Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14838 usuários registradosO último membro registrado é Lanterna Verde com Disco
Os nossos membros postaram um total de 36058 mensagens em 3689 assuntos
Quem está conectado?
Há 85 usuários online :: 0 registrados, 0 invisíveis e 85 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
Power Max | ||||
joram | ||||
Wings [In Memoriam] | ||||
caedurodrigues | ||||
Amigo Brasileiro | ||||
luizvilarinho | ||||
Danii | ||||
Admin | ||||
Danilo Marsaro | ||||
Andreata |
Como remover awesomehp???
3 participantes
Página 1 de 2
Página 1 de 2 • 1, 2
Como remover awesomehp???
Boa noite, sou novato aqui no fórum e estou com uma dúvida, como faço pra remover o awesomehp??
Luciano Santos- Iniciante
- Mensagens : 14
Reputação : 0
Data de inscrição : 31/01/2014
Idade : 46
Localização : Camaquã- RS
Re: Como remover awesomehp???
Olá Luciano Santos
Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...da TrendMicro) e salve-o no desktop (Área de Trabalho)
*Execute-o, clique [Do a system scan and save a logfile] e cole o relatório apresentado
Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...da TrendMicro) e salve-o no desktop (Área de Trabalho)
*Execute-o, clique [Do a system scan and save a logfile] e cole o relatório apresentado
Como remover awesomehp???
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:57:33, on 31/01/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\USB Camera\VM331_STI.EXE
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Users\Luciano\Downloads\Limpeza Notbook\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: CrossriderApp0049010 - {11111111-1111-1111-1111-110411901110} - C:\Program Files (x86)\Feven 2.1\Feven 2.1-bho.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BatBrowse - {b67b3dbb-c1c9-49d2-b016-2748b0b5017e} - C:\Program Files (x86)\BatBrowse\BatBrowsebho.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll (file missing)
O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
O3 - Toolbar: mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll (file missing)
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MessengerPlusForSkypeService] "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Luciano\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [Power2GoExpress] NA
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - Global Startup: Bluetooth.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Enviar para Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Enviar para Dispositivo &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IePlugin Service (IePluginService) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginService\PluginService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Messenger Plus! Service (MsgPlusService) - Yuna Software - C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update BatBrowse - Unknown owner - C:\Program Files (x86)\BatBrowse\updateBatBrowse.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wpm Service (Wpm) - Cherished Technololgy LIMITED - C:\ProgramData\WPM\wprotectmanager.exe
--
End of file - 13487 bytes
Scan saved at 12:57:33, on 31/01/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\USB Camera\VM331_STI.EXE
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Users\Luciano\Downloads\Limpeza Notbook\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: CrossriderApp0049010 - {11111111-1111-1111-1111-110411901110} - C:\Program Files (x86)\Feven 2.1\Feven 2.1-bho.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BatBrowse - {b67b3dbb-c1c9-49d2-b016-2748b0b5017e} - C:\Program Files (x86)\BatBrowse\BatBrowsebho.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll (file missing)
O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
O3 - Toolbar: mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll (file missing)
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MessengerPlusForSkypeService] "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Luciano\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [Power2GoExpress] NA
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - Global Startup: Bluetooth.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Enviar para Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Enviar para Dispositivo &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IePlugin Service (IePluginService) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginService\PluginService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Messenger Plus! Service (MsgPlusService) - Yuna Software - C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update BatBrowse - Unknown owner - C:\Program Files (x86)\BatBrowse\updateBatBrowse.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wpm Service (Wpm) - Cherished Technololgy LIMITED - C:\ProgramData\WPM\wprotectmanager.exe
--
End of file - 13487 bytes
Luciano Santos- Iniciante
- Mensagens : 14
Reputação : 0
Data de inscrição : 31/01/2014
Idade : 46
Localização : Camaquã- RS
Re: Como remover awesomehp???
Execute o HijackThis, clique [Do a system scan only], selecione as entradas abaixo e clique [Fix checked]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O2 - BHO: BatBrowse - {b67b3dbb-c1c9-49d2-b016-2748b0b5017e} - C:\Program Files (x86)\BatBrowse\BatBrowsebho.dll (file missing)
O2 - BHO: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll (file missing)
O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
O3 - Toolbar: mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll (file missing)
*Feche o HijackThis
Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Xplode) e salve-o no Desktop (Área de Trabalho)
*Salve qualquer trabalho aberto e feche o seu navegador
*Execute-o, clique [Examinar] e aguarde o término
*Clique [Limpar] e aguarde o término
*Caso seja solicitada a reinicialização do PC, clique [OK] para reiniciar.
*Cole o relatório C:\AdwCleaner\AdwCleaner[S0].txt
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O2 - BHO: BatBrowse - {b67b3dbb-c1c9-49d2-b016-2748b0b5017e} - C:\Program Files (x86)\BatBrowse\BatBrowsebho.dll (file missing)
O2 - BHO: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll (file missing)
O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
O3 - Toolbar: mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll (file missing)
*Feche o HijackThis
Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Xplode) e salve-o no Desktop (Área de Trabalho)
*Salve qualquer trabalho aberto e feche o seu navegador
*Execute-o, clique [Examinar] e aguarde o término
*Clique [Limpar] e aguarde o término
*Caso seja solicitada a reinicialização do PC, clique [OK] para reiniciar.
*Cole o relatório C:\AdwCleaner\AdwCleaner[S0].txt
Como remover awesomehp???
# AdwCleaner v3.018 - Relatório criado 31/01/2014 às 23:24:56
# Atualizado 28/01/2014 por Xplode
# Sistema Operacional : Windows 7 Home Basic Service Pack 1 (64 bits)
# Usuário : Luciano - LUCIANO-NOTBOOK
# Executando de : C:\Users\Luciano\Desktop\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\Babylon
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\BonanzaDealsLive
Pasta Deletada : C:\ProgramData\boost_interprocess
Pasta Deletada : C:\ProgramData\Partner
Pasta Deletada : C:\Program Files (x86)\BrowseFox
Pasta Deletada : C:\Program Files (x86)\Conduit
Pasta Deletada : C:\Program Files (x86)\Plus-HD-2.3
Pasta Deletada : C:\Program Files (x86)\Feven 2.1
Pasta Deletada : C:\Users\Luciano\AppData\Local\Babylon
Pasta Deletada : C:\Users\Luciano\AppData\Local\BonanzaDealsLive
Pasta Deletada : C:\Users\Luciano\AppData\Local\Conduit
Pasta Deletada : C:\Users\Luciano\AppData\Local\Temp\BrowseFox
Pasta Deletada : C:\Users\Luciano\AppData\Local\Temp\Iminent
Pasta Deletada : C:\Users\Luciano\AppData\LocalLow\BabylonToolbar
Pasta Deletada : C:\Users\Luciano\AppData\LocalLow\Conduit
Pasta Deletada : C:\Users\Luciano\AppData\LocalLow\Mysearchdial
Pasta Deletada : C:\Users\Luciano\AppData\LocalLow\PriceGong
Pasta Deletada : C:\Users\Luciano\AppData\Roaming\BabSolution
Pasta Deletada : C:\Users\Luciano\AppData\Roaming\Babylon
Pasta Deletada : C:\Users\Luciano\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Luciano\AppData\Roaming\Mysearchdial
Pasta Deletada : C:\Users\Luciano\AppData\Roaming\OpenCandy
Pasta Deletada : C:\Users\Luciano\AppData\Roaming\Systweak
Pasta Deletada : C:\Users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\zruauwh7.default\Extensions\7ff584eb-e54c-4c25-92b1-0b16f66d6752@5724dab3-50f4-4dee-85c3-3e3ec8e28f73.com
Pasta Deletada : C:\Users\Luciano\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Pasta Deletada : C:\Users\Luciano\AppData\Local\Google\Chrome\User Data\Default\Extensions\kimedffepcmacncbmlhhgnpchdhlanjj
Arquivo Deletada : C:\windows\System32\roboot64.exe
Arquivo Deletada : C:\Users\Luciano\AppData\Local\Temp\Searchqu.ini
Arquivo Deletada : C:\Users\Luciano\AppData\Local\Temp\searchqutoolbar-manifest.xml
Arquivo Deletada : C:\Users\Luciano\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
Arquivo Deletada : C:\Users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\zruauwh7.default\searchplugins\Mysearchdial.xml
Arquivo Deletada : C:\Users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\zruauwh7.default\user.js
Arquivo Deletada : C:\Program Files (x86)\Mozilla Firefox\user.js
Arquivo Deletada : C:\windows\System32\Tasks\EPUpdater
Arquivo Deletada : C:\windows\Tasks\MySearchDial.job
Arquivo Deletada : C:\windows\System32\Tasks\MySearchDial
Arquivo Deletada : C:\windows\Tasks\Feven 2.1-chromeinstaller.job
Arquivo Deletada : C:\windows\System32\Tasks\Feven 2.1-chromeinstaller
Arquivo Deletada : C:\windows\Tasks\Feven 2.1-codedownloader.job
Arquivo Deletada : C:\windows\System32\Tasks\Feven 2.1-codedownloader
Arquivo Deletada : C:\windows\Tasks\Feven 2.1-enabler.job
Arquivo Deletada : C:\windows\System32\Tasks\Feven 2.1-enabler
Arquivo Deletada : C:\windows\Tasks\Feven 2.1-firefoxinstaller.job
Arquivo Deletada : C:\windows\System32\Tasks\Feven 2.1-firefoxinstaller
Arquivo Deletada : C:\windows\Tasks\Feven 2.1-updater.job
Arquivo Deletada : C:\windows\System32\Tasks\Feven 2.1-updater
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\aipfmkinhleccnodemkoofnnofpbbpac
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Chave Deletedo : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chave Deletedo : HKLM\SOFTWARE\Classes\escort.escortIEPane
Chave Deletedo : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc.1
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd.1
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0049010.BHO
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0049010.BHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0049010.Sandbox
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0049010.Sandbox.1
Chave Deletedo : HKCU\Software\5e4db8fb53ee542
Chave Deletedo : HKLM\SOFTWARE\5e4db8fb53ee542
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar.CT2851643
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_openal_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_openal_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{82E74373-58AB-47EB-B0F0-A1D82BB8EB5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411901110}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455905510}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466906610}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444904410}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411901110}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411901110}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411901110}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{BB9817CA-9B43-41EB-8706-44847957338D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455905510}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466906610}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411901110}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}
Chave Deletedo : HKCU\Software\1ClickDownload
Chave Deletedo : HKCU\Software\BabSolution
Chave Deletedo : HKCU\Software\BonanzaDealsLive
Chave Deletedo : HKCU\Software\BrowserMngr
Chave Deletedo : HKCU\Software\Conduit
Chave Deletedo : HKCU\Software\DataMngr
[#] Chave Deletedo : HKCU\Software\DataMngr_Toolbar
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\installedbrowserextensions
Chave Deletedo : HKCU\Software\mysearchdial
Chave Deletedo : HKCU\Software\mysearchdial.com
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\systweak
Chave Deletedo : HKCU\Software\TutoTag
Chave Deletedo : HKCU\Software\UpdateStar
Chave Deletedo : HKCU\Software\AppDataLow\Software\Conduit
Chave Deletedo : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Chave Deletedo : HKCU\Software\AppDataLow\Software\Crossrider
Chave Deletedo : HKCU\Software\AppDataLow\Software\Plus-HD-2.3
Chave Deletedo : HKCU\Software\AppDataLow\Software\PriceGong
Chave Deletedo : HKCU\Software\AppDataLow\Software\smartbar
Chave Deletedo : HKCU\Software\AppDataLow\Software\Feven 2.1
Chave Deletedo : HKLM\Software\Babylon
Chave Deletedo : HKLM\Software\BonanzaDealsLive
Chave Deletedo : HKLM\Software\BrowserMngr
Chave Deletedo : HKLM\Software\Conduit
Chave Deletedo : HKLM\Software\DataMngr
Chave Deletedo : HKLM\Software\FreeSoftToday
Chave Deletedo : HKLM\Software\InstallCore
Chave Deletedo : HKLM\Software\mysearchdial
Chave Deletedo : HKLM\Software\Tutorials
Chave Deletedo : HKLM\Software\Feven 2.1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search-Gol Chrome Toolbar
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Feven 2.1
Chave Deletedo : [x64] HKLM\SOFTWARE\DataMngr
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.16428
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
-\\ Mozilla Firefox v26.0 (pt-BR)
[ Arquivo : C:\Users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\zruauwh7.default\prefs.js ]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.InstallationThankYouPage", true);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.InstallationTime", 1391042478);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.active", true);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.addressbar", "NA");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.addressbarenhanced", "");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.asyncdb.was_copied", "true");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.asyncdb_dbWasSet", true);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.asyncdb_dbWasSet_FF25_FIX", true);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.asyncinternaldb.was_copied", "true");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.asyncinternaldb_dbWasSet", true);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.asyncinternaldb_dbWasSet_FF25_FIX", true);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.backgroundver", 1);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.certdomaininstaller", "");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.changeprevious", false);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil)")[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.cookie.InstallationTime.value", "%221391042478%22");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil)");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22000850%22%2C%22sub_id%22%3A%220%22%2C%22uz[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil)");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.cookie._GPL_aoi.value", "%221391073611%22");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil)[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.cookie._GPL_parent_zoneid.value", "%22485146%22");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.cookie.jw_token.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil)");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.cookie.jw_token.value", "%22301131aa-0574-a6bb-e740-1cf248e83cab%22");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.description", "Feven 2.1");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.domain", "");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.enablesearch", false);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.homepage", "");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.iframe", false);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do B[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%2202D34CC689F04C4D9C0B5CC85F757[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22000850%22%2C%22sub_id%22%3A%220%22%2C%[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do B[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22000850%22%2C%22sub_id%22%3A%220%2[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora ofi[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A%2202D34CC689F04C4D9C0B[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasi[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.Resources_appVer.value", "25");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do [...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.Resources_lastVersion.value", "1");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil)[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.Resources_meta.value", "%7B%7D");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.Resources_nextCheck.expiration", "Fri Jan 31 2014 18:57:16 GMT-0200 (Hora oficial do Br[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.Resources_nextCheck.value", "true");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.Resources_queue.value", "%7B%7D");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficia[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.__defualt_browser__.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Br[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.__defualt_browser__.value", "%22ie%22");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil)");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%2202D34CC6[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.lastDailyReport", "1391180235645");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.lastUpdate", "1391180236827");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.manifesturl", "");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.name", "Feven 2.1");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.newtab", "");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.opensearch", "");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/49010/plugins/093/ff/plugins.json");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.pluginsversion", 20);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.publisher", "Feven");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.searchstatus", 0);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.setnewtab", false);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.thankyou", "");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.updateinterval", 360);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.ver", 25);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.FilesValidatorDueTime", "1391180287545");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.apps", "49010");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.bic", "143e098497dafa399cf4d53420c16123");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.cid", 49010);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.firstrun", false);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.hadappinstalled", true);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.installationdate", 1391042513);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.modetype", "production");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.reportInstall", true);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.statsDailyCounter", 4);
Linha deletada : user_pref("extensions.crossrider.bic", "143e098497dafa399cf4d53420c16123");
Linha deletada : user_pref("extensions.mysearchdial.aflt", "irmsd103");
Linha deletada : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Linha deletada : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1Qzu0FtB0D0Fzy0A0CyEzyzzzy0EtCtBzytAtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1QtCtDtA");
Linha deletada : user_pref("extensions.mysearchdial.cr", "228782320");
Linha deletada : user_pref("extensions.mysearchdial.dfltLng", "");
Linha deletada : user_pref("extensions.mysearchdial.dfltSrch", true);
Linha deletada : user_pref("extensions.mysearchdial.dnsErr", true);
Linha deletada : user_pref("extensions.mysearchdial.excTlbr", false);
Linha deletada : user_pref("extensions.mysearchdial.hmpg", true);
Linha deletada : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=irmsd103&cd=2XzuyEtN2Y1L1Qzu0FtB0D0Fzy0A0CyEzyzzzy0EtCtBzytAtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1[...]
Linha deletada : user_pref("extensions.mysearchdial.id", "F2DF9AC4989E1293");
Linha deletada : user_pref("extensions.mysearchdial.instlDay", "16018");
Linha deletada : user_pref("extensions.mysearchdial.instlRef", "");
Linha deletada : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=irmsd103&cd=2XzuyEtN2Y1L1Qzu0FtB0D0Fzy0A0CyEzyzzzy0EtCtBzytAtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1[...]
Linha deletada : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Linha deletada : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Linha deletada : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Linha deletada : user_pref("extensions.mysearchdial.tlbrId", "base");
Linha deletada : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=irmsd103&cd=2XzuyEtN2Y1L1Qzu0FtB0D0Fzy0A0CyEzyzzzy0EtCtBzytAtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1[...]
Linha deletada : user_pref("extensions.mysearchdial.vrsn", "1.8.21.0");
Linha deletada : user_pref("extensions.mysearchdial.vrsni", "1.8.21.0");
Linha deletada : user_pref("extensions.mysearchdial_i.hmpg", true);
Linha deletada : user_pref("extensions.mysearchdial_i.newTab", false);
Linha deletada : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Linha deletada : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.21.020:49:45");
-\\ Google Chrome v32.0.1700.102
[ Arquivo : C:\Users\Luciano\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deletedo : search_url
*************************
AdwCleaner[R0].txt - [31067 octets] - [31/01/2014 23:23:12]
AdwCleaner[S0].txt - [28993 octets] - [31/01/2014 23:24:56]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [29054 octets] ##########
# Atualizado 28/01/2014 por Xplode
# Sistema Operacional : Windows 7 Home Basic Service Pack 1 (64 bits)
# Usuário : Luciano - LUCIANO-NOTBOOK
# Executando de : C:\Users\Luciano\Desktop\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\Babylon
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\BonanzaDealsLive
Pasta Deletada : C:\ProgramData\boost_interprocess
Pasta Deletada : C:\ProgramData\Partner
Pasta Deletada : C:\Program Files (x86)\BrowseFox
Pasta Deletada : C:\Program Files (x86)\Conduit
Pasta Deletada : C:\Program Files (x86)\Plus-HD-2.3
Pasta Deletada : C:\Program Files (x86)\Feven 2.1
Pasta Deletada : C:\Users\Luciano\AppData\Local\Babylon
Pasta Deletada : C:\Users\Luciano\AppData\Local\BonanzaDealsLive
Pasta Deletada : C:\Users\Luciano\AppData\Local\Conduit
Pasta Deletada : C:\Users\Luciano\AppData\Local\Temp\BrowseFox
Pasta Deletada : C:\Users\Luciano\AppData\Local\Temp\Iminent
Pasta Deletada : C:\Users\Luciano\AppData\LocalLow\BabylonToolbar
Pasta Deletada : C:\Users\Luciano\AppData\LocalLow\Conduit
Pasta Deletada : C:\Users\Luciano\AppData\LocalLow\Mysearchdial
Pasta Deletada : C:\Users\Luciano\AppData\LocalLow\PriceGong
Pasta Deletada : C:\Users\Luciano\AppData\Roaming\BabSolution
Pasta Deletada : C:\Users\Luciano\AppData\Roaming\Babylon
Pasta Deletada : C:\Users\Luciano\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Luciano\AppData\Roaming\Mysearchdial
Pasta Deletada : C:\Users\Luciano\AppData\Roaming\OpenCandy
Pasta Deletada : C:\Users\Luciano\AppData\Roaming\Systweak
Pasta Deletada : C:\Users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\zruauwh7.default\Extensions\7ff584eb-e54c-4c25-92b1-0b16f66d6752@5724dab3-50f4-4dee-85c3-3e3ec8e28f73.com
Pasta Deletada : C:\Users\Luciano\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Pasta Deletada : C:\Users\Luciano\AppData\Local\Google\Chrome\User Data\Default\Extensions\kimedffepcmacncbmlhhgnpchdhlanjj
Arquivo Deletada : C:\windows\System32\roboot64.exe
Arquivo Deletada : C:\Users\Luciano\AppData\Local\Temp\Searchqu.ini
Arquivo Deletada : C:\Users\Luciano\AppData\Local\Temp\searchqutoolbar-manifest.xml
Arquivo Deletada : C:\Users\Luciano\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
Arquivo Deletada : C:\Users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\zruauwh7.default\searchplugins\Mysearchdial.xml
Arquivo Deletada : C:\Users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\zruauwh7.default\user.js
Arquivo Deletada : C:\Program Files (x86)\Mozilla Firefox\user.js
Arquivo Deletada : C:\windows\System32\Tasks\EPUpdater
Arquivo Deletada : C:\windows\Tasks\MySearchDial.job
Arquivo Deletada : C:\windows\System32\Tasks\MySearchDial
Arquivo Deletada : C:\windows\Tasks\Feven 2.1-chromeinstaller.job
Arquivo Deletada : C:\windows\System32\Tasks\Feven 2.1-chromeinstaller
Arquivo Deletada : C:\windows\Tasks\Feven 2.1-codedownloader.job
Arquivo Deletada : C:\windows\System32\Tasks\Feven 2.1-codedownloader
Arquivo Deletada : C:\windows\Tasks\Feven 2.1-enabler.job
Arquivo Deletada : C:\windows\System32\Tasks\Feven 2.1-enabler
Arquivo Deletada : C:\windows\Tasks\Feven 2.1-firefoxinstaller.job
Arquivo Deletada : C:\windows\System32\Tasks\Feven 2.1-firefoxinstaller
Arquivo Deletada : C:\windows\Tasks\Feven 2.1-updater.job
Arquivo Deletada : C:\windows\System32\Tasks\Feven 2.1-updater
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\aipfmkinhleccnodemkoofnnofpbbpac
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Chave Deletedo : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chave Deletedo : HKLM\SOFTWARE\Classes\escort.escortIEPane
Chave Deletedo : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc.1
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd.1
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0049010.BHO
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0049010.BHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0049010.Sandbox
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0049010.Sandbox.1
Chave Deletedo : HKCU\Software\5e4db8fb53ee542
Chave Deletedo : HKLM\SOFTWARE\5e4db8fb53ee542
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar.CT2851643
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_openal_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_openal_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{82E74373-58AB-47EB-B0F0-A1D82BB8EB5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411901110}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455905510}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466906610}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444904410}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411901110}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411901110}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411901110}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{BB9817CA-9B43-41EB-8706-44847957338D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455905510}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466906610}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411901110}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}
Chave Deletedo : HKCU\Software\1ClickDownload
Chave Deletedo : HKCU\Software\BabSolution
Chave Deletedo : HKCU\Software\BonanzaDealsLive
Chave Deletedo : HKCU\Software\BrowserMngr
Chave Deletedo : HKCU\Software\Conduit
Chave Deletedo : HKCU\Software\DataMngr
[#] Chave Deletedo : HKCU\Software\DataMngr_Toolbar
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\installedbrowserextensions
Chave Deletedo : HKCU\Software\mysearchdial
Chave Deletedo : HKCU\Software\mysearchdial.com
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\systweak
Chave Deletedo : HKCU\Software\TutoTag
Chave Deletedo : HKCU\Software\UpdateStar
Chave Deletedo : HKCU\Software\AppDataLow\Software\Conduit
Chave Deletedo : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Chave Deletedo : HKCU\Software\AppDataLow\Software\Crossrider
Chave Deletedo : HKCU\Software\AppDataLow\Software\Plus-HD-2.3
Chave Deletedo : HKCU\Software\AppDataLow\Software\PriceGong
Chave Deletedo : HKCU\Software\AppDataLow\Software\smartbar
Chave Deletedo : HKCU\Software\AppDataLow\Software\Feven 2.1
Chave Deletedo : HKLM\Software\Babylon
Chave Deletedo : HKLM\Software\BonanzaDealsLive
Chave Deletedo : HKLM\Software\BrowserMngr
Chave Deletedo : HKLM\Software\Conduit
Chave Deletedo : HKLM\Software\DataMngr
Chave Deletedo : HKLM\Software\FreeSoftToday
Chave Deletedo : HKLM\Software\InstallCore
Chave Deletedo : HKLM\Software\mysearchdial
Chave Deletedo : HKLM\Software\Tutorials
Chave Deletedo : HKLM\Software\Feven 2.1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search-Gol Chrome Toolbar
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Feven 2.1
Chave Deletedo : [x64] HKLM\SOFTWARE\DataMngr
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.16428
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
-\\ Mozilla Firefox v26.0 (pt-BR)
[ Arquivo : C:\Users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\zruauwh7.default\prefs.js ]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.InstallationThankYouPage", true);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.InstallationTime", 1391042478);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.active", true);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.addressbar", "NA");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.addressbarenhanced", "");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.asyncdb.was_copied", "true");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.asyncdb_dbWasSet", true);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.asyncdb_dbWasSet_FF25_FIX", true);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.asyncinternaldb.was_copied", "true");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.asyncinternaldb_dbWasSet", true);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.asyncinternaldb_dbWasSet_FF25_FIX", true);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.backgroundver", 1);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.certdomaininstaller", "");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.changeprevious", false);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil)")[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.cookie.InstallationTime.value", "%221391042478%22");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil)");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22000850%22%2C%22sub_id%22%3A%220%22%2C%22uz[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil)");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.cookie._GPL_aoi.value", "%221391073611%22");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil)[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.cookie._GPL_parent_zoneid.value", "%22485146%22");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.cookie.jw_token.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil)");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.cookie.jw_token.value", "%22301131aa-0574-a6bb-e740-1cf248e83cab%22");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.description", "Feven 2.1");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.domain", "");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.enablesearch", false);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.homepage", "");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.iframe", false);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do B[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%2202D34CC689F04C4D9C0B5CC85F757[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22000850%22%2C%22sub_id%22%3A%220%22%2C%[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do B[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22000850%22%2C%22sub_id%22%3A%220%2[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora ofi[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A%2202D34CC689F04C4D9C0B[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasi[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.Resources_appVer.value", "25");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do [...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.Resources_lastVersion.value", "1");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil)[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.Resources_meta.value", "%7B%7D");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.Resources_nextCheck.expiration", "Fri Jan 31 2014 18:57:16 GMT-0200 (Hora oficial do Br[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.Resources_nextCheck.value", "true");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.Resources_queue.value", "%7B%7D");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficia[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.__defualt_browser__.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Br[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.__defualt_browser__.value", "%22ie%22");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200 (Hora oficial do Brasil)");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%2202D34CC6[...]
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.lastDailyReport", "1391180235645");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.lastUpdate", "1391180236827");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.manifesturl", "");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.name", "Feven 2.1");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.newtab", "");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.opensearch", "");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/49010/plugins/093/ff/plugins.json");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.pluginsversion", 20);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.publisher", "Feven");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.searchstatus", 0);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.setnewtab", false);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.thankyou", "");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.updateinterval", 360);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.49010.ver", 25);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.FilesValidatorDueTime", "1391180287545");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.apps", "49010");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.bic", "143e098497dafa399cf4d53420c16123");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.cid", 49010);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.firstrun", false);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.hadappinstalled", true);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.installationdate", 1391042513);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.modetype", "production");
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.reportInstall", true);
Linha deletada : user_pref("extensions.a7ff584ebe54c4c2592b10b16f66d67525724dab350f44dee85c33e3ec8e28f73com49010.statsDailyCounter", 4);
Linha deletada : user_pref("extensions.crossrider.bic", "143e098497dafa399cf4d53420c16123");
Linha deletada : user_pref("extensions.mysearchdial.aflt", "irmsd103");
Linha deletada : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Linha deletada : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1Qzu0FtB0D0Fzy0A0CyEzyzzzy0EtCtBzytAtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1QtCtDtA");
Linha deletada : user_pref("extensions.mysearchdial.cr", "228782320");
Linha deletada : user_pref("extensions.mysearchdial.dfltLng", "");
Linha deletada : user_pref("extensions.mysearchdial.dfltSrch", true);
Linha deletada : user_pref("extensions.mysearchdial.dnsErr", true);
Linha deletada : user_pref("extensions.mysearchdial.excTlbr", false);
Linha deletada : user_pref("extensions.mysearchdial.hmpg", true);
Linha deletada : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=irmsd103&cd=2XzuyEtN2Y1L1Qzu0FtB0D0Fzy0A0CyEzyzzzy0EtCtBzytAtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1[...]
Linha deletada : user_pref("extensions.mysearchdial.id", "F2DF9AC4989E1293");
Linha deletada : user_pref("extensions.mysearchdial.instlDay", "16018");
Linha deletada : user_pref("extensions.mysearchdial.instlRef", "");
Linha deletada : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=irmsd103&cd=2XzuyEtN2Y1L1Qzu0FtB0D0Fzy0A0CyEzyzzzy0EtCtBzytAtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1[...]
Linha deletada : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Linha deletada : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Linha deletada : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Linha deletada : user_pref("extensions.mysearchdial.tlbrId", "base");
Linha deletada : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=irmsd103&cd=2XzuyEtN2Y1L1Qzu0FtB0D0Fzy0A0CyEzyzzzy0EtCtBzytAtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1[...]
Linha deletada : user_pref("extensions.mysearchdial.vrsn", "1.8.21.0");
Linha deletada : user_pref("extensions.mysearchdial.vrsni", "1.8.21.0");
Linha deletada : user_pref("extensions.mysearchdial_i.hmpg", true);
Linha deletada : user_pref("extensions.mysearchdial_i.newTab", false);
Linha deletada : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Linha deletada : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.21.020:49:45");
-\\ Google Chrome v32.0.1700.102
[ Arquivo : C:\Users\Luciano\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deletedo : search_url
*************************
AdwCleaner[R0].txt - [31067 octets] - [31/01/2014 23:23:12]
AdwCleaner[S0].txt - [28993 octets] - [31/01/2014 23:24:56]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [29054 octets] ##########
Luciano Santos- Iniciante
- Mensagens : 14
Reputação : 0
Data de inscrição : 31/01/2014
Idade : 46
Localização : Camaquã- RS
Re: Como remover awesomehp???
Olá Luciano!
Siga, por gentileza, as dicas do tutorial abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste, por gentileza, o log do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt
Ficamos na espera.
Siga, por gentileza, as dicas do tutorial abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste, por gentileza, o log do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt
Ficamos na espera.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Como remover awesomehp???
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Basic x64
Ran by Luciano on 31/01/2014 at 23:49:58,88
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\messengerplusforskypeservice
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\plusservice
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{37211D63-CCE9-4780-B182-96538CFC6FED}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{8B9C4F32-044E-491C-893E-362CB8A679D5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CBC3E05C-F841-452A-A600-E8D8BBEA63D9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CBC3E05D-F841-452A-A600-E8D8BBEA63DA}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CF2BF214-9D1E-4803-9AEB-38552615FD40}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yuna software
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1560063537-2442310759-624858241-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\yuna software
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\msgplusforskype.animationpackage
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\msgplusforskype.skinpack
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\messenger plus! for skype
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220422902210}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220422902210}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6ADAA658-A5AE-B957-CF65-124084CF8472}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{887CBA99-2C67-40BC-AA85-93525B6B523F}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{1CEF2646-8D37-6254-48FD-282A666C7A0F}
~~~ Files
Successfully deleted: [File] "C:\Users\Luciano\appdata\locallow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\messenger plus! for skype"
Successfully deleted: [Folder] "C:\Program Files (x86)\free video converter"
Successfully deleted: [Folder] "C:\Program Files (x86)\yuna software"
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{03C9FE09-565F-459F-B12F-9583F28B8FB9}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{0415D8B7-0A6E-425B-B4AB-242779B0A266}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{07A63BD7-6D99-44C3-A41A-F8E7D6DDC002}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{0F418316-D9E4-40D1-869A-A787E47E3016}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{11F25835-0D6E-4DAF-94BB-5ADEAAE00C80}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{13C480CC-6A9B-40D6-B8E9-57515733619F}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{15441D93-1E09-4A64-9FCB-4BF985DFA4A2}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{17868031-C71C-48A7-B7C9-7FF6567999D5}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{19CE2B3F-6797-4582-AB51-DDA8F5869585}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{1BC302C4-ADBA-4E78-AF4C-887B1BB365D2}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{1F6CDACC-E3A4-42C0-913F-A362071C8E59}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{1FE60768-8810-4914-8FC3-DCDB1B10AA93}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{22246DA2-7634-4D58-96D4-2E56BEFAA493}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{28F39687-B5E7-41FB-B048-0F52569FA21A}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{291F1953-692B-4452-8BEE-BE297238E328}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{2C60B129-96CC-451A-9707-5C8724D02949}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{2CDFF4AA-1262-4DB1-915E-C7DA436CD308}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{2F875423-C880-4930-9592-337BD6196964}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{33E27CFC-E00B-41C2-A1B1-F95D0C1BA563}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{35FC868D-3FB1-46D8-B70A-B53900C11957}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{36E5D952-BBEB-4E5F-87B9-7913303A04BF}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{388904AE-E5ED-4D1C-870F-35F630FC8C64}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{3F1BE170-A3DE-4FF8-A0C2-1AF4FC4B26A8}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{41FA0382-C7AD-4798-AEF8-F41C86CD93D8}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{446E10D4-ABBD-4AAC-98A5-6920A141D9D2}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{46573A72-6082-4541-BA79-9530CF568492}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{4BE4BE51-579D-47DC-99C6-A8FD18287423}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{4F34CEB2-1B9D-4C7D-A7B9-6AA16FD812A3}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{543DEB38-E55C-4482-9694-2D9A7F1E29DA}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{550E6565-8182-4B78-B37E-40A07CED8A6B}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{55E2B657-C7EB-4E24-A734-FC4A057352EE}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{568D44AB-8B3F-4EF7-B43F-E86ABB02F9E9}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{5D1E2B60-5363-4686-9790-3644CC82D836}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{5D6B1E5E-1CBC-4F79-9849-412B4CEDE07F}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{5E4DF667-9435-44F2-8345-E94AC80BD0C1}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{602DC43C-8402-4CB4-AA88-BA65B346B3FE}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{618C7056-C98E-4E2C-A588-4BE587FECA08}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{6274940C-75B0-4E18-A2F2-CDBCAA8D295A}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{65CA8563-3E65-46E1-8CBD-12E437CC2C74}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{667D4248-81C6-463C-9195-998BCC544ED1}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{6CAE484C-13DB-4F6F-A830-786597FBB730}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{6DA82E7A-EBEC-4924-986D-25F9E0196F43}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{6F0C77BD-C187-47D6-8CC9-00C488032409}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{731739E6-6942-445F-A4A6-1CC57BFD7E4A}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{76FA67D1-CD11-460B-8DE0-84C2C77A2433}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{77CCF059-B73E-4918-8E93-DF5BB6DDA27E}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{79AE25C9-777D-43F4-A172-B1A839571B0A}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{7B5E44C5-6789-4E41-AA8A-2FE2D950D0E2}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{7C18295D-87A6-41CB-AC59-F1F3106F109A}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{7C67B51E-9A4E-4C3E-A318-5192FBDF7D72}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{7E43F7BA-865D-4163-985A-95603B6A50F1}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{82D5A6F2-67D0-4D2E-8DE2-139D20974719}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{87417323-358D-4E4F-8871-B113E2279299}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{88C703A2-1217-4B13-B633-DDC57D1C3B75}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{8B9C4A4C-4A10-46DA-BC91-F673D4EF8F77}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{8F138609-18F8-4EE6-94E6-F0157EE6DAF5}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{90483A9C-CC9B-42AD-BFA2-AC9B2840D893}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{905CFC75-8A42-475C-B5D6-EF66BAA60166}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{94673F9C-312B-4EA2-ADB1-548DEF5F1E9B}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{95A015FD-9B56-447A-B2B2-25B000020A60}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{96235625-501F-498B-8793-A33E338A943F}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{9A0058F9-BB7F-423E-8D0F-B339D97FAF78}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{9BC298A8-B10A-4BE3-8386-62AFC3870C8C}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{A014313D-F00F-40D9-9D08-9816C6530A79}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{A01DF9C4-CFE8-4543-85A3-21C16BD0D4A7}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{A350C793-9120-4FE8-AB72-31700825D625}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{A7615806-8C06-4304-BB02-04BDBC787CEE}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{A9DC8CBA-E004-4B6E-8ED8-13FF5196FE83}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{B42A7FCD-99CA-4011-8C9D-D71C6E260E9E}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{B640C9F7-921F-4AD8-A8D2-873B7ADD15C3}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{B8662138-3A82-45A4-BA43-4331695A3863}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{BF151AC4-F8B1-4C33-95AC-A1621341C3DB}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{C014D124-4D6B-4C3C-AA40-5EF34653B67B}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{C1CD30B4-877D-4B1B-90E0-207838D4FED7}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{C7EA96A4-032F-4D46-83C9-23AAF254314C}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{C93091C0-DAC8-4CE7-B6D5-D2AAA1DAE004}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{CFD41704-EF65-4D93-8BD5-C047983EA94A}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{D1478D47-E00D-4F17-8359-AE550520E4DE}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{D2EE78DC-C114-48CE-B66F-B13FF888BD6F}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{D5211140-8875-4588-905C-A6B921719E32}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{D53A8E87-2C0F-4460-AC82-6300A487B4C3}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{D843826B-778F-4916-9ECE-53039A23FD94}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{E133BCEB-870D-4490-BD2E-A2594EE24BE8}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{E4DA2B0C-E078-4179-B9B6-248C92B27ABF}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{E8072230-B841-45C6-A9B7-879252C7690D}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{F063513E-5418-444D-BFA6-990F2435E2D5}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{F158A941-6C68-481D-838A-6ABB48AAFA16}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{F4343F1D-96D1-447E-8201-344181EB91E3}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{F751027A-1B42-4F9F-B2EB-FF27FD875E78}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{F9E73964-8477-4612-91B2-B9AEB5460013}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{FD9C2DB7-0208-4E7F-A8C8-C219AD5CB33C}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{FDBAB745-F51E-4753-A166-444578DD9E82}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{FEC572F3-C26F-4EA8-88D5-A0F102B5D545}
~~~ FireFox
Successfully deleted: [File] C:\user.js
Emptied folder: C:\Users\Luciano\AppData\Roaming\mozilla\firefox\profiles\zruauwh7.default\minidumps [29 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31/01/2014 at 23:58:14,48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Basic x64
Ran by Luciano on 31/01/2014 at 23:49:58,88
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\messengerplusforskypeservice
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\plusservice
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{37211D63-CCE9-4780-B182-96538CFC6FED}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{8B9C4F32-044E-491C-893E-362CB8A679D5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CBC3E05C-F841-452A-A600-E8D8BBEA63D9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CBC3E05D-F841-452A-A600-E8D8BBEA63DA}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CF2BF214-9D1E-4803-9AEB-38552615FD40}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yuna software
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1560063537-2442310759-624858241-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\yuna software
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\msgplusforskype.animationpackage
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\msgplusforskype.skinpack
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\messenger plus! for skype
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220422902210}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220422902210}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6ADAA658-A5AE-B957-CF65-124084CF8472}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{887CBA99-2C67-40BC-AA85-93525B6B523F}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{1CEF2646-8D37-6254-48FD-282A666C7A0F}
~~~ Files
Successfully deleted: [File] "C:\Users\Luciano\appdata\locallow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\messenger plus! for skype"
Successfully deleted: [Folder] "C:\Program Files (x86)\free video converter"
Successfully deleted: [Folder] "C:\Program Files (x86)\yuna software"
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{03C9FE09-565F-459F-B12F-9583F28B8FB9}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{0415D8B7-0A6E-425B-B4AB-242779B0A266}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{07A63BD7-6D99-44C3-A41A-F8E7D6DDC002}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{0F418316-D9E4-40D1-869A-A787E47E3016}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{11F25835-0D6E-4DAF-94BB-5ADEAAE00C80}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{13C480CC-6A9B-40D6-B8E9-57515733619F}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{15441D93-1E09-4A64-9FCB-4BF985DFA4A2}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{17868031-C71C-48A7-B7C9-7FF6567999D5}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{19CE2B3F-6797-4582-AB51-DDA8F5869585}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{1BC302C4-ADBA-4E78-AF4C-887B1BB365D2}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{1F6CDACC-E3A4-42C0-913F-A362071C8E59}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{1FE60768-8810-4914-8FC3-DCDB1B10AA93}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{22246DA2-7634-4D58-96D4-2E56BEFAA493}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{28F39687-B5E7-41FB-B048-0F52569FA21A}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{291F1953-692B-4452-8BEE-BE297238E328}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{2C60B129-96CC-451A-9707-5C8724D02949}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{2CDFF4AA-1262-4DB1-915E-C7DA436CD308}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{2F875423-C880-4930-9592-337BD6196964}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{33E27CFC-E00B-41C2-A1B1-F95D0C1BA563}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{35FC868D-3FB1-46D8-B70A-B53900C11957}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{36E5D952-BBEB-4E5F-87B9-7913303A04BF}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{388904AE-E5ED-4D1C-870F-35F630FC8C64}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{3F1BE170-A3DE-4FF8-A0C2-1AF4FC4B26A8}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{41FA0382-C7AD-4798-AEF8-F41C86CD93D8}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{446E10D4-ABBD-4AAC-98A5-6920A141D9D2}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{46573A72-6082-4541-BA79-9530CF568492}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{4BE4BE51-579D-47DC-99C6-A8FD18287423}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{4F34CEB2-1B9D-4C7D-A7B9-6AA16FD812A3}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{543DEB38-E55C-4482-9694-2D9A7F1E29DA}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{550E6565-8182-4B78-B37E-40A07CED8A6B}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{55E2B657-C7EB-4E24-A734-FC4A057352EE}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{568D44AB-8B3F-4EF7-B43F-E86ABB02F9E9}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{5D1E2B60-5363-4686-9790-3644CC82D836}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{5D6B1E5E-1CBC-4F79-9849-412B4CEDE07F}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{5E4DF667-9435-44F2-8345-E94AC80BD0C1}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{602DC43C-8402-4CB4-AA88-BA65B346B3FE}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{618C7056-C98E-4E2C-A588-4BE587FECA08}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{6274940C-75B0-4E18-A2F2-CDBCAA8D295A}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{65CA8563-3E65-46E1-8CBD-12E437CC2C74}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{667D4248-81C6-463C-9195-998BCC544ED1}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{6CAE484C-13DB-4F6F-A830-786597FBB730}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{6DA82E7A-EBEC-4924-986D-25F9E0196F43}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{6F0C77BD-C187-47D6-8CC9-00C488032409}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{731739E6-6942-445F-A4A6-1CC57BFD7E4A}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{76FA67D1-CD11-460B-8DE0-84C2C77A2433}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{77CCF059-B73E-4918-8E93-DF5BB6DDA27E}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{79AE25C9-777D-43F4-A172-B1A839571B0A}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{7B5E44C5-6789-4E41-AA8A-2FE2D950D0E2}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{7C18295D-87A6-41CB-AC59-F1F3106F109A}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{7C67B51E-9A4E-4C3E-A318-5192FBDF7D72}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{7E43F7BA-865D-4163-985A-95603B6A50F1}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{82D5A6F2-67D0-4D2E-8DE2-139D20974719}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{87417323-358D-4E4F-8871-B113E2279299}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{88C703A2-1217-4B13-B633-DDC57D1C3B75}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{8B9C4A4C-4A10-46DA-BC91-F673D4EF8F77}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{8F138609-18F8-4EE6-94E6-F0157EE6DAF5}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{90483A9C-CC9B-42AD-BFA2-AC9B2840D893}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{905CFC75-8A42-475C-B5D6-EF66BAA60166}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{94673F9C-312B-4EA2-ADB1-548DEF5F1E9B}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{95A015FD-9B56-447A-B2B2-25B000020A60}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{96235625-501F-498B-8793-A33E338A943F}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{9A0058F9-BB7F-423E-8D0F-B339D97FAF78}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{9BC298A8-B10A-4BE3-8386-62AFC3870C8C}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{A014313D-F00F-40D9-9D08-9816C6530A79}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{A01DF9C4-CFE8-4543-85A3-21C16BD0D4A7}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{A350C793-9120-4FE8-AB72-31700825D625}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{A7615806-8C06-4304-BB02-04BDBC787CEE}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{A9DC8CBA-E004-4B6E-8ED8-13FF5196FE83}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{B42A7FCD-99CA-4011-8C9D-D71C6E260E9E}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{B640C9F7-921F-4AD8-A8D2-873B7ADD15C3}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{B8662138-3A82-45A4-BA43-4331695A3863}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{BF151AC4-F8B1-4C33-95AC-A1621341C3DB}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{C014D124-4D6B-4C3C-AA40-5EF34653B67B}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{C1CD30B4-877D-4B1B-90E0-207838D4FED7}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{C7EA96A4-032F-4D46-83C9-23AAF254314C}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{C93091C0-DAC8-4CE7-B6D5-D2AAA1DAE004}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{CFD41704-EF65-4D93-8BD5-C047983EA94A}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{D1478D47-E00D-4F17-8359-AE550520E4DE}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{D2EE78DC-C114-48CE-B66F-B13FF888BD6F}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{D5211140-8875-4588-905C-A6B921719E32}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{D53A8E87-2C0F-4460-AC82-6300A487B4C3}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{D843826B-778F-4916-9ECE-53039A23FD94}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{E133BCEB-870D-4490-BD2E-A2594EE24BE8}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{E4DA2B0C-E078-4179-B9B6-248C92B27ABF}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{E8072230-B841-45C6-A9B7-879252C7690D}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{F063513E-5418-444D-BFA6-990F2435E2D5}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{F158A941-6C68-481D-838A-6ABB48AAFA16}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{F4343F1D-96D1-447E-8201-344181EB91E3}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{F751027A-1B42-4F9F-B2EB-FF27FD875E78}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{F9E73964-8477-4612-91B2-B9AEB5460013}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{FD9C2DB7-0208-4E7F-A8C8-C219AD5CB33C}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{FDBAB745-F51E-4753-A166-444578DD9E82}
Successfully deleted: [Empty Folder] C:\Users\Luciano\appdata\local\{FEC572F3-C26F-4EA8-88D5-A0F102B5D545}
~~~ FireFox
Successfully deleted: [File] C:\user.js
Emptied folder: C:\Users\Luciano\AppData\Roaming\mozilla\firefox\profiles\zruauwh7.default\minidumps [29 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31/01/2014 at 23:58:14,48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Luciano Santos- Iniciante
- Mensagens : 14
Reputação : 0
Data de inscrição : 31/01/2014
Idade : 46
Localização : Camaquã- RS
Re: Como remover awesomehp???
Siga, por gentileza, as dicas deste tutorial para fazer uma limpeza de seu PC com o Malwarebytes:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Na sua próxima resposta poste este log do Malwarebytes.
Ficamos no aguardo.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Na sua próxima resposta poste este log do Malwarebytes.
Ficamos no aguardo.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Como remover awesomehp???
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Versão da Base de Dados: v2014.02.01.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Luciano :: LUCIANO-NOTBOOK [administrador]
Proteção: Permitir
01/02/2014 00:43:29
mbam-log-2014-02-01 (00-43-29).txt
Tipo de Verificação: Verificação Completa (C:\|D:\|F:\|G:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 361548
Tempo decorrido: 57 minuto(s), 6 segundo(s)
Processos de Memória Detectados: 1
C:\ProgramData\WPM\wprotectmanager.exe (PUP.Optional.WpManager.A) -> 1564 -> Será deletado na próxima inicialização.
Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)
Chaves de Registro Detectadas: 13
HKCR\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} (PUP.Optional.MySearchDial.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} (PUP.Optional.MySearchDial.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} (PUP.Optional.MySearchDial.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\Typelib\{FBC322D5-407E-4854-8C0B-555B951FD8E3} (PUP.Optional.MySearchDial.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671} (PUP.Optional.MySearchDial.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B67B3DBB-C1C9-49D2-B016-2748B0B5017E} (PUP.Optional.BatBrowse.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B67B3DBB-C1C9-49D2-B016-2748B0B5017E} (PUP.Optional.BatBrowse.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player (PUP.Optional.InstallCore) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SYSTEM\CurrentControlSet\Services\Wpm (PUP.Optional.WpManager.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WPM (PUP.Optional.WpManager.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\BatBrowse (PUP.Optional.BatBrowse.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\BatBrowse (PUP.Optional.BatBrowse.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SYSTEM\CurrentControlSet\Services\Update BatBrowse (PUP.Optional.BatBrowse.A) -> Enviado para a Quarentena e deletado com sucesso.
Valores de Registro Detectadas: 1
HKLM\SYSTEM\CurrentControlSet\Services\Wpm|ImagePath (PUP.Optional.WpManager.A) -> Data: C:\ProgramData\WPM\wprotectmanager.exe -service -> Enviado para a Quarentena e deletado com sucesso.
Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
Pastas Detectadas: 5
C:\Users\Luciano\AppData\Local\Temp\mt_ffx\BabylonToolbar (PUP.Optional.BabylonToolbar.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\mt_ffx\BabylonToolbar\BabylonToolbar (PUP.Optional.BabylonToolbar.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\mt_ffx\BabylonToolbar\BabylonToolbar\1.6.9.12 (PUP.Optional.BabylonToolbar.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\Bench\Updater (PUP.Optional.AdwarePlugin) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\Bench\Updater\1.7.0.0 (PUP.Optional.AdwarePlugin) -> Enviado para a Quarentena e deletado com sucesso.
Arquivos Detectados: 46
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseFox\BrowseFoxBHO.dll.vir (PUP.Optional.BrowseFox.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir (PUP.Optional.Conduit) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 2.1\Feven 2.1-bg.exe.vir (PUP.Optional.Feven.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 2.1\Feven 2.1-bho.dll.vir (PUP.Optional.Feven.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 2.1\Feven 2.1-bho64.dll.vir (PUP.Optional.Feven.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 2.1\Feven 2.1-chromeinstaller.exe.vir (PUP.Optional.Feven.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 2.1\Feven 2.1-codedownloader.exe.vir (PUP.Optional.Feven.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 2.1\Feven 2.1-enabler.exe.vir (PUP.Optional.Feven.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 2.1\Feven 2.1-firefoxinstaller.exe.vir (PUP.Optional.Feven.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 2.1\Feven 2.1-updater.exe.vir (PUP.Optional.Feven.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-bho.dll.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-bho64.dll.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Luciano\AppData\Local\Temp\SetupDataMngr_Searchqu.exe.vir (PUP.Optional.Bandoo.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Luciano\AppData\Roaming\Mysearchdial\UpdateProc\UpdateTask.exe.vir (PUP.Optional.MySearchDial.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Luciano\AppData\Roaming\OpenCandy\2767FA5596E44924944FA00D430C9479\LatestDLMgr.exe.vir (PUP.Optional.OpenCandy.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Luciano\AppData\Roaming\OpenCandy\E0968FCCEB0547308379ECA9DCC9AEDC\LatestDLMgr.exe.vir (PUP.Optional.OpenCandy.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Luciano\AppData\Roaming\OpenCandy\E0968FCCEB0547308379ECA9DCC9AEDC\SearchGolTB.exe.vir (PUP.Optional.PCFixSpeed.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\Bench\Updater\1.7.0.0\updater.exe (PUP.Optional.Adwareplugin) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\FLV Player\FLVPlayer.exe (PUP.Optional.InstallCore) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\FLV Player\Uninstall\__Uninstall_.exe (PUP.Optional.InstallCore) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BTT8V5LB\rcpsetup17970[1].exe (PUP.Optional.RegCleanerPro) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\2_79sP7a.exe.part (Adware.Agent) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\5iHs7yQ0.exe.part (Adware.Agent) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\bhsAC79.tmp (PUP.Optional.BundleInstaller.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\tP3cT+S+.exe.part (Adware.Agent) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\bf62d253-df6a-4be5-9e8b-39fef1a8b7a9\software\Freesofttoday.exe (Adware.EoRezo) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\D3CC50C0-BAB0-7891-8D3E-3405A94B2299\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\D3CC50C0-BAB0-7891-8D3E-3405A94B2299\Latest\ccp.exe (PUP.Optional.Conduit.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\D3CC50C0-BAB0-7891-8D3E-3405A94B2299\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\D3CC50C0-BAB0-7891-8D3E-3405A94B2299\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\fullpackage_temp1391042492\package1.zip (PUP.Optional.SkyTech.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\fullpackage_temp1391042492\QQBrowserFrame.dll (PUP.Optional.SkyTech.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\is-3KHQ2.tmp\InstallManager.exe (PUP.Optional.InstallMonetizer.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\is-3KHQ2.tmp\InstallManagerNS.exe (PUP.Optional.InstallMonetizer.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\is1412836710\3988676_stp\BatBrowseSetup.exe (PUP.Optional.BatBrowse.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\is701137889\MyBabylonTB.exe (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\is701137889\234470_stp\plus-hd-BRchannel1.exe (PUP.Optional.CrossRider) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\is701137889\7000736_stp\bd.exe (PUP.Optional.BonanzaDeals.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\Documents\XBOX\SetupImgBurn_2.5.8.0.exe (PUP.Optional.OpenCandy) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\mysearchdial-speeddial.crx (PUP.Optional.MySearchDial.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Windows\Tasks\bench-sys.job (PUP.Optional.BenchUpdater.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Windows\Tasks\bench-Updater removing.job (PUP.Optional.BenchUpdater.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage (PUP.Optional.FunMoods.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\ProgramData\WPM\wprotectmanager.exe (PUP.Optional.WpManager.A) -> Será deletado na próxima inicialização.
C:\Program Files (x86)\Bench\Updater\products.xml (PUP.Optional.AdwarePlugin) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\Bench\Updater\updater.exe (PUP.Optional.AdwarePlugin) -> Enviado para a Quarentena e deletado com sucesso.
(fim)
E tem mais esse Log,
2014/02/01 00:40:50 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Starting protection
2014/02/01 00:40:50 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Protection started successfully
2014/02/01 00:40:50 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Starting IP protection
2014/02/01 00:41:06 -0200 LUCIANO-NOTBOOK Luciano MESSAGE IP Protection started successfully
2014/02/01 00:42:25 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Starting database refresh
2014/02/01 00:42:25 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Stopping IP protection
2014/02/01 00:42:29 -0200 LUCIANO-NOTBOOK Luciano MESSAGE IP Protection stopped successfully
2014/02/01 00:42:31 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Database refreshed successfully
2014/02/01 00:42:31 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Starting IP protection
2014/02/01 00:42:33 -0200 LUCIANO-NOTBOOK Luciano MESSAGE IP Protection started successfully
2014/02/01 01:27:10 -0200 LUCIANO-NOTBOOK Luciano IP-BLOCK 174.36.200.164 (Type: outgoing, Port: 49501, Process: wprotectmanager.exe)
2014/02/01 01:38:12 -0200 LUCIANO-NOTBOOK Luciano IP-BLOCK 174.36.200.164 (Type: outgoing, Port: 49518, Process: pluginservice.exe)
2014/02/01 06:55:32 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Executing scheduled update: Daily
2014/02/01 06:55:53 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Scheduled update executed successfully: database updated from version v2014.02.01.01 to version v2014.02.01.03
2014/02/01 06:55:53 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Starting database refresh
2014/02/01 06:55:53 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Stopping IP protection
2014/02/01 06:55:54 -0200 LUCIANO-NOTBOOK Luciano MESSAGE IP Protection stopped successfully
2014/02/01 06:55:56 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Database refreshed successfully
2014/02/01 06:55:56 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Starting IP protection
2014/02/01 06:55:58 -0200 LUCIANO-NOTBOOK Luciano MESSAGE IP Protection started successfully
2014/02/01 08:29:07 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Starting protection
2014/02/01 08:29:07 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Protection started successfully
2014/02/01 08:29:07 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Starting IP protection
2014/02/01 08:29:10 -0200 LUCIANO-NOTBOOK Luciano MESSAGE IP Protection started successfully
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Versão da Base de Dados: v2014.02.01.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Luciano :: LUCIANO-NOTBOOK [administrador]
Proteção: Permitir
01/02/2014 00:43:29
mbam-log-2014-02-01 (00-43-29).txt
Tipo de Verificação: Verificação Completa (C:\|D:\|F:\|G:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 361548
Tempo decorrido: 57 minuto(s), 6 segundo(s)
Processos de Memória Detectados: 1
C:\ProgramData\WPM\wprotectmanager.exe (PUP.Optional.WpManager.A) -> 1564 -> Será deletado na próxima inicialização.
Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)
Chaves de Registro Detectadas: 13
HKCR\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} (PUP.Optional.MySearchDial.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} (PUP.Optional.MySearchDial.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} (PUP.Optional.MySearchDial.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\Typelib\{FBC322D5-407E-4854-8C0B-555B951FD8E3} (PUP.Optional.MySearchDial.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671} (PUP.Optional.MySearchDial.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B67B3DBB-C1C9-49D2-B016-2748B0B5017E} (PUP.Optional.BatBrowse.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B67B3DBB-C1C9-49D2-B016-2748B0B5017E} (PUP.Optional.BatBrowse.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player (PUP.Optional.InstallCore) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SYSTEM\CurrentControlSet\Services\Wpm (PUP.Optional.WpManager.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WPM (PUP.Optional.WpManager.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\BatBrowse (PUP.Optional.BatBrowse.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\BatBrowse (PUP.Optional.BatBrowse.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SYSTEM\CurrentControlSet\Services\Update BatBrowse (PUP.Optional.BatBrowse.A) -> Enviado para a Quarentena e deletado com sucesso.
Valores de Registro Detectadas: 1
HKLM\SYSTEM\CurrentControlSet\Services\Wpm|ImagePath (PUP.Optional.WpManager.A) -> Data: C:\ProgramData\WPM\wprotectmanager.exe -service -> Enviado para a Quarentena e deletado com sucesso.
Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
Pastas Detectadas: 5
C:\Users\Luciano\AppData\Local\Temp\mt_ffx\BabylonToolbar (PUP.Optional.BabylonToolbar.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\mt_ffx\BabylonToolbar\BabylonToolbar (PUP.Optional.BabylonToolbar.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\mt_ffx\BabylonToolbar\BabylonToolbar\1.6.9.12 (PUP.Optional.BabylonToolbar.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\Bench\Updater (PUP.Optional.AdwarePlugin) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\Bench\Updater\1.7.0.0 (PUP.Optional.AdwarePlugin) -> Enviado para a Quarentena e deletado com sucesso.
Arquivos Detectados: 46
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseFox\BrowseFoxBHO.dll.vir (PUP.Optional.BrowseFox.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir (PUP.Optional.Conduit) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 2.1\Feven 2.1-bg.exe.vir (PUP.Optional.Feven.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 2.1\Feven 2.1-bho.dll.vir (PUP.Optional.Feven.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 2.1\Feven 2.1-bho64.dll.vir (PUP.Optional.Feven.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 2.1\Feven 2.1-chromeinstaller.exe.vir (PUP.Optional.Feven.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 2.1\Feven 2.1-codedownloader.exe.vir (PUP.Optional.Feven.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 2.1\Feven 2.1-enabler.exe.vir (PUP.Optional.Feven.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 2.1\Feven 2.1-firefoxinstaller.exe.vir (PUP.Optional.Feven.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 2.1\Feven 2.1-updater.exe.vir (PUP.Optional.Feven.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-bho.dll.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-bho64.dll.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Luciano\AppData\Local\Temp\SetupDataMngr_Searchqu.exe.vir (PUP.Optional.Bandoo.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Luciano\AppData\Roaming\Mysearchdial\UpdateProc\UpdateTask.exe.vir (PUP.Optional.MySearchDial.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Luciano\AppData\Roaming\OpenCandy\2767FA5596E44924944FA00D430C9479\LatestDLMgr.exe.vir (PUP.Optional.OpenCandy.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Luciano\AppData\Roaming\OpenCandy\E0968FCCEB0547308379ECA9DCC9AEDC\LatestDLMgr.exe.vir (PUP.Optional.OpenCandy.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Luciano\AppData\Roaming\OpenCandy\E0968FCCEB0547308379ECA9DCC9AEDC\SearchGolTB.exe.vir (PUP.Optional.PCFixSpeed.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\Bench\Updater\1.7.0.0\updater.exe (PUP.Optional.Adwareplugin) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\FLV Player\FLVPlayer.exe (PUP.Optional.InstallCore) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\FLV Player\Uninstall\__Uninstall_.exe (PUP.Optional.InstallCore) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BTT8V5LB\rcpsetup17970[1].exe (PUP.Optional.RegCleanerPro) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\2_79sP7a.exe.part (Adware.Agent) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\5iHs7yQ0.exe.part (Adware.Agent) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\bhsAC79.tmp (PUP.Optional.BundleInstaller.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\tP3cT+S+.exe.part (Adware.Agent) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\bf62d253-df6a-4be5-9e8b-39fef1a8b7a9\software\Freesofttoday.exe (Adware.EoRezo) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\D3CC50C0-BAB0-7891-8D3E-3405A94B2299\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\D3CC50C0-BAB0-7891-8D3E-3405A94B2299\Latest\ccp.exe (PUP.Optional.Conduit.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\D3CC50C0-BAB0-7891-8D3E-3405A94B2299\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\D3CC50C0-BAB0-7891-8D3E-3405A94B2299\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\fullpackage_temp1391042492\package1.zip (PUP.Optional.SkyTech.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\fullpackage_temp1391042492\QQBrowserFrame.dll (PUP.Optional.SkyTech.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\is-3KHQ2.tmp\InstallManager.exe (PUP.Optional.InstallMonetizer.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\is-3KHQ2.tmp\InstallManagerNS.exe (PUP.Optional.InstallMonetizer.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\is1412836710\3988676_stp\BatBrowseSetup.exe (PUP.Optional.BatBrowse.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\is701137889\MyBabylonTB.exe (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\is701137889\234470_stp\plus-hd-BRchannel1.exe (PUP.Optional.CrossRider) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Temp\is701137889\7000736_stp\bd.exe (PUP.Optional.BonanzaDeals.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\Documents\XBOX\SetupImgBurn_2.5.8.0.exe (PUP.Optional.OpenCandy) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\mysearchdial-speeddial.crx (PUP.Optional.MySearchDial.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Windows\Tasks\bench-sys.job (PUP.Optional.BenchUpdater.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Windows\Tasks\bench-Updater removing.job (PUP.Optional.BenchUpdater.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Luciano\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage (PUP.Optional.FunMoods.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\ProgramData\WPM\wprotectmanager.exe (PUP.Optional.WpManager.A) -> Será deletado na próxima inicialização.
C:\Program Files (x86)\Bench\Updater\products.xml (PUP.Optional.AdwarePlugin) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\Bench\Updater\updater.exe (PUP.Optional.AdwarePlugin) -> Enviado para a Quarentena e deletado com sucesso.
(fim)
E tem mais esse Log,
2014/02/01 00:40:50 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Starting protection
2014/02/01 00:40:50 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Protection started successfully
2014/02/01 00:40:50 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Starting IP protection
2014/02/01 00:41:06 -0200 LUCIANO-NOTBOOK Luciano MESSAGE IP Protection started successfully
2014/02/01 00:42:25 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Starting database refresh
2014/02/01 00:42:25 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Stopping IP protection
2014/02/01 00:42:29 -0200 LUCIANO-NOTBOOK Luciano MESSAGE IP Protection stopped successfully
2014/02/01 00:42:31 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Database refreshed successfully
2014/02/01 00:42:31 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Starting IP protection
2014/02/01 00:42:33 -0200 LUCIANO-NOTBOOK Luciano MESSAGE IP Protection started successfully
2014/02/01 01:27:10 -0200 LUCIANO-NOTBOOK Luciano IP-BLOCK 174.36.200.164 (Type: outgoing, Port: 49501, Process: wprotectmanager.exe)
2014/02/01 01:38:12 -0200 LUCIANO-NOTBOOK Luciano IP-BLOCK 174.36.200.164 (Type: outgoing, Port: 49518, Process: pluginservice.exe)
2014/02/01 06:55:32 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Executing scheduled update: Daily
2014/02/01 06:55:53 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Scheduled update executed successfully: database updated from version v2014.02.01.01 to version v2014.02.01.03
2014/02/01 06:55:53 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Starting database refresh
2014/02/01 06:55:53 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Stopping IP protection
2014/02/01 06:55:54 -0200 LUCIANO-NOTBOOK Luciano MESSAGE IP Protection stopped successfully
2014/02/01 06:55:56 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Database refreshed successfully
2014/02/01 06:55:56 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Starting IP protection
2014/02/01 06:55:58 -0200 LUCIANO-NOTBOOK Luciano MESSAGE IP Protection started successfully
2014/02/01 08:29:07 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Starting protection
2014/02/01 08:29:07 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Protection started successfully
2014/02/01 08:29:07 -0200 LUCIANO-NOTBOOK Luciano MESSAGE Starting IP protection
2014/02/01 08:29:10 -0200 LUCIANO-NOTBOOK Luciano MESSAGE IP Protection started successfully
Luciano Santos- Iniciante
- Mensagens : 14
Reputação : 0
Data de inscrição : 31/01/2014
Idade : 46
Localização : Camaquã- RS
Re: Como remover awesomehp???
Mais problemas foram removidos.
_______________________________________________
Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Copie todo este script que te passei e cole-o no espaço em branco do Zoek:
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
_______________________________________________
Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Copie todo este script que te passei e cole-o no espaço em branco do Zoek:
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
Zoek.exe is running now.
Do not start any browser windows, they will be closed automatically.
Please wait! This window will close when finished.
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Como remover awesomehp???
Boa tarde, entrei no link que tu passou e fiz o download, depois cliquei com o botão direito do mouse em "executar como administrador", mas ele não abre nada e tentei varias vezes, será que é o virus que não deixa abrir?, tentei no pc e tbm não abriu, o que eu faço?
Luciano Santos- Iniciante
- Mensagens : 14
Reputação : 0
Data de inscrição : 31/01/2014
Idade : 46
Localização : Camaquã- RS
Re: Como remover awesomehp???
ops.... agora deu!!! já post o log daqui a pouco.
Luciano Santos- Iniciante
- Mensagens : 14
Reputação : 0
Data de inscrição : 31/01/2014
Idade : 46
Localização : Camaquã- RS
Re: Como remover awesomehp???
Ok, fico na espera.Luciano Santos escreveu:ops.... agora deu!!! já post o log daqui a pouco.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como remover awesomehp???
Zoek.exe v5.0.0.0 Updated 31-January-2014
Tool run by Luciano on 01/02/2014 at 17:35:02,34.
Microsoft Windows 7 Home Basic 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Luciano\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
01/02/2014 17:39:28 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IePluginService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\IePluginService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\IePluginService deleted successfully
==== FireFox Fix ======================
Deleted from C:\Users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\zruauwh7.default\prefs.js:
user_pref("browser.startup.homepage", "C:\\Users\\Luciano\\Documents\\favoritos.htm");
user_pref("browser.newtab.url", "http://www.awesomehp.com/newtab/?type=nt&ts=1391042506&from=tugs&uid=WDCXWD3200BPVT-24ZEST0_WD-WX71A71Y8822Y8822");
user_pref("browser.search.defaultenginename", "awesomehp");
user_pref("browser.search.selectedEngine", "awesomehp");
Added to C:\Users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\zruauwh7.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\zruauwh7.default
user.js not found
---- Lines installCache" modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Program Files\\\\AVAST So
---- Lines mysearch removed from prefs.js ----
user_pref("extensions.irmysearch.aflt", "irmsd103");
user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1Qzu0FtB0D0Fzy0A0CyEzyzzzy0EtCtBzytAtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1Qt
user_pref("extensions.irmysearch.cr", "228782320");
user_pref("extensions.irmysearch.instlRef", "");
---- FireFox user.js and prefs.js backups ----
prefs_022014_1751_.backup
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command]
@="C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command]
@="C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]
@="C:\\Program Files\\Internet Explorer\\iexplore.exe"
==== Deleting Files \ Folders ======================
C:\ProgramData\OneKey Recovery deleted
C:\PROGRA~2\GUT3EA6.tmp deleted
C:\PROGRA~2\GUM3EA5.tmp deleted
C:\PROGRA~2\FileConverter_1.1 deleted
C:\PROGRA~2\Bench deleted
C:\PROGRA~2\SupTab deleted
C:\ProgramData\IePluginService deleted
C:\ProgramData\WPM deleted
C:\Users\Luciano\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx deleted
C:\windows\SysNative\tasks\Baidu PC Faster Update deleted
C:\windows\SysWow64\searchplugins deleted
C:\windows\SysWow64\Extensions deleted
"C:\PROGRA~2\Mozilla Firefox\searchplugins\awesomehp.xml" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"lightningnewtab@gmail.com"="C:\Users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\zruauwh7.default\extensions\lightningnewtab@gmail.com.xpi" [23/01/2014 01:56]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\zruauwh7.default
- Extension_Protected - %ProfilePath%\extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack.xpi
- leethax.net extension - %ProfilePath%\extensions\leethax@leethax.net.xpi
- Lightning Speed Dial - %ProfilePath%\extensions\lightningnewtab@gmail.com.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\zruauwh7.default
F891089A6AB9E12FEDEBCC5EC0F40D66 - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll - Shockwave Flash
FF0D6F82A0EC13952E83B9439100E45D - C:\Users\Luciano\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
==== Deleted Firefox Extensions ======================
C:\Users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\zruauwh7.default\extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack.xpi deleted
C:\Users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\zruauwh7.default\extensions\lightningnewtab@gmail.com.xpi deleted
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
ccncljhbalbbkkfgopogabimepmfkmff - C:\Program Files (x86)\BatBrowse\ccncljhbalbbkkfgopogabimepmfkmff.crx[]
pkndmigholgfjlniaohblojbhgjbkakn - C:\Users\Luciano\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx[]
Chrome In-App Payments service - Luciano\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
==== Chrome Fix ======================
C:\Users\Luciano\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ccncljhbalbbkkfgopogabimepmfkmff_0.localstorage deleted successfully
C:\Users\Luciano\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pkndmigholgfjlniaohblojbhgjbkakn_0.localstorage deleted successfully
C:\Users\Luciano\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\Users\Luciano\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Luciano\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== shortcuts on Users Desktops ======================
C:\Users\Default\Desktop\Cyberlink Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
C:\Users\Default\Desktop\OneKey Recovery.lnk - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\OneKey Recovery.exe
C:\Users\Default User\Desktop\Cyberlink Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
C:\Users\Default User\Desktop\OneKey Recovery.lnk - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\OneKey Recovery.exe
C:\Users\Luciano\Desktop\abgx360 GUI.lnk - C:\Program Files (x86)\abgx360\abgx360gui.exe
C:\Users\Luciano\Desktop\Audacity.lnk - C:\Program Files (x86)\Audacity\audacity.exe
C:\Users\Luciano\Desktop\Chicken Invaders 2.lnk - C:\Program Files (x86)\Chicken Invaders 2\ChickenInvaders2.exe
C:\Users\Luciano\Desktop\dora's ballet adventures - Atalho.lnk - D:\Games\Dora's Ballet Adventure Final\dora's ballet adventures.exe
C:\Users\Luciano\Desktop\Fishdom2 - Atalho.lnk - D:\Games\Fishdom 2 Premium Edition Em Português\Fishdom2.exe
C:\Users\Luciano\Desktop\Fishdom3 - Atalho.lnk - D:\Games\Fishdom 3 Collectors Edition\Fishdom3.exe
C:\Users\Luciano\Desktop\frd - Atalho.lnk - C:\Users\Luciano\Documents\Programas\FreeRapid-0.9u1\FreeRapid-0.9u1\frd.exe
C:\Users\Luciano\Desktop\Free Video Converter.lnk - C:\Program Files (x86)\Free Video Converter\FreeVideoConverter.exe
C:\Users\Luciano\Desktop\Gens - Atalho.lnk - D:\Games\Emulador Mega Drive\wgens099\Gens.exe
C:\Users\Luciano\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\Luciano\Desktop\GuerrillaBob - Atalho.lnk - D:\Games\Guerrilla Bob\GuerrillaBob.exe
C:\Users\Luciano\Desktop\Internet Explore.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\Luciano\Desktop\Lenovo PowerDVD 10.lnk - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVDLaunchPolicy.exe
C:\Users\Luciano\Desktop\mame64 - Atalho.lnk - D:\Games\Mame\mame64.exe
C:\Users\Luciano\Desktop\Pestering Birds.lnk - C:\Program Files (x86)\MyPlayCity.com\Pestering Birds\Pestering Birds.exe
C:\Users\Luciano\Desktop\Project64 1.6.lnk - C:\Program Files (x86)\Project64 1.6\Project64.exe
C:\Users\Luciano\Desktop\Remote Desktop Connection.lnk - C:\windows\system32\mstsc.exe
C:\Users\Luciano\Desktop\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Luciano\Desktop\ZY-BigCityAdventureLondon - Atalho.lnk - D:\Games\Big City Adventure - London Premium Edition PT\ZY-BigCityAdventureLondon.exe
C:\Users\Luciano\Desktop\µTorrent.lnk -
C:\Users\USURIO~1\Desktop\Cyberlink Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
C:\Users\USURIO~1\Desktop\OneKey Recovery.lnk - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\OneKey Recovery.exe
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Feeding Frenzy.lnk - C:\Program Files (x86)\GameHouse\FeedingFrenzy\FeedingFrenzy.exe
C:\Users\Public\Desktop\ImgBurn.lnk - C:\Program Files (x86)\ImgBurn\ImgBurn.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Mario Forever 5.01.lnk - C:\Program Files (x86)\softendo.com\Mario Forever 5.01\Mario Forever 5.0.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==== shortcuts in Users Start Menu ======================
C:\Users\Luciano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Video Converter.lnk - C:\Program Files (x86)\Free Video Converter\FreeVideoConverter.exe
C:\Users\Luciano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\Luciano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\Luciano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Energy Management\Help file.Lnk - C:\Program Files (x86)\Lenovo\Energy Management\Brz.chm
C:\Users\Luciano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Energy Management\Power management options.Lnk - C:\Program Files (x86)\Lenovo\Energy Management\Open EnergyManagement.exe
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk - C:\windows\Installer\{AC76BA86-7AD7-1046-7B44-AA1000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video Converter\Desinstalar Free Video Converter.lnk - C:\Program Files (x86)\Free Video Converter\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video Converter\Free Video Converter.lnk - C:\Program Files (x86)\Free Video Converter\FreeVideoConverter.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Luciano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FLV Player.lnk - C:\Program Files (x86)\FLV Player\FLVPlayer.exe
C:\Users\Luciano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free Video Converter.lnk - C:\Program Files (x86)\Free Video Converter\FreeVideoConverter.exe
C:\Users\Luciano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\Luciano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\Luciano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Pestering Birds.lnk - C:\Program Files (x86)\MyPlayCity.com\Pestering Birds\Pestering Birds.exe
C:\Users\Luciano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Luciano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Luciano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\Luciano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explore.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\Luciano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\windows\explorer.exe
C:\Users\Luciano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== shortcuts After Repair ======================
C:\Users\Luciano\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Luciano\Desktop\Internet Explore.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Luciano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Luciano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Luciano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Luciano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Luciano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explore.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ccncljhbalbbkkfgopogabimepmfkmff deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pkndmigholgfjlniaohblojbhgjbkakn deleted successfully
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Luciano\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Luciano\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Luciano\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\99H3R57U will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Users\Luciano\AppData\Local\Mozilla\Firefox\Profiles\zruauwh7.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Luciano\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=81 folders=12 11232410 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\Luciano\AppData\Local\Temp will be emptied at reboot
C:\windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\Luciano\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Luciano\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\99H3R57U" deleted
==== EOF on 01/02/2014 at 19:04:59,13 ======================
Luciano Santos- Iniciante
- Mensagens : 14
Reputação : 0
Data de inscrição : 31/01/2014
Idade : 46
Localização : Camaquã- RS
Re: Como remover awesomehp???
|- Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )
|- Salve-o no disco local! ( C ou D )
|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Execute o ícone do pergaminho. ( ZHPDiag )
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt
|- Salve-o no disco local! ( C ou D )
|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Execute o ícone do pergaminho. ( ZHPDiag )
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Como remover awesomehp???
~ Relatório do ZHPDiag v2014.1.25.26 - Nicolas Coolman (25/01/2014)
~ Iniciado por Luciano (02/02/2014 09:57:47)
~ Endereço do Website : http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.16476
MFIE: Mozilla Firefox 26.0
GCIE: Google Chrome v32.0.1700.102 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Basic, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
avast! Free Antivirus v9.0.2011
Malwarebytes Anti-Malware versão 1.75.0.1300
Windows Defender W7
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 51
---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4039 MB (56% free)
System Restore: Activé (Enable)
System drive C: has 150 GB (58%) free of 254 GB
---\\ Modo de conexão ao sistema
~ Computer Name: LUCIANO-NOTBOOK
~ User Name: Luciano
~ All Users Names: Luciano, HomeGroupUser$, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Luciano\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Luciano\AppData\Roaming\
~ %Desktop% : C:\Users\Luciano\Desktop\
~ %Favorites% : C:\Users\Luciano\Favorites\
~ %LocalAppData% : C:\Users\Luciano\AppData\Local\
~ %StartMenu% : C:\Users\Luciano\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 150 Go of 254 Go)
D: Hard drive, Flash drive, Thumb drive (Free 25 Go of 29 Go)
F: CD-ROM drive (Free 0 Go of 0 Go)
G: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application
~ Security Center: 49 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.13/09/2011 - 21:39:02.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9B6678DB9C6A232C5A84D2FDFFF8B0E1] - (.Microsoft Corporation - Internet Extensions para Win32.) (.26/11/2013 - 04:07:57.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.21/11/2010 - 00:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.27/09/2013 - 22:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.13/09/2011 - 21:40:23.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.12/04/2013 - 11:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/8499
~ Mes musiques (My Musics) : 4/122
~ Mes Videos (My Videos) : 1/5
~ Mes Favoris (My Favorites) : 1/53
~ Mes Documents (My Documents) : 3/464
~ Mon Bureau (My Desktop) : 1/24
~ Menu demarrer (Programs) : 1/42
~ Hidden Files: Scanned in 00mn 04s
---\\ Processos lançados
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2236]
[MD5.B00F98FF6FE8682FF941BEB2559BF191] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488] [PID.2444]
[MD5.26C49FA8BF063A51FBEF8F1E2C839A90] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160] [PID.4072]
[MD5.61A2DBA2126BA1425CC5AECC8E8AD055] - (.Vimicro - VM331 StiMnt.) -- C:\Program Files (x86)\USB Camera\VM331_STI.exe [548864] [PID.3704]
[MD5.22EC0852DBF032A93D8DA697065FA189] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [87336] [PID.4064]
[MD5.BDB70EA0834EEC93927D9ABF95D11CB7] - (.Lenovo - VeriFace Tray Icon Manager.) -- C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056] [PID.3548]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\RunDll32.exe [0] [PID.3292]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.3088]
[MD5.AFEBF9E0B223FF04709F747C172D3540] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024] [PID.692]
[MD5.1EEA6C1B35191DC177EA83672B9C3FC0] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.4432]
[MD5.CA25CAEEBDBE25D85565877219F684F8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8339968] [PID.5524]
[MD5.D74884939D53612FD84AC82C59CCFE27] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1216]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1580]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.1676]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.1700]
[MD5.E5C796B621F6FBA8616511063D7F0FFE] - (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688] [PID.1832]
[MD5.F5C0317AF600F8C0D7E4202EB04232B1] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.4068]
[MD5.2ED1786B7542CDA261029F6B526EDF44] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [325656] [PID.3832]
[MD5.7E5E1603D0FF2D240AE70295C5C3FEFC] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2656280] [PID.4272]
~ Processes Running: Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\zruauwh7.default\prefs.js
M0 - MFSP: prefs.js [Luciano - zruauwh7.default] C:\\Users\\Luciano\\Documents\\favoritos.htm
~ Firefox Browser: 7 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
~ IE Browser: 16 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Barras do Internet Explorer (03))
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Chave orfã
~ Toolbar: Scanned in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Feeding Frenzy.lnk . (.Sprout Games, LLC - Feeding Frenzy.) -- C:\Program Files (x86)\GameHouse\FeedingFrenzy\FeedingFrenzy.exe
O4 - GS\Desktop [Public]: Mario Forever 5.01.lnk . (.Softendo (c) 2010 [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - Softendo (c) 2010 [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -- C:\Program Files (x86)\softendo.com\Mario Forever 5.01\Mario Forever 5.0.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [Luciano]: Free Video Converter.lnk . (...) -- C:\Program Files (x86)\Free Video Converter\FreeVideoConverter.exe (.not file.)
O4 - GS\QuickLaunch [Luciano]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Luciano]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Luciano]: Pestering Birds.lnk . (...) -- C:\Program Files (x86)\MyPlayCity.com\Pestering Birds\Pestering Birds.exe
O4 - GS\QuickLaunch [Luciano]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Luciano\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [Luciano]: Internet Explore.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [Luciano]: Free Video Converter.lnk . (...) -- C:\Program Files (x86)\Free Video Converter\FreeVideoConverter.exe (.not file.)
O4 - GS\Program [Luciano]: FreeRapid 0.86u1.lnk . (...) -- C:\Users\Luciano\Documents\Programas\FreeRapid-0.86u1\frd.exe (.not file.)
O4 - GS\Program [Luciano]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Luciano]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Luciano]: abgx360 GUI.lnk . (...) -- C:\Program Files (x86)\abgx360\abgx360gui.exe
O4 - GS\Desktop [Luciano]: Chicken Invaders 2.lnk . (.InterAction studios - Chicken Invaders 2 executable file.) -- C:\Program Files (x86)\Chicken Invaders 2\ChickenInvaders2.exe
O4 - GS\Desktop [Luciano]: dora's ballet adventures - Atalho.lnk . (...) -- D:\Games\Dora's Ballet Adventure Final\dora's ballet adventures.exe
O4 - GS\Desktop [Luciano]: Fishdom2 - Atalho.lnk . (...) -- D:\Games\Fishdom 2 Premium Edition Em Português\Fishdom2.exe
O4 - GS\Desktop [Luciano]: Fishdom3 - Atalho.lnk . (...) -- D:\Games\Fishdom 3 Collectors Edition\Fishdom3.exe
O4 - GS\Desktop [Luciano]: frd - Atalho.lnk . (.Vity - File Downloader.) -- C:\Users\Luciano\Documents\Programas\FreeRapid-0.9u1\FreeRapid-0.9u1\frd.exe
O4 - GS\Desktop [Luciano]: Gens - Atalho.lnk . (...) -- D:\Games\Emulador Mega Drive\wgens099\Gens.exe
O4 - GS\Desktop [Luciano]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Luciano]: GuerrillaBob - Atalho.lnk . (...) -- D:\Games\Guerrilla Bob\GuerrillaBob.exe
O4 - GS\Desktop [Luciano]: Internet Explore.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Luciano]: mame64 - Atalho.lnk . (.MAME Team - Multiple Arcade Machine Emulator.) -- D:\Games\Mame\mame64.exe
O4 - GS\Desktop [Luciano]: Pestering Birds.lnk . (...) -- C:\Program Files (x86)\MyPlayCity.com\Pestering Birds\Pestering Birds.exe
O4 - GS\Desktop [Luciano]: Project64 1.6.lnk . (...) -- C:\Program Files (x86)\Project64 1.6\Project64.exe
O4 - GS\Desktop [Luciano]: ZY-BigCityAdventureLondon - Atalho.lnk . (.Jolly Bear Games - Big City Adventure: London.) -- D:\Games\Big City Adventure - London Premium Edition PT\ZY-BigCityAdventureLondon.exe
O4 - GS\Desktop [Luciano]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Luciano\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 77 Legitimates Filtered in 00mn 01s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - GS\Startup [Public]: Bluetooth.lnk . (...) -- C:\Program Files (x86)\Lenovo\Bluetooth Software\BTTray.exe (.not file.)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [Lenovo EE Boot Optimizer] . (.Lenovo - Lenovo EE Boot Optimizer Software.) -- C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe
O4 - HKLM\..\Run: [Energy Management] . (.Lenovo (Beijing) Limited - Lenovo Energy Management Software 6.0.) -- C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
O4 - HKLM\..\Run: [EnergyUtility] . (.Lenovo(beijing) Limited - Lenovo Battery Management Software Ver 6.0.) -- C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Luciano\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virtual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O4 - HKCU\..\Run: [Power2GoExpress] Chave orfã
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Wow6432Node\Run: [331BigDog] . (.Vimicro - VM331 StiMnt.) -- C:\Program Files (x86)\USB Camera\VM331_STI.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateP2GShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [YouCam Mirage] . (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
O4 - HKLM\..\Wow6432Node\Run: [YouCam Tray] . (.CyberLink Corp. - YouCam.) -- C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe
O4 - HKLM\..\Wow6432Node\Run: [VeriFaceManager] . (.Lenovo - VeriFace Tray Icon Manager.) -- C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePRCShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [fst_br_41] Chave orfã
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1560063537-2442310759-624858241-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Luciano\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-1560063537-2442310759-624858241-1000\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virtual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O4 - HKUS\S-1-5-21-1560063537-2442310759-624858241-1000\..\Run: [Power2GoExpress] Chave orfã
O4 - HKUS\S-1-5-21-1560063537-2442310759-624858241-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-1560063537-2442310759-624858241-1000\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (.not file.)
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\Lenovo\Bluetooth Software\bt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{519447E6-9BA5-4BAD-BF22-B9D3C1E74C43}: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{D89AC5E9-C087-4C9E-9709-8F56B2373A38}: DhcpNameServer = 192.168.13.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{519447E6-9BA5-4BAD-BF22-B9D3C1E74C43}: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{D89AC5E9-C087-4C9E-9709-8F56B2373A38}: DhcpNameServer = 192.168.13.10
O17 - HKLM\System\CS2\Services\Tcpip\..\{519447E6-9BA5-4BAD-BF22-B9D3C1E74C43}: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{D89AC5E9-C087-4C9E-9709-8F56B2373A38}: DhcpNameServer = 192.168.13.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [{87027163-B648-4F2D-A0DD-2C32605744B5}] (...) -- C:\Program Files (x86)\Feven 2.1\Uninstall.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [{9A4AD40D-1340-4DB9-8F1C-24CA4C72B447}] (...) -- C:\Users\Luciano\Documents\Programas\FreeRapid-0.86u1\frd.exe (.not file.) [0]
~ Scheduled Task: 17 Legitimates Filtered in 00mn 03s
---\\ Software instalados (042)
O42 - Logiciel: IePluginService12.27.0.3326 - (.Cherished Technololgy LIMITED.) [HKLM][64Bits] -- IePlugins =>Trojan.SProtector
O42 - Logiciel: USB Game Controller - (...) [HKLM][64Bits] -- {D3DF3D05-DE2A-476A-A384-08FCD58D9FE7}
~ Logic: 27 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\5e4db8f]
[HKCU\Software\Angry Mob Games]
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\GRAPES]
[HKLM\Software\Wow6432Node\360Safe]
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\FileConverter_1.1]
[HKLM\Software\Wow6432Node\Wpm] =>PUP.WpManager
[HKLM\Software\Wow6432Node\supTab]
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager
~ Key Software: 269 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 22/09/2013 - 12:58:32 - [51,214] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 17/10/2013 - 21:44:05 - [0] ----D C:\Users\Luciano\AppData\Roaming\360Safe
O43 - CFD: 25/08/2013 - 15:34:42 - [4,688] ----D C:\Users\Luciano\AppData\Roaming\Baidu Security =>Adware.BDSearch
O43 - CFD: 17/09/2012 - 23:26:23 - [4,097] ----D C:\Users\Luciano\AppData\Roaming\dora's ballet adventures
~ Program Folder: 172 Legitimates Filtered in 00mn 26s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.02940D6C7722E91342A32CFF5C60F4E4] - 01/02/2014 - 16:29:10 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.44EEF79F56FF40A9CA9B275A099E9E13] - 01/02/2014 - 18:03:35 ---A- . (...) -- C:\FaceProv.log [3401627]
O44 - LFC:[MD5.B8F0E220E8EFD241C296B436EB4EEB2C] - 01/02/2014 - 18:04:59 ---A- . (...) -- C:\zoek-results.log [23953]
O44 - LFC:[MD5.E01BEB23621D05A361BCAADF4C212F71] - 01/02/2014 - 18:05:08 ---A- . (...) -- C:\Windows\System32\fastboot.set [477433]
O44 - LFC:[MD5.CA49069B6F57DEDD17CD28710543C1B4] - 01/02/2014 - 18:07:36 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [147864]
O44 - LFC:[MD5.F8FEC40A27743EF2696EBC3EE62F666B] - 01/02/2014 - 18:07:36 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [706024]
O44 - LFC:[MD5.2DFC9315B9D939C4EDD4E4D724C04DBB] - 31/01/2014 - 11:57:33 ---A- . (...) -- C:\hijackthis.log [13489]
~ Files: 27 Legitimates Filtered in 00mn 02s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.BC647F1F9DCE55B05B54683260ECE4FB] - 11/10/2013 - 21:04:16 R--A- . (.360.cn - 360HipsOEM.) -- C:\Windows\System32\Drivers\360FltOEM.sys [289952]
O58 - SDL:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 03/12/2013 - 06:38:01 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O58 - SDL:[MD5.90399625F341AB76BA4B85A5E860EB1F] - 31/12/2013 - 19:57:47 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [207904]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.A15860E920B02C9A7CE8F3A6C2FF1E3A] - 29/09/2012 - 00:10:31 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys [560184]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 18 Legitimates Filtered in 00mn 15s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 24/10/2011 - C:\Windows\System32\drivers\BPntDrv.sys (BPntDrv) .(.Lenovo - BpntDrv.) - LEGACY_BPNTDRV
~ Legacy: 102 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{5DAEE838-227E-4A04-BA73-25C8CB4E166A}C:\program files (x86)\panda security\panda antivirus pro 2012\apvxdwin.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\panda security\panda antivirus pro 2012\apvxdwin.exe (.not file.)
O87 - FAEL: "UDP Query User{CBEF0917-8248-4BFF-BCF2-E23D6A147379}C:\program files (x86)\panda security\panda antivirus pro 2012\apvxdwin.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\panda security\panda antivirus pro 2012\apvxdwin.exe (.not file.)
O87 - FAEL: "TCP Query User{AAC39EE0-F854-49F4-8860-B337590BB261}C:\program files (x86)\panda security\panda antivirus pro 2012\apvxdwin.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\panda security\panda antivirus pro 2012\apvxdwin.exe (.not file.)
O87 - FAEL: "UDP Query User{E11B3307-3602-4A23-A0FD-1FA2A595ADAD}C:\program files (x86)\panda security\panda antivirus pro 2012\apvxdwin.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\panda security\panda antivirus pro 2012\apvxdwin.exe (.not file.)
O87 - FAEL: "{B1139ABC-8A43-4E75-8B5F-3374DFA2B742}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.) =>PUP.Datamngr
O87 - FAEL: "{83044EA8-345E-4BC4-9000-196114F68AA7}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.) =>PUP.Datamngr
~ Firewall: 190 Legitimates Filtered in 00mn 01s
---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "11C6590D06F0EF3499DA25E4384317BB" . (.Energy Management.) -- C:\windows\Installer\{D0956C11-0F60-43FE-99AD-524E833471BB}\ARPPRODUCTICON.exe
O90 - PUC: "421D4F645E0221D4EB25CE71A7A7B424" . (.OneKey Recovery.) -- C:\windows\Installer\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\ARPPRODUCTICON.exe
O90 - PUC: "8FC2C70F35C43CE418266A22E163BE88" . (.Guia de Usuário.) -- C:\windows\Installer\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}\ARPPRODUCTICON.exe
~ Update Products: 84 Legitimates Filtered in 00mn 00s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 10/12/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 05/01/2012 75624 | (AxAutoMntSrv) . (.Alcohol Soft Development Team.) - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
SS - | Demand 07/11/2013 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 24/10/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 24/10/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 30/12/2013 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 10/07/1658 0 | (MsgPlusService) . (...) - C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
SS - | Demand 10/07/1658 0 | (NMIndexingService) . (...) - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
SS - | Auto 21/06/2013 162408 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 31/12/2013 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 14/12/2010 953632 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
SR - | Auto 18/02/2011 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 20/12/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 23/12/2009 370688 | (StarWindServiceAE) . (.StarWind Software.) - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
SR - | Auto 20/12/2010 2656280 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 14s
---\\ Lista dos emuladores de CD/DVD (MBR Hook)
O58 - SDL:[MD5.A15860E920B02C9A7CE8F3A6C2FF1E3A] - 29/09/2012 - 00:10:31 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys [560184]
~ Emulateurs: Scanned in 00mn 14s
---\\ Scâner Aditional (088)
Database Version : 13030 - (25/01/2014)
Clés trouvées (Keys found) : 5
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 5
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\IePlugins] =>Trojan.SProtector^
[HKLM\Software\Wow6432Node\360Safe] =>Trojan.Lozavita
[HKLM\Software\Microsoft\Tracing\updateBrowseFox_RASAPI32] =>Adware.BrowseFox
[HKLM\Software\Microsoft\Tracing\updateBrowseFox_RASMANCS] =>Adware.BrowseFox
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220422902210}] =>PUP.CrossRider
C:\ProgramData\Baidu Security =>Adware.BDSearch^
C:\Users\Luciano\AppData\Roaming\Baidu Security =>Adware.BDSearch^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Wpm] =>PUP.WpManager^
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^
~ Additionnel Scan: 219723 Items scanned in 00mn 22s
---\\ Sumário das deteções encontradas na sua estação
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.CrossRider
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.SProtector
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.WpManager
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Datamngr
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.Lozavita
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BrowseFox
~ MSI: 7 link(s) detected in 00mn 22s
~ 1075 Legitimates filtered by white list
End of the scan (487 lines in 01mn 57s)(0)
:rindo_atoa:
~ Iniciado por Luciano (02/02/2014 09:57:47)
~ Endereço do Website : http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.16476
MFIE: Mozilla Firefox 26.0
GCIE: Google Chrome v32.0.1700.102 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Basic, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
avast! Free Antivirus v9.0.2011
Malwarebytes Anti-Malware versão 1.75.0.1300
Windows Defender W7
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 51
---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4039 MB (56% free)
System Restore: Activé (Enable)
System drive C: has 150 GB (58%) free of 254 GB
---\\ Modo de conexão ao sistema
~ Computer Name: LUCIANO-NOTBOOK
~ User Name: Luciano
~ All Users Names: Luciano, HomeGroupUser$, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Luciano\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Luciano\AppData\Roaming\
~ %Desktop% : C:\Users\Luciano\Desktop\
~ %Favorites% : C:\Users\Luciano\Favorites\
~ %LocalAppData% : C:\Users\Luciano\AppData\Local\
~ %StartMenu% : C:\Users\Luciano\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 150 Go of 254 Go)
D: Hard drive, Flash drive, Thumb drive (Free 25 Go of 29 Go)
F: CD-ROM drive (Free 0 Go of 0 Go)
G: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application
~ Security Center: 49 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.13/09/2011 - 21:39:02.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9B6678DB9C6A232C5A84D2FDFFF8B0E1] - (.Microsoft Corporation - Internet Extensions para Win32.) (.26/11/2013 - 04:07:57.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.21/11/2010 - 00:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.27/09/2013 - 22:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.13/09/2011 - 21:40:23.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.12/04/2013 - 11:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/8499
~ Mes musiques (My Musics) : 4/122
~ Mes Videos (My Videos) : 1/5
~ Mes Favoris (My Favorites) : 1/53
~ Mes Documents (My Documents) : 3/464
~ Mon Bureau (My Desktop) : 1/24
~ Menu demarrer (Programs) : 1/42
~ Hidden Files: Scanned in 00mn 04s
---\\ Processos lançados
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2236]
[MD5.B00F98FF6FE8682FF941BEB2559BF191] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488] [PID.2444]
[MD5.26C49FA8BF063A51FBEF8F1E2C839A90] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160] [PID.4072]
[MD5.61A2DBA2126BA1425CC5AECC8E8AD055] - (.Vimicro - VM331 StiMnt.) -- C:\Program Files (x86)\USB Camera\VM331_STI.exe [548864] [PID.3704]
[MD5.22EC0852DBF032A93D8DA697065FA189] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [87336] [PID.4064]
[MD5.BDB70EA0834EEC93927D9ABF95D11CB7] - (.Lenovo - VeriFace Tray Icon Manager.) -- C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056] [PID.3548]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\RunDll32.exe [0] [PID.3292]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.3088]
[MD5.AFEBF9E0B223FF04709F747C172D3540] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024] [PID.692]
[MD5.1EEA6C1B35191DC177EA83672B9C3FC0] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.4432]
[MD5.CA25CAEEBDBE25D85565877219F684F8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8339968] [PID.5524]
[MD5.D74884939D53612FD84AC82C59CCFE27] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1216]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1580]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.1676]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.1700]
[MD5.E5C796B621F6FBA8616511063D7F0FFE] - (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688] [PID.1832]
[MD5.F5C0317AF600F8C0D7E4202EB04232B1] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.4068]
[MD5.2ED1786B7542CDA261029F6B526EDF44] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [325656] [PID.3832]
[MD5.7E5E1603D0FF2D240AE70295C5C3FEFC] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2656280] [PID.4272]
~ Processes Running: Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\zruauwh7.default\prefs.js
M0 - MFSP: prefs.js [Luciano - zruauwh7.default] C:\\Users\\Luciano\\Documents\\favoritos.htm
~ Firefox Browser: 7 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
~ IE Browser: 16 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Barras do Internet Explorer (03))
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Chave orfã
~ Toolbar: Scanned in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Feeding Frenzy.lnk . (.Sprout Games, LLC - Feeding Frenzy.) -- C:\Program Files (x86)\GameHouse\FeedingFrenzy\FeedingFrenzy.exe
O4 - GS\Desktop [Public]: Mario Forever 5.01.lnk . (.Softendo (c) 2010 [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - Softendo (c) 2010 [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -- C:\Program Files (x86)\softendo.com\Mario Forever 5.01\Mario Forever 5.0.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [Luciano]: Free Video Converter.lnk . (...) -- C:\Program Files (x86)\Free Video Converter\FreeVideoConverter.exe (.not file.)
O4 - GS\QuickLaunch [Luciano]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Luciano]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Luciano]: Pestering Birds.lnk . (...) -- C:\Program Files (x86)\MyPlayCity.com\Pestering Birds\Pestering Birds.exe
O4 - GS\QuickLaunch [Luciano]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Luciano\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [Luciano]: Internet Explore.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [Luciano]: Free Video Converter.lnk . (...) -- C:\Program Files (x86)\Free Video Converter\FreeVideoConverter.exe (.not file.)
O4 - GS\Program [Luciano]: FreeRapid 0.86u1.lnk . (...) -- C:\Users\Luciano\Documents\Programas\FreeRapid-0.86u1\frd.exe (.not file.)
O4 - GS\Program [Luciano]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Luciano]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Luciano]: abgx360 GUI.lnk . (...) -- C:\Program Files (x86)\abgx360\abgx360gui.exe
O4 - GS\Desktop [Luciano]: Chicken Invaders 2.lnk . (.InterAction studios - Chicken Invaders 2 executable file.) -- C:\Program Files (x86)\Chicken Invaders 2\ChickenInvaders2.exe
O4 - GS\Desktop [Luciano]: dora's ballet adventures - Atalho.lnk . (...) -- D:\Games\Dora's Ballet Adventure Final\dora's ballet adventures.exe
O4 - GS\Desktop [Luciano]: Fishdom2 - Atalho.lnk . (...) -- D:\Games\Fishdom 2 Premium Edition Em Português\Fishdom2.exe
O4 - GS\Desktop [Luciano]: Fishdom3 - Atalho.lnk . (...) -- D:\Games\Fishdom 3 Collectors Edition\Fishdom3.exe
O4 - GS\Desktop [Luciano]: frd - Atalho.lnk . (.Vity - File Downloader.) -- C:\Users\Luciano\Documents\Programas\FreeRapid-0.9u1\FreeRapid-0.9u1\frd.exe
O4 - GS\Desktop [Luciano]: Gens - Atalho.lnk . (...) -- D:\Games\Emulador Mega Drive\wgens099\Gens.exe
O4 - GS\Desktop [Luciano]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Luciano]: GuerrillaBob - Atalho.lnk . (...) -- D:\Games\Guerrilla Bob\GuerrillaBob.exe
O4 - GS\Desktop [Luciano]: Internet Explore.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Luciano]: mame64 - Atalho.lnk . (.MAME Team - Multiple Arcade Machine Emulator.) -- D:\Games\Mame\mame64.exe
O4 - GS\Desktop [Luciano]: Pestering Birds.lnk . (...) -- C:\Program Files (x86)\MyPlayCity.com\Pestering Birds\Pestering Birds.exe
O4 - GS\Desktop [Luciano]: Project64 1.6.lnk . (...) -- C:\Program Files (x86)\Project64 1.6\Project64.exe
O4 - GS\Desktop [Luciano]: ZY-BigCityAdventureLondon - Atalho.lnk . (.Jolly Bear Games - Big City Adventure: London.) -- D:\Games\Big City Adventure - London Premium Edition PT\ZY-BigCityAdventureLondon.exe
O4 - GS\Desktop [Luciano]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Luciano\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 77 Legitimates Filtered in 00mn 01s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - GS\Startup [Public]: Bluetooth.lnk . (...) -- C:\Program Files (x86)\Lenovo\Bluetooth Software\BTTray.exe (.not file.)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [Lenovo EE Boot Optimizer] . (.Lenovo - Lenovo EE Boot Optimizer Software.) -- C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe
O4 - HKLM\..\Run: [Energy Management] . (.Lenovo (Beijing) Limited - Lenovo Energy Management Software 6.0.) -- C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
O4 - HKLM\..\Run: [EnergyUtility] . (.Lenovo(beijing) Limited - Lenovo Battery Management Software Ver 6.0.) -- C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Luciano\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virtual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O4 - HKCU\..\Run: [Power2GoExpress] Chave orfã
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Wow6432Node\Run: [331BigDog] . (.Vimicro - VM331 StiMnt.) -- C:\Program Files (x86)\USB Camera\VM331_STI.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateP2GShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [YouCam Mirage] . (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
O4 - HKLM\..\Wow6432Node\Run: [YouCam Tray] . (.CyberLink Corp. - YouCam.) -- C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe
O4 - HKLM\..\Wow6432Node\Run: [VeriFaceManager] . (.Lenovo - VeriFace Tray Icon Manager.) -- C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePRCShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [fst_br_41] Chave orfã
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1560063537-2442310759-624858241-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Luciano\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-1560063537-2442310759-624858241-1000\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virtual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O4 - HKUS\S-1-5-21-1560063537-2442310759-624858241-1000\..\Run: [Power2GoExpress] Chave orfã
O4 - HKUS\S-1-5-21-1560063537-2442310759-624858241-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-1560063537-2442310759-624858241-1000\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (.not file.)
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\Lenovo\Bluetooth Software\bt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{519447E6-9BA5-4BAD-BF22-B9D3C1E74C43}: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{D89AC5E9-C087-4C9E-9709-8F56B2373A38}: DhcpNameServer = 192.168.13.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{519447E6-9BA5-4BAD-BF22-B9D3C1E74C43}: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{D89AC5E9-C087-4C9E-9709-8F56B2373A38}: DhcpNameServer = 192.168.13.10
O17 - HKLM\System\CS2\Services\Tcpip\..\{519447E6-9BA5-4BAD-BF22-B9D3C1E74C43}: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{D89AC5E9-C087-4C9E-9709-8F56B2373A38}: DhcpNameServer = 192.168.13.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [{87027163-B648-4F2D-A0DD-2C32605744B5}] (...) -- C:\Program Files (x86)\Feven 2.1\Uninstall.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [{9A4AD40D-1340-4DB9-8F1C-24CA4C72B447}] (...) -- C:\Users\Luciano\Documents\Programas\FreeRapid-0.86u1\frd.exe (.not file.) [0]
~ Scheduled Task: 17 Legitimates Filtered in 00mn 03s
---\\ Software instalados (042)
O42 - Logiciel: IePluginService12.27.0.3326 - (.Cherished Technololgy LIMITED.) [HKLM][64Bits] -- IePlugins =>Trojan.SProtector
O42 - Logiciel: USB Game Controller - (...) [HKLM][64Bits] -- {D3DF3D05-DE2A-476A-A384-08FCD58D9FE7}
~ Logic: 27 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\5e4db8f]
[HKCU\Software\Angry Mob Games]
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\GRAPES]
[HKLM\Software\Wow6432Node\360Safe]
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\FileConverter_1.1]
[HKLM\Software\Wow6432Node\Wpm] =>PUP.WpManager
[HKLM\Software\Wow6432Node\supTab]
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager
~ Key Software: 269 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 22/09/2013 - 12:58:32 - [51,214] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 17/10/2013 - 21:44:05 - [0] ----D C:\Users\Luciano\AppData\Roaming\360Safe
O43 - CFD: 25/08/2013 - 15:34:42 - [4,688] ----D C:\Users\Luciano\AppData\Roaming\Baidu Security =>Adware.BDSearch
O43 - CFD: 17/09/2012 - 23:26:23 - [4,097] ----D C:\Users\Luciano\AppData\Roaming\dora's ballet adventures
~ Program Folder: 172 Legitimates Filtered in 00mn 26s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.02940D6C7722E91342A32CFF5C60F4E4] - 01/02/2014 - 16:29:10 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.44EEF79F56FF40A9CA9B275A099E9E13] - 01/02/2014 - 18:03:35 ---A- . (...) -- C:\FaceProv.log [3401627]
O44 - LFC:[MD5.B8F0E220E8EFD241C296B436EB4EEB2C] - 01/02/2014 - 18:04:59 ---A- . (...) -- C:\zoek-results.log [23953]
O44 - LFC:[MD5.E01BEB23621D05A361BCAADF4C212F71] - 01/02/2014 - 18:05:08 ---A- . (...) -- C:\Windows\System32\fastboot.set [477433]
O44 - LFC:[MD5.CA49069B6F57DEDD17CD28710543C1B4] - 01/02/2014 - 18:07:36 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [147864]
O44 - LFC:[MD5.F8FEC40A27743EF2696EBC3EE62F666B] - 01/02/2014 - 18:07:36 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [706024]
O44 - LFC:[MD5.2DFC9315B9D939C4EDD4E4D724C04DBB] - 31/01/2014 - 11:57:33 ---A- . (...) -- C:\hijackthis.log [13489]
~ Files: 27 Legitimates Filtered in 00mn 02s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.BC647F1F9DCE55B05B54683260ECE4FB] - 11/10/2013 - 21:04:16 R--A- . (.360.cn - 360HipsOEM.) -- C:\Windows\System32\Drivers\360FltOEM.sys [289952]
O58 - SDL:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 03/12/2013 - 06:38:01 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O58 - SDL:[MD5.90399625F341AB76BA4B85A5E860EB1F] - 31/12/2013 - 19:57:47 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [207904]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.A15860E920B02C9A7CE8F3A6C2FF1E3A] - 29/09/2012 - 00:10:31 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys [560184]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 18 Legitimates Filtered in 00mn 15s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 24/10/2011 - C:\Windows\System32\drivers\BPntDrv.sys (BPntDrv) .(.Lenovo - BpntDrv.) - LEGACY_BPNTDRV
~ Legacy: 102 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{5DAEE838-227E-4A04-BA73-25C8CB4E166A}C:\program files (x86)\panda security\panda antivirus pro 2012\apvxdwin.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\panda security\panda antivirus pro 2012\apvxdwin.exe (.not file.)
O87 - FAEL: "UDP Query User{CBEF0917-8248-4BFF-BCF2-E23D6A147379}C:\program files (x86)\panda security\panda antivirus pro 2012\apvxdwin.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\panda security\panda antivirus pro 2012\apvxdwin.exe (.not file.)
O87 - FAEL: "TCP Query User{AAC39EE0-F854-49F4-8860-B337590BB261}C:\program files (x86)\panda security\panda antivirus pro 2012\apvxdwin.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\panda security\panda antivirus pro 2012\apvxdwin.exe (.not file.)
O87 - FAEL: "UDP Query User{E11B3307-3602-4A23-A0FD-1FA2A595ADAD}C:\program files (x86)\panda security\panda antivirus pro 2012\apvxdwin.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\panda security\panda antivirus pro 2012\apvxdwin.exe (.not file.)
O87 - FAEL: "{B1139ABC-8A43-4E75-8B5F-3374DFA2B742}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.) =>PUP.Datamngr
O87 - FAEL: "{83044EA8-345E-4BC4-9000-196114F68AA7}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.) =>PUP.Datamngr
~ Firewall: 190 Legitimates Filtered in 00mn 01s
---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "11C6590D06F0EF3499DA25E4384317BB" . (.Energy Management.) -- C:\windows\Installer\{D0956C11-0F60-43FE-99AD-524E833471BB}\ARPPRODUCTICON.exe
O90 - PUC: "421D4F645E0221D4EB25CE71A7A7B424" . (.OneKey Recovery.) -- C:\windows\Installer\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\ARPPRODUCTICON.exe
O90 - PUC: "8FC2C70F35C43CE418266A22E163BE88" . (.Guia de Usuário.) -- C:\windows\Installer\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}\ARPPRODUCTICON.exe
~ Update Products: 84 Legitimates Filtered in 00mn 00s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 10/12/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 05/01/2012 75624 | (AxAutoMntSrv) . (.Alcohol Soft Development Team.) - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
SS - | Demand 07/11/2013 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 24/10/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 24/10/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 30/12/2013 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 10/07/1658 0 | (MsgPlusService) . (...) - C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
SS - | Demand 10/07/1658 0 | (NMIndexingService) . (...) - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
SS - | Auto 21/06/2013 162408 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 31/12/2013 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 14/12/2010 953632 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
SR - | Auto 18/02/2011 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 20/12/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 23/12/2009 370688 | (StarWindServiceAE) . (.StarWind Software.) - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
SR - | Auto 20/12/2010 2656280 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 14s
---\\ Lista dos emuladores de CD/DVD (MBR Hook)
O58 - SDL:[MD5.A15860E920B02C9A7CE8F3A6C2FF1E3A] - 29/09/2012 - 00:10:31 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys [560184]
~ Emulateurs: Scanned in 00mn 14s
---\\ Scâner Aditional (088)
Database Version : 13030 - (25/01/2014)
Clés trouvées (Keys found) : 5
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 5
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\IePlugins] =>Trojan.SProtector^
[HKLM\Software\Wow6432Node\360Safe] =>Trojan.Lozavita
[HKLM\Software\Microsoft\Tracing\updateBrowseFox_RASAPI32] =>Adware.BrowseFox
[HKLM\Software\Microsoft\Tracing\updateBrowseFox_RASMANCS] =>Adware.BrowseFox
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220422902210}] =>PUP.CrossRider
C:\ProgramData\Baidu Security =>Adware.BDSearch^
C:\Users\Luciano\AppData\Roaming\Baidu Security =>Adware.BDSearch^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Wpm] =>PUP.WpManager^
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^
~ Additionnel Scan: 219723 Items scanned in 00mn 22s
---\\ Sumário das deteções encontradas na sua estação
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.CrossRider
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.SProtector
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.WpManager
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Datamngr
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.Lozavita
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BrowseFox
~ MSI: 7 link(s) detected in 00mn 22s
~ 1075 Legitimates filtered by white list
End of the scan (487 lines in 01mn 57s)(0)
:rindo_atoa:
Luciano Santos- Iniciante
- Mensagens : 14
Reputação : 0
Data de inscrição : 31/01/2014
Idade : 46
Localização : Camaquã- RS
Re: Como remover awesomehp???
Copie todo este script que te passei.
Vá no menu: Iniciar > Todos os programas > ZHP > Abra o Zhpfix > Clique em Importação > Clique em OK > Clique com o botão direito do mouse sobre a grande área cinza da tela do programa e clique em Colar > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas. Copie este relatório e poste em sua próxima resposta.
Vá no menu: Iniciar > Todos os programas > ZHP > Abra o Zhpfix > Clique em Importação > Clique em OK > Clique com o botão direito do mouse sobre a grande área cinza da tela do programa e clique em Colar > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas. Copie este relatório e poste em sua próxima resposta.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Como remover awesomehp???
tenho uma duvida, depois de apertar em IMPORTAÇÃO aparece uma tela grande cheia de coisas inscritas e não tem a opção de "OK", minha duvida é eu apago aquilo que está escrito e depois eu colo o que tu me pediu ou só acrescento abaixo? vou enviar uma foto pra ti ver.
Luciano Santos- Iniciante
- Mensagens : 14
Reputação : 0
Data de inscrição : 31/01/2014
Idade : 46
Localização : Camaquã- RS
Re: Como remover awesomehp???
Já está certo, ele já colou lá o que você copiou.
Agora é só clicar em Go > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas. Copie este relatório e poste em sua próxima resposta.
Agora é só clicar em Go > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas. Copie este relatório e poste em sua próxima resposta.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como remover awesomehp???
Rapport de ZHPFix 2014.1.17.2 par Nicolas Coolman, Update du 17/01/2014
Fichier d'export Registre :
Run by Luciano at 02/02/2014 18:13:04
High Elevated Privileges : OK
Windows 7 Home Basic Edition, 64-bit Service Pack 1 (Build 7601)
Reciclagem vazia (00mn 04s)
========== Softwares ==========
AUSENTE Uninstall Process: c:\programdata\iepluginservice\pluginservice.exe
========== Chaves do Registo ==========
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IePlugins]
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\360Safe
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu_Drp_pos
ELIMINÉ: HKLM\Software\Wow6432Node\FileConverter_1.1
ELIMINÉ: HKLM\Software\Wow6432Node\Wpm
ELIMINÉ: HKLM\Software\Wow6432Node\supTab
ELIMINÉ: HKLM\Software\Wow6432Node\supWPM
ELIMINÉ:* HKLM\Software\Microsoft\Tracing\updateBrowseFox_RASAPI32
ELIMINÉ:* HKLM\Software\Microsoft\Tracing\updateBrowseFox_RASMANCS
ELIMINÉ:* HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220422902210}
========== Valores do Registo ==========
ELIMINÉ: Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F}
ELIMINÉ RunValue: SynTPEnh
ELIMINÉ RunValue: Power2GoExpress
ELIMINÉ RunValue: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
ELIMINÉ RunValue: fst_br_41
ELIMINÉ MWPS Value: EnableLUA
ELIMINÉ MWPS Value: EnableUIADesktopToggle
ELIMINÉ MWPS Value: PromptOnSecureDesktop
ELIMINÉ MWPS Value: FilterAdministratorToken
ELIMINÉ MWPE Value: NoActiveDesktopChanges
ELIMINÉ: TCP Query User{5DAEE838-227E-4A04-BA73-25C8CB4E166A}C:\program files (x86)\panda security\panda antivirus pro 2012\apvxdwin.exe
ELIMINÉ: UDP Query User{CBEF0917-8248-4BFF-BCF2-E23D6A147379}C:\program files (x86)\panda security\panda antivirus pro 2012\apvxdwin.exe
ELIMINÉ: TCP Query User{AAC39EE0-F854-49F4-8860-B337590BB261}C:\program files (x86)\panda security\panda antivirus pro 2012\apvxdwin.exe
ELIMINÉ: UDP Query User{E11B3307-3602-4A23-A0FD-1FA2A595ADAD}C:\program files (x86)\panda security\panda antivirus pro 2012\apvxdwin.exe
ELIMINÉ: {B1139ABC-8A43-4E75-8B5F-3374DFA2B742}
ELIMINÉ: {83044EA8-345E-4BC4-9000-196114F68AA7}
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
========== Elementos dos dados do Registo ==========
SUBSTITUI Value NoActiveDesktopChanges : Good (0) - Bad (1)
SUBSTITUI Value EnableLUA : Good (1) - Bad (0)
ELIMINÉ Explorer Association Data Application: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
ELIMINÉ Explorer Association Data Application: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ: c:\users\luciano\appdata\roaming\microsoft\internet explorer\quick launch\free video converter.lnk
ELIMINÉ: c:\users\luciano\appdata\roaming\microsoft\windows\start menu\programs\free video converter.lnk
ELIMINÉ: c:\users\luciano\appdata\roaming\microsoft\windows\start menu\programs\freerapid 0.86u1.lnk
ELIMINÉ: c:\programdata\microsoft\windows\start menu\programs\startup\bluetooth.lnk
ELIMINA REINICIAR: c:\windows\system32\drivers\360fltoem.sys
ELIMINÉ Flash Cookies (0) (0 octets)
ELIMINÉ Temporários windows ( (368.552 octets)
========== Tarefa planificada ==========
ELIMINÉ: {87027163-B648-4F2D-A0DD-2C32605744B5}
ELIMINÉ: {9A4AD40D-1340-4DB9-8F1C-24CA4C72B447}
========== Outros ==========
NÃO-TRATADO SystemRestore
========== Recapitulativo ==========
11 : Chaves do Registo
22 : Valores do Registo
4 : Elementos dos dados do Registo
1 : Pastas
7 : Ficheiros
1 : Softwares
2 : Tarefa planificada
1 : Outros
End of clean in 00mn 15s
========== Caminho do ficheiro do relatório ==========
C:\Users\Luciano\AppData\Roaming\ZHP\ZHPFix[R1].txt - 02/02/2014 18:13:08 [3896]
Fichier d'export Registre :
Run by Luciano at 02/02/2014 18:13:04
High Elevated Privileges : OK
Windows 7 Home Basic Edition, 64-bit Service Pack 1 (Build 7601)
Reciclagem vazia (00mn 04s)
========== Softwares ==========
AUSENTE Uninstall Process: c:\programdata\iepluginservice\pluginservice.exe
========== Chaves do Registo ==========
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IePlugins]
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\360Safe
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu_Drp_pos
ELIMINÉ: HKLM\Software\Wow6432Node\FileConverter_1.1
ELIMINÉ: HKLM\Software\Wow6432Node\Wpm
ELIMINÉ: HKLM\Software\Wow6432Node\supTab
ELIMINÉ: HKLM\Software\Wow6432Node\supWPM
ELIMINÉ:* HKLM\Software\Microsoft\Tracing\updateBrowseFox_RASAPI32
ELIMINÉ:* HKLM\Software\Microsoft\Tracing\updateBrowseFox_RASMANCS
ELIMINÉ:* HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220422902210}
========== Valores do Registo ==========
ELIMINÉ: Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F}
ELIMINÉ RunValue: SynTPEnh
ELIMINÉ RunValue: Power2GoExpress
ELIMINÉ RunValue: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
ELIMINÉ RunValue: fst_br_41
ELIMINÉ MWPS Value: EnableLUA
ELIMINÉ MWPS Value: EnableUIADesktopToggle
ELIMINÉ MWPS Value: PromptOnSecureDesktop
ELIMINÉ MWPS Value: FilterAdministratorToken
ELIMINÉ MWPE Value: NoActiveDesktopChanges
ELIMINÉ: TCP Query User{5DAEE838-227E-4A04-BA73-25C8CB4E166A}C:\program files (x86)\panda security\panda antivirus pro 2012\apvxdwin.exe
ELIMINÉ: UDP Query User{CBEF0917-8248-4BFF-BCF2-E23D6A147379}C:\program files (x86)\panda security\panda antivirus pro 2012\apvxdwin.exe
ELIMINÉ: TCP Query User{AAC39EE0-F854-49F4-8860-B337590BB261}C:\program files (x86)\panda security\panda antivirus pro 2012\apvxdwin.exe
ELIMINÉ: UDP Query User{E11B3307-3602-4A23-A0FD-1FA2A595ADAD}C:\program files (x86)\panda security\panda antivirus pro 2012\apvxdwin.exe
ELIMINÉ: {B1139ABC-8A43-4E75-8B5F-3374DFA2B742}
ELIMINÉ: {83044EA8-345E-4BC4-9000-196114F68AA7}
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
========== Elementos dos dados do Registo ==========
SUBSTITUI Value NoActiveDesktopChanges : Good (0) - Bad (1)
SUBSTITUI Value EnableLUA : Good (1) - Bad (0)
ELIMINÉ Explorer Association Data Application: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
ELIMINÉ Explorer Association Data Application: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ: c:\users\luciano\appdata\roaming\microsoft\internet explorer\quick launch\free video converter.lnk
ELIMINÉ: c:\users\luciano\appdata\roaming\microsoft\windows\start menu\programs\free video converter.lnk
ELIMINÉ: c:\users\luciano\appdata\roaming\microsoft\windows\start menu\programs\freerapid 0.86u1.lnk
ELIMINÉ: c:\programdata\microsoft\windows\start menu\programs\startup\bluetooth.lnk
ELIMINA REINICIAR: c:\windows\system32\drivers\360fltoem.sys
ELIMINÉ Flash Cookies (0) (0 octets)
ELIMINÉ Temporários windows ( (368.552 octets)
========== Tarefa planificada ==========
ELIMINÉ: {87027163-B648-4F2D-A0DD-2C32605744B5}
ELIMINÉ: {9A4AD40D-1340-4DB9-8F1C-24CA4C72B447}
========== Outros ==========
NÃO-TRATADO SystemRestore
========== Recapitulativo ==========
11 : Chaves do Registo
22 : Valores do Registo
4 : Elementos dos dados do Registo
1 : Pastas
7 : Ficheiros
1 : Softwares
2 : Tarefa planificada
1 : Outros
End of clean in 00mn 15s
========== Caminho do ficheiro do relatório ==========
C:\Users\Luciano\AppData\Roaming\ZHP\ZHPFix[R1].txt - 02/02/2014 18:13:08 [3896]
Luciano Santos- Iniciante
- Mensagens : 14
Reputação : 0
Data de inscrição : 31/01/2014
Idade : 46
Localização : Camaquã- RS
Re: Como remover awesomehp???
Vários problemas foram removidos.
Como está seu PC após estas limpezas?
Como está seu PC após estas limpezas?
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Como remover awesomehp???
Problema resolvido e Notbook 100% !!!!!
cara antes não conseguia entrar em nenhum site e muito lento quase parando... agora ficou bala está rápido e parou aquelas propagandas chatas, ficou 110%, hehehe... muito obrigado pela ajuda, valeu mesmo!!!! e uma perguntinha, posso fazer esse mesmo procedimento no PC também? ele não está lento, mas só pra ver se tem algo mesmo. Obrigado!
cara antes não conseguia entrar em nenhum site e muito lento quase parando... agora ficou bala está rápido e parou aquelas propagandas chatas, ficou 110%, hehehe... muito obrigado pela ajuda, valeu mesmo!!!! e uma perguntinha, posso fazer esse mesmo procedimento no PC também? ele não está lento, mas só pra ver se tem algo mesmo. Obrigado!
Luciano Santos- Iniciante
- Mensagens : 14
Reputação : 0
Data de inscrição : 31/01/2014
Idade : 46
Localização : Camaquã- RS
Re: Como remover awesomehp???
Fico feliz que o problema foi resolvido.cara antes não conseguia entrar em nenhum site e muito lento quase parando... agora ficou bala está rápido e parou aquelas propagandas chatas, ficou 110%, hehehe... muito obrigado pela ajuda, valeu mesmo!!!!
_________________________________________________________________________________
Cada caso é um caso. Sugiro que crie um novo tópico na área de Remoção de Malwares para podermos analisar o PC e ver se está tudo certo com ele.e uma perguntinha, posso fazer esse mesmo procedimento no PC também? ele não está lento, mas só pra ver se tem algo mesmo.
_________________________________________________________________________________
Só para finalizar faça estes últimos procedimentos, por gentileza:
Instale o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (caso já tenha ele, não precisa instalar de novo).
Abra o Ccleaner > clique no botão Limpeza > clique na opção Executar Limpeza. Isto é demonstrado na imagem abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Confirme a operação acima clicando no botão OK. Aguarde a conclusão do procedimento.
Depois disto, clique no botão botão Registro > Procurar Erros > Corrigir erro(s) selecionado(s) > neste momento você poderá optar por fazer uma cópia das alterações que serão feitas no registro (por motivos de segurança), escolha a opção que desejar (sim ou não) > e confirme a limpeza clicando no botão Corrigir todos os erros selecionados > clique no botão Fechar (ou OK):
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
__________________________________________________________________________________________________________________Depois disto siga também as dicas deste tutorial abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________
Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Xplode) e salve no Desktop (Área de Trabalho)
*Depois disto é só executá-lo, deixar selecionadas as opções Remove disinfection tools e Purge system restore
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Clique em [Run]
Depois de executar o Delfix conforme descrito acima, é só deletar o DelFix e o arquivo C:\DelFix.txt
_______________________________________________________________________________________________________________________
Foi um prazer ajudar, conte sempre conosco!
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Como remover awesomehp???
Limpando o not...:
RaProducts' PureRa v1.7
Log created at 19:07 on 02/02/2014 (Luciano)
C:\Config.MSI emptied.
C:\Users\Luciano\AppData\LocalLow\Microsoft\CryptNetURLCache\Content emptied.
C:\Users\Luciano\AppData\LocalLow\Microsoft\CryptNetURLCache\MetaData emptied.
C:\windows\system32\FNTCACHE.DAT <- O sistema não pode encontrar o arquivo especificado.
Recycle bin emptied.
C:\windows\SoftwareDistribution\DataStore\Logs emptied.
C:\windows\SoftwareDistribution\Download emptied.
C:\windows\SoftwareDistribution\SelfUpdate\Default emptied.
C:\windows\SoftwareDistribution\WuRedir emptied.
C:\windows\SoftwareDistribution\ReportingEvents.log <- O arquivo já está sendo usado por outro processo.
C:\Users\Luciano\AppData\Local\Temp emptied.
C:\windows\TEMP emptied.
C:\Program Files (x86)\Lenovo\YouCam\Promotion\150DPI\image\Thumbs.db <- Successfully deleted.
C:\Program Files (x86)\Lenovo\YouCam\Promotion\normal\image\Thumbs.db <- Successfully deleted.
C:\ProgramData\Microsoft\Windows\Sqm\Upload\PnrpRegSession0.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Windows\Sqm\Upload\PnrpRegSession1.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Windows\Sqm\Upload\PnrpResolveSession0.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Windows\Sqm\Upload\PnrpResolveSession1.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Windows\Sqm\Upload\PnrpResolveSession2.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Windows\Sqm\Upload\PnrpResolveSession3.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Windows\Sqm\Upload\PnrpResolveSession4.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Windows\Sqm\Upload\PnrpResolveSession5.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Windows\Sqm\Upload\PnrpResolveSession6.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Windows\Sqm\Upload\PnrpResolveSession7.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Windows\Sqm\Upload\PnrpResolveSession8.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Windows\Sqm\Upload\PnrpResolveSession9.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\IconCache.db <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1024.db <- Acesso negado.
C:\Users\Luciano\AppData\Local\Microsoft\Windows\Explorer\thumbcache_256.db <- Acesso negado.
C:\Users\Luciano\AppData\Local\Microsoft\Windows\Explorer\thumbcache_32.db <- Acesso negado.
C:\Users\Luciano\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db <- Acesso negado.
C:\Users\Luciano\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db <- Acesso negado.
C:\Users\Luciano\AppData\Local\Microsoft\Windows\Explorer\thumbcache_sr.db <- Acesso negado.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici2_00.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_00.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_01.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_02.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_03.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_04.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_05.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_06.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_07.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_08.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_09.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_10.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_11.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_12.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_13.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_14.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\SqmApi\SqmData20_00.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\SqmApi\SqmData21_00.sqm <- Successfully deleted.
C:\Users\Luciano\Documents\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Documents\Backup celular Beta\DCIM\100ANDRO\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Documents\Backup celular Beta\DCIM\100AVIARY\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Documents\Eletro Clic\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Documents\Eletro Clic\Ar Condicionado Split\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Documents\Eletro Clic\Curso_De_Eletronica_Ilustrado\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Documents\Eletro Clic\Eletronica video aulas\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Documents\Eletro Clic\Maquinas de Lavar\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Documents\Pasta de trocas do Bluetooth\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Documents\Programas\Alcohol1202.0.0.1331–[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] 120% 2.0.2.3929 Up By [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] <- Successfully deleted.
C:\Users\Luciano\Documents\Programas\Alcohol1202.0.0.1331–[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] 120% 2.0.2.3929 Up By [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] DO XANDAO DOWNLOAD\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Music\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Music\Paula Fernandes - DVDa 2011\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Music\Salve Jorge - Trilha Sonora Sertaneja da Novela (2012).Up.By.WWW.XANDAODOWNLOAD.COM\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Music\Salve Jorge - Trilha Sonora Sertaneja da Novela (2012).Up.By.WWW.XANDAODOWNLOAD.COM\BONUS DO XANDAO DOWNLOAD\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Music\Trilha Sonora Da Novela - Amor À Vida - [2013]\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Aniversario Vô Zeca 90 anos\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Ano Novo\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Apresentação Laisa\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Diversas\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Formatura Anderson e Scheila\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\1º ano Laisa\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\Niver Casamento vó Eni e vô Zeca 2005\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\Niver Laisa 2 anos\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\Niver Lívia 7 anos\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\Niver Lívia 7 anos\Fotos celular\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\Niver Lívia 7 anos\Níver escola\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\Níver Candida 2006\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\Níver Juliana 2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\Níver Luciano 2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\Níver Lívia 5 anos\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\Níver Lívia 6 anos\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\Níver Lívia 8 anos\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\Níver Roberta 2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\Níver Vó Eni 2006\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\Níver Vô Zeca 2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Ano novo\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Ano novo\2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Ano novo\2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Ano novo\2009\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Ballet\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Cantata 2006\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Cantata 2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Coral Girassol\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Dia das Mães 2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Dia das mães 2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Dia das Mães 2009\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Dia das mães escola 2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Dia dos Pais 2006\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Dia dos Pais 2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Dia dos Pais 2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Dia dos Pais 2009\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Encontrão 2009\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Festa Junina 2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Festa Junina 2009\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\formatura Lívia 2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\natal 2006\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\natal 2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\natal 2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Páscoa 2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Páscoa 2009\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Semana Cultural 2009\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\show de talentos 2006\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\show de talentos 2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Barragem jul 2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Batizado Heloísa 2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Batizado Laisa 2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Casamento Jáderson - Formatura Jonatan\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Casamento Matheus 2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Chá de fralda Laisa 2006\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Curso B&D e Dewalt Luciano\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Dia das mães 2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Dia dos Pais 2006\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Diversas\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Espetáculo do Mágico de Oz 2006\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\exposição RBS 2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Amigos\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Avós\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Bisôs\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Diversas\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Família\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Laisa\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Luciano\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Luciano e Laisa\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Luciano e Lívia\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Luciano e Roberta\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Lívia\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Lívia e Laisa\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Lívia, Laisa e Gustavo\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Primos\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Roberta\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Roberta e Laisa\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Roberta e Lívia\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Tios e dindos\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Formatura\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Fotos casa (antes e depois)\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Fotos produzidas\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Herval\jan 2009\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Herval\mai 2009\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Herval\mar 2009\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Nascimento Laisa\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Natal\2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Natal\2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Natal POA\2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Natal POA\2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Natal praça\2006\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Natal praça\2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Natal praça\2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Noite Pijama 2010 Lívia\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\olímpico dez 2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\parque aquático fev 2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Pituka 02.03.2009 e Mimika\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Porta Arrombada\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Poso em família 01.08.09\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Praça 25.05.08\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Páscoa\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Páscoa\2009\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Retiro de Casais\2006\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Retiro de Casais\2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Show da Disney out 2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Verão 2006 - 2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Verão 2007-2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Verão 2008 - 2009\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\ZÔO set 2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Aniversario Lívia 24.08.13\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Aniversário Bisa Eni\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Aniversário Livia 27.08.11\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Celular Lívia\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Formatura Balé Laisa\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Formatura Lê\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Fotos celular Sano\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Fotos Formatura Laisa\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\fotos luciano\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Fotos maquina digital\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\fotos maquina digital anivers. Livia\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Fotos niver vô zeca, Zenóbia\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Maquina Candida\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Maquina digital Paulo\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Nascimento Diana\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Niver Ederaldo aramba\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Olimpico 04.12.12\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Passeio Barragem\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Passeio no Park de diversão\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Passeio Shoping Iguatemi 04.12.12\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Passeio shopping iguatemi 06.10.13\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Recital Coliseu Lívia\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Viagem a Bento Gonçalves\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Viagem Canela- Gramado\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Viagem Canela- Gramado\Parque das Aguas Farroupilha\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Viagem Canela- Gramado\Passeio Zoo Gramado\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Viagem Rio Grende\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Janta Eletroclic\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Níver Laisa 7 anos\Thumbs.db <- Successfully deleted.
C:\Windows\Resources\Themes\Thumbs.db <- Successfully deleted.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\PnrpSqm\PnrpRegSession0.sqm <- Successfully deleted.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\PnrpSqm\PnrpResolveSession0.sqm <- Successfully deleted.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\PnrpSqm\PnrpSvcSession0.sqm <- Successfully deleted.
C:\Windows\Web\Wallpaper\Thumbs.db <- Successfully deleted.
C:\Windows\Web\Wallpaper\Lenovo_1\Thumbs.db <- Successfully deleted.
C:\Windows\Web\Wallpaper\Lenovo_2\Thumbs.db <- Successfully deleted.
C:\Windows\Web\Wallpaper\Lenovo_3\Thumbs.db <- Successfully deleted.
C:\Windows\Web\Wallpaper\Lenovo_4\Thumbs.db <- Successfully deleted.
Total space cleaned: 78.22 MB
-=E.O.F=-
RaProducts' PureRa v1.7
Log created at 19:07 on 02/02/2014 (Luciano)
C:\Config.MSI emptied.
C:\Users\Luciano\AppData\LocalLow\Microsoft\CryptNetURLCache\Content emptied.
C:\Users\Luciano\AppData\LocalLow\Microsoft\CryptNetURLCache\MetaData emptied.
C:\windows\system32\FNTCACHE.DAT <- O sistema não pode encontrar o arquivo especificado.
Recycle bin emptied.
C:\windows\SoftwareDistribution\DataStore\Logs emptied.
C:\windows\SoftwareDistribution\Download emptied.
C:\windows\SoftwareDistribution\SelfUpdate\Default emptied.
C:\windows\SoftwareDistribution\WuRedir emptied.
C:\windows\SoftwareDistribution\ReportingEvents.log <- O arquivo já está sendo usado por outro processo.
C:\Users\Luciano\AppData\Local\Temp emptied.
C:\windows\TEMP emptied.
C:\Program Files (x86)\Lenovo\YouCam\Promotion\150DPI\image\Thumbs.db <- Successfully deleted.
C:\Program Files (x86)\Lenovo\YouCam\Promotion\normal\image\Thumbs.db <- Successfully deleted.
C:\ProgramData\Microsoft\Windows\Sqm\Upload\PnrpRegSession0.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Windows\Sqm\Upload\PnrpRegSession1.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Windows\Sqm\Upload\PnrpResolveSession0.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Windows\Sqm\Upload\PnrpResolveSession1.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Windows\Sqm\Upload\PnrpResolveSession2.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Windows\Sqm\Upload\PnrpResolveSession3.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Windows\Sqm\Upload\PnrpResolveSession4.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Windows\Sqm\Upload\PnrpResolveSession5.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Windows\Sqm\Upload\PnrpResolveSession6.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Windows\Sqm\Upload\PnrpResolveSession7.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Windows\Sqm\Upload\PnrpResolveSession8.sqm <- Successfully deleted.
C:\ProgramData\Microsoft\Windows\Sqm\Upload\PnrpResolveSession9.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\IconCache.db <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1024.db <- Acesso negado.
C:\Users\Luciano\AppData\Local\Microsoft\Windows\Explorer\thumbcache_256.db <- Acesso negado.
C:\Users\Luciano\AppData\Local\Microsoft\Windows\Explorer\thumbcache_32.db <- Acesso negado.
C:\Users\Luciano\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db <- Acesso negado.
C:\Users\Luciano\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db <- Acesso negado.
C:\Users\Luciano\AppData\Local\Microsoft\Windows\Explorer\thumbcache_sr.db <- Acesso negado.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici2_00.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_00.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_01.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_02.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_03.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_04.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_05.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_06.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_07.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_08.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_09.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_10.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_11.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_12.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_13.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\Bici\Bici4_14.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\SqmApi\SqmData20_00.sqm <- Successfully deleted.
C:\Users\Luciano\AppData\Local\Microsoft\Windows Live\SqmApi\SqmData21_00.sqm <- Successfully deleted.
C:\Users\Luciano\Documents\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Documents\Backup celular Beta\DCIM\100ANDRO\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Documents\Backup celular Beta\DCIM\100AVIARY\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Documents\Eletro Clic\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Documents\Eletro Clic\Ar Condicionado Split\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Documents\Eletro Clic\Curso_De_Eletronica_Ilustrado\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Documents\Eletro Clic\Eletronica video aulas\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Documents\Eletro Clic\Maquinas de Lavar\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Documents\Pasta de trocas do Bluetooth\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Documents\Programas\Alcohol1202.0.0.1331–[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] 120% 2.0.2.3929 Up By [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] <- Successfully deleted.
C:\Users\Luciano\Documents\Programas\Alcohol1202.0.0.1331–[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] 120% 2.0.2.3929 Up By [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] DO XANDAO DOWNLOAD\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Music\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Music\Paula Fernandes - DVDa 2011\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Music\Salve Jorge - Trilha Sonora Sertaneja da Novela (2012).Up.By.WWW.XANDAODOWNLOAD.COM\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Music\Salve Jorge - Trilha Sonora Sertaneja da Novela (2012).Up.By.WWW.XANDAODOWNLOAD.COM\BONUS DO XANDAO DOWNLOAD\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Music\Trilha Sonora Da Novela - Amor À Vida - [2013]\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Aniversario Vô Zeca 90 anos\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Ano Novo\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Apresentação Laisa\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Diversas\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Formatura Anderson e Scheila\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\1º ano Laisa\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\Niver Casamento vó Eni e vô Zeca 2005\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\Niver Laisa 2 anos\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\Niver Lívia 7 anos\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\Niver Lívia 7 anos\Fotos celular\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\Niver Lívia 7 anos\Níver escola\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\Níver Candida 2006\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\Níver Juliana 2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\Níver Luciano 2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\Níver Lívia 5 anos\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\Níver Lívia 6 anos\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\Níver Lívia 8 anos\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\Níver Roberta 2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\Níver Vó Eni 2006\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Aniversários\Níver Vô Zeca 2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Ano novo\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Ano novo\2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Ano novo\2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Ano novo\2009\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Ballet\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Cantata 2006\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Cantata 2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Coral Girassol\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Dia das Mães 2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Dia das mães 2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Dia das Mães 2009\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Dia das mães escola 2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Dia dos Pais 2006\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Dia dos Pais 2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Dia dos Pais 2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Dia dos Pais 2009\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Encontrão 2009\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Festa Junina 2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Festa Junina 2009\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\formatura Lívia 2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\natal 2006\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\natal 2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\natal 2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Páscoa 2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Páscoa 2009\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\Semana Cultural 2009\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\show de talentos 2006\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Apresentações Lívia e Laisa\show de talentos 2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Barragem jul 2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Batizado Heloísa 2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Batizado Laisa 2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Casamento Jáderson - Formatura Jonatan\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Casamento Matheus 2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Chá de fralda Laisa 2006\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Curso B&D e Dewalt Luciano\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Dia das mães 2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Dia dos Pais 2006\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Diversas\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Espetáculo do Mágico de Oz 2006\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\exposição RBS 2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Amigos\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Avós\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Bisôs\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Diversas\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Família\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Laisa\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Luciano\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Luciano e Laisa\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Luciano e Lívia\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Luciano e Roberta\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Lívia\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Lívia e Laisa\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Lívia, Laisa e Gustavo\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Primos\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Roberta\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Roberta e Laisa\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Roberta e Lívia\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Família\Tios e dindos\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Formatura\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Fotos casa (antes e depois)\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Fotos produzidas\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Herval\jan 2009\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Herval\mai 2009\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Herval\mar 2009\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Nascimento Laisa\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Natal\2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Natal\2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Natal POA\2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Natal POA\2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Natal praça\2006\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Natal praça\2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Natal praça\2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Noite Pijama 2010 Lívia\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\olímpico dez 2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\parque aquático fev 2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Pituka 02.03.2009 e Mimika\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Porta Arrombada\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Poso em família 01.08.09\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Praça 25.05.08\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Páscoa\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Páscoa\2009\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Retiro de Casais\2006\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Retiro de Casais\2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Show da Disney out 2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Verão 2006 - 2007\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Verão 2007-2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\Verão 2008 - 2009\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos\ZÔO set 2008\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Aniversario Lívia 24.08.13\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Aniversário Bisa Eni\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Aniversário Livia 27.08.11\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Celular Lívia\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Formatura Balé Laisa\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Formatura Lê\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Fotos celular Sano\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Fotos Formatura Laisa\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\fotos luciano\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Fotos maquina digital\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\fotos maquina digital anivers. Livia\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Fotos niver vô zeca, Zenóbia\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Maquina Candida\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Maquina digital Paulo\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Nascimento Diana\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Niver Ederaldo aramba\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Olimpico 04.12.12\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Passeio Barragem\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Passeio no Park de diversão\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Passeio Shoping Iguatemi 04.12.12\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Passeio shopping iguatemi 06.10.13\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Recital Coliseu Lívia\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Viagem a Bento Gonçalves\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Viagem Canela- Gramado\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Viagem Canela- Gramado\Parque das Aguas Farroupilha\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Viagem Canela- Gramado\Passeio Zoo Gramado\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Fotos Descarregadas\Viagem Rio Grende\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Janta Eletroclic\Thumbs.db <- Successfully deleted.
C:\Users\Luciano\Pictures\Níver Laisa 7 anos\Thumbs.db <- Successfully deleted.
C:\Windows\Resources\Themes\Thumbs.db <- Successfully deleted.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\PnrpSqm\PnrpRegSession0.sqm <- Successfully deleted.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\PnrpSqm\PnrpResolveSession0.sqm <- Successfully deleted.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\PnrpSqm\PnrpSvcSession0.sqm <- Successfully deleted.
C:\Windows\Web\Wallpaper\Thumbs.db <- Successfully deleted.
C:\Windows\Web\Wallpaper\Lenovo_1\Thumbs.db <- Successfully deleted.
C:\Windows\Web\Wallpaper\Lenovo_2\Thumbs.db <- Successfully deleted.
C:\Windows\Web\Wallpaper\Lenovo_3\Thumbs.db <- Successfully deleted.
C:\Windows\Web\Wallpaper\Lenovo_4\Thumbs.db <- Successfully deleted.
Total space cleaned: 78.22 MB
-=E.O.F=-
Luciano Santos- Iniciante
- Mensagens : 14
Reputação : 0
Data de inscrição : 31/01/2014
Idade : 46
Localização : Camaquã- RS
Re: Como remover awesomehp???
Vários problemas foram removidos pelo Purera.
Você executou também o Delfix e o Ccleaner? Caso não tenha executado, execute por gentileza.
Você executou também o Delfix e o Ccleaner? Caso não tenha executado, execute por gentileza.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Página 1 de 2 • 1, 2
Tópicos semelhantes
» (RESOLVIDO) Como remover o awesomehp do meu firefox?
» Como remover definitivamente o Awesomehp do computador?
» (RESOLVIDO) como remover o awesomehp ?????
» Remover o awesomehp
» (RESOLVIDO) Como remover definitivamente o awesomehp?
» Como remover definitivamente o Awesomehp do computador?
» (RESOLVIDO) como remover o awesomehp ?????
» Remover o awesomehp
» (RESOLVIDO) Como remover definitivamente o awesomehp?
Página 1 de 2
Permissões neste sub-fórum
Não podes responder a tópicos