Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14412 usuários registrados
O último usuário registrado atende pelo nome de LucasDrBr

Os nossos membros postaram um total de 35075 mensagens em 3551 assuntos
Quem está conectado
1 usuário online :: Nenhum usuário registrado, Nenhum Invisível e 1 Visitante :: 1 Motor de busca

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Julho 2017
SegTerQuaQuiSexSabDom
     12
3456789
10111213141516
17181920212223
24252627282930
31      

Calendário Calendário

Palavras chave


Como remover Ads by I Cinema

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

Como remover Ads by I Cinema

Mensagem por Rafael FD em Sex 12 Dez 2014, 01:49

Galera estou com esse problema, alguem poderia me ajudar.

Grato
avatar
Rafael FD
Iniciante
Iniciante

Mensagens : 36
Reputação : 1
Data de inscrição : 20/06/2014

Voltar ao Topo Ir em baixo

Re: Como remover Ads by I Cinema

Mensagem por caedurodrigues em Sex 12 Dez 2014, 08:48

Bom dia Rafael FD,

  • Baixe: <ZHPDiag ><[Você precisa estar registrado e conectado para ver esta imagem.]> ( ...Nicolas Coolman)
  • Salve-o no Disco local (C ou D).
  • Desabilite seu antivírus, e execute ZHPDiag.exe para instalar.

    [Você precisa estar registrado e conectado para ver esta imagem.]
  • Execute o ícone do pergaminho!

    [Você precisa estar registrado e conectado para ver esta imagem.]
  • Clique na opção "COMPLETA" e aguarde a conclusão.
  • Clique OK e,ao concluir, poste o relatório! ( ZHPDiag.txt )
  • Obs: O relatório por ser extenso deve ser postado em um desses sites:
  • Acesse: <[Você precisa estar registrado e conectado para ver esta imagem.]>
  • Ou acesse:<MyFile.tk>
  • Ou anexe-o <Aqui> << Link
  • Maiores informações:<Link> << Hospedagem !

Um grande abraço.
avatar
caedurodrigues
Analista
Analista

Mensagens : 945
Reputação : 161
Data de inscrição : 21/10/2013
Idade : 47
Localização : Apiacá

Voltar ao Topo Ir em baixo

Re: Como remover Ads by I Cinema

Mensagem por Rafael FD em Sex 12 Dez 2014, 12:39

Boa tarde, segue o log:

~ Relatório do ZHPDiag v2014.11.5.158 - Nicolas Coolman (05/11/2014)
~ Iniciado por Iara Coelho (12/12/2014 12:20:37)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Endereço do Webforum : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão : Nova Versão disponivel
~ Lista Branca : Desativado pelo Utilizador
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17501
GCIE: Google Chrome v39.0.2171.95

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows Vista (TM) Ultimate, 64-bit Service Pack 1 (Build 6000)
Windows Server License Manager Script : OK

---\\ Softwares de proteçao do sistema
avast! Free Antivirus v9.0.2021
Malwarebytes Anti-Malware versão 2.0.4.1028

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)
FrostWire 5.6.9 v5.6.9.2

---\\ Monitoramento dos softwares
Adobe Flash Player 15 Plugin

---\\ Informações sobre o sistema
~ Processor: AMD64 Family 16 Model 4 Stepping 3, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8191 MB (57% free)
System Restore: Activé (Enable)
System drive C: has 45 GB (19%) free of 233 GB

---\\ Modo de conexão ao sistema
~ Computer Name: IARACOELHO-PC
~ User Name: Iara Coelho
~ All Users Names: UpdatusUser, Iara Coelho, HomeGroupUser$, Guest, Administrator,
~ Unselected Option: None
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Iara Coelho\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Iara Coelho\AppData\Roaming\
~ %Desktop% : C:\Users\Iara Coelho\Desktop\
~ %Favorites% : C:\Users\Iara Coelho\Favorites\
~ %LocalAppData% : C:\Users\Iara Coelho\AppData\Local\
~ %StartMenu% : C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 45 Go of 233 Go)
D: CD-ROM drive (Not Inserted)
E: Floppy drive, Flash card reader, USB Key (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
J: CD-ROM drive (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 49 Scanned in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.13/07/2012 - 12:46:42.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.4AF089160FE082E5EA5C4AA72782DCA2] - (.Microsoft Corporation - Internet Extensions para Win32.) (.21/11/2014 - 22:28:21.) -- C:\Windows\System32\wininet.dll [2358272]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.16/07/2014 - 23:07:24.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 03:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.13/07/2012 - 12:49:34.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 00:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) (.10/11/2014 - 22:46:26.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/35
~ Mes musiques (My Musics) : 1/450
~ Mes Favoris (My Favorites) : 1/4
~ Mes Documents (My Documents) : 2/106
~ Mon Bureau (My Desktop) : 3/51
~ Menu demarrer (Programs) : 1/36
~ Hidden Files: Scanned in 00mn 01s



---\\ Processos lançados
[MD5.449E6CD914920B84DDDF0F12880411EE] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224] [PID.2464]
[MD5.C10E5EF1B85DE5B79AC2815C9A677D1F] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\Iara Coelho\AppData\Roaming\uTorrent\uTorrent.exe [1385808] [PID.2508] =>P2P.BitTorrent
[MD5.1B7263F59C7AEB95664B338846BC5F3E] - (.The BoBrowser Authors - BoBrowser.) -- C:\Users\Iara Coelho\AppData\Local\BoBrowser\Application\bobrowser.exe [7353992] [PID.2632] =>PUP.BoBrowser
[MD5.6DCDD8AF0B44CC5344FE2ED1AFFB60AA] - (.Ralink Technology, Corp. - RaUI MFC Application.) -- C:\Program Files (x86)\Ralink\Common\RaUI.exe [1672480] [PID.2680]
[MD5.26AFC1F16494FFE66F2197153B342A27] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432] [PID.3008]
[MD5.D2E3E6D94A9E1CFA1561D9C748136FD0] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.3188]
[MD5.05DD0C6B983F7C2E9B4BF1B91AFC3545] - (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\steam.exe [1940160] [PID.5100]
[MD5.5F3587E344F2990B59C941FB405CAA0F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904] [PID.1476]
[MD5.31D74F51C684B27A24BE0EE08DB998EF] - (.Valve Corporation - Steam Client WebHelper.) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe [1519808] [PID.3528]
[MD5.582CEC1C210BA982AD170EC31C01BADA] - (...) -- C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe [288680] [PID.5852]
[MD5.5B85DFCDC1C359C601D991714A30339B] - (.Valve Corporation - gameoverlayui.exe.) -- C:\Program Files (x86)\Steam\GameOverlayUI.exe [383168] [PID.6476]
[MD5.19BFB82E196A00D18367429014F0CCFC] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8121344] [PID.456]
~ Processes Running: Scanned in 00mn 04s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll
P2 - FPN: [HKLM] [adobe.com/AdobeAAMDetect] - (.Adobe Systems - A plugin to detect whether the Adobe Application Manager is installed.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited - Facebook Video Calling Plugin.) -- C:\Users\Iara Coelho\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
~ Firefox Browser: 3 Scanned in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.] =>Hijacker.WebsSearches
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.] =>Hijacker.WebsSearches
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.] =>Hijacker.WebsSearches
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.] =>Hijacker.WebsSearches
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.] =>Hijacker.WebsSearches
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.] =>Hijacker.WebsSearches
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.] =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.] =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.] =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.] =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navegador da Internet.) (11.00.9600.17496 (winblue_r5.141121-1500)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 20 Scanned in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hôte est sain (The hosts file is clean) (0)
~ Hosts File: Scanned in 00mn 00s



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: 71006210ed970131b10e4b1b56ee52a40061365 [64Bits] - {11111111-1111-1111-1111-110611131165} . (.DiscountFrenzy - I - Cinema BHO.) -- C:\Program Files (x86)\I - Cinema\I - Cinema-bho.dll
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Search Vortex 1.0.0.5 [64Bits] - {f260b59a-921d-4d06-8f4c-59ae3598394f} . (.Search Vortex - Search Vortex.) -- C:\Program Files (x86)\Search Vortex\SearchVortexbho.dll
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (...) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (.not file.)
~ BHO: 8 Scanned in 00mn 00s



---\\ Outras conexões do utilizador (04)
O4 - GS\QuickLaunch [Iara Coelho]: BoBrowser.lnk . (.The BoBrowser Authors - BoBrowser.) -- C:\Users\Iara Coelho\AppData\Local\BoBrowser\Application\bobrowser.exe =>PUP.BoBrowser
O4 - GS\QuickLaunch [Iara Coelho]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [Você precisa estar registrado e conectado para ver este link.] =>Hijacker.WebsSearches
O4 - GS\QuickLaunch [Iara Coelho]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Iara Coelho\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\Program [Iara Coelho]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [Você precisa estar registrado e conectado para ver este link.] =>Hijacker.WebsSearches
O4 - GS\SystemTools [Iara Coelho]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [Você precisa estar registrado e conectado para ver este link.] =>Hijacker.WebsSearches
O4 - GS\Desktop [Iara Coelho]: Facebook.lnk . (.The BoBrowser Authors - BoBrowser.) -- C:\Users\Iara Coelho\AppData\Local\BoBrowser\Application\bobrowser.exe [Você precisa estar registrado e conectado para ver este link.] =>PUP.BoBrowser
O4 - GS\Desktop [Iara Coelho]: Katana - Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Você precisa estar registrado e conectado para ver este link.] =>Hijacker.WebsSearches
O4 - GS\Desktop [Iara Coelho]: Wikipedia.lnk . (.The BoBrowser Authors - BoBrowser.) -- C:\Users\Iara Coelho\AppData\Local\BoBrowser\Application\bobrowser.exe [Você precisa estar registrado e conectado para ver este link.] --location=1 =>PUP.BoBrowser
O4 - GS\Desktop [Iara Coelho]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Iara Coelho\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 9 Scanned in 00mn 04s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Iara Coelho\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\Run: [BoBrowser] . (.The BoBrowser Authors - BoBrowser.) -- C:\Users\Iara Coelho\AppData\Local\BoBrowser\Application\bobrowser.exe =>PUP.BoBrowser
O4 - HKLM\..\Wow6432Node\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS5.5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5.5 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2138212033-2169333751-162243810-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKUS\S-1-5-21-2138212033-2169333751-162243810-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-2138212033-2169333751-162243810-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-2138212033-2169333751-162243810-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Iara Coelho\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-2138212033-2169333751-162243810-1000\..\Run: [BoBrowser] . (.The BoBrowser Authors - BoBrowser.) -- C:\Users\Iara Coelho\AppData\Local\BoBrowser\Application\bobrowser.exe =>PUP.BoBrowser
~ Application: Scanned in 00mn 00s



---\\ Icones das opções IE invisiveis no painel das configurações (05)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Skype Click to Call settings [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Provedor de Correção de Nomeação de Emails.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Provedor de serviços do Microsoft Windows Sockets 2.0.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000009\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
~ Winsock: 9 Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0C51E99C-AE9A-41A9-9A2A-D4F4FDF7C4B4}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{11EA81CA-D589-4301-9A63-66823CDE6D3F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{6D135172-0D87-4662-8F4D-40DA921F96F5}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\..\{7A96E134-FFCB-4CEA-8269-86A184C6A41F}: DhcpNameServer = 186.223.160.21 186.223.160.24 201.6.4.116
O17 - HKLM\System\CCS\Services\Tcpip\..\{A02BCA32-C19A-4F8E-9743-879A4E0F41C1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{EFA89829-F2E4-4A55-8AD7-F6C3F93CFA67}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{0C51E99C-AE9A-41A9-9A2A-D4F4FDF7C4B4}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{11EA81CA-D589-4301-9A63-66823CDE6D3F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{6D135172-0D87-4662-8F4D-40DA921F96F5}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CS1\Services\Tcpip\..\{7A96E134-FFCB-4CEA-8269-86A184C6A41F}: DhcpNameServer = 186.223.160.21 186.223.160.24 201.6.4.116
O17 - HKLM\System\CS1\Services\Tcpip\..\{A02BCA32-C19A-4F8E-9743-879A4E0F41C1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{EFA89829-F2E4-4A55-8AD7-F6C3F93CFA67}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{0C51E99C-AE9A-41A9-9A2A-D4F4FDF7C4B4}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{11EA81CA-D589-4301-9A63-66823CDE6D3F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{6D135172-0D87-4662-8F4D-40DA921F96F5}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CS2\Services\Tcpip\..\{7A96E134-FFCB-4CEA-8269-86A184C6A41F}: DhcpNameServer = 186.223.160.21 186.223.160.24 201.6.4.116
O17 - HKLM\System\CS2\Services\Tcpip\..\{A02BCA32-C19A-4F8E-9743-879A4E0F41C1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{EFA89829-F2E4-4A55-8AD7-F6C3F93CFA67}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 186.223.160.21 186.223.160.24 201.6.4.116
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Chave do Registo autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - YSLoader.exe.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BRApps (BRApps) . (...) - C:\Program Files (x86)\BRApps\BRApps.exe
O23 - Service: ClaraUpdater (ClaraUpdater) . (.ClaraLabs - ClaraUpdater.) - C:\Program Files (x86)\Common Files\ClaraUpdater\ClaraUpdater.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) . (.globalUpdate - globalUpdate Update.) - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: NJax (NJax) . (...) - C:\Program Files (x86)\NJax\NJax.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 311.0.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PennyBee service (PennyBee) . (.No owner - AutoUpdateStart.) - C:\Program Files (x86)\PennyBee\PennyBee.exe =>PUP.PaybyAds
O23 - Service: PnkBstrA (PnkBstrA) . (...) - C:\Windows\SysWOW64\PnkBstrA.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) . (.Ralink Technology, Corp. - RalinkRegistryWriter.) - C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
O23 - Service: Ralink Registry Writer 64 (RalinkRegistryWriter64) . (.Ralink Technology, Corp. - RalinkRegistryWriter.) - C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: (UMVPFSrv) . (.Logitech Inc. - Logitech User mode UMVPF service.) - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: Update Search Vortex (Update Search Vortex) . (...) - C:\Program Files (x86)\Search Vortex\updateSearchVortex.exe
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) . (.Fuyu LIMITED - WindowsProtectManger Service.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu
~ Services: 20 Scanned in 00mn 09s



---\\ Enumeração Ativa do Ambiente de trabalho & Editor MHTML (024)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Listagem dos dados do BootExecute (Bex) (034)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tarefas planificadas automaticamente (039)
[MD5.3756AF3DECE011FEDEAFC929B56CBCDF] [APT] [94A46359-5537-4201-BEFD-1EC63DFD0943] (.Baidu Inc..) -- C:\ProgramData\Baidu Security\PC_Faster_Setup_Mini_GL16.exe [1108512]
[MD5.8BF0087379C4AB0FCDFFD379AF0035AE] [APT] [aa3f8742-ee81-44ec-9962-d671d0732601-1] (.DiscountFrenzy.) -- C:\Program Files (x86)\I - Cinema\I - Cinema-codedownloader.exe [1139168]
[MD5.6B864E9E1CBB2064D1B8348CD7A9C8E3] [APT] [aa3f8742-ee81-44ec-9962-d671d0732601-11] (.DiscountFrenzy.) -- C:\Program Files (x86)\I - Cinema\aa3f8742-ee81-44ec-9962-d671d0732601-11.exe [1879008]
[MD5.12F7C2365B17F5536DFB459B27C45A5E] [APT] [aa3f8742-ee81-44ec-9962-d671d0732601-2] (.DiscountFrenzy.) -- C:\Program Files (x86)\I - Cinema\aa3f8742-ee81-44ec-9962-d671d0732601-2.exe [955872]
[MD5.46A2AACBA43D8D98E17B58353D610A81] [APT] [aa3f8742-ee81-44ec-9962-d671d0732601-4] (.DiscountFrenzy.) -- C:\Program Files (x86)\I - Cinema\aa3f8742-ee81-44ec-9962-d671d0732601-4.exe [1393632]
[MD5.AFED9A549A2B98E2DDF6662F51701438] [APT] [aa3f8742-ee81-44ec-9962-d671d0732601-5] (.DiscountFrenzy.) -- C:\Program Files (x86)\I - Cinema\aa3f8742-ee81-44ec-9962-d671d0732601-5.exe [1074656]
[MD5.AFED9A549A2B98E2DDF6662F51701438] [APT] [aa3f8742-ee81-44ec-9962-d671d0732601-5_user] (.DiscountFrenzy.) -- C:\Program Files (x86)\I - Cinema\aa3f8742-ee81-44ec-9962-d671d0732601-5.exe [1074656]
[MD5.77EAA966FC16085BCDBA3382743B133C] [APT] [aa3f8742-ee81-44ec-9962-d671d0732601-6] (.DiscountFrenzy.) -- C:\Program Files (x86)\I - Cinema\aa3f8742-ee81-44ec-9962-d671d0732601-6.exe [1518560]
[MD5.8BF0087379C4AB0FCDFFD379AF0035AE] [APT] [aa3f8742-ee81-44ec-9962-d671d0732601-7] (.DiscountFrenzy.) -- C:\Program Files (x86)\I - Cinema\aa3f8742-ee81-44ec-9962-d671d0732601-7.exe [1139168]
[MD5.749F94C424524285DCDA84D695ABC12F] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [267440]
[MD5.320681DF28D82CDCA7E3EED0846625DB] [APT] [AdobeAAMUpdater-1.0-IaraCoelho-PC-Iara Coelho] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904]
[MD5.8887AA968FD3AA87F75D3EF20DB1AA46] [APT] [Apple Diagnostics] (.Apple Inc..) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [346440]
[MD5.1AD8512A5C40AD1A0558498D8E0AC2AA] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [808448]
[MD5.D858BA2EE718B1DB1CED20646E641D08] [APT] [globalUpdateUpdateTaskMachineCore] (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608]
[MD5.D858BA2EE718B1DB1CED20646E641D08] [APT] [globalUpdateUpdateTaskMachineUA] (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.1B7263F59C7AEB95664B338846BC5F3E] [APT] [Run_Bobby_Browser] (.The BoBrowser Authors.) -- C:\Users\Iara Coelho\AppData\Local\BoBrowser\Application\bobrowser.exe [7353992] =>PUP.BoBrowser
[MD5.C155A13687144076286989EF078112C2] [APT] [{518E5079-544F-473E-83C0-D0884AC69863}] (.Nicolas Coolman.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe [1917440]
[MD5.5F3587E344F2990B59C941FB405CAA0F] [APT] [{A4A6B053-57EB-4868-9089-85469847DEB1}] (.Google Inc..) -- c:\program files (x86)\google\chrome\application\chrome.exe [856904]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984]
O39 - APT: aa3f8742-ee81-44ec-9962-d671d0732601-1 - (.DiscountFrenzy.) -- C:\Windows\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-1.job [3434] =>PUP.CrossRider
O39 - APT: aa3f8742-ee81-44ec-9962-d671d0732601-1 - (.DiscountFrenzy.) -- C:\Windows\System32\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-1 [3434] =>PUP.CrossRider
O39 - APT: aa3f8742-ee81-44ec-9962-d671d0732601-11 - (.DiscountFrenzy.) -- C:\Windows\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-11.job [5174]
O39 - APT: aa3f8742-ee81-44ec-9962-d671d0732601-11 - (.DiscountFrenzy.) -- C:\Windows\System32\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-11 [5174]
O39 - APT: aa3f8742-ee81-44ec-9962-d671d0732601-2 - (.DiscountFrenzy.) -- C:\Windows\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-2.job [2436] =>PUP.CrossRider
O39 - APT: aa3f8742-ee81-44ec-9962-d671d0732601-2 - (.DiscountFrenzy.) -- C:\Windows\System32\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-2 [2436] =>PUP.CrossRider
O39 - APT: aa3f8742-ee81-44ec-9962-d671d0732601-4 - (.DiscountFrenzy.) -- C:\Windows\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-4.job [4484] =>PUP.CrossRider
O39 - APT: aa3f8742-ee81-44ec-9962-d671d0732601-4 - (.DiscountFrenzy.) -- C:\Windows\System32\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-4 [4484] =>PUP.CrossRider
O39 - APT: aa3f8742-ee81-44ec-9962-d671d0732601-5 - (.DiscountFrenzy.) -- C:\Windows\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-5.job [2780] =>PUP.CrossRider
O39 - APT: aa3f8742-ee81-44ec-9962-d671d0732601-5 - (.DiscountFrenzy.) -- C:\Windows\System32\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-5 [2780] =>PUP.CrossRider
O39 - APT: aa3f8742-ee81-44ec-9962-d671d0732601-5_user - (.DiscountFrenzy.) -- C:\Windows\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-5_user.job [2780]
O39 - APT: aa3f8742-ee81-44ec-9962-d671d0732601-5_user - (.DiscountFrenzy.) -- C:\Windows\System32\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-5_user [2780]
O39 - APT: aa3f8742-ee81-44ec-9962-d671d0732601-6 - (.DiscountFrenzy.) -- C:\Windows\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-6.job [5852] =>PUP.CrossRider
O39 - APT: aa3f8742-ee81-44ec-9962-d671d0732601-6 - (.DiscountFrenzy.) -- C:\Windows\System32\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-6 [5852] =>PUP.CrossRider
O39 - APT: aa3f8742-ee81-44ec-9962-d671d0732601-7 - (.DiscountFrenzy.) -- C:\Windows\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-7.job [5508] =>PUP.CrossRider
O39 - APT: aa3f8742-ee81-44ec-9962-d671d0732601-7 - (.DiscountFrenzy.) -- C:\Windows\System32\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-7 [5508] =>PUP.CrossRider
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [902]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: globalUpdateUpdateTaskMachineCore - (.globalUpdate.) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job [964]
O39 - APT: globalUpdateUpdateTaskMachineCore - (.globalUpdate.) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore [964]
O39 - APT: globalUpdateUpdateTaskMachineUA - (.globalUpdate.) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job [968]
O39 - APT: globalUpdateUpdateTaskMachineUA - (.globalUpdate.) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA [968]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1064]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1064]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1068]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1068]
~ Scheduled Task: 47 Scanned in 00mn 09s



---\\ Componentes instalados (ActiveSetup Installed Components) (040)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API de tema do Windows.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Processador de comandos do Windows.) -- C:\Windows\system32\cmd.exe
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extensão shell da pasta FTP do Microsoft Internet Explorer.) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 10 Scanned in 00mn 00s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\drivers\aswRdr2.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (brfilterdrv) . (.Windows (R) Win 7 DDK provider - NetFilter SDK WFP Driver (WPP).) - C:\Windows\System32\drivers\brfilterdrv.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (ISODrive) . (.EZB Systems, Inc. - ISO DVD/CD-ROM Device Driver.) - C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Agendador de pacotes de serviço.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Driver do Subsistema de Buffer da Unidade R.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: (Serial) . (.Brother Industries Ltd. - Brother Serial I/F Driver (WDM).) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 81 Scanned in 00mn 00s
...
avatar
Rafael FD
Iniciante
Iniciante

Mensagens : 36
Reputação : 1
Data de inscrição : 20/06/2014

Voltar ao Topo Ir em baixo

Re: Como remover Ads by I Cinema

Mensagem por Rafael FD em Sex 12 Dez 2014, 12:40

Outra parte!


---\\ Software instalados (042)
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- {46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}
O42 - Logiciel: Adobe Acrobat 5.0 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Acrobat 5.0
O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated..) [HKLM][64Bits] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated..) [HKLM][64Bits] -- {3521BDBD-D453-5D9F-AA55-44B75D214629}
O42 - Logiciel: Adobe Flash Player 15 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 15 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Premiere Pro CS5.5 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0497EAED-70DA-4BBE-BEB3-AF77FD8788EA}
O42 - Logiciel: Adobe Shockwave Player 12.0 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player
O42 - Logiciel: Adobe Story - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: Adobe Story - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {C28DD992-5B7B-D195-6841-4EC57DF512BD}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {787136D2-F0F8-4625-AA3F-72D7795AC842}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
O42 - Logiciel: BRApps - (.BR SOFTWARE LLC.) [HKLM][64Bits] -- BRApps
O42 - Logiciel: BoBrowser - (.BoBrowser.) [HKCU][64Bits] -- BoBrowser =>PUP.BoBrowser
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {51C7AD07-C3F6-4635-8E8A-231306D810FE}
O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {ED5776D5-59B4-46B7-AF81-5F2D94D7C640}
O42 - Logiciel: CurtiVendi versão 2.1 - (...) [HKLM][64Bits] -- CurtiVendi_is1
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite =>.DT Soft Ltd
O42 - Logiciel: DAEMON Tools Lite Packages - (...) [HKCU][64Bits] -- DAEMON Tools Lite Packages =>.DT Soft Ltd
O42 - Logiciel: Dota 2 - (.Valve.) [HKLM][64Bits] -- Steam App 570
O42 - Logiciel: F1 Race Stars - (...) [HKLM][64Bits] -- F1 Race Stars_is1
O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM][64Bits] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7}
O42 - Logiciel: FarCry 3 version 5.1 - (.Black_Box.) [HKLM][64Bits] -- {B810D852-DFD6-FC3-89A5-CC4D47756DAF}_is1
O42 - Logiciel: FrostWire 5.6.9 - (.FrostWire LLC.) [HKLM][64Bits] -- FrostWire 5
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM][64Bits] -- {C60F3836-333A-4AE2-B526-CFDBA143A9BA}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP Deskjet 1000 J110 series Ajuda - (.Hewlett Packard.) [HKLM][64Bits] -- {DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}
O42 - Logiciel: I - Cinema - (.DiscountFrenzy.) [HKLM][64Bits] -- I - Cinema
O42 - Logiciel: ImgBurn - (.LIGHTNING UK!.) [HKLM][64Bits] -- ImgBurn
O42 - Logiciel: K-Lite Codec Pack 9.4.0 (64-bit) - (...) [HKLM][64Bits] -- KLiteCodecPack64_is1
O42 - Logiciel: LS-USBMX 1/2/3 Steering Wheel W/Vibration - (...) [HKLM][64Bits] -- {1B4C917D-B54A-44E5-B3E9-60D921926AD2}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes Anti-Malware versão 2.0.4.1028 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {F2508213-9989-4E85-A078-72BE483917EF}
O42 - Logiciel: NJax - (.NINJASOFT LLC.) [HKLM][64Bits] -- NJax
O42 - Logiciel: NVIDIA 3D Vision Controller Driver 306.97 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB
O42 - Logiciel: NVIDIA 3D Vision Driver 311.06 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision
O42 - Logiciel: NVIDIA Graphics Driver 311.06 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: NVIDIA HD Audio Driver 1.3.18.0 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}
O42 - Logiciel: NVIDIA PhysX System Software 9.12.0604 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX
O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIAStereo
O42 - Logiciel: NVIDIA Update 1.11.3 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
O42 - Logiciel: Need For Speed™ World - (.Electronic Arts.) [HKLM][64Bits] -- {7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1
O42 - Logiciel: Need for Speed™ ProStreet - (.Electronic Arts.) [HKLM][64Bits] -- {343737F4-C04D-49F4-BE58-C7EAA8EBA57A}
O42 - Logiciel: OpenAL - (...) [HKLM][64Bits] -- OpenAL
O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM][64Bits] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}
O42 - Logiciel: Paint.NET v3.5.10 - (.dotPDN LLC.) [HKLM][64Bits] -- {529125EF-E3AC-4B74-97E6-F688A7C0F1C0}
O42 - Logiciel: PennyBee - (.PennyBee.) [HKLM][64Bits] -- PennyBee =>PUP.PaybyAds
O42 - Logiciel: PhotoScape - (...) [HKLM][64Bits] -- PhotoScape
O42 - Logiciel: Ralink RT2870 Wireless LAN Card - (.Ralink.) [HKLM][64Bits] -- {28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}
O42 - Logiciel: Rapture3D 2.5.1 Game - (.Blue Ripple Sound.) [HKLM][64Bits] -- {D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1
O42 - Logiciel: RollerCoaster Tycoon 3 Platinum - (.Atari.) [HKLM][64Bits] -- {907B4640-266B-4A21-92FB-CD1A86CD0F63}
O42 - Logiciel: Search Vortex - (.Search Vortex.) [HKLM][64Bits] -- Search Vortex
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701}
O42 - Logiciel: Skype™ 6.16 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}
O42 - Logiciel: Software básico do dispositivo HP Deskjet 1000 J110 series - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {5CD4705D-8EED-4C6B-9B52-6A1FFC39332B}
O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- Steam
O42 - Logiciel: Suporte para Aplicativos Apple - (.Apple Inc..) [HKLM][64Bits] -- {D9DAD0FF-495A-472B-9F10-BAE430A26682}
O42 - Logiciel: UltraISO Premium V9.52 - (...) [HKLM][64Bits] -- UltraISO_is1
O42 - Logiciel: Warframe - (.Digital Extremes.) [HKLM][64Bits] -- Steam App 230410
O42 - Logiciel: WinRAR 5.00 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Windows Media Player 10 (portugues) Packages - (...) [HKCU][64Bits] -- Windows Media Player 10 (portugues) Packages =>.Microsoft Corporation
O42 - Logiciel: aTube Catcher - (.DsNET Corp.) [HKLM][64Bits] -- aTube Catcher
O42 - Logiciel: avast! Free Antivirus v9.0.2021 - (.AVAST Software.) [HKLM][64Bits] -- avast
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {5A68A656-979F-4168-8795-E2E368AA4DC2}
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
O42 - Logiciel: webssearches uninstall - (.webssearches.) [HKLM][64Bits] -- webssearches uninstall =>Hijacker.WebsSearches
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>P2P.BitTorrent
~ Logic: 60 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adobe]
[HKCU\Software\Alarm]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\I - Cinema]
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Avast Software]
[HKCU\Software\Baidu Security]
[HKCU\Software\Baidu]
[HKCU\Software\Baixaki]
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\BlueRippleSound]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DSS]
[HKCU\Software\Digital Extremes]
[HKCU\Software\Disc Soft]
[HKCU\Software\EasyBoot Systems]
[HKCU\Software\Electron]
[HKCU\Software\Electronic Arts]
[HKCU\Software\ElswordINT]
[HKCU\Software\FLT]
[HKCU\Software\Facebook]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\HP]
[HKCU\Software\Haali]
[HKCU\Software\I - Cinema-nv]
[HKCU\Software\IM Providers]
[HKCU\Software\INCAInternet]
[HKCU\Software\Icaros]
[HKCU\Software\ImgBurn]
[HKCU\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKCU\Software\Intel\Indeo\4.1]
[HKCU\Software\InterTrust]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\LeaderTech]
[HKCU\Software\Licenses]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MCAFEE]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\MainConcept]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Minnetonka Audio Software]
[HKCU\Software\Mooii]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\Northcode Inc]
[HKCU\Software\Opera Software]
[HKCU\Software\PACE Anti-Piracy]
[HKCU\Software\PDFCreator]
[HKCU\Software\Paint.NET]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\Search Vortex]
[HKCU\Software\SecuROM]
[HKCU\Software\SkypeRS]
[HKCU\Software\Skype]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VCW]
[HKCU\Software\Valve]
[HKCU\Software\VicMan Software]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\Yahoo]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\globalUpdate]
[HKCU\Software\kde.org]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\ASUS]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\BRApps]
[HKLM\Software\Baidu Security]
[HKLM\Software\CBSTEST]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\EnigmaSoftwareGroup]
[HKLM\Software\Etron]
[HKLM\Software\GEAR Software]
[HKLM\Software\GNU]
[HKLM\Software\HP]
[HKLM\Software\HaaliMkx]
[HKLM\Software\I - Cinema-nv]
[HKLM\Software\IM Providers]
[HKLM\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKLM\Software\Intel]
[HKLM\Software\KLCodecPack64]
[HKLM\Software\Khronos]
[HKLM\Software\LAV64]
[HKLM\Software\Logitech]
[HKLM\Software\Macromedia]
[HKLM\Software\Minnetonka Audio Software]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\NJax]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\Paint.NET]
[HKLM\Software\Policies]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Sonic]
[HKLM\Software\TuneUp]
[HKLM\Software\WinRAR]
[HKLM\Software\Wow6432Node\3edc6f71-26af-459f-ae67-34584ad8b8cc]
[HKLM\Software\Wow6432Node\AGEIA Technologies]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AppDataLow]
[HKLM\Software\Wow6432Node\Apple Computer, Inc.]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\Atari]
[HKLM\Software\Wow6432Node\Baidu Security]
[HKLM\Software\Wow6432Node\Baidu]
[HKLM\Software\Wow6432Node\Baidu_Drp_pos]
[HKLM\Software\Wow6432Node\BlueRippleSound]
[HKLM\Software\Wow6432Node\Bunndle]
[HKLM\Software\Wow6432Node\Clara]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Client]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Codemasters]
[HKLM\Software\Wow6432Node\Disc Soft]
[HKLM\Software\Wow6432Node\DroidCam]
[HKLM\Software\Wow6432Node\EA Sports]
[HKLM\Software\Wow6432Node\EasyBoot Systems]
[HKLM\Software\Wow6432Node\Electronic Arts]
[HKLM\Software\Wow6432Node\Even Balance]
[HKLM\Software\Wow6432Node\GlobalUpdate]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\I - Cinema-nv]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\LiveUpdate360]
[HKLM\Software\Wow6432Node\MP3 Rocket]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\MaxPower]
[HKLM\Software\Wow6432Node\McAfee.com]
[HKLM\Software\Wow6432Node\Mooii]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\NVIDIA Corporation]
[HKLM\Software\Wow6432Node\NewSoft]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\PDFCreator]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Ralink]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\RichFX]
[HKLM\Software\Wow6432Node\Search Vortex]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\Square Enix]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\Techland]
[HKLM\Software\Wow6432Node\TrendMicro]
[HKLM\Software\Wow6432Node\TuneUp]
[HKLM\Software\Wow6432Node\Ubisoft]
[HKLM\Software\Wow6432Node\Valve]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\Wise Solutions]
[HKLM\Software\Wow6432Node\Yahoo]
[HKLM\Software\Wow6432Node\alcorcamid]
[HKLM\Software\Wow6432Node\cdf553a0-77ef-45a2-9ed0-b5b860378b71]
[HKLM\Software\Wow6432Node\mcafeeupdater]
[HKLM\Software\Wow6432Node\supWindowsMangerProtect] =>PUP.Fuyu
[HKLM\Software\Wow6432Node\webssearchesSoftware] =>Hijacker.WebsSearches
[HKLM\Software\Wow6432Node]
[HKLM\Software\alcorcamid]
[HKLM\Software\mcafeeupdater]
~ Key Software: 335 Scanned in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 11/12/2014 - 19:35:22 - [] ----D C:\Program Files (x86)\1a90f237-d973-4f4a-9de2-fb99e8694f52
O43 - CFD: 25/05/2013 - 12:40:41 - [] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 11/12/2014 - 19:35:22 - [] ----D C:\Program Files (x86)\Adobe Story
O43 - CFD: 09/06/2014 - 21:07:38 - [] ----D C:\Program Files (x86)\Apple Software Update =>.Apple Inc
O43 - CFD: 25/12/2013 - 22:06:53 - [] ----D C:\Program Files (x86)\Atari
O43 - CFD: 01/11/2012 - 19:08:05 - [] ----D C:\Program Files (x86)\AvancePaint
O43 - CFD: 11/12/2014 - 19:33:06 - [] ----D C:\Program Files (x86)\Baidu Security
O43 - CFD: 03/07/2014 - 04:23:15 - [] ----D C:\Program Files (x86)\Bonjour
O43 - CFD: 11/12/2014 - 19:34:51 - [] ----D C:\Program Files (x86)\BRApps
O43 - CFD: 20/02/2013 - 20:17:50 - [] ----D C:\Program Files (x86)\BRS
O43 - CFD: 06/10/2013 - 20:48:19 - [] ----D C:\Program Files (x86)\Buscapé na Hora
O43 - CFD: 21/02/2013 - 21:38:44 - [] ----D C:\Program Files (x86)\Cisco
O43 - CFD: 11/12/2014 - 19:34:42 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 23/08/2013 - 21:06:40 - [] ----D C:\Program Files (x86)\Costar Electronics Inc
O43 - CFD: 25/12/2013 - 21:44:41 - [] ----D C:\Program Files (x86)\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 30/10/2014 - 02:05:38 - [] ----D C:\Program Files (x86)\DroidCam
O43 - CFD: 03/02/2013 - 14:24:28 - [] ----D C:\Program Files (x86)\DsNET Corp
O43 - CFD: 01/12/2014 - 03:31:46 - [] ----D C:\Program Files (x86)\Electronic Arts
O43 - CFD: 20/02/2013 - 20:14:04 - [] ----D C:\Program Files (x86)\F1 Race Stars
O43 - CFD: 29/05/2013 - 00:47:48 - [] ----D C:\Program Files (x86)\FarCry 3
O43 - CFD: 23/01/2014 - 22:17:16 - [] ----D C:\Program Files (x86)\FrostWire 5
O43 - CFD: 11/12/2014 - 19:35:04 - [] ----D C:\Program Files (x86)\globalUpdate
O43 - CFD: 28/10/2014 - 23:24:27 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 19/05/2013 - 23:55:10 - [] ----D C:\Program Files (x86)\HP
O43 - CFD: 11/12/2014 - 19:35:56 - [] ----D C:\Program Files (x86)\I - Cinema
O43 - CFD: 17/02/2014 - 22:43:55 - [] ----D C:\Program Files (x86)\ImgBurn
O43 - CFD: 27/05/2014 - 23:25:23 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 11/12/2014 - 02:44:27 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 03/07/2014 - 04:24:18 - [] ----D C:\Program Files (x86)\iTunes
O43 - CFD: 06/12/2014 - 23:56:38 - [] ----D C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 14/05/2014 - 15:27:34 - [] ----D C:\Program Files (x86)\McAfee Security Scan
O43 - CFD: 01/11/2012 - 18:09:09 - [] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 15/09/2013 - 02:07:04 - [] ----D C:\Program Files (x86)\Microsoft Application Virtualization Client
O43 - CFD: 28/01/2014 - 00:33:01 - [] ----D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
O43 - CFD: 04/02/2013 - 19:33:19 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 01/11/2012 - 18:09:33 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 01/11/2012 - 09:48:03 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 25/01/2013 - 18:58:04 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 14/07/2009 - 03:32:38 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 25/04/2013 - 00:55:42 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 11/12/2014 - 19:34:51 - [] ----D C:\Program Files (x86)\NJax
O43 - CFD: 13/04/2013 - 02:03:52 - [] ----D C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 28/01/2014 - 00:33:44 - [] ----D C:\Program Files (x86)\OpenAL
O43 - CFD: 10/07/2014 - 03:40:56 - [] ----D C:\Program Files (x86)\Opera
O43 - CFD: 29/08/2013 - 01:40:35 - [] ----D C:\Program Files (x86)\Origin
O43 - CFD: 25/08/2013 - 16:55:01 - [] ----D C:\Program Files (x86)\Panda Security
O43 - CFD: 25/08/2013 - 16:55:01 - [] ----D C:\Program Files (x86)\Panda USB Vaccine
O43 - CFD: 06/11/2014 - 18:55:38 - [] ----D C:\Program Files (x86)\PC Tools Registry Mechanic
O43 - CFD: 04/06/2014 - 04:47:33 - [] ----D C:\Program Files (x86)\PDFCreator
O43 - CFD: 11/12/2014 - 19:32:40 - [] ----D C:\Program Files (x86)\PennyBee =>PUP.PaybyAds
O43 - CFD: 28/10/2014 - 23:23:53 - [] ----D C:\Program Files (x86)\PhotoScape
O43 - CFD: 06/10/2013 - 20:45:39 - [] ----D C:\Program Files (x86)\PSafe
O43 - CFD: 25/02/2014 - 20:30:34 - [0] ----D C:\Program Files (x86)\R.G. Catalyst
O43 - CFD: 21/02/2013 - 21:38:21 - [] ----D C:\Program Files (x86)\Ralink
O43 - CFD: 14/07/2009 - 03:32:38 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 04/12/2012 - 15:22:01 - [] ----D C:\Program Files (x86)\Rhapsody
O43 - CFD: 11/12/2014 - 19:34:27 - [] ----D C:\Program Files (x86)\Search Vortex
O43 - CFD: 02/09/2014 - 13:54:56 - [] R---D C:\Program Files (x86)\Skype
O43 - CFD: 20/02/2013 - 21:39:24 - [] ----D C:\Program Files (x86)\Square Enix
O43 - CFD: 12/12/2014 - 12:19:07 - [] ----D C:\Program Files (x86)\Steam
O43 - CFD: 20/02/2013 - 20:09:01 - [] ----D C:\Program Files (x86)\UltraISO
O43 - CFD: 14/07/2009 - 02:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 27/05/2014 - 23:25:23 - [] ----D C:\Program Files (x86)\VID_0C12&PID_0005
O43 - CFD: 13/07/2013 - 13:13:33 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 18/08/2013 - 19:38:09 - [] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 01/11/2012 - 18:08:54 - [] ----D C:\Program Files (x86)\Windows Live SkyDrive
O43 - CFD: 01/11/2012 - 12:27:05 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 13/12/2013 - 21:54:59 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 03:32:38 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 01/11/2012 - 12:27:05 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 21/11/2010 - 01:31:38 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 01/11/2012 - 12:27:05 - [] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 06/11/2014 - 01:10:46 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 11/02/2014 - 15:14:25 - [] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 01/11/2012 - 18:22:11 - [] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 03/07/2014 - 04:24:05 - [] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 11/12/2014 - 19:34:42 - [] ----D C:\Program Files (x86)\Common Files\ClaraUpdater
O43 - CFD: 15/05/2014 - 02:03:43 - [] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 20/02/2013 - 20:09:01 - [] ----D C:\Program Files (x86)\Common Files\EZB Systems
O43 - CFD: 25/12/2013 - 22:06:37 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 01/11/2012 - 11:39:02 - [] ----D C:\Program Files (x86)\Common Files\logishrd
O43 - CFD: 28/01/2014 - 00:33:30 - [] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 25/08/2013 - 00:18:50 - [] ----D C:\Program Files (x86)\Common Files\Panda Security
O43 - CFD: 06/11/2014 - 18:53:18 - [] ----D C:\Program Files (x86)\Common Files\PC Tools
O43 - CFD: 14/07/2009 - 01:20:08 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 02/08/2014 - 12:33:03 - [] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 14/07/2009 - 01:20:08 - [] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 05/12/2014 - 17:29:25 - [] ----D C:\Program Files (x86)\Common Files\Steam
O43 - CFD: 24/08/2013 - 18:26:56 - [0] ----D C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 01/11/2012 - 12:27:05 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 01/11/2012 - 17:57:34 - [] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 22/01/2014 - 21:49:10 - [] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard
O43 - CFD: 03/07/2014 - 04:24:18 - [] ----D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
O43 - CFD: 02/11/2012 - 04:02:39 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 03/07/2014 - 04:22:58 - [] ----D C:\ProgramData\Apple
O43 - CFD: 03/07/2014 - 04:24:05 - [] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 03:08:56 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 03/11/2013 - 21:19:37 - [] ----D C:\ProgramData\AVAST Software
O43 - CFD: 11/12/2014 - 19:33:46 - [] ----D C:\ProgramData\Baidu
O43 - CFD: 11/12/2014 - 20:41:16 - [] ----D C:\ProgramData\Baidu Security
O43 - CFD: 28/01/2014 - 00:34:10 - [] ----D C:\ProgramData\Codemasters
O43 - CFD: 17/02/2014 - 22:45:04 - [] --H-D C:\ProgramData\Common Files
O43 - CFD: 21/04/2013 - 18:35:06 - [] ----D C:\ProgramData\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 14/07/2009 - 03:08:56 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 03:08:56 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 28/01/2014 - 00:34:11 - [] -SH-D C:\ProgramData\DSS
O43 - CFD: 11/05/2014 - 18:24:44 - [] ----D C:\ProgramData\Electronic Arts
O43 - CFD: 14/07/2009 - 03:08:56 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 06/04/2013 - 16:41:47 - [] ----D C:\ProgramData\Google
O43 - CFD: 20/05/2013 - 00:01:50 - [] ----D C:\ProgramData\HP
O43 - CFD: 03/09/2014 - 14:41:22 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 12/12/2013 - 23:11:38 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 11/12/2014 - 02:44:28 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 06/10/2013 - 21:06:17 - [] ----D C:\ProgramData\Norton
O43 - CFD: 06/04/2013 - 17:10:33 - [] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 12/12/2014 - 12:16:12 - [] ----D C:\ProgramData\NVIDIA
O43 - CFD: 30/10/2012 - 20:37:31 - [] ----D C:\ProgramData\NVIDIA Corporation
O43 - CFD: 29/05/2013 - 00:47:58 - [] ----D C:\ProgramData\Orbit
O43 - CFD: 29/08/2013 - 01:40:34 - [] ----D C:\ProgramData\Origin
O43 - CFD: 01/11/2012 - 18:41:52 - [] ----D C:\ProgramData\PACE Anti-Piracy
O43 - CFD: 25/08/2013 - 16:01:53 - [] ----D C:\ProgramData\Panda Security
O43 - CFD: 06/10/2013 - 20:45:18 - [] ----D C:\ProgramData\PSafe
O43 - CFD: 29/09/2013 - 15:45:02 - [] ----D C:\ProgramData\Ralink
O43 - CFD: 21/02/2013 - 21:38:46 - [] ----D C:\ProgramData\Ralink Driver
O43 - CFD: 01/11/2012 - 18:41:48 - [] ----D C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 31/08/2014 - 00:04:28 - [] ----D C:\ProgramData\Skype
O43 - CFD: 14/07/2009 - 03:08:56 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 06/04/2013 - 17:10:41 - [] ----D C:\ProgramData\Symantec
O43 - CFD: 06/11/2014 - 19:03:14 - [0] ---AD C:\ProgramData\TEMP
O43 - CFD: 14/07/2009 - 03:08:56 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 18/02/2014 - 01:54:00 - [] ----D C:\ProgramData\TuneUp Software
O43 - CFD: 19/02/2013 - 19:42:48 - [] ----D C:\ProgramData\VirtualizedApplications
O43 - CFD: 11/12/2014 - 19:32:56 - [] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu
O43 - CFD: 03/07/2014 - 04:03:15 - [] ----D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
O43 - CFD: 21/04/2013 - 16:59:46 - [0] -SH-D C:\Users\Iara Coelho\AppData\Roaming\.#
O43 - CFD: 12/02/2014 - 01:07:59 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\Adobe
O43 - CFD: 03/07/2014 - 04:24:48 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\Apple Computer
O43 - CFD: 25/12/2013 - 22:18:04 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\Atari
O43 - CFD: 06/11/2013 - 18:29:18 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\AVAST Software
O43 - CFD: 11/12/2014 - 20:41:15 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\Baidu
O43 - CFD: 12/06/2014 - 19:57:31 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 30/10/2012 - 20:12:09 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\Identities
O43 - CFD: 17/02/2014 - 22:47:18 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\ImgBurn
O43 - CFD: 21/02/2013 - 21:37:26 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\InstallShield
O43 - CFD: 25/05/2013 - 12:40:41 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\InterTrust
O43 - CFD: 25/05/2013 - 12:35:24 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\Leadertech
O43 - CFD: 01/11/2012 - 10:52:06 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\Macromedia
O43 - CFD: 03/09/2014 - 14:41:36 - [0] ----D C:\Users\Iara Coelho\AppData\Roaming\Malwarebytes
O43 - CFD: 21/11/2010 - 05:16:46 - [0] ----D C:\Users\Iara Coelho\AppData\Roaming\Media Center Programs
O43 - CFD: 29/10/2014 - 17:56:10 - [] -S--D C:\Users\Iara Coelho\AppData\Roaming\Microsoft
O43 - CFD: 11/05/2014 - 18:56:37 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\Need for Speed World
O43 - CFD: 20/02/2013 - 20:02:28 - [0] ----D C:\Users\Iara Coelho\AppData\Roaming\Nico Mak Computing
O43 - CFD: 01/11/2012 - 18:41:53 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\NVIDIA
O43 - CFD: 10/07/2014 - 03:40:53 - [0] ----D C:\Users\Iara Coelho\AppData\Roaming\Opera Software
O43 - CFD: 09/06/2013 - 00:23:16 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\Origin
O43 - CFD: 01/11/2012 - 18:41:52 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\PACE Anti-Piracy
O43 - CFD: 25/08/2013 - 00:40:52 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\Panda Security
O43 - CFD: 01/03/2013 - 21:08:51 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\PCF
O43 - CFD: 29/10/2014 - 02:00:14 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\PhotoScape
O43 - CFD: 25/08/2013 - 16:55:04 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\PSafe
O43 - CFD: 04/12/2012 - 15:13:04 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\Real
O43 - CFD: 03/03/2013 - 20:41:57 - [] R-H-D C:\Users\Iara Coelho\AppData\Roaming\SecuROM
O43 - CFD: 12/12/2014 - 12:18:00 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\Skype
O43 - CFD: 30/10/2014 - 04:50:26 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\SoftGrid Client
O43 - CFD: 01/11/2012 - 18:43:00 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
O43 - CFD: 04/02/2013 - 19:36:56 - [0] ----D C:\Users\Iara Coelho\AppData\Roaming\TP
O43 - CFD: 17/02/2014 - 22:46:27 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\TuneUp Software
O43 - CFD: 12/12/2014 - 12:19:39 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\uTorrent =>P2P.µTorrent
O43 - CFD: 11/12/2014 - 19:32:45 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\webssearches =>Hijacker.WebsSearches
O43 - CFD: 14/05/2014 - 17:32:09 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\Windows
O43 - CFD: 01/11/2012 - 18:12:56 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\WinRAR
O43 - CFD: 12/12/2014 - 12:21:12 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 12/12/2014 - 02:00:05 - [] ----D C:\Users\Iara Coelho\AppData\Local\Adobe
O43 - CFD: 15/12/2012 - 01:40:12 - [] ----D C:\Users\Iara Coelho\AppData\Local\Apple
O43 - CFD: 10/07/2014 - 03:13:17 - [] ----D C:\Users\Iara Coelho\AppData\Local\Apple Computer
O43 - CFD: 30/10/2012 - 20:11:58 - [] -SH-D C:\Users\Iara Coelho\AppData\Local\Application Data
O43 - CFD: 01/11/2012 - 11:04:10 - [] ----D C:\Users\Iara Coelho\AppData\Local\Apps
O43 - CFD: 11/12/2014 - 19:34:47 - [] ----D C:\Users\Iara Coelho\AppData\Local\BoBrowser =>PUP.BoBrowser
O43 - CFD: 22/02/2013 - 00:14:29 - [] ----D C:\Users\Iara Coelho\AppData\Local\CAM3820
O43 - CFD: 01/11/2012 - 11:04:28 - [0] ----D C:\Users\Iara Coelho\AppData\Local\Deployment
O43 - CFD: 16/03/2014 - 21:31:37 - [0] ----D C:\Users\Iara Coelho\AppData\Local\Diagnostics
O43 - CFD: 02/12/2014 - 13:23:51 - [] ----D C:\Users\Iara Coelho\AppData\Local\Electronic_Arts_Inc
O43 - CFD: 08/12/2014 - 18:07:04 - [0] ----D C:\Users\Iara Coelho\AppData\Local\ElevatedDiagnostics
O43 - CFD: 14/05/2014 - 16:42:01 - [] -SH-D C:\Users\Iara Coelho\AppData\Local\EmieSiteList
O43 - CFD: 14/05/2014 - 16:42:01 - [] -SH-D C:\Users\Iara Coelho\AppData\Local\EmieUserList
O43 - CFD: 02/11/2012 - 19:35:00 - [] ----D C:\Users\Iara Coelho\AppData\Local\Facebook
O43 - CFD: 20/02/2013 - 20:18:17 - [] ----D C:\Users\Iara Coelho\AppData\Local\FLT
O43 - CFD: 11/12/2014 - 19:35:04 - [] ----D C:\Users\Iara Coelho\AppData\Local\globalUpdate
O43 - CFD: 28/10/2014 - 23:24:29 - [] ----D C:\Users\Iara Coelho\AppData\Local\Google
O43 - CFD: 30/10/2012 - 20:11:58 - [] -SH-D C:\Users\Iara Coelho\AppData\Local\History
O43 - CFD: 19/05/2013 - 23:55:01 - [] ----D C:\Users\Iara Coelho\AppData\Local\HP
O43 - CFD: 03/11/2014 - 16:13:29 - [] ----D C:\Users\Iara Coelho\AppData\Local\Microsoft
O43 - CFD: 01/01/2002 - 01:28:31 - [] ----D C:\Users\Iara Coelho\AppData\Local\Microsoft Games
O43 - CFD: 23/08/2013 - 21:10:13 - [] ----D C:\Users\Iara Coelho\AppData\Local\NewSoft
O43 - CFD: 10/07/2014 - 03:40:53 - [0] ----D C:\Users\Iara Coelho\AppData\Local\Opera Software
O43 - CFD: 01/11/2012 - 18:41:52 - [0] ----D C:\Users\Iara Coelho\AppData\Local\PACE Anti-Piracy
O43 - CFD: 17/03/2014 - 18:33:25 - [] ----D C:\Users\Iara Coelho\AppData\Local\Paint.NET
O43 - CFD: 25/08/2013 - 00:52:26 - [] ----D C:\Users\Iara Coelho\AppData\Local\Panda Security
O43 - CFD: 30/10/2012 - 21:52:22 - [] ----D C:\Users\Iara Coelho\AppData\Local\Programs
O43 - CFD: 25/09/2013 - 00:56:37 - [] ----D C:\Users\Iara Coelho\AppData\Local\PSafe
O43 - CFD: 29/05/2013 - 00:48:28 - [] ----D C:\Users\Iara Coelho\AppData\Local\PunkBuster
O43 - CFD: 27/02/2014 - 15:49:17 - [] ----D C:\Users\Iara Coelho\AppData\Local\Skype
O43 - CFD: 04/02/2013 - 19:52:29 - [] ----D C:\Users\Iara Coelho\AppData\Local\SoftGrid Client
O43 - CFD: 12/12/2014 - 12:21:14 - [] ----D C:\Users\Iara Coelho\AppData\Local\Temp
O43 - CFD: 30/10/2012 - 20:11:58 - [] -SH-D C:\Users\Iara Coelho\AppData\Local\Temporary Internet Files
O43 - CFD: 25/02/2014 - 20:34:29 - [] ----D C:\Users\Iara Coelho\AppData\Local\VirtualStore
O43 - CFD: 11/12/2014 - 16:41:35 - [] ----D C:\Users\Iara Coelho\AppData\Local\Warframe
O43 - CFD: 14/07/2009 - 02:54:32 - [] R---D C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 03/09/2014 - 15:15:46 - [] R---D C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 24/12/2013 - 11:30:32 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 5
O43 - CFD: 25/05/2013 - 13:06:03 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 14/07/2009 - 02:49:38 - [] R---D C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 03/09/2014 - 15:15:46 - [] R---D C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 11/12/2014 - 00:50:08 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
O43 - CFD: 01/12/2013 - 18:33:50 - [] ----D C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Program Folder: 215 Scanned in 00mn 02s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.8E64BB62AB3810D3C29ED50C405AD3BD] - 01/12/2014 - 20:28:44 ---A- . (.Microsoft Corporation - Application Impact Telemetry Static Analyze.) -- C:\Windows\System32\aitstatic.exe [1232040]
O44 - LFC:[MD5.D257AF48934D2167BE15AA4008176381] - 03/12/2014 - 23:44:48 ---A- . (.Microsoft Corporation - Application Experience Program Inventory Co.) -- C:\Windows\System32\aeinv.dll [1083392]
O44 - LFC:[MD5.F0356290BA3940F31AFF5566501495F7] - 03/12/2014 - 23:50:37 ---A- . (.Microsoft Corporation - Application Experience Program Cache.) -- C:\Windows\System32\aepic.dll [192000]
O44 - LFC:[MD5.5CD6E919CE938A98AB25A2EA2C8C4EDA] - 03/12/2014 - 23:50:37 ---A- . (.Microsoft Corporation - Atualizador de Dados de Compatibilidade ent.) -- C:\Windows\System32\aepdu.dll [227328]
O44 - LFC:[MD5.985558125FEEC89AB4AD142158B066D7] - 03/12/2014 - 23:50:38 ---A- . (.Microsoft Corporation - Compatibility Appraiser.) -- C:\Windows\System32\appraiser.dll [830976]
O44 - LFC:[MD5.4253086737D81D7C9C160FDE6C037F44] - 03/12/2014 - 23:50:40 ---A- . (.Microsoft Corporation - Device Inventory Library.) -- C:\Windows\System32\devinv.dll [396800]
O44 - LFC:[MD5.E00981CF227CEEBE7B5A8D99C76D1116] - 03/12/2014 - 23:50:45 ---A- . (.Microsoft Corporation - Program Compatibility Data Updater.) -- C:\Windows\System32\invagent.dll [741376]
O44 - LFC:[MD5.DAF13A81A5FC895D68B1D9A72F65F4CB] - 03/12/2014 - 23:50:55 ---A- . (.Microsoft Corporation - General Telemetry.) -- C:\Windows\System32\generaltel.dll [413184]
O44 - LFC:[MD5.D28D221C3E96ACE38D951365ABFB0358] - 08/12/2014 - 20:09:44 ---A- . (.Windows (R) Win 7 DDK provider - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\brfilterdrv.sys [51520]
O44 - LFC:[MD5.A026998E927FD2095505154CBD72F35B] - 10/12/2014 - 15:34:29 ---A- . (.Microsoft Corporation - DLL do recurso Fusos Horários.) -- C:\Windows\System32\tzres.dll [2048]
O44 - LFC:[MD5.9B44CABE3536D0E3BF627176318AAFC9] - 10/12/2014 - 15:34:36 ---A- . (.Microsoft Corporation - WSMAN Automation.) -- C:\Windows\System32\WsmAuto.dll [181248]
O44 - LFC:[MD5.41457C1909F6D1100C0F9B9CFF7960FC] - 10/12/2014 - 15:34:36 ---A- . (.Microsoft Corporation - WSMan HTTP Configuration File.) -- C:\Windows\System32\WSManHTTPConfig.exe [266240]
O44 - LFC:[MD5.FDEB5EE2E4DB9DE9251DDAF6A5BCA070] - 10/12/2014 - 15:34:36 ---A- . (.Microsoft Corporation - WinRM Migration Plugin.) -- C:\Windows\System32\WSManMigrationPlugin.dll [346624]
O44 - LFC:[MD5.5C642B7B0365305451D579F3EFAD57D4] - 10/12/2014 - 15:34:37 ---A- . (.Microsoft Corporation - WSMAN WMI Provider.) -- C:\Windows\System32\WsmWmiPl.dll [310272]
O44 - LFC:[MD5.D929ABD465A2DED963DA8B30946A8D5C] - 10/12/2014 - 15:34:38 ---A- . (.Microsoft Corporation - Serviço WSMan.) -- C:\Windows\System32\WsmSvc.dll [2020352]
O44 - LFC:[MD5.36E5E9D0400475230A7F57F274B88321] - 10/12/2014 - 15:34:40 ---A- . (.Microsoft Corporation - Mapa de caracteres.) -- C:\Windows\System32\charmap.exe [165888]
O44 - LFC:[MD5.89296EF4A3729A049DA25B7D67A04078] - 10/12/2014 - 15:36:38 ---A- . (.Microsoft Corporation - Classificação da Internet e DLL de gerencia.) -- C:\Windows\System32\msrating.dll [199680]
O44 - LFC:[MD5.D478A4CF07FB8ADF72FB16B88E8030B8] - 10/12/2014 - 15:36:38 ---A- . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll [25059840]
O44 - LFC:[MD5.17A157A4225CF562202AC71DB8103177] - 10/12/2014 - 15:36:39 ---A- . (.Microsoft Corporation - DAC for Trident DOM.) -- C:\Windows\System32\MshtmlDac.dll [88064]
O44 - LFC:[MD5.4AF089160FE082E5EA5C4AA72782DCA2] - 10/12/2014 - 15:36:39 ---A- . (.Microsoft Corporation - Internet Extensions para Win32.) -- C:\Windows\System32\wininet.dll [2358272]
O44 - LFC:[MD5.1D294810D3A8A8F722E86AA001F54DCC] - 10/12/2014 - 15:36:39 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [580096]
O44 - LFC:[MD5.8EF01E2EF21D41A23FF70B28179F9ABE] - 10/12/2014 - 15:36:40 ---A- . (.Microsoft Corporation - Mecanismo da Interface do Usuário do Intern.) -- C:\Windows\System32\ieui.dll [633856]
O44 - LFC:[MD5.7AC115968B8856004920057B2271224C] - 10/12/2014 - 15:36:40 ---A- . (.Microsoft Corporation - Microsoft (R) HTML Media DLL.) -- C:\Windows\System32\mshtmlmedia.dll [1359360]
O44 - LFC:[MD5.021DFF3CB0ADCD19B3AAA00A650FDEE2] - 10/12/2014 - 15:36:40 ---A- . (.Microsoft Corporation - Microsoft ® JScript Diagnostics.) -- C:\Windows\System32\jscript9diag.dll [814080]
O44 - LFC:[MD5.8D64466AD12CA5677CD0099C43C58569] - 10/12/2014 - 15:36:40 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript9.dll [6039552]
O44 - LFC:[MD5.DB10D681314714E0D4623E4C0CF6654A] - 10/12/2014 - 15:36:40 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [92160]
O44 - LFC:[MD5.556D271F4243B273EDA353512BF3608A] - 10/12/2014 - 15:36:40 ---A- . (.Microsoft Corporation - Navegador da Internet.) -- C:\Windows\System32\ieframe.dll [14412800]
O44 - LFC:[MD5.DFECAE6D925FBC9078870E16F98C471F] - 10/12/2014 - 15:36:41 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [54784]
O44 - LFC:[MD5.5F24313333AB409251152CAFADA40015] - 10/12/2014 - 15:36:41 ---A- . (.Microsoft Corporation - Utilitário de Instalação Autônoma do IE 7.0.) -- C:\Windows\System32\ieUnatt.exe [144384]
O44 - LFC:[MD5.3FE71E2A5BD3EC652E64FC8BCEFEDD2C] - 10/12/2014 - 15:36:42 ---A- . (.Microsoft Corporation - Painel de Controle da Internet.) -- C:\Windows\System32\inetcpl.cpl [2125312]
O44 - LFC:[MD5.982B871A25B5078093FAD82D0AB0E3FC] - 10/12/2014 - 15:36:42 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll [2885120]
O44 - LFC:[MD5.23AE7A3B44D5C550B81347288CE3230E] - 10/12/2014 - 15:36:43 ---A- . (.Microsoft Corporation - Mapa de versão IOD.) -- C:\Windows\System32\iesetup.dll [66560]
O44 - LFC:[MD5.14BA910E7731FC84EB85328BD0F1EE81] - 10/12/2014 - 15:36:43 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [800768]
O44 - LFC:[MD5.EFBA893429814EA3244C87C2D1256618] - 10/12/2014 - 15:36:43 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter.) -- C:\Windows\System32\ieapfltr.dll [800768]
O44 - LFC:[MD5.E7A2061ADF0F4D430FECDA1E8D6B7BA6] - 10/12/2014 - 15:36:44 ---A- . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll [1548288]
O44 - LFC:[MD5.B4E481E9498CE22113628C4E9EA24427] - 10/12/2014 - 15:36:44 ---A- . (.Microsoft Corporation - IE ETW Collector Service Resources.) -- C:\Windows\System32\ieetwcollectorres.dll [4096]
O44 - LFC:[MD5.5BF0BAA1E5EF724287565E97C9219254] - 10/12/2014 - 15:36:44 ---A- . (.Microsoft Corporation - Identidade visual IEAK.) -- C:\Windows\System32\iedkcs32.dll [389296]
O44 - LFC:[MD5.EBC8C9F61F4C148B8C6A28EDE80C51E4] - 10/12/2014 - 15:36:44 ---A- . (.Microsoft Corporation - Microsoft Spell Checking Facility.) -- C:\Windows\System32\MsSpellCheckingFacility.exe [968704]
O44 - LFC:[MD5.9F07E8FC75C5F98A783ABFD3005EFC22] - 10/12/2014 - 15:36:46 ---A- . (.Microsoft Corporation - JavaScript Performance Collection Agent.) -- C:\Windows\System32\JavaScriptCollectionAgent.dll [77824]
O44 - LFC:[MD5.D471F7A428C21DB04D810445D12D68E0] - 10/12/2014 - 15:36:47 ---A- . (.Microsoft Corporation - IE ETW Collector Proxy Stub Resources.) -- C:\Windows\System32\ieetwproxystub.dll [48640]
O44 - LFC:[MD5.0FABE2AB8CA2D5CC7C95798533B4D057] - 10/12/2014 - 15:36:47 ---A- . (.Microsoft Corporation - IE ETW Collector Service.) -- C:\Windows\System32\ieetwcollector.exe [114688]
O44 - LFC:[MD5.077AEB068A51B396F25BBCAB0944FC3A] - 10/12/2014 - 15:36:47 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2724864]
O44 - LFC:[MD5.F987718A5CA053DC23E94A531F1754A4] - 10/12/2014 - 15:36:47 ---A- . (.Microsoft Corporation - Processamento de RunOnce estendido com inte.) -- C:\Windows\System32\iernonce.dll [34304]
O44 - LFC:[MD5.39B512C643812FC2D4843C0D4206C759] - 10/12/2014 - 15:36:47 ---A- . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe [718848]
O44 - LFC:[MD5.70988118145F5F10EF24720B97F35F65] - 10/12/2014 - 15:36:56 ---A- . (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\Drivers\tdx.sys [119296]
O44 - LFC:[MD5.A9A0BFD706B3A24C403EEFEB0790D011] - 10/12/2014 - 15:37:00 ---A- . (.Microsoft Corporation - Microsoft Windows Codecs Library.) -- C:\Windows\System32\WindowsCodecs.dll [1424384]
O44 - LFC:[MD5.D63B8B7FFF2D5BB8F00D51972501086D] - 10/12/2014 - 15:37:03 ---A- . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll [1480192]
O44 - LFC:[MD5.19D511CC455C19DE1ADF60E6C39C85B6] - 10/12/2014 - 15:37:03 ---A- . (.Microsoft Corporation - Serviços de criptografia.) -- C:\Windows\System32\cryptsvc.dll [187904]
O44 - LFC:[MD5.6E1DDE0E72FB8268F42F6777CE4C5036] - 11/12/2014 - 00:02:55 ---A- . (.Microsoft Corporation - DLL do Media Foundation.) -- C:\Windows\System32\mf.dll [4121600]
O44 - LFC:[MD5.9797A23F773C0782A0D91BEC44054166] - 11/12/2014 - 00:02:55 ---A- . (.Microsoft Corporation - Media Foundation Proxy DLL.) -- C:\Windows\System32\mfps.dll [206848]
O44 - LFC:[MD5.63578DB847FCC40883CB8F303E785D46] - 11/12/2014 - 00:02:56 ---A- . (.Microsoft Corporation - DLL de Erro do Media Foundation.) -- C:\Windows\System32\mferror.dll [2048]
O44 - LFC:[MD5.AB2EB93A982A2C26BA3E4D2D65328804] - 11/12/2014 - 00:02:56 ---A- . (.Microsoft Corporation - EXE do Pipeline Protegido do Media Foundati.) -- C:\Windows\System32\mfpmp.exe [24576]
O44 - LFC:[MD5.68E09E7CD4DC52F132A4B492ACE8C243] - 11/12/2014 - 00:02:56 ---A- . (.Microsoft Corporation - Instalador do R&R.) -- C:\Windows\System32\rrinstaller.exe [55808]
O44 - LFC:[MD5.A6D61CD951FB0057933FD2D2D8CDBC0B] - 11/12/2014 - 00:04:01 ---A- . (.Microsoft Corporation - Ferramentas de Remoção de Software Mal-Inte.) -- C:\Windows\System32\MRT.exe [112710672]
O44 - LFC:[MD5.93423E51733AA9F3298DD77AD9420B78] - 11/12/2014 - 01:21:58 ---A- . (...) -- C:\Windows\DirectX.log [123775]
O44 - LFC:[MD5.5809FE2F8DE47561830918496575B45A] - 11/12/2014 - 18:32:30 ---A- . (.NetFilterSDK.com - NetFilter SDK TDI Hook Driver (WPP).) -- C:\Windows\System32\Drivers\mosfilterdrv.sys [60728]
O44 - LFC:[MD5.26C43960C99EE861A5D0EDC4DCF3B1C3] - 12/12/2014 - 02:59:35 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [129752]
O44 - LFC:[MD5.7905ED07BC93CFE7EFA178792137E317] - 12/12/2014 - 11:15:48 ---A- . (...) -- C:\Windows\PFRO.log [242120]
O44 - LFC:[MD5.32A41F1F91969C25FA35CD39E84FE66C] - 12/12/2014 - 11:16:09 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.AFCF75465A3CE5C6ED90DF84735669AF] - 12/12/2014 - 11:16:12 ---A- . (...) -- C:\Windows\setupact.log [15014]
O44 - LFC:[MD5.38E16945A473268A1B341D232EE9DAF4] - 12/12/2014 - 11:20:57 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1203173]
O44 - LFC:[MD5.E89BFEBD22D19AEA08C6CC42A36E7BFF] - 28/11/2014 - 18:17:07 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [6558]
O44 - LFC:[MD5.D5DAE339BAFF5F4EEF3F4FC874793F74] - 28/11/2014 - 18:17:07 ---A- . (...) -- C:\Windows\System32\perfc009.dat [300976]
O44 - LFC:[MD5.A2573614FD3457496CF6A3517DC97CE3] - 28/11/2014 - 18:17:07 ---A- . (...) -- C:\Windows\System32\perfh009.dat [841810]
O44 - LFC:[MD5.96ABBDE766E9FEA8D4A6A8F84787D2D8] - 28/11/2014 - 18:17:07 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [326488]
O44 - LFC:[MD5.FCA8B387E718A1FBBE23D082BCA14BEE] - 28/11/2014 - 18:17:07 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [893354]
~ Files: 68 Scanned in 00mn 10s



---\\ Últimos arquivos criados no Windows Prefetcher (045)
O45 - LFCP:[MD5.AFE5473DF0DAA7AB325107ABA78DEC9A] - 12/12/2014 - 11:18:43 ---A- - C:\Windows\Prefetch\BOBROWSER.EXE-E26B1038.pf =>PUP.BoBrowser
O45 - LFCP:[MD5.1A6EBBA4BE38B24B74DA860F2BCD74A8] - 11/12/2014 - 18:32:43 ---A- - C:\Windows\Prefetch\PENNYBEE.EXE-75E25255.pf =>PUP.PaybyAds
O45 - LFCP:[MD5.C95C4B00611CA82EBE62E2B92B649760] - 12/12/2014 - 03:13:58 ---A- - C:\Windows\Prefetch\PENNYBEEW.EXE-D2C9A740.pf =>PUP.PaybyAds
O45 - LFCP:[MD5.35A90555207601690A501EE56817FE70] - 21/11/2014 - 19:03:23 ---A- - C:\Windows\Prefetch\UTORRENT.EXE-52C924E6.pf =>P2P.µTorrent
O45 - LFCP:[MD5.19A12DAAAD7F024FC4F2E864E2929703] - 11/12/2014 - 18:32:55 ---A- - C:\Windows\Prefetch\WPM_V20.0.0.1277_.EXE-872ED4AC.pf =>PUP.WpManager
~ Prefetcher: 5 Scanned in 00mn 00s



---\\ Negação do serviço (Local Security Authority) (048)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Mecanismo cliente do 'Editor de configuração de segurança Windows'.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pacote de Segurança Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - LiveSSP.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s
...
avatar
Rafael FD
Iniciante
Iniciante

Mensagens : 36
Reputação : 1
Data de inscrição : 20/06/2014

Voltar ao Topo Ir em baixo

Re: Como remover Ads by I Cinema

Mensagem por Rafael FD em Sex 12 Dez 2014, 12:40

Ultima parte!


---\\ Controlo do Modo de Segurança (CSB) (49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s



---\\ Pesquisa de infeções nos drivers (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"vidc.i420"="lvcod64.dll" . (.Logitech Inc. - Video Codec.) -- C:\Windows\System32\lvcod64.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="l3codecp.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm
O52 - TDSD: \Drivers32\"VIDC.LAGS"="lagarith.dll" . (.No owner - Lagarith.) -- C:\Windows\System32\lagarith.dll
O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (.No owner - ffdshow VFW.) -- C:\Windows\System32\ff_vfw.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"lagarith.dll"="Lagarith lossless codec" . (.No owner - Lagarith.) -- C:\Windows\System32\lagarith.dll
O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (.No owner - ffdshow VFW.) -- C:\Windows\System32\ff_vfw.dll
~ TDSD: 7 Scanned in 00mn 00s



---\\ Enumeração das chaves do registo SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0
~ MWPS: 18 Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ MWPE Keys: 3 Scanned in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:17/04/2013 - 20:45:42 R--A- . (.360.cn - 360HipsOEM.) -- C:\Windows\System32\Drivers\360FltOEM.sys [288688]
O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [339536]
O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [182864]
O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [15440]
O58 - SDL:13/07/2012 - 12:39:51 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [107904]
O58 - SDL:13/07/2009 - 22:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [194128]
O58 - SDL:13/07/2012 - 12:39:51 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [27008]
O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [87632]
O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [97856]
O58 - SDL:29/03/2005 - 00:30:38 ---A- . (.No owner - ATK0110 ACPI Utility.) -- C:\Windows\System32\Drivers\ASACPI.sys [8192]
O58 - SDL:02/08/2014 - 10:53:41 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:02/08/2014 - 10:53:41 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [79184]
O58 - SDL:02/08/2014 - 10:53:40 ---A- . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr2.sys [93568]
O58 - SDL:02/08/2014 - 10:53:41 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:02/08/2014 - 10:53:41 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswSnx.sys [1041168]
O58 - SDL:02/08/2014 - 10:53:41 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswsp.sys [426848]
O58 - SDL:02/08/2014 - 10:53:41 ---A- . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\Drivers\aswStm.sys [92008]
O58 - SDL:02/08/2014 - 10:53:41 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [224896] =>.ALWIL Software
O58 - SDL:10/06/2009 - 17:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60a.sys [270848]
O58 - SDL:08/12/2014 - 20:09:44 ---A- . (.Windows (R) Win 7 DDK provider - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\brfilterdrv.sys [51520]
O58 - SDL:10/06/2009 - 17:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [18432]
O58 - SDL:10/06/2009 - 17:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [8704]
O58 - SDL:13/07/2009 - 22:19:07 ---A- . (.Brother Industries Ltd. - Brother Serial I/F Driver (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [286720]
O58 - SDL:10/06/2009 - 17:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [47104]
O58 - SDL:10/06/2009 - 17:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [14976]
O58 - SDL:10/06/2009 - 17:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [14720]
O58 - SDL:10/06/2009 - 17:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [468480]
O58 - SDL:13/07/2009 - 22:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [17488]
O58 - SDL:30/10/2014 - 01:05:05 ---A- . (.Dev47Apps - Virtual Audio Device.) -- C:\Windows\System32\Drivers\droidcam.sys [25216]
O58 - SDL:25/12/2013 - 20:44:41 ---A- . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\Drivers\dtsoftbus01.sys [283064]
O58 - SDL:26/07/2012 - 07:32:08 ---A- . (.D-vitec - dvitdcnt.) -- C:\Windows\System32\Drivers\dvitdcnt.sys [307968]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 17:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3286016]
O58 - SDL:21/08/2012 - 13:01:20 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:21/11/2010 - 00:23:47 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [78720]
O58 - SDL:13/07/2012 - 12:39:51 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [410496]
O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [44112]
O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [114752]
O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [106560]
O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [65600]
O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [115776]
O58 - SDL:18/01/2012 - 05:44:36 ---A- . (.Logitech Inc. - Logitech USB Video Class Driver.) -- C:\Windows\System32\Drivers\lvuvc64.sys [4865568]
O58 - SDL:21/11/2014 - 05:14:08 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25816]
O58 - SDL:21/11/2014 - 05:14:12 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [93400]
O58 - SDL:12/12/2014 - 02:59:35 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [129752]
O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\System32\Drivers\megasas.sys [35392]
O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [284736]
O58 - SDL:21/10/2014 - 23:54:24 ---A- . (.NetFilterSDK.com - NetFilter SDK TDI Hook Driver (WPP).) -- C:\Windows\System32\Drivers\mosfilterdrv.sys [60728]
O58 - SDL:21/11/2014 - 05:14:22 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [63704]
O58 - SDL:12/02/2010 - 17:42:28 ---A- . (.Ralink Technology Corp. - Ralink 802.11n Wireless Adapter Driver.) -- C:\Windows\System32\Drivers\netr28ux.sys [1104672]
O58 - SDL:13/07/2009 - 22:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [51264]
O58 - SDL:03/07/2012 - 12:25:16 ---A- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\System32\Drivers\nvhda64v.sys [189288]
O58 - SDL:26/02/2013 - 00:32:32 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 311.06.) -- C:\Windows\System32\Drivers\nvlddmkm.sys [11036448]
O58 - SDL:10/06/2009 - 17:35:35 ---A- . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\System32\Drivers\nvm62x64.sys [408960]
O58 - SDL:13/07/2012 - 12:39:51 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [148352]
O58 - SDL:13/07/2012 - 12:39:51 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [166272]
O58 - SDL:13/07/2009 - 22:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1524816]
O58 - SDL:13/07/2009 - 22:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [128592]
O58 - SDL:10/06/2009 - 17:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040]
O58 - SDL:13/07/2009 - 21:00:40 ---A- . (.Brother Industries Ltd. - Brother Serial I/F Driver (WDM).) -- C:\Windows\System32\Drivers\serial.sys [94208]
O58 - SDL:13/07/2009 - 22:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [43584]
O58 - SDL:13/07/2009 - 22:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [80464]
O58 - SDL:27/01/2014 - 23:13:31 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys [381440]
O58 - SDL:21/09/2009 - 00:43:52 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Device 1.0 Driver.) -- C:\Windows\System32\Drivers\ss_bus.sys [127488]
O58 - SDL:21/09/2009 - 00:43:52 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\Drivers\ss_cm.sys [15360]
O58 - SDL:21/09/2009 - 00:43:52 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\Drivers\ss_cmnt.sys [15360]
O58 - SDL:21/09/2009 - 00:43:52 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Modem 1.0 Filter Driver.) -- C:\Windows\System32\Drivers\ss_mdfl.sys [18944]
O58 - SDL:21/09/2009 - 00:43:52 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Modem 1.0 Driver.) -- C:\Windows\System32\Drivers\ss_mdm.sys [161280]
O58 - SDL:21/09/2009 - 00:43:52 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\Drivers\ss_wh.sys [15872]
O58 - SDL:21/09/2009 - 00:43:52 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\Drivers\ss_whnt.sys [15872]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:18/03/2013 - 16:51:08 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [17488]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [161872]
~ Drivers: 76 Scanned in 00mn 04s



---\\ Últimos ficheiros alterados ou criados (Utilizador) (061)
O61 - LFC: 05/12/2014 - 12:21:45 ---A- . (...) -- C:\Users\Iara Coelho\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll [146760]
O61 - LFC: 09/12/2014 - 12:21:47 ---A- . (...) -- C:\Users\Iara Coelho\AppData\Local\PunkBuster\FC3\pb\PnkBstrB.exe [281688]
O61 - LFC: 09/12/2014 - 12:21:47 ---A- . (...) -- C:\Users\Iara Coelho\AppData\Local\PunkBuster\FC3\pb\PnkBstrK.sys [138032]
O61 - LFC: 11/12/2014 - 12:21:35 ---A- . (.The Chromium Authors.) -- C:\Users\Iara Coelho\AppData\Local\BoBrowser\Application\36.0.1985.136\Installer\setup.exe [1027720] =>PUP.BoBrowser
O61 - LFC: 11/12/2014 - 12:21:47 ---A- . (...) -- C:\Users\Iara Coelho\AppData\Local\Temp\1wIXlNW5GS6nvxj6\1wIXlNW5GS6nvxj6_t3.exe [582704]
O61 - LFC: 11/12/2014 - 12:21:47 ---A- . (.Baidu, Inc..) -- C:\Users\Iara Coelho\AppData\Local\Temp\1wIXlNW5GS6nvxj6\1wIXlNW5GS6nvxj6_bn.exe [2110824]
O61 - LFC: 11/12/2014 - 12:21:47 ---A- . (.ClaraLabs.) -- C:\Users\Iara Coelho\AppData\Local\Temp\1wIXlNW5GS6nvxj6\1wIXlNW5GS6nvxj6_bb.exe [840312]
O61 - LFC: 11/12/2014 - 12:21:47 ---A- . (.JWTab.) -- C:\Users\Iara Coelho\AppData\Local\Temp\1wIXlNW5GS6nvxj6\1wIXlNW5GS6nvxj6_a7.exe [291880]
O61 - LFC: 11/12/2014 - 12:21:47 ---A- . (.PennyBee.) -- C:\Users\Iara Coelho\AppData\Local\Temp\1wIXlNW5GS6nvxj6\1wIXlNW5GS6nvxj6_y3.exe [857728] =>PUP.PaybyAds
O61 - LFC: 11/12/2014 - 12:21:47 ---A- . (.globalUpdate.) -- C:\Users\Iara Coelho\AppData\Local\Temp\comh.340517\GoogleCrashHandler.exe [72872]
O61 - LFC: 11/12/2014 - 12:21:47 ---A- . (.globalUpdate.) -- C:\Users\Iara Coelho\AppData\Local\Temp\comh.340517\GoogleUpdate.exe [68608]
O61 - LFC: 11/12/2014 - 12:21:47 ---A- . (.globalUpdate.) -- C:\Users\Iara Coelho\AppData\Local\Temp\comh.340517\GoogleUpdateBroker.exe [46080]
O61 - LFC: 11/12/2014 - 12:21:47 ---A- . (.globalUpdate.) -- C:\Users\Iara Coelho\AppData\Local\Temp\comh.340517\GoogleUpdateOnDemand.exe [46080]
O61 - LFC: 11/12/2014 - 12:21:48 ---A- . (...) -- C:\Users\Iara Coelho\AppData\Local\Temp\Rand8SrZtYN92qkEra\8SrZtYN92qkEra_o.exe [71264]
O61 - LFC: 11/12/2014 - 12:21:48 ---A- . (...) -- C:\Users\Iara Coelho\AppData\Local\Temp\nsdEC35.tmp\System.dll [11264]
O61 - LFC: 11/12/2014 - 12:21:48 ---A- . (.Baidu Inc..) -- C:\Users\Iara Coelho\AppData\Local\Temp\PCF40.exe [2127552]
O61 - LFC: 11/12/2014 - 12:21:48 ---A- . (.Dnlpv & co..) -- C:\Users\Iara Coelho\AppData\Local\Temp\DwlTempFolder\temp.exe [12253408]
O61 - LFC: 11/12/2014 - 12:21:48 ---A- . (.globalUpdate.) -- C:\Users\Iara Coelho\AppData\Local\Temp\comh.340517\goopdate.dll [761856]
O61 - LFC: 11/12/2014 - 12:21:48 ---A- . (.globalUpdate.) -- C:\Users\Iara Coelho\AppData\Local\Temp\comh.340517\goopdateres_en.dll [26792]
O61 - LFC: 11/12/2014 - 12:21:48 ---A- . (.globalUpdate.) -- C:\Users\Iara Coelho\AppData\Local\Temp\comh.340517\npGoogleUpdate4.dll [220672]
O61 - LFC: 11/12/2014 - 12:21:48 ---A- . (.globalUpdate.) -- C:\Users\Iara Coelho\AppData\Local\Temp\comh.340517\psmachine.dll [155648]
O61 - LFC: 11/12/2014 - 12:21:48 ---A- . (.globalUpdate.) -- C:\Users\Iara Coelho\AppData\Local\Temp\comh.340517\psuser.dll [155648]
O61 - LFC: 11/12/2014 - 12:21:58 ---A- . (...) -- C:\Users\Iara Coelho\Downloads\Download Dead Island (pc) Completo (1).exe [53536]
O61 - LFC: 11/12/2014 - 12:21:58 ---A- . (...) -- C:\Users\Iara Coelho\Downloads\Download Dead Island (pc) Completo.exe [53536]
~ 111 Fichiers temporaires (Temporary files)
~ 89 Fichiers cookies (Cookies files)
~ Files: 24 Scanned in 00mn 26s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 02/08/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 02/08/2014 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 02/08/2014 - C:\Windows\system32\drivers\aswRdr2.sys (aswRdr) .(.AVAST Software - avast! WFP Redirect Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - 02/08/2014 - C:\Windows\System32\Drivers\aswRvrt.sys (aswRvrt) .(...) - LEGACY_ASWRVRT
O64 - Services: CurCS - 02/08/2014 - C:\Windows\system32\drivers\aswSnx.sys (aswSnx) .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - 02/08/2014 - C:\Windows\system32\drivers\aswSP.sys (aswSP) .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP
O64 - Services: CurCS - 02/08/2014 - C:\Windows\system32\drivers\aswStm.sys (aswStm) .(.AVAST Software - Stream Filter.) - LEGACY_ASWSTM
O64 - Services: CurCS - 02/08/2014 - C:\Windows\System32\Drivers\aswVmm.sys (aswVmm) .(...) - LEGACY_ASWVMM
O64 - Services: CurCS - 08/12/2014 - C:\Windows\System32\drivers\brfilterdrv.sys (brfilterdrv) .(.Windows (R) Win 7 DDK provider - NetFilter SDK WFP Driver (WPP).) - LEGACY_BRFILTERDRV
O64 - Services: CurCS - 29/01/2010 - C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys (ISODrive) .(.EZB Systems, Inc. - ISO DVD/CD-ROM Device Driver.) - LEGACY_ISODRIVE
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 27/01/2014 - C:\Windows\system32\Drivers\sptd.sys (sptd) .(.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) - LEGACY_SPTD
~ Legacy: 102 Scanned in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos'.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <BaiduSparkHTML>[HKLM\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> <BoBrowsHTM.5OJH3SUVOS3RT4AQ2PCGYYVI2Q>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Scanned in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: <BoBrowser.5OJH3SUVOS3RT4AQ2PCGYYVI2Q> <BoBrowser>[HKLM\..\Shell\open\Command] (.The BoBrowser Authors - BoBrowser.) -- C:\Users\Iara Coelho\AppData\Local\BoBrowser\Application\bobrowser.exe =>PUP.BoBrowser
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (...) -- C:\program files (x86)\Internet Explorer\iexplore.exe [Você precisa estar registrado e conectado para ver este link.] =>Hijacker.WebsSearches
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} [DefaultScope] - (Google) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys: Scanned in 00mn 00s



---\\ Listagem dos serviços iniciados pelo Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Serviço de Experiência com Aplicativo.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\Windows\System32\srvsvc.dll [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Diretiva de Grupo.) -- C:\Windows\System32\gpsvc.dll [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\Windows\System32\ikeext.dll [859648]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Serviço de Áudio do Windows.) -- C:\Windows\System32\Audiosrv.dll [680960]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acesso Remoto.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\Windows\System32\rasmans.dll [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistema (SENS).) -- C:\Windows\System32\sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft(R) Windows(TM).) -- C:\Windows\System32\tapisrv.dll [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gerenciador de Conexões Remotas do Servidor Host da Sessão da Área de.) -- C:\Windows\System32\termsrv.dll [683520]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [2477536]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de plano de fundo.) -- C:\Windows\System32\qmgr.dll [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em uma rede IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Serviço Agendador de Classes de Multimídia.) -- C:\Windows\System32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho Remota.) -- C:\Windows\System32\sessenv.dll [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\Windows\System32\browser.dll [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\Windows\System32\schedsvc.dll [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Serviço de Gerenciamento de Chaves.) -- C:\Windows\System32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\Windows\System32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\Windows\System32\bdesvc.dll [100864]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Serviço de instalação do software.) -- C:\Windows\System32\appmgmts.dll [193536]
~ Services: 33 Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.F18C7B89F652405E58E1E822009D59C7] [SPRF][13/06/2014] (.BitTorrent Inc. - µTorrent.) -- C:\Users\Iara Coelho\Desktop\710-uTorrent.exe [1272912] =>P2P.BitTorrent
[MD5.1ABF96D2DDEC838763CEC88285A1FC6F] [SPRF][11/02/2014] (...) -- C:\Users\Iara Coelho\Desktop\Adobe Photoshop CS3.exe [50841162]
[MD5.A45721F5AFB6E49B9FEC5805CD1B643C] [SPRF][04/11/2014] (.No owner - Adware-Removal-Tool-v3.9.1.) -- C:\Users\Iara Coelho\Desktop\Adware-Removal-Tool-v3.9.1.exe [753184]
[MD5.842AA01C3AB0947F36EE4972B96D5268] [SPRF][30/10/2012] (.No owner - AVAST Software Setup Engine.) -- C:\Users\Iara Coelho\Desktop\avast_free_antivirus_setup.exe [96814416]
~ Files: 4 Scanned in 00mn 03s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{D1E2338A-1AFF-4CAC-A7DE-56CCECEBAC89}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Iara Coelho\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{C381978B-6A83-4FA9-9B0D-980577EE7510}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Iara Coelho\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{EF8C6E08-C368-498F-9F6E-1A408D462305}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Iara Coelho\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{8F4221AB-B6F1-4F6C-A226-9D2FC2B4C660}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Iara Coelho\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "TCP Query User{B85F0474-7126-4DBD-A9F4-11C36D430B35}C:\users\iara coelho\desktop\710-utorrent.exe" | In - Public - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\users\iara coelho\desktop\710-utorrent.exe =>P2P.BitTorrent
O87 - FAEL: "UDP Query User{CC822C8E-D181-4324-93C8-395B7DFA4653}C:\users\iara coelho\desktop\710-utorrent.exe" | In - Public - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\users\iara coelho\desktop\710-utorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{4662D7E3-A5AC-46EB-BCA7-66B4560BBC14}" | In - None - P17 - TRUE | .(.The BoBrowser Authors - BoBrowser.) -- C:\Users\Iara Coelho\AppData\Local\BoBrowser\Application\bobrowser.exe =>PUP.BoBrowser
~ Firewall: 7 Scanned in 00mn 02s



---\\ Listagem dos dados da chave NameSpace (MNS) (O92)
O92 - MNS: Fotos do iCloud - {F0D63F85-37EC-4097-B30D-61B4A8917118}
~ MNS: 1 Scanned in 00mn 00s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PennyBeeW_RASAPI32 =>PUP.PaybyAds
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PennyBeeW_RASMANCS =>PUP.PaybyAds
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent-323-build-28705-baixaki-32-bits_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent-323-build-28705-baixaki-32-bits_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
~ BTK: 274 Scanned in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 10/12/2014 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 10/12/2014 443432 | (BRApps) . (...) - C:\Program Files (x86)\BRApps\BRApps.exe
SS - | Auto 11/12/2014 68608 | (globalUpdate) . (.globalUpdate.) - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
SS - | Demand 11/12/2014 68608 | (globalUpdatem) . (.globalUpdate.) - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
SS - | Auto 01/11/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 01/11/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 06/04/2013 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Demand 10/07/1658 0 | (npggsvc) . (.INCA Internet Co., Ltd..) - C:\Windows\system32\GameMon.des
SS - | Auto 26/02/2013 1260320 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 18/11/2014 833728 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SS - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 12/02/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 02/08/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 11/12/2014 328304 | (ClaraUpdater) . (.ClaraLabs.) - C:\Program Files (x86)\Common Files\ClaraUpdater\ClaraUpdater.exe
SR - | Demand 26/05/2014 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 21/11/2014 1871160 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
SR - | Auto 01/12/2014 443480 | (NJax) . (...) - C:\Program Files (x86)\NJax\NJax.exe
SR - | Auto 18/01/2013 884512 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 30/07/2014 57856 | (PennyBee) . (...) - C:\Program Files (x86)\PennyBee\PennyBee.exe =>PUP.PaybyAds
SR - | Auto 10/07/1658 0 | (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
SR - | Auto 15/12/2009 185632 | (RalinkRegistryWriter) . (.Ralink Technology, Corp..) - C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
SR - | Auto 15/12/2009 212256 | (RalinkRegistryWriter64) . (.Ralink Technology, Corp..) - C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
SR - | Auto 18/01/2013 383264 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 18/01/2012 450848 | (UMVPFSrv) . (.Logitech Inc..) - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
SR - | Auto 11/12/2014 524024 | (Update Search Vortex) . (...) - C:\Program Files (x86)\Search Vortex\updateSearchVortex.exe
SR - | Auto 11/12/2014 485888 | (WindowsMangerProtect) . (.Fuyu LIMITED.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 09s



---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBR) (080)
Run by Iara Coelho at 12/12/2014 12:23:31
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s



---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBRCheck) (080)
Written by ad13, [Você precisa estar registrado e conectado para ver este link.]
Run by Iara Coelho at 12/12/2014 12:23:33
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s



---\\ Lista dos emuladores de CD/DVD (MBR Hook)
O58 - SDL:27/01/2014 - 23:13:31 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys [381440]
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite =>.DT Soft Ltd
O42 - Logiciel: DAEMON Tools Lite Packages - (...) [HKCU][64Bits] -- DAEMON Tools Lite Packages =>.DT Soft Ltd
~ Emulateurs: Scanned in 00mn 02s



---\\ Scâner Aditional (088)
Database Version : 13026 - (05/11/2014)
Clés trouvées (Keys found) : 18
Valeurs trouvées (Values found) : 10
Dossiers trouvés (Folders found) : 5
Fichiers trouvés (Files found) : 18

[HKLM\SYSTEM\CurrentControlSet\Services\PennyBee] =>PUP.PaybyAds^
[HKLM\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect] =>PUP.Fuyu^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Run_Bobby_Browser] =>PUP.BoBrowser^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\BoBrowser] =>PUP.BoBrowser^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PennyBee] =>PUP.PaybyAds^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\webssearches uninstall] =>Hijacker.WebsSearches^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] =>P2P.BitTorrent^
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110611131165}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220622132265}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611131165}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110611131165}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220622132265}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611131165}] =>PUP.CrossRider
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent^
C:\Program Files (x86)\PennyBee =>PUP.PaybyAds^
C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu^
C:\Users\Iara Coelho\AppData\Roaming\uTorrent =>P2P.µTorrent^
C:\Users\Iara Coelho\AppData\Roaming\webssearches =>Hijacker.WebsSearches^
C:\Users\Iara Coelho\AppData\Local\BoBrowser =>PUP.BoBrowser^
C:\Users\Iara Coelho\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent^
C:\Users\Iara Coelho\AppData\Local\BoBrowser\Application\bobrowser.exe =>PUP.BoBrowser^
C:\Windows\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-1.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-1 =>PUP.CrossRider^
C:\Windows\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-2.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-2 =>PUP.CrossRider^
C:\Windows\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-4 =>PUP.CrossRider^
C:\Windows\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-5 =>PUP.CrossRider^
C:\Windows\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-6 =>PUP.CrossRider^
C:\Windows\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-7 =>PUP.CrossRider^
[HKCU\Software\BitTorrent] =>P2P.BitTorrent^
[HKLM\Software\Wow6432Node\supWindowsMangerProtect] =>PUP.Fuyu^
[HKLM\Software\Wow6432Node\webssearchesSoftware] =>Hijacker.WebsSearches^
C:\Users\Iara Coelho\Desktop\710-uTorrent.exe =>P2P.BitTorrent^
~ Additionnel Scan: 287509 Items scanned in 00mn 33s



---\\ Informações complémentaires do módulos
~ [Você precisa estar registrado e conectado para ver este link.] =>.Internet Explorer, Gestão do Proxy (R5)
~ [Você precisa estar registrado e conectado para ver este link.] =>.Browser Helper Objects do navegador (02)
~ [Você precisa estar registrado e conectado para ver este link.] =>.Aplicações iniciadas por registo & pastas (04)
~ AMI: 3 Scanned in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.] =>PUP.BoBrowser
[Você precisa estar registrado e conectado para ver este link.] =>Hijacker.WebsSearches
[Você precisa estar registrado e conectado para ver este link.] =>PUP.PaybyAds
[Você precisa estar registrado e conectado para ver este link.] =>PUP.Fuyu
[Você precisa estar registrado e conectado para ver este link.] =>PUP.CrossRider
[Você precisa estar registrado e conectado para ver este link.] =>Adware.VidSaver
[Você precisa estar registrado e conectado para ver este link.] =>PUP.WpManager
~ MSI: 7 link(s) detected in 00mn 00s



End of the scan (1484 lines in 03mn 34s)(0)
avatar
Rafael FD
Iniciante
Iniciante

Mensagens : 36
Reputação : 1
Data de inscrição : 20/06/2014

Voltar ao Topo Ir em baixo

Re: Como remover Ads by I Cinema

Mensagem por caedurodrigues em Sex 12 Dez 2014, 13:18

Boa tarde Rafael FD,


  • Baixe: <[Você precisa estar registrado e conectado para ver esta imagem.]> (...par Xplode)
  • Ou aqui >>AdwCleaner<<
  • Salve-a na sua Desktop (área de trabalho).
  • Feche todos os programas e navegadores de internet abertos.
  • Usuários do Windows Vista ou Windows 7,clique com o direito do mouse sobre o arquivo AdwCleaner.exe,depois clique em:
    [Você precisa estar registrado e conectado para ver esta imagem.]

    [Você precisa estar registrado e conectado para ver esta imagem.]

  • Clique em Examinar, para iniciar o escaneamento!

    [Você precisa estar registrado e conectado para ver esta imagem.]
  • Ao término, clique em limpar
  • Copie o log ou clique "Relatório".
  • Poste: >>C:\AdwCleaner\AdwCleaner [S0].txt<<




  • Baixe:<[Você precisa estar registrado e conectado para ver esta imagem.]> <(...by Oleg N. Scherbakov)>
  • Salve-o no desktop!
  • Desabilite seu antivírus!
  • Para Windows 7, clique direito em JRT.exe e execute-o como [Você precisa estar registrado e conectado para ver esta imagem.]
    [Você precisa estar registrado e conectado para ver esta imagem.]
  • Aguarde a conclusão e poste o relatório. ( JRT.txt )


Um grande abraço.
avatar
caedurodrigues
Analista
Analista

Mensagens : 945
Reputação : 161
Data de inscrição : 21/10/2013
Idade : 47
Localização : Apiacá

Voltar ao Topo Ir em baixo

Re: Como remover Ads by I Cinema

Mensagem por Rafael FD em Sex 12 Dez 2014, 13:54

Segue o log:


Adware Removal Tool v3.9
Time: 2014_12_12_13_41_47
OS: Windows 7 - 64 Bit
Account Name: Iara Coelho
U0L0S16

\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\

Deleted - File - C:\program files (x86)\I - Cinema\I - Cinema-codedownloader.exe
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software\I - Cinema\Plugins\102:name
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software\I - Cinema\Plugins\9:javascript
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software\I - Cinema\Plugins\91:javascript
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{adbed521-53ca-4d16-9bcd-c156bd86b0d0}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E4EB5B1-71CE-4486-8490-8702156468D}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{469AAFAC-B0E5-4162-A9A1-2A05D284D4}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78DDCE2D-A866-4D84-96ED-ECA27239F63}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{adbed521-53ca-4d16-9bcd-c156bd86b0d0}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D995D6A8-C02-4991-93A5-D1B23CBA941}:appname
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2EECD738-5844-4A99-B4B6-146BF802613B}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{472734EA-242A-422B-ADF8-83D1E48CC825}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{98889811-442D-49DD-99D7-DC866BE87DBC}

\\ Rebooting computer : 1 Objects
\\ Reboot Done

Deleted - File - C:\program files (x86)\PennyBee\DealplyInstallerHelper.dll

\\ Finished
avatar
Rafael FD
Iniciante
Iniciante

Mensagens : 36
Reputação : 1
Data de inscrição : 20/06/2014

Voltar ao Topo Ir em baixo

Re: Como remover Ads by I Cinema

Mensagem por caedurodrigues em Sex 12 Dez 2014, 13:59

Boa tarde Rafael FD, onde está o log das ferramentas solicitadas ? a AdwCleaner e a JRT. Não foi solicitado a execução da ferramenta Adware Removal Tool v3.9.
avatar
caedurodrigues
Analista
Analista

Mensagens : 945
Reputação : 161
Data de inscrição : 21/10/2013
Idade : 47
Localização : Apiacá

Voltar ao Topo Ir em baixo

Re: Como remover Ads by I Cinema

Mensagem por Rafael FD em Sex 12 Dez 2014, 14:00

Boa tarde!

Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Ultimate x64
Ran by Iara Coelho on 12/12/2014 at 13:57:06,51
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110611131165}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220622132265}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550655135565}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660666136665}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440644134465}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110611131165}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220622132265}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550655135565}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660666136665}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440644134465}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550655135565}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660666136665}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440644134465}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550655135565}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660666136665}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440644134465}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611131165}



~~~ Files

Successfully deleted: [File] C:\Windows\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-1.job
Successfully deleted: [File] C:\Windows\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-11.job
Successfully deleted: [File] C:\Windows\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-2.job
Successfully deleted: [File] C:\Windows\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-4.job
Successfully deleted: [File] C:\Windows\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-5.job
Successfully deleted: [File] C:\Windows\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-6.job
Successfully deleted: [File] C:\Windows\Tasks\aa3f8742-ee81-44ec-9962-d671d0732601-7.job
Successfully disinfected: [Shortcut] C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Successfully disinfected: [Shortcut] C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk
Successfully disinfected: [Shortcut] C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Katana - Chrome.lnk
Successfully disinfected: [Shortcut] C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Katana - Chrome.lnk
Successfully disinfected: [Shortcut] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Successfully disinfected: [Shortcut] C:\Users\Iara Coelho\AppData\Roaming\microsoft\windows\start menu\Programs\Internet Explorer.lnk
Successfully disinfected: [Shortcut] C:\Users\Iara Coelho\AppData\Roaming\microsoft\windows\start menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Successfully repaired: [Shortcut] C:\Users\Iara Coelho\desktop\Katana - Chrome.lnk



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\baidu"
Successfully deleted: [Folder] "C:\ProgramData\baidu security"
Successfully deleted: [Folder] "C:\ProgramData\windowsmangerprotect"
Successfully deleted: [Folder] "C:\Users\Iara Coelho\AppData\Roaming\baidu"
Successfully deleted: [Folder] "C:\Users\Iara Coelho\appdata\local\globalupdate"
Successfully deleted: [Folder] "C:\Program Files (x86)\baidu security"
Successfully deleted: [Folder] "C:\Program Files (x86)\globalupdate"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12/12/2014 at 14:00:03,24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
avatar
Rafael FD
Iniciante
Iniciante

Mensagens : 36
Reputação : 1
Data de inscrição : 20/06/2014

Voltar ao Topo Ir em baixo

Re: Como remover Ads by I Cinema

Mensagem por caedurodrigues em Sex 12 Dez 2014, 14:17

Boa tarde Rafael FD, não esqueça de postar o log da ferramenta AdwCleaner por favor.
avatar
caedurodrigues
Analista
Analista

Mensagens : 945
Reputação : 161
Data de inscrição : 21/10/2013
Idade : 47
Localização : Apiacá

Voltar ao Topo Ir em baixo

Re: Como remover Ads by I Cinema

Mensagem por Rafael FD em Ter 16 Dez 2014, 18:34

Boa tarde, ja foi removido o vírus!
Mas só demora alguns segundos para abrir o meu navegador.

avatar
Rafael FD
Iniciante
Iniciante

Mensagens : 36
Reputação : 1
Data de inscrição : 20/06/2014

Voltar ao Topo Ir em baixo

Re: Como remover Ads by I Cinema

Mensagem por Rafael FD em Ter 16 Dez 2014, 19:12

Mas de qualquer maneira estou mandando o log!

# AdwCleaner v4.105 - Report created 16/12/2014 at 18:36:50
# Updated 08/12/2014 by Xplode
# Database : 2014-12-13.4 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Iara Coelho - IARACOELHO-PC
# Running from : C:\Users\Iara Coelho\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
[#] Service Deleted : WindowsMangerProtect
Service Deleted : ClaraUpdater
Service Deleted : c2cautoupdatesvc
Service Deleted : c2cpnrsvc

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\I - Cinema
Folder Deleted : C:\Program Files (x86)\Common Files\ClaraUpdater
Folder Deleted : C:\Users\Iara Coelho\AppData\Local\BoBrowser
Folder Deleted : C:\Users\Iara Coelho\AppData\Roaming\webssearches
File Deleted : C:\Program Files (x86)\PDFCreator\Toolbar\pdfforge Toolbar_setup.exe
File Deleted : C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BoBrowser.lnk
File Deleted : C:\Users\Iara Coelho\Desktop\Facebook.lnk
File Deleted : C:\Users\UpdatusUser\Desktop\Hao123.lnk

***** [ Scheduled Tasks ] *****

Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : Run_Bobby_Browser
Task Deleted : aa3f8742-ee81-44ec-9962-d671d0732601-5_user

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Microsoft\WINDOWS\CURRENTVERSION\APP PATHS\PennyBee.exe
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [bobrowser]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7b85c85a-6479-4857-9bd7-6687d5e7e410}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{adbed521-53ca-4d16-9bcd-c156bd86b0d0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7b85c85a-6479-4857-9bd7-6687d5e7e410}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{adbed521-53ca-4d16-9bcd-c156bd86b0d0}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\BoBrowser
Key Deleted : HKCU\Software\I - Cinema-nv
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\I - Cinema
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\webssearchesSoftware
Key Deleted : HKLM\SOFTWARE\I - Cinema
Key Deleted : HKLM\SOFTWARE\Clara
Key Deleted : HKLM\SOFTWARE\I - Cinema-nv
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\BoBrowser
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webssearches uninstall
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I - Cinema
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\I - Cinema-nv
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - Coelho\AppData\Local\Smartbar\Application\Resources\crdlil.dll

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v39.0.2171.95


*************************

AdwCleaner[R0].txt - [10225 octets] - [16/12/2014 18:35:19]
AdwCleaner[S0].txt - [9556 octets] - [16/12/2014 18:36:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9616 octets] ##########
avatar
Rafael FD
Iniciante
Iniciante

Mensagens : 36
Reputação : 1
Data de inscrição : 20/06/2014

Voltar ao Topo Ir em baixo

Re: Como remover Ads by I Cinema

Mensagem por caedurodrigues em Ter 16 Dez 2014, 22:00

Boa noite Rafael FD,

Agora vamos remover as ferramentas utilizadas na desinfecção.

  • Baixe: <[Você precisa estar registrado e conectado para ver esta imagem.]> (...par Xplode)
  • Salve-a na sua área de trabalho.
  • Dê dois cliques no delfix.exe para executá-lo.
  • Usuários do Windows Vista ou Windows 7,clique com o direito do mouse sobre o arquivo delfix.exe,depois clique em:

    [Você precisa estar registrado e conectado para ver esta imagem.]

  • Marque as caixinhas, de acordo com a imagem.
  • Clique no botão Executar.
  • Reinicie o computador!
  • Tudo OK ?


Um grande abraço.  
avatar
caedurodrigues
Analista
Analista

Mensagens : 945
Reputação : 161
Data de inscrição : 21/10/2013
Idade : 47
Localização : Apiacá

Voltar ao Topo Ir em baixo

Re: Como remover Ads by I Cinema

Mensagem por joram em Sex 19 Dez 2014, 13:59

Caso Resolvido

Necessitando novo auxílio para este computador,basta abrir "Novo Tópico" e relatar o problema.

_________________
Fórum PC Brasil >> O que há de melhor,para desinfectar seu computador!
Fórum SecSecurity >> Não deixem de conhecer!
Fórum iMasters >> Tradição em informática!
avatar
joram
Administrador
Administrador

Mensagens : 3707
Reputação : 415
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Como remover Ads by I Cinema

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum