Mensagem de erro: roamingnewnext.menengine.dll

por leo Jhonys gomes godoi Sáb 22 Fev 2014, 16:20

Olá Sr. Power Max, o meu problema é o mesmo do colega acima, obrigado, segue os dados que apareceram:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:17:43, on 22/02/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16798)
Boot mode: Normal

Running processes:
C:\Windows\SysWow64\rundll32.exe
C:\Users\Leo Jhonys\AppData\Roaming\HoolappForAndroid\Hoolapp.exe
C:\Users\Leo Jhonys\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\ATK Hotkey\HControlUser.exe
C:\Windows\SysWOW64\jmdp\stij.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Leo Jhonys\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 0.29.82.144:100
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe,
O2 - BHO: CrossriderApp0039676 - {11111111-1111-1111-1111-110311961176} - C:\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-bho.dll
O2 - BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll
O3 - Toolbar: Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [HControlUser] "C:\Program Files (x86)\ATK Hotkey\HcontrolUser.exe"
O4 - HKCU\..\Run: [SanDiskSecureAccess_Manager.exe] C:\Users\Leo Jhonys\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\Leo Jhonys\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKCU\..\Run: [Browser Infrastructure Helper] C:\Users\Leo Jhonys\AppData\Local\Smartbar\Application\SnapDo.exe startup
O4 - HKCU\..\Run: [Xkcgcd] C:\Users\Leo Jhonys\AppData\Roaming\Xkcgcd.exe
O4 - HKCU\..\Run: [Hoolapp Android] "C:\Users\LEOJHO~1\AppData\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Leo Jhonys\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SISTEMA')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SISTEMA')
O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
O8 - Extra context menu item: &4shared Search - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files (x86)\4shared Toolbar\4sharedbar64.dll/MENUSEARCH.HTM
O8 - Extra context menu item: Add to Google Photos Screensa&ver - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: wwws.realsecureweb.com.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: wwws.santandernet.com.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: GbPluginAbn - C:\Program Files (x86)\GbPlugin\gbiehAbn.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files (x86)\ATK Hotkey\ASLDRSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ServiÃ§o do BonanzaDealsLive (bonanzadealslive) (bonanzadealslive) - BonanzaDeals - C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
O23 - Service: ServiÃ§o do BonanzaDealsLive (bonanzadealslivem) (bonanzadealslivem) - BonanzaDeals - C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IBUpdaterService - Unknown owner - C:\Windows\system32\dmwu.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wpm Service (Wpm) - Cherished Technololgy LIMITED - C:\ProgramData\WPM\wprotectmanager.exe

--
End of file - 11549 bytes

por leo Jhonys gomes godoi Sáb 22 Fev 2014, 16:32

abaixo o relatório do Adwcleaner:

# AdwCleaner v3.019 - Relatório criado 22/02/2014 às 16:25:29
# Atualizado 17/02/2014 por Xplode
# Sistema Operacional : Windows 7 Home Basic Service Pack 1 (64 bits)
# Usuário : Leo Jhonys - LEOJHONYS-PC
# Executando de : C:\Users\Leo Jhonys\Downloads\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

[#] Serviço Deletada : bonanzadealslive
[#] Serviço Deletada : bonanzadealslivem
[#] Serviço Deletada : IBUpdaterService
Serviço Deletada : Wpm

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\Ask
Pasta Deletada : C:\ProgramData\Babylon
[!] Pasta Deletada : C:\ProgramData\BonanzaDealsLive
Pasta Deletada : C:\ProgramData\eSafe
Pasta Deletada : C:\ProgramData\Tarma Installer
Pasta Deletada : C:\ProgramData\WPM
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
Pasta Deletada : C:\Program Files (x86)\BonanzaDeals
[!] Pasta Deletada : C:\Program Files (x86)\BonanzaDealsLive
Pasta Deletada : C:\Program Files (x86)\Gophoto.it
Pasta Deletada : C:\Program Files (x86)\LyricsOn
Pasta Deletada : C:\Program Files (x86)\MyPC Backup
Pasta Deletada : C:\Program Files (x86)\RegClean Pro
Pasta Deletada : C:\Program Files (x86)\RelevantKnowledge
Pasta Deletada : C:\Program Files (x86)\WinZipper
Pasta Deletada : C:\Program Files (x86)\Plus-HD-4.4
Pasta Deletada : C:\Program Files (x86)\Common Files\337
Pasta Deletada : C:\Windows\SysWOW64\ARFC
Pasta Deletada : C:\Windows\SysWOW64\jmdp
Pasta Deletada : C:\Windows\SysWOW64\WNLT
Pasta Deletada : C:\Program Files\Babylon
Pasta Deletada : C:\Windows\System32\ljkb
Pasta Deletada : C:\Users\Leo Jhonys\AppData\Local\apn
Pasta Deletada : C:\Users\Leo Jhonys\AppData\Local\BonanzaDealsLive
Pasta Deletada : C:\Users\Leo Jhonys\AppData\Local\FilesFrog Update Checker
Pasta Deletada : C:\Users\Leo Jhonys\AppData\Local\genienext
Pasta Deletada : C:\Users\Leo Jhonys\AppData\Local\Mobogenie
Pasta Deletada : C:\Users\Leo Jhonys\AppData\Local\Smartbar
Pasta Deletada : C:\Users\Leo Jhonys\AppData\Local\TechSmith
Pasta Deletada : C:\Users\Leo Jhonys\AppData\LocalLow\Conduit
Pasta Deletada : C:\Users\Leo Jhonys\AppData\LocalLow\Minibar
Pasta Deletada : C:\Users\Leo Jhonys\AppData\LocalLow\Smartbar
Pasta Deletada : C:\Users\Leo Jhonys\AppData\LocalLow\Plus-HD-4.4
Pasta Deletada : C:\Users\Leo Jhonys\AppData\Roaming\337
Pasta Deletada : C:\Users\Leo Jhonys\AppData\Roaming\Babylon
Pasta Deletada : C:\Users\Leo Jhonys\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Leo Jhonys\AppData\Roaming\Desk 365
Pasta Deletada : C:\Users\Leo Jhonys\AppData\Roaming\DSite
Pasta Deletada : C:\Users\Leo Jhonys\AppData\Roaming\eDownload
Pasta Deletada : C:\Users\Leo Jhonys\AppData\Roaming\eIntaller
Pasta Deletada : C:\Users\Leo Jhonys\AppData\Roaming\iSafe
Pasta Deletada : C:\Users\Leo Jhonys\AppData\Roaming\newnext.me
Pasta Deletada : C:\Users\Leo Jhonys\AppData\Roaming\Omiga Plus
Pasta Deletada : C:\Users\Leo Jhonys\AppData\Roaming\Systweak
Pasta Deletada : C:\Users\Leo Jhonys\AppData\Roaming\UpdaterEX
Pasta Deletada : C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals
Pasta Deletada : C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Pasta Deletada : C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDvidCodec.com
Pasta Deletada : C:\Users\Leo Jhonys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Pasta Deletada : C:\Users\Leo Jhonys\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Arquivo Deletada : C:\END
Arquivo Deletada : C:\Windows\System32\dmwu.exe
Arquivo Deletada : C:\Windows\System32\ImhxxpComm.dll
Arquivo Deletada : C:\Windows\System32\roboot64.exe
Arquivo Deletada : C:\Users\Leo Jhonys\AppData\Roaming\Mozilla\Firefox\Profiles\04t57g52.default\searchplugins\Babylon.xml
Arquivo Deletada : C:\Users\Leo Jhonys\AppData\Roaming\Mozilla\Firefox\Profiles\094n53ga.default\searchplugins\Sweetpacks Search.xml
Arquivo Deletada : C:\Users\Leo Jhonys\AppData\Roaming\Mozilla\Firefox\Profiles\04t57g52.default\user.js
Arquivo Deletada : C:\Users\Leo Jhonys\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
Arquivo Deletada : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
Arquivo Deletada : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
Arquivo Deletada : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
Arquivo Deletada : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
Arquivo Deletada : C:\Windows\System32\Tasks\BonanzaDealsUpdate
Arquivo Deletada : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser
Arquivo Deletada : C:\Windows\System32\Tasks\Omiga Plus RunAsStdUser
Arquivo Deletada : C:\Windows\Tasks\UpdaterEX.job
Arquivo Deletada : C:\Windows\Tasks\Plus-HD-4.4-chromeinstaller.job
Arquivo Deletada : C:\Windows\System32\Tasks\Plus-HD-4.4-chromeinstaller
Arquivo Deletada : C:\Windows\Tasks\Plus-HD-4.4-codedownloader.job
Arquivo Deletada : C:\Windows\System32\Tasks\Plus-HD-4.4-codedownloader
Arquivo Deletada : C:\Windows\Tasks\Plus-HD-4.4-enabler.job
Arquivo Deletada : C:\Windows\System32\Tasks\Plus-HD-4.4-enabler
Arquivo Deletada : C:\Windows\Tasks\Plus-HD-4.4-firefoxinstaller.job
Arquivo Deletada : C:\Windows\System32\Tasks\Plus-HD-4.4-firefoxinstaller
Arquivo Deletada : C:\Windows\Tasks\Plus-HD-4.4-updater.job
Arquivo Deletada : C:\Windows\System32\Tasks\Plus-HD-4.4-updater

***** [ Atalhos ] *****

Atalho Desinfectada : C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Atalho Desinfectada : C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
Atalho Desinfectada : C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Atalho Desinfectada : C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Atalho Desinfectada : C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk

***** [ Registro ] *****

Valor Deletedo : HKCU\Software\Mozilla\Firefox\Extensions [lyricson@lyricson.net]
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\dnllcmllkjofnojidnaknldfehfhehoo
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\oalifdbckgeckmcjidkfgiikhpcdbdah
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\BonanzaDealsLive.exe
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickCtrl.9
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLive.Update3WebControl.3
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.bho
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Classes\speedupmypc
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0039676.BHO
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0039676.BHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0039676.Sandbox
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0039676.Sandbox.1
Chave Deletedo : HKCU\Software\5e2dbd9b26ab940
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_format-factory_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_format-factory_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_tema-mortal-kombat_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_tema-mortal-kombat_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{118E1BF6-6279-432F-A285-373A77B90C7A}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{14CEEA2F-3D21-46ED-A7D2-89056C520E5E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1CC8D970-F626-4F19-815F-890032BB6606}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5B5E5D0E-7C83-4A32-ADD2-E5F488DD6783}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6802463D-636F-41FE-9924-4CAD56906590}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{806785D0-375F-4C2C-92E3-B8EE65D28E83}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{944661E7-67B9-4DF7-BFF2-05388C166D34}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A7CF66EF-4F0D-46B1-AF71-A500378D6C34}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B71934E5-6B93-448D-9D32-CBAA5150C5D8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E970727E-0508-4BEB-8B72-BBA9D0D047C7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{EBF1F869-D2F0-4D31-A877-386C853A9C3D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F3CF4912-CF0A-451B-AF3B-C4F216C715E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F904AC50-215C-42AB-A532-77E9FDBA9B19}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311961176}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322962276}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355965576}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366966676}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344964476}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311961176}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311961176}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311961176}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311961176}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bd0eff2-fde8-4fc1-bb5e-54d50f50adc7}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{86f38921-1b50-4d70-a395-08a1d15c1a26}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8f06c0a0-074e-42dd-b07a-586932b756c7}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d9578b6c-3e4b-4bb6-a82a-86424197f9d0}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ed3eb538-a6bc-41a9-99e2-732f796a4440}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311961176}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322962276}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355965576}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366966676}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311961176}
Valor Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bd0eff2-fde8-4fc1-bb5e-54d50f50adc7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{86f38921-1b50-4d70-a395-08a1d15c1a26}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8f06c0a0-074e-42dd-b07a-586932b756c7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d9578b6c-3e4b-4bb6-a82a-86424197f9d0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ed3eb538-a6bc-41a9-99e2-732f796a4440}
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Chave Deletedo : HKCU\Software\APN PIP
Chave Deletedo : HKCU\Software\BI
Chave Deletedo : HKCU\Software\BonanzaDealsLive
Chave Deletedo : HKCU\Software\DataMngr
Chave Deletedo : HKCU\Software\dsiteproducts
Chave Deletedo : HKCU\Software\IM
Chave Deletedo : HKCU\Software\ImInstaller
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\installedbrowserextensions
Chave Deletedo : HKCU\Software\powerpack
Chave Deletedo : HKCU\Software\SmartBar
Chave Deletedo : HKCU\Software\smartbarbackup
Chave Deletedo : HKCU\Software\smartbarlog
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\Somoto
Chave Deletedo : HKCU\Software\systweak
Chave Deletedo : HKCU\Software\UpdaterEX
Chave Deletedo : HKCU\Software\V9
Chave Deletedo : HKCU\Software\wnlt
Chave Deletedo : HKCU\Software\AppDataLow\Software\Crossrider
Chave Deletedo : HKCU\Software\AppDataLow\Software\PriceGong
Chave Deletedo : HKCU\Software\AppDataLow\Software\Plus-HD-4.4
Chave Deletedo : HKLM\Software\Babylon
Chave Deletedo : HKLM\Software\BonanzaDealsLive
Chave Deletedo : HKLM\Software\DataMngr
Chave Deletedo : HKLM\Software\DealPly
Chave Deletedo : HKLM\Software\delta-homesSoftware
Chave Deletedo : HKLM\Software\Desksvc
Chave Deletedo : HKLM\Software\dlQUE
Chave Deletedo : HKLM\Software\hdcode
Chave Deletedo : HKLM\Software\omigaplusSvc
Chave Deletedo : HKLM\Software\PIP
Chave Deletedo : HKLM\Software\qvo6Software
Chave Deletedo : HKLM\Software\supWPM
Chave Deletedo : HKLM\Software\systweak
Chave Deletedo : HKLM\Software\Uniblue
Chave Deletedo : HKLM\Software\Updater By Sweetpacks
Chave Deletedo : HKLM\Software\winzipersvc
Chave Deletedo : HKLM\Software\Plus-HD-4.4
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bonanza Deals
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wnlt
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wpm
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-4.4
Chave Deletedo : [x64] HKLM\SOFTWARE\Tarma Installer
Chave Deletedo : [x64] HKLM\SOFTWARE\Updater By Sweetpacks
Chave Deletedo : [x64] HKLM\SOFTWARE\wnlt

***** [ Navegadores ] *****

-\\ Internet Explorer v10.0.9200.16798

Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v26.0 (pt-BR)

[ Arquivo : C:\Users\Leo Jhonys\AppData\Roaming\Mozilla\Firefox\Profiles\04t57g52.default\prefs.js ]

Linha deletada : user_pref("keyword.URL", "hxxp://mysearch.sweetpacks.com?src=6&barid={17FBB074-F555-11E2-9C5E-7071BC59BC1F}&crg=3.5000006.10059&st=23&q=");

[ Arquivo : C:\Users\Leo Jhonys\AppData\Roaming\Mozilla\Firefox\Profiles\094n53ga.default\prefs.js ]

Linha deletada : user_pref("browser.newtab.url", "hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=BR&userid=65c32066-f712-111a-fc67-622d85433d5d&searchtype=nt&installDate={installDate}");
Linha deletada : user_pref("browser.startup.homepage", "hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=BR&userid=65c32066-f712-111a-fc67-622d85433d5d&searchtype=hp&installDate={installDate}");
Linha deletada : user_pref("keyword.URL", "hxxp://mysearch.sweetpacks.com?src=6&barid={17FBB074-F555-11E2-9C5E-7071BC59BC1F}&crg=3.5000006.10059&st=23&q=");

-\\ Google Chrome v32.0.1700.107

[ Arquivo : C:\Users\Leo Jhonys\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [34526 octets] - [22/02/2014 16:24:30]
AdwCleaner[S0].txt - [27161 octets] - [22/02/2014 16:25:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [27222 octets] ##########

por **Power Max** Sáb 22 Fev 2014, 16:36

$Mensagem de erro: roaming\newnext.me\nengine.dll 648673379$ Olá Leo. Seja bem vindo ao Fórum PC Brasil.

$Mensagem de erro: roaming\newnext.me\nengine.dll 772309$ Siga, por gentileza, as dicas deste tutorial para fazer uma limpeza de seu PC com o Malwarebytes:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Na sua próxima resposta poste este log do Malwarebytes.

Ficamos no aguardo.

por leo Jhonys gomes godoi Sáb 22 Fev 2014, 22:49

$Mensagem de erro: roaming\newnext.me\nengine.dll 648673379$ $Mensagem de erro: roaming\newnext.me\nengine.dll 404338$
Malwarebytes Anti-Malware 1.75.0.1300
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Versão da Base de Dados: v2014.02.22.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16798
Leo Jhonys :: LEOJHONYS-PC [administrador]

22/02/2014 17:22:11
MBAM-log-2014-02-22 (22-48-02).txt

Tipo de Verificação: Verificação Completa (C:\|D:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 372691
Tempo decorrido: 1 hora(s), 7 minuto(s), 10 segundo(s)

Processos de Memória Detectados: 1
C:\Users\Leo Jhonys\AppData\Roaming\HoolappForAndroid\Hoolapp.exe (PUP.Optional.InstallCore.A) -> 3272 -> Nenhuma ação foi feita.

Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Chaves de Registro Detectadas: 4
HKCU\SOFTWARE\BONANZADEALS (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.
HKLM\SOFTWARE\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.
HKLM\SOFTWARE\BONANZADEALS (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Nenhuma ação foi feita.

Valores de Registro Detectadas: 4
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Hoolapp Android (PUP.Optional.InstallCore.A) -> Data: "C:\Users\LEOJHO~1\AppData\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized -> Nenhuma ação foi feita.
HKCU\SOFTWARE\BonanzaDeals|ChromeCrxPath (PUP.Optional.BonanzaDeals.A) -> Data: C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx -> Nenhuma ação foi feita.
HKLM\SOFTWARE\BonanzaDeals|ChromeCrxPath (PUP.Optional.BonanzaDeals.A) -> Data: C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx -> Nenhuma ação foi feita.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {17FBB074-F555-11E2-9C5E-7071BC59BC1F} -> Nenhuma ação foi feita.

Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Pastas Detectadas: 0
(Não foram detectados ítens maliciosos)

Arquivos Detectados: 43
C:\Users\Leo Jhonys\AppData\Roaming\HoolappForAndroid\Hoolapp.exe (PUP.Optional.InstallCore.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll.vir (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe.vir (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\BonanzaDealsLive.exe.vir (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\BonanzaDealsLiveBroker.exe.vir (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\BonanzaDealsLiveHandler.exe.vir (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\BonanzaDealsLiveOnDemand.exe.vir (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdate.dll.vir (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll.vir (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\psmachine.dll.vir (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\psuser.dll.vir (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-bg.exe.vir (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-bho.dll.vir (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-bho64.dll.vir (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-buttonutil.exe.vir (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-buttonutil64.exe.vir (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-chromeinstaller.exe.vir (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-codedownloader.exe.vir (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-enabler.exe.vir (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-firefoxinstaller.exe.vir (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-updater.exe.vir (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\utils.exe.vir (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\ProgramData\WPM\wprotectmanager.exe.vir (PUP.Optional.WpManager.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Users\Leo Jhonys\AppData\Local\genienext\nengine.dll.vir (PUP.Optional.NextLive.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Users\Leo Jhonys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_1\mgHelperGC.dll.vir (PUP.Optional.SweetIM) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Users\Leo Jhonys\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe.vir (PUP.Optional.SmartBar.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Users\Leo Jhonys\AppData\Roaming\eDownload\eGdpSvc.exe.vir (PUP.Optional.Wsys.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Users\Leo Jhonys\AppData\Roaming\eIntaller\EE2D6CF7109D406883905237A04B911E\Desk365.exe.vir (PUP.Optional.E7) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Windows\System32\ljkb\lmrn.dll.vir (PUP.Optional.Sweetpacks) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\ARFC\wrtc.exe.vir (PUP.Optional.InstallBrain.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\jmdp\lmrn.dll.vir (PUP.Optional.Sweetpacks) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\WNLT\Installation\NTSetup.exe.vir (PUP.Optional.InstallBrain.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\WNLT\Installation\SKSetup.exe.vir (PUP.Optional.Sweetpacks) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\WNLT\Installation\WSSetup.exe.vir (PUP.Optional.InstallBrain.A) -> Nenhuma ação foi feita.
C:\Windows\Installer\2d4406.msi (PUP.Optional.SmartBar.A) -> Nenhuma ação foi feita.
C:\Users\Leo Jhonys\AppData\Roaming\drivers\rtl3264.vxd (Trojan.Banker.Gen) -> Nenhuma ação foi feita.
C:\Users\Leo Jhonys\AppData\Roaming\drivers\rtl745G.vxd (Trojan.Banker.Gen) -> Nenhuma ação foi feita.
C:\Users\Leo Jhonys\AppData\Roaming\drivers\rtl8194.vxd (Trojan.Banker.Gen) -> Nenhuma ação foi feita.
C:\Users\Leo Jhonys\AppData\Roaming\drivers\rtl9976.vxd (Trojan.Banker.Gen) -> Nenhuma ação foi feita.
C:\Users\Leo Jhonys\AppData\Roaming\drivers\rtl2108.rtl (Trojan.Agent) -> Nenhuma ação foi feita.
C:\Users\Leo Jhonys\AppData\Roaming\drivers\databus.vxd (Trojan.Agent) -> Nenhuma ação foi feita.
C:\Users\Leo Jhonys\AppData\Roaming\drivers\rtl256.vxd (Trojan.Agent) -> Nenhuma ação foi feita.
C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Windows\Themes\vdscreen.sys (Banker.Trace) -> Nenhuma ação foi feita.

(fim)

por **Power Max** Sáb 22 Fev 2014, 22:55

Vários problemas foram encontrados pelo Malwarebytes, mas está constando que nenhuma ação foi feita.

Selecione todos os problemas que ele encontrou e clique em Remover selecionados.

Depois disto poste o novo relatório que o Malwarebytes irá criar aqui em seu tópico.

por leo Jhonys gomes godoi Sáb 22 Fev 2014, 23:02

Ok, removi todos!!!!

Malwarebytes Anti-Malware 1.75.0.1300
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Versão da Base de Dados: v2014.02.22.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16798
Leo Jhonys :: LEOJHONYS-PC [administrador]

22/02/2014 17:22:11
mbam-log-2014-02-22 (17-22-11).txt

Tipo de Verificação: Verificação Completa (C:\|D:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 372691
Tempo decorrido: 1 hora(s), 7 minuto(s), 10 segundo(s)

Processos de Memória Detectados: 1
C:\Users\Leo Jhonys\AppData\Roaming\HoolappForAndroid\Hoolapp.exe (PUP.Optional.InstallCore.A) -> 3272 -> Será deletado na próxima inicialização.

Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Chaves de Registro Detectadas: 4
HKCU\SOFTWARE\BONANZADEALS (PUP.Optional.BonanzaDeals.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\BONANZADEALS (PUP.Optional.BonanzaDeals.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Enviado para a Quarentena e deletado com sucesso.

Valores de Registro Detectadas: 4
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Hoolapp Android (PUP.Optional.InstallCore.A) -> Data: "C:\Users\LEOJHO~1\AppData\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\BonanzaDeals|ChromeCrxPath (PUP.Optional.BonanzaDeals.A) -> Data: C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\BonanzaDeals|ChromeCrxPath (PUP.Optional.BonanzaDeals.A) -> Data: C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx -> Enviado para a Quarentena e deletado com sucesso.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {17FBB074-F555-11E2-9C5E-7071BC59BC1F} -> Enviado para a Quarentena e deletado com sucesso.

Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Pastas Detectadas: 0
(Não foram detectados ítens maliciosos)

Arquivos Detectados: 43
C:\Users\Leo Jhonys\AppData\Roaming\HoolappForAndroid\Hoolapp.exe (PUP.Optional.InstallCore.A) -> Será deletado na próxima inicialização.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll.vir (PUP.Optional.BonanzaDeals.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe.vir (PUP.Optional.BonanzaDeals.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\BonanzaDealsLive.exe.vir (PUP.Optional.BonanzaDeals.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\BonanzaDealsLiveBroker.exe.vir (PUP.Optional.BonanzaDeals.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\BonanzaDealsLiveHandler.exe.vir (PUP.Optional.BonanzaDeals.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\BonanzaDealsLiveOnDemand.exe.vir (PUP.Optional.BonanzaDeals.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdate.dll.vir (PUP.Optional.BonanzaDeals.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll.vir (PUP.Optional.BonanzaDeals.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\psmachine.dll.vir (PUP.Optional.BonanzaDeals.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\psuser.dll.vir (PUP.Optional.BonanzaDeals.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-bg.exe.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-bho.dll.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-bho64.dll.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-buttonutil.exe.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-buttonutil64.exe.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-chromeinstaller.exe.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-codedownloader.exe.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-enabler.exe.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-firefoxinstaller.exe.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-updater.exe.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\utils.exe.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\ProgramData\WPM\wprotectmanager.exe.vir (PUP.Optional.WpManager.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Leo Jhonys\AppData\Local\genienext\nengine.dll.vir (PUP.Optional.NextLive.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Leo Jhonys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_1\mgHelperGC.dll.vir (PUP.Optional.SweetIM) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Leo Jhonys\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe.vir (PUP.Optional.SmartBar.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Leo Jhonys\AppData\Roaming\eDownload\eGdpSvc.exe.vir (PUP.Optional.Wsys.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Leo Jhonys\AppData\Roaming\eIntaller\EE2D6CF7109D406883905237A04B911E\Desk365.exe.vir (PUP.Optional.E7) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Windows\System32\ljkb\lmrn.dll.vir (PUP.Optional.Sweetpacks) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\ARFC\wrtc.exe.vir (PUP.Optional.InstallBrain.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\jmdp\lmrn.dll.vir (PUP.Optional.Sweetpacks) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\WNLT\Installation\NTSetup.exe.vir (PUP.Optional.InstallBrain.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\WNLT\Installation\SKSetup.exe.vir (PUP.Optional.Sweetpacks) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\WNLT\Installation\WSSetup.exe.vir (PUP.Optional.InstallBrain.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Windows\Installer\2d4406.msi (PUP.Optional.SmartBar.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Leo Jhonys\AppData\Roaming\drivers\rtl3264.vxd (Trojan.Banker.Gen) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Leo Jhonys\AppData\Roaming\drivers\rtl745G.vxd (Trojan.Banker.Gen) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Leo Jhonys\AppData\Roaming\drivers\rtl8194.vxd (Trojan.Banker.Gen) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Leo Jhonys\AppData\Roaming\drivers\rtl9976.vxd (Trojan.Banker.Gen) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Leo Jhonys\AppData\Roaming\drivers\rtl2108.rtl (Trojan.Agent) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Leo Jhonys\AppData\Roaming\drivers\databus.vxd (Trojan.Agent) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Leo Jhonys\AppData\Roaming\drivers\rtl256.vxd (Trojan.Agent) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Windows\Themes\vdscreen.sys (Banker.Trace) -> Enviado para a Quarentena e deletado com sucesso.

(fim)

por **Power Max** Sáb 22 Fev 2014, 23:04

$Mensagem de erro: roaming\newnext.me\nengine.dll 772309$ Siga, por gentileza, as dicas do tutorial abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste, por gentileza, o log do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

por leo Jhonys gomes godoi Sáb 22 Fev 2014, 23:11

Ok obrigado, agora está aparecendo apenas abrir com: "DLL comum do shell do windows"

por **Power Max** Sáb 22 Fev 2014, 23:12

leo Jhonys gomes godoi escreveu:Ok obrigado, agora está aparecendo apenas abrir com: "DLL comum do shell do windows"

Como assim? Você executou o Junkware Removal Tool? Se tiver executado poste o relatório dele para podermos analisar.

por leo Jhonys gomes godoi Sáb 22 Fev 2014, 23:23

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Basic x64
Ran by Leo Jhonys on 22/02/2014 at 23:12:57,46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3418770133-2350597102-218098701-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\isafe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASMANCS

~~~ Files

Successfully deleted: [File] "C:\Windows\Tasks\dll-files.com fixer_monthly.job"
Successfully deleted: [File] "C:\Windows\Tasks\dll-files.com fixer_updates.job"
Successfully deleted: [File] "C:\Users\Leo Jhonys\appdata\locallow\SkwConfig.bin"

~~~ Folders

Successfully deleted: [Folder] "C:\Users\Leo Jhonys\AppData\Roaming\dll-files.com"
Successfully deleted: [Folder] "C:\Users\Leo Jhonys\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Program Files (x86)\4shared toolbar"
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{015316E7-7965-4569-A06A-3CB17FD2B3C6}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{01EAE705-EE6A-40CB-8475-EBF8835B8167}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{03E0CB97-571F-4077-B5A8-C368E2F2935E}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{0431FB56-6CE4-499B-870B-19FB076F9C64}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{065777A0-68B7-4FBD-B9C3-9884FE812D99}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{06C60C9E-9C05-4071-A886-DECCF1BC46F6}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{06D1B5AC-3DFB-4721-B3B7-6C0F5C439E9F}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{0A5F3036-3385-4B90-A88E-94514DC3276C}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{0A68C9FD-7377-430C-8D82-BE8CD0714F49}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{0B06D24D-8A09-452B-B28A-B5EADA3E630B}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{0DF724B1-DCB7-40E5-9CE9-2186E78D96DC}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{0E975A55-2E64-4D10-9F07-5573660C8A2A}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{0F51C8F1-1B12-414F-9586-C25EC441892D}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{108DC022-85CA-45B0-A196-0832F62A7565}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{120BCE2B-1D2D-4D5B-98D8-B33DB02BC0FB}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{14D72AE5-A556-4608-9E2A-8E5DCEF200D6}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{14F4D587-F2AF-49D5-B239-4C9692364000}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{190DCA19-5C9C-42C4-A2C5-9D8A864525D0}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{1B461060-E8F2-4ED8-BAC5-15755F2CAEC6}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{1C06BAA5-6F0A-40EF-957E-5148424B8452}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{1CAB9ED8-9A5B-4F86-A6F9-54BB8CFAC009}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{1CD746EB-15CB-4A6C-8959-6BB3EEF94111}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{1EC61E06-E5BC-4C01-89A4-AD02FD503741}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{1FBA6901-9DDD-4CED-99CE-6C40BAFD69FE}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{21284462-C386-4265-8C22-6F5E62B382FA}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{21F71AF5-5434-41E2-88CC-D2FECCED3AC4}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{23E93744-83BD-4B96-8EA1-504E6FF2AECD}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{2434DDED-773F-4F00-8E3F-5C25607437C0}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{26730224-828E-4F2F-B5A5-C2A877A944B8}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{2728A35A-E482-4321-A0E4-4009FABF592D}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{296581C3-BC72-4369-B648-9B279D0B155A}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{2A66D186-6618-41F6-95CE-972B79210C60}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{2CE3F71B-3E87-4211-99C1-7511E2114DD5}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{2D7CB752-F347-4AA9-A26D-1B9F33DA3EDB}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{2D8A4FAF-D326-4D74-B920-D709859E14CE}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{2E11678E-5266-4C53-BF61-DA17BE3C5E8B}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{2EA54108-4FBB-4AE8-B5BD-BABFC41D5F5A}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{2F9861CA-03BE-4541-A2D1-8C6BAA735EF1}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{332015F1-877B-439D-BE9F-7C9E3BCE3132}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{3374D7E5-BB41-40EF-9BF1-335EB25FEE12}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{369B35D6-7992-4F6F-9F82-8A7E0DBAA76C}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{3747876B-2E02-4CF3-AA41-B6EAAEC98D20}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{375320CD-0314-434C-B02B-2695B3BB73BB}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{389A6262-22B5-4160-B8C4-3AB62A191B50}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{39D91FCF-CA9C-4F21-AE04-C1C44C84B545}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{3A3DC0E3-8000-4BEF-9FC2-832367A2135A}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{3BEFA28C-3481-4FF6-B029-922DE1A5C107}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{3C0CC3C5-4F49-4F32-B27F-BE269E911722}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{3DE335F8-0F5C-4D91-92D9-E53B6E9A305D}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{3EE2EA86-9528-4853-8A1C-A7A687D413FC}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{3F02785D-DD64-4CC6-BD3B-04418D4A9FEF}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{3F6DF01F-395C-4B3B-B1EE-F03B16650E16}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{479B5336-0D14-4E20-A742-E189CC0C80E6}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{47C211E6-EC02-46D4-B6BC-39BC3A87616F}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{47E8FE23-4B0A-4243-AE8C-8D408A3F8316}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{4875A484-CF8D-45B7-A1F7-B20A704C80A1}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{4897EAB3-ACDC-40B2-9B5A-2E614D3DCE7B}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{48AC8937-2803-46ED-A319-F6C7D63CD59A}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{4B1A56B8-802B-4AC8-835D-B709AFF7586F}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{4BB27F9A-4302-40CB-9F64-BA1CADD1488E}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{4CF29BBC-68CE-4153-9B0F-9A6C57A8C1DF}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{4D986FC3-9EC5-46E8-A0B9-883384A4F640}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{4DA7C41E-E55E-47BB-A8B5-2DAFF5AADE7A}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{4FF1BEE5-8492-44E1-9EB8-98B09654C897}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{51148154-63A8-48D9-8835-C4A71182BAD4}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{51989E7E-3DA6-4CED-BB9D-C6A1249E5614}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{53151328-CAF2-462A-9EE9-FD2627BED004}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{5324DC73-F4DE-48DD-977F-C33BB9023494}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{543A3590-0C2E-4E7F-8808-DD8F361030CE}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{55F4CA6C-C2A9-4DC3-8A15-49CD6517C35D}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{5A7642F6-8DF1-4347-87C7-1232B21EE040}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{5A8AB0F5-AFEF-48CA-B82C-2C7323AA9BC9}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{5AC46B99-FBF9-4754-B9E1-412B12230E8D}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{5CB5D4B8-F124-4683-A46F-E665D7E42224}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{609B559B-2D5E-4343-B784-9B6225B8A990}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{62D64D54-2B69-486E-8A35-B3CB784364C9}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{65FAA6EB-6F91-4B0A-9899-171AE042F421}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{6666AFF6-8B1D-4712-9C3E-E76FE93AFEF7}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{684C28D9-EA88-4397-961F-ECED23B77E71}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{68FD1171-4DAA-49DA-99E7-E97CBA20FFB8}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{6980DD0F-290F-41E8-8AA3-CEFD26BD8B47}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{6B2D4B6F-51CF-4AB5-AA5D-B8793E5AEE25}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{6CFCE1D7-D421-4D22-B859-7DCE45D84C74}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{6E5C5754-6A53-4089-A226-12BBAC857FC9}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{6E837AED-F294-4B52-883F-905001B6F14B}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{6E8FF9EC-5019-489B-B954-2AD7D49AC2A5}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{70AAB121-29E2-4E29-895B-9D211BE20F49}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{70BBBABF-55ED-4188-A2D9-6B02445E7952}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{71EDB71E-BEC9-4A42-AAEA-6B1485943571}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{74E6130C-1F6C-4729-AE01-5A543B94D3E0}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{75B3BF19-4BBD-4508-A950-C84742EE8242}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{75FC8D35-1D16-4179-8F21-EE843F2A276E}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{79D8C5B0-8B29-4995-98BE-DC2589C096A0}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{7C63C758-C02F-435E-B1D5-0F76C689478D}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{7C9D27E9-480E-4D47-A368-2E5ABDAB2BDD}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{7D675A56-6E76-4F7E-8DEC-A3603B23EFC3}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{7F6735C1-4DD9-4832-9AB5-47D813D3CD68}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{805FDBD2-AB97-4D08-821B-DCA3CFEF4513}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{85C79377-AE63-42CC-B25F-31E6D4D8B181}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{863EFCB7-F628-412E-B701-762E949D4633}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{87B796D4-34F3-49BB-9710-858433578C0B}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{889B8DB4-219E-4D21-B1E7-BD2A0FDDD187}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{8A3C2F56-5380-4323-94FF-D2AC55730998}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{8B50EFF9-8541-4F5B-BF7B-9B38A0FF3A81}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{8D064DB8-32D0-452E-83F2-3A1BFEE6C599}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{8D6AF481-E91B-4A38-9681-7DBE443C7554}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{8FC24648-FBFE-41D9-9EEB-34B32AB194AE}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{90BB0340-2359-438A-B370-B747D5B2E35C}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{90C223A1-09F7-454A-90E0-D39D08ACDA14}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{919A67DC-B473-42CF-87E5-D786582F334A}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{91B2B2AA-0A6E-4586-96DD-5D5D8F452816}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{991FC946-547D-4D04-BFFE-1DC4B71AEC64}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{9A8CC7B5-2441-4602-A136-D43E28642C03}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{9D745CBE-E7D2-401D-8F77-7F2709974E28}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{A0C442C6-3F62-427C-9CD0-D2E751B49DF7}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{A74608E0-5BD3-4B62-B0BF-03E91C93E329}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{A841C0FE-94E4-4F5C-81A4-AA071F03ADDD}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{AA266128-9373-47AD-8C37-772C8223FB93}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{AAC4AA00-6E2B-431E-9753-0FCC543E3B8A}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{AC590985-53EB-4DC6-A372-8A20F6DBC72E}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{AD7140E0-F90C-44D1-9795-7845AB5AC3BC}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{AE0C48B2-80D5-4E83-97CD-93E32140A6B3}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{AFC49D25-BAD4-48F1-A663-211502E39F84}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{B2BCAF46-45AB-4502-BF0B-8AFEFE256DE2}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{B33CE257-482B-4DB1-B9E6-385DF1BEA701}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{B96EBC94-FD4C-4EDD-8475-377E91D9946B}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{C19EFDD5-F2ED-4C8A-A9FB-0965ADE75F11}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{C25B09EF-FF90-4F26-828B-0736FE537992}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{C38184BF-E085-49EA-B7A4-F28DD795ABA5}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{C42D40B0-1F19-4370-A9DD-6EB123AAA585}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{C506A3AE-351B-4BF0-891B-945B2874DD18}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{C57CFAF8-29DA-40FB-9C06-7FA54CC9DB77}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{C5815414-F66D-46E2-9352-B31BE4BD7384}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{C5B2C8D4-739F-4390-9BDF-DA7EEBD03AA4}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{C6C1529F-67F6-49D4-B577-F920C3DD8D72}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{C6CD5467-D416-4846-B41A-922C35F594FC}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{C7D739CA-B72A-406B-89D9-67D28A626F6A}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{CA9036F6-7887-47D1-BF2B-C911DC7ED6E2}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{CCC16B42-E64B-4532-AFC6-D42A049BCCA9}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{CD09D97F-9C25-4415-BFD4-581D5479F4CB}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{CF91FA66-6057-4914-A946-F2FCE25C7F11}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{D0FA6FB1-0B06-447C-A623-88C7EACA4FFA}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{D15990FA-91C1-4077-9722-F5435799546E}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{D1959238-0276-495F-9E5D-4C272F0F0BBB}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{D2BE4F42-0E3C-4935-A433-2A7285B3058C}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{D5223F48-D056-4860-9A30-069DE5DF6358}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{D5A0D0D4-3A90-4476-8B99-BFB6EC9CFE3E}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{DB1BFB22-884D-4EE3-8954-94C45C8D93ED}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{DB2E702A-B270-4437-905E-CD2942955F6A}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{DBA17825-6A58-445C-84A0-CC14BA7DD390}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{DBBBA529-0348-43B0-ACD1-0F116BFB248E}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{DBDDB608-A19A-4553-B018-A996F4F1A208}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{DC1C7EF0-40CD-4E5B-AFEF-1D2E8C20FA35}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{DDE7FF46-02DB-4ECE-A7DE-C4CA3AFAF374}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{DE2CB7C9-26F4-4C20-834E-5F47699E2917}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{DE7A4869-0131-4110-9C91-9F9C881DC3D1}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{DFC31534-BA7C-4351-A87C-CAC4A9A12341}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{E0843A72-F34D-430F-926C-6D8C36694CE6}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{E14180E5-D7C1-40B7-A652-779313CC65A4}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{E293D6E1-9D86-4730-B32F-6A20CB6554AC}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{E4D5A412-E480-4A84-9046-6123E0A46F1D}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{E506B0AA-4840-4930-89AC-C0A60242A3E7}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{E537FBFE-BD93-4F70-BB59-AD5A5E1D0055}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{E5C920C3-E01E-45CE-AAF6-4EB0BAF20048}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{E5D45246-2F99-43C2-B569-426E30245906}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{E6683CB2-FC33-4881-A6E6-4C475C96335C}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{E80F6CE9-39C7-44E8-A1B3-E908D5BD426D}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{E8590DC8-E0D9-4391-8AFD-F864278B9EF3}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{E9A138E6-2FB2-48DD-BC9F-369DE1B50878}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{EA61F819-0F07-4F89-B8D8-DAEEA2C68755}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{EB35AB7E-0C56-4C99-8B85-F82D8DC563AB}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{ED895A88-FE63-4D60-94B6-BF741103886C}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{F7479866-04A2-4189-867C-7152117D8215}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{F7AC7F7B-8C0D-4A8F-B828-C8EB3ACA06DB}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{F8064448-7FDB-41AA-A8A1-A17EABB453FB}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{F8C65E08-DE89-487B-94DD-E8C8767FE716}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{FA3B0A7F-3233-43D6-AB59-4C6B8EBF4447}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{FD355C68-FA1E-464A-B1CA-BE60DEF97984}
Successfully deleted: [Empty Folder] C:\Users\Leo Jhonys\appdata\local\{FE8F9066-E33B-4CBC-B3B8-E8E49740C301}

~~~ FireFox

Successfully deleted: [File] C:\user.js
Emptied folder: C:\Users\Leo Jhonys\AppData\Roaming\mozilla\firefox\profiles\094n53ga.default\minidumps [1 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22/02/2014 at 23:22:11,15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

por **Power Max** Sáb 22 Fev 2014, 23:24

$Mensagem de erro: roaming\newnext.me\nengine.dll 772309$ Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

por leo Jhonys gomes godoi Sáb 22 Fev 2014, 23:36

Zoek.exe v5.0.0.0 Updated 19-February-2014
Tool run by Leo Jhonys on 22/02/2014 at 23:33:03,42.
Microsoft Windows 7 Home Basic 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Leo Jhonys\Downloads\zoek.pif [Scan all users] [Script inserted]

===== Runcheck 23:34:05,46 =====

--- Create Environment Variables 23:34:07,41
--- Create System Restore Point 23:34:17,00
--- Checking Input 23:34:44,12
--- Reset Hosts File 23:34:49,78
--- AU AppData Check 23:34:52,01
--- Remove From Windows Installer 23:34:58,21

por **Power Max** Sáb 22 Fev 2014, 23:37

O Zoek ainda está em execução. Quando ele terminar completamente a limpeza você posta o relatório dele completo, por gentileza.

por leo Jhonys gomes godoi Sáb 22 Fev 2014, 23:39

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Por favor toda vez que ligo o note aparece esse abrir com!!!

Trata-se de outro problema????

por leo Jhonys gomes godoi Sáb 22 Fev 2014, 23:40

Ok desculpa!!! $Mensagem de erro: roaming\newnext.me\nengine.dll 648673379$ $Mensagem de erro: roaming\newnext.me\nengine.dll 404338$

por leo Jhonys gomes godoi Dom 23 Fev 2014, 00:17

Zoek.exe v5.0.0.0 Updated 19-February-2014
Tool run by Leo Jhonys on 22/02/2014 at 23:33:03,42.
Microsoft Windows 7 Home Basic 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Leo Jhonys\Downloads\zoek.pif [Scan all users] [Script inserted]

==== System Restore Info ======================

22/02/2014 23:34:41 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Creating Sample_022014_2348.zip ======================

Process chrome.exe killed
Copied file C:\Users\Leo Jhonys\AppData\Roaming\unins000.exe to sample\unins000.exe
sample\unins000.exe renamed to 45D18DC0CA53BFFAA11F992BEF63280D

C:\Users\Public\Desktop\sample_022014_2348.zip created successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\LEOJHO~1\AppData\Roaming\Mozilla\Firefox\Profiles\04t57g52.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal");

Added to C:\Users\LEOJHO~1\AppData\Roaming\Mozilla\Firefox\Profiles\04t57g52.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\LEOJHO~1\AppData\Roaming\Mozilla\Firefox\Profiles\094n53ga.default\prefs.js:

Added to C:\Users\LEOJHO~1\AppData\Roaming\Mozilla\Firefox\Profiles\094n53ga.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\LEOJHO~1\AppData\Roaming\Mozilla\Firefox\Profiles\04t57g52.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_022014_2349_.backup

ProfilePath: C:\Users\LEOJHO~1\AppData\Roaming\Mozilla\Firefox\Profiles\094n53ga.default

user.js not found
---- Lines Lyric modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Program Files\\\\AVAST So
---- FireFox user.js and prefs.js backups ----

prefs_022014_2349_.backup

==== Deleting Files \ Folders ======================

C:\Users\Leo Jhonys\daemonprocess.txt deleted
C:\Program Files\Uninstaller deleted
C:\PROGRA~2\Wondershare deleted
C:\PROGRA~2\COMMON~1\Wondershare deleted
C:\found.000 deleted
C:\found.001 deleted
C:\Users\Leo Jhonys\AppData\Roaming\eCyber deleted
C:\Users\Leo Jhonys\AppData\Roaming\HoolappForAndroid deleted
C:\Users\Leo Jhonys\AppData\Local\Wondershare deleted
C:\Users\Leo Jhonys\AppData\Local\CoolLinks deleted
C:\Users\Leo Jhonys\AppData\Local\cache deleted
C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\Tasks\SomotoUpdateCheckerAutoStart deleted
C:\windows\SysNative\Tasks\Hoolapp For Android deleted
C:\windows\SysNative\Tasks\Hoolapp Init deleted
C:\Users\Public\sdelevURL.tmp deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
C:\Users\Leo Jhonys\AppData\Roaming\unins000.exe deleted
"C:\Users\Leo Jhonys\AppData\Roaming\337 Wallpaper" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [20/02/2014 20:34]

==== Firefox Extensions ======================

ExtDir: C:\Users\Leo Jhonys\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- GoPhotoIt - %ExtDir%\gophoto@gophoto.it.xpi
- HDvid Codec 3 - %ExtDir%\hdvc3@hdvidcodec.com.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Leo Jhonys\AppData\Roaming\Mozilla\Firefox\Profiles\094n53ga.default
C36444D7301A8C881FC7296B092609C7 - C:\Users\Leo Jhonys\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll - Google Update
68BCBB241EF254BC5100D9E6C06ECC71 - C:\Users\Leo Jhonys\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll - Google Talk Plugin Video Accelerator
99FE6AFE80EB7FE3EEB75DC504A326A3 - C:\Users\Leo Jhonys\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer
AF42019A3B0EDBFA6878F75B9377A792 - C:\Users\Leo Jhonys\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin
63BF4171F8EF7AA2C9D20EFB5B336B63 - C:\Users\Leo Jhonys\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll - Módulo de Proteção - Banco Santander (Brasil) S.A.
FF0D6F82A0EC13952E83B9439100E45D - C:\Users\Leo Jhonys\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin

==== Deleted Firefox Extensions ======================

C:\Users\Leo Jhonys\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\gophoto@gophoto.it.xpi deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[20/02/2014 20:34]
gpabpboohfeecdkmjhbccaaknnnbgadd - C:\Users\Leo Jhonys\AppData\Local\Temp\4sharedToolbar.crx[]
nfmehijkjmecpggalfkngbpppbfdpdkg - C:\Users\Leo Jhonys\AppData\Local\CoolLinks\extension.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
abmojiekfpcmkkfamgfcpgfgipocface - C:\Users\Leo Jhonys\AppData\Local\GAS Tecnologia\GBBD\abn\sf.crx[01/04/2013 14:43]

GBBD Banco Santander (Brasil) S.A. - Leo Jhonys\AppData\Local\Google\Chrome\User Data\Default\Extensions\abmojiekfpcmkkfamgfcpgfgipocface
avast Online Security - Leo Jhonys\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
CoolLinks - Leo Jhonys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfmehijkjmecpggalfkngbpppbfdpdkg
Google Wallet - Leo Jhonys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chrome Fix ======================

C:\Users\Leo Jhonys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfmehijkjmecpggalfkngbpppbfdpdkg deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Default_Search_URL"="http://www.google.com/ie"
"Default_Page_URL"="http://www.google.com"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
"Default"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Leo Jhonys\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Leo Jhonys\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Leo Jhonys\Desktop\DVD Shrink 3.2.lnk - C:\Program Files (x86)\DVD Shrink\DVD Shrink 3.2.exe
C:\Users\Leo Jhonys\Desktop\Format Factory.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
C:\Users\Leo Jhonys\Desktop\Revo Uninstaller.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\avast Free Antivirus.lnk -
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe
C:\Users\Public\Desktop\Recuva.lnk - C:\Program Files\Recuva\Recuva64.exe
C:\Users\Public\Desktop\Winamp.lnk - C:\Program Files (x86)\Winamp\winamp.exe
C:\Users\Public\Desktop\µTorrent.lnk -

==== shortcuts in Users Start Menu ======================

C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup\Google+ Auto Backup.lnk - C:\Users\Leo Jhonys\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe
C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup\Uninstall Google+ Auto Backup.lnk - C:\Windows\SysWOW64\msiexec.exe /x {A50DE037-B5C0-4C8A-8049-B0C576B313D1}
C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files (x86)\WinRAR\Rar.txt
C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt
C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm
C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast Free Antivirus.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe
C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk - C:\Program Files (x86)\Winamp\winamp.exe
C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Recuva.lnk - C:\Program Files\Recuva\Recuva64.exe
C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Windows Live Messenger.lnk - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Calculator.lnk - C:\Windows\system32\calc.exe
C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Notepad.lnk - C:\Windows\system32\notepad.exe
C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Leo Jhonys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyServer"="0.29.82.144:100"
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gpabpboohfeecdkmjhbccaaknnnbgadd deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\nfmehijkjmecpggalfkngbpppbfdpdkg deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DMUninstaller deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\CB600452ED7928C41A1A2AAB2D250038 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeARN deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HW_OPENEYE_OUC_VIVO INTERNET deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pdnol deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Leo Jhonys\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Leo Jhonys\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=164 folders=62 13599958 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\DefaultAppPool\AppData\Local\Temp emptied successfully
C:\Users\Leo Jhonys\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\LEOJHO~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 23/02/2014 at 0:12:51,64 ======================

por leo Jhonys gomes godoi Dom 23 Fev 2014, 00:21

por **Power Max** Dom 23 Fev 2014, 08:12

$Mensagem de erro: roaming\newnext.me\nengine.dll 772309$ Só para finalizar siga estes tutoriais abaixo, por gentileza:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________

$Mensagem de erro: roaming\newnext.me\nengine.dll 772309$ Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].
_______________________________________________________________________________________________________________________

$Mensagem de erro: roaming\newnext.me\nengine.dll 648673379$ Foi um prazer ajudar. Conte sempre conosco!

por **Power Max** Dom 23 Mar 2014, 19:20

CASO RESOLVIDO

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.

por Conteúdo patrocinado

Mensagem de erro: roaming\newnext.me\nengine.dll

$Mensagem de erro: roaming\newnext.me\nengine.dll Empty$ Mensagem de erro: roamingnewnext.menengine.dll

$Mensagem de erro: roaming\newnext.me\nengine.dll Empty$ (RESOLVIDO) Mensagem de erro: roamingnewnext.menengine.dll

$Mensagem de erro: roaming\newnext.me\nengine.dll Empty$ Re: Mensagem de erro: roaming\newnext.me\nengine.dll

$Mensagem de erro: roaming\newnext.me\nengine.dll Empty$ (RESOLVIDO) Mensagem de erro: roamingnewnext.menengine.dll

$Mensagem de erro: roaming\newnext.me\nengine.dll Empty$ Re: Mensagem de erro: roaming\newnext.me\nengine.dll

$Mensagem de erro: roaming\newnext.me\nengine.dll Empty$ (RESOLVIDO) Mensagem de erro: roamingnewnext.menengine.dll

$Mensagem de erro: roaming\newnext.me\nengine.dll Empty$ Re: Mensagem de erro: roaming\newnext.me\nengine.dll

$Mensagem de erro: roaming\newnext.me\nengine.dll Empty$ Re: Mensagem de erro: roaming\newnext.me\nengine.dll

$Mensagem de erro: roaming\newnext.me\nengine.dll Empty$ Re: Mensagem de erro: roaming\newnext.me\nengine.dll

$Mensagem de erro: roaming\newnext.me\nengine.dll Empty$ (RESOLVIDO) Mensagem de erro: roamingnewnext.menengine.dll

$Mensagem de erro: roaming\newnext.me\nengine.dll Empty$ Re: Mensagem de erro: roaming\newnext.me\nengine.dll

$Mensagem de erro: roaming\newnext.me\nengine.dll Empty$ Re: Mensagem de erro: roaming\newnext.me\nengine.dll

$Mensagem de erro: roaming\newnext.me\nengine.dll Empty$ Re: Mensagem de erro: roaming\newnext.me\nengine.dll

$Mensagem de erro: roaming\newnext.me\nengine.dll Empty$ Re: Mensagem de erro: roaming\newnext.me\nengine.dll

$Mensagem de erro: roaming\newnext.me\nengine.dll Empty$ Re: Mensagem de erro: roaming\newnext.me\nengine.dll

$Mensagem de erro: roaming\newnext.me\nengine.dll Empty$ Re: Mensagem de erro: roaming\newnext.me\nengine.dll

$Mensagem de erro: roaming\newnext.me\nengine.dll Empty$ Re: Mensagem de erro: roaming\newnext.me\nengine.dll

$Mensagem de erro: roaming\newnext.me\nengine.dll Empty$ Re: Mensagem de erro: roaming\newnext.me\nengine.dll

$Mensagem de erro: roaming\newnext.me\nengine.dll Empty$ Re: Mensagem de erro: roaming\newnext.me\nengine.dll

$Mensagem de erro: roaming\newnext.me\nengine.dll Empty$ Re: Mensagem de erro: roaming\newnext.me\nengine.dll

Seg	Ter	Qua	Qui	Sex	Sáb	Dom
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31