PUP.Optional.LyricXeeker.A, HKU\S-1-5-21-895094562-4116992840-500756209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{17E58097-6CA5-448B-830F-2A19678248FB}, Quarantined, [ca1416f1bebd0d290b68e257907253ad],
PUP.Optional.WebConnect.A, HKU\S-1-5-21-895094562-4116992840-500756209-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{2316C625-B487-4410-A1A5-FF040B65245F}, Quarantined, [be2071962952b284820f7bbf55ad47b9],
PUP.Optional.WebConnect.A, HKU\S-1-5-21-895094562-4116992840-500756209-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{2316C625-B487-4410-A1A5-FF040B65245F}, Quarantined, [be2071962952b284820f7bbf55ad47b9],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLive.OneClickCtrl.9, Quarantined, [2eb00502017a270fba5b0187788b0af6],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachine, Quarantined, [16c8be4907746ec8df366f19ae558c74],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachine.1.0, Quarantined, [3ea0986f621925114ec73a4e52b1a858],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLive.Update3WebControl.3, Quarantined, [f5e98c7b83f8e056b5605830e91a59a7],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoCreateAsync, Quarantined, [d7078d7aa1da83b3ea2b97f16d9655ab],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoCreateAsync.1.0, Quarantined, [02dcf11638439f975eb79deb05fe827e],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreClass, Quarantined, [c31bc5420a71a78f997cfa8e966dc040],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreClass.1, Quarantined, [4a94a56236458ea8090cec9ced168977],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreMachineClass, Quarantined, [9846e126fe7d37ff8491e5a3847f7090],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreMachineClass.1, Quarantined, [06d87c8b1269b18521f434549c67d729],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachine, Quarantined, [647a0afd601b76c039dcd6b248bb8a76],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachine.1.0, Quarantined, [8d511bec5c1fe2542ee785036d96718f],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachine, Quarantined, [2db1f3143645ea4c4acb9deb21e2748c],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachine.1.0, Quarantined, [d10d9f68a3d855e175a0c8c082818878],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback, Quarantined, [914db15699e2f83e9580ddab33d021df],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback.1.0, Quarantined, [6a740dfaaad1092d789de0a86c9745bb],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.ProcessLauncher, Quarantined, [1dc1ff08cdae76c04ec7097ffc07ba46],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.ProcessLauncher.1.0, Quarantined, [22bc46c1ea91ad895eb7dcac897a9967],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService, Quarantined, [02dc897efb80c76f94813f49c83bdc24],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService.1.0, Quarantined, [706eea1dfe7ddc5ad93c4345996ad828],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachine, Quarantined, [dc02f80fe893181e0114c5c3699a768a],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachine.1.0, Quarantined, [d5099e69f58675c1e82df5937c87847c],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallback, Quarantined, [736b5aad9dde043231e48cfc2bd88779],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallback.1.0, Quarantined, [479707005f1cc07614015533976cbb45],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc, Quarantined, [a836ad5af7840135f22321671ce7758b],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc.1.0, Quarantined, [21bd28dfdd9ed85ecc49632523e02bd5],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\APPID\SaveSenseLive.exe, Quarantined, [7b634fb8eb901026cc48830536cd649c],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\SaveSense, Quarantined, [746a996e6c0fe3535ebb612720e39e62],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLive.OneClickCtrl.9, Quarantined, [fbe359ae5b20fc3a47ce97f1df248f71],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachine, Quarantined, [469862a5d9a2270f35e01f69ce35dc24],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachine.1.0, Quarantined, [fde110f7e19a6fc79c7964245fa4dd23],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLive.Update3WebControl.3, Quarantined, [af2fbe49245753e326ef117740c37f81],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoCreateAsync, Quarantined, [36a849be7efd1e1827ee23650df68779],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoCreateAsync.1.0, Quarantined, [69752fd8c8b3999d40d5fa8ef80be719],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreClass, Quarantined, [c31bf90ed3a893a3b065aade13f054ac],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreClass.1, Quarantined, [05d96b9cd3a83ef8997c2167c63ddb25],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreMachineClass, Quarantined, [9a440304d7a4092d31e4e6a2e61d45bb],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreMachineClass.1, Quarantined, [b42a0cfb265588ae5cb95a2e62a15ca4],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachine, Quarantined, [1ec01ee9f685989ea96cdcacf211ec14],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachine.1.0, Quarantined, [627cfd0aadce4beb32e390f81fe431cf],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachine, Quarantined, [cb13e720b5c685b1f22343454db6f907],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachine.1.0, Quarantined, [22bc5cabe69524127f96d1b7c83bb947],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback, Quarantined, [3f9f05022e4d81b5b0652d5b0ef537c9],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback.1.0, Quarantined, [4c9287803c3fb4829c797b0db44fe61a],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.ProcessLauncher, Quarantined, [34aaa562a1da31057e974444ff04d729],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.ProcessLauncher.1.0, Quarantined, [10ce9275cfac79bdad68bdcb39cac43c],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService, Quarantined, [5b83f2157efdc86e3bda1f6909fa53ad],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService.1.0, Quarantined, [ba2461a62c4f75c19f764d3b08fb8b75],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebMachine, Quarantined, [15c9cd3a6417f640d5406d1bd72c0af6],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebMachine.1.0, Quarantined, [c01e00073a41092d0312fe8ad1320af6],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallback, Quarantined, [12cc0dfab5c634027b9a98f0c24104fc],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallback.1.0, Quarantined, [b42a21e6304b6fc7977e12767c87a45c],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc, Quarantined, [c41a34d32556ae883bda3355d231817f],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc.1.0, Quarantined, [25b9ff08bbc04beb977ee4a41fe4f010],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\SaveSenseLive.exe, Quarantined, [9b43f017c8b395a1d63e4b3de61df60a],
PUP.Optional.DealPly.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DealPlyLive, Quarantined, [12ccf51266151b1bf38dc6b4e122ab55],
PUP.Optional.SaveSense.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SaveSenseLive, Quarantined, [ad31ef18b8c3fc3a3dda00886f94c53b],
PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-4.4, Quarantined, [f1ed9c6b3546d46205752d283dc524dc],
PUP.Optional.SaveSense.A, HKU\S-1-5-21-895094562-4116992840-500756209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SaveSense, Quarantined, [7a64ae59cab134024ec82365d52e8c74],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-895094562-4116992840-500756209-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr, Quarantined, [4d9159ae3f3cfd398d6483f50bf8748c],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-895094562-4116992840-500756209-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, Quarantined, [637bfc0b572483b3a24e80f89d6644bc],
PUP.Optional.DealPly.A, HKU\S-1-5-21-895094562-4116992840-500756209-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DealPlyLive, Quarantined, [b22c28df3f3cbb7bb0d04535ef147c84],
PUP.FunMoods, HKU\S-1-5-21-895094562-4116992840-500756209-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\funmoods, Quarantined, [f7e75bac5d1ed5611dc39eccfb077c84],
PUP.Optional.SaveSense.A, HKU\S-1-5-21-895094562-4116992840-500756209-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SaveSenseLive, Quarantined, [26b8f2152d4ef343b562008852b139c7],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-895094562-4116992840-500756209-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Quarantined, [27b7f314562539fd793b9af3a2616a96],
PUP.Optional.PlusHD.A, HKU\S-1-5-21-895094562-4116992840-500756209-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-4.4, Quarantined, [5b837e89de9d2e08e3979bba6a9849b7],
PUP.Optional.DealPly.A, HKU\S-1-5-21-895094562-4116992840-500756209-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DEALPLY, Quarantined, [dfff9275f08b1323493653277b8850b0],
PUP.Funmoods, HKU\S-1-5-21-895094562-4116992840-500756209-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\bbjciahceamgodcoidkjpchnokgfpphh, Quarantined, [b72782857407d75fbb9fb9b418ead828],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-895094562-4116992840-500756209-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Quarantined, [607e7d8a7ffc59dd0dc53b27b84aeb15],
PUP.FunMoods, HKU\S-1-5-21-895094562-4116992840-500756209-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\funmoods, Quarantined, [bf1fc93e91ea14220ad7b1b9f30fb749],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-895094562-4116992840-500756209-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [09d54eb9d4a7b18507116613778c669a],
PUP.Optional.Qone8, HKU\S-1-5-21-895094562-4116992840-500756209-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [c915986f0378c2744e9badd749ba9a66],
PUP.Optional.BProtector.A, HKU\S-1-5-21-895094562-4116992840-500756209-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\BPROTECTSETTINGS, Quarantined, [0cd27493e09b70c6ca841369cf34966a],

Registry Values: 3
PUP.Optional.DealPly.A, HKU\S-1-5-21-895094562-4116992840-500756209-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DEALPLY|Partner, iron, Quarantined, [dfff9275f08b1323493653277b8850b0]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-895094562-4116992840-500756209-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0M1S1H1K2U, Quarantined, [09d54eb9d4a7b18507116613778c669a]
PUP.BProtector, HKU\S-1-5-21-895094562-4116992840-500756209-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|bProtector Start Page, Quarantined, [ecf235d2f586ae88df1388f0c0436b95],

Registry Data: 1
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[845af21580fb2a0cb38f39cd9e6657a9]

Folders: 4
PUP.Optional.Conduit.A, C:\Users\Lucineia\AppData\Local\Temp\CT2851643, Quarantined, [05d965a24c2f0135ea9b8cc12ad8a957],
PUP.Optional.Conduit.A, C:\Users\Lucineia\AppData\Local\Temp\CT2851643\plugins, Quarantined, [05d965a24c2f0135ea9b8cc12ad8a957],
PUP.Optional.CrossRider.A, C:\Users\Lucineia\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka, Quarantined, [588602057209f343266166eb8b773ec2],
PUP.Optional.CrossRider.A, C:\Users\Ramos\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka, Quarantined, [20bea661c9b251e50c7bc48d8e7406fa],

Files: 12
PUP.Optional.InstallCore, C:\Users\Lucineia\AppData\Local\Temp\ICReinstall_steam-12-32-bits.exe, Quarantined, [b42a6a9d7704e452ec9b887560a01fe1],
PUP.Optional.Iminent.A, C:\Users\Lucineia\AppData\Local\Temp\IminentSetup.exe, Quarantined, [cf0f0ff8b3c839fd91f2e81bfb069868],
PUP.Optional.DealPly.A, C:\Users\Lucineia\AppData\Local\Temp\is701137889\dp.exe, Quarantined, [4f8f8483a8d371c5c7301a11e123a060],
PUP.Optional.NextLive.A, C:\Users\Ramos\AppData\Local\Temp\setupA9_.exe, Quarantined, [dfff9c6bd1aa171fc2f7ad9eb54c37c9],
Backdoor.ProRat, C:\Windows\SysWOW64\fservice.exe, Quarantined, [13cb38cf7b002d096b75525d7c868c74],
Trojan.Agent, C:\Windows\services.exe, Quarantined, [f9e59176681380b612dac205a65c6f91],
Backdoor.ProRat, C:\Windows\system\sservice.exe, Quarantined, [d707c047304bb77fef27f4d534ce1ce4],
PUP.Optional.SaveSense, C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job, Quarantined, [538be027d4a794a22da6ec9b08fbcc34],
PUP.Optional.Conduit.A, C:\Users\Lucineia\AppData\Local\Temp\CT2851643\CT2851643.txt, Quarantined, [05d965a24c2f0135ea9b8cc12ad8a957],
PUP.Optional.Conduit.A, C:\Users\Lucineia\AppData\Local\Temp\CT2851643\initData.json, Quarantined, [05d965a24c2f0135ea9b8cc12ad8a957],
PUP.Optional.Conduit.A, C:\Users\Lucineia\AppData\Local\Temp\CT2851643\manifest.json, Quarantined, [05d965a24c2f0135ea9b8cc12ad8a957],
PUP.Optional.Conduit.A, C:\Users\Lucineia\AppData\Local\Temp\CT2851643\plugins\TBVerifier.dll, Quarantined, [05d965a24c2f0135ea9b8cc12ad8a957],

Physical Sectors: 0
(No malicious items detected)

(end)

por **Power Max** Qui 27 Mar 2014, 14:31

Desative temporariamente seu antivírus para evitar conflitos.

Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

por Ramos Qui 27 Mar 2014, 22:23

Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by Ramos on 27/03/2014 at 21:21:12,01.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ramos\Desktop\zoek.exe [Scan all users] [Script inserted]

===== Runcheck 21:25:14,84 =====

--- Create Environment Variables 21:25:19,94
--- Create System Restore Point 21:25:53,43
--- Checking Input 21:26:54,76
--- Reset Hosts File 21:27:14,96
--- AU AppData Check 21:27:17,60
--- Remove From Windows Installer 21:27:43,41
--- IE Startpage Check 21:36:41,10
--- Program Files DB Check 21:39:03,89
--- C:\Users\Default\AppData\Roaming DB Check 21:41:56,74
--- C:\Users\Default User\AppData\Roaming DB Check 21:41:56,74
--- C:\Users\Lucineia\AppData\Roaming DB Check 21:41:56,74
--- C:\Users\Ramos\AppData\Roaming DB Check 21:41:56,74
--- C:\Users\USURIO~1\AppData\Roaming DB Check 21:41:56,74
--- C:\Windows\SysNative\config\systemprofile\AppData\Roaming DB Check 21:41:56,74
--- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming DB Check 21:41:56,74
--- C:\Windows\serviceprofiles\networkservice\AppData\Roaming DB Check 21:41:56,74
--- C:\Windows\serviceprofiles\Localservice\AppData\Roaming DB Check 21:41:56,74
--- C:\Users\Ramos DB Check 21:54:45,22
--- C:\PROGRA~3 DB Check 21:56:08,22
--- C:\Users\Default\AppData\Local DB Check 21:56:12,08
--- C:\Users\Default User\AppData\Local DB Check 21:56:12,08
--- C:\Users\Lucineia\AppData\Local DB Check 21:56:12,08
--- C:\Users\Ramos\AppData\Local DB Check 21:56:12,08
--- C:\Users\USURIO~1\AppData\Local DB Check 21:56:12,08
--- C:\Windows\SysNative\config\systemprofile\AppData\Local DB Check 21:56:12,08
--- C:\Windows\sysWoW64\config\systemprofile\AppData\Local DB Check 21:56:12,08
--- C:\Windows\serviceprofiles\networkservice\AppData\Local DB Check 21:56:12,08
--- C:\Windows\serviceprofiles\Localservice\AppData\Local DB Check 21:56:12,08
--- C:\ProgramData\Microsoft\Windows\Start Menu\Programs DB Check 22:02:04,29
--- C:\Users\Ramos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs DB Check 22:02:29,02
--- Tasks DB Check 22:02:42,60
--- Downloads DB Check 22:02:52,43
--- C:\Users\Lucineia\AppData\LocalLow DB Check 22:03:07,44
--- C:\Users\Ramos\AppData\LocalLow DB Check 22:03:07,44
--- C:\Windows\SysNative\config\systemprofile\AppData\LocalLow DB Check 22:03:07,44
--- C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow DB Check 22:03:07,44
--- C:\Windows\serviceprofiles\networkservice\AppData\LocalLow DB Check 22:03:07,44
--- C:\Windows\serviceprofiles\Localservice\AppData\LocalLow DB Check 22:03:07,44
--- Tasks2 DB Check 22:06:40,91
--- Documents DB Check 22:07:40,50
--- C:\Users\Lucineia\AppData\Roaming\Mozilla\Firefox\Profiles\g6dexgp3.default DB Check 22:07:57,08
--- C:\Users\Ramos\AppData\Roaming\Mozilla\Firefox\Profiles\ymgxrr49.default DB Check 22:07:57,08
--- C:\Users\Ramos\Desktop DB Check 22:08:16,12
--- Services DB Check 22:08:50,32
--- FF prefs.js DB Check 22:10:18,04

por **Power Max** Qui 27 Mar 2014, 23:03

Quando você postou esse relatório o Zoek ainda não tinha terminado a limpeza dele. Agora ele já deve ter terminado. Poste o relatório completo dele por gentileza.

por Ramos Sex 28 Mar 2014, 14:20

Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by Ramos on 28/03/2014 at 12:29:05,86.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ramos\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-03-28-002717.log 1295 bytes

==== System Restore Info ======================

28/03/2014 12:37:00 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Lucineia\AppData\Roaming\Mozilla\Firefox\Profiles\g6dexgp3.default\prefs.js:

Added to C:\Users\Lucineia\AppData\Roaming\Mozilla\Firefox\Profiles\g6dexgp3.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Ramos\AppData\Roaming\Mozilla\Firefox\Profiles\ymgxrr49.default\prefs.js:
user_pref("browser.startup.homepage", "http://find.localstrike.net/");
user_pref("browser.search.defaultenginename", "LocalStrike Search");
user_pref("browser.search.selectedEngine", "LocalStrike Search");
user_pref("keyword.URL", "http://find.localstrike.net/?q=");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Ramos\AppData\Roaming\Mozilla\Firefox\Profiles\ymgxrr49.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Lucineia\AppData\Roaming\Mozilla\Firefox\Profiles\g6dexgp3.default

user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 3);
---- FireFox user.js and prefs.js backups ----

prefs_032014_1342_.backup

ProfilePath: C:\Users\Ramos\AppData\Roaming\Mozilla\Firefox\Profiles\ymgxrr49.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_032014_1342_.backup

==== Deleting Files \ Folders ======================

C:\Users\Lucineia\daemonprocess.txt deleted
C:\Users\Ramos\daemonprocess.txt deleted
C:\Users\Ramos\.android deleted
C:\PROGRA~2\Internet Download Manager deleted
C:\PROGRA~2\COMMON~1\Wondershare deleted
C:\Users\Lucineia\AppData\Roaming\dll-files.com deleted
C:\Users\Ramos\AppData\Roaming\dll-files.com deleted
C:\Users\Ramos\AppData\Roaming\GetRightToGo deleted
C:\PROGRA~3\FileSplitUpLoad.dll deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Lucineia\AppData\Local\funmoods_2.3.1.crx deleted
C:\Users\Lucineia\AppData\Local\BIT9AD2.tmp deleted
C:\Users\Lucineia\AppData\Local\BIT9AF2.tmp deleted
C:\Users\Lucineia\AppData\Local\CRE deleted
C:\Users\Lucineia\AppData\Local\avgchrome deleted
C:\Users\Lucineia\AppData\Local\Wondershare deleted
C:\Users\Ramos\AppData\Local\BIT4271.tmp deleted
C:\Users\Ramos\AppData\Local\BIT4696.tmp deleted
C:\Users\Ramos\AppData\Local\avgchrome deleted
C:\Users\Ramos\AppData\Local\cache deleted
C:\Users\Ramos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fotos Slides Movie.vbe deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
C:\Users\Ramos\AppData\Roaming\Mozilla\Firefox\Profiles\ymgxrr49.default\jetpack deleted
C:\Users\Ramos\AppData\Roaming\unins000.exe deleted
C:\Users\Ramos\AppData\Roaming\unins001.exe deleted
C:\Users\Lucineia\AppData\Local\Temp\Fotos Slides Movie.vbe deleted
C:\Users\Ramos\AppData\Local\Temp\Fotos Slides Movie.vbe deleted
"C:\Users\Ramos\AppData\Local\{091FFBD4-A950-4F89-8781-1FC9589B487B}" deleted
"C:\Users\Ramos\AppData\Local\{37634623-66BC-4FC5-B014-AF2441BE6FD9}" deleted
"C:\Users\Ramos\AppData\Local\{6A5DE203-9CBE-4E83-8622-D35F2547B9CA}" deleted
"C:\Users\Ramos\AppData\Local\{98D60C30-967A-4C62-8B6D-8A09D7BCDB22}" deleted
"C:\Users\Ramos\AppData\Local\{FB66D666-81D0-4269-B86A-98642E198F37}" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"ytfmdownloader@gmail.com"="C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com" [04/09/2013 11:58]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{87F8774F-B485-47E2-A755-A40A8A5E886D}"="C:\Users\Ramos\AppData\Local\GAS Tecnologia\GBBD\cef\xpi" [01/01/2014 13:06]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Lucineia\AppData\Roaming\Mozilla\Firefox\Profiles\g6dexgp3.default
- avast WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF
- Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com
- Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
- Firefox Update Hotfix - %ProfilePath%\extensions\firefox-hotfix@mozilla.org.xpi

ProfilePath: C:\Users\Ramos\AppData\Roaming\Mozilla\Firefox\Profiles\ymgxrr49.default
- WebConnect - %ProfilePath%\extensions\firefox@webconnect.co
- NewTabURL - %ProfilePath%\extensions\newtaburl_local
- WebSite Recommendation - %ProfilePath%\extensions\WebSiteRecommendation@weliketheweb.com
- iMacros for Firefox - %ProfilePath%\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
- Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Ramos\AppData\Roaming\Mozilla\Firefox\Profiles\ymgxrr49.default
95812430959AE88CDD0301AB3A71913B - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll - Shockwave Flash
257E7BD1D90C987F5F2DDC1CCB185DC3 - C:\Users\Ramos\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll - Módulo de Proteção - Caixa Economica Federal
63EE2015B877A2E472CC59E05291AA39 - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMSS.dll - McAfee Security Scanner +
02266A21529DA473F2ADEA228E54D8C6 - C:\Users\Ramos\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll - Módulo de Proteção - Banco do Brasil
406106D91D3F86FD34EC194940855746 - C:\Users\Ramos\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll - Módulo de Proteção - Caixa Economica Federal

==== Deleted Firefox Extensions ======================

C:\Users\Ramos\AppData\Roaming\Mozilla\Firefox\Profiles\ymgxrr49.default\extensions\firefox@webconnect.co deleted
C:\Users\Ramos\AppData\Roaming\Mozilla\Firefox\Profiles\ymgxrr49.default\extensions\WebSiteRecommendation@weliketheweb.com deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bopakagnckmlgajfccecajhnimjiiedh - No path found[]
bpegkgagfojjbcpkihigfmkojdmmimdf - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx[16/08/2013 07:36]
ehgldbbpchgpcfagfpfjgoomddhccfgh - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx[16/08/2013 07:36]
ialdollnlgfogbjjlmjkdmjdmocdhfio - C:\Program Files (x86)\DealPly\DealPly.crx[]
icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[28/02/2013 05:33]
khcceooakamlehbimaepcldnnlnkcmfk - C:\Program Files (x86)\SaveSense\SaveSense.crx[]
odnofacmifkjndflfmmplhckcbfjckhj - C:\Program Files (x86)\LyriXeeker\125.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
nnjbodopomfddehlalfilheomcahbpei - C:\Users\Ramos\AppData\Local\GAS Tecnologia\GBBD\cef\sf.crx[01/01/2014 13:06]
pgacfjdigcddmmncljpflgcfpfahebkh - C:\Users\Ramos\AppData\Local\GAS Tecnologia\GBBD\bb\sf.crx[21/11/2012 15:32]

MSS+ Extension - Lucineia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Freemake Video Downloader - Lucineia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf
Freemake Youtube Download Button - Lucineia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh
avast WebRep - Lucineia\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
Google Wallet - Lucineia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
MSS+ Extension - Ramos\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Freemake Video Downloader - Ramos\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf
Tampermonkey - Ramos\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo
Freemake Youtube Download Button - Ramos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh
AdBlock - Ramos\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
avast WebRep - Ramos\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
Google Wallet - Ramos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
GBBD Caixa Economica Federal - Ramos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnjbodopomfddehlalfilheomcahbpei
GBBD Caixa Economica Federal - Ramos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi
GBBD Banco do Brasil - Ramos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgacfjdigcddmmncljpflgcfpfahebkh

==== Chrome Fix ======================

C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx deleted successfully
C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx deleted successfully
C:\Users\Lucineia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utorrent.softonic.com.br_0.localstorage deleted successfully
C:\Users\Lucineia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utorrent.softonic.com.br_0.localstorage-journal deleted successfully
C:\Users\Lucineia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.softonic.com.br_0.localstorage deleted successfully
C:\Users\Lucineia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.softonic.com.br_0.localstorage-journal deleted successfully
C:\Users\Lucineia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully
C:\Users\Ramos\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully
C:\Users\Lucineia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf deleted successfully
C:\Users\Ramos\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf deleted successfully
C:\Users\Lucineia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh deleted successfully
C:\Users\Ramos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://search.localstrike.net/"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://search.localstrike.net/"
"Default_Page_URL"="http://search.localstrike.net/"
"Start Page"="http://search.localstrike.net/"
"Search Page"="http://search.localstrike.net/"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://search.localstrike.net/"
"Default_Page_URL"="http://search.localstrike.net/"
"Start Page"="http://search.localstrike.net/"
"Search Page"="http://search.localstrike.net/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://search.localstrike.net"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://search.localstrike.net"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{33D59858-89D9-4AC2-A956-93875EB02323} LocalStrike Search Url="http://search.localstrike.net/?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Lucineia\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Ramos\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Lucineia\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Ramos\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-895094562-4116992840-500756209-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_USERS\S-1-5-21-895094562-4116992840-500756209-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully

==== Deleting CLSID Registry Values ======================

==== shortcuts on Users Desktops ======================

C:\Users\Lucineia\Desktop\Any Video Converter Ultimate.lnk - C:\Program Files (x86)\AnvSoft\Any Video Converter Ultimate\AVCUltimate.exe
C:\Users\Lucineia\Desktop\Condition Zero.lnk - C:\Valve\czero.exe
C:\Users\Lucineia\Desktop\Counter-Strike v1.6 - 21.lnk - C:\Program Files (x86)\Counter-Strike\hl.exe -game cstrike
C:\Users\Lucineia\Desktop\EVEREST Ultimate Edition.lnk - C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest.exe
C:\Users\Lucineia\Desktop\GTA San Andreas.lnk - C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exe
C:\Users\Lucineia\Desktop\Informax.lnk -
C:\Users\Lucineia\Desktop\MiPony.lnk - C:\Program Files (x86)\MiPony\MiPony.exe
C:\Users\Lucineia\Desktop\PhotoFiltre 7.lnk - C:\Program Files (x86)\PhotoFiltre 7\PhotoFiltre7.exe
C:\Users\Lucineia\Desktop\Servidor Counter Strike.lnk - C:\Valve\hlds.exe
C:\Users\Lucineia\Desktop\Ubisoft Product Registration.lnk - C:\Program Files (x86)\Ubisoft\Register\register.exe "C:\Program Files (x86)\Ubisoft\Crytek\Far Cry\Register\regsetup.exe"
C:\Users\Lucineia\Desktop\µTorrent.lnk -
C:\Users\Ramos\Desktop\eclipse - Atalho.lnk - D:\Programas\ProgramacaoAndroid\ProgramacaoAndroid\eclipse\eclipse.exe
C:\Users\Ramos\Desktop\Fraps.lnk - C:\Fraps\fraps.exe
C:\Users\Ramos\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Ramos\Desktop\GTA San Andreas.lnk - C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exe
C:\Users\Ramos\Desktop\SpyHunter.lnk - C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe
C:\Users\Ramos\Desktop\sXe Injected.lnk - C:\Program Files (x86)\sXe Injected\sXe Injected.exe
C:\Users\Ramos\Desktop\Vegas Pro 10.0.lnk - C:\Program Files\Sony\Vegas Pro 10.0\vegas100.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader X.lnk - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Apps.lnk - C:\Users\Public\Libraries\Apps.library-ms
C:\Users\Public\Desktop\Comprar suprimentos - HP Deskjet 2540 series.lnk - C:\Program Files\HP\HP Deskjet 2540 series\Bin\hpqDTSS.exe
C:\Users\Public\Desktop\Counter-Strike.lnk - C:\Counter-Strike\hl.exe -steam -game cstrike
C:\Users\Public\Desktop\Dll-Files Fixer.lnk - C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk - C:\Program Files (x86)\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
C:\Users\Public\Desktop\Garena Plus.lnk - C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
C:\Users\Public\Desktop\HP Deskjet 2540 series.lnk - C:\Program Files\HP\HP Deskjet 2540 series\Bin\HP Deskjet 2540 series.exe -Start UDCDevicePage
C:\Users\Public\Desktop\HP Photo Creations.lnk - C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Nero Home.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero Home\NeroHome.exe -ScParameter=8
C:\Users\Public\Desktop\Nero StartSmart.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8
C:\Users\Public\Desktop\Start BlueStacks.lnk - C:\Program Files (x86)\BlueStacks\HD-StartLauncher.exe
C:\Users\Public\Desktop\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Lucineia\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -
C:\Users\Lucineia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Lucineia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Lucineia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hao123-Brazil\Desinstalar hao123.lnk - C:\Users\Lucineia\AppData\Roaming\baidu\hao123-br\hao123.1.0.0.1108.exe -uninstall
C:\Users\Lucineia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hao123-Brazil\Hao123.lnk - C:\Users\Lucineia\AppData\Roaming\baidu\hao123-br\hao123.1.0.0.1108.exe
C:\Users\Ramos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Ramos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Ramos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ADDONS SITECS (NONSTEAM) + BOT\ADDONS SITECS (NONSTEAM) + BOT Uninstaller.lnk - C:\Windows\ADDONS SITECS (NONSTEAM) + BOT Uninstaller.exe
C:\Users\Ramos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ADDONS SITECS (NONSTEAM) + BOT\Editar Admins.lnk - C:\Program Files (x86)\valve\cstrike\addons\amxmodx\configs\users.ini
C:\Users\Ramos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ADDONS SITECS (NONSTEAM) + BOT\Editar Plugins.lnk - C:\Program Files (x86)\valve\cstrike\addons\amxmodx\configs\plugins.ini
C:\Users\Ramos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Need for Speed Underground 2™.lnk -
C:\Users\Ramos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\SpyHunter Emergency Startup.lnk - C:\Windows\explorer.exe "C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4.com"
C:\Users\Ramos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\SpyHunter.lnk - C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe
C:\Users\Ramos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\Uninstall SpyHunter.lnk - C:\Windows\SysWOW64\msiexec.exe /X {ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}
C:\Users\Ramos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\sXe Injected\sXe Injected.lnk - C:\Program Files (x86)\sXe Injected\sXe Injected.exe
C:\Users\Ramos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\sXe Injected\Uninstall.lnk - C:\Program Files (x86)\sXe Injected\uninstall.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk - C:\Program Files (x86)\Adobe\Adobe Device Central CS5\DeviceCentral.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.exe.lnk - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS5\Adobe Extension Manager CS5.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Fireworks CS5.lnk - C:\Program Files (x86)\Adobe\Adobe Fireworks CS5\Fireworks.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk - C:\Program Files (x86)\Adobe\Adobe Help\Adobe Help.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Media Player.lnk - C:\Program Files (x86)\Adobe Media Player\Adobe Media Player.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer\Desinstalar Dll-Files Fixer.lnk - C:\Program Files (x86)\Dll-Files.com Fixer\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer\Dll-Files Fixer.lnk - C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Nero Home.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero Home\NeroHome.exe -ScParameter=8
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Nero ProductSetup.lnk - C:\Program Files (x86)\Common Files\Ahead\Nero Web\SetupX.exe -ScParameter=8 MODE="update"
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Nero StartSmart.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Compartilhar\Nero MediaHome.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero MediaHome\NeroMediaHome.exe -ScParameter=8
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\dados\Nero BackItUp.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\BackItUp.exe -ScParameter=8
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\dados\Nero Burning ROM.lnk - C:\Program Files (x86)\Nero\Nero 7\Core\nero.exe -ScParameter=8
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\dados\Nero Express.lnk - C:\Program Files (x86)\Nero\Nero 7\Core\nero.exe -ScParameter=8 /w
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Etiquetas\Nero CoverDesigner.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero CoverDesigner\CoverDes.exe -ScParameter=8
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Ferramentas\Nero CD-DVD Speed.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero Toolkit\CDSpeed.exe -ScParameter=8
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Ferramentas\Nero DriveSpeed.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero Toolkit\DriveSpeed.exe -ScParameter=8
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Ferramentas\Nero InfoTool.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero Toolkit\InfoTool.exe -ScParameter=8
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Ferramentas\Nero Scout.lnk - C:\Program Files (x86)\Common Files\Ahead\Lib\NeroScoutOptions.exe -ScParameter=8
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Foto e Vídeo\Nero PhotoSnap Viewer.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Foto e Vídeo\Nero PhotoSnap.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Foto e Vídeo\Nero Recode.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Foto e Vídeo\Nero Vision.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero Adobe Premiere Plug-In [Inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero BackItUp [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero Burn Plug-in (for MCE) [Manual em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero CD-DVD Speed [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero CoverDesigner [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero Express [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero Home [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero MediaHome [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero MediaStreaming Plug-in (for MCE) [Manual em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero Mobile [Manual em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero PhotoSnap [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero Recode [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero ShowTime [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero SoundTrax [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero StartSmart [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero Vision [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero WaveEditor [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Tocar\Nero Mobile.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero Mobile\SetupNeroMobile.exe -ScParameter=8
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Tocar\Nero ShowTime.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero ShowTime\ShowTime.exe -ScParameter=8
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\áudio\Nero Burning ROM.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\áudio\Nero Express.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\áudio\Nero SoundTrax.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\áudio\Nero WaveEditor.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Lucineia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Lucineia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Hao123.lnk - C:\Users\Lucineia\AppData\Roaming\baidu\hao123-br\hao123.1.0.0.1108.exe
C:\Users\Lucineia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Lucineia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk - C:\Program Files (x86)\MiPony\MiPony.exe
C:\Users\Lucineia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Lucineia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Lucineia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\Lucineia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\Lucineia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.lnk - C:\Windows\system32\mspaint.exe
C:\Users\Lucineia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Lucineia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Lucineia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Lucineia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\Ramos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Dll-Files Fixer.lnk - C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
C:\Users\Ramos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Ramos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\hao123.lnk - C:\Users\Ramos\AppData\Roaming\Baidu\hao123-br\hao123.1.0.0.1101.exe
C:\Users\Ramos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Ramos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk - C:\Program Files (x86)\MiPony\MiPony.exe
C:\Users\Ramos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero Home.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero Home\NeroHome.exe -ScParameter=8
C:\Users\Ramos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8
C:\Users\Ramos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\Ramos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Ramos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Ramos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\Ramos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Condition Zero.lnk - C:\Valve\czero.exe
C:\Users\Ramos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Counter-Strike.lnk - C:\Counter-Strike\hl.exe -steam -game cstrike
C:\Users\Ramos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Magnify.lnk - C:\Windows\system32\magnify.exe
C:\Users\Ramos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Notepad.lnk - C:\Windows\system32\notepad.exe
C:\Users\Ramos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\Ramos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Ramos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Ramos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Ramos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\Ramos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\µTorrent.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_CURRENT_USER\Software\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ialdollnlgfogbjjlmjkdmjdmocdhfio deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\khcceooakamlehbimaepcldnnlnkcmfk deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\odnofacmifkjndflfmmplhckcbfjckhj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Lucineia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Lucineia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Ramos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ramos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Lucineia\AppData\Local\Mozilla\Firefox\Profiles\g6dexgp3.default\Cache will be emptied at reboot
C:\Users\Ramos\AppData\Local\Mozilla\Firefox\Profiles\ymgxrr49.default\Cache will be emptied at reboot

==== Empty Chrome Cache ======================

C:\Users\Lucineia\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Ramos\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=223 folders=108 72774586 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Lucineia\AppData\Local\Temp emptied successfully
C:\Users\Ramos\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Ramos\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 28/03/2014 at 14:16:40,71 ======================

por **Power Max** Sex 28 Mar 2014, 14:56

Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

por Ramos Sex 28 Mar 2014, 20:39

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Ultimate x64
Ran by Ramos on 28/03/2014 at 19:55:12,17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-895094562-4116992840-500756209-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu

~~~ Files

Successfully deleted: [File] "C:\Windows\Tasks\dll-files.com fixer_monthly.job"
Successfully deleted: [File] "C:\Windows\Tasks\dll-files.com fixer_updates.job"

~~~ Folders

Successfully deleted: [Folder] "C:\Users\Ramos\AppData\Roaming\dll-files.com"
Successfully deleted: [Folder] "C:\Program Files (x86)\dll-files.com fixer"

~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28/03/2014 at 20:33:28,28
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

por **Power Max** Sáb 29 Mar 2014, 10:27

Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.

|- Execute o ícone do pergaminho. ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

por **Power Max** Qui 17 Abr 2014, 09:45

TÓPICO ARQUIVADO

Como o autor não respondeu por mais de 15 dias, o tópico foi arquivado. Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.

por Conteúdo patrocinado

vírus: http://pthacker.no-ip.org:8080/is-ready

vírus: http://pthacker.no-ip.org:8080/is-ready

Re: vírus: http://pthacker.no-ip.org:8080/is-ready

vírus: http://pthacker.no-ip.org:8080/is-ready

Re: vírus: http://pthacker.no-ip.org:8080/is-ready

http://pthacker.no-ip.org:8080/is-ready.

Re: vírus: http://pthacker.no-ip.org:8080/is-ready

http://pthacker.no-ip.org:8080/is-ready.

Re: vírus: http://pthacker.no-ip.org:8080/is-ready

vírus: http://pthacker.no-ip.org:8080/is-ready.

Re: vírus: http://pthacker.no-ip.org:8080/is-ready

Re: vírus: http://pthacker.no-ip.org:8080/is-ready

Re: vírus: http://pthacker.no-ip.org:8080/is-ready

Re: vírus: http://pthacker.no-ip.org:8080/is-ready

Re: vírus: http://pthacker.no-ip.org:8080/is-ready

Seg	Ter	Qua	Qui	Sex	Sáb	Dom
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30