Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14443 usuários registrados
O último usuário registrado atende pelo nome de Caio Flavio

Os nossos membros postaram um total de 35198 mensagens em 3565 assuntos
Últimos assuntos
» Notebook lento, acho que está com virus
por joram Hoje à(s) 18:38

Quem está conectado
2 usuários online :: Nenhum usuário registrado, Nenhum Invisível e 2 Visitantes

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Novembro 2017
SegTerQuaQuiSexSabDom
  12345
6789101112
13141516171819
20212223242526
27282930   

Calendário Calendário


Como removo o adware ads by suprasaving?

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

Como removo o adware ads by suprasaving?

Mensagem por Luis Gomes em Dom 13 Jul 2014, 21:06

Eu já fiz de tudo e nada já usei todos os programas de limpeza (IObit Malware Fighter, Smart Defrag 3 , Advanced SystemCare 7...), fiz varreduras no computador e nada, já usei adwcleaner e zoek e etc. Procurei programas suspeitos no painel de controle e desinstalei, exclui plugins e extenções do meu google chrome. No final sempre ficam impregnadas as propagandas chatas do SupraSaving, alguém poderia me ajudar?
avatar
Luis Gomes
Iniciante
Iniciante

Mensagens : 12
Reputação : 0
Data de inscrição : 13/07/2014

Voltar ao Topo Ir em baixo

Re: Como removo o adware ads by suprasaving?

Mensagem por Power Max em Dom 13 Jul 2014, 21:35

Acesse o log (relatório) do Zoek que está em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.

Poste também o log (relatório) do Adwcleaner que está em C:\AdwCleaner\AdwCleaner[S0].txt

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) Como faço para retirar o adware ads by suprasaving?

Mensagem por Luis Gomes em Dom 13 Jul 2014, 22:03

# AdwCleaner v3.215 - Relatório criado 13/07/2014 às 20:19:48
# Atualizado 09/07/2014 por Xplode
# Sistema Operacional : Windows 7 Professional  (32 bits)
# Usuário : uer - UER-PC
# Executando de : C:\Users\uer\Desktop\adwcleaner_3.215.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****


***** [ Atalhos ] *****


***** [ Registro ] *****


***** [ Navegadores ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v

-\\ Google Chrome v35.0.1916.153

[ Arquivo : C:\Users\uer\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Extension] : gkcefkcdkepgkpbgncjchhbjgoanleod

*************************

AdwCleaner[R0].txt - [839 octets] - [13/07/2014 20:17:43]
AdwCleaner[R1].txt - [898 octets] - [13/07/2014 20:18:53]
AdwCleaner[S0].txt - [815 octets] - [13/07/2014 20:19:48]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [874 octets] ##########

Zoek.exe v5.0.0.0 Updated 13-July-2014
Tool run by uer on 13/07/2014 at 11:50:42,62.
Microsoft Windows 7 Professional  6.1.7600  x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\uer\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

13/07/2014 11:52:01 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1       localhost
::1             localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Default\AppData\Roaming\Mozilla\Firefox\Profiles\ynfq1uxe.default\prefs.js:
user_pref("browser.search.defaultenginename", "BuscaPé");
user_pref("browser.search.selectedEngine", "BuscaPé");
user_pref("keyword.URL", "");

Added to C:\Users\Default\AppData\Roaming\Mozilla\Firefox\Profiles\ynfq1uxe.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\DEFAUL~1\AppData\Roaming\Mozilla\Firefox\Profiles\ynfq1uxe.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\DEFAUL~1\AppData\Roaming\Mozilla\Firefox\Profiles\ynfq1uxe.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\USURIO~1\AppData\Roaming\Mozilla\Firefox\Profiles\ynfq1uxe.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\USURIO~1\AppData\Roaming\Mozilla\Firefox\Profiles\ynfq1uxe.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

C:\PROGRA~2\bgamehgcaghpaioenkkmliieoklhggap deleted
C:\PROGRA~2\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted
C:\Users\uer\AppData\LocalLow\{209DE1F5-EBC7-FABC-5F98-0D4BF74059BD} deleted
C:\Users\uer\AppData\LocalLow\{31AE8B01-803D-52BF-3D4E-64E165AE2824} deleted
C:\Users\uer\AppData\LocalLow\{59754E84-A636-7EAF-0C98-F368D9008757} deleted
C:\Users\uer\AppData\LocalLow\{BA2544E2-85FF-FFFD-007A-51C6B8001945} deleted
C:\Users\uer\AppData\LocalLow\{BC25A15D-9809-DF6E-8966-BEBBCE587DC3} deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\{117EC018-4AEA-4468-D402-836558077DDA} deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\{3C32977D-7E77-23E3-2285-84803276395C} deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\{49557DCA-E363-71D3-6FD1-ED8D471482FF} deleted
C:\PROGRA~2\Browser Stabilizer deleted
C:\PROGRA~2\bd9c2892fec57a53 deleted
C:\PROGRA~2\DeualuExpress deleted
C:\Program Files\DeualuExpress deleted
C:\PROGRA~2\HHaapppy2iSave deleted
C:\Program Files\HHaapppy2iSave deleted
C:\PROGRA~2\BiEstSaveeFOrYoeu deleted
C:\Program Files\ExsTrraCOeUppoN deleted
C:\PROGRA~2\BeestSaveFForYoiu deleted
C:\Program Files\BeestSaveFForYoiu deleted
C:\PROGRA~2\RoboSaVEr deleted
C:\Program Files\RoboSaVEr deleted
C:\PROGRA~2\YTBlOckErApP deleted
C:\Program Files\YTBlOckErApP deleted
C:\PROGRA~2\ExstraSavings deleted
C:\Program Files\ExstraSavings deleted
C:\Program Files\ss helper deleted
C:\Program Files\AllDaySavings deleted
C:\Program Files\FindLyrics deleted
C:\Program Files\Show-Lyrics deleted
C:\Program Files\VideoDownloadConverter_4zEI deleted
C:\Program Files\globalUpdate deleted
C:\PROGRA~2\DownloAd keeapeer deleted
C:\PROGRA~2\ProductData deleted
C:\PROGRA~2\InstallMate deleted
C:\PROGRA~2\Package Cache deleted
C:\PROGRA~2\WinterSoft deleted
C:\Users\uer\AppData\Local\globalUpdate deleted
C:\Users\uer\Searches deleted
C:\Users\uer\AppData\LocalLow\ADSRemoval deleted
C:\Windows\system32\tasks\Funmoods deleted
C:\Windows\System32\InstallUtil.InstallLog deleted
"C:\Windows\Installer\8a98b4.msi" deleted
"C:\Users\uer\AppData\LocalLow\VideoDownloadConverter_4zEI" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [10/10/2012 16:40]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{5fc7943d-5e08-4632-8587-b9de9e156b33}"="C:\Program Files\LyricsTab\133.xpi" []

==== Firefox Extensions ======================

==== Firefox Plugins ======================


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[]
ngdeeneogndgpeicdbbfgnnghighlomb - C:\Program Files\LyricsTab\133.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\uer\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx[20/10/2012 16:42]

Google Docs - uer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - uer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - uer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - uer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
AdBlock - uer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Google Wallet - uer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - uer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Docs - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
EXstraCOUpon - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbejiibcljjmbdajamkjhajkfdgfihhe
NickelBlock - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnpmbhfdelldocceoekndfaholphcobg
World Clocks - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\innfmeekncjandlanpgdmmogkcimekgo
Image Hover - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaacjelpfohbhlffbajgliongkdofkfg
BiEstSaveeFOrYoeu - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkfephelcdkoadapoiclgnnbdhkebhbh
NeoWSaVeR - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\moheooogpekjfnpkhaodbbjbkdnicnjj
Google Wallet - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chrome Fix ======================

C:\Users\uer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully
C:\Users\uer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully
C:\Users\uer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_valuedealshopper.com_0.localstorage deleted successfully
C:\Users\uer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_valuedealshopper.com_0.localstorage-journal deleted successfully
C:\Users\uer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_one-piece.softonic.com.br_0.localstorage deleted successfully
C:\Users\uer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.softonic.com.br_0.localstorage deleted successfully
C:\Users\uer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_letssearch.com_0.localstorage deleted successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkfephelcdkoadapoiclgnnbdhkebhbh deleted successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbejiibcljjmbdajamkjhajkfdgfihhe deleted successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\moheooogpekjfnpkhaodbbjbkdnicnjj deleted successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnpmbhfdelldocceoekndfaholphcobg deleted successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\innfmeekncjandlanpgdmmogkcimekgo deleted successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaacjelpfohbhlffbajgliongkdofkfg deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?ocid=iehp"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?ocid=iehp"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\uer\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\uer\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-807772889-3266456616-73456231-1000\Software\Mozilla\Firefox\Extensions\D7C802E4-BDDC-4A1F-A790-F4C9D43DA9FD deleted successfully
HKEY_USERS\S-1-5-21-807772889-3266456616-73456231-1000\Software\Mozilla\Firefox\Extensions\{5fc7943d-5e08-4632-8587-b9de9e156b33} deleted successfully

==== shortcuts on Users Desktops ======================

C:\Users\uer\Desktop\Adobe Photoshop CS5.lnk - C:\Program Files\Adobe\Adobe Photoshop CS5\Photoshop.exe
C:\Users\uer\Desktop\DAEMON Tools Lite.lnk - C:\Arquivos de programas\DAEMON Tools Lite\DTLite.exe
C:\Users\uer\Desktop\Format Factory.lnk - C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe
C:\Users\uer\Desktop\Media Center.lnk - C:\Windows\ehome\ehshell.exe
C:\Users\uer\Desktop\Media Player Classic.lnk - C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe
C:\Users\uer\Desktop\Microsoft Security Essentials.lnk - C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\uer\Desktop\Movie Maker.lnk - C:\Program Files\Windows Live\Photo Gallery\MovieMaker.exe
C:\Users\uer\Desktop\mp3DirectCut.lnk - C:\Program Files\mp3DirectCut\mp3DirectCut.exe
C:\Users\uer\Desktop\Nero - Atalho.lnk - C:\Program Files\Nero\Nero 7\Core\nero.exe
C:\Users\uer\Desktop\PhotoScape.lnk - C:\Program Files\PhotoScape\PhotoScape.exe
C:\Users\uer\Desktop\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe
C:\Users\uer\Desktop\µTorrent.lnk -  

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Advanced SystemCare 7.lnk - C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe /manual
C:\Users\Public\Desktop\Aplicativo do botão Share da KODAK.lnk -  
C:\Users\Public\Desktop\Central de Soluções HP.lnk -  
C:\Users\Public\Desktop\Driver Booster.lnk - C:\Program Files\IObit\Driver Booster\SkipUacExec.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\IObit Malware Fighter.lnk - C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
C:\Users\Public\Desktop\IObit Uninstaller.lnk - C:\Program Files\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe
C:\Users\Public\Desktop\Medieval II Total War.lnk - C:\Program Files\SEGA\Medieval II Total War\Launcher.exe
C:\Users\Public\Desktop\Mp3tag.lnk - C:\Program Files\Mp3tag\Mp3tag.exe
C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk - C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8  
C:\Users\Public\Desktop\O Regresso do Rei tm.lnk - C:\Program Files\EA GAMES\O Regresso do Rei tm\ROTK.exe
C:\Users\Public\Desktop\Recuva.lnk - C:\Program Files\Recuva\recuva.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe
C:\Users\Public\Desktop\Smart Defrag 3.lnk - C:\Program Files\IObit\Smart Defrag 3\SmartDefrag.exe
C:\Users\Public\Desktop\The Battle for Middle-earth (tm) II.lnk - C:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\lotrbfme2.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1046-7B44-AB0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk - C:\Program Files\Windows Live\Photo Gallery\MovieMaker.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KODAK\Aplicativo do botão Share da KODAK.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files\Microsoft Silverlight\5.1.30214.0\Silverlight.Configuration.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3\Desinstalar Smart Defrag 3.lnk - C:\Program Files\IObit\Smart Defrag 3\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3\Smart Defrag 3.lnk - C:\Program Files\IObit\Smart Defrag 3\SmartDefrag.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\uer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\uer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk - C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8  
C:\Users\uer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files\PhotoScape\PhotoScape.exe
C:\Users\uer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\uer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\uer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -  
C:\Users\uer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\uer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk - C:\Windows\system32\calc.exe
C:\Users\uer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Sticky Notes.lnk - C:\Windows\system32\StikyNot.exe
C:\Users\uer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Uninstall Programs.lnk - C:\Program Files\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe
C:\Users\uer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Advanced SystemCare 7 (2).lnk - C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Users\uer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\uer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera deleted successfully
HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ngdeeneogndgpeicdbbfgnnghighlomb deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{2db04d42} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr deleted successfully

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\uer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\uer\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\uer\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\uer\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\uer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\uer\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=121 folders=71 16060100 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\uer\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\uer\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied
C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\uer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on 13/07/2014 at 14:27:54,02 ======================
avatar
Luis Gomes
Iniciante
Iniciante

Mensagens : 12
Reputação : 0
Data de inscrição : 13/07/2014

Voltar ao Topo Ir em baixo

Re: Como removo o adware ads by suprasaving?

Mensagem por Power Max em Dom 13 Jul 2014, 22:06

Baixe o programa Junkware Removal Tool no link abaixo:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Você precisa estar registrado e conectado para ver este link.]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) Como faço para retirar o adware ads by suprasaving?

Mensagem por Luis Gomes em Dom 13 Jul 2014, 22:26

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x86
Ran by uer on 13/07/2014 at 22:10:24,06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13/07/2014 at 22:24:50,87
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
avatar
Luis Gomes
Iniciante
Iniciante

Mensagens : 12
Reputação : 0
Data de inscrição : 13/07/2014

Voltar ao Topo Ir em baixo

Re: Como removo o adware ads by suprasaving?

Mensagem por Power Max em Dom 13 Jul 2014, 22:30

Faça o download do < [Você precisa estar registrado e conectado para ver este link.] > < [Você precisa estar registrado e conectado para ver esta imagem.]> ( ... de Nicolas Coolman )

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:

[Você precisa estar registrado e conectado para ver esta imagem.]

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

[Você precisa estar registrado e conectado para ver este link.]

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) Como faço para retirar o adware ads by suprasaving?

Mensagem por Luis Gomes em Dom 13 Jul 2014, 22:48

~ Relatório do ZHPDiag v2014.7.13.104 - Nicolas Coolman  (13/07/2014)
~ Iniciado por uer (13/07/2014 22:43:17)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Endereço do Webforum : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~  Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v8.0.7600.16385
GCIE: Google Chrome v35.0.1916.153 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Professional, 32-bit  (Build 7600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Microsoft Security Client v4.4.0304.0
Windows Defender W7 (Deactivate)

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 14 Plugin
Adobe Reader XI
Java 7 Update 55

---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3037 MB (52% free)
System Restore: Activé (Enable)
System drive C: has 93 GB (56%) free of 164 GB

---\\ Modo de conexão ao sistema
~ Computer Name: UER-PC
~ User Name: uer
~ All Users Names: uer, Convidado, ASPNET, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\uer\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\uer\AppData\Roaming\
~ %Desktop% : C:\Users\uer\Desktop\
~ %Favorites% : C:\Users\uer\Favorites\
~ %LocalAppData% : C:\Users\uer\AppData\Local\
~ %StartMenu% : C:\Users\uer\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 93 Go of 164 Go)
D: CD-ROM drive (Not Inserted)
E: CD-ROM drive (Not Inserted)
F: CD-ROM drive (Not Inserted)
L: Hard drive, Flash drive, Thumb drive (Free 109 Go of 134 Go)



---\\ Estado do Centro de Segurança do Windows
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 41 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.2626FC9755BE22F805D3CFA0CE3EE727] - (.Microsoft Corporation - Windows Explorer.) (.31/10/2009 - 02:45:39.) -- C:\Windows\Explorer.exe [2614272]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.4408FA39C6DCF639C6CC34059E201D16] - (.Microsoft Corporation - Internet Extensions para Win32.) (.24/08/2012 - 14:10:47.) -- C:\Windows\System32\wininet.dll [981504]
[MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.28/10/2009 - 03:17:59.) -- C:\Windows\System32\Winlogon.exe [285696]
[MD5.6DD03008047432CD4192DD869CBBC485] - (.Microsoft Corporation - Microsoft Tablet PC Component.) (.13/07/2009 - 22:16:15.) -- C:\Windows\System32\sppcomapi.dll [1536]
[MD5.0DB7A48388D54D154EBEC120461A0FCD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.24/04/2011 - 23:35:40.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BA6E70AA0E6091BC39DE29477D866A77] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/07/2009 - 20:11:26.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.83D1ECEA8FAAE75604C0FA49AC7AD996] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/04/2011 - 23:33:46.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.13/07/2009 - 20:50:56.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.CA7570E42522E24324A12161DB14EC02] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.03/05/2011 - 23:43:41.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123392]
[MD5.DD52A733BF4CA5AF84562A5E2F963B91] - (.Microsoft Corporation - MBT Transport driver.) (.13/07/2009 - 20:12:21.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.A8F59428E9F361C7AC42A94AC1560BC9] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.11/03/2014 - 16:20:26.) -- C:\Windows\system32\Drivers\ntfs.sys [1210728]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.C5FF95883FFEF704D50C40D21CFB3AB5] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/07/2009 - 21:02:58.) -- C:\Windows\system32\Drivers\rdpdr.sys [133120]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.CB39E896A2A83702D1737BFD402B3542] - (.Microsoft Corporation - TDI Translation Driver.) (.13/07/2009 - 20:12:11.) -- C:\Windows\system32\Drivers\tdx.sys [74240]
[MD5.58DF9D2481A56EDDE167E51B334D44FD] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.13/07/2009 - 22:19:10.) -- C:\Windows\system32\Drivers\volsnap.sys [245328]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
Mes images (My Pictures) : 2/2   (Modified)
Mes musiques (My Musics) : 121/121   (Modified)
~ Mes Favoris (My Favorites) : 1/18
~ Mes Documents (My Documents) : 1/158
~ Mon Bureau (My Desktop) : 1/19
~ Menu demarrer (Programs) : 1/33
~ Hidden Files:  Scanned in 00mn 00s



---\\ Processos lançados
[MD5.8D796CC19572EC1C401F8F213C8F9AC0] - (.Eastman Kodak Company - Camera detection stub.) -- C:\Program Files\Kodak\KODAK Share Button App\Listener.exe   [108544] [PID.1920]
[MD5.A3B72D00DB31F38F816C4855F46B00B5] - (.IObit - Smart Defrag v3.) -- C:\Program Files\IObit\Smart Defrag 3\SmartDefrag.exe   [3431712] [PID.440]
[MD5.8E13CA0B48A1298F46F8739B95DBE4BF] - (.IObit - Advanced SystemCare 7 Monitor.) -- C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe   [781600] [PID.468]
[MD5.0560B36A9A58DCF6698545F9521EABF2] - (.ZSMCSNAP - ZSMCSNAP.) -- C:\Windows\ZSSnp211.exe   [57344] [PID.1268]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe   [254336] [PID.1720]
[MD5.F00A74241943E58F3795291BC3AF0853] - (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe   [12021464] [PID.2056]
[MD5.C637FC4638A96165256B28D38DE7B953] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe   [49208] [PID.2072]
[MD5.0E34B7BB1FCF22BCC1E394D16F9E992B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe   [30040] [PID.2080]
[MD5.5603C2C8940F5E43864D4000304AB175] - (...) -- C:\Windows\Domino.exe   [49152] [PID.2088]
[MD5.6641B633A0A2618BC3739E0DCD6E1B9B] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe   [138808] [PID.2116]
[MD5.1B06D4DF241484C193CFDD89FB21E19A] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe   [172088] [PID.2124]
[MD5.B0010C958505273A76FAE4A089E1AACE] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe   [173624] [PID.2140]
[MD5.127687F1D171D0820D02851A9FA62525] - (.IObit - Advanced SystemCare 7.) -- C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe   [2295584] [PID.2504]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.exe   [97680] [PID.2540]
[MD5.150A123EE610E812B7555CB7F056FE4C] - (.MPC-HC Team - Media Player Classic - Home Cinema.) -- C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe   [5893120] [PID.42980]
[MD5.67CE28A336E8E0B4F24FD72815C2F3B7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [8076288] [PID.44040]
[MD5.9FF543C118F4A45424B8A6A56715255A] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe   [268856] [PID.44692]
~ Processes Running:  Scanned in 00mn 01s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\uer\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [mfffpogegjflfpflabcdkioaeobkgjik] GaiaAuthExtension v.0.0.1, (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 17 Legitimates Filtered in 00mn 06s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@ei.VideoDownloadConverter_4z.com/Plugin] - (...) -- C:\Program Files\VideoDownloadConverter_4zEI\Installr\1.bin\NP4zEISB.dll (.not file.)  =>Adware.VideoDownloadConverter
~ Firefox Browser: 13 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} . (.Adblock - Helps you remove browser ads!.) -- C:\Program Files\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll
~ BHO: 12 Legitimates Filtered in 00mn 00s



---\\ Outras conexões do utilizador (04)
O4 - GS\QuickLaunch [uer]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.)  -- C:\Users\uer\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
O4 - GS\Desktop [uer]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.)  -- C:\Users\uer\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
~ Global Startup: 2 Legitimates Filtered in 00mn 01s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [ZSSnp211] . (.ZSMCSNAP - ZSMCSNAP.) -- C:\Windows\ZSSnp211.exe
O4 - HKLM\..\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe   =>.Oracle Corporation
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe   =>.Hewlett-Packard Co
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [Domino] . (...) -- C:\Windows\Domino.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5 Service Manager.) -- C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe   =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IObit Malware Fighter] . (.IObit - IObit Malware Fighter.) -- C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe   =>.Adobe Systems Incorporated
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\uer\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Arquivos de programas\DAEMON Tools Lite\DTLite.exe   =>.DT Soft Ltd
O4 - HKCU\..\Run: [Advanced SystemCare 7] . (.IObit - Advanced SystemCare 7.) -- C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
O4 - HKCU\..\Run: [KGShareApp] . (.Eastman Kodak Company - Kodak Gallery Share App.) -- C:\Program Files\Kodak\KODAK Share Button App\KGShare_App.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-807772889-3266456616-73456231-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\uer\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-807772889-3266456616-73456231-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Arquivos de programas\DAEMON Tools Lite\DTLite.exe   =>.DT Soft Ltd
O4 - HKUS\S-1-5-21-807772889-3266456616-73456231-1000\..\Run: [Advanced SystemCare 7] . (.IObit - Advanced SystemCare 7.) -- C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
O4 - HKUS\S-1-5-21-807772889-3266456616-73456231-1000\..\Run: [KGShareApp] . (.Eastman Kodak Company - Kodak Gallery Share App.) -- C:\Program Files\Kodak\KODAK Share Button App\KGShare_App.exe
~ Application:  Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{005CA9E9-DA24-4154-99DC-4824D3C7CC79}: NameServer = 200.204.0.10,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{0183DCE1-5353-434C-BEDE-432A30399C36}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{8135896D-B66D-45C3-9101-DFF5AC867DE5}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{005CA9E9-DA24-4154-99DC-4824D3C7CC79}: NameServer = 200.204.0.10,8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{0183DCE1-5353-434C-BEDE-432A30399C36}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{8135896D-B66D-45C3-9101-DFF5AC867DE5}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{005CA9E9-DA24-4154-99DC-4824D3C7CC79}: NameServer = 200.204.0.10,8.8.8.8
O17 - HKLM\System\CS2\Services\Tcpip\..\{0183DCE1-5353-434C-BEDE-432A30399C36}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{8135896D-B66D-45C3-9101-DFF5AC867DE5}: DhcpNameServer = 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll  =>.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Browser Stabilizer (2db04d42) . (...) - C:\Program Files\browse~1\BrowserStabilizerSvc.dll (.not file.)  =>PUP.BrowserStabilizer
O23 - Service: AllDaySavingsService (AllDaySavingsService) . (...) - C:\Program Files\0866B8A9-2E46-422F-947B-2C563F566A0E\sbmrwsyodt.exe
O23 - Service: vulsrsebjh32 (vulsrsebjh32) . (...) - C:\Program Files\005\vulsrsebjh32.exe
~ Services: 8 Legitimates Filtered in 00mn 12s



---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [DriverEasy Scheduled Scan] (...) -- C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{230F4D34-F25C-4DEE-AF51-3B5224E6398F}] (...) -- C:\Program Files\MessengerPlus! 3\MsgPlus.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{2FEAF989-2602-4C4E-87A7-94D98A95BAE9}] (...) -- C:\Arquivos de programas\Pointblank\PBLauncher.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{347D6042-72AB-46A1-93D2-253412F8A9EE}] (...) -- C:\Arquivos de programas\Pointblank\PBLauncher.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{3B68E009-9E35-4EAF-B8A6-B652E748B223}] (...) -- C:\Users\uer\Downloads\winvista_15124.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{7A0BC7E9-0B0C-4C58-B4FF-CEB4EDCE48E3}] (...) -- C:\Arquivos de programas\EA SPORTS\FIFA 08\unins000.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{81C367DE-733F-4352-9A92-CE30C0A7C94F}] (...) -- C:\Arquivos de programas\Pointblank\PBLauncher.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{A617000C-5EBA-4C9C-B3BA-29051F97D232}] (...) -- C:\Users\uer\Downloads\win7_1512754.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{ABDBE3DA-0801-433E-B8E5-681789B1A35B}] (...) -- F:\autorun.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{D2FD9FEB-F0F7-4594-BDF3-3883AE84F931}] (...) -- c:\program files\opera\launcher.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{D3663D2D-C1D2-4BAB-A16A-5E1129F2A4F0}] (...) -- C:\Arquivos de programas\Pointblank\PBLauncher.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{FF9EEF85-8DC2-4371-AEB6-016F76364F14}] (...) -- C:\Users\uer\Downloads\wlsetup-all.exe (.not file.)   [0]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater   [902]
O39 - APT: DriverEasy Scheduled Scan - (...) -- C:\Windows\Tasks\DriverEasy Scheduled Scan.job   [402]
O39 - APT: DriverEasy Scheduled Scan - (...) -- C:\Windows\System32\Tasks\DriverEasy Scheduled Scan   [402]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-807772889-3266456616-73456231-1000Core   [898]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-807772889-3266456616-73456231-1000UA   [920]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore   [1046]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [1050]
~ Scheduled Task: 35 Legitimates Filtered in 00mn 05s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver:  (Bfilter) . (. - .) - C:\Windows\system32\drivers\Bfilter.sys (.not file.)
O41 - Driver:  (Bfmon) . (. - .) - C:\Windows\system32\drivers\Bfmon.sys (.not file.)
O41 - Driver: (Bnbase) . (. - .) - C:\Windows\System32\drivers\bnbasex.sys (.not file.)
O41 - Driver:  (Bndef) . (. - .) - C:\Windows\system32\drivers\bndef.sys (.not file.)
O41 - Driver:  (Bprotect) . (. - .) - C:\Windows\system32\drivers\Bprotect.sys (.not file.)
O41 - Driver:  (netfilter) . (.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) - C:\Windows\System32\drivers\netfilter.sys
~ Drivers: 84 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: LG ODD Auto Firmware Update - (...) [HKLM] -- {6179550A-3E7C-499E-BCC9-9E8113E0A285}
O42 - Logiciel: O Regresso do Rei tm - (...) [HKLM] -- {6E298B0A-558C-4138-0096-740677B382CD}
O42 - Logiciel: The Battle for Middle-earth (tm) II - (...) [HKLM] -- {2A9F95AB-65A3-432c-8631-B8BC5BF7477A}
~ Logic: 8 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Baidu Security]
[HKCU\Software\Brasfoot2014]
[HKCU\Software\superdownloads.com.br]
[HKLM\Software\ADSRemoval]
[HKLM\Software\AllDaySavings]
[HKLM\Software\Baidu Security]
[HKLM\Software\Baidu_Drp_pos]
[HKLM\Software\GameVicio]
~ Key Software: 264 Legitimates Filtered in 00mn 01s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 11/07/2014 - 10:10:54 - [] ----D C:\Program Files\005
O43 - CFD: 11/07/2014 - 16:57:43 - [] ----D C:\Program Files\0866B8A9-2E46-422F-947B-2C563F566A0E
O43 - CFD: 13/07/2014 - 20:52:23 - [] ----D C:\Program Files\AllDaySavings
O43 - CFD: 16/11/2013 - 00:52:14 - [] ----D C:\Program Files\AtomixMP3
O43 - CFD: 13/07/2014 - 11:26:33 - [] ----D C:\Program Files\Baidu Security
O43 - CFD: 11/07/2014 - 15:45:10 - [] ----D C:\Program Files\Baidu-Security-2014-4.4.4.73687
O43 - CFD: 22/02/2014 - 11:15:13 - [] ----D C:\Program Files\GameVicio
O43 - CFD: 13/07/2014 - 11:30:19 - [] ----D C:\ProgramData\Baidu Security
O43 - CFD: 13/07/2014 - 15:24:34 - [] ----D C:\ProgramData\ProductData
O43 - CFD: 20/06/2014 - 21:14:36 - [] ----D C:\ProgramData\{C585085B-79A8-423C-B04B-77DD30E9C195}
O43 - CFD: 13/07/2014 - 11:30:19 - [] ----D C:\Users\uer\AppData\Roaming\Baidu Security
O43 - CFD: 19/05/2014 - 11:48:03 - [] ----D C:\Users\uer\AppData\Roaming\ProductData
O43 - CFD: 22/02/2014 - 11:15:13 - [] ----D C:\Users\uer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio
~ Program Folder: 223 Legitimates Filtered in 00mn 01s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.462DAA41F1587BC538207E4F41F131B8] - 04/07/2014 - 21:57:12 ---A- . (...) -- C:\Windows\System32\prfc0416.dat   [829780]
O44 - LFC:[MD5.0186740953D826962E625B56CF27D992] - 04/07/2014 - 21:57:12 ---A- . (...) -- C:\Windows\System32\prfh0416.dat   [1433400]
O44 - LFC:[MD5.56B46E87E5D0F7708CD139E4B799AE8A] - 06/07/2014 - 16:27:43 ---A- . (...) -- C:\Windows\00000000.STI   [230424]
O44 - LFC:[MD5.1886A12A5610EF95C2958A2A35DCAB4C] - 10/07/2014 - 16:40:32 ---A- . (.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\netfilter.sys   [31744]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 12/07/2014 - 14:39:57 ---A- . (...) -- C:\asc_rdflag   [0]
O44 - LFC:[MD5.BE125797A510CD7E9E77D0D79CB989EF] - 13/07/2014 - 11:30:44 ---A- . (.Baidu, Inc. - Baidu Antivirus Hook Base.) -- C:\Windows\System32\Drivers\Bhbase.sys   [47456]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 13/07/2014 - 11:50:16 ---A- . (...) -- C:\Windows\zoek-delete.exe   [24064]
O44 - LFC:[MD5.EE1F4124916DADF38532E69C39C4AF5F] - 13/07/2014 - 14:27:54 ---A- . (...) -- C:\zoek-results.log   [25621]
O44 - LFC:[MD5.0DC5AF80D059DEC792B665ED598C6567] - 13/07/2014 - 15:28:44 ---A- . (.SQLite Development Team - SQLite Dynamic Link Library (No TCL).) -- C:\Windows\System32\sqlite3.dll   [536576]
~ Files: 21 Legitimates Filtered in 00mn 03s



---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
~ ShellExecuteHooks:  Scanned in 00mn 00s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{0bb1cc73-51e8-11e2-a072-7071bc98f970}\AutoRun\command. (...) -- F:\LGAutoRun.exe (.not file.)
~ Keys:  Scanned in 00mn 00s



---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\LGODDFU  [Key] . (.Bitleader - No Comment.) -- C:\Program Files\lg_fwupdate\lgfw.exe
O53 - SMSR:HKLM\...\startupreg\uTorrent  [Key] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\uer\AppData\Roaming\uTorrent\uTorrent.exe  =>P2P.BitTorrent
~ SMSR Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:11/03/2014 - 00:14:02 ---A- . (.Baidu, Inc. - Baidu Antivirus Hook Base.) -- C:\Windows\System32\Drivers\Bhbase.sys   [47456]
O58 - SDL:13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [453712]
O58 - SDL:13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [26624]
O58 - SDL:10/07/2014 - 16:40:32 ---A- . (.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\netfilter.sys   [31744]
O58 - SDL:13/11/2013 - 09:13:03 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys   [324096]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [21072]
O58 - SDL:13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS   [9029]
O58 - SDL:13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys   [27097]
O58 - SDL:13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS   [4768]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS   [42809]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS   [42537]
O58 - SDL:13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS   [27866]
O58 - SDL:13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS   [29146]
O58 - SDL:13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS   [29370]
O58 - SDL:13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS   [29274]
O58 - SDL:13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS   [29146]
O58 - SDL:13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS   [33952]
O58 - SDL:13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS   [34672]
O58 - SDL:13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS   [35776]
O58 - SDL:13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS   [35536]
O58 - SDL:13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS   [34672]
~ Drivers: 72 Legitimates Filtered in 00mn 33s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 11/03/2014 - C:\Windows\System32\drivers\Bhbase.sys (Bhbase)  .(.Baidu, Inc. - Baidu Antivirus Hook Base.) - LEGACY_BHBASE
O64 - Services: CurCS - 10/07/2014 - C:\Windows\System32\drivers\netfilter.sys (netfilter)  .(.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) - LEGACY_NETFILTER
O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\DRIVERS\nvstor.sys (nvstor)  .(.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - LEGACY_NVSTOR
~ Legacy: 115 Legitimates Filtered in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 12 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Not Key.)
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.254FBCA565E049648B0CCE2CEADF05D2] [SPRF][13/07/2013] (...) -- C:\Users\uer\AppData\Roaming\inst.exe   [87608]
[MD5.DB95B03031E66AC45495EDF1D16B8887] [SPRF][13/07/2014] (...) -- C:\Users\uer\Desktop\adwcleaner_3.215.exe   [1348263]
[MD5.352E8561E633B17ED22012366721FFDC] [SPRF][13/07/2014] (...) -- C:\Users\uer\Desktop\zoek.exe   [1285120]
~ Files: 5 Legitimates Filtered in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{898AAE01-1038-499B-9070-741E4EBE0EE7}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\uer\AppData\Roaming\uTorrent\uTorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{8B1190E6-F62B-46B7-B92A-54849B54EDE6}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\uer\AppData\Roaming\uTorrent\uTorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{232BE256-DD9A-4A8A-AC16-4DC41EC05F21}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\uer\AppData\Roaming\uTorrent\uTorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{DEDBE15B-75CB-4759-A00E-ED230E68EF36}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\uer\AppData\Roaming\uTorrent\uTorrent.exe  =>P2P.BitTorrent
~ Firewall: 4 Legitimates Filtered in 00mn 02s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\582-uTorrent_RASAPI32  =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\582-uTorrent_RASMANCS  =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\Plus-HD-4_RASAPI32  =>Adware.PlusHD
HKLM\SOFTWARE\Microsoft\Tracing\Plus-HD-4_RASMANCS  =>Adware.PlusHD
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent Acceleration Tool_RASAPI32  =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent Acceleration Tool_RASMANCS  =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\utorrent-323-build-28705-baixaki-32-bits_RASAPI32  =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\utorrent-323-build-28705-baixaki-32-bits_RASMANCS  =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASAPI32  =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASMANCS  =>P2P.µTorrent
~ BTK: 637 Legitimates Filtered in 00mn 01s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 10/07/1658 0 |  (2db04d42) . (...) - C:\Program Files\browse~1\BrowserStabilizerSvc.dll  =>PUP.BrowserStabilizer
SS - | Demand 11/07/2014 262320 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 26/08/2013 116648 |  (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 26/08/2013 116648 |  (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 04/04/2005 69632 |  (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Auto 04/05/2014 2152736 |  (LiveUpdateSvc) . (.IObit.) - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
SS - | Demand 13/04/2007 792112 |  (NBService) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
SS - | Demand 08/05/2007 271920 |  (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
SS - | Auto 23/10/2013 172192 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Demand 19/02/2010 517096 |  (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SS - | Demand 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 08/05/2014 65432 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 14/01/2014 881952 |  (AdvancedSystemCareService7) . (.IObit.) - C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
SR - | Auto 10/07/2014 151040 |  (AllDaySavingsService) . (...) - C:\Program Files\0866B8A9-2E46-422F-947B-2C563F566A0E\sbmrwsyodt.exe
SR - | Demand 13/07/2009 20992 | C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 15/05/2014 342336 |  (IMFservice) . (.IObit.) - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
SR - | Auto 23/10/2013 22208 |  (MsMpSvc) . (.Microsoft Corporation.) - C:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 11/07/2014 543232 |  (vulsrsebjh32) . (...) - C:\Program Files\005\vulsrsebjh32.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 15s



---\\ Lista dos emuladores de CD/DVD (MBR Hook)
O58 - SDL:13/11/2013 - 09:13:03 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys   [324096]
~ Emulateurs:  Scanned in 00mn 15s



---\\ Scâner Aditional (088)
Database Version : 13026 - (13/07/2014)
Clés trouvées (Keys found) : 4
Valeurs trouvées (Values found) : 2
Dossiers trouvés  (Folders found) : 0
Fichiers trouvés  (Files found) : 0

[HKLM\SYSTEM\CurrentControlSet\Services\2db04d42]   =>PUP.BrowserStabilizer^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent]   =>P2P.BitTorrent^
[HKCU\Software\AppDataLow\Software\VideoDownloadConverter_4zEI]   =>Adware.VideoDownloadConverter
[HKLM\Software\VideoDownloadConverter_4zEI]   =>Adware.VideoDownloadConverter
~ Additionnel Scan: 285374 Items scanned in 00mn 22s



---\\ Informações complémentaires do módulos
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Internet Explorer, Gestão do Proxy (R5)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Browser Helper Objects do navegador (02)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Aplicações iniciadas por registo & pastas (04)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Chave do registo Shell MountPoints2 (MPKS) (O51)
~ AMI: 5 Legitimates Filtered in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.]  =>Adware.PlusHD
~ MSI: 1 link(s) detected in 00mn 00s



~ 891 Legitimates filtered by white list
End of the scan (541 lines in 02mn 22s)(0)
avatar
Luis Gomes
Iniciante
Iniciante

Mensagens : 12
Reputação : 0
Data de inscrição : 13/07/2014

Voltar ao Topo Ir em baixo

Re: Como removo o adware ads by suprasaving?

Mensagem por Power Max em Dom 13 Jul 2014, 23:07

 Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:

[Você precisa estar registrado e conectado para ver este link.]

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC.
____________________________________________________________________________________

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.


Última edição por Power Max em Ter 15 Jul 2014, 11:41, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) Como faço para retirar o adware ads by suprasaving?

Mensagem por Luis Gomes em Dom 13 Jul 2014, 23:16

Rapport de ZHPFix 2014.7.9.4 par Nicolas Coolman, Update du 09/07/2014
Fichier d'export Registre :
Run by uer at 13/07/2014 23:14:29
High Elevated Privileges : OK
Windows 7 Business Edition, 32-bit  (Build 7600)

Reciclagem vazia (00mn 06s)
Reparação de atalhos do navegador

========== Estado dos serviços ==========
BHBASE Parado

========== Chaves do Registo ==========
ELIMINÉ: Mozilla Plugin: @ei.VideoDownloadConverter_4z.com/Plugin
ELIMINÉ: Service: 2db04d42
ELIMINÉ: Service: AllDaySavingsService
ELIMINÉ: Service: vulsrsebjh32
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bnbase
ELIMINÉ Driver Key: Bndef
ELIMINÉ Driver Key: Bprotect
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKLM\Software\AllDaySavings
ELIMINÉ: HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\Baidu_Drp_pos
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\Plus-HD-4_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\Plus-HD-4_RASMANCS
ELIMINÉ: HKCU\Software\AppDataLow\Software\VideoDownloadConverter_4zEI
ELIMINÉ: HKLM\Software\VideoDownloadConverter_4zEI

========== Valores do Registo ==========
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\program files\0866b8a9-2e46-422f-947b-2c563f566a0e\sbmrwsyodt.exe
ELIMINA REINICIAR: c:\program files\005\vulsrsebjh32.exe
ELIMINÉ: c:\windows\system32\drivers\bhbase.sys
ELIMINÉ Temporários windows (126) (2.223.355 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: DriverEasy Scheduled Scan
ELIMINÉ: {230F4D34-F25C-4DEE-AF51-3B5224E6398F}
ELIMINÉ: {2FEAF989-2602-4C4E-87A7-94D98A95BAE9}
ELIMINÉ: {347D6042-72AB-46A1-93D2-253412F8A9EE}
ELIMINÉ: {3B68E009-9E35-4EAF-B8A6-B652E748B223}
ELIMINÉ: {7A0BC7E9-0B0C-4C58-B4FF-CEB4EDCE48E3}
ELIMINÉ: {81C367DE-733F-4352-9A92-CE30C0A7C94F}
ELIMINÉ: {A617000C-5EBA-4C9C-B3BA-29051F97D232}
ELIMINÉ: {ABDBE3DA-0801-433E-B8E5-681789B1A35B}
ELIMINÉ: {D2FD9FEB-F0F7-4594-BDF3-3883AE84F931}
ELIMINÉ: {D3663D2D-C1D2-4BAB-A16A-5E1129F2A4F0}
ELIMINÉ: {FF9EEF85-8DC2-4371-AEB6-016F76364F14}

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
17 : Chaves do Registo
6 : Valores do Registo
1 : Pastas
5 : Ficheiros
1 : Estado dos serviços
12 : Tarefa planificada
1 : Restauração Sistema


End of clean in 00mn 53s

========== Caminho do ficheiro do relatório ==========
C:\Users\uer\AppData\Roaming\ZHP\ZHPFix[R1].txt - 13/07/2014 23:14:35 [2723]
avatar
Luis Gomes
Iniciante
Iniciante

Mensagens : 12
Reputação : 0
Data de inscrição : 13/07/2014

Voltar ao Topo Ir em baixo

(RESOLVIDO) Como faço para retirar o adware ads by suprasaving?

Mensagem por Luis Gomes em Dom 13 Jul 2014, 23:20

Muito obrigado pela dica estou fazendo isso
avatar
Luis Gomes
Iniciante
Iniciante

Mensagens : 12
Reputação : 0
Data de inscrição : 13/07/2014

Voltar ao Topo Ir em baixo

Re: Como removo o adware ads by suprasaving?

Mensagem por Power Max em Dom 13 Jul 2014, 23:22

Muito obrigado pela dica estou fazendo isso
Depois que você seguir a dica, reinicie seu PC.

Depois de ter reiniciado, faça o seguinte:

Abra novamente o ( ZHPDiag )

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Você precisa estar registrado e conectado para ver esta imagem.]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) Como faço para retirar o adware ads by suprasaving?

Mensagem por Luis Gomes em Dom 13 Jul 2014, 23:48

~ Relatório do ZHPDiag v2014.7.13.104 - Nicolas Coolman  (13/07/2014)
~ Iniciado por uer (13/07/2014 23:42:23)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Endereço do Webforum : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~  Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program


---\\ Navegadores Internet
MSIE: Internet Explorer v8.0.7600.16385
GCIE: Google Chrome v35.0.1916.153 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Professional, 32-bit  (Build 7600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Microsoft Security Client v4.4.0304.0
Windows Defender W7 (Deactivate)

---\\ Softwares d'optimização do sistema
CCleaner v4.15

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 14 Plugin
Adobe Reader XI
Java 7 Update 55

---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3037 MB (61% free)
System Restore: Activé (Enable)
System drive C: has 94 GB (57%) free of 164 GB

---\\ Modo de conexão ao sistema
~ Computer Name: UER-PC
~ User Name: uer
~ All Users Names: uer, Convidado, ASPNET, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\uer\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\uer\AppData\Roaming\
~ %Desktop% : C:\Users\uer\Desktop\
~ %Favorites% : C:\Users\uer\Favorites\
~ %LocalAppData% : C:\Users\uer\AppData\Local\
~ %StartMenu% : C:\Users\uer\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 94 Go of 164 Go)
D: CD-ROM drive (Not Inserted)
E: CD-ROM drive (Not Inserted)
F: CD-ROM drive (Not Inserted)
L: Hard drive, Flash drive, Thumb drive (Free 109 Go of 134 Go)



---\\ Estado do Centro de Segurança do Windows
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 41 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.2626FC9755BE22F805D3CFA0CE3EE727] - (.Microsoft Corporation - Windows Explorer.) (.31/10/2009 - 02:45:39.) -- C:\Windows\Explorer.exe [2614272]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.4408FA39C6DCF639C6CC34059E201D16] - (.Microsoft Corporation - Internet Extensions para Win32.) (.24/08/2012 - 14:10:47.) -- C:\Windows\System32\wininet.dll [981504]
[MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.28/10/2009 - 03:17:59.) -- C:\Windows\System32\Winlogon.exe [285696]
[MD5.6DD03008047432CD4192DD869CBBC485] - (.Microsoft Corporation - Microsoft Tablet PC Component.) (.13/07/2009 - 22:16:15.) -- C:\Windows\System32\sppcomapi.dll [1536]
[MD5.0DB7A48388D54D154EBEC120461A0FCD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.24/04/2011 - 23:35:40.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BA6E70AA0E6091BC39DE29477D866A77] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/07/2009 - 20:11:26.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.83D1ECEA8FAAE75604C0FA49AC7AD996] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/04/2011 - 23:33:46.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.13/07/2009 - 20:50:56.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.CA7570E42522E24324A12161DB14EC02] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.03/05/2011 - 23:43:41.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123392]
[MD5.DD52A733BF4CA5AF84562A5E2F963B91] - (.Microsoft Corporation - MBT Transport driver.) (.13/07/2009 - 20:12:21.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.A8F59428E9F361C7AC42A94AC1560BC9] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.11/03/2014 - 16:20:26.) -- C:\Windows\system32\Drivers\ntfs.sys [1210728]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.C5FF95883FFEF704D50C40D21CFB3AB5] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/07/2009 - 21:02:58.) -- C:\Windows\system32\Drivers\rdpdr.sys [133120]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.CB39E896A2A83702D1737BFD402B3542] - (.Microsoft Corporation - TDI Translation Driver.) (.13/07/2009 - 20:12:11.) -- C:\Windows\system32\Drivers\tdx.sys [74240]
[MD5.58DF9D2481A56EDDE167E51B334D44FD] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.13/07/2009 - 22:19:10.) -- C:\Windows\system32\Drivers\volsnap.sys [245328]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
Mes images (My Pictures) : 2/2   (Modified)
Mes musiques (My Musics) : 121/121   (Modified)
~ Mes Favoris (My Favorites) : 1/18
~ Mes Documents (My Documents) : 1/158
~ Mon Bureau (My Desktop) : 1/20
~ Menu demarrer (Programs) : 1/33
~ Hidden Files:  Scanned in 00mn 01s



---\\ Processos lançados
[MD5.A3B72D00DB31F38F816C4855F46B00B5] - (.IObit - Smart Defrag v3.) -- C:\Program Files\IObit\Smart Defrag 3\SmartDefrag.exe   [3431712] [PID.2332]
[MD5.8D796CC19572EC1C401F8F213C8F9AC0] - (.Eastman Kodak Company - Camera detection stub.) -- C:\Program Files\Kodak\KODAK Share Button App\Listener.exe   [108544] [PID.2396]
[MD5.8E13CA0B48A1298F46F8739B95DBE4BF] - (.IObit - Advanced SystemCare 7 Monitor.) -- C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe   [781600] [PID.2416]
[MD5.0E34B7BB1FCF22BCC1E394D16F9E992B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe   [30040] [PID.3068]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.exe   [97680] [PID.3076]
[MD5.A5FCD42334CCC682DA1882A54338686C] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe   [860488] [PID.4044]
[MD5.67CE28A336E8E0B4F24FD72815C2F3B7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [8076288] [PID.2488]
~ Processes Running:  Scanned in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\uer\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [ibnjmihbbanannlbobkbmnmckjnmdnom] Rocket New Tab v.0.2.4, (Désactivé)  =>PUP.RockTurner
G2 - GCE: Preference [User Data\Default] [mfffpogegjflfpflabcdkioaeobkgjik] GaiaAuthExtension v.0.0.1, (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 19 Legitimates Filtered in 00mn 06s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} . (.Adblock - Helps you remove browser ads!.) -- C:\Program Files\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll
~ BHO: 12 Legitimates Filtered in 00mn 00s



---\\ Outras conexões do utilizador (04)
O4 - GS\QuickLaunch [uer]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.)  -- C:\Users\uer\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
O4 - GS\Desktop [uer]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.)  -- C:\Users\uer\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
~ Global Startup: 2 Legitimates Filtered in 00mn 05s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [IObit Malware Fighter] . (.IObit - IObit Malware Fighter.) -- C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
~ Application:  Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{005CA9E9-DA24-4154-99DC-4824D3C7CC79}: NameServer = 200.204.0.10,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{0183DCE1-5353-434C-BEDE-432A30399C36}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{8135896D-B66D-45C3-9101-DFF5AC867DE5}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{005CA9E9-DA24-4154-99DC-4824D3C7CC79}: NameServer = 200.204.0.10,8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{0183DCE1-5353-434C-BEDE-432A30399C36}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{8135896D-B66D-45C3-9101-DFF5AC867DE5}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{005CA9E9-DA24-4154-99DC-4824D3C7CC79}: NameServer = 200.204.0.10,8.8.8.8
O17 - HKLM\System\CS2\Services\Tcpip\..\{0183DCE1-5353-434C-BEDE-432A30399C36}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{8135896D-B66D-45C3-9101-DFF5AC867DE5}: DhcpNameServer = 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll  =>.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Tarefas planificadas automaticamente (039)
[MD5.7A89177D2D3163773748AC335C0EFE73] [APT] [Rocket Updater] (...) -- C:\Users\uer\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.exe   [95232]  =>PUP.RockTurner
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater   [902]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-807772889-3266456616-73456231-1000Core   [898]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-807772889-3266456616-73456231-1000UA   [920]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore   [1046]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [1050]
O39 - APT: Rocket Updater - (...) -- C:\Windows\Tasks\Rocket Updater.job   [284]  =>PUP.RockTurner
O39 - APT: Rocket Updater - (...) -- C:\Windows\System32\Tasks\Rocket Updater   [284]  =>PUP.RockTurner
~ Scheduled Task: 25 Legitimates Filtered in 00mn 11s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver:  (netfilter) . (.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) - C:\Windows\System32\drivers\netfilter.sys
~ Drivers: 69 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: LG ODD Auto Firmware Update - (...) [HKLM] -- {6179550A-3E7C-499E-BCC9-9E8113E0A285}
O42 - Logiciel: O Regresso do Rei tm - (...) [HKLM] -- {6E298B0A-558C-4138-0096-740677B382CD}
O42 - Logiciel: The Battle for Middle-earth (tm) II - (...) [HKLM] -- {2A9F95AB-65A3-432c-8631-B8BC5BF7477A}
~ Logic: 8 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Brasfoot2014]
[HKCU\Software\InstallCore]  =>Adware.InstallCore
[HKCU\Software\Rocket Browser]  =>PUP.RockTurner
[HKCU\Software\RocketUpdater]  =>PUP.RockTurner
[HKCU\Software\superdownloads.com.br]
[HKLM\Software\ADSRemoval]
[HKLM\Software\GameVicio]
~ Key Software: 264 Legitimates Filtered in 00mn 01s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 16/11/2013 - 00:52:14 - [] ----D C:\Program Files\AtomixMP3
O43 - CFD: 22/02/2014 - 11:15:13 - [] ----D C:\Program Files\GameVicio
O43 - CFD: 13/07/2014 - 15:24:34 - [] ----D C:\ProgramData\ProductData
O43 - CFD: 20/06/2014 - 21:14:36 - [] ----D C:\ProgramData\{C585085B-79A8-423C-B04B-77DD30E9C195}
O43 - CFD: 19/05/2014 - 11:48:03 - [] ----D C:\Users\uer\AppData\Roaming\ProductData
O43 - CFD: 13/07/2014 - 23:24:28 - [] ----D C:\Users\uer\AppData\Roaming\RocketUpdater  =>PUP.RockTurner
O43 - CFD: 22/02/2014 - 11:15:13 - [] ----D C:\Users\uer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio
~ Program Folder: 218 Legitimates Filtered in 00mn 02s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.462DAA41F1587BC538207E4F41F131B8] - 04/07/2014 - 21:57:12 ---A- . (...) -- C:\Windows\System32\prfc0416.dat   [829780]
O44 - LFC:[MD5.0186740953D826962E625B56CF27D992] - 04/07/2014 - 21:57:12 ---A- . (...) -- C:\Windows\System32\prfh0416.dat   [1433400]
O44 - LFC:[MD5.56B46E87E5D0F7708CD139E4B799AE8A] - 06/07/2014 - 16:27:43 ---A- . (...) -- C:\Windows\00000000.STI   [230424]
O44 - LFC:[MD5.1886A12A5610EF95C2958A2A35DCAB4C] - 10/07/2014 - 16:40:32 ---A- . (.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\netfilter.sys   [31744]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 12/07/2014 - 14:39:57 ---A- . (...) -- C:\asc_rdflag   [0]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 13/07/2014 - 11:50:16 ---A- . (...) -- C:\Windows\zoek-delete.exe   [24064]
O44 - LFC:[MD5.EE1F4124916DADF38532E69C39C4AF5F] - 13/07/2014 - 14:27:54 ---A- . (...) -- C:\zoek-results.log   [25621]
O44 - LFC:[MD5.0DC5AF80D059DEC792B665ED598C6567] - 13/07/2014 - 15:28:44 ---A- . (.SQLite Development Team - SQLite Dynamic Link Library (No TCL).) -- C:\Windows\System32\sqlite3.dll   [536576]
~ Files: 20 Legitimates Filtered in 00mn 20s



---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
~ ShellExecuteHooks:  Scanned in 00mn 00s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{0bb1cc73-51e8-11e2-a072-7071bc98f970}\AutoRun\command. (...) -- F:\LGAutoRun.exe (.not file.)
~ Keys:  Scanned in 00mn 00s



---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\LGODDFU  [Key] . (.Bitleader - No Comment.) -- C:\Program Files\lg_fwupdate\lgfw.exe
O53 - SMSR:HKLM\...\startupreg\uTorrent  [Key] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\uer\AppData\Roaming\uTorrent\uTorrent.exe  =>P2P.BitTorrent
~ SMSR Keys: 19 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [453712]
O58 - SDL:13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [26624]
O58 - SDL:10/07/2014 - 16:40:32 ---A- . (.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\netfilter.sys   [31744]
O58 - SDL:13/11/2013 - 09:13:03 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys   [324096]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [21072]
O58 - SDL:13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS   [9029]
O58 - SDL:13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys   [27097]
O58 - SDL:13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS   [4768]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS   [42809]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS   [42537]
O58 - SDL:13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS   [27866]
O58 - SDL:13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS   [29146]
O58 - SDL:13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS   [29370]
O58 - SDL:13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS   [29274]
O58 - SDL:13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS   [29146]
O58 - SDL:13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS   [33952]
O58 - SDL:13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS   [34672]
O58 - SDL:13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS   [35776]
O58 - SDL:13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS   [35536]
O58 - SDL:13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS   [34672]
~ Drivers: 71 Legitimates Filtered in 00mn 43s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 10/07/2014 - C:\Windows\System32\drivers\netfilter.sys (netfilter)  .(.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) - LEGACY_NETFILTER
O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\DRIVERS\nvstor.sys (nvstor)  .(.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - LEGACY_NVSTOR
~ Legacy: 115 Legitimates Filtered in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 12 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Not Key.)
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.254FBCA565E049648B0CCE2CEADF05D2] [SPRF][13/07/2013] (...) -- C:\Users\uer\AppData\Roaming\inst.exe   [87608]
[MD5.DB95B03031E66AC45495EDF1D16B8887] [SPRF][13/07/2014] (...) -- C:\Users\uer\Desktop\adwcleaner_3.215.exe   [1348263]
[MD5.352E8561E633B17ED22012366721FFDC] [SPRF][13/07/2014] (...) -- C:\Users\uer\Desktop\zoek.exe   [1285120]
~ Files: 5 Legitimates Filtered in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{898AAE01-1038-499B-9070-741E4EBE0EE7}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\uer\AppData\Roaming\uTorrent\uTorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{8B1190E6-F62B-46B7-B92A-54849B54EDE6}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\uer\AppData\Roaming\uTorrent\uTorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{232BE256-DD9A-4A8A-AC16-4DC41EC05F21}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\uer\AppData\Roaming\uTorrent\uTorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{DEDBE15B-75CB-4759-A00E-ED230E68EF36}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\uer\AppData\Roaming\uTorrent\uTorrent.exe  =>P2P.BitTorrent
~ Firewall: 4 Legitimates Filtered in 00mn 11s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\582-uTorrent_RASAPI32  =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\582-uTorrent_RASMANCS  =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent Acceleration Tool_RASAPI32  =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent Acceleration Tool_RASMANCS  =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\utorrent-323-build-28705-baixaki-32-bits_RASAPI32  =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\utorrent-323-build-28705-baixaki-32-bits_RASMANCS  =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASAPI32  =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASMANCS  =>P2P.µTorrent
~ BTK: 649 Legitimates Filtered in 00mn 01s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 11/07/2014 262320 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 26/08/2013 116648 |  (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 26/08/2013 116648 |  (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 04/04/2005 69632 |  (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Auto 04/05/2014 2152736 |  (LiveUpdateSvc) . (.IObit.) - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
SS - | Demand 13/04/2007 792112 |  (NBService) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
SS - | Demand 08/05/2007 271920 |  (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
SS - | Auto 23/10/2013 172192 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Demand 19/02/2010 517096 |  (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SS - | Demand 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 08/05/2014 65432 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 14/01/2014 881952 |  (AdvancedSystemCareService7) . (.IObit.) - C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
SR - | Demand 13/07/2009 20992 | C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 15/05/2014 342336 |  (IMFservice) . (.IObit.) - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
SR - | Auto 23/10/2013 22208 |  (MsMpSvc) . (.Microsoft Corporation.) - C:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 13s



---\\ Lista dos emuladores de CD/DVD (MBR Hook)
O58 - SDL:13/11/2013 - 09:13:03 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys   [324096]
~ Emulateurs:  Scanned in 00mn 13s



---\\ Scâner Aditional (088)
Database Version : 13026 - (13/07/2014)
Clés trouvées (Keys found) : 3
Valeurs trouvées (Values found) : 2
Dossiers trouvés  (Folders found) : 2
Fichiers trouvés  (Files found) : 5

[HKLM\Software\Google\Chrome\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom]   =>PUP.RockTurner^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent]   =>P2P.BitTorrent^
[HKCU\Software\InstallCore]   =>Adware.InstallCore
C:\Users\uer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom   =>PUP.RockTurner^
C:\Users\uer\AppData\Roaming\RocketUpdater   =>PUP.RockTurner^
C:\Users\uer\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.exe   =>PUP.RockTurner^
C:\Windows\Tasks\Rocket Updater.job   =>PUP.RockTurner^
C:\Windows\System32\Tasks\Rocket Updater   =>PUP.RockTurner^
[HKCU\Software\Rocket Browser]   =>PUP.RockTurner^
[HKCU\Software\RocketUpdater]   =>PUP.RockTurner^
~ Additionnel Scan: 284971 Items scanned in 00mn 50s



---\\ Informações complémentaires do módulos
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Internet Explorer, Gestão do Proxy (R5)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Browser Helper Objects do navegador (02)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Aplicações iniciadas por registo & pastas (04)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Chave do registo Shell MountPoints2 (MPKS) (O51)
~ AMI: 5 Legitimates Filtered in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.RockTurner
[Você precisa estar registrado e conectado para ver este link.]  =>Adware.InstallCore
~ MSI: 2 link(s) detected in 00mn 00s



~ 872 Legitimates filtered by white list
End of the scan (474 lines in 03mn 32s)(0)
avatar
Luis Gomes
Iniciante
Iniciante

Mensagens : 12
Reputação : 0
Data de inscrição : 13/07/2014

Voltar ao Topo Ir em baixo

Re: Como removo o adware ads by suprasaving?

Mensagem por Power Max em Dom 13 Jul 2014, 23:56

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.


Última edição por Power Max em Ter 15 Jul 2014, 11:42, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) Como faço para retirar o adware ads by suprasaving?

Mensagem por Luis Gomes em Seg 14 Jul 2014, 00:05

Rapport de ZHPFix 2014.7.9.4 par Nicolas Coolman, Update du 09/07/2014
Fichier d'export Registre :
Run by uer at 14/07/2014 00:04:08
High Elevated Privileges : OK
Windows 7 Business Edition, 32-bit  (Build 7600)

Reciclagem vazia (00mn 04s)

========== Chaves do Registo ==========
ELIMINÉ: HKCU\Software\InstallCore
ELIMINÉ: HKCU\Software\Rocket Browser
ELIMINÉ: HKCU\Software\RocketUpdater
ELIMINÉ: HKLM\Software\Google\Chrome\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ Temporários windows (15) (5.355.799 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: Rocket Updater

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
4 : Chaves do Registo
1 : Pastas
2 : Ficheiros
1 : Tarefa planificada
1 : Restauração Sistema


End of clean in 00mn 28s

========== Caminho do ficheiro do relatório ==========
C:\Users\uer\AppData\Roaming\ZHP\ZHPFix[R1].txt - 13/07/2014 23:14:35 [2801]
C:\Users\uer\AppData\Roaming\ZHP\ZHPFix[R2].txt - 14/07/2014 00:04:13 [1159]
avatar
Luis Gomes
Iniciante
Iniciante

Mensagens : 12
Reputação : 0
Data de inscrição : 13/07/2014

Voltar ao Topo Ir em baixo

Re: Como removo o adware ads by suprasaving?

Mensagem por Power Max em Seg 14 Jul 2014, 00:08

Este procedimento abaixo é um pouco mais demorado. Se você quiser, pode deixar para fazê-lo amanhã.

Faça o download do Malwarebytes em um destes links abaixo:
[Você precisa estar registrado e conectado para ver este link.]
[Você precisa estar registrado e conectado para ver este link.]

Para instalá-lo e executá-lo corretamente siga, por gentileza, as dicas desta postagem:

[Você precisa estar registrado e conectado para ver este link.]

Na sua próxima resposta poste este log (relatório) do Malwarebytes.

Ficamos no aguardo.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) Como faço para retirar o adware ads by suprasaving?

Mensagem por Luis Gomes em Seg 14 Jul 2014, 11:16

Malwarebytes Anti-Malware
[Você precisa estar registrado e conectado para ver este link.]

Data de Verificação: 14/07/2014
Hora da Verificação: 08:55:20
Logfile: Malwarebytes.txt
Administrador: Sim

Versão: 2.00.2.1012
Malware Database: v2014.07.14.04
Rootkit Database: v2014.07.09.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Self-protection: Desabilitado

OS: Windows 7
CPU: x86
Sistema de Arquivo: NTFS
Usuário: uer

Tipo da Verificação: Verificação Personalizada
Resultado: Completado
Arquivos Verificados: 464820
Tempo Decorrido: 2 hr, 14 min, 6 seg

Memória: Enabled
Inicialização: Enabled
Filesystem: Enabled
Arquivos: Enabled
Rootkits: Desabilitado
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processos: 0
(No malicious items detected)

Módulos: 0
(No malicious items detected)

Chaves de Registro: 5
PUP.Optional.LyricsAd, HKU\S-1-5-21-807772889-3266456616-73456231-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{2D603099-044B-4FF3-BDD5-B505CCD80425}, Quarantined, [4d1f415e156673c3be09870352b0af51],
PUP.Optional.LyricsAd, HKU\S-1-5-21-807772889-3266456616-73456231-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{2D603099-044B-4FF3-BDD5-B505CCD80425}, Quarantined, [4d1f415e156673c3be09870352b0af51],
PUP.Optional.EasyDeals.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Easy  Deals, Quarantined, [48241b84c9b22115c7ef627991715ca4],
PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-4.1, Quarantined, [d3994c53bbc0ff371defb124e41e5aa6],
PUP.Optional.FunMoods.A, HKU\S-1-5-21-807772889-3266456616-73456231-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\funmoodsToolbar, Quarantined, [620a2d72453694a22261b04cb64df907],

Valores de Registro: 0
(No malicious items detected)

Dados do Registro: 0
(No malicious items detected)

Pastas: 0
(No malicious items detected)

Arquivos: 7
PUP.Optional.InstallCore, C:\Users\uer\Downloads\ccleaner-4-15-4725-32-bits.exe, Quarantined, [db915a45abd08aace83ed0c2659f8878],
PUP.Optional.MultiPlug.A, C:\zoek_backup\C_PROGRA~2_BiEstSaveeFOrYoeu\LW.dll, Quarantined, [3933683723583105b9c03b161fe240c0],
PUP.Optional.MultiPlug.A, C:\zoek_backup\C_PROGRA~2_BiEstSaveeFOrYoeu\LW.exe, Quarantined, [b2ba0e91463591a57efb61f08b766a96],
Trojan.SProtector, C:\zoek_backup\C_PROGRA~2_Browser Stabilizer\BrowserStabilizer.dll, Quarantined, [0a62247b8eed0432c00968f9808123dd],
Trojan.SProtector, C:\zoek_backup\C_PROGRA~2_Browser Stabilizer\BrowserStabilizerSvc.dll, Quarantined, [28447926502b82b43890a3b48e7335cb],
PUP.Optional.InstalleRex, C:\zoek_backup\C_PROGRA~2_InstallMate\{53F630F3-9BC6-4DC3-AF28-D3E488151205}\Custom.dll, Quarantined, [8ddf7b24017a3afccc23c674c04114ec],
PUP.Optional.InstalleRex, C:\zoek_backup\C_PROGRA~2_InstallMate\{F3C91858-6D8F-4A0A-A8E1-25AD282A3AAE}\Custom.dll, Quarantined, [80ec1d821e5d40f6836c2e0c9071748c],

Physical Sectors: 0
(No malicious items detected)


(end)
avatar
Luis Gomes
Iniciante
Iniciante

Mensagens : 12
Reputação : 0
Data de inscrição : 13/07/2014

Voltar ao Topo Ir em baixo

Re: Como removo o adware ads by suprasaving?

Mensagem por Power Max em Seg 14 Jul 2014, 11:31

Como está o computador?

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Como removo o adware ads by suprasaving?

Mensagem por Luis Gomes em Seg 14 Jul 2014, 12:58

O computador está funcionando perfeitamente, e o Ads by supra saving saiu. Obrigado   
avatar
Luis Gomes
Iniciante
Iniciante

Mensagens : 12
Reputação : 0
Data de inscrição : 13/07/2014

Voltar ao Topo Ir em baixo

Re: Como removo o adware ads by suprasaving?

Mensagem por Power Max em Seg 14 Jul 2014, 13:24

isso aí! Fico feliz que o problema tenha sido resolvido.

Só para finalizar siga estes tutoriais abaixo, por gentileza:

[Você precisa estar registrado e conectado para ver este link.]

[Você precisa estar registrado e conectado para ver este link.]
_______________________________________________________________________________________________________________________

Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Você precisa estar registrado e conectado para ver este link.].
_______________________________________________________________________________________________________________________

Foi um prazer ajudar. Conte sempre conosco!

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Como removo o adware ads by suprasaving?

Mensagem por Power Max em Ter 15 Jul 2014, 11:46

CASO RESOLVIDO

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Você precisa estar registrado e conectado para ver este link.] solicitando o desbloqueio.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Como removo o adware ads by suprasaving?

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum