Flux 
Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 16 usuários online :: 0 registrados, 0 invisíveis e 16 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
| Power Max |
| |||
| joram |
| |||
| Wings [In Memoriam] |
| |||
| caedurodrigues |
| |||
| Amigo Brasileiro |
| |||
| luizvilarinho |
| |||
| Danii |
| |||
| Admin |
| |||
| Danilo Marsaro |
| |||
| Andreata |
|
Adwares com propagandas de jogos
2 participantes
Página 1 de 2
Página 1 de 2 • 1, 2 
Adwares com propagandas de jogos
por Renato L. Galeno Dom 06 Abr 2014, 18:44
Sempre que eu entro na internet aparece propagandas em demasia no meu computador, principalmente propaganda de jogos. Gostaria de me livrar desse vírus
Renato L. Galeno- Membro
- Mensagens : 57
Reputação : 1
Data de inscrição : 06/04/2014
Re: Adwares com propagandas de jogos
por Power Max Dom 06 Abr 2014, 19:22
Olá Renato.
Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt
Ficamos na espera.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Adwares com propagandas de jogos
por Renato L. Galeno Dom 06 Abr 2014, 21:16
power max aqui está:
# AdwCleaner v3.023 - Relatório criado 06/04/2014 às 20:05:21
# Atualizado 01/04/2014 por Xplode
# Sistema Operacional : Windows 7 Starter Service Pack 1 (32 bits)
# Usuário : Renato - RENATO-PC
# Executando de : C:\Users\Renato\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
Serviço Deletada : APNMCP
[#] Serviço Deletada : BackupStack
Serviço Deletada : ca82e1a5
Serviço Deletada : CltMngSvc
Serviço Deletada : IePluginService
Serviço Deletada : InstallBrainService
[#] Serviço Deletada : Update Webfuii
[#] Serviço Deletada : Util Webfuii
Serviço Deletada : VOsrv
Serviço Deletada : winzipersvc
Serviço Deletada : Wpm
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\AskPartnerNetwork
Pasta Deletada : C:\ProgramData\Babylon
Pasta Deletada : C:\ProgramData\Browser System Enahncer
Pasta Deletada : C:\ProgramData\clsoft ltd
Pasta Deletada : C:\ProgramData\IePluginService
Pasta Deletada : C:\ProgramData\InstallBrainService
Pasta Deletada : C:\ProgramData\MagniPic
# AdwCleaner v3.023 - Relatório criado 06/04/2014 às 20:05:21
# Atualizado 01/04/2014 por Xplode
# Sistema Operacional : Windows 7 Starter Service Pack 1 (32 bits)
# Usuário : Renato - RENATO-PC
# Executando de : C:\Users\Renato\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
Serviço Deletada : APNMCP
[#] Serviço Deletada : BackupStack
Serviço Deletada : ca82e1a5
Serviço Deletada : CltMngSvc
Serviço Deletada : IePluginService
Serviço Deletada : InstallBrainService
[#] Serviço Deletada : Update Webfuii
[#] Serviço Deletada : Util Webfuii
Serviço Deletada : VOsrv
Serviço Deletada : winzipersvc
Serviço Deletada : Wpm
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\AskPartnerNetwork
Pasta Deletada : C:\ProgramData\Babylon
Pasta Deletada : C:\ProgramData\Browser System Enahncer
Pasta Deletada : C:\ProgramData\clsoft ltd
Pasta Deletada : C:\ProgramData\IePluginService
Pasta Deletada : C:\ProgramData\InstallBrainService
Pasta Deletada : C:\ProgramData\MagniPic
Renato L. Galeno- Membro
- Mensagens : 57
Reputação : 1
Data de inscrição : 06/04/2014
Re: Adwares com propagandas de jogos
por Power Max Dom 06 Abr 2014, 21:25
O relatório ficou incompleto. Copie ele todo, por gentileza, e poste-o aqui.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Adwares com propagandas de jogos
por Renato L. Galeno Dom 06 Abr 2014, 21:28
# AdwCleaner v3.023 - Relatório criado 06/04/2014 às 20:05:21
# Atualizado 01/04/2014 por Xplode
# Sistema Operacional : Windows 7 Starter Service Pack 1 (32 bits)
# Usuário : Renato - RENATO-PC
# Executando de : C:\Users\Renato\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
Serviço Deletada : APNMCP
[#] Serviço Deletada : BackupStack
Serviço Deletada : ca82e1a5
Serviço Deletada : CltMngSvc
Serviço Deletada : IePluginService
Serviço Deletada : InstallBrainService
[#] Serviço Deletada : Update Webfuii
[#] Serviço Deletada : Util Webfuii
Serviço Deletada : VOsrv
Serviço Deletada : winzipersvc
Serviço Deletada : Wpm
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\AskPartnerNetwork
Pasta Deletada : C:\ProgramData\Babylon
Pasta Deletada : C:\ProgramData\Browser System Enahncer
Pasta Deletada : C:\ProgramData\clsoft ltd
Pasta Deletada : C:\ProgramData\IePluginService
Pasta Deletada : C:\ProgramData\InstallBrainService
Pasta Deletada : C:\ProgramData\MagniPic
# Atualizado 01/04/2014 por Xplode
# Sistema Operacional : Windows 7 Starter Service Pack 1 (32 bits)
# Usuário : Renato - RENATO-PC
# Executando de : C:\Users\Renato\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
Serviço Deletada : APNMCP
[#] Serviço Deletada : BackupStack
Serviço Deletada : ca82e1a5
Serviço Deletada : CltMngSvc
Serviço Deletada : IePluginService
Serviço Deletada : InstallBrainService
[#] Serviço Deletada : Update Webfuii
[#] Serviço Deletada : Util Webfuii
Serviço Deletada : VOsrv
Serviço Deletada : winzipersvc
Serviço Deletada : Wpm
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\AskPartnerNetwork
Pasta Deletada : C:\ProgramData\Babylon
Pasta Deletada : C:\ProgramData\Browser System Enahncer
Pasta Deletada : C:\ProgramData\clsoft ltd
Pasta Deletada : C:\ProgramData\IePluginService
Pasta Deletada : C:\ProgramData\InstallBrainService
Pasta Deletada : C:\ProgramData\MagniPic
Renato L. Galeno- Membro
- Mensagens : 57
Reputação : 1
Data de inscrição : 06/04/2014
Re: Adwares com propagandas de jogos
por Power Max Dom 06 Abr 2014, 21:36
Continua incompleto o log dele. Se só existir isto no relatório dele, pode ter havido algum problema na execução dele. Neste caso é só executá-lo novamente conforme mostra aquele tutorial que lhe passei e depois de executá-lo novamente poste o novo relatório dele aqui no seu tópico.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Adwares com propagandas de jogos
por Renato L. Galeno Dom 06 Abr 2014, 22:36
# AdwCleaner v3.023 - Relatório criado 06/04/2014 às 20:42:57
# Atualizado 01/04/2014 por Xplode
# Sistema Operacional : Windows 7 Starter Service Pack 1 (32 bits)
# Usuário : Renato - RENATO-PC
# Executando de : C:\Users\Renato\Downloads\AdwCleaner.exe
# Opção : Examinar
***** [ Serviços ] *****
Serviço Encontrado : Update Webfuii
Serviço Encontrado : Util Webfuii
***** [ Arquivos / Pastas ] *****
Arquivo Encontrado : C:\END
Arquivo Encontrado : C:\Program Files\Mozilla Firefox\user.js
Arquivo Encontrado : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
Arquivo Encontrado : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.speedanalysis.com_0.localstorage
Arquivo Encontrado : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.speedanalysis.com_0.localstorage-journal
Arquivo Encontrado : C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
Arquivo Encontrado : C:\windows\system32\roboot.exe
Arquivo Encontrado : C:\windows\System32\Tasks\AmiUpdXp
Arquivo Encontrado : C:\windows\System32\Tasks\PC Performer
Arquivo Encontrado : C:\windows\System32\Tasks\PC Performer_DEFAULT
Arquivo Encontrado : C:\windows\System32\Tasks\PC Performer_UPDATES
Arquivo Encontrado : C:\windows\System32\Tasks\RegClean Pro
Arquivo Encontrado : C:\windows\System32\Tasks\RegClean Pro_DEFAULT
Arquivo Encontrado : C:\windows\System32\Tasks\RegClean Pro_UPDATES
Arquivo Encontrado : C:\windows\System32\Tasks\SaveSense
Arquivo Encontrado : C:\windows\Tasks\AmiUpdXp.job
Arquivo Encontrado : C:\windows\Tasks\PC Performer_DEFAULT.job
Arquivo Encontrado : C:\windows\Tasks\PC Performer_UPDATES.job
Arquivo Encontrado : C:\windows\Tasks\Plus-HD-7.5-codedownloader.job
Arquivo Encontrado : C:\windows\Tasks\Plus-HD-7.5-enabler.job
Arquivo Encontrado : C:\windows\Tasks\Plus-HD-7.5-firefoxinstaller.job
Arquivo Encontrado : C:\windows\Tasks\Plus-HD-7.5-updater.job
Arquivo Encontrado : C:\windows\Tasks\RegClean Pro_DEFAULT.job
Arquivo Encontrado : C:\windows\Tasks\RegClean Pro_UPDATES.job
Arquivo Encontrado : C:\windows\Tasks\SaveSense.job
Pasta Encontrado : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Pasta Encontrado : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Pasta Encontrado : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Pasta Encontrado : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Pasta Encontrado C:\Program Files\AnyProtectEx
Pasta Encontrado C:\Program Files\AskPartnerNetwork
Pasta Encontrado C:\Program Files\BabylonToolbar
Pasta Encontrado C:\Program Files\fst_br_74
Pasta Encontrado C:\Program Files\Industriya
Pasta Encontrado C:\Program Files\MagniPic
Pasta Encontrado C:\Program Files\Minibar
Pasta Encontrado C:\Program Files\Mobogenie
Pasta Encontrado C:\Program Files\MyPC Backup
Pasta Encontrado C:\Program Files\Optimizer Pro
Pasta Encontrado C:\Program Files\PC Performer
Pasta Encontrado C:\Program Files\Plus-HD-7.5
Pasta Encontrado C:\Program Files\RegClean Pro
Pasta Encontrado C:\Program Files\SaveSenseLive
Pasta Encontrado C:\Program Files\Savings Sidekick
Pasta Encontrado C:\Program Files\SearchProtect
Pasta Encontrado C:\Program Files\SupTab
Pasta Encontrado C:\Program Files\VuuPC
Pasta Encontrado C:\Program Files\WinZipper
Pasta Encontrado C:\ProgramData\AlilCheaapPrice
Pasta Encontrado C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagniPic
Pasta Encontrado C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
Pasta Encontrado C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer
Pasta Encontrado C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Pasta Encontrado C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Pasta Encontrado C:\ProgramData\Premium
Pasta Encontrado C:\ProgramData\SaveSenseLive
Pasta Encontrado C:\ProgramData\TAkeThieaCoouupon
Pasta Encontrado C:\ProgramData\TAkeThieaCoouupon
Pasta Encontrado C:\ProgramData\TakoeToheCoupon
Pasta Encontrado C:\ProgramData\TakoeToheCoupon
Pasta Encontrado C:\ProgramData\tpeerFectcouppon
Pasta Encontrado C:\ProgramData\WPM
Pasta Encontrado C:\Users\Renato\AppData\Local\fst_br_74
Pasta Encontrado C:\Users\Renato\AppData\Local\genienext
Pasta Encontrado C:\Users\Renato\AppData\Local\Minibar
Pasta Encontrado C:\Users\Renato\AppData\Local\Mobogenie
Pasta Encontrado C:\Users\Renato\AppData\Local\SaveSense
Pasta Encontrado C:\Users\Renato\AppData\Local\SaveSenseLive
Pasta Encontrado C:\Users\Renato\AppData\Local\Savings Sidekick
Pasta Encontrado C:\Users\Renato\AppData\Local\SearchProtect
Pasta Encontrado C:\Users\Renato\AppData\Local\SwvUpdater
Pasta Encontrado C:\Users\Renato\AppData\Local\Temp\apn
Pasta Encontrado C:\Users\Renato\AppData\LocalLow\BabylonToolbar
Pasta Encontrado C:\Users\Renato\AppData\LocalLow\Industriya
Pasta Encontrado C:\Users\Renato\AppData\LocalLow\MagniPic
Pasta Encontrado C:\Users\Renato\AppData\LocalLow\Minibar
Pasta Encontrado C:\Users\Renato\AppData\Roaming\awesomehp
Pasta Encontrado C:\Users\Renato\AppData\Roaming\Babylon
Pasta Encontrado C:\Users\Renato\AppData\Roaming\BabylonToolbar
Pasta Encontrado C:\Users\Renato\AppData\Roaming\eType
Pasta Encontrado C:\Users\Renato\AppData\Roaming\Industriya
Pasta Encontrado C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Pasta Encontrado C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
Pasta Encontrado C:\Users\Renato\AppData\Roaming\newnext.me
Pasta Encontrado C:\Users\Renato\AppData\Roaming\Optimizer Pro
Pasta Encontrado C:\Users\Renato\AppData\Roaming\PerformerSoft
Pasta Encontrado C:\Users\Renato\AppData\Roaming\SaveSense
Pasta Encontrado C:\Users\Renato\AppData\Roaming\SupTab
Pasta Encontrado C:\Users\Renato\AppData\Roaming\Systweak
Pasta Encontrado C:\Users\Renato\AppData\Roaming\VOPackage
Pasta Encontrado C:\Users\Renato\AppData\Roaming\WinZipper
Pasta Encontrado C:\Users\Renato\Documents\Mobogenie
Pasta Encontrado C:\Users\Renato\Documents\Optimizer Pro
Pasta Encontrado C:\windows\system32\SearchProtect
***** [ Atalhos ] *****
Atalho Encontrado : C:\Users\Public\Desktop\Google Chrome.lnk ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )
Atalho Encontrado : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )
Atalho Encontrado : C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )
Atalho Encontrado : C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )
Atalho Encontrado : C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )
Atalho Encontrado : C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )
Atalho Encontrado : C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )
Atalho Encontrado : C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )
***** [ Registro ] *****
Chave Encontrada : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Encontrada : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Chave Encontrada : HKCU\Software\AppDataLow\Software\Crossrider
Chave Encontrada : HKCU\Software\AppDataLow\Software\Plus-HD-7.5
Chave Encontrada : HKCU\Software\AppDataLow\Software\Savings Sidekick
Chave Encontrada : HKCU\Software\AppDataLow\SProtector
Chave Encontrada : HKCU\Software\AskPartnerNetwork
Chave Encontrada : HKCU\Software\BabylonToolbar
Chave Encontrada : HKCU\Software\Cr_Installer
Chave Encontrada : HKCU\Software\DSNR Labs
Chave Encontrada : HKCU\Software\FreeSoftToday
Chave Encontrada : HKCU\Software\InstallCore
Chave Encontrada : HKCU\Software\installedbrowserextensions
Chave Encontrada : HKCU\Software\Microsoft\Babylon
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011501160}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E911B4F-CAAC-45B4-8E2D-4B79B2B92A07}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011501160}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Chave Encontrada : HKCU\Software\Minibar
Chave Encontrada : HKCU\Software\Optimizer Pro
Chave Encontrada : HKCU\Software\PerformerSoft
Chave Encontrada : HKCU\Software\PrivitizeVPNInstallDates
Chave Encontrada : HKCU\Software\SaveSenseLive
Chave Encontrada : HKCU\Software\StartSearch
Chave Encontrada : HKCU\Software\systweak
Chave Encontrada : HKCU\Software\Tutorials
Chave Encontrada : HKCU\Software\TutoTag
Chave Encontrada : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Encontrada : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Chave Encontrada : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Chave Encontrada : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Chave Encontrada : HKLM\Software\AskPartnerNetwork
Chave Encontrada : HKLM\Software\Babylon
Chave Encontrada : HKLM\Software\BabylonToolbar
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chave Encontrada : HKLM\SOFTWARE\Classes\b
Chave Encontrada : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Chave Encontrada : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Chave Encontrada : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Chave Encontrada : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Chave Encontrada : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Chave Encontrada : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110011501160}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022502260}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522072276}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{33333333-3333-3333-3333-330033503360}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{539F76FD-084E-4858-86D5-62F02F54AE86}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{60EACC1A-33FA-443D-9846-17B28E2C9BDB}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{B25AEDC4-8086-41E3-8349-328223FA9FCB}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO.1
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO.1
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0005060.FBApi
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0005060.FBApi.1
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox.1
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0050776.Sandbox
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0050776.Sandbox.1
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0051684.BHO
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0051684.BHO.1
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0051684.Sandbox
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0051684.Sandbox.1
Chave Encontrada : HKLM\SOFTWARE\Classes\escort.escortIEPane
Chave Encontrada : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Chave Encontrada : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Chave Encontrada : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Chave Encontrada : HKLM\Software\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
Chave Encontrada : HKLM\Software\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055505560}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077507760}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Chave Encontrada : HKLM\SOFTWARE\Classes\privitize.privitizeHlpr
Chave Encontrada : HKLM\SOFTWARE\Classes\privitize.privitizeHlpr.1
Chave Encontrada : HKLM\SOFTWARE\Classes\Prod.cap
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440044504460}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{F13D3582-1359-4F8F-9A48-EF3AE9F5701C}
Chave Encontrada : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Chave Encontrada : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Chave Encontrada : HKLM\Software\DealPlyLive
Chave Encontrada : HKLM\Software\delta-homesSoftware
Chave Encontrada : HKLM\Software\free_soft_to_day
Chave Encontrada : HKLM\SOFTWARE\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Chave Encontrada : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Chave Encontrada : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Chave Encontrada : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Chave Encontrada : HKLM\Software\hdcode
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{104c62f3-150a-4f57-b8fa-0ab699d7c49b}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{104c62f3-150a-4f57-b8fa-0ab699d7c49b}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73651c0a-ffba-4d12-83eb-ad5271e66ce0}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73651c0a-ffba-4d12-83eb-ad5271e66ce0}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\MagniPic_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\MagniPic_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasapi32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasmancs
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasapi32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasmancs
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\AmiUpdXp
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\PC Performer
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\PC Performer_DEFAULT
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\PC Performer_UPDATES
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Plus-HD-7.5-codedownloader
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Plus-HD-7.5-enabler
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Plus-HD-7.5-firefoxinstaller
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Plus-HD-7.5-updater
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\RegClean Pro
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\RegClean Pro_DEFAULT
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\RegClean Pro_UPDATES
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\SaveSense
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\SaveSenseLiveUpdateTaskMachineCore
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{005E3C0F-49F1-4F15-AB28-61453A8739CF}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D4D1384-746B-4829-A5EE-CA9DC00BBA91}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{240C04EB-6B54-4D49-B36A-F7B1BC13EF7E}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3650269B-48D4-4EB9-ACB3-38C234F27D96}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4892830A-F010-43DF-9A80-A9808DDC061D}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53CC6192-D038-415F-8A88-8C5661A4AF25}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AE64120-C942-4920-B205-0BE7FF61AFD4}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AE64120-C942-4920-B205-0BE7FF61AFD4}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F5C06C2-3237-4572-B0C4-67E9D8818825}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F5C06C2-3237-4572-B0C4-67E9D8818825}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95CC40B4-4A40-4E2A-B068-A4B6279A9C41}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95CC40B4-4A40-4E2A-B068-A4B6279A9C41}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A854003B-B933-4AD6-89A0-D7CF5A915052}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB7FE703-AA5C-4CFF-AE63-9B5F6B2BD663}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB7FE703-AA5C-4CFF-AE63-9B5F6B2BD663}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF173F2E-FF76-4C04-ACAA-8BCE01086864}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC0E4BE0-99A5-495D-8444-7F46020456D4}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF16A94F-24A8-458C-8DA3-83047F6A1795}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF16A94F-24A8-458C-8DA3-83047F6A1795}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fst_br_74_is1
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IePlugins
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Performer_is1
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-7.5
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Savings Sidekick
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\supTab
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Chave Encontrada : HKLM\Software\Minibar
Chave Encontrada : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=3
Chave Encontrada : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=9
Chave Encontrada : HKLM\Software\PerformerSoft
Chave Encontrada : HKLM\Software\Plus-HD-7.5
Chave Encontrada : HKLM\Software\SaveSenseLive
Chave Encontrada : HKLM\Software\SearchProtect
Chave Encontrada : HKLM\Software\SP Global
Chave Encontrada : HKLM\Software\SProtector
Chave Encontrada : HKLM\Software\supTab
Chave Encontrada : HKLM\Software\supWPM
Chave Encontrada : HKLM\Software\systweak
Chave Encontrada : HKLM\Software\Tutorials
Chave Encontrada : HKLM\Software\V9
Chave Encontrada : HKLM\Software\winzipersvc
Chave Encontrada : HKLM\Software\Wpm
Dados Encontrada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command [(Default)] - "C:\Program Files\Google\Chrome\Application\chrome.exe" [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Dados Encontrada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Valor Encontrada : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{539F76FD-084E-4858-86D5-62F02F54AE86}]
Valor Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Valor Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Valor Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Valor Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [fst_br_74]
Valor Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Valor Encontrada : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.16521
-\\ Google Chrome v31.0.1650.63
[ Arquivo : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Encontrada : homepage
Encontrada : search_url
Encontrada : keyword
Encontrada : urls_to_restore_on_startup
*************************
AdwCleaner[R1].txt - [31045 octets] - [06/04/2014 20:42:57]
AdwCleaner[S0].txt - [1076 octets] - [06/04/2014 20:05:21]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [31166 octets] ##########
# Atualizado 01/04/2014 por Xplode
# Sistema Operacional : Windows 7 Starter Service Pack 1 (32 bits)
# Usuário : Renato - RENATO-PC
# Executando de : C:\Users\Renato\Downloads\AdwCleaner.exe
# Opção : Examinar
***** [ Serviços ] *****
Serviço Encontrado : Update Webfuii
Serviço Encontrado : Util Webfuii
***** [ Arquivos / Pastas ] *****
Arquivo Encontrado : C:\END
Arquivo Encontrado : C:\Program Files\Mozilla Firefox\user.js
Arquivo Encontrado : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
Arquivo Encontrado : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.speedanalysis.com_0.localstorage
Arquivo Encontrado : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.speedanalysis.com_0.localstorage-journal
Arquivo Encontrado : C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
Arquivo Encontrado : C:\windows\system32\roboot.exe
Arquivo Encontrado : C:\windows\System32\Tasks\AmiUpdXp
Arquivo Encontrado : C:\windows\System32\Tasks\PC Performer
Arquivo Encontrado : C:\windows\System32\Tasks\PC Performer_DEFAULT
Arquivo Encontrado : C:\windows\System32\Tasks\PC Performer_UPDATES
Arquivo Encontrado : C:\windows\System32\Tasks\RegClean Pro
Arquivo Encontrado : C:\windows\System32\Tasks\RegClean Pro_DEFAULT
Arquivo Encontrado : C:\windows\System32\Tasks\RegClean Pro_UPDATES
Arquivo Encontrado : C:\windows\System32\Tasks\SaveSense
Arquivo Encontrado : C:\windows\Tasks\AmiUpdXp.job
Arquivo Encontrado : C:\windows\Tasks\PC Performer_DEFAULT.job
Arquivo Encontrado : C:\windows\Tasks\PC Performer_UPDATES.job
Arquivo Encontrado : C:\windows\Tasks\Plus-HD-7.5-codedownloader.job
Arquivo Encontrado : C:\windows\Tasks\Plus-HD-7.5-enabler.job
Arquivo Encontrado : C:\windows\Tasks\Plus-HD-7.5-firefoxinstaller.job
Arquivo Encontrado : C:\windows\Tasks\Plus-HD-7.5-updater.job
Arquivo Encontrado : C:\windows\Tasks\RegClean Pro_DEFAULT.job
Arquivo Encontrado : C:\windows\Tasks\RegClean Pro_UPDATES.job
Arquivo Encontrado : C:\windows\Tasks\SaveSense.job
Pasta Encontrado : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Pasta Encontrado : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Pasta Encontrado : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Pasta Encontrado : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Pasta Encontrado C:\Program Files\AnyProtectEx
Pasta Encontrado C:\Program Files\AskPartnerNetwork
Pasta Encontrado C:\Program Files\BabylonToolbar
Pasta Encontrado C:\Program Files\fst_br_74
Pasta Encontrado C:\Program Files\Industriya
Pasta Encontrado C:\Program Files\MagniPic
Pasta Encontrado C:\Program Files\Minibar
Pasta Encontrado C:\Program Files\Mobogenie
Pasta Encontrado C:\Program Files\MyPC Backup
Pasta Encontrado C:\Program Files\Optimizer Pro
Pasta Encontrado C:\Program Files\PC Performer
Pasta Encontrado C:\Program Files\Plus-HD-7.5
Pasta Encontrado C:\Program Files\RegClean Pro
Pasta Encontrado C:\Program Files\SaveSenseLive
Pasta Encontrado C:\Program Files\Savings Sidekick
Pasta Encontrado C:\Program Files\SearchProtect
Pasta Encontrado C:\Program Files\SupTab
Pasta Encontrado C:\Program Files\VuuPC
Pasta Encontrado C:\Program Files\WinZipper
Pasta Encontrado C:\ProgramData\AlilCheaapPrice
Pasta Encontrado C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagniPic
Pasta Encontrado C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
Pasta Encontrado C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer
Pasta Encontrado C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Pasta Encontrado C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Pasta Encontrado C:\ProgramData\Premium
Pasta Encontrado C:\ProgramData\SaveSenseLive
Pasta Encontrado C:\ProgramData\TAkeThieaCoouupon
Pasta Encontrado C:\ProgramData\TAkeThieaCoouupon
Pasta Encontrado C:\ProgramData\TakoeToheCoupon
Pasta Encontrado C:\ProgramData\TakoeToheCoupon
Pasta Encontrado C:\ProgramData\tpeerFectcouppon
Pasta Encontrado C:\ProgramData\WPM
Pasta Encontrado C:\Users\Renato\AppData\Local\fst_br_74
Pasta Encontrado C:\Users\Renato\AppData\Local\genienext
Pasta Encontrado C:\Users\Renato\AppData\Local\Minibar
Pasta Encontrado C:\Users\Renato\AppData\Local\Mobogenie
Pasta Encontrado C:\Users\Renato\AppData\Local\SaveSense
Pasta Encontrado C:\Users\Renato\AppData\Local\SaveSenseLive
Pasta Encontrado C:\Users\Renato\AppData\Local\Savings Sidekick
Pasta Encontrado C:\Users\Renato\AppData\Local\SearchProtect
Pasta Encontrado C:\Users\Renato\AppData\Local\SwvUpdater
Pasta Encontrado C:\Users\Renato\AppData\Local\Temp\apn
Pasta Encontrado C:\Users\Renato\AppData\LocalLow\BabylonToolbar
Pasta Encontrado C:\Users\Renato\AppData\LocalLow\Industriya
Pasta Encontrado C:\Users\Renato\AppData\LocalLow\MagniPic
Pasta Encontrado C:\Users\Renato\AppData\LocalLow\Minibar
Pasta Encontrado C:\Users\Renato\AppData\Roaming\awesomehp
Pasta Encontrado C:\Users\Renato\AppData\Roaming\Babylon
Pasta Encontrado C:\Users\Renato\AppData\Roaming\BabylonToolbar
Pasta Encontrado C:\Users\Renato\AppData\Roaming\eType
Pasta Encontrado C:\Users\Renato\AppData\Roaming\Industriya
Pasta Encontrado C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Pasta Encontrado C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
Pasta Encontrado C:\Users\Renato\AppData\Roaming\newnext.me
Pasta Encontrado C:\Users\Renato\AppData\Roaming\Optimizer Pro
Pasta Encontrado C:\Users\Renato\AppData\Roaming\PerformerSoft
Pasta Encontrado C:\Users\Renato\AppData\Roaming\SaveSense
Pasta Encontrado C:\Users\Renato\AppData\Roaming\SupTab
Pasta Encontrado C:\Users\Renato\AppData\Roaming\Systweak
Pasta Encontrado C:\Users\Renato\AppData\Roaming\VOPackage
Pasta Encontrado C:\Users\Renato\AppData\Roaming\WinZipper
Pasta Encontrado C:\Users\Renato\Documents\Mobogenie
Pasta Encontrado C:\Users\Renato\Documents\Optimizer Pro
Pasta Encontrado C:\windows\system32\SearchProtect
***** [ Atalhos ] *****
Atalho Encontrado : C:\Users\Public\Desktop\Google Chrome.lnk ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )
Atalho Encontrado : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )
Atalho Encontrado : C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )
Atalho Encontrado : C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )
Atalho Encontrado : C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )
Atalho Encontrado : C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )
Atalho Encontrado : C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )
Atalho Encontrado : C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )
***** [ Registro ] *****
Chave Encontrada : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Encontrada : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Chave Encontrada : HKCU\Software\AppDataLow\Software\Crossrider
Chave Encontrada : HKCU\Software\AppDataLow\Software\Plus-HD-7.5
Chave Encontrada : HKCU\Software\AppDataLow\Software\Savings Sidekick
Chave Encontrada : HKCU\Software\AppDataLow\SProtector
Chave Encontrada : HKCU\Software\AskPartnerNetwork
Chave Encontrada : HKCU\Software\BabylonToolbar
Chave Encontrada : HKCU\Software\Cr_Installer
Chave Encontrada : HKCU\Software\DSNR Labs
Chave Encontrada : HKCU\Software\FreeSoftToday
Chave Encontrada : HKCU\Software\InstallCore
Chave Encontrada : HKCU\Software\installedbrowserextensions
Chave Encontrada : HKCU\Software\Microsoft\Babylon
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011501160}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E911B4F-CAAC-45B4-8E2D-4B79B2B92A07}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011501160}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Chave Encontrada : HKCU\Software\Minibar
Chave Encontrada : HKCU\Software\Optimizer Pro
Chave Encontrada : HKCU\Software\PerformerSoft
Chave Encontrada : HKCU\Software\PrivitizeVPNInstallDates
Chave Encontrada : HKCU\Software\SaveSenseLive
Chave Encontrada : HKCU\Software\StartSearch
Chave Encontrada : HKCU\Software\systweak
Chave Encontrada : HKCU\Software\Tutorials
Chave Encontrada : HKCU\Software\TutoTag
Chave Encontrada : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Encontrada : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Chave Encontrada : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Chave Encontrada : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Chave Encontrada : HKLM\Software\AskPartnerNetwork
Chave Encontrada : HKLM\Software\Babylon
Chave Encontrada : HKLM\Software\BabylonToolbar
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chave Encontrada : HKLM\SOFTWARE\Classes\b
Chave Encontrada : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Chave Encontrada : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Chave Encontrada : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Chave Encontrada : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Chave Encontrada : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Chave Encontrada : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110011501160}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022502260}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522072276}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{33333333-3333-3333-3333-330033503360}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{539F76FD-084E-4858-86D5-62F02F54AE86}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{60EACC1A-33FA-443D-9846-17B28E2C9BDB}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{B25AEDC4-8086-41E3-8349-328223FA9FCB}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO.1
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO.1
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0005060.FBApi
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0005060.FBApi.1
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox.1
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0050776.Sandbox
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0050776.Sandbox.1
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0051684.BHO
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0051684.BHO.1
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0051684.Sandbox
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0051684.Sandbox.1
Chave Encontrada : HKLM\SOFTWARE\Classes\escort.escortIEPane
Chave Encontrada : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Chave Encontrada : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Chave Encontrada : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Chave Encontrada : HKLM\Software\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
Chave Encontrada : HKLM\Software\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055505560}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077507760}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Chave Encontrada : HKLM\SOFTWARE\Classes\privitize.privitizeHlpr
Chave Encontrada : HKLM\SOFTWARE\Classes\privitize.privitizeHlpr.1
Chave Encontrada : HKLM\SOFTWARE\Classes\Prod.cap
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440044504460}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{F13D3582-1359-4F8F-9A48-EF3AE9F5701C}
Chave Encontrada : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Chave Encontrada : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Chave Encontrada : HKLM\Software\DealPlyLive
Chave Encontrada : HKLM\Software\delta-homesSoftware
Chave Encontrada : HKLM\Software\free_soft_to_day
Chave Encontrada : HKLM\SOFTWARE\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Chave Encontrada : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Chave Encontrada : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Chave Encontrada : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Chave Encontrada : HKLM\Software\hdcode
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{104c62f3-150a-4f57-b8fa-0ab699d7c49b}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{104c62f3-150a-4f57-b8fa-0ab699d7c49b}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73651c0a-ffba-4d12-83eb-ad5271e66ce0}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73651c0a-ffba-4d12-83eb-ad5271e66ce0}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\MagniPic_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\MagniPic_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasapi32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasmancs
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasapi32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasmancs
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\AmiUpdXp
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\PC Performer
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\PC Performer_DEFAULT
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\PC Performer_UPDATES
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Plus-HD-7.5-codedownloader
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Plus-HD-7.5-enabler
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Plus-HD-7.5-firefoxinstaller
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Plus-HD-7.5-updater
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\RegClean Pro
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\RegClean Pro_DEFAULT
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\RegClean Pro_UPDATES
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\SaveSense
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\SaveSenseLiveUpdateTaskMachineCore
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{005E3C0F-49F1-4F15-AB28-61453A8739CF}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D4D1384-746B-4829-A5EE-CA9DC00BBA91}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{240C04EB-6B54-4D49-B36A-F7B1BC13EF7E}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3650269B-48D4-4EB9-ACB3-38C234F27D96}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4892830A-F010-43DF-9A80-A9808DDC061D}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53CC6192-D038-415F-8A88-8C5661A4AF25}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AE64120-C942-4920-B205-0BE7FF61AFD4}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AE64120-C942-4920-B205-0BE7FF61AFD4}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F5C06C2-3237-4572-B0C4-67E9D8818825}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F5C06C2-3237-4572-B0C4-67E9D8818825}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95CC40B4-4A40-4E2A-B068-A4B6279A9C41}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95CC40B4-4A40-4E2A-B068-A4B6279A9C41}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A854003B-B933-4AD6-89A0-D7CF5A915052}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB7FE703-AA5C-4CFF-AE63-9B5F6B2BD663}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB7FE703-AA5C-4CFF-AE63-9B5F6B2BD663}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF173F2E-FF76-4C04-ACAA-8BCE01086864}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC0E4BE0-99A5-495D-8444-7F46020456D4}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF16A94F-24A8-458C-8DA3-83047F6A1795}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF16A94F-24A8-458C-8DA3-83047F6A1795}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fst_br_74_is1
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IePlugins
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Performer_is1
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-7.5
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Savings Sidekick
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\supTab
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Chave Encontrada : HKLM\Software\Minibar
Chave Encontrada : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=3
Chave Encontrada : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=9
Chave Encontrada : HKLM\Software\PerformerSoft
Chave Encontrada : HKLM\Software\Plus-HD-7.5
Chave Encontrada : HKLM\Software\SaveSenseLive
Chave Encontrada : HKLM\Software\SearchProtect
Chave Encontrada : HKLM\Software\SP Global
Chave Encontrada : HKLM\Software\SProtector
Chave Encontrada : HKLM\Software\supTab
Chave Encontrada : HKLM\Software\supWPM
Chave Encontrada : HKLM\Software\systweak
Chave Encontrada : HKLM\Software\Tutorials
Chave Encontrada : HKLM\Software\V9
Chave Encontrada : HKLM\Software\winzipersvc
Chave Encontrada : HKLM\Software\Wpm
Dados Encontrada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command [(Default)] - "C:\Program Files\Google\Chrome\Application\chrome.exe" [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Dados Encontrada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Valor Encontrada : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{539F76FD-084E-4858-86D5-62F02F54AE86}]
Valor Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Valor Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Valor Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Valor Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [fst_br_74]
Valor Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Valor Encontrada : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.16521
-\\ Google Chrome v31.0.1650.63
[ Arquivo : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Encontrada : homepage
Encontrada : search_url
Encontrada : keyword
Encontrada : urls_to_restore_on_startup
*************************
AdwCleaner[R1].txt - [31045 octets] - [06/04/2014 20:42:57]
AdwCleaner[S0].txt - [1076 octets] - [06/04/2014 20:05:21]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [31166 octets] ##########
Renato L. Galeno- Membro
- Mensagens : 57
Reputação : 1
Data de inscrição : 06/04/2014
Re: Adwares com propagandas de jogos
por Power Max Dom 06 Abr 2014, 22:40
No seu relatório está constando que você só fez a função de examinar. Logo depois de examinar clique no botão Limpar para que os problemas sejam removidos. Depois disto poste o novo relatório que ele irá criar.# Opção : Examinar
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Adwares com propagandas de jogos
por Renato L. Galeno Dom 06 Abr 2014, 23:08
# AdwCleaner v3.023 - Relatório criado 06/04/2014 às 20:46:39
# Atualizado 01/04/2014 por Xplode
# Sistema Operacional : Windows 7 Starter Service Pack 1 (32 bits)
# Usuário : Renato - RENATO-PC
# Executando de : C:\Users\Renato\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\Premium
Pasta Deletada : C:\ProgramData\SaveSenseLive
Pasta Deletada : C:\ProgramData\WPM
Pasta Deletada : C:\ProgramData\AlilCheaapPrice
Pasta Deletada : C:\ProgramData\TAkeThieaCoouupon
Pasta Deletada : C:\ProgramData\TakoeToheCoupon
Pasta Deletada : C:\ProgramData\tpeerFectcouppon
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagniPic
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Pasta Deletada : C:\Program Files\AnyProtectEx
Pasta Deletada : C:\Program Files\AskPartnerNetwork
Pasta Deletada : C:\Program Files\BabylonToolbar
Pasta Deletada : C:\Program Files\Industriya
Pasta Deletada : C:\Program Files\MagniPic
Pasta Deletada : C:\Program Files\Minibar
Pasta Deletada : C:\Program Files\Mobogenie
Pasta Deletada : C:\Program Files\MyPC Backup
Pasta Deletada : C:\Program Files\Optimizer Pro
Pasta Deletada : C:\Program Files\PC Performer
Pasta Deletada : C:\Program Files\RegClean Pro
Pasta Deletada : C:\Program Files\SaveSenseLive
Pasta Deletada : C:\Program Files\Savings Sidekick
Pasta Deletada : C:\Program Files\SearchProtect
Pasta Deletada : C:\Program Files\SupTab
Pasta Deletada : C:\Program Files\VuuPC
Pasta Deletada : C:\Program Files\WinZipper
Pasta Deletada : C:\Program Files\Plus-HD-7.5
Pasta Deletada : C:\Program Files\fst_br_74
Pasta Deletada : C:\windows\system32\SearchProtect
Pasta Deletada : C:\Users\Renato\AppData\Local\genienext
Pasta Deletada : C:\Users\Renato\AppData\Local\Minibar
Pasta Deletada : C:\Users\Renato\AppData\Local\Mobogenie
Pasta Deletada : C:\Users\Renato\AppData\Local\SaveSense
Pasta Deletada : C:\Users\Renato\AppData\Local\SaveSenseLive
Pasta Deletada : C:\Users\Renato\AppData\Local\Savings Sidekick
Pasta Deletada : C:\Users\Renato\AppData\Local\SearchProtect
Pasta Deletada : C:\Users\Renato\AppData\Local\SwvUpdater
Pasta Deletada : C:\Users\Renato\AppData\Local\fst_br_74
Pasta Deletada : C:\Users\Renato\AppData\Local\Temp\apn
Pasta Deletada : C:\Users\Renato\AppData\LocalLow\BabylonToolbar
Pasta Deletada : C:\Users\Renato\AppData\LocalLow\Industriya
Pasta Deletada : C:\Users\Renato\AppData\LocalLow\MagniPic
Pasta Deletada : C:\Users\Renato\AppData\LocalLow\Minibar
Pasta Deletada : C:\Users\Renato\AppData\Roaming\awesomehp
Pasta Deletada : C:\Users\Renato\AppData\Roaming\Babylon
Pasta Deletada : C:\Users\Renato\AppData\Roaming\BabylonToolbar
Pasta Deletada : C:\Users\Renato\AppData\Roaming\eType
Pasta Deletada : C:\Users\Renato\AppData\Roaming\Industriya
Pasta Deletada : C:\Users\Renato\AppData\Roaming\newnext.me
Pasta Deletada : C:\Users\Renato\AppData\Roaming\Optimizer Pro
Pasta Deletada : C:\Users\Renato\AppData\Roaming\PerformerSoft
Pasta Deletada : C:\Users\Renato\AppData\Roaming\SaveSense
Pasta Deletada : C:\Users\Renato\AppData\Roaming\SupTab
Pasta Deletada : C:\Users\Renato\AppData\Roaming\Systweak
Pasta Deletada : C:\Users\Renato\AppData\Roaming\VOPackage
Pasta Deletada : C:\Users\Renato\AppData\Roaming\WinZipper
Pasta Deletada : C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Pasta Deletada : C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
Pasta Deletada : C:\Users\Renato\Documents\Mobogenie
Pasta Deletada : C:\Users\Renato\Documents\Optimizer Pro
Pasta Deletada : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Pasta Deletada : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Pasta Deletada : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Pasta Deletada : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Arquivo Deletada : C:\END
Arquivo Deletada : C:\windows\system32\roboot.exe
Arquivo Deletada : C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
Arquivo Deletada : C:\Program Files\Mozilla Firefox\user.js
Arquivo Deletada : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
Arquivo Deletada : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.speedanalysis.com_0.localstorage
Arquivo Deletada : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.speedanalysis.com_0.localstorage-journal
Arquivo Deletada : C:\windows\Tasks\AmiUpdXp.job
Arquivo Deletada : C:\windows\System32\Tasks\AmiUpdXp
Arquivo Deletada : C:\windows\System32\Tasks\PC Performer
Arquivo Deletada : C:\windows\Tasks\PC Performer_DEFAULT.job
Arquivo Deletada : C:\windows\System32\Tasks\PC Performer_DEFAULT
Arquivo Deletada : C:\windows\Tasks\PC Performer_UPDATES.job
Arquivo Deletada : C:\windows\System32\Tasks\PC Performer_UPDATES
Arquivo Deletada : C:\windows\System32\Tasks\RegClean Pro
Arquivo Deletada : C:\windows\Tasks\RegClean Pro_DEFAULT.job
Arquivo Deletada : C:\windows\System32\Tasks\RegClean Pro_DEFAULT
Arquivo Deletada : C:\windows\Tasks\RegClean Pro_UPDATES.job
Arquivo Deletada : C:\windows\System32\Tasks\RegClean Pro_UPDATES
Arquivo Deletada : C:\windows\Tasks\SaveSense.job
Arquivo Deletada : C:\windows\System32\Tasks\SaveSense
Arquivo Deletada : C:\windows\Tasks\Plus-HD-7.5-codedownloader.job
Arquivo Deletada : C:\windows\Tasks\Plus-HD-7.5-enabler.job
Arquivo Deletada : C:\windows\Tasks\Plus-HD-7.5-firefoxinstaller.job
Arquivo Deletada : C:\windows\Tasks\Plus-HD-7.5-updater.job
***** [ Atalhos ] *****
Atalho Desinfectada : C:\Users\Public\Desktop\Google Chrome.lnk
Atalho Desinfectada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Atalho Desinfectada : C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Atalho Desinfectada : C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Atalho Desinfectada : C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Atalho Desinfectada : C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Atalho Desinfectada : C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Atalho Desinfectada : C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
***** [ Registro ] *****
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4892830A-F010-43DF-9A80-A9808DDC061D}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4892830A-F010-43DF-9A80-A9808DDC061D}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{005E3C0F-49F1-4F15-AB28-61453A8739CF}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{005E3C0F-49F1-4F15-AB28-61453A8739CF}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95CC40B4-4A40-4E2A-B068-A4B6279A9C41}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF16A94F-24A8-458C-8DA3-83047F6A1795}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{95CC40B4-4A40-4E2A-B068-A4B6279A9C41}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FF16A94F-24A8-458C-8DA3-83047F6A1795}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{240C04EB-6B54-4D49-B36A-F7B1BC13EF7E}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{240C04EB-6B54-4D49-B36A-F7B1BC13EF7E}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AE64120-C942-4920-B205-0BE7FF61AFD4}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB7FE703-AA5C-4CFF-AE63-9B5F6B2BD663}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6AE64120-C942-4920-B205-0BE7FF61AFD4}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB7FE703-AA5C-4CFF-AE63-9B5F6B2BD663}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3650269B-48D4-4EB9-ACB3-38C234F27D96}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3650269B-48D4-4EB9-ACB3-38C234F27D96}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F5C06C2-3237-4572-B0C4-67E9D8818825}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A854003B-B933-4AD6-89A0-D7CF5A915052}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7F5C06C2-3237-4572-B0C4-67E9D8818825}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EC0E4BE0-99A5-495D-8444-7F46020456D4}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC0E4BE0-99A5-495D-8444-7F46020456D4}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0D4D1384-746B-4829-A5EE-CA9DC00BBA91}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D4D1384-746B-4829-A5EE-CA9DC00BBA91}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BF173F2E-FF76-4C04-ACAA-8BCE01086864}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF173F2E-FF76-4C04-ACAA-8BCE01086864}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{53CC6192-D038-415F-8A88-8C5661A4AF25}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53CC6192-D038-415F-8A88-8C5661A4AF25}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chave Deletedo : HKLM\SOFTWARE\Classes\b
Chave Deletedo : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Chave Deletedo : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\escort.escortIEPane
Chave Deletedo : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Chave Deletedo : HKLM\SOFTWARE\Classes\privitize.privitizeHlpr
Chave Deletedo : HKLM\SOFTWARE\Classes\privitize.privitizeHlpr.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Chave Deletedo : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MagniPic_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MagniPic_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=3
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=9
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [fst_br_74]
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0005060.FBApi
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0005060.FBApi.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0050776.Sandbox
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0050776.Sandbox.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0051684.BHO
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0051684.BHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0051684.Sandbox
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0051684.Sandbox.1
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{539F76FD-084E-4858-86D5-62F02F54AE86}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{60EACC1A-33FA-443D-9846-17B28E2C9BDB}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B25AEDC4-8086-41E3-8349-328223FA9FCB}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110011501160}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022502260}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522072276}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{33333333-3333-3333-3333-330033503360}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055505560}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077507760}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{F13D3582-1359-4F8F-9A48-EF3AE9F5701C}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440044504460}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011501160}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E911B4F-CAAC-45B4-8E2D-4B79B2B92A07}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011501160}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{104c62f3-150a-4f57-b8fa-0ab699d7c49b}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73651c0a-ffba-4d12-83eb-ad5271e66ce0}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{539F76FD-084E-4858-86D5-62F02F54AE86}]
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Valor Deletedo : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]
Chave Deletedo : HKCU\Software\AskPartnerNetwork
Chave Deletedo : HKCU\Software\BabylonToolbar
Chave Deletedo : HKCU\Software\Cr_Installer
Chave Deletedo : HKCU\Software\DSNR Labs
Chave Deletedo : HKCU\Software\FreeSoftToday
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\installedbrowserextensions
Chave Deletedo : HKCU\Software\Microsoft\Babylon
Chave Deletedo : HKCU\Software\Minibar
Chave Deletedo : HKCU\Software\Optimizer Pro
Chave Deletedo : HKCU\Software\PerformerSoft
Chave Deletedo : HKCU\Software\PrivitizeVPNInstallDates
Chave Deletedo : HKCU\Software\SaveSenseLive
Chave Deletedo : HKCU\Software\StartSearch
Chave Deletedo : HKCU\Software\systweak
Chave Deletedo : HKCU\Software\Tutorials
Chave Deletedo : HKCU\Software\TutoTag
Chave Deletedo : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Deletedo : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Chave Deletedo : HKCU\Software\AppDataLow\SProtector
Chave Deletedo : HKCU\Software\AppDataLow\Software\Crossrider
Chave Deletedo : HKCU\Software\AppDataLow\Software\Savings Sidekick
Chave Deletedo : HKCU\Software\AppDataLow\Software\Plus-HD-7.5
Chave Deletedo : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Deletedo : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Chave Deletedo : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Chave Deletedo : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Chave Deletedo : HKLM\Software\AskPartnerNetwork
Chave Deletedo : HKLM\Software\Babylon
Chave Deletedo : HKLM\Software\BabylonToolbar
Chave Deletedo : HKLM\Software\DealPlyLive
Chave Deletedo : HKLM\Software\delta-homesSoftware
Chave Deletedo : HKLM\Software\free_soft_to_day
Chave Deletedo : HKLM\Software\hdcode
Chave Deletedo : HKLM\Software\Minibar
Chave Deletedo : HKLM\Software\PerformerSoft
Chave Deletedo : HKLM\Software\SaveSenseLive
Chave Deletedo : HKLM\Software\SearchProtect
Chave Deletedo : HKLM\Software\SP Global
Chave Deletedo : HKLM\Software\SProtector
Chave Deletedo : HKLM\Software\supTab
Chave Deletedo : HKLM\Software\supWPM
Chave Deletedo : HKLM\Software\systweak
Chave Deletedo : HKLM\Software\Tutorials
Chave Deletedo : HKLM\Software\V9
Chave Deletedo : HKLM\Software\winzipersvc
Chave Deletedo : HKLM\Software\Wpm
Chave Deletedo : HKLM\Software\Plus-HD-7.5
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IePlugins
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Performer_is1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Savings Sidekick
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\supTab
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-7.5
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fst_br_74_is1
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193
Chave Deletedo : HKLM\Software\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
Chave Deletedo : HKLM\Software\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.16521
-\\ Google Chrome v31.0.1650.63
[ Arquivo : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deletedo : homepage
Deletedo : search_url
Deletedo : keyword
Deletedo : urls_to_restore_on_startup
*************************
AdwCleaner[R1].txt - [31247 octets] - [06/04/2014 20:42:57]
AdwCleaner[S0].txt - [1076 octets] - [06/04/2014 20:05:21]
AdwCleaner[S1].txt - [28597 octets] - [06/04/2014 20:46:39]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [28658 octets] ##########
# Atualizado 01/04/2014 por Xplode
# Sistema Operacional : Windows 7 Starter Service Pack 1 (32 bits)
# Usuário : Renato - RENATO-PC
# Executando de : C:\Users\Renato\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\Premium
Pasta Deletada : C:\ProgramData\SaveSenseLive
Pasta Deletada : C:\ProgramData\WPM
Pasta Deletada : C:\ProgramData\AlilCheaapPrice
Pasta Deletada : C:\ProgramData\TAkeThieaCoouupon
Pasta Deletada : C:\ProgramData\TakoeToheCoupon
Pasta Deletada : C:\ProgramData\tpeerFectcouppon
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagniPic
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Pasta Deletada : C:\Program Files\AnyProtectEx
Pasta Deletada : C:\Program Files\AskPartnerNetwork
Pasta Deletada : C:\Program Files\BabylonToolbar
Pasta Deletada : C:\Program Files\Industriya
Pasta Deletada : C:\Program Files\MagniPic
Pasta Deletada : C:\Program Files\Minibar
Pasta Deletada : C:\Program Files\Mobogenie
Pasta Deletada : C:\Program Files\MyPC Backup
Pasta Deletada : C:\Program Files\Optimizer Pro
Pasta Deletada : C:\Program Files\PC Performer
Pasta Deletada : C:\Program Files\RegClean Pro
Pasta Deletada : C:\Program Files\SaveSenseLive
Pasta Deletada : C:\Program Files\Savings Sidekick
Pasta Deletada : C:\Program Files\SearchProtect
Pasta Deletada : C:\Program Files\SupTab
Pasta Deletada : C:\Program Files\VuuPC
Pasta Deletada : C:\Program Files\WinZipper
Pasta Deletada : C:\Program Files\Plus-HD-7.5
Pasta Deletada : C:\Program Files\fst_br_74
Pasta Deletada : C:\windows\system32\SearchProtect
Pasta Deletada : C:\Users\Renato\AppData\Local\genienext
Pasta Deletada : C:\Users\Renato\AppData\Local\Minibar
Pasta Deletada : C:\Users\Renato\AppData\Local\Mobogenie
Pasta Deletada : C:\Users\Renato\AppData\Local\SaveSense
Pasta Deletada : C:\Users\Renato\AppData\Local\SaveSenseLive
Pasta Deletada : C:\Users\Renato\AppData\Local\Savings Sidekick
Pasta Deletada : C:\Users\Renato\AppData\Local\SearchProtect
Pasta Deletada : C:\Users\Renato\AppData\Local\SwvUpdater
Pasta Deletada : C:\Users\Renato\AppData\Local\fst_br_74
Pasta Deletada : C:\Users\Renato\AppData\Local\Temp\apn
Pasta Deletada : C:\Users\Renato\AppData\LocalLow\BabylonToolbar
Pasta Deletada : C:\Users\Renato\AppData\LocalLow\Industriya
Pasta Deletada : C:\Users\Renato\AppData\LocalLow\MagniPic
Pasta Deletada : C:\Users\Renato\AppData\LocalLow\Minibar
Pasta Deletada : C:\Users\Renato\AppData\Roaming\awesomehp
Pasta Deletada : C:\Users\Renato\AppData\Roaming\Babylon
Pasta Deletada : C:\Users\Renato\AppData\Roaming\BabylonToolbar
Pasta Deletada : C:\Users\Renato\AppData\Roaming\eType
Pasta Deletada : C:\Users\Renato\AppData\Roaming\Industriya
Pasta Deletada : C:\Users\Renato\AppData\Roaming\newnext.me
Pasta Deletada : C:\Users\Renato\AppData\Roaming\Optimizer Pro
Pasta Deletada : C:\Users\Renato\AppData\Roaming\PerformerSoft
Pasta Deletada : C:\Users\Renato\AppData\Roaming\SaveSense
Pasta Deletada : C:\Users\Renato\AppData\Roaming\SupTab
Pasta Deletada : C:\Users\Renato\AppData\Roaming\Systweak
Pasta Deletada : C:\Users\Renato\AppData\Roaming\VOPackage
Pasta Deletada : C:\Users\Renato\AppData\Roaming\WinZipper
Pasta Deletada : C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Pasta Deletada : C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
Pasta Deletada : C:\Users\Renato\Documents\Mobogenie
Pasta Deletada : C:\Users\Renato\Documents\Optimizer Pro
Pasta Deletada : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Pasta Deletada : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Pasta Deletada : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Pasta Deletada : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Arquivo Deletada : C:\END
Arquivo Deletada : C:\windows\system32\roboot.exe
Arquivo Deletada : C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
Arquivo Deletada : C:\Program Files\Mozilla Firefox\user.js
Arquivo Deletada : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
Arquivo Deletada : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.speedanalysis.com_0.localstorage
Arquivo Deletada : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.speedanalysis.com_0.localstorage-journal
Arquivo Deletada : C:\windows\Tasks\AmiUpdXp.job
Arquivo Deletada : C:\windows\System32\Tasks\AmiUpdXp
Arquivo Deletada : C:\windows\System32\Tasks\PC Performer
Arquivo Deletada : C:\windows\Tasks\PC Performer_DEFAULT.job
Arquivo Deletada : C:\windows\System32\Tasks\PC Performer_DEFAULT
Arquivo Deletada : C:\windows\Tasks\PC Performer_UPDATES.job
Arquivo Deletada : C:\windows\System32\Tasks\PC Performer_UPDATES
Arquivo Deletada : C:\windows\System32\Tasks\RegClean Pro
Arquivo Deletada : C:\windows\Tasks\RegClean Pro_DEFAULT.job
Arquivo Deletada : C:\windows\System32\Tasks\RegClean Pro_DEFAULT
Arquivo Deletada : C:\windows\Tasks\RegClean Pro_UPDATES.job
Arquivo Deletada : C:\windows\System32\Tasks\RegClean Pro_UPDATES
Arquivo Deletada : C:\windows\Tasks\SaveSense.job
Arquivo Deletada : C:\windows\System32\Tasks\SaveSense
Arquivo Deletada : C:\windows\Tasks\Plus-HD-7.5-codedownloader.job
Arquivo Deletada : C:\windows\Tasks\Plus-HD-7.5-enabler.job
Arquivo Deletada : C:\windows\Tasks\Plus-HD-7.5-firefoxinstaller.job
Arquivo Deletada : C:\windows\Tasks\Plus-HD-7.5-updater.job
***** [ Atalhos ] *****
Atalho Desinfectada : C:\Users\Public\Desktop\Google Chrome.lnk
Atalho Desinfectada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Atalho Desinfectada : C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Atalho Desinfectada : C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Atalho Desinfectada : C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Atalho Desinfectada : C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Atalho Desinfectada : C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Atalho Desinfectada : C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
***** [ Registro ] *****
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4892830A-F010-43DF-9A80-A9808DDC061D}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4892830A-F010-43DF-9A80-A9808DDC061D}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{005E3C0F-49F1-4F15-AB28-61453A8739CF}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{005E3C0F-49F1-4F15-AB28-61453A8739CF}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95CC40B4-4A40-4E2A-B068-A4B6279A9C41}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF16A94F-24A8-458C-8DA3-83047F6A1795}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{95CC40B4-4A40-4E2A-B068-A4B6279A9C41}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FF16A94F-24A8-458C-8DA3-83047F6A1795}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{240C04EB-6B54-4D49-B36A-F7B1BC13EF7E}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{240C04EB-6B54-4D49-B36A-F7B1BC13EF7E}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AE64120-C942-4920-B205-0BE7FF61AFD4}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB7FE703-AA5C-4CFF-AE63-9B5F6B2BD663}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6AE64120-C942-4920-B205-0BE7FF61AFD4}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB7FE703-AA5C-4CFF-AE63-9B5F6B2BD663}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3650269B-48D4-4EB9-ACB3-38C234F27D96}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3650269B-48D4-4EB9-ACB3-38C234F27D96}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F5C06C2-3237-4572-B0C4-67E9D8818825}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A854003B-B933-4AD6-89A0-D7CF5A915052}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7F5C06C2-3237-4572-B0C4-67E9D8818825}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EC0E4BE0-99A5-495D-8444-7F46020456D4}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC0E4BE0-99A5-495D-8444-7F46020456D4}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0D4D1384-746B-4829-A5EE-CA9DC00BBA91}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D4D1384-746B-4829-A5EE-CA9DC00BBA91}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BF173F2E-FF76-4C04-ACAA-8BCE01086864}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF173F2E-FF76-4C04-ACAA-8BCE01086864}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{53CC6192-D038-415F-8A88-8C5661A4AF25}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53CC6192-D038-415F-8A88-8C5661A4AF25}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chave Deletedo : HKLM\SOFTWARE\Classes\b
Chave Deletedo : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Chave Deletedo : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\escort.escortIEPane
Chave Deletedo : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Chave Deletedo : HKLM\SOFTWARE\Classes\privitize.privitizeHlpr
Chave Deletedo : HKLM\SOFTWARE\Classes\privitize.privitizeHlpr.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Chave Deletedo : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MagniPic_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MagniPic_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=3
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=9
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [fst_br_74]
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0005060.FBApi
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0005060.FBApi.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0050776.Sandbox
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0050776.Sandbox.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0051684.BHO
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0051684.BHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0051684.Sandbox
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0051684.Sandbox.1
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{539F76FD-084E-4858-86D5-62F02F54AE86}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{60EACC1A-33FA-443D-9846-17B28E2C9BDB}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B25AEDC4-8086-41E3-8349-328223FA9FCB}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110011501160}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022502260}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522072276}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{33333333-3333-3333-3333-330033503360}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055505560}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077507760}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{F13D3582-1359-4F8F-9A48-EF3AE9F5701C}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440044504460}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011501160}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E911B4F-CAAC-45B4-8E2D-4B79B2B92A07}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011501160}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{104c62f3-150a-4f57-b8fa-0ab699d7c49b}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73651c0a-ffba-4d12-83eb-ad5271e66ce0}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{539F76FD-084E-4858-86D5-62F02F54AE86}]
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Valor Deletedo : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]
Chave Deletedo : HKCU\Software\AskPartnerNetwork
Chave Deletedo : HKCU\Software\BabylonToolbar
Chave Deletedo : HKCU\Software\Cr_Installer
Chave Deletedo : HKCU\Software\DSNR Labs
Chave Deletedo : HKCU\Software\FreeSoftToday
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\installedbrowserextensions
Chave Deletedo : HKCU\Software\Microsoft\Babylon
Chave Deletedo : HKCU\Software\Minibar
Chave Deletedo : HKCU\Software\Optimizer Pro
Chave Deletedo : HKCU\Software\PerformerSoft
Chave Deletedo : HKCU\Software\PrivitizeVPNInstallDates
Chave Deletedo : HKCU\Software\SaveSenseLive
Chave Deletedo : HKCU\Software\StartSearch
Chave Deletedo : HKCU\Software\systweak
Chave Deletedo : HKCU\Software\Tutorials
Chave Deletedo : HKCU\Software\TutoTag
Chave Deletedo : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Deletedo : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Chave Deletedo : HKCU\Software\AppDataLow\SProtector
Chave Deletedo : HKCU\Software\AppDataLow\Software\Crossrider
Chave Deletedo : HKCU\Software\AppDataLow\Software\Savings Sidekick
Chave Deletedo : HKCU\Software\AppDataLow\Software\Plus-HD-7.5
Chave Deletedo : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Deletedo : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Chave Deletedo : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Chave Deletedo : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Chave Deletedo : HKLM\Software\AskPartnerNetwork
Chave Deletedo : HKLM\Software\Babylon
Chave Deletedo : HKLM\Software\BabylonToolbar
Chave Deletedo : HKLM\Software\DealPlyLive
Chave Deletedo : HKLM\Software\delta-homesSoftware
Chave Deletedo : HKLM\Software\free_soft_to_day
Chave Deletedo : HKLM\Software\hdcode
Chave Deletedo : HKLM\Software\Minibar
Chave Deletedo : HKLM\Software\PerformerSoft
Chave Deletedo : HKLM\Software\SaveSenseLive
Chave Deletedo : HKLM\Software\SearchProtect
Chave Deletedo : HKLM\Software\SP Global
Chave Deletedo : HKLM\Software\SProtector
Chave Deletedo : HKLM\Software\supTab
Chave Deletedo : HKLM\Software\supWPM
Chave Deletedo : HKLM\Software\systweak
Chave Deletedo : HKLM\Software\Tutorials
Chave Deletedo : HKLM\Software\V9
Chave Deletedo : HKLM\Software\winzipersvc
Chave Deletedo : HKLM\Software\Wpm
Chave Deletedo : HKLM\Software\Plus-HD-7.5
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IePlugins
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Performer_is1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Savings Sidekick
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\supTab
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-7.5
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fst_br_74_is1
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193
Chave Deletedo : HKLM\Software\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
Chave Deletedo : HKLM\Software\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.16521
-\\ Google Chrome v31.0.1650.63
[ Arquivo : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deletedo : homepage
Deletedo : search_url
Deletedo : keyword
Deletedo : urls_to_restore_on_startup
*************************
AdwCleaner[R1].txt - [31247 octets] - [06/04/2014 20:42:57]
AdwCleaner[S0].txt - [1076 octets] - [06/04/2014 20:05:21]
AdwCleaner[S1].txt - [28597 octets] - [06/04/2014 20:46:39]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [28658 octets] ##########
Renato L. Galeno- Membro
- Mensagens : 57
Reputação : 1
Data de inscrição : 06/04/2014
Re: Adwares com propagandas de jogos
por Power Max Dom 06 Abr 2014, 23:10
Desative temporariamente seu antivírus para evitar conflitos.Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Ter 08 Abr 2014, 13:16, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Adwares com propagandas de jogos
por Renato L. Galeno Dom 06 Abr 2014, 23:39
Não estou conseguindo abrir o Zoek.exe
Renato L. Galeno- Membro
- Mensagens : 57
Reputação : 1
Data de inscrição : 06/04/2014
Re: Adwares com propagandas de jogos
por Renato L. Galeno Seg 07 Abr 2014, 00:33
Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by Renato on 06/04/2014 at 23:55:55,90.
Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Renato\Downloads\zoek (3).exe [Scan all users] [Script inserted]
==== System Restore Info ======================
07/04/2014 00:01:34 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3950813928-957304356-2887969799-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1C50530C-6653-4FD9-81EB-7A0498783DE7} deleted successfully
HKEY_USERS\S-1-5-21-3950813928-957304356-2887969799-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E627DC4B-8C04-4234-A2D4-1D634EE01C41} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~2\nmaeignmnfbnagjlaaibeaooobkigjig deleted
C:\Users\Renato\AppData\LocalLow\{726C8927-68AE-9CA6-1A1E-45896CC195B1} deleted
C:\Users\Renato\AppData\LocalLow\{886B370D-A324-CD3B-4679-424130FE6245} deleted
C:\Users\Renato\AppData\LocalLow\{B5B11F69-DF39-76D3-0C49-31A7368C575D} deleted
C:\Users\Renato\AppData\LocalLow\{CBCB0CCA-E1D3-5986-3E9A-7577548C766E} deleted
C:\windows\system32\config\systemprofile\AppData\LocalLow\{726C8927-68AE-9CA6-1A1E-45896CC195B1} deleted
C:\windows\system32\config\systemprofile\AppData\LocalLow\{886B370D-A324-CD3B-4679-424130FE6245} deleted
C:\PROGRA~2\d0feb669ee8aa93 deleted
C:\Users\Renato\daemonprocess.txt deleted
C:\Users\Renato\.android deleted
C:\PROGRA~2\BloackTheAdApp deleted
C:\Program Files\Uninstall Information\ib_uninst_0 deleted
C:\Program Files\Uninstall Information\ib_uninst_396 deleted
C:\Program Files\Uninstall Information\ib_uninst_479 deleted
C:\Program Files\Uninstall Information\ib_uninst_560 deleted
C:\Program Files\PrivitizeVPN deleted
C:\found.000 deleted
C:\Users\Renato\AppData\Roaming\GetRightToGo deleted
C:\PROGRA~2\InstallMate deleted
C:\Users\Renato\AppData\Local\nsgD07B.tmp deleted
C:\Users\Renato\AppData\Local\cache deleted
C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx deleted
C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx deleted
C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivitizeVPN deleted
C:\windows\tasks\Plus-HD-7.5-codedownloader.job deleted
C:\windows\tasks\Plus-HD-7.5-enabler.job deleted
C:\windows\tasks\Plus-HD-7.5-firefoxinstaller.job deleted
C:\windows\tasks\Plus-HD-7.5-updater.job deleted
C:\windows\tasks\Plus-HD-7.5-validator.job deleted
C:\windows\tasks\MagniPicUpdaterTask{1920A6FA-4BAA-4E9A-A0FA-541D94011D82}.job deleted
C:\user.js deleted
C:\windows\System32\sho52E4.tmp deleted
"C:\PROGRA~2\emhllfbckoencmfbekdplmngkppclmig\emhllfbckoencmfbekdplmngkppclmig.crx" deleted
"C:\PROGRA~2\emhllfbckoencmfbekdplmngkppclmig\update.xml" deleted
"C:\PROGRA~2\emhllfbckoencmfbekdplmngkppclmig" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2" [06/04/2014 23:25]
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aaaajpkhjdkhhnkmgfjodbkfpbmibkkk - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7\CRX\ToolbarCR.crx[]
ogfjmhfnldnajmfaofeiaepghjenbgjo - C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx[]
pppagaglfkmlpgobnlenhknilehpmcbo - C:\Program Files\PSafe\PSafeAV\safemon\360webshield.crx[]
Google Docs - Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
BloackTheAdApp - Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhllfbckoencmfbekdplmngkppclmig
Google Wallet - Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Extended Protection - Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
Gmail - Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Ask Toolbar - C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajpkhjdkhhnkmgfjodbkfpbmibkkk
Google Docs - C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
ApptOUU - C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfgacklpkgbjdjecbjcnfmgadlglhbcc
Savings Sidekick - C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Babylon Toolbar - C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
TAkeThieaCoouupon - C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbihmimljoecjniobddnfabkoapakdh
LuckyaShOpper - C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdgjdepjmnakifahgnpejkdbhocbjfll
Google Wallet - C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chrome Fix ======================
C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.speedanalysis.net_0.localstorage deleted successfully
C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.speedanalysis.net_0.localstorage-journal deleted successfully
C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_b.scorecardresearch.com_0.localstorage deleted successfully
C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_b.scorecardresearch.com_0.localstorage-journal deleted successfully
C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_govome.inspsearch.com_0.localstorage deleted successfully
C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_govome.inspsearch.com_0.localstorage-journal deleted successfully
C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_s2e.scorecardresearch.com_0.localstorage deleted successfully
C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_s2e.scorecardresearch.com_0.localstorage-journal deleted successfully
C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully
C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajpkhjdkhhnkmgfjodbkfpbmibkkk deleted successfully
C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo deleted successfully
C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhllfbckoencmfbekdplmngkppclmig deleted successfully
C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_emhllfbckoencmfbekdplmngkppclmig_0.localstorage deleted successfully
C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_emhllfbckoencmfbekdplmngkppclmig_0.localstorage-journal deleted successfully
C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdgjdepjmnakifahgnpejkdbhocbjfll deleted successfully
C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hdgjdepjmnakifahgnpejkdbhocbjfll_0.localstorage deleted successfully
C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hdgjdepjmnakifahgnpejkdbhocbjfll_0.localstorage-journal deleted successfully
C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo deleted successfully
C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfgacklpkgbjdjecbjcnfmgadlglhbcc deleted successfully
C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dfgacklpkgbjdjecbjcnfmgadlglhbcc_0.localstorage deleted successfully
C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dfgacklpkgbjdjecbjcnfmgadlglhbcc_0.localstorage-journal deleted successfully
C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbihmimljoecjniobddnfabkoapakdh deleted successfully
C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_epbihmimljoecjniobddnfabkoapakdh_0.localstorage deleted successfully
C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_epbihmimljoecjniobddnfabkoapakdh_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://g.msn.com/USREL/5"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://searchou.com/?id=18a514b1000000000000e81132af28d2"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://g.msn.com/USREL/5"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3950813928-957304356-2887969799-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0DC1C742-9800-3AC6-DCD8-DDC679DB8A33} deleted successfully
HKEY_USERS\S-1-5-21-3950813928-957304356-2887969799-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0DC1C742-9800-3AC6-DCD8-DDC679DB8A33} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{0DC1C742-9800-3AC6-DCD8-DDC679DB8A33} deleted successfully
==== Deleting CLSID Registry Values ======================
==== shortcuts on Users Desktops ======================
C:\Users\Renato\Desktop\Aparência - Atalho.lnk -
C:\Users\Renato\Desktop\Limpeza Grátis de Registros.lnk -
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\LibreOffice 3.5.lnk - C:\Program Files\LibreOffice 3.5\program\soffice.exe
C:\Users\Public\Desktop\Multimedia POP.lnk - C:\Program Files\Samsung\MultimediaPOP\MultimediaPOP.exe
C:\Users\Public\Desktop\Samsung Support Center.lnk - C:\Program Files\Samsung\Samsung Support Center\SSCMain.exe
C:\Users\Public\Desktop\User Guide.lnk - C:\Program Files\Samsung\SamsungManual\RunManual.exe
C:\Users\Public\Desktop\VDownloader.lnk - C:\Program Files\VDownloader\VDownloader.exe
==== shortcuts in Users Start Menu ======================
C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VDownloader.lnk - C:\Program Files\VDownloader\VDownloader.exe
C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk - C:\windows\system32\calc.exe
C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe® Flash® Player Installer-Uninstaller 10.1 r53.lnk -
C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PC Performer (2).lnk - C:\Program Files\PC Performer\PCPerformer.exe
C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PC Performer (3).lnk - C:\Program Files\PC Performer\PCPerformer.exe
C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\windows\explorer.exe
C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Live Messenger.lnk - C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Users\Renato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MagniPic deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AEC083D4-3C89-DF14-7A04-74AF4DB9CF9B} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CE601CC7-6315-4D71-AF9A-2B3715833E31} deleted successfully
HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\aaaajpkhjdkhhnkmgfjodbkfpbmibkkk deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pppagaglfkmlpgobnlenhknilehpmcbo deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C5BEEF27-CB82-4A8B-0498-92143CA75423} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Hao123.com deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D} deleted successfully
==== Empty IE Cache ======================
C:\Users\Renato\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Renato\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Renato\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=616 folders=146 12784195 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Renato\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\Renato\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 07/04/2014 at 0:30:26,39 ======================
Renato L. Galeno- Membro
- Mensagens : 57
Reputação : 1
Data de inscrição : 06/04/2014
Re: Adwares com propagandas de jogos
por Power Max Seg 07 Abr 2014, 08:49
Baixe esta versão do Malwarebytes disponível no site abaixo:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Descompacte o conteúdo para uma pasta à sua escolha onde você se lembre depois (você também pode criar uma pasta na área de trabalho e descompactar o arquivo dentro desta pasta).
Depois disto simplesmente tente executar os arquivos clicando duas vezes sobre eles, um por um até que um deles permaneça aberto, siga as instruções na tela. Qualquer um dos arquivos são o Malwarebytes, só que cada um deles tem um nome diferente para enganar os vírus impedindo que eles o bloqueiem.
Depois disto poste o log (relatório) que ele deverá criar após a limpeza dos problemas.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Adwares com propagandas de jogos
por Renato L. Galeno Seg 07 Abr 2014, 22:43
Eu não consigo abrir nada que tenha extensão .zip
Renato L. Galeno- Membro
- Mensagens : 57
Reputação : 1
Data de inscrição : 06/04/2014
Re: Adwares com propagandas de jogos
por Power Max Ter 08 Abr 2014, 00:11
Baixe o programa Junkware Removal Tool no link abaixo:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o programa acima é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt
Ficamos na espera.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Adwares com propagandas de jogos
por Renato L. Galeno Ter 08 Abr 2014, 22:32
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Starter x86
Ran by Renato on 08/04/2014 at 22:21:20,82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\backupstack_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\backupstack_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etype_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etype_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypesetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypesetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeuninstall_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeuninstall_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeupdate_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeupdate_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Program Files\hao123.com"
Successfully deleted: [Folder] "C:\Program Files\webfuii"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08/04/2014 at 22:26:53,76
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Starter x86
Ran by Renato on 08/04/2014 at 22:21:20,82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\backupstack_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\backupstack_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etype_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etype_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypesetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypesetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeuninstall_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeuninstall_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeupdate_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeupdate_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Program Files\hao123.com"
Successfully deleted: [Folder] "C:\Program Files\webfuii"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08/04/2014 at 22:26:53,76
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Renato L. Galeno- Membro
- Mensagens : 57
Reputação : 1
Data de inscrição : 06/04/2014
Re: Adwares com propagandas de jogos
por Power Max Ter 08 Abr 2014, 22:41
Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.
|- Execute o ícone do pergaminho. ( ZHPDiag )
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Adwares com propagandas de jogos
por Renato L. Galeno Ter 08 Abr 2014, 22:52
~ Relatório do ZHPDiag v2014.4.8.12 - Nicolas Coolman (09/04/2014)
~ Iniciado por Renato (08/04/2014 22:46:35)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.16521
GCIE: Google Chrome v31.0.1650.63 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Starter, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
Norton Internet Security v18.7.2.3
Windows Defender W7
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 11 ActiveX
Adobe Reader 9.1
Java 7 Update 51
---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1955 MB (39% free)
System Restore: Activé (Enable)
System drive C: has 138 GB (76%) free of 180 GB
---\\ Modo de conexão ao sistema
~ Computer Name: RENATO-PC
~ User Name: Renato
~ All Users Names: Renato, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Renato\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Renato\AppData\Roaming\
~ %Desktop% : C:\Users\Renato\Desktop\
~ %Favorites% : C:\Users\Renato\Favorites\
~ %LocalAppData% : C:\Users\Renato\AppData\Local\
~ %StartMenu% : C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 138 Go of 180 Go)
D: Hard drive, Flash drive, Thumb drive (Free 243 Go of 268 Go)
E: CD-ROM drive (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
---\\ Estado do Centro de Segurança do Windows
~ Security Center: 41 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 02:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.AAFEAB4FC9D70253F8C7E353E879E8A2] - (.Microsoft Corporation - Internet Extensions para Win32.) (.28/02/2014 - 23:32:16.) -- C:\Windows\System32\wininet.dll [1820160]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20/11/2010 - 18:29:06.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 18:29:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/09/2013 - 21:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 18:29:07.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 18:29:08.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.12/04/2013 - 10:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 18:29:07.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.C37AEE5966EB5929E2051AC7409B5730] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.25/02/2011 - 02:40:54.) -- C:\Windows\system32\Drivers\volsnap.sys [246144]
~ Generic Processes: Scanned in 00mn 01s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes Videos (My Videos) : 1/6
~ Mes Favoris (My Favorites) : 1/5
~ Mes Documents (My Documents) : 1/41
~ Mon Bureau (My Desktop) : 0/10
~ Menu demarrer (Programs) : 1/22
~ Hidden Files: Scanned in 00mn 00s
---\\ Processos lançados
[MD5.E78A365CC3E0FBFC018A33DCE01909F8] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008] [PID.1636]
[MD5.141EE12CB2423FF8C7DE30DE66A1ACA1] - (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11463272] [PID.2544]
[MD5.4880F039D8C2F9731B516E6F42ED8822] - (.ELAN Microelectronics Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe [1812264] [PID.2552]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336] [PID.2624]
[MD5.69E5FE24CBEDECAF56937925063E8FB9] - (.PSafe - PSafe System Tray.) -- C:\Program Files\PSafe\PSafeSysTray.exe [3688136] [PID.2768]
[MD5.437DB0E75D4E427AA705C1AB1DB9A948] - (.PSafe S.A. - PSafeWD.) -- C:\Program Files\PSafe\PSafeWDS.exe [144072] [PID.2776]
[MD5.78DA2059084E6A5DBF62FDC8CEDB8E8B] - (.PSafe S/A - SearchDesk.) -- C:\Program Files\PSafe\SearchDesk\psSearchDesk.exe [3067592] [PID.3196]
[MD5.BACE9FBCACAE7EDF500D43D522285F13] - (.ELAN Microelectronics Corp. - ETD Control Center Helper.) -- C:\Program Files\Elantech\ETDCtrlHelper.exe [1602344] [PID.3340]
[MD5.B00F98FF6FE8682FF941BEB2559BF191] - (.CyberLink - YouCam Mirage.) -- C:\Program Files\CyberLink\YouCam\YCMMirage.exe [136488] [PID.2664]
[MD5.BC5C2A727B521B58A6C7ACF931D93F86] - (.Samsung Electronics Co., Ltd. - Easy Display Manager.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [1040264] [PID.1112]
[MD5.D5C65D259096440FF3426852C712B2E0] - (.Samsung Electronics Co., Ltd. - Wifi Manager.) -- C:\Program Files\Samsung\Easy Display Manager\WifiManager.exe [7062608] [PID.952]
[MD5.CDD3658D56F204E5ABD95F04D83F3F26] - (.Intel Corporation - igfxext Module.) -- C:\windows\system32\igfxext.exe [187672] [PID.2816]
[MD5.BE7FE52636BDA7019AB42B133F2345B0] - (.Intel Corporation - igfxsrvc Module.) -- C:\windows\system32\igfxsrvc.exe [267544] [PID.2848]
[MD5.71094F0CC1E88EB690EA2D33CD23D4FF] - (.SEC - Samsung Recovery Solution 5.) -- C:\Program Files\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [4394576] [PID.632]
[MD5.D9C70E8552670E7A67778ED238C18975] - (.Samsung Electronics Co., Ltd. - Smart Restarter Program.) -- C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2208624] [PID.3064]
[MD5.57B4D34232852BFE4453BE571DF90D21] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720] [PID.3304]
[MD5.B0EEFED7FFE796D5799DF5E82B0D166A] - (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe [177432] [PID.3284]
[MD5.2DDA2265EEFC692DF38BA6198E7B69CA] - (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe [178456] [PID.2344]
[MD5.2C7CF4D4A17B5765E23F6B82C16AF4EB] - (.CyberLink Corp. - Media+Player RC Service.) -- C:\Program Files\CyberLink\Media+Player10\Media+Player10Serv.exe [87336] [PID.3336]
[MD5.9F71DDE0A8C47254B9DA3AB6094915CC] - (.Samsung Electronics Co., Ltd. - MovieColorEnhancer.exe.) -- C:\Program Files\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [775848] [PID.4312]
[MD5.75BD6130D6D1151CB3CAA8296EAD9E5F] - (.SAMSUNG Electronics - SSCKbdHk.) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [3398736] [PID.4800]
[MD5.B8C44BF5A86B4662458F4AA8F901C94B] - (.Samsung Electronics - Samsung Update Plus Background.) -- C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2782064] [PID.5172]
[MD5.376A9B411BF8B77D5BF84B24D0C7DACD] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [863184] [PID.1560]
[MD5.EC15A606D68A99B6911ABB644ACF6654] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8193536] [PID.5484]
~ Processes Running: Scanned in 00mn 02s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 13 Legitimates Filtered in 00mn 07s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Barras do Internet Explorer (03))
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Chave orfã
~ Toolbar: Scanned in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: LibreOffice 3.5.lnk . (.The Document Foundation - LibreOffice 3.5.) -- C:\Program Files\LibreOffice 3.5\program\soffice.exe
O4 - GS\Desktop [Public]: Multimedia POP.lnk . (.TODO: - TODO: .) -- C:\Program Files\Samsung\MultimediaPOP\MultimediaPOP.exe
O4 - GS\Desktop [Public]: User Guide.lnk . (.Samsung Electronics - Runmanual.) -- C:\Program Files\Samsung\SamsungManual\RunManual.exe
O4 - GS\Desktop [Public]: VDownloader.lnk . (.Vitzo - VDownloader.) -- C:\Program Files\VDownloader\VDownloader.exe
O4 - GS\QuickLaunch [Renato]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Renato]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Renato]: VDownloader.lnk . (.Vitzo - VDownloader.) -- C:\Program Files\VDownloader\VDownloader.exe
O4 - GS\TaskBar [Renato]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Renato]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Renato]: PC Performer (2).lnk . (...) -- C:\Program Files\PC Performer\PCPerformer.exe (.not file.) =>Rogue.PCPerformer
O4 - GS\TaskBar [Renato]: PC Performer (3).lnk . (...) -- C:\Program Files\PC Performer\PCPerformer.exe (.not file.) =>Rogue.PCPerformer
O4 - GS\Program [Renato]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Renato]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo [Renato]: Transferência de Arquivo Bluetooth.LNK . (.Microsoft Corporation - No Comment.) -- C:\Windows\System32\fsquirt.exe
O4 - GS\Desktop [Renato]: Aparência - Atalho.lnk - Chave orfã
O4 - GS\Desktop [Renato]: Limpeza Grátis de Registros!.lnk - Chave orfã
~ Global Startup: 62 Legitimates Filtered in 00mn 05s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [ETDCtrl] . (.ELAN Microelectronics Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [VDownloader] . (.Vitzo - VDownloader.) -- C:\Program Files\VDownloader\VDownloader.exe
O4 - HKLM\..\Run: [PrivitizeVPN] C:\Program Files\PrivitizeVPN\PrivitizeVPN.exe (.not file.) =>Hijacker.PrivitizeVPN
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [PSafeTray] . (.PSafe - PSafe System Tray.) -- C:\Program Files\PSafe\PSafeSysTray.exe
O4 - HKLM\..\Run: [PSafeWDS] . (.PSafe S.A. - PSafeWD.) -- C:\Program Files\PSafe\PSafeWDS.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} . (...) -- C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} ((no name)) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{66A4D76B-BFA3-4982-9A84-49DB48CC6801}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD49CEE5-6C1C-40AD-83B4-521F64867163}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD49CEE5-6C1C-40AD-83B4-521F64867163}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{66A4D76B-BFA3-4982-9A84-49DB48CC6801}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{BD49CEE5-6C1C-40AD-83B4-521F64867163}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{BD49CEE5-6C1C-40AD-83B4-521F64867163}: DhcpDomain = lan
O17 - HKLM\System\CS2\Services\Tcpip\..\{66A4D76B-BFA3-4982-9A84-49DB48CC6801}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{BD49CEE5-6C1C-40AD-83B4-521F64867163}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{BD49CEE5-6C1C-40AD-83B4-521F64867163}: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: PSafeSVC (PSafeSVC) . (.PSafe S/A - PSafe Core Service.) - C:\Program Files\PSafe\psafesvc.exe
O23 - Service: PSafeWD (PSafeWD) . (.PSafe S.A. - PSafeWD.) - C:\Program Files\PSafe\PSafeWD.exe
~ Services: 8 Legitimates Filtered in 00mn 05s
---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (EfiMon) . (.360安全中心 - 360Efimon Driver.) - C:\Windows\System32\Drivers\Efimon.sys
O41 - Driver: (wStLib) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\wStLib.sys =>PUP.LinkiDoo
~ Drivers: 87 Legitimates Filtered in 00mn 41s
---\\ Software instalados (042)
O42 - Logiciel: Ask Toolbar - (.APN, LLC.) [HKLM] -- {4F524A2D-5637-006A-76A7-A758B70C0A03} =>Toolbar.Ask
O42 - Logiciel: ClickForeSaale - (.CCliicKFORuSale.) [HKLM] -- {6C998B44-82D8-CC7E-D847-4CD73036412A}
O42 - Logiciel: InstallBrain Updater Service - (...) [HKLM] -- InstallBrain Updater Service =>PUP.InstallBrain
O42 - Logiciel: Save Sense (remove only) - (.SaveSense.) [HKCU] -- Save Sense =>PUP.SaveSense
O42 - Logiciel: SaveSense - (.SaveSense.) [HKCU] -- SaveSense =>PUP.SaveSense
O42 - Logiciel: VO Package - (...) [HKLM] -- VOPackage =>Adware.Downware
O42 - Logiciel: Webfuii - (.Webfuii.) [HKLM] -- Webfuii
O42 - Logiciel: tpeerFectcouppon - (.tpuerfecotcouponn.) [HKLM] -- {23B82977-C816-92D2-66E7-BE67DD1E7786}
~ Logic: 20 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AnyProtect] =>PUP.AnyProtect
[HKCU\Software\Industriya]
[HKCU\Software\Webfuii]
[HKLM\Software\360Safe] =>Trojan.Lozavita
[HKLM\Software\Feven Pro 1.3] =>PUP.CrossRider
[HKLM\Software\Industriya]
~ Key Software: 193 Legitimates Filtered in 00mn 01s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 30/03/2014 - 17:43:10 - [0,884] ----D C:\ProgramData\ClickForeSaale
O43 - CFD: 05/03/2014 - 13:22:22 - [0,005] ----D C:\Users\Renato\AppData\Roaming\360safe =>Trojan.Lozavita
~ Program Folder: 120 Legitimates Filtered in 01mn 24s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.14CD7AB26190B1C7A824995918C43751] - 06/04/2014 - 21:03:32 ---A- . (...) -- C:\Windows\win.ini [603]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 06/04/2014 - 23:35:22 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.4F12189AE1920269D111B4837D50DFA1] - 07/04/2014 - 00:30:26 ---A- . (...) -- C:\zoek-results.log [21017]
~ Files: 8 Legitimates Filtered in 00mn 05s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.6E42F2E5B5BDE3FE4066C9B2D6091E17] - 04/03/2014 - 23:15:51 ---A- . (.360安全中心 - 360Efimon Driver.) -- C:\Windows\System32\Drivers\efimon.sys [23624]
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:[MD5.F8F330E056E3F9237ED885024D44BC52] - 12/11/2010 - 19:24:00 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys [116008]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.049844AD9F01ACCDE9998B46B0C8948D] - 04/03/2014 - 23:15:52 ---A- . (.360安全中心 - 360安全卫士 - HookPort.) -- C:\Windows\System32\Drivers\hookport.sys [75832]
O58 - SDL:[MD5.41CE6B172542A9A227E34A45881E1D2A] - 02/05/2012 - 21:33:42 ---A- . (.Windows (R) 2003 DDK 3790 provider - Generic Port I/O for Win32.) -- C:\Windows\System32\Drivers\rtport.sys [15656]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:[MD5.690A5371C61658B6EB41185B40323172] - 22/03/2014 - 17:58:19 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\wStLib.sys [52920] =>PUP.LinkiDoo
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 18 Legitimates Filtered in 00mn 05s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 04/03/2014 - C:\Windows\System32\Drivers\Efimon.sys (EfiMon) .(.360安全中心 - 360Efimon Driver.) - LEGACY_EFIMON
O64 - Services: CurCS - 04/03/2014 - C:\Windows\System32\Drivers\Hookport.sys (HookPort) .(.360安全中心 - 360安全卫士 - HookPort.) - LEGACY_HOOKPORT
O64 - Services: CurCS - 22/03/2014 - C:\Windows\System32\drivers\wStLib.sys (wStLib) .(.StdLib - StdLib.) - LEGACY_WSTLIB =>PUP.LinkiDoo
~ Legacy: 96 Legitimates Filtered in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{5D0FDE73-2BDB-455A-A562-5AF7F3047885}C:\program files\psafe\pssmartup.exe" | In - Public - P6 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\program files\psafe\pssmartup.exe
O87 - FAEL: "UDP Query User{58BAC1E7-E0D7-41A9-90BD-42CF9C1F5173}C:\program files\psafe\pssmartup.exe" | In - Public - P17 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\program files\psafe\pssmartup.exe
O87 - FAEL: "{836868E4-735F-4848-A460-8D3D16729677}" | In - None - P6 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\Program Files\PSafe\pssmartup.exe
O87 - FAEL: "{B2BE63EF-0692-4A4B-8720-B3327A1C439F}" | In - None - P17 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\Program Files\PSafe\pssmartup.exe
O87 - FAEL: "{CF97F8AB-F5B2-45D9-82A0-55DA57CE4BC8}" | In - None - P6 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\Program Files\PSafe\pssmartup.exe
O87 - FAEL: "{8F1E81F2-A1C7-4D41-B33E-105CA5EE56E8}" | In - None - P17 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\Program Files\PSafe\pssmartup.exe
O87 - FAEL: "{D2D71A98-EE45-4179-9C20-A585F6C30C53}" | In - None - P6 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\Program Files\PSafe\pssmartup.exe
O87 - FAEL: "{89FA4D4F-DA1F-4C24-A0AD-AFE91EE0F33F}" | In - None - P17 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\Program Files\PSafe\pssmartup.exe
~ Firewall: 160 Legitimates Filtered in 00mn 01s
---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "25BD30E1BC5D83343A835E62DDD4D41B" . (.Bing Bar.) -- C:\windows\Installer\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}\icon_installer_ico =>Toolbar.Bing
O90 - PUC: "D2A425F47365A600677A7A857BC0A030" . (.Ask Toolbar.) -- C:\windows\Installer\{4F524A2D-5637-006A-76A7-A758B70C0A03}\ToolbarIcon.exe =>Toolbar.Ask
~ Update Products: 440 Legitimates Filtered in 00mn 00s
---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.22C9E7805145D0A0C4C62DDB591D2DAE] [WIS][27/06/2012] (.Babylon Ltd - BabylonObjectInstaller.) -- C:\Windows\Installer\7c3866.msi [353280] =>PUP.Babylon
[MD5.9324BE9D243CAFD7792902439AABD875] [WIS][20/02/2014] (.APN, LLC - Ask Toolbar.) -- C:\Windows\Installer\9916ab.msi [463872] =>Toolbar.Ask
~ WIS: 443 Legitimates Filtered in 00mn 47s
---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\BetterInstaller_RASAPI32 =>Adware.MegaSearch
HKLM\SOFTWARE\Microsoft\Tracing\BetterInstaller_RASMANCS =>Adware.MegaSearch
HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32 =>Adware.MegaSearch
HKLM\SOFTWARE\Microsoft\Tracing\BI_RunOnce_RASAPI32 =>Adware.MegaSearch
HKLM\SOFTWARE\Microsoft\Tracing\setup_magnipic_RASAPI32 =>Adware.MagniPic
HKLM\SOFTWARE\Microsoft\Tracing\setup_magnipic_RASMANCS =>Adware.MagniPic
~ BTK: 122 Legitimates Filtered in 00mn 00s
---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{1070C156-160B-47A0-B7D9-1860396BAB57}] (SaveSenseLive Broker Class Factory) =>PUP.SaveSense
[HKCR\CLSID\{27CE191D-733B-4450-AFCD-096D105288C3}] (SaveSenseLive.OneClickProcessLauncher) =>PUP.SaveSense
[HKCR\CLSID\{39A29266-D3E4-462D-AB05-F93B1053F6CF}] (SaveSenseLive Legacy On Demand) =>PUP.SaveSense
[HKCR\CLSID\{73192D81-6D24-4C40-BF7B-2507C6FA0B1A}] (SaveSenseLive Core Class) =>PUP.SaveSense
[HKCR\CLSID\{88C606E7-BA26-41CB-8CC3-D1E313E34E75}] (SaveSenseLive Process Launcher Class) =>PUP.SaveSense
[HKCR\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}] (Bing Bar) =>Toolbar.Bing
[HKCR\CLSID\{9E0546FF-D44F-4FE4-A324-995FCACB8D33}] (SaveSenseLive Broker Class Factory) =>PUP.SaveSense
[HKCR\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828}] (SaveSenseLive Legacy On Demand) =>PUP.SaveSense
[HKCR\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] (Bing Bar Helper) =>Toolbar.Bing
[HKCR\CLSID\{F4B8D46C-4EEE-401B-8607-DC03025F34B1}] (SaveSenseLive Core Class) =>PUP.SaveSense
~ BCK: 5578 Legitimates Filtered in 00mn 09s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 20/02/2014 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 01/03/2011 183560 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\BBSvc.exe =>Toolbar.Bing
SS - | Auto 02/06/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 02/06/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 09/08/2010 131888 | (Samsung UPD Service) . (.Samsung Electronics CO., LTD..) - C:\windows\System32\SUPDSvc.exe
SR - | Auto 20/12/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 16/04/2011 130008 | (NIS) . (.Symantec Corporation.) - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
SR - | Auto 01/06/2010 2057560 | (NOBU) . (.Symantec Corporation.) - C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe =>.Symantec Corporation
SR - | Auto 19/03/2014 2710216 | (PSafeSVC) . (.PSafe S/A.) - C:\Program Files\PSafe\psafesvc.exe
SR - | Auto 19/03/2014 266952 | (PSafeWD) . (.PSafe S.A..) - C:\Program Files\PSafe\PSafeWD.exe
SR - | Auto 01/12/2009 244904 | (RichVideo) . (...) - C:\Program Files\CyberLink\Shared files\RichVideo.exe
SR - | Auto 24/02/2011 249648 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files\Microsoft\BingBar\SeaPort.exe =>Toolbar.Bing
SR - | Auto 20/12/2010 2656280 | (UNS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 01/03/2011 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 01/03/2011 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 12s
---\\ Scâner Aditional (088)
Database Version : 13044 - (09/04/2014)
Clés trouvées (Keys found) : 13
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 14
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5637-006A-76A7-A758B70C0A03}] =>Toolbar.Ask^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallBrain Updater Service] =>PUP.InstallBrain^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Save Sense] =>PUP.SaveSense^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SaveSense] =>PUP.SaveSense^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage] =>Adware.Downware^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}] =>Toolbar.Bing
[HKLM\Software\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Bing
[HKLM\Software\Classes\Installer\Products\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EB03EF39-C655-D560-FA95-79182B837D64}] =>Adware.MagniPic
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\privitize] =>Hijacker.PrivitizeVPN
[HKLM\Software\360Safe] =>Trojan.Lozavita
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}] =>PUP.CrossRider
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:PrivitizeVPN =>Hijacker.PrivitizeVPN^
C:\Users\Renato\AppData\Roaming\360safe =>Trojan.Lozavita^
[HKCU\Software\AnyProtect] =>PUP.AnyProtect^
[HKLM\Software\Feven Pro 1.3] =>PUP.CrossRider^
C:\Windows\Installer\7c3866.msi =>PUP.Babylon^
C:\Windows\Installer\9916ab.msi =>Toolbar.Ask^
[HKCR\CLSID\{1070C156-160B-47A0-B7D9-1860396BAB57}] (SaveSenseLive Broker Class Factory) =>PUP.SaveSense^
[HKCR\CLSID\{27CE191D-733B-4450-AFCD-096D105288C3}] (SaveSenseLive.OneClickProcessLauncher) =>PUP.SaveSense^
[HKCR\CLSID\{39A29266-D3E4-462D-AB05-F93B1053F6CF}] (SaveSenseLive Legacy On Demand) =>PUP.SaveSense^
[HKCR\CLSID\{73192D81-6D24-4C40-BF7B-2507C6FA0B1A}] (SaveSenseLive Core Class) =>PUP.SaveSense^
[HKCR\CLSID\{88C606E7-BA26-41CB-8CC3-D1E313E34E75}] (SaveSenseLive Process Launcher Class) =>PUP.SaveSense^
[HKCR\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}] (Bing Bar) =>Toolbar.Bing^
[HKCR\CLSID\{9E0546FF-D44F-4FE4-A324-995FCACB8D33}] (SaveSenseLive Broker Class Factory) =>PUP.SaveSense^
[HKCR\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828}] (SaveSenseLive Legacy On Demand) =>PUP.SaveSense^
[HKCR\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] (Bing Bar Helper) =>Toolbar.Bing^
[HKCR\CLSID\{F4B8D46C-4EEE-401B-8607-DC03025F34B1}] (SaveSenseLive Core Class) =>PUP.SaveSense^
~ Additionnel Scan: 267665 Items scanned in 00mn 22s
---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.PrivitizeVPN
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.Ask
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SaveSense
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.Downware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.AnyProtect
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.Lozavita
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.CrossRider
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Babylon
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.MegaSearch
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.MagniPic
~ MSI: 10 link(s) detected in 00mn 00s
~ 1240 Legitimates filtered by white list
End of the scan (513 lines in 04mn 36s)(0)
~ Iniciado por Renato (08/04/2014 22:46:35)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.16521
GCIE: Google Chrome v31.0.1650.63 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Starter, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
Norton Internet Security v18.7.2.3
Windows Defender W7
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 11 ActiveX
Adobe Reader 9.1
Java 7 Update 51
---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1955 MB (39% free)
System Restore: Activé (Enable)
System drive C: has 138 GB (76%) free of 180 GB
---\\ Modo de conexão ao sistema
~ Computer Name: RENATO-PC
~ User Name: Renato
~ All Users Names: Renato, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Renato\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Renato\AppData\Roaming\
~ %Desktop% : C:\Users\Renato\Desktop\
~ %Favorites% : C:\Users\Renato\Favorites\
~ %LocalAppData% : C:\Users\Renato\AppData\Local\
~ %StartMenu% : C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 138 Go of 180 Go)
D: Hard drive, Flash drive, Thumb drive (Free 243 Go of 268 Go)
E: CD-ROM drive (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
---\\ Estado do Centro de Segurança do Windows
~ Security Center: 41 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 02:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.AAFEAB4FC9D70253F8C7E353E879E8A2] - (.Microsoft Corporation - Internet Extensions para Win32.) (.28/02/2014 - 23:32:16.) -- C:\Windows\System32\wininet.dll [1820160]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20/11/2010 - 18:29:06.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 18:29:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/09/2013 - 21:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 18:29:07.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 18:29:08.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.12/04/2013 - 10:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 18:29:07.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.C37AEE5966EB5929E2051AC7409B5730] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.25/02/2011 - 02:40:54.) -- C:\Windows\system32\Drivers\volsnap.sys [246144]
~ Generic Processes: Scanned in 00mn 01s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes Videos (My Videos) : 1/6
~ Mes Favoris (My Favorites) : 1/5
~ Mes Documents (My Documents) : 1/41
~ Mon Bureau (My Desktop) : 0/10
~ Menu demarrer (Programs) : 1/22
~ Hidden Files: Scanned in 00mn 00s
---\\ Processos lançados
[MD5.E78A365CC3E0FBFC018A33DCE01909F8] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008] [PID.1636]
[MD5.141EE12CB2423FF8C7DE30DE66A1ACA1] - (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11463272] [PID.2544]
[MD5.4880F039D8C2F9731B516E6F42ED8822] - (.ELAN Microelectronics Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe [1812264] [PID.2552]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336] [PID.2624]
[MD5.69E5FE24CBEDECAF56937925063E8FB9] - (.PSafe - PSafe System Tray.) -- C:\Program Files\PSafe\PSafeSysTray.exe [3688136] [PID.2768]
[MD5.437DB0E75D4E427AA705C1AB1DB9A948] - (.PSafe S.A. - PSafeWD.) -- C:\Program Files\PSafe\PSafeWDS.exe [144072] [PID.2776]
[MD5.78DA2059084E6A5DBF62FDC8CEDB8E8B] - (.PSafe S/A - SearchDesk.) -- C:\Program Files\PSafe\SearchDesk\psSearchDesk.exe [3067592] [PID.3196]
[MD5.BACE9FBCACAE7EDF500D43D522285F13] - (.ELAN Microelectronics Corp. - ETD Control Center Helper.) -- C:\Program Files\Elantech\ETDCtrlHelper.exe [1602344] [PID.3340]
[MD5.B00F98FF6FE8682FF941BEB2559BF191] - (.CyberLink - YouCam Mirage.) -- C:\Program Files\CyberLink\YouCam\YCMMirage.exe [136488] [PID.2664]
[MD5.BC5C2A727B521B58A6C7ACF931D93F86] - (.Samsung Electronics Co., Ltd. - Easy Display Manager.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [1040264] [PID.1112]
[MD5.D5C65D259096440FF3426852C712B2E0] - (.Samsung Electronics Co., Ltd. - Wifi Manager.) -- C:\Program Files\Samsung\Easy Display Manager\WifiManager.exe [7062608] [PID.952]
[MD5.CDD3658D56F204E5ABD95F04D83F3F26] - (.Intel Corporation - igfxext Module.) -- C:\windows\system32\igfxext.exe [187672] [PID.2816]
[MD5.BE7FE52636BDA7019AB42B133F2345B0] - (.Intel Corporation - igfxsrvc Module.) -- C:\windows\system32\igfxsrvc.exe [267544] [PID.2848]
[MD5.71094F0CC1E88EB690EA2D33CD23D4FF] - (.SEC - Samsung Recovery Solution 5.) -- C:\Program Files\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [4394576] [PID.632]
[MD5.D9C70E8552670E7A67778ED238C18975] - (.Samsung Electronics Co., Ltd. - Smart Restarter Program.) -- C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2208624] [PID.3064]
[MD5.57B4D34232852BFE4453BE571DF90D21] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720] [PID.3304]
[MD5.B0EEFED7FFE796D5799DF5E82B0D166A] - (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe [177432] [PID.3284]
[MD5.2DDA2265EEFC692DF38BA6198E7B69CA] - (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe [178456] [PID.2344]
[MD5.2C7CF4D4A17B5765E23F6B82C16AF4EB] - (.CyberLink Corp. - Media+Player RC Service.) -- C:\Program Files\CyberLink\Media+Player10\Media+Player10Serv.exe [87336] [PID.3336]
[MD5.9F71DDE0A8C47254B9DA3AB6094915CC] - (.Samsung Electronics Co., Ltd. - MovieColorEnhancer.exe.) -- C:\Program Files\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [775848] [PID.4312]
[MD5.75BD6130D6D1151CB3CAA8296EAD9E5F] - (.SAMSUNG Electronics - SSCKbdHk.) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [3398736] [PID.4800]
[MD5.B8C44BF5A86B4662458F4AA8F901C94B] - (.Samsung Electronics - Samsung Update Plus Background.) -- C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2782064] [PID.5172]
[MD5.376A9B411BF8B77D5BF84B24D0C7DACD] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [863184] [PID.1560]
[MD5.EC15A606D68A99B6911ABB644ACF6654] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8193536] [PID.5484]
~ Processes Running: Scanned in 00mn 02s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 13 Legitimates Filtered in 00mn 07s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Barras do Internet Explorer (03))
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Chave orfã
~ Toolbar: Scanned in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: LibreOffice 3.5.lnk . (.The Document Foundation - LibreOffice 3.5.) -- C:\Program Files\LibreOffice 3.5\program\soffice.exe
O4 - GS\Desktop [Public]: Multimedia POP.lnk . (.TODO:
O4 - GS\Desktop [Public]: User Guide.lnk . (.Samsung Electronics - Runmanual.) -- C:\Program Files\Samsung\SamsungManual\RunManual.exe
O4 - GS\Desktop [Public]: VDownloader.lnk . (.Vitzo - VDownloader.) -- C:\Program Files\VDownloader\VDownloader.exe
O4 - GS\QuickLaunch [Renato]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Renato]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Renato]: VDownloader.lnk . (.Vitzo - VDownloader.) -- C:\Program Files\VDownloader\VDownloader.exe
O4 - GS\TaskBar [Renato]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Renato]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Renato]: PC Performer (2).lnk . (...) -- C:\Program Files\PC Performer\PCPerformer.exe (.not file.) =>Rogue.PCPerformer
O4 - GS\TaskBar [Renato]: PC Performer (3).lnk . (...) -- C:\Program Files\PC Performer\PCPerformer.exe (.not file.) =>Rogue.PCPerformer
O4 - GS\Program [Renato]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Renato]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo [Renato]: Transferência de Arquivo Bluetooth.LNK . (.Microsoft Corporation - No Comment.) -- C:\Windows\System32\fsquirt.exe
O4 - GS\Desktop [Renato]: Aparência - Atalho.lnk - Chave orfã
O4 - GS\Desktop [Renato]: Limpeza Grátis de Registros!.lnk - Chave orfã
~ Global Startup: 62 Legitimates Filtered in 00mn 05s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [ETDCtrl] . (.ELAN Microelectronics Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [VDownloader] . (.Vitzo - VDownloader.) -- C:\Program Files\VDownloader\VDownloader.exe
O4 - HKLM\..\Run: [PrivitizeVPN] C:\Program Files\PrivitizeVPN\PrivitizeVPN.exe (.not file.) =>Hijacker.PrivitizeVPN
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [PSafeTray] . (.PSafe - PSafe System Tray.) -- C:\Program Files\PSafe\PSafeSysTray.exe
O4 - HKLM\..\Run: [PSafeWDS] . (.PSafe S.A. - PSafeWD.) -- C:\Program Files\PSafe\PSafeWDS.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} . (...) -- C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} ((no name)) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{66A4D76B-BFA3-4982-9A84-49DB48CC6801}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD49CEE5-6C1C-40AD-83B4-521F64867163}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD49CEE5-6C1C-40AD-83B4-521F64867163}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{66A4D76B-BFA3-4982-9A84-49DB48CC6801}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{BD49CEE5-6C1C-40AD-83B4-521F64867163}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{BD49CEE5-6C1C-40AD-83B4-521F64867163}: DhcpDomain = lan
O17 - HKLM\System\CS2\Services\Tcpip\..\{66A4D76B-BFA3-4982-9A84-49DB48CC6801}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{BD49CEE5-6C1C-40AD-83B4-521F64867163}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{BD49CEE5-6C1C-40AD-83B4-521F64867163}: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: PSafeSVC (PSafeSVC) . (.PSafe S/A - PSafe Core Service.) - C:\Program Files\PSafe\psafesvc.exe
O23 - Service: PSafeWD (PSafeWD) . (.PSafe S.A. - PSafeWD.) - C:\Program Files\PSafe\PSafeWD.exe
~ Services: 8 Legitimates Filtered in 00mn 05s
---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (EfiMon) . (.360安全中心 - 360Efimon Driver.) - C:\Windows\System32\Drivers\Efimon.sys
O41 - Driver: (wStLib) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\wStLib.sys =>PUP.LinkiDoo
~ Drivers: 87 Legitimates Filtered in 00mn 41s
---\\ Software instalados (042)
O42 - Logiciel: Ask Toolbar - (.APN, LLC.) [HKLM] -- {4F524A2D-5637-006A-76A7-A758B70C0A03} =>Toolbar.Ask
O42 - Logiciel: ClickForeSaale - (.CCliicKFORuSale.) [HKLM] -- {6C998B44-82D8-CC7E-D847-4CD73036412A}
O42 - Logiciel: InstallBrain Updater Service - (...) [HKLM] -- InstallBrain Updater Service =>PUP.InstallBrain
O42 - Logiciel: Save Sense (remove only) - (.SaveSense.) [HKCU] -- Save Sense =>PUP.SaveSense
O42 - Logiciel: SaveSense - (.SaveSense.) [HKCU] -- SaveSense =>PUP.SaveSense
O42 - Logiciel: VO Package - (...) [HKLM] -- VOPackage =>Adware.Downware
O42 - Logiciel: Webfuii - (.Webfuii.) [HKLM] -- Webfuii
O42 - Logiciel: tpeerFectcouppon - (.tpuerfecotcouponn.) [HKLM] -- {23B82977-C816-92D2-66E7-BE67DD1E7786}
~ Logic: 20 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AnyProtect] =>PUP.AnyProtect
[HKCU\Software\Industriya]
[HKCU\Software\Webfuii]
[HKLM\Software\360Safe] =>Trojan.Lozavita
[HKLM\Software\Feven Pro 1.3] =>PUP.CrossRider
[HKLM\Software\Industriya]
~ Key Software: 193 Legitimates Filtered in 00mn 01s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 30/03/2014 - 17:43:10 - [0,884] ----D C:\ProgramData\ClickForeSaale
O43 - CFD: 05/03/2014 - 13:22:22 - [0,005] ----D C:\Users\Renato\AppData\Roaming\360safe =>Trojan.Lozavita
~ Program Folder: 120 Legitimates Filtered in 01mn 24s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.14CD7AB26190B1C7A824995918C43751] - 06/04/2014 - 21:03:32 ---A- . (...) -- C:\Windows\win.ini [603]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 06/04/2014 - 23:35:22 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.4F12189AE1920269D111B4837D50DFA1] - 07/04/2014 - 00:30:26 ---A- . (...) -- C:\zoek-results.log [21017]
~ Files: 8 Legitimates Filtered in 00mn 05s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.6E42F2E5B5BDE3FE4066C9B2D6091E17] - 04/03/2014 - 23:15:51 ---A- . (.360安全中心 - 360Efimon Driver.) -- C:\Windows\System32\Drivers\efimon.sys [23624]
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:[MD5.F8F330E056E3F9237ED885024D44BC52] - 12/11/2010 - 19:24:00 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys [116008]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.049844AD9F01ACCDE9998B46B0C8948D] - 04/03/2014 - 23:15:52 ---A- . (.360安全中心 - 360安全卫士 - HookPort.) -- C:\Windows\System32\Drivers\hookport.sys [75832]
O58 - SDL:[MD5.41CE6B172542A9A227E34A45881E1D2A] - 02/05/2012 - 21:33:42 ---A- . (.Windows (R) 2003 DDK 3790 provider - Generic Port I/O for Win32.) -- C:\Windows\System32\Drivers\rtport.sys [15656]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:[MD5.690A5371C61658B6EB41185B40323172] - 22/03/2014 - 17:58:19 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\wStLib.sys [52920] =>PUP.LinkiDoo
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 18 Legitimates Filtered in 00mn 05s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 04/03/2014 - C:\Windows\System32\Drivers\Efimon.sys (EfiMon) .(.360安全中心 - 360Efimon Driver.) - LEGACY_EFIMON
O64 - Services: CurCS - 04/03/2014 - C:\Windows\System32\Drivers\Hookport.sys (HookPort) .(.360安全中心 - 360安全卫士 - HookPort.) - LEGACY_HOOKPORT
O64 - Services: CurCS - 22/03/2014 - C:\Windows\System32\drivers\wStLib.sys (wStLib) .(.StdLib - StdLib.) - LEGACY_WSTLIB =>PUP.LinkiDoo
~ Legacy: 96 Legitimates Filtered in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{5D0FDE73-2BDB-455A-A562-5AF7F3047885}C:\program files\psafe\pssmartup.exe" | In - Public - P6 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\program files\psafe\pssmartup.exe
O87 - FAEL: "UDP Query User{58BAC1E7-E0D7-41A9-90BD-42CF9C1F5173}C:\program files\psafe\pssmartup.exe" | In - Public - P17 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\program files\psafe\pssmartup.exe
O87 - FAEL: "{836868E4-735F-4848-A460-8D3D16729677}" | In - None - P6 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\Program Files\PSafe\pssmartup.exe
O87 - FAEL: "{B2BE63EF-0692-4A4B-8720-B3327A1C439F}" | In - None - P17 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\Program Files\PSafe\pssmartup.exe
O87 - FAEL: "{CF97F8AB-F5B2-45D9-82A0-55DA57CE4BC8}" | In - None - P6 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\Program Files\PSafe\pssmartup.exe
O87 - FAEL: "{8F1E81F2-A1C7-4D41-B33E-105CA5EE56E8}" | In - None - P17 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\Program Files\PSafe\pssmartup.exe
O87 - FAEL: "{D2D71A98-EE45-4179-9C20-A585F6C30C53}" | In - None - P6 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\Program Files\PSafe\pssmartup.exe
O87 - FAEL: "{89FA4D4F-DA1F-4C24-A0AD-AFE91EE0F33F}" | In - None - P17 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\Program Files\PSafe\pssmartup.exe
~ Firewall: 160 Legitimates Filtered in 00mn 01s
---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "25BD30E1BC5D83343A835E62DDD4D41B" . (.Bing Bar.) -- C:\windows\Installer\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}\icon_installer_ico =>Toolbar.Bing
O90 - PUC: "D2A425F47365A600677A7A857BC0A030" . (.Ask Toolbar.) -- C:\windows\Installer\{4F524A2D-5637-006A-76A7-A758B70C0A03}\ToolbarIcon.exe =>Toolbar.Ask
~ Update Products: 440 Legitimates Filtered in 00mn 00s
---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.22C9E7805145D0A0C4C62DDB591D2DAE] [WIS][27/06/2012] (.Babylon Ltd - BabylonObjectInstaller.) -- C:\Windows\Installer\7c3866.msi [353280] =>PUP.Babylon
[MD5.9324BE9D243CAFD7792902439AABD875] [WIS][20/02/2014] (.APN, LLC - Ask Toolbar.) -- C:\Windows\Installer\9916ab.msi [463872] =>Toolbar.Ask
~ WIS: 443 Legitimates Filtered in 00mn 47s
---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\BetterInstaller_RASAPI32 =>Adware.MegaSearch
HKLM\SOFTWARE\Microsoft\Tracing\BetterInstaller_RASMANCS =>Adware.MegaSearch
HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32 =>Adware.MegaSearch
HKLM\SOFTWARE\Microsoft\Tracing\BI_RunOnce_RASAPI32 =>Adware.MegaSearch
HKLM\SOFTWARE\Microsoft\Tracing\setup_magnipic_RASAPI32 =>Adware.MagniPic
HKLM\SOFTWARE\Microsoft\Tracing\setup_magnipic_RASMANCS =>Adware.MagniPic
~ BTK: 122 Legitimates Filtered in 00mn 00s
---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{1070C156-160B-47A0-B7D9-1860396BAB57}] (SaveSenseLive Broker Class Factory) =>PUP.SaveSense
[HKCR\CLSID\{27CE191D-733B-4450-AFCD-096D105288C3}] (SaveSenseLive.OneClickProcessLauncher) =>PUP.SaveSense
[HKCR\CLSID\{39A29266-D3E4-462D-AB05-F93B1053F6CF}] (SaveSenseLive Legacy On Demand) =>PUP.SaveSense
[HKCR\CLSID\{73192D81-6D24-4C40-BF7B-2507C6FA0B1A}] (SaveSenseLive Core Class) =>PUP.SaveSense
[HKCR\CLSID\{88C606E7-BA26-41CB-8CC3-D1E313E34E75}] (SaveSenseLive Process Launcher Class) =>PUP.SaveSense
[HKCR\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}] (Bing Bar) =>Toolbar.Bing
[HKCR\CLSID\{9E0546FF-D44F-4FE4-A324-995FCACB8D33}] (SaveSenseLive Broker Class Factory) =>PUP.SaveSense
[HKCR\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828}] (SaveSenseLive Legacy On Demand) =>PUP.SaveSense
[HKCR\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] (Bing Bar Helper) =>Toolbar.Bing
[HKCR\CLSID\{F4B8D46C-4EEE-401B-8607-DC03025F34B1}] (SaveSenseLive Core Class) =>PUP.SaveSense
~ BCK: 5578 Legitimates Filtered in 00mn 09s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 20/02/2014 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 01/03/2011 183560 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\BBSvc.exe =>Toolbar.Bing
SS - | Auto 02/06/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 02/06/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 09/08/2010 131888 | (Samsung UPD Service) . (.Samsung Electronics CO., LTD..) - C:\windows\System32\SUPDSvc.exe
SR - | Auto 20/12/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 16/04/2011 130008 | (NIS) . (.Symantec Corporation.) - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
SR - | Auto 01/06/2010 2057560 | (NOBU) . (.Symantec Corporation.) - C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe =>.Symantec Corporation
SR - | Auto 19/03/2014 2710216 | (PSafeSVC) . (.PSafe S/A.) - C:\Program Files\PSafe\psafesvc.exe
SR - | Auto 19/03/2014 266952 | (PSafeWD) . (.PSafe S.A..) - C:\Program Files\PSafe\PSafeWD.exe
SR - | Auto 01/12/2009 244904 | (RichVideo) . (...) - C:\Program Files\CyberLink\Shared files\RichVideo.exe
SR - | Auto 24/02/2011 249648 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files\Microsoft\BingBar\SeaPort.exe =>Toolbar.Bing
SR - | Auto 20/12/2010 2656280 | (UNS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 01/03/2011 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 01/03/2011 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 12s
---\\ Scâner Aditional (088)
Database Version : 13044 - (09/04/2014)
Clés trouvées (Keys found) : 13
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 14
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5637-006A-76A7-A758B70C0A03}] =>Toolbar.Ask^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallBrain Updater Service] =>PUP.InstallBrain^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Save Sense] =>PUP.SaveSense^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SaveSense] =>PUP.SaveSense^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage] =>Adware.Downware^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}] =>Toolbar.Bing
[HKLM\Software\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Bing
[HKLM\Software\Classes\Installer\Products\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EB03EF39-C655-D560-FA95-79182B837D64}] =>Adware.MagniPic
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\privitize] =>Hijacker.PrivitizeVPN
[HKLM\Software\360Safe] =>Trojan.Lozavita
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}] =>PUP.CrossRider
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:PrivitizeVPN =>Hijacker.PrivitizeVPN^
C:\Users\Renato\AppData\Roaming\360safe =>Trojan.Lozavita^
[HKCU\Software\AnyProtect] =>PUP.AnyProtect^
[HKLM\Software\Feven Pro 1.3] =>PUP.CrossRider^
C:\Windows\Installer\7c3866.msi =>PUP.Babylon^
C:\Windows\Installer\9916ab.msi =>Toolbar.Ask^
[HKCR\CLSID\{1070C156-160B-47A0-B7D9-1860396BAB57}] (SaveSenseLive Broker Class Factory) =>PUP.SaveSense^
[HKCR\CLSID\{27CE191D-733B-4450-AFCD-096D105288C3}] (SaveSenseLive.OneClickProcessLauncher) =>PUP.SaveSense^
[HKCR\CLSID\{39A29266-D3E4-462D-AB05-F93B1053F6CF}] (SaveSenseLive Legacy On Demand) =>PUP.SaveSense^
[HKCR\CLSID\{73192D81-6D24-4C40-BF7B-2507C6FA0B1A}] (SaveSenseLive Core Class) =>PUP.SaveSense^
[HKCR\CLSID\{88C606E7-BA26-41CB-8CC3-D1E313E34E75}] (SaveSenseLive Process Launcher Class) =>PUP.SaveSense^
[HKCR\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}] (Bing Bar) =>Toolbar.Bing^
[HKCR\CLSID\{9E0546FF-D44F-4FE4-A324-995FCACB8D33}] (SaveSenseLive Broker Class Factory) =>PUP.SaveSense^
[HKCR\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828}] (SaveSenseLive Legacy On Demand) =>PUP.SaveSense^
[HKCR\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] (Bing Bar Helper) =>Toolbar.Bing^
[HKCR\CLSID\{F4B8D46C-4EEE-401B-8607-DC03025F34B1}] (SaveSenseLive Core Class) =>PUP.SaveSense^
~ Additionnel Scan: 267665 Items scanned in 00mn 22s
---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.PrivitizeVPN
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.Ask
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SaveSense
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.Downware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.AnyProtect
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.Lozavita
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.CrossRider
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Babylon
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.MegaSearch
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.MagniPic
~ MSI: 10 link(s) detected in 00mn 00s
~ 1240 Legitimates filtered by white list
End of the scan (513 lines in 04mn 36s)(0)
Renato L. Galeno- Membro
- Mensagens : 57
Reputação : 1
Data de inscrição : 06/04/2014
Re: Adwares com propagandas de jogos
por Power Max Ter 08 Abr 2014, 23:16
No seu PC constam dois antivirus: Norton e Psafe. Sugiro que desinstale o Psafe e fique só com o Norton para evitar conflitos e lentidão.__________________________________________________________________________________________________________________
Selecione e copie todo o texto destacado em vermelho que te passei._____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas. Copie este relatório e poste em sua próxima resposta.
Última edição por Power Max em Qua 09 Abr 2014, 23:31, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Adwares com propagandas de jogos
por Renato L. Galeno Ter 08 Abr 2014, 23:26
Rapport de ZHPFix 2014.4.7.2 par Nicolas Coolman, Update du 07/04/2014
Fichier d'export Registre :
Run by Renato at 08/04/2014 23:25:15
High Elevated Privileges : OK
Windows 7 Starter Edition, 32-bit Service Pack 1 (Build 7601)
Reciclagem vazia (00mn 03s)
Reparação de atalhos do navegador
========== Softwares ==========
ELIMINÉ: Ask Toolbar
AUSENTE Uninstall Process: c:\programdata\clickforesaale\yrhif9e.exe
AUSENTE Uninstall Process: c:\programdata\installbrainservice\ibsvc.exe
AUSENTE Uninstall Process: c:\users\renato\appdata\local\savesense\uninst.exe
AUSENTE Uninstall Process: c:\users\renato\appdata\roaming\savesense\updateproc\updatetask.exe
AUSENTE Uninstall Process: c:\users\renato\appdata\roaming\vopackage\uninstall.exe
AUSENTE Uninstall Process: c:\program files\webfuii\webfuiiuninstall.exe
AUSENTE Uninstall Process: c:\programdata\tpeerfectcouppon\9pshwcfyfn.exe
========== Estado dos serviços ==========
EFIMON Parado
HOOKPORT Parado
WSTLIB Parado
========== Chaves do Registo ==========
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6C998B44-82D8-CC7E-D847-4CD73036412A}]
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallBrain Updater Service]
ELIMINÉ Logiciel Key: [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Save Sense]
ELIMINÉ Logiciel Key: [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SaveSense]
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage]
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Webfuii]
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{23B82977-C816-92D2-66E7-BE67DD1E7786}]
ELIMINÉ Driver Key: wStLib
ELIMINÉ: HKCU\Software\AnyProtect
ELIMINÉ: HKCU\Software\Industriya
ELIMINÉ: HKCU\Software\Webfuii
ELIMINÉ: HKLM\Software\360Safe
ELIMINÉ: HKLM\Software\Feven Pro 1.3
ELIMINÉ: HKLM\Software\Industriya
ELIMINÉ Driver Key: EfiMon
ELIMINÉ: [HKLM\Software\Classes\Installer\Products\\25BD30E1BC5D83343A835E62DDD4D41B]
ELIMINÉ: [HKLM\Software\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B]
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\BetterInstaller_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\BetterInstaller_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\BI_RunOnce_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\setup_magnipic_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\setup_magnipic_RASMANCS
ELIMINÉ: HKCR\CLSID\{1070C156-160B-47A0-B7D9-1860396BAB57}
ELIMINÉ: HKCR\CLSID\{27CE191D-733B-4450-AFCD-096D105288C3}
ELIMINÉ: HKCR\CLSID\{39A29266-D3E4-462D-AB05-F93B1053F6CF}
ELIMINÉ: HKCR\CLSID\{73192D81-6D24-4C40-BF7B-2507C6FA0B1A}
ELIMINÉ: HKCR\CLSID\{88C606E7-BA26-41CB-8CC3-D1E313E34E75}
ELIMINÉ: HKCR\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}
ELIMINÉ: HKCR\CLSID\{9E0546FF-D44F-4FE4-A324-995FCACB8D33}
ELIMINÉ: HKCR\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828}
ELIMINÉ: HKCR\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}
ELIMINÉ: HKCR\CLSID\{F4B8D46C-4EEE-401B-8607-DC03025F34B1}
ELIMINÉ: Service: BBSvc
ELIMINÉ: Service: SeaPort
ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}
ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\25BD30E1BC5D83343A835E62DDD4D41B
ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EB03EF39-C655-D560-FA95-79182B837D64}
ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\privitize
ELIMINÉ: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
========== Valores do Registo ==========
ELIMINÉ: Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
ELIMINÉ RunValue: PrivitizeVPN
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ: c:\users\renato\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\pc performer (2).lnk
ELIMINÉ: c:\windows\system32\drivers\efimon.sys
ELIMINÉ: c:\windows\system32\drivers\hookport.sys
ELIMINÉ: c:\windows\system32\drivers\wstlib.sys
ELIMINÉ: c:\program files\microsoft\bingbar\bbsvc.exe
ELIMINA REINICIAR: c:\program files\microsoft\bingbar\seaport.exe
ELIMINÉ: C:\Windows\Installer\7c3866.msi
ELIMINÉ Temporários windows (140) (1.807.347 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
40 : Chaves do Registo
8 : Valores do Registo
1 : Pastas
9 : Ficheiros
8 : Softwares
3 : Estado dos serviços
1 : Restauração Sistema
End of clean in 01mn 59s
========== Caminho do ficheiro do relatório ==========
C:\Users\Renato\AppData\Roaming\ZHP\ZHPFix[R1].txt - 08/04/2014 23:25:18 [5109]
Fichier d'export Registre :
Run by Renato at 08/04/2014 23:25:15
High Elevated Privileges : OK
Windows 7 Starter Edition, 32-bit Service Pack 1 (Build 7601)
Reciclagem vazia (00mn 03s)
Reparação de atalhos do navegador
========== Softwares ==========
ELIMINÉ: Ask Toolbar
AUSENTE Uninstall Process: c:\programdata\clickforesaale\yrhif9e.exe
AUSENTE Uninstall Process: c:\programdata\installbrainservice\ibsvc.exe
AUSENTE Uninstall Process: c:\users\renato\appdata\local\savesense\uninst.exe
AUSENTE Uninstall Process: c:\users\renato\appdata\roaming\savesense\updateproc\updatetask.exe
AUSENTE Uninstall Process: c:\users\renato\appdata\roaming\vopackage\uninstall.exe
AUSENTE Uninstall Process: c:\program files\webfuii\webfuiiuninstall.exe
AUSENTE Uninstall Process: c:\programdata\tpeerfectcouppon\9pshwcfyfn.exe
========== Estado dos serviços ==========
EFIMON Parado
HOOKPORT Parado
WSTLIB Parado
========== Chaves do Registo ==========
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6C998B44-82D8-CC7E-D847-4CD73036412A}]
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallBrain Updater Service]
ELIMINÉ Logiciel Key: [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Save Sense]
ELIMINÉ Logiciel Key: [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SaveSense]
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage]
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Webfuii]
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{23B82977-C816-92D2-66E7-BE67DD1E7786}]
ELIMINÉ Driver Key: wStLib
ELIMINÉ: HKCU\Software\AnyProtect
ELIMINÉ: HKCU\Software\Industriya
ELIMINÉ: HKCU\Software\Webfuii
ELIMINÉ: HKLM\Software\360Safe
ELIMINÉ: HKLM\Software\Feven Pro 1.3
ELIMINÉ: HKLM\Software\Industriya
ELIMINÉ Driver Key: EfiMon
ELIMINÉ: [HKLM\Software\Classes\Installer\Products\\25BD30E1BC5D83343A835E62DDD4D41B]
ELIMINÉ: [HKLM\Software\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B]
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\BetterInstaller_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\BetterInstaller_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\BI_RunOnce_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\setup_magnipic_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\setup_magnipic_RASMANCS
ELIMINÉ: HKCR\CLSID\{1070C156-160B-47A0-B7D9-1860396BAB57}
ELIMINÉ: HKCR\CLSID\{27CE191D-733B-4450-AFCD-096D105288C3}
ELIMINÉ: HKCR\CLSID\{39A29266-D3E4-462D-AB05-F93B1053F6CF}
ELIMINÉ: HKCR\CLSID\{73192D81-6D24-4C40-BF7B-2507C6FA0B1A}
ELIMINÉ: HKCR\CLSID\{88C606E7-BA26-41CB-8CC3-D1E313E34E75}
ELIMINÉ: HKCR\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}
ELIMINÉ: HKCR\CLSID\{9E0546FF-D44F-4FE4-A324-995FCACB8D33}
ELIMINÉ: HKCR\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828}
ELIMINÉ: HKCR\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}
ELIMINÉ: HKCR\CLSID\{F4B8D46C-4EEE-401B-8607-DC03025F34B1}
ELIMINÉ: Service: BBSvc
ELIMINÉ: Service: SeaPort
ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}
ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\25BD30E1BC5D83343A835E62DDD4D41B
ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EB03EF39-C655-D560-FA95-79182B837D64}
ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\privitize
ELIMINÉ: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
========== Valores do Registo ==========
ELIMINÉ: Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
ELIMINÉ RunValue: PrivitizeVPN
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ: c:\users\renato\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\pc performer (2).lnk
ELIMINÉ: c:\windows\system32\drivers\efimon.sys
ELIMINÉ: c:\windows\system32\drivers\hookport.sys
ELIMINÉ: c:\windows\system32\drivers\wstlib.sys
ELIMINÉ: c:\program files\microsoft\bingbar\bbsvc.exe
ELIMINA REINICIAR: c:\program files\microsoft\bingbar\seaport.exe
ELIMINÉ: C:\Windows\Installer\7c3866.msi
ELIMINÉ Temporários windows (140) (1.807.347 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
40 : Chaves do Registo
8 : Valores do Registo
1 : Pastas
9 : Ficheiros
8 : Softwares
3 : Estado dos serviços
1 : Restauração Sistema
End of clean in 01mn 59s
========== Caminho do ficheiro do relatório ==========
C:\Users\Renato\AppData\Roaming\ZHP\ZHPFix[R1].txt - 08/04/2014 23:25:18 [5109]
Renato L. Galeno- Membro
- Mensagens : 57
Reputação : 1
Data de inscrição : 06/04/2014
Re: Adwares com propagandas de jogos
por Power Max Ter 08 Abr 2014, 23:37
Abra novamente o ( ZHPDiag )[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Adwares com propagandas de jogos
por Renato L. Galeno Ter 08 Abr 2014, 23:43
~ Relatório do ZHPDiag v2014.4.8.12 - Nicolas Coolman (09/04/2014)
~ Iniciado por Renato (08/04/2014 23:38:46)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.16521
GCIE: Google Chrome v31.0.1650.63 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Starter, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
Norton Internet Security v18.7.2.3
Windows Defender W7
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 11 ActiveX
Adobe Reader 9.1
Java 7 Update 51
---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1955 MB (34% free)
System Restore: Activé (Enable)
System drive C: has 140 GB (77%) free of 180 GB
---\\ Modo de conexão ao sistema
~ Computer Name: RENATO-PC
~ User Name: Renato
~ All Users Names: Renato, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Renato\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Renato\AppData\Roaming\
~ %Desktop% : C:\Users\Renato\Desktop\
~ %Favorites% : C:\Users\Renato\Favorites\
~ %LocalAppData% : C:\Users\Renato\AppData\Local\
~ %StartMenu% : C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 140 Go of 180 Go)
D: Hard drive, Flash drive, Thumb drive (Free 243 Go of 268 Go)
E: CD-ROM drive (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
---\\ Estado do Centro de Segurança do Windows
~ Security Center: 41 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 02:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.AAFEAB4FC9D70253F8C7E353E879E8A2] - (.Microsoft Corporation - Internet Extensions para Win32.) (.28/02/2014 - 23:32:16.) -- C:\Windows\System32\wininet.dll [1820160]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20/11/2010 - 18:29:06.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 18:29:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/09/2013 - 21:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 18:29:07.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 18:29:08.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.12/04/2013 - 10:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 18:29:07.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.C37AEE5966EB5929E2051AC7409B5730] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.25/02/2011 - 02:40:54.) -- C:\Windows\system32\Drivers\volsnap.sys [246144]
~ Generic Processes: Scanned in 00mn 01s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes Videos (My Videos) : 1/6
~ Mes Favoris (My Favorites) : 1/5
~ Mes Documents (My Documents) : 1/41
~ Mon Bureau (My Desktop) : 0/11
~ Menu demarrer (Programs) : 1/22
~ Hidden Files: Scanned in 00mn 00s
---\\ Processos lançados
[MD5.E78A365CC3E0FBFC018A33DCE01909F8] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008] [PID.1636]
[MD5.141EE12CB2423FF8C7DE30DE66A1ACA1] - (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11463272] [PID.2544]
[MD5.4880F039D8C2F9731B516E6F42ED8822] - (.ELAN Microelectronics Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe [1812264] [PID.2552]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336] [PID.2624]
[MD5.69E5FE24CBEDECAF56937925063E8FB9] - (.PSafe - PSafe System Tray.) -- C:\Program Files\PSafe\PSafeSysTray.exe [3688136] [PID.2768]
[MD5.437DB0E75D4E427AA705C1AB1DB9A948] - (.PSafe S.A. - PSafeWD.) -- C:\Program Files\PSafe\PSafeWDS.exe [144072] [PID.2776]
[MD5.78DA2059084E6A5DBF62FDC8CEDB8E8B] - (.PSafe S/A - SearchDesk.) -- C:\Program Files\PSafe\SearchDesk\psSearchDesk.exe [3067592] [PID.3196]
[MD5.BACE9FBCACAE7EDF500D43D522285F13] - (.ELAN Microelectronics Corp. - ETD Control Center Helper.) -- C:\Program Files\Elantech\ETDCtrlHelper.exe [1602344] [PID.3340]
[MD5.B00F98FF6FE8682FF941BEB2559BF191] - (.CyberLink - YouCam Mirage.) -- C:\Program Files\CyberLink\YouCam\YCMMirage.exe [136488] [PID.2664]
[MD5.BC5C2A727B521B58A6C7ACF931D93F86] - (.Samsung Electronics Co., Ltd. - Easy Display Manager.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [1040264] [PID.1112]
[MD5.D5C65D259096440FF3426852C712B2E0] - (.Samsung Electronics Co., Ltd. - Wifi Manager.) -- C:\Program Files\Samsung\Easy Display Manager\WifiManager.exe [7062608] [PID.952]
[MD5.CDD3658D56F204E5ABD95F04D83F3F26] - (.Intel Corporation - igfxext Module.) -- C:\windows\system32\igfxext.exe [187672] [PID.2816]
[MD5.BE7FE52636BDA7019AB42B133F2345B0] - (.Intel Corporation - igfxsrvc Module.) -- C:\windows\system32\igfxsrvc.exe [267544] [PID.2848]
[MD5.71094F0CC1E88EB690EA2D33CD23D4FF] - (.SEC - Samsung Recovery Solution 5.) -- C:\Program Files\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [4394576] [PID.632]
[MD5.D9C70E8552670E7A67778ED238C18975] - (.Samsung Electronics Co., Ltd. - Smart Restarter Program.) -- C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2208624] [PID.3064]
[MD5.57B4D34232852BFE4453BE571DF90D21] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720] [PID.3304]
[MD5.B0EEFED7FFE796D5799DF5E82B0D166A] - (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe [177432] [PID.3284]
[MD5.2DDA2265EEFC692DF38BA6198E7B69CA] - (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe [178456] [PID.2344]
[MD5.2C7CF4D4A17B5765E23F6B82C16AF4EB] - (.CyberLink Corp. - Media+Player RC Service.) -- C:\Program Files\CyberLink\Media+Player10\Media+Player10Serv.exe [87336] [PID.3336]
[MD5.9F71DDE0A8C47254B9DA3AB6094915CC] - (.Samsung Electronics Co., Ltd. - MovieColorEnhancer.exe.) -- C:\Program Files\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [775848] [PID.4312]
[MD5.75BD6130D6D1151CB3CAA8296EAD9E5F] - (.SAMSUNG Electronics - SSCKbdHk.) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [3398736] [PID.4800]
[MD5.B8C44BF5A86B4662458F4AA8F901C94B] - (.Samsung Electronics - Samsung Update Plus Background.) -- C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2782064] [PID.5172]
[MD5.376A9B411BF8B77D5BF84B24D0C7DACD] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [863184] [PID.2312]
[MD5.EC15A606D68A99B6911ABB644ACF6654] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8193536] [PID.6092]
~ Processes Running: Scanned in 00mn 03s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 13 Legitimates Filtered in 00mn 07s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: LibreOffice 3.5.lnk . (.The Document Foundation - LibreOffice 3.5.) -- C:\Program Files\LibreOffice 3.5\program\soffice.exe
O4 - GS\Desktop [Public]: Multimedia POP.lnk . (.TODO: - TODO: .) -- C:\Program Files\Samsung\MultimediaPOP\MultimediaPOP.exe
O4 - GS\Desktop [Public]: User Guide.lnk . (.Samsung Electronics - Runmanual.) -- C:\Program Files\Samsung\SamsungManual\RunManual.exe
O4 - GS\Desktop [Public]: VDownloader.lnk . (.Vitzo - VDownloader.) -- C:\Program Files\VDownloader\VDownloader.exe
O4 - GS\QuickLaunch [Renato]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Renato]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Renato]: VDownloader.lnk . (.Vitzo - VDownloader.) -- C:\Program Files\VDownloader\VDownloader.exe
O4 - GS\TaskBar [Renato]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Renato]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [Renato]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Renato]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo [Renato]: Transferência de Arquivo Bluetooth.LNK . (.Microsoft Corporation - No Comment.) -- C:\Windows\System32\fsquirt.exe
O4 - GS\Desktop [Renato]: Aparência - Atalho.lnk - Chave orfã
O4 - GS\Desktop [Renato]: Limpeza Grátis de Registros!.lnk - Chave orfã
~ Global Startup: 60 Legitimates Filtered in 00mn 01s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [ETDCtrl] . (.ELAN Microelectronics Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [VDownloader] . (.Vitzo - VDownloader.) -- C:\Program Files\VDownloader\VDownloader.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [PSafeTray] . (.PSafe - PSafe System Tray.) -- C:\Program Files\PSafe\PSafeSysTray.exe
O4 - HKLM\..\Run: [PSafeWDS] . (.PSafe S.A. - PSafeWD.) -- C:\Program Files\PSafe\PSafeWDS.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} . (...) -- C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} ((no name)) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{66A4D76B-BFA3-4982-9A84-49DB48CC6801}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD49CEE5-6C1C-40AD-83B4-521F64867163}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD49CEE5-6C1C-40AD-83B4-521F64867163}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{66A4D76B-BFA3-4982-9A84-49DB48CC6801}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{BD49CEE5-6C1C-40AD-83B4-521F64867163}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{BD49CEE5-6C1C-40AD-83B4-521F64867163}: DhcpDomain = lan
O17 - HKLM\System\CS2\Services\Tcpip\..\{66A4D76B-BFA3-4982-9A84-49DB48CC6801}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{BD49CEE5-6C1C-40AD-83B4-521F64867163}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{BD49CEE5-6C1C-40AD-83B4-521F64867163}: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: PSafeSVC (PSafeSVC) . (.PSafe S/A - PSafe Core Service.) - C:\Program Files\PSafe\psafesvc.exe
O23 - Service: PSafeWD (PSafeWD) . (.PSafe S.A. - PSafeWD.) - C:\Program Files\PSafe\PSafeWD.exe
~ Services: 8 Legitimates Filtered in 00mn 07s
---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (EfiMon) . (. - .) - C:\Windows\System32\Drivers\Efimon.sys (.not file.)
O41 - Driver: (wStLib) . (. - .) - C:\Windows\System32\drivers\wStLib.sys (.not file.)
~ Drivers: 83 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\SaveSense] =>PUP.SaveSense
[HKLM\Software\Webfuii]
~ Key Software: 171 Legitimates Filtered in 00mn 01s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 08/04/2014 - 23:24:30 - [0] ----D C:\Program Files\ClickForeSaale
O43 - CFD: 08/04/2014 - 23:24:30 - [0,001] ----D C:\ProgramData\d0feb669ee8aa93
~ Program Folder: 120 Legitimates Filtered in 01mn 29s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.14CD7AB26190B1C7A824995918C43751] - 06/04/2014 - 21:03:32 ---A- . (...) -- C:\Windows\win.ini [603]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 06/04/2014 - 23:35:22 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.4F12189AE1920269D111B4837D50DFA1] - 07/04/2014 - 00:30:26 ---A- . (...) -- C:\zoek-results.log [21017]
~ Files: 8 Legitimates Filtered in 00mn 03s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:[MD5.F8F330E056E3F9237ED885024D44BC52] - 12/11/2010 - 19:24:00 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys [116008]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.41CE6B172542A9A227E34A45881E1D2A] - 02/05/2012 - 21:33:42 ---A- . (.Windows (R) 2003 DDK 3790 provider - Generic Port I/O for Win32.) -- C:\Windows\System32\Drivers\rtport.sys [15656]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 18 Legitimates Filtered in 00mn 06s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 01/01/1601 - C:\Windows\System32\Drivers\Hookport.sys (HookPort) .(...) - LEGACY_HOOKPORT
~ Legacy: 96 Legitimates Filtered in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{5D0FDE73-2BDB-455A-A562-5AF7F3047885}C:\program files\psafe\pssmartup.exe" | In - Public - P6 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\program files\psafe\pssmartup.exe
O87 - FAEL: "UDP Query User{58BAC1E7-E0D7-41A9-90BD-42CF9C1F5173}C:\program files\psafe\pssmartup.exe" | In - Public - P17 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\program files\psafe\pssmartup.exe
O87 - FAEL: "{836868E4-735F-4848-A460-8D3D16729677}" | In - None - P6 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\Program Files\PSafe\pssmartup.exe
O87 - FAEL: "{B2BE63EF-0692-4A4B-8720-B3327A1C439F}" | In - None - P17 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\Program Files\PSafe\pssmartup.exe
O87 - FAEL: "{CF97F8AB-F5B2-45D9-82A0-55DA57CE4BC8}" | In - None - P6 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\Program Files\PSafe\pssmartup.exe
O87 - FAEL: "{8F1E81F2-A1C7-4D41-B33E-105CA5EE56E8}" | In - None - P17 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\Program Files\PSafe\pssmartup.exe
O87 - FAEL: "{D2D71A98-EE45-4179-9C20-A585F6C30C53}" | In - None - P6 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\Program Files\PSafe\pssmartup.exe
O87 - FAEL: "{89FA4D4F-DA1F-4C24-A0AD-AFE91EE0F33F}" | In - None - P17 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\Program Files\PSafe\pssmartup.exe
~ Firewall: 160 Legitimates Filtered in 00mn 00s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 20/02/2014 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 02/06/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 02/06/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 09/08/2010 131888 | (Samsung UPD Service) . (.Samsung Electronics CO., LTD..) - C:\windows\System32\SUPDSvc.exe
SR - | Auto 20/12/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 16/04/2011 130008 | (NIS) . (.Symantec Corporation.) - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
SR - | Auto 01/06/2010 2057560 | (NOBU) . (.Symantec Corporation.) - C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe =>.Symantec Corporation
SR - | Auto 19/03/2014 2710216 | (PSafeSVC) . (.PSafe S/A.) - C:\Program Files\PSafe\psafesvc.exe
SR - | Auto 19/03/2014 266952 | (PSafeWD) . (.PSafe S.A..) - C:\Program Files\PSafe\PSafeWD.exe
SR - | Auto 01/12/2009 244904 | (RichVideo) . (...) - C:\Program Files\CyberLink\Shared files\RichVideo.exe
SR - | Auto 20/12/2010 2656280 | (UNS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 01/03/2011 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 01/03/2011 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 15s
---\\ Scâner Aditional (088)
Database Version : 13044 - (09/04/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1
[HKCU\Software\SaveSense] =>PUP.SaveSense^
~ Additionnel Scan: 266598 Items scanned in 00mn 26s
---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SaveSense
~ MSI: 1 link(s) detected in 00mn 00s
~ 1222 Legitimates filtered by white list
End of the scan (403 lines in 03mn 55s)(0)
~ Iniciado por Renato (08/04/2014 23:38:46)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.16521
GCIE: Google Chrome v31.0.1650.63 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Starter, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
Norton Internet Security v18.7.2.3
Windows Defender W7
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 11 ActiveX
Adobe Reader 9.1
Java 7 Update 51
---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1955 MB (34% free)
System Restore: Activé (Enable)
System drive C: has 140 GB (77%) free of 180 GB
---\\ Modo de conexão ao sistema
~ Computer Name: RENATO-PC
~ User Name: Renato
~ All Users Names: Renato, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Renato\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Renato\AppData\Roaming\
~ %Desktop% : C:\Users\Renato\Desktop\
~ %Favorites% : C:\Users\Renato\Favorites\
~ %LocalAppData% : C:\Users\Renato\AppData\Local\
~ %StartMenu% : C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 140 Go of 180 Go)
D: Hard drive, Flash drive, Thumb drive (Free 243 Go of 268 Go)
E: CD-ROM drive (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
---\\ Estado do Centro de Segurança do Windows
~ Security Center: 41 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 02:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.AAFEAB4FC9D70253F8C7E353E879E8A2] - (.Microsoft Corporation - Internet Extensions para Win32.) (.28/02/2014 - 23:32:16.) -- C:\Windows\System32\wininet.dll [1820160]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20/11/2010 - 18:29:06.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 18:29:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/09/2013 - 21:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 18:29:07.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 18:29:08.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.12/04/2013 - 10:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 18:29:07.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.C37AEE5966EB5929E2051AC7409B5730] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.25/02/2011 - 02:40:54.) -- C:\Windows\system32\Drivers\volsnap.sys [246144]
~ Generic Processes: Scanned in 00mn 01s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes Videos (My Videos) : 1/6
~ Mes Favoris (My Favorites) : 1/5
~ Mes Documents (My Documents) : 1/41
~ Mon Bureau (My Desktop) : 0/11
~ Menu demarrer (Programs) : 1/22
~ Hidden Files: Scanned in 00mn 00s
---\\ Processos lançados
[MD5.E78A365CC3E0FBFC018A33DCE01909F8] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008] [PID.1636]
[MD5.141EE12CB2423FF8C7DE30DE66A1ACA1] - (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11463272] [PID.2544]
[MD5.4880F039D8C2F9731B516E6F42ED8822] - (.ELAN Microelectronics Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe [1812264] [PID.2552]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336] [PID.2624]
[MD5.69E5FE24CBEDECAF56937925063E8FB9] - (.PSafe - PSafe System Tray.) -- C:\Program Files\PSafe\PSafeSysTray.exe [3688136] [PID.2768]
[MD5.437DB0E75D4E427AA705C1AB1DB9A948] - (.PSafe S.A. - PSafeWD.) -- C:\Program Files\PSafe\PSafeWDS.exe [144072] [PID.2776]
[MD5.78DA2059084E6A5DBF62FDC8CEDB8E8B] - (.PSafe S/A - SearchDesk.) -- C:\Program Files\PSafe\SearchDesk\psSearchDesk.exe [3067592] [PID.3196]
[MD5.BACE9FBCACAE7EDF500D43D522285F13] - (.ELAN Microelectronics Corp. - ETD Control Center Helper.) -- C:\Program Files\Elantech\ETDCtrlHelper.exe [1602344] [PID.3340]
[MD5.B00F98FF6FE8682FF941BEB2559BF191] - (.CyberLink - YouCam Mirage.) -- C:\Program Files\CyberLink\YouCam\YCMMirage.exe [136488] [PID.2664]
[MD5.BC5C2A727B521B58A6C7ACF931D93F86] - (.Samsung Electronics Co., Ltd. - Easy Display Manager.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [1040264] [PID.1112]
[MD5.D5C65D259096440FF3426852C712B2E0] - (.Samsung Electronics Co., Ltd. - Wifi Manager.) -- C:\Program Files\Samsung\Easy Display Manager\WifiManager.exe [7062608] [PID.952]
[MD5.CDD3658D56F204E5ABD95F04D83F3F26] - (.Intel Corporation - igfxext Module.) -- C:\windows\system32\igfxext.exe [187672] [PID.2816]
[MD5.BE7FE52636BDA7019AB42B133F2345B0] - (.Intel Corporation - igfxsrvc Module.) -- C:\windows\system32\igfxsrvc.exe [267544] [PID.2848]
[MD5.71094F0CC1E88EB690EA2D33CD23D4FF] - (.SEC - Samsung Recovery Solution 5.) -- C:\Program Files\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [4394576] [PID.632]
[MD5.D9C70E8552670E7A67778ED238C18975] - (.Samsung Electronics Co., Ltd. - Smart Restarter Program.) -- C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2208624] [PID.3064]
[MD5.57B4D34232852BFE4453BE571DF90D21] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720] [PID.3304]
[MD5.B0EEFED7FFE796D5799DF5E82B0D166A] - (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe [177432] [PID.3284]
[MD5.2DDA2265EEFC692DF38BA6198E7B69CA] - (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe [178456] [PID.2344]
[MD5.2C7CF4D4A17B5765E23F6B82C16AF4EB] - (.CyberLink Corp. - Media+Player RC Service.) -- C:\Program Files\CyberLink\Media+Player10\Media+Player10Serv.exe [87336] [PID.3336]
[MD5.9F71DDE0A8C47254B9DA3AB6094915CC] - (.Samsung Electronics Co., Ltd. - MovieColorEnhancer.exe.) -- C:\Program Files\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [775848] [PID.4312]
[MD5.75BD6130D6D1151CB3CAA8296EAD9E5F] - (.SAMSUNG Electronics - SSCKbdHk.) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [3398736] [PID.4800]
[MD5.B8C44BF5A86B4662458F4AA8F901C94B] - (.Samsung Electronics - Samsung Update Plus Background.) -- C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2782064] [PID.5172]
[MD5.376A9B411BF8B77D5BF84B24D0C7DACD] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [863184] [PID.2312]
[MD5.EC15A606D68A99B6911ABB644ACF6654] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8193536] [PID.6092]
~ Processes Running: Scanned in 00mn 03s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 13 Legitimates Filtered in 00mn 07s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: LibreOffice 3.5.lnk . (.The Document Foundation - LibreOffice 3.5.) -- C:\Program Files\LibreOffice 3.5\program\soffice.exe
O4 - GS\Desktop [Public]: Multimedia POP.lnk . (.TODO:
O4 - GS\Desktop [Public]: User Guide.lnk . (.Samsung Electronics - Runmanual.) -- C:\Program Files\Samsung\SamsungManual\RunManual.exe
O4 - GS\Desktop [Public]: VDownloader.lnk . (.Vitzo - VDownloader.) -- C:\Program Files\VDownloader\VDownloader.exe
O4 - GS\QuickLaunch [Renato]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Renato]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Renato]: VDownloader.lnk . (.Vitzo - VDownloader.) -- C:\Program Files\VDownloader\VDownloader.exe
O4 - GS\TaskBar [Renato]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Renato]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [Renato]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Renato]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo [Renato]: Transferência de Arquivo Bluetooth.LNK . (.Microsoft Corporation - No Comment.) -- C:\Windows\System32\fsquirt.exe
O4 - GS\Desktop [Renato]: Aparência - Atalho.lnk - Chave orfã
O4 - GS\Desktop [Renato]: Limpeza Grátis de Registros!.lnk - Chave orfã
~ Global Startup: 60 Legitimates Filtered in 00mn 01s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [ETDCtrl] . (.ELAN Microelectronics Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [VDownloader] . (.Vitzo - VDownloader.) -- C:\Program Files\VDownloader\VDownloader.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [PSafeTray] . (.PSafe - PSafe System Tray.) -- C:\Program Files\PSafe\PSafeSysTray.exe
O4 - HKLM\..\Run: [PSafeWDS] . (.PSafe S.A. - PSafeWD.) -- C:\Program Files\PSafe\PSafeWDS.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} . (...) -- C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} ((no name)) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{66A4D76B-BFA3-4982-9A84-49DB48CC6801}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD49CEE5-6C1C-40AD-83B4-521F64867163}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD49CEE5-6C1C-40AD-83B4-521F64867163}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{66A4D76B-BFA3-4982-9A84-49DB48CC6801}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{BD49CEE5-6C1C-40AD-83B4-521F64867163}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{BD49CEE5-6C1C-40AD-83B4-521F64867163}: DhcpDomain = lan
O17 - HKLM\System\CS2\Services\Tcpip\..\{66A4D76B-BFA3-4982-9A84-49DB48CC6801}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{BD49CEE5-6C1C-40AD-83B4-521F64867163}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{BD49CEE5-6C1C-40AD-83B4-521F64867163}: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: PSafeSVC (PSafeSVC) . (.PSafe S/A - PSafe Core Service.) - C:\Program Files\PSafe\psafesvc.exe
O23 - Service: PSafeWD (PSafeWD) . (.PSafe S.A. - PSafeWD.) - C:\Program Files\PSafe\PSafeWD.exe
~ Services: 8 Legitimates Filtered in 00mn 07s
---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (EfiMon) . (. - .) - C:\Windows\System32\Drivers\Efimon.sys (.not file.)
O41 - Driver: (wStLib) . (. - .) - C:\Windows\System32\drivers\wStLib.sys (.not file.)
~ Drivers: 83 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\SaveSense] =>PUP.SaveSense
[HKLM\Software\Webfuii]
~ Key Software: 171 Legitimates Filtered in 00mn 01s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 08/04/2014 - 23:24:30 - [0] ----D C:\Program Files\ClickForeSaale
O43 - CFD: 08/04/2014 - 23:24:30 - [0,001] ----D C:\ProgramData\d0feb669ee8aa93
~ Program Folder: 120 Legitimates Filtered in 01mn 29s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.14CD7AB26190B1C7A824995918C43751] - 06/04/2014 - 21:03:32 ---A- . (...) -- C:\Windows\win.ini [603]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 06/04/2014 - 23:35:22 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.4F12189AE1920269D111B4837D50DFA1] - 07/04/2014 - 00:30:26 ---A- . (...) -- C:\zoek-results.log [21017]
~ Files: 8 Legitimates Filtered in 00mn 03s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:[MD5.F8F330E056E3F9237ED885024D44BC52] - 12/11/2010 - 19:24:00 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys [116008]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.41CE6B172542A9A227E34A45881E1D2A] - 02/05/2012 - 21:33:42 ---A- . (.Windows (R) 2003 DDK 3790 provider - Generic Port I/O for Win32.) -- C:\Windows\System32\Drivers\rtport.sys [15656]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 18 Legitimates Filtered in 00mn 06s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 01/01/1601 - C:\Windows\System32\Drivers\Hookport.sys (HookPort) .(...) - LEGACY_HOOKPORT
~ Legacy: 96 Legitimates Filtered in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{5D0FDE73-2BDB-455A-A562-5AF7F3047885}C:\program files\psafe\pssmartup.exe" | In - Public - P6 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\program files\psafe\pssmartup.exe
O87 - FAEL: "UDP Query User{58BAC1E7-E0D7-41A9-90BD-42CF9C1F5173}C:\program files\psafe\pssmartup.exe" | In - Public - P17 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\program files\psafe\pssmartup.exe
O87 - FAEL: "{836868E4-735F-4848-A460-8D3D16729677}" | In - None - P6 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\Program Files\PSafe\pssmartup.exe
O87 - FAEL: "{B2BE63EF-0692-4A4B-8720-B3327A1C439F}" | In - None - P17 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\Program Files\PSafe\pssmartup.exe
O87 - FAEL: "{CF97F8AB-F5B2-45D9-82A0-55DA57CE4BC8}" | In - None - P6 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\Program Files\PSafe\pssmartup.exe
O87 - FAEL: "{8F1E81F2-A1C7-4D41-B33E-105CA5EE56E8}" | In - None - P17 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\Program Files\PSafe\pssmartup.exe
O87 - FAEL: "{D2D71A98-EE45-4179-9C20-A585F6C30C53}" | In - None - P6 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\Program Files\PSafe\pssmartup.exe
O87 - FAEL: "{89FA4D4F-DA1F-4C24-A0AD-AFE91EE0F33F}" | In - None - P17 - TRUE | .(.PSafe Tecnologia S/A - PSafe SmartUpdater Tool.) -- C:\Program Files\PSafe\pssmartup.exe
~ Firewall: 160 Legitimates Filtered in 00mn 00s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 20/02/2014 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 02/06/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 02/06/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 09/08/2010 131888 | (Samsung UPD Service) . (.Samsung Electronics CO., LTD..) - C:\windows\System32\SUPDSvc.exe
SR - | Auto 20/12/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 16/04/2011 130008 | (NIS) . (.Symantec Corporation.) - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
SR - | Auto 01/06/2010 2057560 | (NOBU) . (.Symantec Corporation.) - C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe =>.Symantec Corporation
SR - | Auto 19/03/2014 2710216 | (PSafeSVC) . (.PSafe S/A.) - C:\Program Files\PSafe\psafesvc.exe
SR - | Auto 19/03/2014 266952 | (PSafeWD) . (.PSafe S.A..) - C:\Program Files\PSafe\PSafeWD.exe
SR - | Auto 01/12/2009 244904 | (RichVideo) . (...) - C:\Program Files\CyberLink\Shared files\RichVideo.exe
SR - | Auto 20/12/2010 2656280 | (UNS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 01/03/2011 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 01/03/2011 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 15s
---\\ Scâner Aditional (088)
Database Version : 13044 - (09/04/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1
[HKCU\Software\SaveSense] =>PUP.SaveSense^
~ Additionnel Scan: 266598 Items scanned in 00mn 26s
---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SaveSense
~ MSI: 1 link(s) detected in 00mn 00s
~ 1222 Legitimates filtered by white list
End of the scan (403 lines in 03mn 55s)(0)
Renato L. Galeno- Membro
- Mensagens : 57
Reputação : 1
Data de inscrição : 06/04/2014
Re: Adwares com propagandas de jogos
por Power Max Qua 09 Abr 2014, 00:05
Continuam constando dois antivirus instalados em seu PC: Psafe e Norton. Seria muito importante desinstalar um deles (de preferência desinstalar o Psafe)._____________________________________________________________________________________________________________
Acesse o site [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e envie os arquivos desta pasta destacada em negrito abaixo para serem examinados (um de cada vez):C:\ProgramData\d0feb669ee8aa93
Assim que a análise de cada arquivo for concluída, copie o link que aparecerá na barra de endereços de seu navegador e poste estes links em sua próxima resposta juntamente com o relatório do ZHPFix pedido abaixo.
___________________________________________________________________________________________________________
Selecione e copie todo o texto destacado em vermelho que te passei._____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas. Copie este relatório e poste em sua próxima resposta juntamente com os links das análises dos arquivos no site Virus Total.
Última edição por Power Max em Qua 09 Abr 2014, 23:30, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Adwares com propagandas de jogos
por Renato L. Galeno Qua 09 Abr 2014, 00:13
Eu desinstalei o anti-virus Psafe ontem.
Renato L. Galeno- Membro
- Mensagens : 57
Reputação : 1
Data de inscrição : 06/04/2014
Re: Adwares com propagandas de jogos
por Power Max Qua 09 Abr 2014, 00:19
Como está o PC após estes procedimentos?
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Página 1 de 2 • 1, 2
Tópicos semelhantes» adwares com jogos e propagandas
» Como remover vários adwares e propagandas de meu PC e browsers?
» Meu PC está com adwares e propagandas chatas
» Computador com muitas propagandas e adwares
» Página Jogos tempo!!!
» Como remover vários adwares e propagandas de meu PC e browsers?
» Meu PC está com adwares e propagandas chatas
» Computador com muitas propagandas e adwares
» Página Jogos tempo!!!
Página 1 de 2
Permissões neste sub-fórum
Não podes responder a tópicos