Fórum PC Brasil
Gostaria de reagir a esta mensagem? Crie uma conta em poucos cliques ou inicie sessão para continuar.

Implementa recursos de segurança e limpeza ao computador!

Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking reddit      

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14810 usuários registrados
O último membro registrado é Josevinil

Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Últimos assuntos
» Problema no disco rígido do Windows 11
por joram Seg 01 Abr 2024, 06:35

Quem está conectado?
7 usuários online :: 0 registrados, 0 invisíveis e 7 visitantes :: 1 motor de busca

Nenhum

O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
 
 

Resultados por:
 

Rechercher Pesquisa avançada

Top dos mais postadores
Power Max
Problemas com roaming\newnext.me\nengine.dll Vote_lcapProblemas com roaming\newnext.me\nengine.dll Voting_barProblemas com roaming\newnext.me\nengine.dll Vote_rcap 
joram
Problemas com roaming\newnext.me\nengine.dll Vote_lcapProblemas com roaming\newnext.me\nengine.dll Voting_barProblemas com roaming\newnext.me\nengine.dll Vote_rcap 
Wings [In Memoriam]
Problemas com roaming\newnext.me\nengine.dll Vote_lcapProblemas com roaming\newnext.me\nengine.dll Voting_barProblemas com roaming\newnext.me\nengine.dll Vote_rcap 
caedurodrigues
Problemas com roaming\newnext.me\nengine.dll Vote_lcapProblemas com roaming\newnext.me\nengine.dll Voting_barProblemas com roaming\newnext.me\nengine.dll Vote_rcap 
Amigo Brasileiro
Problemas com roaming\newnext.me\nengine.dll Vote_lcapProblemas com roaming\newnext.me\nengine.dll Voting_barProblemas com roaming\newnext.me\nengine.dll Vote_rcap 
luizvilarinho
Problemas com roaming\newnext.me\nengine.dll Vote_lcapProblemas com roaming\newnext.me\nengine.dll Voting_barProblemas com roaming\newnext.me\nengine.dll Vote_rcap 
Danii
Problemas com roaming\newnext.me\nengine.dll Vote_lcapProblemas com roaming\newnext.me\nengine.dll Voting_barProblemas com roaming\newnext.me\nengine.dll Vote_rcap 
Admin
Problemas com roaming\newnext.me\nengine.dll Vote_lcapProblemas com roaming\newnext.me\nengine.dll Voting_barProblemas com roaming\newnext.me\nengine.dll Vote_rcap 
Danilo Marsaro
Problemas com roaming\newnext.me\nengine.dll Vote_lcapProblemas com roaming\newnext.me\nengine.dll Voting_barProblemas com roaming\newnext.me\nengine.dll Vote_rcap 
Andreata
Problemas com roaming\newnext.me\nengine.dll Vote_lcapProblemas com roaming\newnext.me\nengine.dll Voting_barProblemas com roaming\newnext.me\nengine.dll Vote_rcap 

maio 2024
SegTerQuaQuiSexSábDom
  12345
6789101112
13141516171819
20212223242526
2728293031  

Calendário Calendário

Palavras-chaves

player  placa  2015  pessoas  desinstalar  video  adobe  popup  SOFTWARE  deletar  2013  vídeos  2025  game  áudio  teclado  PARA  SISPNCD  impressora  excluir  flash  windows  notebook  mcafee  virus  instalação  


Problemas com roaming\newnext.me\nengine.dll

2 participantes

Fórum PC Brasil :: Segurança da Informação :: Casos Resolvidos

Página 1 de 2 1, 2  Seguinte

Ir para baixo

Problemas com roaming\newnext.me\nengine.dll Empty Problemas com roamingnewnext.menengine.dll

Mensagem por Sil C San Sáb 22 Fev 2014, 09:56

Estou com um problema, espero que aqui seja o lugar certo para postar.
Assim que ligo o pc aparece a mensagem app.data\roaming\newnext.me\nengine.dll
Isso é um vírus?
Sil C San
Sil C San
Membro
Membro

Mensagens : 98
Reputação : 1
Data de inscrição : 22/02/2014

Ir para o topo Ir para baixo

Problemas com roaming\newnext.me\nengine.dll Empty Re: Problemas com roaming\newnext.me\nengine.dll

Mensagem por Power Max Sáb 22 Fev 2014, 10:49

Problemas com roaming\newnext.me\nengine.dll 648673379  Olá Sil C San. Seja bem vindo ao Fórum PC Brasil.

Problemas com roaming\newnext.me\nengine.dll 772309  Faça o download do [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].

*Execute-o e clique no botão Main Menu.

* Na próxima tela que surgirá clique em [Do a system scan and save a logfile].

*Um relatório será apresentado.

*Selecione todo o conteúdo deste relatório e copie (Ctrl+c).

Depois disso é só voltar aqui no fórum e postar este log do Hijackthis para que ele possa ser analisado.

Ficamos no aguardo de sua resposta.


Última edição por Power Max em Dom 23 Fev 2014, 19:27, editado 1 vez(es)
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Problemas com roaming\newnext.me\nengine.dll Empty Re: Problemas com roaming\newnext.me\nengine.dll

Mensagem por Sil C San Sáb 22 Fev 2014, 14:50

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:50:03, on 22/02/2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16912)
Boot mode: Normal

Running processes:
C:\Windows\PixArt\PAC7302\Monitor.exe
C:\Program Files (x86)\USB Disk Security\USBGuard.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Speed\Blog\Nova pasta\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll
O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [USB Security] C:\Program Files (x86)\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Sil Speed\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\Sil Speed\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Windows\SysWOW64\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater17.3.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10974 bytes
Sil C San
Sil C San
Membro
Membro

Mensagens : 98
Reputação : 1
Data de inscrição : 22/02/2014

Ir para o topo Ir para baixo

Problemas com roaming\newnext.me\nengine.dll Empty Re: Problemas com roaming\newnext.me\nengine.dll

Mensagem por Power Max Sáb 22 Fev 2014, 14:53

Problemas com roaming\newnext.me\nengine.dll 772309  Siga, por gentileza, as dicas do tutorial abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste, por gentileza, o log do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.


Última edição por Power Max em Dom 23 Fev 2014, 19:27, editado 1 vez(es)
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Problemas com roaming\newnext.me\nengine.dll Empty Re: Problemas com roaming\newnext.me\nengine.dll

Mensagem por Sil C San Sáb 22 Fev 2014, 18:11

Baixei e veio um monte de coisa Free Games, Open It e Baidu...
menos o Adwcleaner
Sil C San
Sil C San
Membro
Membro

Mensagens : 98
Reputação : 1
Data de inscrição : 22/02/2014

Ir para o topo Ir para baixo

Problemas com roaming\newnext.me\nengine.dll Empty Re: Problemas com roaming\newnext.me\nengine.dll

Mensagem por Power Max Sáb 22 Fev 2014, 18:19

Sil C San escreveu:Baixei e veio um monte de coisa Free Games, Open It e Baidu...
menos o Adwcleaner
Neste caso é porque você não seguiu o tutorial corretamente.

Veja o início do tutorial:

Download:

Para baixá-lo e utilizá-lo corretamente é bem simples e mostramos abaixo como fazê-lo:

Baixe o programa Adwcleaner clicando [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e depois clique no botão Download Now @BleepingComputer.
__________________________________________________________

Problemas com roaming\newnext.me\nengine.dll 772309 Depois de baixá-lo, clique com o botão direito do mouse em AdwCleaner.exe e escolha a opção Executar como administrador.

|- Caso surja uma mensagem do Windows com a pergunta "Deseja permitir que o programa a seguir faça alterações neste computador?" clique em Sim.

|- Ps: Dê iní­cio ao escaneamento, clicando no botão Examinar como mostra esta imagem abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Assim que a verificação tiver sido concluída, clique no botão Limpar, como mostra esta imagem:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Surgirá, então, uma mensagem mostrada na qual você clicará no botão OK

Depois dos procedimentos acima aparecerá esta última mensagem, onde você novamente clicará em OK:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Depois disto é só você postar o relatório que estará em C:\AdwCleaner\AdwCleaner[S0].txt
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Problemas com roaming\newnext.me\nengine.dll Empty Re: Problemas com roaming\newnext.me\nengine.dll

Mensagem por Sil C San Sáb 22 Fev 2014, 18:19

# AdwCleaner v3.019 - Relatório criado 22/02/2014 às 18:15:44
# Atualizado 17/02/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate (64 bits)
# Usuário : Sil Speed - SILSPEED-PC
# Executando de : C:\Speed\Blog\Nova pasta\adwcleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

Serviço Deletada : vToolbarUpdater17.3.0

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\AVG Secure Search
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\SaveSenseLive
Pasta Deletada : C:\ProgramData\Trymedia
Pasta Deletada : C:\Program Files (x86)\AVG Secure Search
Pasta Deletada : C:\Program Files (x86)\DealPly
Pasta Deletada : C:\Program Files (x86)\Mobogenie
Pasta Deletada : C:\Program Files (x86)\openit
Pasta Deletada : C:\Program Files (x86)\SaveSenseLive
Pasta Deletada : C:\Program Files (x86)\SimilarSites
Pasta Deletada : C:\Program Files (x86)\Common Files\AVG Secure Search
Pasta Deletada : C:\Users\Sil Speed\AppData\Local\AVG Secure Search
Pasta Deletada : C:\Users\Sil Speed\AppData\Local\genienext
Pasta Deletada : C:\Users\Sil Speed\AppData\Local\Mobogenie
Pasta Deletada : C:\Users\Sil Speed\AppData\Local\SaveSense
Pasta Deletada : C:\Users\Sil Speed\AppData\Local\SaveSenseLive
Pasta Deletada : C:\Users\Sil Speed\AppData\LocalLow\AVG Secure Search
Pasta Deletada : C:\Users\Sil Speed\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
Pasta Deletada : C:\Users\Sil Speed\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Sil Speed\AppData\Roaming\DealPly
Pasta Deletada : C:\Users\Sil Speed\AppData\Roaming\DigitalSites
Pasta Deletada : C:\Users\Sil Speed\AppData\Roaming\Mysearchdial
Pasta Deletada : C:\Users\Sil Speed\AppData\Roaming\newnext.me
Pasta Deletada : C:\Users\Sil Speed\AppData\Roaming\OpenCandy
Pasta Deletada : C:\Users\Sil Speed\AppData\Roaming\SaveSense
Pasta Deletada : C:\Users\Sil Speed\AppData\Roaming\SimilarSites
Pasta Deletada : C:\Users\Sil Speed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Pasta Deletada : C:\Users\Sil Speed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
Pasta Deletada : C:\Users\Sil Speed\Documents\Mobogenie
Pasta Deletada : C:\Users\Bel\AppData\Local\AVG Secure Search
Pasta Deletada : C:\Users\Bel\AppData\LocalLow\AVG Secure Search
Pasta Deletada : C:\Users\Bel\AppData\Roaming\DealPly
Pasta Deletada : C:\Users\Sil Speed\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}
Pasta Deletada : C:\Users\Sil Speed\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default\Extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
Pasta Deletada : C:\Users\Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Pasta Deletada : C:\Users\Bel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Pasta Deletada : C:\Users\Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Pasta Deletada : C:\Users\Bel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Arquivo Deletada : C:\Users\Sil Speed\Desktop\MySearchDial.url
Arquivo Deletada : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
Arquivo Deletada : C:\Users\Sil Speed\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default\searchplugins\Mysearchdial.xml
Arquivo Deletada : C:\Users\Bel\AppData\Roaming\Mozilla\Firefox\Profiles\32156bwz.default\searchplugins\Mysearchdial.xml
Arquivo Deletada : C:\Users\Convidado\AppData\Roaming\Mozilla\Firefox\Profiles\yoxta379.default\searchplugins\Mysearchdial.xml
Arquivo Deletada : C:\Users\Sil Speed\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default\searchplugins\my-web-search.xml
Arquivo Deletada : C:\Users\Sil Speed\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default\user.js
Arquivo Deletada : C:\Users\Bel\AppData\Roaming\Mozilla\Firefox\Profiles\32156bwz.default\user.js
Arquivo Deletada : C:\Users\Convidado\AppData\Roaming\Mozilla\Firefox\Profiles\yoxta379.default\user.js
Arquivo Deletada : C:\Users\Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Arquivo Deletada : C:\Windows\System32\Tasks\DealPlyUpdate
Arquivo Deletada : C:\Windows\Tasks\SaveSense.job
Arquivo Deletada : C:\Windows\System32\Tasks\SaveSense

***** [ Atalhos ] *****


***** [ Registro ] *****

Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Chave Deletedo : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Chave Deletedo : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Chave Deletedo : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Chave Deletedo : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Chave Deletedo : HKLM\SOFTWARE\Classes\S
Chave Deletedo : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Chave Deletedo : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Chave Deletedo : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Chave Deletedo : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Chave Deletedo : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Chave Deletedo : HKCU\Software\AVG Secure Search
Chave Deletedo : HKCU\Software\DealPly
Chave Deletedo : HKCU\Software\dsiteproducts
Chave Deletedo : HKCU\Software\IGearSettings
Chave Deletedo : HKCU\Software\Iminent
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\mysearchdial.com
Chave Deletedo : HKCU\Software\SaveSenseLive
Chave Deletedo : HKLM\Software\AVG Secure Search
Chave Deletedo : HKLM\Software\AVG Security Toolbar
Chave Deletedo : HKLM\Software\DealPly
Chave Deletedo : HKLM\Software\DealPlyLive
Chave Deletedo : HKLM\Software\dt soft\daemon tools toolbar
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKLM\Software\SaveSenseLive
Chave Deletedo : HKLM\Software\Trymedia Systems
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zip Opener Packages
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP

***** [ Navegadores ] *****

-\\ Internet Explorer v8.0.7600.16912

Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v27.0.1 (pt-BR)

[ Arquivo : C:\Users\Sil Speed\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default\prefs.js ]

Linha deletada : user_pref("browser.search.defaultenginename", "Mysearchdial");
Linha deletada : user_pref("browser.search.order.1", "Mysearchdial");
Linha deletada : user_pref("browser.search.selectedEngine", "Mysearchdial");
Linha deletada : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=dsites0202&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyEyEyBtCyE0CtBzy0DyD0AtN0D0Tzu0CyBzzyEtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC[...]
Linha deletada : user_pref("extensions.mysearchdial.AL", 2);
Linha deletada : user_pref("extensions.mysearchdial.aflt", "dsites0202");
Linha deletada : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Linha deletada : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1Qzu0B0CyD0F0FyEyEyBtCyE0CtBzy0DyD0AtN0D0Tzu0CyBzzyEtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R");
Linha deletada : user_pref("extensions.mysearchdial.cntry", "BR");
Linha deletada : user_pref("extensions.mysearchdial.cr", "480110471");
Linha deletada : user_pref("extensions.mysearchdial.dfltLng", "");
Linha deletada : user_pref("extensions.mysearchdial.dfltSrch", true);
Linha deletada : user_pref("extensions.mysearchdial.dnsErr", true);
Linha deletada : user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,3224935090,2597085128,18285[...]
Linha deletada : user_pref("extensions.mysearchdial.excTlbr", false);
Linha deletada : user_pref("extensions.mysearchdial.hdrMd5", "73B1BB7DD76CD0F357180E68B325C5DC");
Linha deletada : user_pref("extensions.mysearchdial.hmpg", true);
Linha deletada : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=dsites0202&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyEyEyBtCyE0CtBzy0DyD0AtN0D0Tzu0CyBzzyEtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1Czut[...]
Linha deletada : user_pref("extensions.mysearchdial.id", "BC5FF44714C29D5A");
Linha deletada : user_pref("extensions.mysearchdial.instlDay", "16123");
Linha deletada : user_pref("extensions.mysearchdial.instlRef", "");
Linha deletada : user_pref("extensions.mysearchdial.lastB", "hxxp://start.mysearchdial.com/?f=1&a=dsites0202&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyEyEyBtCyE0CtBzy0DyD0AtN0D0Tzu0CyBzzyEtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBt[...]
Linha deletada : user_pref("extensions.mysearchdial.lastVrsnTs", "1.8.21.018:4:44");
Linha deletada : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=dsites0202&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyEyEyBtCyE0CtBzy0DyD0AtN0D0Tzu0CyBzzyEtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1Cz[...]
Linha deletada : user_pref("extensions.mysearchdial.pnu_base", "{\"newVrsn\":\"90\",\"lastVrsn\":\"90\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"false\",\"msgTs\":0,\"lstMsgTs\":\"0\"}");
Linha deletada : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Linha deletada : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Linha deletada : user_pref("extensions.mysearchdial.sg", "none");
Linha deletada : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Linha deletada : user_pref("extensions.mysearchdial.tlbrId", "base");
Linha deletada : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=dsites0202&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyEyEyBtCyE0CtBzy0DyD0AtN0D0Tzu0CyBzzyEtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1[...]
Linha deletada : user_pref("extensions.mysearchdial.vrsn", "1.8.21.0");
Linha deletada : user_pref("extensions.mysearchdial.vrsni", "1.8.21.0");
Linha deletada : user_pref("extensions.mysearchdial_i.hmpg", true);
Linha deletada : user_pref("extensions.mysearchdial_i.newTab", false);
Linha deletada : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Linha deletada : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.21.018:4:44");
Linha deletada : user_pref("extensions.mywebsearch.prevDefaultEngine", "Google");
Linha deletada : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Linha deletada : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=754A505E-4D1B-4E26-9597-ED189B05AB2D&n=77ee3de6&ind=2012102118&id=LKxdm007YYbr&ptnrS=L[...]
Linha deletada : user_pref("extensions.mywebsearch.prevSelectedEngine", "Google");
Linha deletada : user_pref("extensions.toolbar.mindspark._3gMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=754A505E-4D1B-4E26-9597-ED189B05AB2D&n=77ee3de6&ptnrS=LKxdm007YYbr&si=CN7QkOXokrMCFQkFnQod4V[...]
Linha deletada : user_pref("extensions.toolbar.mindspark._3gMembers_.hp.enabled", true);
Linha deletada : user_pref("extensions.toolbar.mindspark._3gMembers_.initialized", true);
Linha deletada : user_pref("extensions.toolbar.mindspark._3gMembers_.installation.contextKey", "");
Linha deletada : user_pref("extensions.toolbar.mindspark._3gMembers_.installation.installDate", "2012102118");
Linha deletada : user_pref("extensions.toolbar.mindspark._3gMembers_.installation.partnerId", "LKxdm007YYbr");
Linha deletada : user_pref("extensions.toolbar.mindspark._3gMembers_.installation.partnerSubId", "CN7QkOXokrMCFQkFnQod4VwAtg");
Linha deletada : user_pref("extensions.toolbar.mindspark._3gMembers_.installation.success", true);
Linha deletada : user_pref("extensions.toolbar.mindspark._3gMembers_.installation.toolbarId", "754A505E-4D1B-4E26-9597-ED189B05AB2D");
Linha deletada : user_pref("extensions.toolbar.mindspark._3gMembers_.lastActivePing", "1350851003177");
Linha deletada : user_pref("extensions.toolbar.mindspark._3gMembers_.options.defaultSearch", true);
Linha deletada : user_pref("extensions.toolbar.mindspark._3gMembers_.options.homePageEnabled", true);
Linha deletada : user_pref("extensions.toolbar.mindspark._3gMembers_.options.keywordEnabled", true);
Linha deletada : user_pref("extensions.toolbar.mindspark._3gMembers_.options.tabEnabled", true);
Linha deletada : user_pref("extensions.toolbar.mindspark.hp.enabled", true);
Linha deletada : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "festivebar@mindspark.com");
Linha deletada : user_pref("extensions.toolbar.mindspark.lastInstalled", "festivebar@mindspark.com");
Linha deletada : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent109", "1361478844309");
Linha deletada : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent111", "1361478844321");
Linha deletada : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent112", "1361478846908");
Linha deletada : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent122", "1361478844332");

[ Arquivo : C:\Users\Bel\AppData\Roaming\Mozilla\Firefox\Profiles\32156bwz.default\prefs.js ]

Linha deletada : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=dsites0202&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyEyEyBtCyE0CtBzy0DyD0AtN0D0Tzu0CyBzzyEtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC[...]
Linha deletada : user_pref("browser.search.selectedEngine", "Mysearchdial");
Linha deletada : user_pref("browser.search.defaultenginename", "Mysearchdial");

[ Arquivo : C:\Users\Convidado\AppData\Roaming\Mozilla\Firefox\Profiles\yoxta379.default\prefs.js ]

Linha deletada : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=dsites0202&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyEyEyBtCyE0CtBzy0DyD0AtN0D0Tzu0CyBzzyEtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC[...]
Linha deletada : user_pref("browser.search.selectedEngine", "Mysearchdial");
Linha deletada : user_pref("browser.search.defaultenginename", "Mysearchdial");

-\\ Google Chrome v

[ Arquivo : C:\Users\Sil Speed\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo : icon_url
Deletedo : search_url
Deletedo : keyword

[ Arquivo : C:\Users\Bel\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo : homepage

*************************

AdwCleaner[R0].txt - [32158 octets] - [22/02/2014 18:14:44]
AdwCleaner[S0].txt - [29898 octets] - [22/02/2014 18:15:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [29959 octets] ##########
Sil C San
Sil C San
Membro
Membro

Mensagens : 98
Reputação : 1
Data de inscrição : 22/02/2014

Ir para o topo Ir para baixo

Problemas com roaming\newnext.me\nengine.dll Empty Re: Problemas com roaming\newnext.me\nengine.dll

Mensagem por Sil C San Sáb 22 Fev 2014, 18:22

# AdwCleaner v3.019 - Relatório criado 22/02/2014 às 18:14:44
# Atualizado 17/02/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate (64 bits)
# Usuário : Sil Speed - SILSPEED-PC
# Executando de : C:\Speed\Blog\Nova pasta\adwcleaner.exe
# Opção : Examinar

***** [ Serviços ] *****

Serviço Encontrado : vToolbarUpdater17.3.0

***** [ Arquivos / Pastas ] *****

Arquivo Encontrado : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
Arquivo Encontrado : C:\Users\Bel\AppData\Roaming\Mozilla\Firefox\Profiles\32156bwz.default\searchplugins\Mysearchdial.xml
Arquivo Encontrado : C:\Users\Bel\AppData\Roaming\Mozilla\Firefox\Profiles\32156bwz.default\user.js
Arquivo Encontrado : C:\Users\Convidado\AppData\Roaming\Mozilla\Firefox\Profiles\yoxta379.default\searchplugins\Mysearchdial.xml
Arquivo Encontrado : C:\Users\Convidado\AppData\Roaming\Mozilla\Firefox\Profiles\yoxta379.default\user.js
Arquivo Encontrado : C:\Users\Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Arquivo Encontrado : C:\Users\Sil Speed\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default\searchplugins\Mysearchdial.xml
Arquivo Encontrado : C:\Users\Sil Speed\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default\searchplugins\my-web-search.xml
Arquivo Encontrado : C:\Users\Sil Speed\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default\user.js
Arquivo Encontrado : C:\Users\Sil Speed\Desktop\MySearchDial.url
Arquivo Encontrado : C:\Windows\System32\Tasks\DealPlyUpdate
Arquivo Encontrado : C:\Windows\System32\Tasks\SaveSense
Arquivo Encontrado : C:\Windows\Tasks\SaveSense.job
Pasta Encontrado : C:\Users\Bel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Pasta Encontrado : C:\Users\Bel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Pasta Encontrado : C:\Users\Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Pasta Encontrado : C:\Users\Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Pasta Encontrado : C:\Users\Sil Speed\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}
Pasta Encontrado : C:\Users\Sil Speed\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default\Extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
Pasta Encontrado C:\Program Files (x86)\AVG Secure Search
Pasta Encontrado C:\Program Files (x86)\Common Files\AVG Secure Search
Pasta Encontrado C:\Program Files (x86)\DealPly
Pasta Encontrado C:\Program Files (x86)\Mobogenie
Pasta Encontrado C:\Program Files (x86)\openit
Pasta Encontrado C:\Program Files (x86)\SaveSenseLive
Pasta Encontrado C:\Program Files (x86)\SimilarSites
Pasta Encontrado C:\ProgramData\AVG Secure Search
Pasta Encontrado C:\ProgramData\baidu
Pasta Encontrado C:\ProgramData\SaveSenseLive
Pasta Encontrado C:\ProgramData\Trymedia
Pasta Encontrado C:\Users\Bel\AppData\Local\AVG Secure Search
Pasta Encontrado C:\Users\Bel\AppData\LocalLow\AVG Secure Search
Pasta Encontrado C:\Users\Bel\AppData\Roaming\DealPly
Pasta Encontrado C:\Users\Sil Speed\AppData\Local\AVG Secure Search
Pasta Encontrado C:\Users\Sil Speed\AppData\Local\genienext
Pasta Encontrado C:\Users\Sil Speed\AppData\Local\Mobogenie
Pasta Encontrado C:\Users\Sil Speed\AppData\Local\SaveSense
Pasta Encontrado C:\Users\Sil Speed\AppData\Local\SaveSenseLive
Pasta Encontrado C:\Users\Sil Speed\AppData\LocalLow\AVG Secure Search
Pasta Encontrado C:\Users\Sil Speed\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
Pasta Encontrado C:\Users\Sil Speed\AppData\Roaming\baidu
Pasta Encontrado C:\Users\Sil Speed\AppData\Roaming\DealPly
Pasta Encontrado C:\Users\Sil Speed\AppData\Roaming\DigitalSites
Pasta Encontrado C:\Users\Sil Speed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Pasta Encontrado C:\Users\Sil Speed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
Pasta Encontrado C:\Users\Sil Speed\AppData\Roaming\Mysearchdial
Pasta Encontrado C:\Users\Sil Speed\AppData\Roaming\newnext.me
Pasta Encontrado C:\Users\Sil Speed\AppData\Roaming\OpenCandy
Pasta Encontrado C:\Users\Sil Speed\AppData\Roaming\SaveSense
Pasta Encontrado C:\Users\Sil Speed\AppData\Roaming\SimilarSites
Pasta Encontrado C:\Users\Sil Speed\Documents\Mobogenie

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Encontrada : HKCU\Software\AVG Secure Search
Chave Encontrada : HKCU\Software\DealPly
Chave Encontrada : HKCU\Software\dsiteproducts
Chave Encontrada : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Chave Encontrada : HKCU\Software\IGearSettings
Chave Encontrada : HKCU\Software\Iminent
Chave Encontrada : HKCU\Software\InstallCore
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zip Opener Packages
Chave Encontrada : HKCU\Software\mysearchdial.com
Chave Encontrada : HKCU\Software\SaveSenseLive
Chave Encontrada : [x64] HKCU\Software\AVG Secure Search
Chave Encontrada : [x64] HKCU\Software\DealPly
Chave Encontrada : [x64] HKCU\Software\dsiteproducts
Chave Encontrada : [x64] HKCU\Software\IGearSettings
Chave Encontrada : [x64] HKCU\Software\Iminent
Chave Encontrada : [x64] HKCU\Software\InstallCore
Chave Encontrada : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Chave Encontrada : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Chave Encontrada : [x64] HKCU\Software\mysearchdial.com
Chave Encontrada : [x64] HKCU\Software\SaveSenseLive
Chave Encontrada : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Chave Encontrada : HKLM\Software\AVG Secure Search
Chave Encontrada : HKLM\Software\AVG Security Toolbar
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Chave Encontrada : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Chave Encontrada : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Chave Encontrada : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Chave Encontrada : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Encontrada : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Chave Encontrada : HKLM\SOFTWARE\Classes\S
Chave Encontrada : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Chave Encontrada : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Encontrada : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Chave Encontrada : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Chave Encontrada : HKLM\Software\DealPly
Chave Encontrada : HKLM\Software\DealPlyLive
Chave Encontrada : HKLM\Software\dt soft\daemon tools toolbar
Chave Encontrada : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Chave Encontrada : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Chave Encontrada : HKLM\Software\Iminent
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chave Encontrada : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Chave Encontrada : HKLM\Software\SaveSenseLive
Chave Encontrada : HKLM\Software\Trymedia Systems
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Encontrada : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Chave Encontrada : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Valor Encontrada : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Valor Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Valor Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Valor Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Valor Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Valor Encontrada : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [ Navegadores ] *****

-\\ Internet Explorer v8.0.7600.16912

Configurações Encontrado : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Configurações Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Configurações Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Configurações Encontrado : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

-\\ Mozilla Firefox v27.0.1 (pt-BR)

[ Arquivo : C:\Users\Sil Speed\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default\prefs.js ]

Linha encontrada : user_pref("browser.search.defaultenginename", "Mysearchdial");
Linha encontrada : user_pref("browser.search.order.1", "Mysearchdial");
Linha encontrada : user_pref("browser.search.selectedEngine", "Mysearchdial");
Linha encontrada : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=dsites0202&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyEyEyBtCyE0CtBzy0DyD0AtN0D0Tzu0CyBzzyEtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC[...]
Linha encontrada : user_pref("extensions.mysearchdial.AL", 2);
Linha encontrada : user_pref("extensions.mysearchdial.aflt", "dsites0202");
Linha encontrada : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Linha encontrada : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1Qzu0B0CyD0F0FyEyEyBtCyE0CtBzy0DyD0AtN0D0Tzu0CyBzzyEtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R");
Linha encontrada : user_pref("extensions.mysearchdial.cntry", "BR");
Linha encontrada : user_pref("extensions.mysearchdial.cr", "480110471");
Linha encontrada : user_pref("extensions.mysearchdial.dfltLng", "");
Linha encontrada : user_pref("extensions.mysearchdial.dfltSrch", true);
Linha encontrada : user_pref("extensions.mysearchdial.dnsErr", true);
Linha encontrada : user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,3224935090,2597085128,18285[...]
Linha encontrada : user_pref("extensions.mysearchdial.excTlbr", false);
Linha encontrada : user_pref("extensions.mysearchdial.hdrMd5", "73B1BB7DD76CD0F357180E68B325C5DC");
Linha encontrada : user_pref("extensions.mysearchdial.hmpg", true);
Linha encontrada : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=dsites0202&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyEyEyBtCyE0CtBzy0DyD0AtN0D0Tzu0CyBzzyEtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1Czut[...]
Linha encontrada : user_pref("extensions.mysearchdial.id", "BC5FF44714C29D5A");
Linha encontrada : user_pref("extensions.mysearchdial.instlDay", "16123");
Linha encontrada : user_pref("extensions.mysearchdial.instlRef", "");
Linha encontrada : user_pref("extensions.mysearchdial.lastB", "hxxp://start.mysearchdial.com/?f=1&a=dsites0202&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyEyEyBtCyE0CtBzy0DyD0AtN0D0Tzu0CyBzzyEtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBt[...]
Linha encontrada : user_pref("extensions.mysearchdial.lastVrsnTs", "1.8.21.018:4:44");
Linha encontrada : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=dsites0202&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyEyEyBtCyE0CtBzy0DyD0AtN0D0Tzu0CyBzzyEtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1Cz[...]
Linha encontrada : user_pref("extensions.mysearchdial.pnu_base", "{\"newVrsn\":\"90\",\"lastVrsn\":\"90\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"false\",\"msgTs\":0,\"lstMsgTs\":\"0\"}");
Linha encontrada : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Linha encontrada : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Linha encontrada : user_pref("extensions.mysearchdial.sg", "none");
Linha encontrada : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Linha encontrada : user_pref("extensions.mysearchdial.tlbrId", "base");
Linha encontrada : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=dsites0202&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyEyEyBtCyE0CtBzy0DyD0AtN0D0Tzu0CyBzzyEtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1[...]
Linha encontrada : user_pref("extensions.mysearchdial.vrsn", "1.8.21.0");
Linha encontrada : user_pref("extensions.mysearchdial.vrsni", "1.8.21.0");
Linha encontrada : user_pref("extensions.mysearchdial_i.hmpg", true);
Linha encontrada : user_pref("extensions.mysearchdial_i.newTab", false);
Linha encontrada : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Linha encontrada : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.21.018:4:44");
Linha encontrada : user_pref("extensions.mywebsearch.prevDefaultEngine", "Google");
Linha encontrada : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Linha encontrada : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=754A505E-4D1B-4E26-9597-ED189B05AB2D&n=77ee3de6&ind=2012102118&id=LKxdm007YYbr&ptnrS=L[...]
Linha encontrada : user_pref("extensions.mywebsearch.prevSelectedEngine", "Google");
Linha encontrada : user_pref("extensions.toolbar.mindspark._3gMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=754A505E-4D1B-4E26-9597-ED189B05AB2D&n=77ee3de6&ptnrS=LKxdm007YYbr&si=CN7QkOXokrMCFQkFnQod4V[...]
Linha encontrada : user_pref("extensions.toolbar.mindspark._3gMembers_.hp.enabled", true);
Linha encontrada : user_pref("extensions.toolbar.mindspark._3gMembers_.initialized", true);
Linha encontrada : user_pref("extensions.toolbar.mindspark._3gMembers_.installation.contextKey", "");
Linha encontrada : user_pref("extensions.toolbar.mindspark._3gMembers_.installation.installDate", "2012102118");
Linha encontrada : user_pref("extensions.toolbar.mindspark._3gMembers_.installation.partnerId", "LKxdm007YYbr");
Linha encontrada : user_pref("extensions.toolbar.mindspark._3gMembers_.installation.partnerSubId", "CN7QkOXokrMCFQkFnQod4VwAtg");
Linha encontrada : user_pref("extensions.toolbar.mindspark._3gMembers_.installation.success", true);
Linha encontrada : user_pref("extensions.toolbar.mindspark._3gMembers_.installation.toolbarId", "754A505E-4D1B-4E26-9597-ED189B05AB2D");
Linha encontrada : user_pref("extensions.toolbar.mindspark._3gMembers_.lastActivePing", "1350851003177");
Linha encontrada : user_pref("extensions.toolbar.mindspark._3gMembers_.options.defaultSearch", true);
Linha encontrada : user_pref("extensions.toolbar.mindspark._3gMembers_.options.homePageEnabled", true);
Linha encontrada : user_pref("extensions.toolbar.mindspark._3gMembers_.options.keywordEnabled", true);
Linha encontrada : user_pref("extensions.toolbar.mindspark._3gMembers_.options.tabEnabled", true);
Linha encontrada : user_pref("extensions.toolbar.mindspark.hp.enabled", true);
Linha encontrada : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "festivebar@mindspark.com");
Linha encontrada : user_pref("extensions.toolbar.mindspark.lastInstalled", "festivebar@mindspark.com");
Linha encontrada : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent109", "1361478844309");
Linha encontrada : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent111", "1361478844321");
Linha encontrada : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent112", "1361478846908");
Linha encontrada : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent122", "1361478844332");

[ Arquivo : C:\Users\Bel\AppData\Roaming\Mozilla\Firefox\Profiles\32156bwz.default\prefs.js ]

Linha encontrada : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=dsites0202&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyEyEyBtCyE0CtBzy0DyD0AtN0D0Tzu0CyBzzyEtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC[...]
Linha encontrada : user_pref("browser.search.selectedEngine", "Mysearchdial");
Linha encontrada : user_pref("browser.search.defaultenginename", "Mysearchdial");

[ Arquivo : C:\Users\Convidado\AppData\Roaming\Mozilla\Firefox\Profiles\yoxta379.default\prefs.js ]

Linha encontrada : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=dsites0202&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyEyEyBtCyE0CtBzy0DyD0AtN0D0Tzu0CyBzzyEtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC[...]
Linha encontrada : user_pref("browser.search.selectedEngine", "Mysearchdial");
Linha encontrada : user_pref("browser.search.defaultenginename", "Mysearchdial");

-\\ Google Chrome v

[ Arquivo : C:\Users\Sil Speed\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Encontrada : icon_url
Encontrada : search_url
Encontrada : keyword

[ Arquivo : C:\Users\Bel\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Encontrada : homepage

*************************

AdwCleaner[R0].txt - [31772 octets] - [22/02/2014 18:14:44]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [31833 octets] ##########
Sil C San
Sil C San
Membro
Membro

Mensagens : 98
Reputação : 1
Data de inscrição : 22/02/2014

Ir para o topo Ir para baixo

Problemas com roaming\newnext.me\nengine.dll Empty Re: Problemas com roaming\newnext.me\nengine.dll

Mensagem por Power Max Sáb 22 Fev 2014, 18:25

Problemas com roaming\newnext.me\nengine.dll 772309  Siga, por gentileza, as dicas deste tutorial para fazer uma limpeza de seu PC com o Malwarebytes:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Na sua próxima resposta poste este log do Malwarebytes

Ficamos no aguardo.


Última edição por Power Max em Dom 23 Fev 2014, 19:28, editado 1 vez(es)
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Problemas com roaming\newnext.me\nengine.dll Empty Re: Problemas com roaming\newnext.me\nengine.dll

Mensagem por Sil C San Sáb 22 Fev 2014, 20:30

Malwarebytes Anti-Malware 1.75.0.1300
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Versão da Base de Dados: v2014.02.22.04

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Sil Speed :: SILSPEED-PC [administrador]

22/02/2014 18:51:25
MBAM-log-2014-02-22 (20-30-27).txt

Tipo de Verificação: Verificação Completa (C:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 463796
Tempo decorrido: 48 minuto(s), 48 segundo(s)

Processos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Chaves de Registro Detectadas: 36
HKCR\AppID\{A2D3FB7A-6873-45E8-AF96-57092D721828} (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828} (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassSvc (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLive.OneClickCtrl.9 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLive.OneClickProcessLauncherMachine (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLive.OneClickProcessLauncherMachine.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLive.Update3WebControl.3 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CoCreateAsync (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CoCreateAsync.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CoreClass (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CoreClass.1 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CoreMachineClass (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CoreMachineClass.1 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CredentialDialogMachine (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CredentialDialogMachine.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassMachine (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassMachine.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.ProcessLauncher (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.ProcessLauncher.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3COMClassService (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3COMClassService.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3WebMachine (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3WebMachine.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3WebMachineFallback (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3WebMachineFallback.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3WebSvc (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3WebSvc.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\AppID\SaveSenseLive.exe (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCU\SOFTWARE\SaveSense (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=3 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=9 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKLM\SYSTEM\CurrentControlSet\Services\savesenselive (PUP.Optional.SaveSense) -> Nenhuma ação foi feita.
HKLM\SYSTEM\CurrentControlSet\Services\savesenselivem (PUP.Optional.SaveSense) -> Nenhuma ação foi feita.

Valores de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Pastas Detectadas: 0
(Não foram detectados ítens maliciosos)

Arquivos Detectados: 21
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPlyIE.dll.vir (PUP.DealPly) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPlyUpdate.exe.vir (PUP.Optional.Dealply) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPlyUpdateRun.exe.vir (PUP.Optional.Dealply) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe.vir (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdate.dll.vir (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll.vir (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\psmachine.dll.vir (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\psuser.dll.vir (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLive.exe.vir (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveBroker.exe.vir (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveHandler.exe.vir (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveOnDemand.exe.vir (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\Backup\Windows Loader\Windows Loader.exe (Hacktool.Agent) -> Nenhuma ação foi feita.
C:\Speed\Blog\Nova pasta\ZipSetup.exe (PUP.Optional.FriedCookie) -> Nenhuma ação foi feita.
C:\Speed\Diversos\Corel Draw X5 Keygen [2010] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (RiskWare.Tool.CK) -> Nenhuma ação foi feita.
C:\Speed\Diversos\Corel Draw X5 with Keygen\Keygen.exe (RiskWare.Tool.CK) -> Nenhuma ação foi feita.
C:\Users\Sil Speed\AppData\Local\Temp\is357113909\11790561_stp\Mysearchdial.exe (PUP.Optional.MySpeedDial.A) -> Nenhuma ação foi feita.
C:\Users\Sil Speed\AppData\Local\Temp\is357113909\11790623_stp\sas.exe (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\Users\Sil Speed\Downloads\winamp5623_full_emusic-7plus_pt-br.exe (PUP.Optional.OpenCandy) -> Nenhuma ação foi feita.
C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job (PUP.Optional.SaveSense) -> Nenhuma ação foi feita.
C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job (PUP.Optional.SaveSense) -> Nenhuma ação foi feita.
Sil C San
Sil C San
Membro
Membro

Mensagens : 98
Reputação : 1
Data de inscrição : 22/02/2014

Ir para o topo Ir para baixo

Problemas com roaming\newnext.me\nengine.dll Empty Re: Problemas com roaming\newnext.me\nengine.dll

Mensagem por Power Max Sáb 22 Fev 2014, 20:34

O Malwarebytes encontrou vários problemas, mas está constando que nenhuma ação foi feita.

Sugiro que desmarque só estes abaixo, que são cracks de programas:

C:\Backup\Windows Loader\Windows Loader.exe (Hacktool.Agent) -> Nenhuma ação foi feita.
C:\Speed\Blog\Nova pasta\ZipSetup.exe (PUP.Optional.FriedCookie) -> Nenhuma ação foi feita.
C:\Speed\Diversos\Corel Draw X5 Keygen [2010] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (RiskWare.Tool.CK) -> Nenhuma ação foi feita.
C:\Speed\Diversos\Corel Draw X5 with Keygen\Keygen.exe (RiskWare.Tool.CK) -> Nenhuma ação foi feita.

já o restante que o Malwarebytes encontrou você pode selecionar tudo e remover.

Depois disto poste o novo relatório que ele irá criar.
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Problemas com roaming\newnext.me\nengine.dll Empty Re: Problemas com roaming\newnext.me\nengine.dll

Mensagem por Sil C San Sáb 22 Fev 2014, 21:44

Malwarebytes Anti-Malware 1.75.0.1300
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Versão da Base de Dados: v2014.02.22.04

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Sil Speed :: SILSPEED-PC [administrador]

22/02/2014 20:43:19
MBAM-log-2014-02-22 (21-44-05).txt

Tipo de Verificação: Verificação Completa (C:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 463590
Tempo decorrido: 48 minuto(s), 22 segundo(s)

Processos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Chaves de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Valores de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Pastas Detectadas: 0
(Não foram detectados ítens maliciosos)

Arquivos Detectados: 4
C:\Backup\Windows Loader\Windows Loader.exe (Hacktool.Agent) -> Nenhuma ação foi feita.
C:\Speed\Blog\Nova pasta\ZipSetup.exe (PUP.Optional.FriedCookie) -> Nenhuma ação foi feita.
C:\Speed\Diversos\Corel Draw X5 Keygen [2010] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (RiskWare.Tool.CK) -> Nenhuma ação foi feita.
C:\Speed\Diversos\Corel Draw X5 with Keygen\Keygen.exe (RiskWare.Tool.CK) -> Nenhuma ação foi feita.

(fim)
Sil C San
Sil C San
Membro
Membro

Mensagens : 98
Reputação : 1
Data de inscrição : 22/02/2014

Ir para o topo Ir para baixo

Problemas com roaming\newnext.me\nengine.dll Empty Re: Problemas com roaming\newnext.me\nengine.dll

Mensagem por Power Max Sáb 22 Fev 2014, 21:47

Problemas com roaming\newnext.me\nengine.dll 772309  Siga, por gentileza, as dicas do tutorial abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste, por gentileza, o log do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.


Última edição por Power Max em Dom 23 Fev 2014, 19:28, editado 1 vez(es)
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Problemas com roaming\newnext.me\nengine.dll Empty Re: Problemas com roaming\newnext.me\nengine.dll

Mensagem por Sil C San Sáb 22 Fev 2014, 22:19

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Ultimate x64
Ran by Sil Speed on 22/02/2014 at 21:51:02,10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yuna software
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\yuna software



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\yuna software"
Successfully deleted: [Empty Folder] C:\Users\Sil Speed\appdata\local\{0D71A89C-7442-47D4-844B-CFF34D91A630}
Successfully deleted: [Empty Folder] C:\Users\Sil Speed\appdata\local\{6F742B5E-609A-4E12-843E-30C19FFB1DE3}
Successfully deleted: [Empty Folder] C:\Users\Sil Speed\appdata\local\{9FC9A6C8-B8C0-4ABA-B102-BEBCB61CA7A1}



~~~ FireFox

Emptied folder: C:\Users\Sil Speed\AppData\Roaming\mozilla\firefox\profiles\iegipifq.default\minidumps [30 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22/02/2014 at 21:58:57,08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Sil C San
Sil C San
Membro
Membro

Mensagens : 98
Reputação : 1
Data de inscrição : 22/02/2014

Ir para o topo Ir para baixo

Problemas com roaming\newnext.me\nengine.dll Empty Re: Problemas com roaming\newnext.me\nengine.dll

Mensagem por Power Max Sáb 22 Fev 2014, 22:21


Problemas com roaming\newnext.me\nengine.dll 772309  Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Dom 23 Fev 2014, 19:28, editado 2 vez(es)
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Problemas com roaming\newnext.me\nengine.dll Empty Re: Problemas com roaming\newnext.me\nengine.dll

Mensagem por Sil C San Sáb 22 Fev 2014, 23:27


Zoek.exe v5.0.0.0 Updated 19-February-2014
Tool run by Sil Speed on 22/02/2014 at 22:31:11,63.
Microsoft Windows 7 Ultimate 6.1.7600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Speed\Blog\Nova pasta\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

22/02/2014 22:32:18 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2647670610-476177939-1705394977-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Bel\AppData\Roaming\Mozilla\Firefox\Profiles\32156bwz.default\prefs.js:
user_pref("keyword.URL", "");

Added to C:\Users\Bel\AppData\Roaming\Mozilla\Firefox\Profiles\32156bwz.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\CONVID~1\AppData\Roaming\Mozilla\Firefox\Profiles\yoxta379.default\prefs.js:
user_pref("keyword.URL", "");

Added to C:\Users\CONVID~1\AppData\Roaming\Mozilla\Firefox\Profiles\yoxta379.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\SILSPE~1\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default\prefs.js:
user_pref("keyword.URL", "");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\SILSPE~1\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default\prefs.js:

ProfilePath: C:\Users\Bel\AppData\Roaming\Mozilla\Firefox\Profiles\32156bwz.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_022014_2243_.backup

ProfilePath: C:\Users\CONVID~1\AppData\Roaming\Mozilla\Firefox\Profiles\yoxta379.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_022014_2243_.backup

ProfilePath: C:\Users\SILSPE~1\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_022014_2243_.backup

==== Deleting Files \ Folders ======================

C:\Users\Sil Speed\daemonprocess.txt deleted
C:\Users\Sil Speed\.android deleted
C:\PROGRA~2\TRELLIAN\Toolbar deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\found.000 deleted
C:\PROGRA~3\FileSplitUpLoad.dll deleted
C:\Users\Sil Speed\AppData\Local\cache deleted
C:\Users\Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\WebNavigation.crx deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job deleted
C:\windows\SysNative\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv deleted
C:\windows\SysNative\tasks\Digital Sites deleted
C:\Windows\tasks\Digital Sites.job deleted
C:\Windows\Syswow64\InstallUtil.InstallLog deleted
C:\Users\Bel\AppData\Roaming\Mozilla\Firefox\Profiles\32156bwz.default\extensions\staged deleted
C:\Users\CONVID~1\AppData\Roaming\Mozilla\Firefox\Profiles\yoxta379.default\extensions\staged deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [19/11/2013 21:23]

==== Firefox Extensions ======================

ProfilePath: C:\Users\SILSPE~1\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default
- avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
- Undetermined - C:\Users\Sil Speed\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
- Site Finder - C:\Users\Sil Speed\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default\extensions\sitefinder@sitefinder.com
- Site Finder - %ProfilePath%\extensions\sitefinder@sitefinder.com
- ColorfulTabs - %ProfilePath%\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
- SaveSense - %ProfilePath%\extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23}
- Guardiao Itau Unibanco - %ProfilePath%\extensions\{87F8774F-B485-47E2-A755-A40A8A5E8873}
- Pink Fox - %ProfilePath%\extensions\{e7348bc0-16f6-11de-8c30-0800200c9a66}
- NASA Night Launch - %ProfilePath%\extensions\nasanightlaunch@example.com.xpi
- Noia-4 temahanterare - %ProfilePath%\extensions\Noia4Options@ArisT2.xpi
- Brisk V1 - %ProfilePath%\extensions\qimasood@gmail.com.xpi
- Ad-Bye - For Facebook - %ProfilePath%\extensions\s.alfa@idev.com.xpi
- Utopia FFSE White Options - %ProfilePath%\extensions\utopia_ffse_white_options@[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
- Web Navigation - %ProfilePath%\extensions\webnavigation@linkzb.com.xpi
- Utopia FFSE White - %ProfilePath%\extensions\{20C3BDFF-DA68-468d-8D9A-F5A6C76B0F9E}.xpi
- Black Youtube Theme - %ProfilePath%\extensions\{2c93446d-612b-416d-9af0-b7355797b611}.xpi
- FirefoxAdKiller - %ProfilePath%\extensions\{b1df372d-8b32-4c7d-b6b4-9c5b78cf6fb1}.xpi
- FXChrome - %ProfilePath%\extensions\{c0c588b6-b11d-4898-af00-079fed05aa32}.xpi
- Noia 4 - %ProfilePath%\extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Sil Speed\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default
D775FA6F1E88B3B99E69E8A0D6C3A819 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll - Shockwave Flash
A9C86900D2A61728C8326FE7147617C5 - C:\Users\Sil Speed\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll - Google Update
1BFD18699636B8F1AA26675BA43D2F8F - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll - Shockwave for Director / Shockwave for Director
DAD55CEF682EAE6FA7B4C9487563A496 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll - Shockwave for Director / Shockwave for Director


==== Deleted Firefox Extensions ======================

C:\Users\SILSPE~1\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default\extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23} deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lkemddiljapcmhicklfpcbpfffahfbja - C:\Users\Sil Speed\AppData\Local\Google\Chrome\User Data\Default\extensions\WebNavigation.crx[]

YouTube - Bel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Bel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Bel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Bel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Angry Birds - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj
YouTube - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
500px - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\egpociadnldbkfkjpmjoaibnbcoeplja
Bomb It - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffcmdbjaleiijdlgfdloenebnhfjejff
Tank Riders - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdmmodjlfegeieihcdcgcalkgmhgmiae
Color Piano - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmigmmflfcbhdpdgbkkeojchjhhphnh
GData Centers 1 Council Bluffs Iowa - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeonacmfdmkgfmmdejlinolgjomhcbmh
Webcam Toy - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade
Web Navigation - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkemddiljapcmhicklfpcbpfffahfbja
Google Wallet - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkemddiljapcmhicklfpcbpfffahfbja deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Bel\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Bel\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Bel\Desktop\Ares.lnk - C:\Program Files (x86)\Ares\Ares.exe
C:\Users\Bel\Desktop\RollerCoaster Tycoon 2.lnk - C:\Program Files (x86)\Infogrames\RollerCoaster Tycoon 2\RCT2.EXE
C:\Users\Bel\Desktop\Winamp.lnk - C:\Program Files (x86)\Winamp\winamp.exe
C:\Users\Convidado\Desktop\Ares.lnk - C:\Program Files (x86)\Ares\Ares.exe
C:\Users\Convidado\Desktop\rFactor.lnk - C:\Program Files (x86)\rFactor\rFactor.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Bel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\500px.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe --profile-directory=Default --app-id=egpociadnldbkfkjpmjoaibnbcoeplja
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Tank Riders.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe --profile-directory=Default --app-id=gdmmodjlfegeieihcdcgcalkgmhgmiae
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Inicializador de aplicativos do Google Chrome.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe --show-app-list

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1046-7B44-AB0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast Free Antivirus.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\DVDVideoSoft Free Studio.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Free 3GP Video Converter.lnk - C:\Free 3GP Video Converter\Free3GPVideoConverter.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Log Report.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\DVSSysReport.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Premium Membership.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\PremiumMembershipOffer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Uninstall.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm

==== shortcuts in Quick Launch ======================

C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Ares.lnk - C:\Program Files (x86)\Ares\Ares.exe
C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\RollerCoaster Tycoon 2.lnk - C:\Program Files (x86)\Infogrames\RollerCoaster Tycoon 2\RCT2.EXE
C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Winamp.lnk - C:\Program Files (x86)\Winamp\winamp.exe
C:\Users\Convidado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Convidado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.lnk - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\25bb2cdfb96af2d6\PokerStars.lnk - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f966724577ef19eb\PokerStars.EU.lnk - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Adobe Photoshop 7.0.1.lnk - C:\Program Files (x86)\Adobe\Photoshop 7.0\Photoshop.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Ares.lnk - C:\Program Files (x86)\Ares\Ares.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk - C:\Windows\system32\calc.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\CorelDRAW X6 (64-Bit).lnk - c:\Windows\Installer\{27AE72A4-B217-4CDC-B82B-3311E9D7460E}\NewShortcut1_41AAC0AC880545E6A1C81230F4159C30.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Excel 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office PowerPoint 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\PokerStars.lnk - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== shortcuts After Repair ======================

C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lkemddiljapcmhicklfpcbpfffahfbja deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlusService deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Bel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Bel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Bel\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Bel\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Convidado\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Sil Speed\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Sil Speed\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Bel\AppData\Local\Mozilla\Firefox\Profiles\32156bwz.default\Cache emptied successfully
C:\Users\Convidado\AppData\Local\Mozilla\Firefox\Profiles\yoxta379.default\Cache emptied successfully
C:\Users\Sil Speed\AppData\Local\Mozilla\Firefox\Profiles\iegipifq.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Bel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=661 folders=120 16948491 bytes)

==== Empty Temp Folders ======================

C:\Users\Bel\AppData\Local\Temp emptied successfully
C:\Users\Convidado\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Sil Speed\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\SILSPE~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Sil Speed\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on 22/02/2014 at 23:26:12,20 ======================
Sil C San
Sil C San
Membro
Membro

Mensagens : 98
Reputação : 1
Data de inscrição : 22/02/2014

Ir para o topo Ir para baixo

Problemas com roaming\newnext.me\nengine.dll Empty Re: Problemas com roaming\newnext.me\nengine.dll

Mensagem por Sil C San Sáb 22 Fev 2014, 23:29


Zoek.exe v5.0.0.0 Updated 19-February-2014
Tool run by Sil Speed on 22/02/2014 at 22:31:11,63.
Microsoft Windows 7 Ultimate 6.1.7600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Speed\Blog\Nova pasta\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

22/02/2014 22:32:18 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2647670610-476177939-1705394977-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Bel\AppData\Roaming\Mozilla\Firefox\Profiles\32156bwz.default\prefs.js:
user_pref("keyword.URL", "");

Added to C:\Users\Bel\AppData\Roaming\Mozilla\Firefox\Profiles\32156bwz.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\CONVID~1\AppData\Roaming\Mozilla\Firefox\Profiles\yoxta379.default\prefs.js:
user_pref("keyword.URL", "");

Added to C:\Users\CONVID~1\AppData\Roaming\Mozilla\Firefox\Profiles\yoxta379.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\SILSPE~1\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default\prefs.js:
user_pref("keyword.URL", "");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\SILSPE~1\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default\prefs.js:

ProfilePath: C:\Users\Bel\AppData\Roaming\Mozilla\Firefox\Profiles\32156bwz.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_022014_2243_.backup

ProfilePath: C:\Users\CONVID~1\AppData\Roaming\Mozilla\Firefox\Profiles\yoxta379.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_022014_2243_.backup

ProfilePath: C:\Users\SILSPE~1\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_022014_2243_.backup

==== Deleting Files \ Folders ======================

C:\Users\Sil Speed\daemonprocess.txt deleted
C:\Users\Sil Speed\.android deleted
C:\PROGRA~2\TRELLIAN\Toolbar deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\found.000 deleted
C:\PROGRA~3\FileSplitUpLoad.dll deleted
C:\Users\Sil Speed\AppData\Local\cache deleted
C:\Users\Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\WebNavigation.crx deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job deleted
C:\windows\SysNative\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv deleted
C:\windows\SysNative\tasks\Digital Sites deleted
C:\Windows\tasks\Digital Sites.job deleted
C:\Windows\Syswow64\InstallUtil.InstallLog deleted
C:\Users\Bel\AppData\Roaming\Mozilla\Firefox\Profiles\32156bwz.default\extensions\staged deleted
C:\Users\CONVID~1\AppData\Roaming\Mozilla\Firefox\Profiles\yoxta379.default\extensions\staged deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [19/11/2013 21:23]

==== Firefox Extensions ======================

ProfilePath: C:\Users\SILSPE~1\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default
- avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
- Undetermined - C:\Users\Sil Speed\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
- Site Finder - C:\Users\Sil Speed\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default\extensions\sitefinder@sitefinder.com
- Site Finder - %ProfilePath%\extensions\sitefinder@sitefinder.com
- ColorfulTabs - %ProfilePath%\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
- SaveSense - %ProfilePath%\extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23}
- Guardiao Itau Unibanco - %ProfilePath%\extensions\{87F8774F-B485-47E2-A755-A40A8A5E8873}
- Pink Fox - %ProfilePath%\extensions\{e7348bc0-16f6-11de-8c30-0800200c9a66}
- NASA Night Launch - %ProfilePath%\extensions\nasanightlaunch@example.com.xpi
- Noia-4 temahanterare - %ProfilePath%\extensions\Noia4Options@ArisT2.xpi
- Brisk V1 - %ProfilePath%\extensions\qimasood@gmail.com.xpi
- Ad-Bye - For Facebook - %ProfilePath%\extensions\s.alfa@idev.com.xpi
- Utopia FFSE White Options - %ProfilePath%\extensions\utopia_ffse_white_options@[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
- Web Navigation - %ProfilePath%\extensions\webnavigation@linkzb.com.xpi
- Utopia FFSE White - %ProfilePath%\extensions\{20C3BDFF-DA68-468d-8D9A-F5A6C76B0F9E}.xpi
- Black Youtube Theme - %ProfilePath%\extensions\{2c93446d-612b-416d-9af0-b7355797b611}.xpi
- FirefoxAdKiller - %ProfilePath%\extensions\{b1df372d-8b32-4c7d-b6b4-9c5b78cf6fb1}.xpi
- FXChrome - %ProfilePath%\extensions\{c0c588b6-b11d-4898-af00-079fed05aa32}.xpi
- Noia 4 - %ProfilePath%\extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Sil Speed\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default
D775FA6F1E88B3B99E69E8A0D6C3A819 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll - Shockwave Flash
A9C86900D2A61728C8326FE7147617C5 - C:\Users\Sil Speed\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll - Google Update
1BFD18699636B8F1AA26675BA43D2F8F - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll - Shockwave for Director / Shockwave for Director
DAD55CEF682EAE6FA7B4C9487563A496 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll - Shockwave for Director / Shockwave for Director


==== Deleted Firefox Extensions ======================

C:\Users\SILSPE~1\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default\extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23} deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lkemddiljapcmhicklfpcbpfffahfbja - C:\Users\Sil Speed\AppData\Local\Google\Chrome\User Data\Default\extensions\WebNavigation.crx[]

YouTube - Bel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Bel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Bel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Bel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Angry Birds - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj
YouTube - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
500px - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\egpociadnldbkfkjpmjoaibnbcoeplja
Bomb It - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffcmdbjaleiijdlgfdloenebnhfjejff
Tank Riders - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdmmodjlfegeieihcdcgcalkgmhgmiae
Color Piano - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmigmmflfcbhdpdgbkkeojchjhhphnh
GData Centers 1 Council Bluffs Iowa - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeonacmfdmkgfmmdejlinolgjomhcbmh
Webcam Toy - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade
Web Navigation - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkemddiljapcmhicklfpcbpfffahfbja
Google Wallet - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkemddiljapcmhicklfpcbpfffahfbja deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Bel\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Bel\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Bel\Desktop\Ares.lnk - C:\Program Files (x86)\Ares\Ares.exe
C:\Users\Bel\Desktop\RollerCoaster Tycoon 2.lnk - C:\Program Files (x86)\Infogrames\RollerCoaster Tycoon 2\RCT2.EXE
C:\Users\Bel\Desktop\Winamp.lnk - C:\Program Files (x86)\Winamp\winamp.exe
C:\Users\Convidado\Desktop\Ares.lnk - C:\Program Files (x86)\Ares\Ares.exe
C:\Users\Convidado\Desktop\rFactor.lnk - C:\Program Files (x86)\rFactor\rFactor.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Bel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\500px.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe --profile-directory=Default --app-id=egpociadnldbkfkjpmjoaibnbcoeplja
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Tank Riders.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe --profile-directory=Default --app-id=gdmmodjlfegeieihcdcgcalkgmhgmiae
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Inicializador de aplicativos do Google Chrome.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe --show-app-list

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1046-7B44-AB0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast Free Antivirus.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\DVDVideoSoft Free Studio.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Free 3GP Video Converter.lnk - C:\Free 3GP Video Converter\Free3GPVideoConverter.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Log Report.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\DVSSysReport.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Premium Membership.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\PremiumMembershipOffer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Uninstall.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm

==== shortcuts in Quick Launch ======================

C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Ares.lnk - C:\Program Files (x86)\Ares\Ares.exe
C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\RollerCoaster Tycoon 2.lnk - C:\Program Files (x86)\Infogrames\RollerCoaster Tycoon 2\RCT2.EXE
C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Winamp.lnk - C:\Program Files (x86)\Winamp\winamp.exe
C:\Users\Convidado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Convidado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.lnk - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\25bb2cdfb96af2d6\PokerStars.lnk - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f966724577ef19eb\PokerStars.EU.lnk - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Adobe Photoshop 7.0.1.lnk - C:\Program Files (x86)\Adobe\Photoshop 7.0\Photoshop.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Ares.lnk - C:\Program Files (x86)\Ares\Ares.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk - C:\Windows\system32\calc.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\CorelDRAW X6 (64-Bit).lnk - c:\Windows\Installer\{27AE72A4-B217-4CDC-B82B-3311E9D7460E}\NewShortcut1_41AAC0AC880545E6A1C81230F4159C30.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Excel 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office PowerPoint 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\PokerStars.lnk - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== shortcuts After Repair ======================

C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lkemddiljapcmhicklfpcbpfffahfbja deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlusService deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Bel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Bel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Bel\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Bel\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Convidado\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Sil Speed\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Sil Speed\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Bel\AppData\Local\Mozilla\Firefox\Profiles\32156bwz.default\Cache emptied successfully
C:\Users\Convidado\AppData\Local\Mozilla\Firefox\Profiles\yoxta379.default\Cache emptied successfully
C:\Users\Sil Speed\AppData\Local\Mozilla\Firefox\Profiles\iegipifq.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Bel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=661 folders=120 16948491 bytes)

==== Empty Temp Folders ======================

C:\Users\Bel\AppData\Local\Temp emptied successfully
C:\Users\Convidado\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Sil Speed\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\SILSPE~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Sil Speed\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on 22/02/2014 at 23:26:12,20 ======================
Sil C San
Sil C San
Membro
Membro

Mensagens : 98
Reputação : 1
Data de inscrição : 22/02/2014

Ir para o topo Ir para baixo

Problemas com roaming\newnext.me\nengine.dll Empty Re: Problemas com roaming\newnext.me\nengine.dll

Mensagem por Power Max Sáb 22 Fev 2014, 23:31


Problemas com roaming\newnext.me\nengine.dll 772309  Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >  < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.
 
|- Execute o ícone do pergaminho. ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
 
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
 
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]


Última edição por Power Max em Dom 23 Fev 2014, 19:29, editado 1 vez(es)
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Problemas com roaming\newnext.me\nengine.dll Empty Re: Problemas com roaming\newnext.me\nengine.dll

Mensagem por Sil C San Dom 23 Fev 2014, 00:04


Zoek.exe v5.0.0.0 Updated 19-February-2014
Tool run by Sil Speed on 22/02/2014 at 22:31:11,63.
Microsoft Windows 7 Ultimate 6.1.7600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Speed\Blog\Nova pasta\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

22/02/2014 22:32:18 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2647670610-476177939-1705394977-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Bel\AppData\Roaming\Mozilla\Firefox\Profiles\32156bwz.default\prefs.js:
user_pref("keyword.URL", "");

Added to C:\Users\Bel\AppData\Roaming\Mozilla\Firefox\Profiles\32156bwz.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\CONVID~1\AppData\Roaming\Mozilla\Firefox\Profiles\yoxta379.default\prefs.js:
user_pref("keyword.URL", "");

Added to C:\Users\CONVID~1\AppData\Roaming\Mozilla\Firefox\Profiles\yoxta379.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\SILSPE~1\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default\prefs.js:
user_pref("keyword.URL", "");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\SILSPE~1\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default\prefs.js:

ProfilePath: C:\Users\Bel\AppData\Roaming\Mozilla\Firefox\Profiles\32156bwz.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_022014_2243_.backup

ProfilePath: C:\Users\CONVID~1\AppData\Roaming\Mozilla\Firefox\Profiles\yoxta379.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_022014_2243_.backup

ProfilePath: C:\Users\SILSPE~1\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_022014_2243_.backup

==== Deleting Files \ Folders ======================

C:\Users\Sil Speed\daemonprocess.txt deleted
C:\Users\Sil Speed\.android deleted
C:\PROGRA~2\TRELLIAN\Toolbar deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\found.000 deleted
C:\PROGRA~3\FileSplitUpLoad.dll deleted
C:\Users\Sil Speed\AppData\Local\cache deleted
C:\Users\Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\WebNavigation.crx deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job deleted
C:\windows\SysNative\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv deleted
C:\windows\SysNative\tasks\Digital Sites deleted
C:\Windows\tasks\Digital Sites.job deleted
C:\Windows\Syswow64\InstallUtil.InstallLog deleted
C:\Users\Bel\AppData\Roaming\Mozilla\Firefox\Profiles\32156bwz.default\extensions\staged deleted
C:\Users\CONVID~1\AppData\Roaming\Mozilla\Firefox\Profiles\yoxta379.default\extensions\staged deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [19/11/2013 21:23]

==== Firefox Extensions ======================

ProfilePath: C:\Users\SILSPE~1\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default
- avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
- Undetermined - C:\Users\Sil Speed\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
- Site Finder - C:\Users\Sil Speed\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default\extensions\sitefinder@sitefinder.com
- Site Finder - %ProfilePath%\extensions\sitefinder@sitefinder.com
- ColorfulTabs - %ProfilePath%\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
- SaveSense - %ProfilePath%\extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23}
- Guardiao Itau Unibanco - %ProfilePath%\extensions\{87F8774F-B485-47E2-A755-A40A8A5E8873}
- Pink Fox - %ProfilePath%\extensions\{e7348bc0-16f6-11de-8c30-0800200c9a66}
- NASA Night Launch - %ProfilePath%\extensions\nasanightlaunch@example.com.xpi
- Noia-4 temahanterare - %ProfilePath%\extensions\Noia4Options@ArisT2.xpi
- Brisk V1 - %ProfilePath%\extensions\qimasood@gmail.com.xpi
- Ad-Bye - For Facebook - %ProfilePath%\extensions\s.alfa@idev.com.xpi
- Utopia FFSE White Options - %ProfilePath%\extensions\utopia_ffse_white_options@[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
- Web Navigation - %ProfilePath%\extensions\webnavigation@linkzb.com.xpi
- Utopia FFSE White - %ProfilePath%\extensions\{20C3BDFF-DA68-468d-8D9A-F5A6C76B0F9E}.xpi
- Black Youtube Theme - %ProfilePath%\extensions\{2c93446d-612b-416d-9af0-b7355797b611}.xpi
- FirefoxAdKiller - %ProfilePath%\extensions\{b1df372d-8b32-4c7d-b6b4-9c5b78cf6fb1}.xpi
- FXChrome - %ProfilePath%\extensions\{c0c588b6-b11d-4898-af00-079fed05aa32}.xpi
- Noia 4 - %ProfilePath%\extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Sil Speed\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default
D775FA6F1E88B3B99E69E8A0D6C3A819 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll - Shockwave Flash
A9C86900D2A61728C8326FE7147617C5 - C:\Users\Sil Speed\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll - Google Update
1BFD18699636B8F1AA26675BA43D2F8F - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll - Shockwave for Director / Shockwave for Director
DAD55CEF682EAE6FA7B4C9487563A496 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll - Shockwave for Director / Shockwave for Director


==== Deleted Firefox Extensions ======================

C:\Users\SILSPE~1\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default\extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23} deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lkemddiljapcmhicklfpcbpfffahfbja - C:\Users\Sil Speed\AppData\Local\Google\Chrome\User Data\Default\extensions\WebNavigation.crx[]

YouTube - Bel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Bel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Bel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Bel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Angry Birds - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj
YouTube - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
500px - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\egpociadnldbkfkjpmjoaibnbcoeplja
Bomb It - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffcmdbjaleiijdlgfdloenebnhfjejff
Tank Riders - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdmmodjlfegeieihcdcgcalkgmhgmiae
Color Piano - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmigmmflfcbhdpdgbkkeojchjhhphnh
GData Centers 1 Council Bluffs Iowa - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeonacmfdmkgfmmdejlinolgjomhcbmh
Webcam Toy - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade
Web Navigation - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkemddiljapcmhicklfpcbpfffahfbja
Google Wallet - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkemddiljapcmhicklfpcbpfffahfbja deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Bel\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Bel\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Bel\Desktop\Ares.lnk - C:\Program Files (x86)\Ares\Ares.exe
C:\Users\Bel\Desktop\RollerCoaster Tycoon 2.lnk - C:\Program Files (x86)\Infogrames\RollerCoaster Tycoon 2\RCT2.EXE
C:\Users\Bel\Desktop\Winamp.lnk - C:\Program Files (x86)\Winamp\winamp.exe
C:\Users\Convidado\Desktop\Ares.lnk - C:\Program Files (x86)\Ares\Ares.exe
C:\Users\Convidado\Desktop\rFactor.lnk - C:\Program Files (x86)\rFactor\rFactor.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Bel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\500px.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe --profile-directory=Default --app-id=egpociadnldbkfkjpmjoaibnbcoeplja
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Tank Riders.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe --profile-directory=Default --app-id=gdmmodjlfegeieihcdcgcalkgmhgmiae
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Inicializador de aplicativos do Google Chrome.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe --show-app-list

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1046-7B44-AB0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast Free Antivirus.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\DVDVideoSoft Free Studio.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Free 3GP Video Converter.lnk - C:\Free 3GP Video Converter\Free3GPVideoConverter.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Log Report.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\DVSSysReport.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Premium Membership.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\PremiumMembershipOffer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Uninstall.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm

==== shortcuts in Quick Launch ======================

C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Ares.lnk - C:\Program Files (x86)\Ares\Ares.exe
C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\RollerCoaster Tycoon 2.lnk - C:\Program Files (x86)\Infogrames\RollerCoaster Tycoon 2\RCT2.EXE
C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Bel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Winamp.lnk - C:\Program Files (x86)\Winamp\winamp.exe
C:\Users\Convidado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Convidado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.lnk - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\25bb2cdfb96af2d6\PokerStars.lnk - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f966724577ef19eb\PokerStars.EU.lnk - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Adobe Photoshop 7.0.1.lnk - C:\Program Files (x86)\Adobe\Photoshop 7.0\Photoshop.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Ares.lnk - C:\Program Files (x86)\Ares\Ares.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk - C:\Windows\system32\calc.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\CorelDRAW X6 (64-Bit).lnk - c:\Windows\Installer\{27AE72A4-B217-4CDC-B82B-3311E9D7460E}\NewShortcut1_41AAC0AC880545E6A1C81230F4159C30.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Excel 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office PowerPoint 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\PokerStars.lnk - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== shortcuts After Repair ======================

C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sil Speed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lkemddiljapcmhicklfpcbpfffahfbja deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlusService deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Bel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Bel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Bel\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Bel\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Convidado\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Sil Speed\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Sil Speed\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Bel\AppData\Local\Mozilla\Firefox\Profiles\32156bwz.default\Cache emptied successfully
C:\Users\Convidado\AppData\Local\Mozilla\Firefox\Profiles\yoxta379.default\Cache emptied successfully
C:\Users\Sil Speed\AppData\Local\Mozilla\Firefox\Profiles\iegipifq.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Bel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=661 folders=120 16948491 bytes)

==== Empty Temp Folders ======================

C:\Users\Bel\AppData\Local\Temp emptied successfully
C:\Users\Convidado\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Sil Speed\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\SILSPE~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Sil Speed\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on 22/02/2014 at 23:26:12,20 ======================
Sil C San
Sil C San
Membro
Membro

Mensagens : 98
Reputação : 1
Data de inscrição : 22/02/2014

Ir para o topo Ir para baixo

Problemas com roaming\newnext.me\nengine.dll Empty Re: Problemas com roaming\newnext.me\nengine.dll

Mensagem por Power Max Dom 23 Fev 2014, 08:15

Você postou o mesmo relatório do Zoek que já tinha postado antes.

Problemas com roaming\newnext.me\nengine.dll 772309 O que precisamos é o relatório do ZHPDiag chamado ZHPDiag.txt
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Problemas com roaming\newnext.me\nengine.dll Empty Re: Problemas com roaming\newnext.me\nengine.dll

Mensagem por Sil C San Dom 23 Fev 2014, 11:19

~ Relatório do ZHPDiag v2014.2.17.15 - Nicolas Coolman (17/02/2014)
~ Iniciado por Sil Speed (23/02/2014 11:16:35)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox 27.0.1 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 64-bit (Build 7600)
Windows Server License Manager Script : OK

---\\ Softwares de proteçao do sistema
avast! Free Antivirus v9.0.2008
Malwarebytes Anti-Malware versão 1.75.0.1300
Windows Defender W7

---\\ Softwares d'optimização do sistema
CCleaner v4.09 =>Piriform Ltd

---\\ Softwares de partilha do PeerToPeer (P2P)
µTorrent v3.1.2 =>P2P.µTorrent

---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
Adobe Reader XI
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: AMD64 Family 16 Model 5 Stepping 2, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3839 MB (64% free)
System Restore: Activé (Enable)
System drive C: has 866 GB (93%) free of 931 GB

---\\ Modo de conexão ao sistema
~ Computer Name: SILSPEED-PC
~ User Name: Sil Speed
~ All Users Names: UpdatusUser, Sil Speed, HomeGroupUser$, Convidado, Bel, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Sil Speed\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Sil Speed\AppData\Roaming\
~ %Desktop% : C:\Users\Sil Speed\Desktop\
~ %Favorites% : C:\Users\Sil Speed\Favorites\
~ %LocalAppData% : C:\Users\Sil Speed\AppData\Local\
~ %StartMenu% : C:\Users\Sil Speed\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 866 Go of 931 Go)
D: CD-ROM drive (Not Inserted)
E: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyDocs: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 44 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.0862495E0C825893DB75EF44FAEA8E93] - (.Microsoft Corporation - Windows Explorer.) (.26/02/2011 - 03:23:14.) -- C:\Windows\Explorer.exe [2870272]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.F12CB8EFB15813723575EE94C6A76E8B] - (.Microsoft Corporation - Internet Extensions para Win32.) (.05/11/2011 - 02:26:29.) -- C:\Windows\System32\wininet.dll [1197568]
[MD5.DA3E2A6FA9660CC75B471530CE88453A] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.28/10/2009 - 03:24:40.) -- C:\Windows\System32\Winlogon.exe [389632]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.13/07/2009 - 22:41:54.) -- C:\Windows\System32\sppcomapi.dll [231936]
[MD5.6EF20DDF3172E97D69F596FB90602F29] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.24/04/2011 - 23:44:02.) -- C:\Windows\system32\Drivers\AFD.sys [499712]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/07/2009 - 20:19:54.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9C253CE7311CA60FC11C774692A13208] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/04/2011 - 23:57:40.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.13/07/2009 - 21:06:13.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.040D62A9D8AD28922632137ACDD984F2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.03/05/2011 - 23:51:08.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157696]
[MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.13/07/2009 - 20:21:29.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
[MD5.378E0E0DFEA67D98AE6EA53ADBBD76BC] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.11/03/2011 - 03:23:06.) -- C:\Windows\system32\Drivers\ntfs.sys [1657216]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 21:10:12.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
[MD5.9706B84DBABFC4B4CA46C5A82B14DFA3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/07/2009 - 21:18:02.) -- C:\Windows\system32\Drivers\rdpdr.sys [165376]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.13/07/2009 - 20:21:15.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
[MD5.58F82EED8CA24B461441F9C3E4F0BF5C] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.13/07/2009 - 22:45:55.) -- C:\Windows\system32\Drivers\volsnap.sys [294992]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes musiques (My Musics) : 1/17
~ Mes Videos (My Videos) : 1/3
~ Mes Favoris (My Favorites) : 1/24
~ Mes Documents (My Documents) : 1/174
~ Mon Bureau (My Desktop) : 1/5
~ Menu demarrer (Programs) : 1/38
~ Hidden Files: Scanned in 00mn 01s



---\\ Processos lançados
[MD5.72334F906C2E2B002CDD2FF9022FD957] - (.PixArt Imaging Incorporation - Registry Monitor.) -- C:\Windows\PixArt\PAC7302\Monitor.exe [319488] [PID.2852]
[MD5.4AB741B42A0A214A5D43B5D45B181995] - (.Zbshareware Lab - USB Disk Security.) -- C:\Program Files (x86)\USB Disk Security\USBGuard.exe [658632] [PID.3304]
[MD5.1F0A97900FC718CE617A722BEF8580CD] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312] [PID.3312]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.3516]
[MD5.6E6656C6618C4B0B000267D9AF9EF743] - (.Google Inc. - Google Chrome.) -- C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe [859464] [PID.4072]
[MD5.AB44884BC129FC04D75A4649E0710203] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8338432] [PID.4512]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Sil Speed\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
~ Google Browser: 15 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\Sil Speed\AppData\Roaming\Mozilla\Firefox\Profiles\iegipifq.default\prefs.js
M2 - MFEP: prefs.js [Sil Speed - iegipifq.default\sitefinder@sitefinder.com] [] Site Finder v (..)
M2 - MFEP: prefs.js [Sil Speed - iegipifq.default\{0545b830-f0aa-4d7e-8820-50a4629a56fe}] [] ColorfulTabs v (..)
M2 - MFEP: prefs.js [Sil Speed - iegipifq.default\{87F8774F-B485-47E2-A755-A40A8A5E8873}] [] Guardiao Itau Unibanco v2.12.3.8.210 (..)
M2 - MFEP: prefs.js [Sil Speed - iegipifq.default\{e7348bc0-16f6-11de-8c30-0800200c9a66}] [] Pink Fox v15.0.25.04.12 (..)
~ Firefox Browser: 14 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Barras do Internet Explorer (03))
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{71AAABE5-1F0F-11D7-BD6F-004854603DCE} Chave orfã
~ Toolbar: Scanned in 00mn 00s



---\\ Outras conexões do utilizador (04)
O4 - GS\Program [Public]: HD VDeck.lnk . (.VIA - VIA HD Audio CPL.) -- C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: PowerPoint Slide Show Converter.lnk . (.DzSoft Ltd - PowerPoint Slide Show Converter.) -- C:\Program Files (x86)\DzSoft\PowerPoint Slide Show Converter\PPSSConv.exe
O4 - GS\QuickLaunch [Sil Speed]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Sil Speed]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Sil Speed]: PokerStars.lnk . (.PokerStars - PokerStars Update.) -- C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O4 - GS\Program [Sil Speed]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [Sil Speed]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Sil Speed]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [Convidado]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [Convidado]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Convidado]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Convidado]: Ares.lnk . (.Ares Development Group - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe
O4 - GS\Desktop [Convidado]: rFactor.lnk . (.Image Space Incorporated - rFactor.) -- C:\Program Files (x86)\rFactor\rFactor.exe
O4 - GS\QuickLaunch [Bel]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Bel]: Google.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Bel]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Bel]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [Bel]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Bel]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Bel]: Ares.lnk . (.Ares Development Group - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe
O4 - GS\Desktop [Bel]: RollerCoaster Tycoon 2.lnk . (...) -- C:\Program Files (x86)\Infogrames\RollerCoaster Tycoon 2\RCT2.exe (.not file.)
~ Global Startup: 81 Legitimates Filtered in 00mn 02s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - GS\Startup [Public]: Adobe Gamma Loader.lnk . (.Adobe Systems, Inc. - Adobe Gamma Loader.) -- C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - HKLM\..\Run: [PAC7302_Monitor] . (.PixArt Imaging Incorporation - Registry Monitor.) -- C:\Windows\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] . (.Microsoft Corporation - Windows Mobile Device Center.) -- C:\Windows\WindowsMobile\wmdc.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Sil Speed\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [HDAudDeck] . (.VIA - VIA HD Audio CPL.) -- C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
O4 - HKLM\..\Wow6432Node\Run: [USB Security] . (.Zbshareware Lab - USB Disk Security.) -- C:\Program Files (x86)\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2647670610-476177939-1705394977-1000\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Sil Speed\AppData\Local\Google\Update\GoogleUpdate.exe
~ Application: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{6BBDE602-C4C9-4959-9CCD-4F133F926F26}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{6BBDE602-C4C9-4959-9CCD-4F133F926F26}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{6BBDE602-C4C9-4959-9CCD-4F133F926F26}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (Bfilter) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\Windows\system32\drivers\Bfilter.sys =>Adware.BDSearch
O41 - Driver: (Bfmon) . (.Baidu, Inc. - Baidu FS Monitor Driver.) - C:\Windows\system32\drivers\Bfmon.sys =>Adware.BDSearch
O41 - Driver: (Bprotect) . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - C:\Windows\system32\drivers\Bprotect.sys =>Adware.BDSearch
~ Drivers: 87 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: Ares 2.1.7 - (.Ares Development Group.) [HKLM][64Bits] -- Ares
O42 - Logiciel: PokerStars - (.PokerStars.) [HKLM][64Bits] -- PokerStars
O42 - Logiciel: SaveSense - (.SaveSense.) [HKCU][64Bits] -- SaveSense =>PUP.SaveSense
O42 - Logiciel: USB 1.3MP Camera - (.ANC.) [HKLM][64Bits] -- {A59AB961-BE82-41E0-B0FB-648DFA6DDEA4}
O42 - Logiciel: Volvo - The Game - (.SimBin.) [HKLM][64Bits] -- Volvo - The Game_is1
~ Logic: 29 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Ares]
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\GbAs]
[HKCU\Software\LocK-A-FoLdeR]
[HKLM\Software\Wow6432Node\685D6D1C-D73A-4F37-B7E5E53660311DDB]
[HKLM\Software\Wow6432Node\ANC]
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch
~ Key Software: 262 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 29/12/2011 - 20:50:25 - [0,152] ----D C:\Program Files (x86)\ANC
O43 - CFD: 15/01/2012 - 10:14:23 - [4,783] ----D C:\Program Files (x86)\Ares
O43 - CFD: 22/02/2014 - 18:05:05 - [0] ----D C:\Program Files (x86)\Baidu Security =>Adware.BDSearch
O43 - CFD: 05/02/2014 - 14:44:50 - [160,908] ----D C:\Program Files (x86)\PokerStars
O43 - CFD: 03/01/2012 - 18:35:31 - [0] ----D C:\ProgramData\levelup downloader
O43 - CFD: 15/08/2013 - 15:20:25 - [0,344] ----D C:\Users\Sil Speed\AppData\Local\Ares
O43 - CFD: 13/02/2014 - 20:10:08 - [6,621] ----D C:\Users\Sil Speed\AppData\Local\PokerStars
O43 - CFD: 15/01/2012 - 10:14:03 - [0] ----D C:\Users\Sil Speed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ares
~ Program Folder: 176 Legitimates Filtered in 00mn 28s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 22/02/2014 - 18:05:37 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032] =>Adware.BDSearch
O44 - LFC:[MD5.DFC1681F6645CB2AEA83897588F05362] - 22/02/2014 - 18:05:38 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624] =>Adware.BDSearch
O44 - LFC:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 22/02/2014 - 18:05:39 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992] =>Adware.BDSearch
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 22/02/2014 - 22:30:43 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.C9D71E12007C75D0467FA5AEC8AA57E7] - 22/02/2014 - 23:26:12 ---A- . (...) -- C:\zoek-results.log [27930]
O44 - LFC:[MD5.0B5A81657D10CC3273102FD72A3614C0] - 23/02/2014 - 11:16:44 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [1978534]
O44 - LFC:[MD5.FE3714E0FDA278FB5BFD69E4E3B0D908] - 23/02/2014 - 11:16:44 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [2603856]
~ Files: 15 Legitimates Filtered in 00mn 02s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{bbd56501-54c7-11e1-aa43-002522b1017c}\AutoRun\command. (...) -- E:\Setup.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 19/11/2013 - 21:23:18 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O58 - SDL:[MD5.59787B95DD9CA44CB139D96863438587] - 19/11/2013 - 21:23:18 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [205320]
O58 - SDL:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 21/01/2014 - 11:14:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032] =>Adware.BDSearch
O58 - SDL:[MD5.DFC1681F6645CB2AEA83897588F05362] - 21/01/2014 - 11:14:50 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624] =>Adware.BDSearch
O58 - SDL:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992] =>Adware.BDSearch
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.D61B764B27BF05CCCADCC5E1E7B73A21] - 08/11/2007 - 09:29:22 ---A- . (.PixArt Imaging Inc. - PAC7302.) -- C:\Windows\System32\Drivers\PAC7302.SYS [527872]
O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 01/01/1601 - 03:00:00 ---A- . (...) -- C:\Windows\System32\Drivers\sptd.sys [834544]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.FDE3A9750B975796974E66F8F730F2F6] - 26/05/2013 - 12:05:35 ---A- . (...) -- C:\Windows\System32\Drivers\SWDUMon.sys [16152]
~ Drivers: 18 Legitimates Filtered in 00mn 05s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 21/01/2014 - C:\Windows\system32\drivers\Bfilter.sys (Bfilter) .(.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - LEGACY_BFILTER =>Adware.BDSearch
O64 - Services: CurCS - 21/01/2014 - C:\Windows\system32\drivers\Bfmon.sys (Bfmon) .(.Baidu, Inc. - Baidu FS Monitor Driver.) - LEGACY_BFMON =>Adware.BDSearch
O64 - Services: CurCS - 21/01/2014 - C:\Windows\system32\drivers\Bprotect.sys (Bprotect) .(.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - LEGACY_BPROTECT =>Adware.BDSearch
~ Legacy: 82 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Sil Speed\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Not Key.)
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{EEF78513-9C12-432F-829D-F64792F86701}C:\program files (x86)\ares\ares.exe" | In - Private - P6 - TRUE | .(.Ares Development Group - Ares p2p for windows.) -- C:\program files (x86)\ares\ares.exe
O87 - FAEL: "UDP Query User{4F5756A5-478B-43B2-B048-6945A7138B1A}C:\program files (x86)\ares\ares.exe" | In - Private - P17 - TRUE | .(.Ares Development Group - Ares p2p for windows.) -- C:\program files (x86)\ares\ares.exe
O87 - FAEL: "TCP Query User{2F725E3C-F8D6-40E6-8DD9-4CF023FFE8C6}C:\program files (x86)\ares\ares.exe" | In - Public - P6 - TRUE | .(.Ares Development Group - Ares p2p for windows.) -- C:\program files (x86)\ares\ares.exe
O87 - FAEL: "UDP Query User{A909547A-F35C-4A38-A840-8F370CCA3642}C:\program files (x86)\ares\ares.exe" | In - Public - P17 - TRUE | .(.Ares Development Group - Ares p2p for windows.) -- C:\program files (x86)\ares\ares.exe
~ Firewall: 223 Legitimates Filtered in 00mn 01s



---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "7F0D88D3C8EF9A649966F3EEC8AA8D8F" . (.LIMBO [Install&Play].) -- C:\Windows\Installer\{3D88D0F7-FE8C-46A9-9966-3FEE8CAAD8F8}\ARPPRODUCTICON.exe
~ Update Products: 70 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 21/02/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 17/10/2012 393080 | (BstHdAndroidSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-Service.exe
SS - | Auto 11/04/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 11/04/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 17/02/2014 118896 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe

SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 19/11/2013 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 17/10/2012 384888 | (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
SR - | Auto 31/01/2013 878368 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 19/02/2013 1259296 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 30/11/2010 336824 | (PSI_SVC_2_x64) . (.arvato digital services llc.) - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
SR - | Auto 08/07/2009 239648 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Windows\SysWOW64\nvSCPAPISvr.exe
SR - | Auto 31/12/1999 27760 | (VIAKaraokeService) . (.VIA Technologies, Inc..) - C:\Windows\System32\viakaraokesrv.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 09s



---\\ Lista dos emuladores de CD/DVD (MBR Hook)
O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 01/01/1601 - 03:00:00 ---A- . (...) -- C:\Windows\System32\Drivers\sptd.sys [834544]
~ Emulateurs: Scanned in 00mn 09s



---\\ Scâner Aditional (088)
Database Version : 13031 - (17/02/2014)
Clés trouvées (Keys found) : 4
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 2

[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SaveSense] =>PUP.SaveSense^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus] =>Adware.BDSearch
C:\Program Files (x86)\Baidu Security =>Adware.BDSearch^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch^
~ Additionnel Scan: 221818 Items scanned in 00mn 28s



---\\ Sumário das deteções encontradas na sua estação
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SaveSense
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Tarma
~ MSI: 3 link(s) detected in 00mn 28s



~ 1086 Legitimates filtered by white list
End of the scan (439 lines in 01mn 45s)(0)
Sil C San
Sil C San
Membro
Membro

Mensagens : 98
Reputação : 1
Data de inscrição : 22/02/2014

Ir para o topo Ir para baixo

Problemas com roaming\newnext.me\nengine.dll Empty Re: Problemas com roaming\newnext.me\nengine.dll

Mensagem por Power Max Dom 23 Fev 2014, 11:38

Problemas com roaming\newnext.me\nengine.dll 772309  Copie todo o texto destacado em vermelho que te passei (começando em script zhpfix e indo até SysRestore)
_____________________________________________________________________________________________________________

Problemas com roaming\newnext.me\nengine.dll 772309  Vá no menu: Iniciar > Todos os programas > ZHP > Abra o Zhpfix > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.


Última edição por Power Max em Dom 23 Fev 2014, 11:46, editado 1 vez(es)
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Problemas com roaming\newnext.me\nengine.dll Empty Re: Problemas com roaming\newnext.me\nengine.dll

Mensagem por Sil C San Dom 23 Fev 2014, 11:44

Rapport de ZHPFix 2014.2.16.5 par Nicolas Coolman, Update du 16/02/2014
Fichier d'export Registre : C:\Users\Sil Speed\AppData\Roaming\ZHP\ZHPExportRegistry-23-02-2014-11-43-30.txt
Run by Sil Speed at 23/02/2014 11:43:27
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 64-bit (Build 7600)

Reciclagem vazia (00mn 02s)
Reparação de atalhos do navegador

========== Estado dos serviços ==========
BFILTER Parado
BFMON Parado
BPROTECT Parado

========== Chaves do Registo ==========
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bprotect
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu Security
ELIMINÉ CLSID MPSK: {bbd56501-54c7-11e1-aa43-002522b1017c}
ELIMINÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SaveSense
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus

========== Valores do Registo ==========
ELIMINÉ: Toolbar: {71AAABE5-1F0F-11D7-BD6F-004854603DCE}
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINÉ Temporários windows (Cool (31.378 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
10 : Chaves do Registo
7 : Valores do Registo
1 : Pastas
5 : Ficheiros
3 : Estado dos serviços
1 : Restauração Sistema


End of clean in 00mn 21s

========== Caminho do ficheiro do relatório ==========
C:\Users\Sil Speed\AppData\Roaming\ZHP\ZHPFix[R1].txt - 23/02/2014 11:43:30 [2103]
Sil C San
Sil C San
Membro
Membro

Mensagens : 98
Reputação : 1
Data de inscrição : 22/02/2014

Ir para o topo Ir para baixo

Problemas com roaming\newnext.me\nengine.dll Empty Re: Problemas com roaming\newnext.me\nengine.dll

Mensagem por Power Max Dom 23 Fev 2014, 11:46

Problemas com roaming\newnext.me\nengine.dll 772309 Como está o PC após estas limpezas?
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Problemas com roaming\newnext.me\nengine.dll Empty Re: Problemas com roaming\newnext.me\nengine.dll

Mensagem por Sil C San Dom 23 Fev 2014, 11:48

Reiniciei e a mensagem não aparece mais, o pc aparentemente não está mais lento isso aí! 
Sil C San
Sil C San
Membro
Membro

Mensagens : 98
Reputação : 1
Data de inscrição : 22/02/2014

Ir para o topo Ir para baixo

Problemas com roaming\newnext.me\nengine.dll Empty Re: Problemas com roaming\newnext.me\nengine.dll

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Ir para o topo Ir para baixo

Página 1 de 2 1, 2  Seguinte

Ir para o topo

- Tópicos semelhantes

Fórum PC Brasil :: Segurança da Informação :: Casos Resolvidos

 
Permissões neste sub-fórum
Não podes responder a tópicos