Flux 
Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 10 usuários online :: 0 registrados, 0 invisíveis e 10 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
| Power Max |
| |||
| joram |
| |||
| Wings [In Memoriam] |
| |||
| caedurodrigues |
| |||
| Amigo Brasileiro |
| |||
| luizvilarinho |
| |||
| Danii |
| |||
| Admin |
| |||
| Danilo Marsaro |
| |||
| Andreata |
|
Não consigo remover o ads by View-Password do meu notebook
2 participantes
Página 1 de 2
Página 1 de 2 • 1, 2 
Não consigo remover o ads by View-Password do meu notebook
por Aderlei Santana Ter 04 Mar 2014, 19:15
~ Relatório do ZHPDiag v2014.3.2.6 - Nicolas Coolman (03/03/2014)
~ Iniciado por Aderlei (04/03/2014 17:44:14)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.16518
MFIE: Mozilla Firefox 27.0.1 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
Windows Defender W7
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4009 MB (46% free)
System Restore: Activé (Enable)
System drive C: has 125 GB (70%) free of 178 GB
---\\ Modo de conexão ao sistema
~ Computer Name: NP300E4A-PC
~ User Name: Aderlei
~ All Users Names: UpdatusUser, HomeGroupUser$, Convidado, Administrador, Aderlei,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Aderlei\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Aderlei\AppData\Roaming\
~ %Desktop% : C:\Users\Aderlei\Desktop\
~ %Favorites% : C:\Users\Aderlei\Favorites\
~ %LocalAppData% : C:\Users\Aderlei\AppData\Local\
~ %StartMenu% : C:\Users\Aderlei\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 125 Go of 178 Go)
D: Hard drive, Flash drive, Thumb drive (Free 265 Go of 265 Go)
E: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 46 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 03:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.263B6E451526A90FF8B1CEC759F22956] - (.Microsoft Corporation - Internet Extensions para Win32.) (.06/02/2014 - 06:24:52.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.21/11/2010 - 00:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.27/09/2013 - 22:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.12/04/2013 - 11:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.25/02/2011 - 03:25:38.) -- C:\Windows\system32\Drivers\volsnap.sys [296320]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/34
~ Mes musiques (My Musics) : 1/3
Mes Videos (My Videos) : 2/2 (Modified)
~ Mes Favoris (My Favorites) : 1/12
~ Mes Documents (My Documents) : 2/49
~ Mon Bureau (My Desktop) : 2/383
~ Menu demarrer (Programs) : 1/5
~ Hidden Files: Scanned in 00mn 00s
---\\ Processos lançados
[MD5.7CE015138BA637BDBE1CB0AB9D4955EB] - (.Intel Corporation - Bluetooth Media Player Controller.) -- C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe [839744] [PID.3816]
[MD5.9D4A0ECBF734E2EECDD5B473A2D705FE] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016] [PID.3992]
[MD5.B7A97647B3967F825E4A064179383731] - (...) -- C:\Program Files (x86)\Baixou Agora App\BaixouAgora.exe [2190824] [PID.3088]
[MD5.4944790BD547B165F7E9F76BF3252C5D] - (.CompSoft - DoroServer.) -- C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe [172032] [PID.3480]
[MD5.57DCA6CE6F6DE6DE818654693B339ADC] - (.Samsung Electronics Co., Ltd. - MovieColorEnhancer.exe.) -- C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [784264] [PID.3524]
[MD5.B00F98FF6FE8682FF941BEB2559BF191] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488] [PID.3704]
[MD5.026C4CA19FAE1F84894A99735B15AACA] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859464] [PID.5468]
[MD5.66EA3B698F9A7EA2DBF0E4B246B6C958] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8349696] [PID.10112]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
G2 - GCE: Preference [User Data\Default] [fhokfmhpdoppcompklkineedkmhinhdf] BaseFlash v.1.0, (Activé)
G2 - GCE: Preference [User Data\Default] [fjbbjfdilbioabojmcplalojlmdngbjl] SmileysWeLove | smileys fantástico para qualquer ocasião v.3.0.8.0, (Désactivé) =>Adware.SmileyBar
G2 - GCE: Preference [User Data\Default] [fjoijdanhaiflhibkljeklcghcmmfffh] WebCake v.1.0.3 (Désactivé) =>Adware.WebCake
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [oalifdbckgeckmcjidkfgiikhpcdbdah] Lyrics On v.1.114 (Désactivé) =>Adware.AddLyrics
G2 - GCE: Preference [User Data\Default] [pelmeidfhdlhlbjimpabfcbnnojbboma] Quick Start v.3.1.1, (Désactivé)
G2 - GCE: Preference [User Data\Default] [zzzzzzzzzzzzzzzzoibponkmmpgpmjgl] BaseFlash v.1.0, (Désactivé)
~ Google Browser: 23 Legitimates Filtered in 00mn 13s
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\Aderlei\AppData\Roaming\Mozilla\Firefox\Profiles\6g63usux.default\prefs.js
M0 - MFSP: prefs.js [Aderlei - 6g63usux.default] [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Firefox Browser: 2 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.Searchou
~ IE Browser: 23 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:13828 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects do navegador (02)
O2 - BHO: CompSegIB [64Bits] - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Banco Bradesco S.A. - scpsssh2 Module.) -- C:\Program Files (x86)\Scpad\scpsssh2.dll
O2 - BHO: BaseFlash Ads [64Bits] - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} . (...) -- C:\Users\Aderlei\AppData\Roaming\BaseFlash\IE\BaseFlash.dll
~ BHO: 10 Legitimates Filtered in 00mn 00s
---\\ Barras do Internet Explorer (03))
O3 - Toolbar: Norton Toolbar - [HKLM]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Assistente Pimaco.lnk . (...) -- C:\Pimaco\Pimaco.docm
O4 - GS\Desktop [Public]: Easy Settings.lnk . (.Samsung Electronics Co., Ltd. - Easy Settings.) -- C:\Program Files (x86)\Samsung\Easy Settings\ControlCenter.exe
O4 - GS\Desktop [Public]: Easy Software Manager.lnk . (.Samsung - SoftwareManager.) -- C:\Program Files (x86)\Samsung\Easy Software Manager\SoftwareManager.exe
O4 - GS\Desktop [Public]: Easy Support Center.lnk . (.SAMSUNG Electronics - Easy Support Center.) -- C:\Program Files (x86)\Samsung\Easy Support Center\SSCMain.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Multimedia POP.lnk . (.TODO: - TODO: .) -- C:\Program Files\Samsung\MultimediaPOP\MultimediaPOP.exe
O4 - GS\Desktop [Public]: User Guide.lnk . (.Samsung Electronics - Runmanual.) -- C:\Program Files\Samsung\SamsungManual\RunManual.exe
O4 - GS\Program [Public]: Lista Telefônica Online.lnk . (...) -- C:\Program Files (x86)\BPesq\BPesq.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [Aderlei]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Aderlei]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Aderlei]: chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Aderlei]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar [Aderlei]: Santana.lnk . (...) -- C:\Making\Sistema\Santana.exe
O4 - GS\TaskBar [Aderlei]: Software Launcher.lnk . (.Samsung Electronics CO., LTD. - Software Launcher.) -- C:\Program Files (x86)\Samsung\Software Launcher\Software Launcher.exe
O4 - GS\Desktop [Aderlei]: Arquivos de instalação do Norton.lnk - Chave orfã
O4 - GS\Desktop [Aderlei]: chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Aderlei]: MANUAL DE MONTAGEM MADINE 27-02-2014 - Atalho.lnk . (...) -- C:\Users\Aderlei\Documents\MANUAL DE MONTAGEM MADINE 27-02-2014.rar
O4 - GS\Desktop [Aderlei]: Play Games.lnk . (.WildTangent, Inc. - GameConsole.) -- C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsole-wt.exe
O4 - GS\Desktop [Aderlei]: Santana.lnk . (...) -- C:\Making\Sistema\Santana.exe
~ Global Startup: 68 Legitimates Filtered in 00mn 01s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [BTMTrayAgent] . (.Intel Corporation - Bluetooth Shell Extension.) -- C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [Baixou Agora] . (...) -- C:\Program Files (x86)\Baixou Agora App\BaixouAgora.exe
O4 - HKLM\..\Wow6432Node\Run: [DoroServer] . (.CompSoft - DoroServer.) -- C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe
O4 - HKLM\..\Wow6432Node\Run: [fst_br_82] Chave orfã
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{64A83DD5-6103-4B06-B8EC-14657DED3F73}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{64A83DD5-6103-4B06-B8EC-14657DED3F73}: DhcpDomain = homestation
O17 - HKLM\System\CS1\Services\Tcpip\..\{64A83DD5-6103-4B06-B8EC-14657DED3F73}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{64A83DD5-6103-4B06-B8EC-14657DED3F73}: DhcpDomain = homestation
O17 - HKLM\System\CS2\Services\Tcpip\..\{64A83DD5-6103-4B06-B8EC-14657DED3F73}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{64A83DD5-6103-4B06-B8EC-14657DED3F73}: DhcpDomain = homestation
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA Compatible NVIDIA shim initializatio.) - C:\windows\system32\nvinitx.dll
~ AppInit DLL: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) . (.FirebirdSQL Project - Firebird SQL Server.) - C:\Program Files (x86)\Firebird\Firebird_2_0\bin\fbguard.exe
O23 - Service: SamsungDeviceConfiguration (SamsungDeviceConfigurationWinService) . (...) - C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
O23 - Service: scpVista (scpVista) . (.Banco Bradesco S.A. - scpVista.) - C:\Program Files (x86)\Scpad\scpVista.exe
O23 - Service: Protect your browser's extensions (srvProtectExtension) . (.No owner - ProtectExts.) - C:\Users\Aderlei\AppData\Roaming\ProtectExtension\protect\ProtectExtension.exe
O23 - Service: View Password (ViewPassword) . (...) - C:\Program Files (x86)\View-Password-soft\ViewPassword155.exe =>PUP.ViewPassword
~ Services: 18 Legitimates Filtered in 00mn 06s
---\\ Tarefas planificadas automaticamente (039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\f3ven-chromeinstaller.job [3072]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HDVideo-chromeinstaller.job [3080]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job [934] =>PUP.SaveSense
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\View Password Update.job [412] =>PUP.ViewPassword
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\View Password_wd.job [416] =>PUP.ViewPassword
[MD5.E88291D6CB7AD093FE1B406FAD1A46DE] [APT] [View Password Update] (...) -- C:\Program Files (x86)\View-Password-soft\View-.exe [248320] =>PUP.ViewPassword
[MD5.C48D3E40239AA459DE81F749484932F5] [APT] [View Password_wd] (...) -- C:\Program Files (x86)\View-Password-soft\ViewPassword_wd.exe [93184] =>PUP.ViewPassword
[MD5.00000000000000000000000000000000] [APT] [{04415692-BC48-49A8-94F6-45CB8951AC87}] (...) -- C:\Program Files (x86)\HDVideo\Uninstall.exe (.not file.) [0]
~ Scheduled Task: 17 Legitimates Filtered in 00mn 02s
---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (badriver) . (.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) - C:\Windows\System32\drivers\badriver.sys
O41 - Driver: (Bfilter) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\windows\system32\drivers\Bfilter.sys =>Adware.BDSearch
O41 - Driver: (Bfmon) . (.Baidu, Inc. - Baidu FS Monitor Driver.) - C:\windows\system32\drivers\Bfmon.sys =>Adware.BDSearch
O41 - Driver: (Bprotect) . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - C:\windows\system32\drivers\Bprotect.sys =>Adware.BDSearch
~ Drivers: 100 Legitimates Filtered in 00mn 00s
---\\ Software instalados (042)
O42 - Logiciel: Save Sense (remove only) - (.SaveSense.) [HKCU][64Bits] -- Save Sense =>PUP.SaveSense
O42 - Logiciel: SaveSense - (.SaveSense.) [HKCU][64Bits] -- SaveSense =>PUP.SaveSense
~ Logic: 5 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\Baidu] =>Adware.BDSearch
[HKCU\Software\Baixou Agora]
[HKCU\Software\Filseclab]
[HKCU\Software\ForumerIT] =>Toolbar.Forumer
[HKCU\Software\Industriya]
[HKLM\Software\Wow6432Node\360Safe] =>Trojan.Trojan.Lozavita
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\BaseFlash]
[HKLM\Software\Wow6432Node\Filseclab]
[HKLM\Software\Wow6432Node\HDVideo]
[HKLM\Software\Wow6432Node\Industriya]
[HKLM\Software\Wow6432Node\ProtectExtension]
[HKLM\Software\Wow6432Node\baidu] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\f3ven]
~ Key Software: 159 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 04/03/2014 - 15:26:55 - [4,976] ----D C:\Program Files (x86)\Baixou Agora App
O43 - CFD: 03/05/2013 - 10:36:55 - [2,642] ----D C:\Program Files (x86)\BPesq
O43 - CFD: 09/02/2014 - 15:22:00 - [1,511] ----D C:\Program Files (x86)\Scpad
O43 - CFD: 04/03/2014 - 17:23:14 - [1,123] ----D C:\Program Files (x86)\View-Password-soft =>PUP.ViewPassword
O43 - CFD: 04/03/2014 - 14:00:39 - [0] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 26/06/2013 - 18:39:55 - [2,822] ----D C:\Users\Aderlei\AppData\Roaming\Baidu Security =>Adware.BDSearch
O43 - CFD: 04/03/2014 - 15:29:27 - [0,164] ----D C:\Users\Aderlei\AppData\Roaming\BaseFlash
O43 - CFD: 04/03/2014 - 14:43:51 - [1,442] ----D C:\Users\Aderlei\AppData\Roaming\ProtectExtension
O43 - CFD: 09/02/2014 - 15:22:34 - [0,013] ----D C:\Users\Aderlei\AppData\Roaming\SmileysWeLove =>Adware.SmileyBar
~ 15 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 152 Legitimates Filtered in 00mn 40s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 04/03/2014 - 14:47:51 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032] =>Adware.BDSearch
O44 - LFC:[MD5.DFC1681F6645CB2AEA83897588F05362] - 04/03/2014 - 14:47:51 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624] =>Adware.BDSearch
O44 - LFC:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 04/03/2014 - 14:47:52 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992] =>Adware.BDSearch
O44 - LFC:[MD5.9AA597B3B8286301E4AD347F42477A86] - 04/03/2014 - 17:37:58 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [147864]
O44 - LFC:[MD5.AC942B3F4E9B38EC17D013D55181E37C] - 04/03/2014 - 17:37:58 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [706024]
O44 - LFC:[MD5.1F6195F7F0B2AD16F19CA7472F330273] - 19/02/2014 - 17:57:50 ---A- . (.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\badriver.sys [44520]
~ Files: 13 Legitimates Filtered in 00mn 02s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.F338F29E06D24AC1C162131C1C908FB5] - 19/06/2013 - 19:51:44 R--A- . (.360.cn - 360HipsOEM.) -- C:\Windows\System32\Drivers\360FltOEM.sys [288688]
O58 - SDL:[MD5.449D90F1FB6402773C2F1ECCEAE15F74] - 04/12/2011 - 21:22:58 ---A- . (.Windows (R) Win 7 DDK provider - Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual A.) -- C:\Windows\System32\Drivers\AmpPal.sys [195584]
O58 - SDL:[MD5.1F6195F7F0B2AD16F19CA7472F330273] - 19/02/2014 - 17:57:50 ---A- . (.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\badriver.sys [44520]
O58 - SDL:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 21/01/2014 - 11:14:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032] =>Adware.BDSearch
O58 - SDL:[MD5.DFC1681F6645CB2AEA83897588F05362] - 21/01/2014 - 11:14:50 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624] =>Adware.BDSearch
O58 - SDL:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992] =>Adware.BDSearch
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 16 Legitimates Filtered in 00mn 27s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 19/02/2014 - C:\Windows\System32\drivers\badriver.sys (badriver) .(.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) - LEGACY_BADRIVER
O64 - Services: CurCS - 01/01/1601 - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys (BdApiUtil) .(...) - LEGACY_BDAPIUTIL =>Adware.BDSearch
O64 - Services: CurCS - 01/01/1601 - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys (BdCameraProtect) .(...) - LEGACY_BDCAMERAPROTECT =>Adware.BDSearch
O64 - Services: CurCS - 21/01/2014 - C:\windows\system32\drivers\Bfilter.sys (Bfilter) .(.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - LEGACY_BFILTER =>Adware.BDSearch
O64 - Services: CurCS - 21/01/2014 - C:\windows\system32\drivers\Bfmon.sys (Bfmon) .(.Baidu, Inc. - Baidu FS Monitor Driver.) - LEGACY_BFMON =>Adware.BDSearch
O64 - Services: CurCS - 21/01/2014 - C:\windows\system32\drivers\Bprotect.sys (Bprotect) .(.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - LEGACY_BPROTECT =>Adware.BDSearch
O64 - Services: CurCS - 01/01/1601 - C:\windows\system32\drivers\BprotectEx.sys (BprotectEx) .(...) - LEGACY_BPROTECTEX
O64 - Services: CurCS - 07/02/2014 - C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\IPSDefs\20140303.001\IDSvia64.sys (IDSVia64) .(.Symantec Corporation - IDS Core Driver.) - LEGACY_IDSVIA64
O64 - Services: CurCS - 01/01/1601 - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys (PCFApiUtil) .(...) - LEGACY_PCFAPIUTIL =>Adware.BDSearch
~ Legacy: 98 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- c:\program files (x86)\mozilla firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- c:\program files (x86)\google\chrome\application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- c:\program files\internet explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] d6ec5a97-dbd0-46b3-9c44-5b0e1240c6be - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.8DDB84FB5FD7958654F23ECE6EA14D0F] [SPRF][15/01/2014] (.Baidu, Inc. - Baidu Antivirus FileSplitUpLoad Library.) -- C:\ProgramData\FileSplitUpLoad.dll [167784] =>Adware.BDSearch
~ Files: 1 Legitimates Filtered in 00mn 00s
---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "092BFC7DE001B504E8793801482880CB" . (.Lista Telefônica Online.) -- C:\windows\Installer\{D7CFB290-100E-405B-8E97-8310848208BC}\ARPPRODUCTICON.exe
O90 - PUC: "A6F040E19CD6FCD418C9CFEF27B00679" . (.Assistente Pimaco.) -- C:\windows\Installer\{1E040F6A-6DC9-4DCF-819C-FCFE720B6097}\Pimaco_2.exe
~ Update Products: 463 Legitimates Filtered in 00mn 00s
---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.E6E4A12D596AD8934FDD2DE83EAEE537] [WIS][24/08/2013] (.Pimaco - Assistente Pimaco.) -- C:\Windows\Installer\24716b.msi [273920]
[MD5.FF8E7FB9DD07B0159B4567BF074C52AE] [WIS][15/09/2013] (.ReSoft Ltd. - Snap.Do.) -- C:\Windows\Installer\2e4e9f4.msi [9207808] =>Hijacker.SmartBar
~ WIS: 465 Legitimates Filtered in 00mn 49s
---\\ Scâner Aditional (088)
Database Version : 13031 - (03/03/2014)
Clés trouvées (Keys found) : 11
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 7
Fichiers trouvés (Files found) : 17
[HKLM\Software\Google\Chrome\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl] =>Adware.SmileyBar^
[HKLM\Software\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh] =>Adware.WebCake^
[HKLM\Software\Google\Chrome\Extensions\oalifdbckgeckmcjidkfgiikhpcdbdah] =>Adware.AddLyrics^
[HKLM\SYSTEM\CurrentControlSet\Services\ViewPassword] =>PUP.ViewPassword^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Save Sense] =>PUP.SaveSense^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SaveSense] =>PUP.SaveSense^
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211671166}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311531182}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211671166}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211671166}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110211671166}] =>PUP.CrossRider
C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl =>Adware.SmileyBar^
C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh =>Adware.WebCake^
C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\Extensions\oalifdbckgeckmcjidkfgiikhpcdbdah =>Adware.AddLyrics^
C:\Program Files (x86)\View-Password-soft =>PUP.ViewPassword^
C:\ProgramData\Baidu Security =>Adware.BDSearch^
C:\Users\Aderlei\AppData\Roaming\Baidu Security =>Adware.BDSearch^
C:\Users\Aderlei\AppData\Roaming\SmileysWeLove =>Adware.SmileyBar^
C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job =>PUP.SaveSense^
C:\Windows\Tasks\View Password Update.job =>PUP.ViewPassword^
C:\Windows\Tasks\View Password_wd.job =>PUP.ViewPassword^
C:\Program Files (x86)\View-Password-soft\View-.exe =>PUP.ViewPassword^
C:\Program Files (x86)\View-Password-soft\ViewPassword_wd.exe =>PUP.ViewPassword^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKCU\Software\Baidu] =>Adware.BDSearch^
[HKCU\Software\ForumerIT] =>Toolbar.Forumer^
[HKLM\Software\Wow6432Node\360Safe] =>Trojan.Trojan.Lozavita^
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\baidu] =>Adware.BDSearch^
C:\ProgramData\FileSplitUpLoad.dll =>Adware.BDSearch^
C:\Windows\Installer\2e4e9f4.msi =>Hijacker.SmartBar^
C:\Users\Aderlei\AppData\Local\Temp\MyBabylonTB.exe =>PUP.SweetIM
C:\Users\Aderlei\AppData\Local\Temp\LollipopInstaller_somoto_14693.exe =>Adware.Lollipop
~ Additionnel Scan: 532492 Items scanned in 01mn 01s
---\\ Sumário das deteções encontradas na sua estação
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.SmileyBar
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.WebCake
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.AddLyrics
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.Searchou
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.Proxy
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.ViewPassword
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SaveSense
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.Forumer
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.Lozavita
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.SmartBar
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.CrossRider
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SweetIM
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.Lollipop
~ MSI: 14 link(s) detected in 01mn 01s
~ 1411 Legitimates filtered by white list
End of the scan (499 lines in 03mn 49s)(0)
~ Iniciado por Aderlei (04/03/2014 17:44:14)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.16518
MFIE: Mozilla Firefox 27.0.1 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
Windows Defender W7
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4009 MB (46% free)
System Restore: Activé (Enable)
System drive C: has 125 GB (70%) free of 178 GB
---\\ Modo de conexão ao sistema
~ Computer Name: NP300E4A-PC
~ User Name: Aderlei
~ All Users Names: UpdatusUser, HomeGroupUser$, Convidado, Administrador, Aderlei,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Aderlei\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Aderlei\AppData\Roaming\
~ %Desktop% : C:\Users\Aderlei\Desktop\
~ %Favorites% : C:\Users\Aderlei\Favorites\
~ %LocalAppData% : C:\Users\Aderlei\AppData\Local\
~ %StartMenu% : C:\Users\Aderlei\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 125 Go of 178 Go)
D: Hard drive, Flash drive, Thumb drive (Free 265 Go of 265 Go)
E: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 46 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 03:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.263B6E451526A90FF8B1CEC759F22956] - (.Microsoft Corporation - Internet Extensions para Win32.) (.06/02/2014 - 06:24:52.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.21/11/2010 - 00:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.27/09/2013 - 22:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.12/04/2013 - 11:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.25/02/2011 - 03:25:38.) -- C:\Windows\system32\Drivers\volsnap.sys [296320]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/34
~ Mes musiques (My Musics) : 1/3
Mes Videos (My Videos) : 2/2 (Modified)
~ Mes Favoris (My Favorites) : 1/12
~ Mes Documents (My Documents) : 2/49
~ Mon Bureau (My Desktop) : 2/383
~ Menu demarrer (Programs) : 1/5
~ Hidden Files: Scanned in 00mn 00s
---\\ Processos lançados
[MD5.7CE015138BA637BDBE1CB0AB9D4955EB] - (.Intel Corporation - Bluetooth Media Player Controller.) -- C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe [839744] [PID.3816]
[MD5.9D4A0ECBF734E2EECDD5B473A2D705FE] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016] [PID.3992]
[MD5.B7A97647B3967F825E4A064179383731] - (...) -- C:\Program Files (x86)\Baixou Agora App\BaixouAgora.exe [2190824] [PID.3088]
[MD5.4944790BD547B165F7E9F76BF3252C5D] - (.CompSoft - DoroServer.) -- C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe [172032] [PID.3480]
[MD5.57DCA6CE6F6DE6DE818654693B339ADC] - (.Samsung Electronics Co., Ltd. - MovieColorEnhancer.exe.) -- C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [784264] [PID.3524]
[MD5.B00F98FF6FE8682FF941BEB2559BF191] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488] [PID.3704]
[MD5.026C4CA19FAE1F84894A99735B15AACA] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859464] [PID.5468]
[MD5.66EA3B698F9A7EA2DBF0E4B246B6C958] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8349696] [PID.10112]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
G2 - GCE: Preference [User Data\Default] [fhokfmhpdoppcompklkineedkmhinhdf] BaseFlash v.1.0, (Activé)
G2 - GCE: Preference [User Data\Default] [fjbbjfdilbioabojmcplalojlmdngbjl] SmileysWeLove | smileys fantástico para qualquer ocasião v.3.0.8.0, (Désactivé) =>Adware.SmileyBar
G2 - GCE: Preference [User Data\Default] [fjoijdanhaiflhibkljeklcghcmmfffh] WebCake v.1.0.3 (Désactivé) =>Adware.WebCake
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [oalifdbckgeckmcjidkfgiikhpcdbdah] Lyrics On v.1.114 (Désactivé) =>Adware.AddLyrics
G2 - GCE: Preference [User Data\Default] [pelmeidfhdlhlbjimpabfcbnnojbboma] Quick Start v.3.1.1, (Désactivé)
G2 - GCE: Preference [User Data\Default] [zzzzzzzzzzzzzzzzoibponkmmpgpmjgl] BaseFlash v.1.0, (Désactivé)
~ Google Browser: 23 Legitimates Filtered in 00mn 13s
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\Aderlei\AppData\Roaming\Mozilla\Firefox\Profiles\6g63usux.default\prefs.js
M0 - MFSP: prefs.js [Aderlei - 6g63usux.default] [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Firefox Browser: 2 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.Searchou
~ IE Browser: 23 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:13828 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects do navegador (02)
O2 - BHO: CompSegIB [64Bits] - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Banco Bradesco S.A. - scpsssh2 Module.) -- C:\Program Files (x86)\Scpad\scpsssh2.dll
O2 - BHO: BaseFlash Ads [64Bits] - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} . (...) -- C:\Users\Aderlei\AppData\Roaming\BaseFlash\IE\BaseFlash.dll
~ BHO: 10 Legitimates Filtered in 00mn 00s
---\\ Barras do Internet Explorer (03))
O3 - Toolbar: Norton Toolbar - [HKLM]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Assistente Pimaco.lnk . (...) -- C:\Pimaco\Pimaco.docm
O4 - GS\Desktop [Public]: Easy Settings.lnk . (.Samsung Electronics Co., Ltd. - Easy Settings.) -- C:\Program Files (x86)\Samsung\Easy Settings\ControlCenter.exe
O4 - GS\Desktop [Public]: Easy Software Manager.lnk . (.Samsung - SoftwareManager.) -- C:\Program Files (x86)\Samsung\Easy Software Manager\SoftwareManager.exe
O4 - GS\Desktop [Public]: Easy Support Center.lnk . (.SAMSUNG Electronics - Easy Support Center.) -- C:\Program Files (x86)\Samsung\Easy Support Center\SSCMain.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Multimedia POP.lnk . (.TODO:
O4 - GS\Desktop [Public]: User Guide.lnk . (.Samsung Electronics - Runmanual.) -- C:\Program Files\Samsung\SamsungManual\RunManual.exe
O4 - GS\Program [Public]: Lista Telefônica Online.lnk . (...) -- C:\Program Files (x86)\BPesq\BPesq.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [Aderlei]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Aderlei]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Aderlei]: chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Aderlei]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar [Aderlei]: Santana.lnk . (...) -- C:\Making\Sistema\Santana.exe
O4 - GS\TaskBar [Aderlei]: Software Launcher.lnk . (.Samsung Electronics CO., LTD. - Software Launcher.) -- C:\Program Files (x86)\Samsung\Software Launcher\Software Launcher.exe
O4 - GS\Desktop [Aderlei]: Arquivos de instalação do Norton.lnk - Chave orfã
O4 - GS\Desktop [Aderlei]: chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Aderlei]: MANUAL DE MONTAGEM MADINE 27-02-2014 - Atalho.lnk . (...) -- C:\Users\Aderlei\Documents\MANUAL DE MONTAGEM MADINE 27-02-2014.rar
O4 - GS\Desktop [Aderlei]: Play Games.lnk . (.WildTangent, Inc. - GameConsole.) -- C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsole-wt.exe
O4 - GS\Desktop [Aderlei]: Santana.lnk . (...) -- C:\Making\Sistema\Santana.exe
~ Global Startup: 68 Legitimates Filtered in 00mn 01s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [BTMTrayAgent] . (.Intel Corporation - Bluetooth Shell Extension.) -- C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [Baixou Agora] . (...) -- C:\Program Files (x86)\Baixou Agora App\BaixouAgora.exe
O4 - HKLM\..\Wow6432Node\Run: [DoroServer] . (.CompSoft - DoroServer.) -- C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe
O4 - HKLM\..\Wow6432Node\Run: [fst_br_82] Chave orfã
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{64A83DD5-6103-4B06-B8EC-14657DED3F73}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{64A83DD5-6103-4B06-B8EC-14657DED3F73}: DhcpDomain = homestation
O17 - HKLM\System\CS1\Services\Tcpip\..\{64A83DD5-6103-4B06-B8EC-14657DED3F73}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{64A83DD5-6103-4B06-B8EC-14657DED3F73}: DhcpDomain = homestation
O17 - HKLM\System\CS2\Services\Tcpip\..\{64A83DD5-6103-4B06-B8EC-14657DED3F73}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{64A83DD5-6103-4B06-B8EC-14657DED3F73}: DhcpDomain = homestation
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA Compatible NVIDIA shim initializatio.) - C:\windows\system32\nvinitx.dll
~ AppInit DLL: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) . (.FirebirdSQL Project - Firebird SQL Server.) - C:\Program Files (x86)\Firebird\Firebird_2_0\bin\fbguard.exe
O23 - Service: SamsungDeviceConfiguration (SamsungDeviceConfigurationWinService) . (...) - C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
O23 - Service: scpVista (scpVista) . (.Banco Bradesco S.A. - scpVista.) - C:\Program Files (x86)\Scpad\scpVista.exe
O23 - Service: Protect your browser's extensions (srvProtectExtension) . (.No owner - ProtectExts.) - C:\Users\Aderlei\AppData\Roaming\ProtectExtension\protect\ProtectExtension.exe
O23 - Service: View Password (ViewPassword) . (...) - C:\Program Files (x86)\View-Password-soft\ViewPassword155.exe =>PUP.ViewPassword
~ Services: 18 Legitimates Filtered in 00mn 06s
---\\ Tarefas planificadas automaticamente (039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\f3ven-chromeinstaller.job [3072]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HDVideo-chromeinstaller.job [3080]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job [934] =>PUP.SaveSense
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\View Password Update.job [412] =>PUP.ViewPassword
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\View Password_wd.job [416] =>PUP.ViewPassword
[MD5.E88291D6CB7AD093FE1B406FAD1A46DE] [APT] [View Password Update] (...) -- C:\Program Files (x86)\View-Password-soft\View-.exe [248320] =>PUP.ViewPassword
[MD5.C48D3E40239AA459DE81F749484932F5] [APT] [View Password_wd] (...) -- C:\Program Files (x86)\View-Password-soft\ViewPassword_wd.exe [93184] =>PUP.ViewPassword
[MD5.00000000000000000000000000000000] [APT] [{04415692-BC48-49A8-94F6-45CB8951AC87}] (...) -- C:\Program Files (x86)\HDVideo\Uninstall.exe (.not file.) [0]
~ Scheduled Task: 17 Legitimates Filtered in 00mn 02s
---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (badriver) . (.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) - C:\Windows\System32\drivers\badriver.sys
O41 - Driver: (Bfilter) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\windows\system32\drivers\Bfilter.sys =>Adware.BDSearch
O41 - Driver: (Bfmon) . (.Baidu, Inc. - Baidu FS Monitor Driver.) - C:\windows\system32\drivers\Bfmon.sys =>Adware.BDSearch
O41 - Driver: (Bprotect) . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - C:\windows\system32\drivers\Bprotect.sys =>Adware.BDSearch
~ Drivers: 100 Legitimates Filtered in 00mn 00s
---\\ Software instalados (042)
O42 - Logiciel: Save Sense (remove only) - (.SaveSense.) [HKCU][64Bits] -- Save Sense =>PUP.SaveSense
O42 - Logiciel: SaveSense - (.SaveSense.) [HKCU][64Bits] -- SaveSense =>PUP.SaveSense
~ Logic: 5 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\Baidu] =>Adware.BDSearch
[HKCU\Software\Baixou Agora]
[HKCU\Software\Filseclab]
[HKCU\Software\ForumerIT] =>Toolbar.Forumer
[HKCU\Software\Industriya]
[HKLM\Software\Wow6432Node\360Safe] =>Trojan.Trojan.Lozavita
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\BaseFlash]
[HKLM\Software\Wow6432Node\Filseclab]
[HKLM\Software\Wow6432Node\HDVideo]
[HKLM\Software\Wow6432Node\Industriya]
[HKLM\Software\Wow6432Node\ProtectExtension]
[HKLM\Software\Wow6432Node\baidu] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\f3ven]
~ Key Software: 159 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 04/03/2014 - 15:26:55 - [4,976] ----D C:\Program Files (x86)\Baixou Agora App
O43 - CFD: 03/05/2013 - 10:36:55 - [2,642] ----D C:\Program Files (x86)\BPesq
O43 - CFD: 09/02/2014 - 15:22:00 - [1,511] ----D C:\Program Files (x86)\Scpad
O43 - CFD: 04/03/2014 - 17:23:14 - [1,123] ----D C:\Program Files (x86)\View-Password-soft =>PUP.ViewPassword
O43 - CFD: 04/03/2014 - 14:00:39 - [0] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 26/06/2013 - 18:39:55 - [2,822] ----D C:\Users\Aderlei\AppData\Roaming\Baidu Security =>Adware.BDSearch
O43 - CFD: 04/03/2014 - 15:29:27 - [0,164] ----D C:\Users\Aderlei\AppData\Roaming\BaseFlash
O43 - CFD: 04/03/2014 - 14:43:51 - [1,442] ----D C:\Users\Aderlei\AppData\Roaming\ProtectExtension
O43 - CFD: 09/02/2014 - 15:22:34 - [0,013] ----D C:\Users\Aderlei\AppData\Roaming\SmileysWeLove =>Adware.SmileyBar
~ 15 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 152 Legitimates Filtered in 00mn 40s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 04/03/2014 - 14:47:51 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032] =>Adware.BDSearch
O44 - LFC:[MD5.DFC1681F6645CB2AEA83897588F05362] - 04/03/2014 - 14:47:51 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624] =>Adware.BDSearch
O44 - LFC:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 04/03/2014 - 14:47:52 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992] =>Adware.BDSearch
O44 - LFC:[MD5.9AA597B3B8286301E4AD347F42477A86] - 04/03/2014 - 17:37:58 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [147864]
O44 - LFC:[MD5.AC942B3F4E9B38EC17D013D55181E37C] - 04/03/2014 - 17:37:58 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [706024]
O44 - LFC:[MD5.1F6195F7F0B2AD16F19CA7472F330273] - 19/02/2014 - 17:57:50 ---A- . (.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\badriver.sys [44520]
~ Files: 13 Legitimates Filtered in 00mn 02s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.F338F29E06D24AC1C162131C1C908FB5] - 19/06/2013 - 19:51:44 R--A- . (.360.cn - 360HipsOEM.) -- C:\Windows\System32\Drivers\360FltOEM.sys [288688]
O58 - SDL:[MD5.449D90F1FB6402773C2F1ECCEAE15F74] - 04/12/2011 - 21:22:58 ---A- . (.Windows (R) Win 7 DDK provider - Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual A.) -- C:\Windows\System32\Drivers\AmpPal.sys [195584]
O58 - SDL:[MD5.1F6195F7F0B2AD16F19CA7472F330273] - 19/02/2014 - 17:57:50 ---A- . (.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\badriver.sys [44520]
O58 - SDL:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 21/01/2014 - 11:14:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032] =>Adware.BDSearch
O58 - SDL:[MD5.DFC1681F6645CB2AEA83897588F05362] - 21/01/2014 - 11:14:50 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624] =>Adware.BDSearch
O58 - SDL:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992] =>Adware.BDSearch
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 16 Legitimates Filtered in 00mn 27s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 19/02/2014 - C:\Windows\System32\drivers\badriver.sys (badriver) .(.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) - LEGACY_BADRIVER
O64 - Services: CurCS - 01/01/1601 - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys (BdApiUtil) .(...) - LEGACY_BDAPIUTIL =>Adware.BDSearch
O64 - Services: CurCS - 01/01/1601 - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys (BdCameraProtect) .(...) - LEGACY_BDCAMERAPROTECT =>Adware.BDSearch
O64 - Services: CurCS - 21/01/2014 - C:\windows\system32\drivers\Bfilter.sys (Bfilter) .(.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - LEGACY_BFILTER =>Adware.BDSearch
O64 - Services: CurCS - 21/01/2014 - C:\windows\system32\drivers\Bfmon.sys (Bfmon) .(.Baidu, Inc. - Baidu FS Monitor Driver.) - LEGACY_BFMON =>Adware.BDSearch
O64 - Services: CurCS - 21/01/2014 - C:\windows\system32\drivers\Bprotect.sys (Bprotect) .(.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - LEGACY_BPROTECT =>Adware.BDSearch
O64 - Services: CurCS - 01/01/1601 - C:\windows\system32\drivers\BprotectEx.sys (BprotectEx) .(...) - LEGACY_BPROTECTEX
O64 - Services: CurCS - 07/02/2014 - C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\IPSDefs\20140303.001\IDSvia64.sys (IDSVia64) .(.Symantec Corporation - IDS Core Driver.) - LEGACY_IDSVIA64
O64 - Services: CurCS - 01/01/1601 - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys (PCFApiUtil) .(...) - LEGACY_PCFAPIUTIL =>Adware.BDSearch
~ Legacy: 98 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] d6ec5a97-dbd0-46b3-9c44-5b0e1240c6be - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.8DDB84FB5FD7958654F23ECE6EA14D0F] [SPRF][15/01/2014] (.Baidu, Inc. - Baidu Antivirus FileSplitUpLoad Library.) -- C:\ProgramData\FileSplitUpLoad.dll [167784] =>Adware.BDSearch
~ Files: 1 Legitimates Filtered in 00mn 00s
---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "092BFC7DE001B504E8793801482880CB" . (.Lista Telefônica Online.) -- C:\windows\Installer\{D7CFB290-100E-405B-8E97-8310848208BC}\ARPPRODUCTICON.exe
O90 - PUC: "A6F040E19CD6FCD418C9CFEF27B00679" . (.Assistente Pimaco.) -- C:\windows\Installer\{1E040F6A-6DC9-4DCF-819C-FCFE720B6097}\Pimaco_2.exe
~ Update Products: 463 Legitimates Filtered in 00mn 00s
---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.E6E4A12D596AD8934FDD2DE83EAEE537] [WIS][24/08/2013] (.Pimaco - Assistente Pimaco.) -- C:\Windows\Installer\24716b.msi [273920]
[MD5.FF8E7FB9DD07B0159B4567BF074C52AE] [WIS][15/09/2013] (.ReSoft Ltd. - Snap.Do.) -- C:\Windows\Installer\2e4e9f4.msi [9207808] =>Hijacker.SmartBar
~ WIS: 465 Legitimates Filtered in 00mn 49s
---\\ Scâner Aditional (088)
Database Version : 13031 - (03/03/2014)
Clés trouvées (Keys found) : 11
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 7
Fichiers trouvés (Files found) : 17
[HKLM\Software\Google\Chrome\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl] =>Adware.SmileyBar^
[HKLM\Software\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh] =>Adware.WebCake^
[HKLM\Software\Google\Chrome\Extensions\oalifdbckgeckmcjidkfgiikhpcdbdah] =>Adware.AddLyrics^
[HKLM\SYSTEM\CurrentControlSet\Services\ViewPassword] =>PUP.ViewPassword^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Save Sense] =>PUP.SaveSense^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SaveSense] =>PUP.SaveSense^
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211671166}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311531182}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211671166}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211671166}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110211671166}] =>PUP.CrossRider
C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl =>Adware.SmileyBar^
C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh =>Adware.WebCake^
C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\Extensions\oalifdbckgeckmcjidkfgiikhpcdbdah =>Adware.AddLyrics^
C:\Program Files (x86)\View-Password-soft =>PUP.ViewPassword^
C:\ProgramData\Baidu Security =>Adware.BDSearch^
C:\Users\Aderlei\AppData\Roaming\Baidu Security =>Adware.BDSearch^
C:\Users\Aderlei\AppData\Roaming\SmileysWeLove =>Adware.SmileyBar^
C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job =>PUP.SaveSense^
C:\Windows\Tasks\View Password Update.job =>PUP.ViewPassword^
C:\Windows\Tasks\View Password_wd.job =>PUP.ViewPassword^
C:\Program Files (x86)\View-Password-soft\View-.exe =>PUP.ViewPassword^
C:\Program Files (x86)\View-Password-soft\ViewPassword_wd.exe =>PUP.ViewPassword^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKCU\Software\Baidu] =>Adware.BDSearch^
[HKCU\Software\ForumerIT] =>Toolbar.Forumer^
[HKLM\Software\Wow6432Node\360Safe] =>Trojan.Trojan.Lozavita^
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\baidu] =>Adware.BDSearch^
C:\ProgramData\FileSplitUpLoad.dll =>Adware.BDSearch^
C:\Windows\Installer\2e4e9f4.msi =>Hijacker.SmartBar^
C:\Users\Aderlei\AppData\Local\Temp\MyBabylonTB.exe =>PUP.SweetIM
C:\Users\Aderlei\AppData\Local\Temp\LollipopInstaller_somoto_14693.exe =>Adware.Lollipop
~ Additionnel Scan: 532492 Items scanned in 01mn 01s
---\\ Sumário das deteções encontradas na sua estação
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.SmileyBar
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.WebCake
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.AddLyrics
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.Searchou
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.Proxy
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.ViewPassword
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SaveSense
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.Forumer
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.Lozavita
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.SmartBar
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.CrossRider
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SweetIM
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.Lollipop
~ MSI: 14 link(s) detected in 01mn 01s
~ 1411 Legitimates filtered by white list
End of the scan (499 lines in 03mn 49s)(0)
Aderlei Santana- Iniciante
- Mensagens : 17
Reputação : 0
Data de inscrição : 04/03/2014
Re: Não consigo remover o ads by View-Password do meu notebook
por Power Max Ter 04 Mar 2014, 19:21
Olá Aderlei.
Siga, por gentileza, as dicas do tutorial abaixo:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste, por gentileza, o log do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt
Ficamos na espera.
Última edição por Power Max em Dom 23 Mar 2014, 22:18, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Não consigo remover o ads by View-Password do meu notebook
por Aderlei Santana Ter 04 Mar 2014, 19:32
# AdwCleaner v3.020 - Relatório criado 04/03/2014 às 17:29:01
# Atualizado 27/02/2014 por Xplode
# Sistema Operacional : Windows 7 Home Premium Service Pack 1 (64 bits)
# Usuário : Aderlei - NP300E4A-PC
# Executando de : C:\Users\Aderlei\Downloads\adwcleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
Serviço Deletada : IePluginService
[#] Serviço Deletada : savesenselive
[#] Serviço Deletada : savesenselivem
Serviço Deletada : Wpm
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\Babylon
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\DealPlyLive
Pasta Deletada : C:\ProgramData\IePluginService
Pasta Deletada : C:\ProgramData\SaveSenseLive
Pasta Deletada : C:\ProgramData\Tarma Installer
Pasta Deletada : C:\ProgramData\WPM
Pasta Deletada : C:\Program Files (x86)\DealPly
Pasta Deletada : C:\Program Files (x86)\DealPlyLive
Pasta Deletada : C:\Program Files (x86)\Industriya
Pasta Deletada : C:\Program Files (x86)\predm
Pasta Deletada : C:\Program Files (x86)\SaveSenseLive
Pasta Deletada : C:\Program Files (x86)\SupTab
Pasta Deletada : C:\Program Files (x86)\hosts
Pasta Deletada : C:\Users\Aderlei\AppData\Local\DealPlyLive
Pasta Deletada : C:\Users\Aderlei\AppData\Local\Discount Buddy
Pasta Deletada : C:\Users\Aderlei\AppData\Local\lollipop
Pasta Deletada : C:\Users\Aderlei\AppData\Local\SaveSense
Pasta Deletada : C:\Users\Aderlei\AppData\Local\SaveSenseLive
Pasta Deletada : C:\Users\Aderlei\AppData\Local\Smartbar
Pasta Deletada : C:\Users\Aderlei\AppData\Local\Temp\AirInstaller
Pasta Deletada : C:\Users\Aderlei\AppData\Local\Temp\Smartbar
Pasta Deletada : C:\Users\Aderlei\AppData\LocalLow\Industriya
Pasta Deletada : C:\Users\Aderlei\AppData\LocalLow\Smartbar
Pasta Deletada : C:\Users\Aderlei\AppData\Roaming\awesomehp
Pasta Deletada : C:\Users\Aderlei\AppData\Roaming\Babylon
Pasta Deletada : C:\Users\Aderlei\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Aderlei\AppData\Roaming\DealPly
Pasta Deletada : C:\Users\Aderlei\AppData\Roaming\DSite
Pasta Deletada : C:\Users\Aderlei\AppData\Roaming\eCyber
Pasta Deletada : C:\Users\Aderlei\AppData\Roaming\Industriya
Pasta Deletada : C:\Users\Aderlei\AppData\Roaming\iSafe
Pasta Deletada : C:\Users\Aderlei\AppData\Roaming\OpenCandy
Pasta Deletada : C:\Users\Aderlei\AppData\Roaming\SaveSense
Pasta Deletada : C:\Users\Aderlei\AppData\Roaming\SupTab
Pasta Deletada : C:\Users\Aderlei\Documents\Optimizer Pro
Arquivo Deletada : C:\Users\Aderlei\Desktop\Search.lnk
Arquivo Deletada : C:\Users\Aderlei\AppData\Roaming\Mozilla\Firefox\Profiles\6g63usux.default\user.js
Arquivo Deletada : C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Arquivo Deletada : C:\windows\Tasks\SaveSense.job
Arquivo Deletada : C:\windows\System32\Tasks\SaveSense
Arquivo Deletada : C:\windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
Arquivo Deletada : C:\windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineCore
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\dealplylive.exe
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickCtrl.9
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLive.Update3WebControl.3
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.coreclass
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachine
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclasssvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\escort.escortIEPane
Chave Deletedo : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.bho
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Chave Deletedo : HKLM\SOFTWARE\Classes\privitize.privitizeHlpr
Chave Deletedo : HKLM\SOFTWARE\Classes\privitize.privitizeHlpr.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=3
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=9
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0051684.BHO
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0051684.BHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0051684.Sandbox
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0051684.Sandbox.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0052800.BHO
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0052800.BHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0052800.Sandbox
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0052800.Sandbox.1
Chave Deletedo : HKCU\Software\82d8d9b23bb941
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3A4DBD3A-98CC-41CE-AD21-352D42B6F754}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{73C1CE1A-2075-4350-A7B4-EBA78BA45FA8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B25AEDC4-8086-41E3-8349-328223FA9FCB}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C536F080-57B7-46D6-8894-C647553F2889}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511161184}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511281100}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522162284}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522282200}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555165584}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555285500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566166684}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566286600}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544164484}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544284400}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73C1CE1A-2075-4350-A7B4-EBA78BA45FA8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511161184}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511281100}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{73C1CE1A-2075-4350-A7B4-EBA78BA45FA8}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{73C1CE1A-2075-4350-A7B4-EBA78BA45FA8}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1f265c0f-b457-431c-b860-178ae338792f}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35c60f99-ae77-4499-a9ce-90b8ac96ac65}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66195f65-c2cc-432c-babc-19fb4d5480e4}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f01086c0-e8dc-4079-b146-52755d5b5634}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5e5d7ae-983a-4685-bb91-e780660a2f7e}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511161184}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511281100}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522162284}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522282200}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555165584}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555285500}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566166684}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566286600}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511161184}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511281100}
Valor Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\BI
Chave Deletedo : HKCU\Software\DataMngr
[#] Chave Deletedo : HKCU\Software\DataMngr_Toolbar
Chave Deletedo : HKCU\Software\DealPly
Chave Deletedo : HKCU\Software\DealPlyLive
Chave Deletedo : HKCU\Software\dsiteproducts
Chave Deletedo : HKCU\Software\Iminent
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\installedbrowserextensions
Chave Deletedo : HKCU\Software\lollipop
Chave Deletedo : HKCU\Software\SaveSenseLive
Chave Deletedo : HKCU\Software\SmartBar
Chave Deletedo : HKCU\Software\smartbarbackup
Chave Deletedo : HKCU\Software\smartbarlog
Chave Deletedo : HKCU\Software\SmileysWeLove
Chave Deletedo : HKCU\Software\TutoTag
Chave Deletedo : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Deletedo : HKCU\Software\AppDataLow\Software\Crossrider
Chave Deletedo : HKCU\Software\AppDataLow\Software\hosts
Chave Deletedo : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Chave Deletedo : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Chave Deletedo : HKLM\Software\Babylon
Chave Deletedo : HKLM\Software\caphyon
Chave Deletedo : HKLM\Software\DataMngr
Chave Deletedo : HKLM\Software\DealPly
Chave Deletedo : HKLM\Software\DealPlyLive
Chave Deletedo : HKLM\Software\Discount Buddy
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKLM\Software\SaveSenseLive
Chave Deletedo : HKLM\Software\supTab
Chave Deletedo : HKLM\Software\supWPM
Chave Deletedo : HKLM\Software\Tutorials
Chave Deletedo : HKLM\Software\Wpm
Chave Deletedo : HKLM\Software\hosts
Chave Deletedo : [x64] HKLM\SOFTWARE\Tarma Installer
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.16518
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v27.0.1 (pt-BR)
[ Arquivo : C:\Users\Aderlei\AppData\Roaming\Mozilla\Firefox\Profiles\6g63usux.default\prefs.js ]
Linha deletada : user_pref("extensions.crossrider.bic", "1448e2b343acfad76fd78a21f5ee371a");
-\\ Google Chrome v33.0.1750.146
[ Arquivo : C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [33122 octets] - [04/03/2014 17:27:51]
AdwCleaner[S0].txt - [29758 octets] - [04/03/2014 17:29:01]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [29819 octets] ##########
# Atualizado 27/02/2014 por Xplode
# Sistema Operacional : Windows 7 Home Premium Service Pack 1 (64 bits)
# Usuário : Aderlei - NP300E4A-PC
# Executando de : C:\Users\Aderlei\Downloads\adwcleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
Serviço Deletada : IePluginService
[#] Serviço Deletada : savesenselive
[#] Serviço Deletada : savesenselivem
Serviço Deletada : Wpm
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\Babylon
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\DealPlyLive
Pasta Deletada : C:\ProgramData\IePluginService
Pasta Deletada : C:\ProgramData\SaveSenseLive
Pasta Deletada : C:\ProgramData\Tarma Installer
Pasta Deletada : C:\ProgramData\WPM
Pasta Deletada : C:\Program Files (x86)\DealPly
Pasta Deletada : C:\Program Files (x86)\DealPlyLive
Pasta Deletada : C:\Program Files (x86)\Industriya
Pasta Deletada : C:\Program Files (x86)\predm
Pasta Deletada : C:\Program Files (x86)\SaveSenseLive
Pasta Deletada : C:\Program Files (x86)\SupTab
Pasta Deletada : C:\Program Files (x86)\hosts
Pasta Deletada : C:\Users\Aderlei\AppData\Local\DealPlyLive
Pasta Deletada : C:\Users\Aderlei\AppData\Local\Discount Buddy
Pasta Deletada : C:\Users\Aderlei\AppData\Local\lollipop
Pasta Deletada : C:\Users\Aderlei\AppData\Local\SaveSense
Pasta Deletada : C:\Users\Aderlei\AppData\Local\SaveSenseLive
Pasta Deletada : C:\Users\Aderlei\AppData\Local\Smartbar
Pasta Deletada : C:\Users\Aderlei\AppData\Local\Temp\AirInstaller
Pasta Deletada : C:\Users\Aderlei\AppData\Local\Temp\Smartbar
Pasta Deletada : C:\Users\Aderlei\AppData\LocalLow\Industriya
Pasta Deletada : C:\Users\Aderlei\AppData\LocalLow\Smartbar
Pasta Deletada : C:\Users\Aderlei\AppData\Roaming\awesomehp
Pasta Deletada : C:\Users\Aderlei\AppData\Roaming\Babylon
Pasta Deletada : C:\Users\Aderlei\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Aderlei\AppData\Roaming\DealPly
Pasta Deletada : C:\Users\Aderlei\AppData\Roaming\DSite
Pasta Deletada : C:\Users\Aderlei\AppData\Roaming\eCyber
Pasta Deletada : C:\Users\Aderlei\AppData\Roaming\Industriya
Pasta Deletada : C:\Users\Aderlei\AppData\Roaming\iSafe
Pasta Deletada : C:\Users\Aderlei\AppData\Roaming\OpenCandy
Pasta Deletada : C:\Users\Aderlei\AppData\Roaming\SaveSense
Pasta Deletada : C:\Users\Aderlei\AppData\Roaming\SupTab
Pasta Deletada : C:\Users\Aderlei\Documents\Optimizer Pro
Arquivo Deletada : C:\Users\Aderlei\Desktop\Search.lnk
Arquivo Deletada : C:\Users\Aderlei\AppData\Roaming\Mozilla\Firefox\Profiles\6g63usux.default\user.js
Arquivo Deletada : C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Arquivo Deletada : C:\windows\Tasks\SaveSense.job
Arquivo Deletada : C:\windows\System32\Tasks\SaveSense
Arquivo Deletada : C:\windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
Arquivo Deletada : C:\windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineCore
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\dealplylive.exe
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickCtrl.9
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLive.Update3WebControl.3
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.coreclass
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachine
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclasssvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\escort.escortIEPane
Chave Deletedo : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.bho
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Chave Deletedo : HKLM\SOFTWARE\Classes\privitize.privitizeHlpr
Chave Deletedo : HKLM\SOFTWARE\Classes\privitize.privitizeHlpr.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=3
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=9
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0051684.BHO
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0051684.BHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0051684.Sandbox
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0051684.Sandbox.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0052800.BHO
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0052800.BHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0052800.Sandbox
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0052800.Sandbox.1
Chave Deletedo : HKCU\Software\82d8d9b23bb941
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3A4DBD3A-98CC-41CE-AD21-352D42B6F754}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{73C1CE1A-2075-4350-A7B4-EBA78BA45FA8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B25AEDC4-8086-41E3-8349-328223FA9FCB}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C536F080-57B7-46D6-8894-C647553F2889}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511161184}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511281100}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522162284}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522282200}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555165584}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555285500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566166684}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566286600}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544164484}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544284400}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73C1CE1A-2075-4350-A7B4-EBA78BA45FA8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511161184}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511281100}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{73C1CE1A-2075-4350-A7B4-EBA78BA45FA8}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{73C1CE1A-2075-4350-A7B4-EBA78BA45FA8}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1f265c0f-b457-431c-b860-178ae338792f}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35c60f99-ae77-4499-a9ce-90b8ac96ac65}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66195f65-c2cc-432c-babc-19fb4d5480e4}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f01086c0-e8dc-4079-b146-52755d5b5634}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5e5d7ae-983a-4685-bb91-e780660a2f7e}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511161184}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511281100}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522162284}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522282200}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555165584}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555285500}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566166684}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566286600}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511161184}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511281100}
Valor Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\BI
Chave Deletedo : HKCU\Software\DataMngr
[#] Chave Deletedo : HKCU\Software\DataMngr_Toolbar
Chave Deletedo : HKCU\Software\DealPly
Chave Deletedo : HKCU\Software\DealPlyLive
Chave Deletedo : HKCU\Software\dsiteproducts
Chave Deletedo : HKCU\Software\Iminent
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\installedbrowserextensions
Chave Deletedo : HKCU\Software\lollipop
Chave Deletedo : HKCU\Software\SaveSenseLive
Chave Deletedo : HKCU\Software\SmartBar
Chave Deletedo : HKCU\Software\smartbarbackup
Chave Deletedo : HKCU\Software\smartbarlog
Chave Deletedo : HKCU\Software\SmileysWeLove
Chave Deletedo : HKCU\Software\TutoTag
Chave Deletedo : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Deletedo : HKCU\Software\AppDataLow\Software\Crossrider
Chave Deletedo : HKCU\Software\AppDataLow\Software\hosts
Chave Deletedo : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Chave Deletedo : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Chave Deletedo : HKLM\Software\Babylon
Chave Deletedo : HKLM\Software\caphyon
Chave Deletedo : HKLM\Software\DataMngr
Chave Deletedo : HKLM\Software\DealPly
Chave Deletedo : HKLM\Software\DealPlyLive
Chave Deletedo : HKLM\Software\Discount Buddy
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKLM\Software\SaveSenseLive
Chave Deletedo : HKLM\Software\supTab
Chave Deletedo : HKLM\Software\supWPM
Chave Deletedo : HKLM\Software\Tutorials
Chave Deletedo : HKLM\Software\Wpm
Chave Deletedo : HKLM\Software\hosts
Chave Deletedo : [x64] HKLM\SOFTWARE\Tarma Installer
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.16518
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v27.0.1 (pt-BR)
[ Arquivo : C:\Users\Aderlei\AppData\Roaming\Mozilla\Firefox\Profiles\6g63usux.default\prefs.js ]
Linha deletada : user_pref("extensions.crossrider.bic", "1448e2b343acfad76fd78a21f5ee371a");
-\\ Google Chrome v33.0.1750.146
[ Arquivo : C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [33122 octets] - [04/03/2014 17:27:51]
AdwCleaner[S0].txt - [29758 octets] - [04/03/2014 17:29:01]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [29819 octets] ##########
Aderlei Santana- Iniciante
- Mensagens : 17
Reputação : 0
Data de inscrição : 04/03/2014
Re: Não consigo remover o ads by View-Password do meu notebook
por Power Max Ter 04 Mar 2014, 19:34
Siga, por gentileza, as dicas deste tutorial para fazer uma limpeza de seu PC com o Malwarebytes:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Na sua próxima resposta poste este log do Malwarebytes.
Ficamos no aguardo.
Última edição por Power Max em Dom 23 Mar 2014, 22:19, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Demorou mas consegui ahsahsahsahsahsahsah
por Aderlei Santana Ter 04 Mar 2014, 23:03
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Versão da Base de Dados: v2014.03.04.11
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Aderlei :: NP300E4A-PC [limitado]
Proteção: Permitir
04/03/2014 21:52:45
MBAM-log-2014-03-04 (22-58-52).txt
Tipo de Verificação: Verificação Completa (C:\|D:\|E:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 408527
Tempo decorrido: 1 hora(s), 5 minuto(s), 7 segundo(s)
Processos de Memória Detectados: 2
C:\Program Files (x86)\melondrea\updatemelondrea.exe (PUP.Optional.Melondrea.A) -> 1320 -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\bin\utilmelondrea.exe (PUP.Optional.Melondrea.A) -> 7088 -> Nenhuma ação foi feita.
Módulos de Memória Detectados: 1
C:\Program Files (x86)\melondrea\bin\melondrea.BrowserFilter.Helper.dll (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
Chaves de Registro Detectadas: 49
HKLM\SYSTEM\CurrentControlSet\Services\Update melondrea (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
HKLM\SYSTEM\CurrentControlSet\Services\Util melondrea (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
HKCR\AppID\{90A52F08-64AC-4DC6-9D7D-4516670275D3} (Trojan.Downloader) -> Nenhuma ação foi feita.
HKCR\CLSID\{C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} (Trojan.Downloader) -> Nenhuma ação foi feita.
HKCR\TypeLib\{90A52F08-64AC-4DC6-9D7D-4516670275D3} (Trojan.Downloader) -> Nenhuma ação foi feita.
HKCR\Interface\{6C51F7E9-8542-4F25-A30F-2060157752E1} (Trojan.Downloader) -> Nenhuma ação foi feita.
HKCR\BaseFlash.1 (Trojan.Downloader) -> Nenhuma ação foi feita.
HKCR\BaseFlash (Trojan.Downloader) -> Nenhuma ação foi feita.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} (Trojan.Downloader) -> Nenhuma ação foi feita.
HKCR\AppID\{A2D3FB7A-6873-45E8-AF96-57092D721828} (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828} (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassSvc (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\CLSID\{16f059cb-3d3f-4ecc-b426-bafa47233676} (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
HKCR\TypeLib\{4ab7647f-75b6-4486-9584-efee06afee68} (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
HKCR\Interface\{AE20B22F-60C1-4753-ABAE-459C85D3E303} (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{16F059CB-3D3F-4ECC-B426-BAFA47233676} (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLive.OneClickCtrl.9 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLive.OneClickProcessLauncherMachine (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLive.OneClickProcessLauncherMachine.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLive.Update3WebControl.3 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CoCreateAsync (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CoCreateAsync.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CoreClass (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CoreClass.1 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CoreMachineClass (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CoreMachineClass.1 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CredentialDialogMachine (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CredentialDialogMachine.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassMachine (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassMachine.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.ProcessLauncher (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.ProcessLauncher.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3COMClassService (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3COMClassService.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3WebMachine (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3WebMachine.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3WebMachineFallback (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3WebMachineFallback.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3WebSvc (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3WebSvc.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\AppID\SaveSenseLive.exe (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCU\SOFTWARE\SaveSense (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCU\Software\melondrea (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
HKLM\Software\awesomehpSoftware (PUP.Optional.Awesomehp.A) -> Nenhuma ação foi feita.
HKLM\Software\melondrea (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
Valores de Registro Detectadas: 1
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer (PUM.Bad.Proxy) -> Data: http=127.0.0.1:13828 -> Nenhuma ação foi feita.
Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
Pastas Detectadas: 3
C:\Program Files (x86)\melondrea (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\bin (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\bin\plugins (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
Arquivos Detectados: 124
C:\Program Files (x86)\melondrea\updatemelondrea.exe (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\bin\utilmelondrea.exe (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Roaming\BaseFlash\IE\BaseFlash.dll (Trojan.Downloader) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveBroker.exe.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveOnDemand.exe.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_am.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ar.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_bg.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_bn.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ca.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_cs.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_da.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_de.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_el.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_en-GB.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_en.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_es-419.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_es.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_et.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fa.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fi.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fil.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fr.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_gu.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_hi.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_hr.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_hu.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_id.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_is.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_it.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_iw.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ja.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_kn.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ko.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_lt.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_lv.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ml.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_mr.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ms.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_nl.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_no.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_pl.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_pt-BR.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_pt-PT.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ro.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ru.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sk.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sl.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sr.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sv.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sw.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ta.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_te.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_th.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_tr.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_uk.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ur.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_vi.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_zh-CN.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_zh-TW.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\psmachine.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\psuser.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts\hosts-buttonutil64.exe.vir (PUP.Optional.Hosts.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts\Uninstall.exe.vir (PUP.Optional.Hosts.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe.vir (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdate.dll.vir (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll.vir (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\psmachine.dll.vir (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\psuser.dll.vir (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLive.exe.vir (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveBroker.exe.vir (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveHandler.exe.vir (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveOnDemand.exe.vir (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe.vir (PUP.Optional.IePluginService.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir (PUP.Optional.SupTab.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\ProgramData\IePluginService\PluginService.exe.vir (PUP.Optional.IePluginService.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\ProgramData\WPM\wprotectmanager.exe.vir (PUP.Optional.WpManager) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Users\Aderlei\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe.vir (PUP.Optional.SmartBar.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Users\Aderlei\AppData\Roaming\OpenCandy\FA5E835243D1429FA1379FF23D3B0845\LatestDLMgr.exe.vir (PUP.Optional.OpenCandy.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Users\Aderlei\AppData\Roaming\OpenCandy\FFDB180D62B84B35AA37759B3034B04C\LatestDLMgr.exe.vir (PUP.Optional.OpenCandy.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Users\Aderlei\AppData\Roaming\SupTab\SupTab.dll.vir (PUP.Optional.SupTab.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000000 (PUP.Optional.DomaIQ) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\File System\004\t\00\00000000 (PUP.Optional.DomaIQ) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\airDA56.exe (PUP.Optional.SkyTech.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\ICReinstall_any-video-converter-506-baixaki-32-bits (1).exe (PUP.Optional.InstallCore) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\ICReinstall_any-video-converter-506-baixaki-32-bits.exe (PUP.Optional.InstallCore) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\ICReinstall_assistente-pimaco.exe (PUP.Optional.Freemium.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\ICReinstall_formatfactory-311-baixaki-32-bits-5ec5bc0fbc134785483100f08027dad9.exe (PUP.Optional.InstallCore) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\LollipopInstaller_somoto_14693.exe (Adware.Lollipop) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\MyBabylonTB.exe (PUP.Optional.Babylon.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\ProtectbaseflashSetup.exe (Trojan.Agent) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\2BC51908-BAB0-7891-B6E4-E3BCBC947976\Setup.exe (PUP.Optional.Babylon.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\2BC51908-BAB0-7891-B6E4-E3BCBC947976\Latest\CrxInstaller.dum (PUP.Optional.Babylon.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\2BC51908-BAB0-7891-B6E4-E3BCBC947976\Latest\MyBabylonTB.exe (PUP.Optional.BabylonToolBar.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\2BC51908-BAB0-7891-B6E4-E3BCBC947976\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\fullpackage_temp1393951988\package1.zip (PUP.Optional.SkyTech.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\fullpackage_temp1393951988\QQBrowserFrame.dll (PUP.Optional.SkyTech.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\fullpackage_temp1393951988\tmp\SupTab.exe (PUP.Optional.SupTab.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\fullpackage_temp1393951988\tmp\wpm.exe (PUP.Optional.WpManager) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\is1373634743\IminentSetup.exe (PUP.Optional.Iminent.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\is701137889\dp.exe (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\is701137889\Setup-D502DD2B71B5.exe (PUP.Optional.WebCake.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\nsx5196.tmp\OCSetupHlp.dll (PUP.Optional.OpenCandy) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\nsx5196.tmp\setup_cr.exe (PUP.Optional.Bundler) -> Nenhuma ação foi feita.
C:\Windows\Installer\2e4e9f4.msi (PUP.Optional.SmartBar.A) -> Nenhuma ação foi feita.
D:\SamsungRecovery\SamsungData\DataBackup#(2012-12-11.141840)\C Drive\Users\Aderlei\Downloads\flvplayer_v2.exe (PUP.Optional.Installcore) -> Nenhuma ação foi feita.
D:\SamsungRecovery\SamsungData\DataBackup#(2012-12-11.141840)\C Drive\Users\Aderlei\Downloads\não confirmado 404398.crdownload (PUP.Optional.Installcore) -> Nenhuma ação foi feita.
D:\SamsungRecovery\SamsungData\DataBackup#(2012-12-11.141840)\C Drive\Users\Aderlei\Downloads\não confirmado 846358.crdownload (PUP.Optional.Installcore) -> Nenhuma ação foi feita.
D:\SamsungRecovery\SamsungData\DataBackup#(2012-12-11.141840)\C Drive\Users\Aderlei\Downloads\não confirmado 849231.crdownload (PUP.Optional.Installcore) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\melondrea.ico (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\0 (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\7za.exe (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\melondreaUninstall.exe (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\updatemelondrea.InstallState (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\bin\melondrea.BrowserFilter.Helper.dll (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\bin\melondreaBrowserFilter.exe (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\bin\sqlite3.dll (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\bin\utilmelondrea.InstallState (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\bin\plugins\melondrea.BrowserFilterG.dll (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\bin\plugins\melondrea.FFUpdate.dll (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\bin\plugins\melondrea.IEUpdate.dll (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx (PUP.Optional.NewTab.A) -> Nenhuma ação foi feita.
C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job (PUP.Optional.SaveSense) -> Nenhuma ação foi feita.
(fim)
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Versão da Base de Dados: v2014.03.04.11
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Aderlei :: NP300E4A-PC [limitado]
Proteção: Permitir
04/03/2014 21:52:45
MBAM-log-2014-03-04 (22-58-52).txt
Tipo de Verificação: Verificação Completa (C:\|D:\|E:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 408527
Tempo decorrido: 1 hora(s), 5 minuto(s), 7 segundo(s)
Processos de Memória Detectados: 2
C:\Program Files (x86)\melondrea\updatemelondrea.exe (PUP.Optional.Melondrea.A) -> 1320 -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\bin\utilmelondrea.exe (PUP.Optional.Melondrea.A) -> 7088 -> Nenhuma ação foi feita.
Módulos de Memória Detectados: 1
C:\Program Files (x86)\melondrea\bin\melondrea.BrowserFilter.Helper.dll (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
Chaves de Registro Detectadas: 49
HKLM\SYSTEM\CurrentControlSet\Services\Update melondrea (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
HKLM\SYSTEM\CurrentControlSet\Services\Util melondrea (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
HKCR\AppID\{90A52F08-64AC-4DC6-9D7D-4516670275D3} (Trojan.Downloader) -> Nenhuma ação foi feita.
HKCR\CLSID\{C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} (Trojan.Downloader) -> Nenhuma ação foi feita.
HKCR\TypeLib\{90A52F08-64AC-4DC6-9D7D-4516670275D3} (Trojan.Downloader) -> Nenhuma ação foi feita.
HKCR\Interface\{6C51F7E9-8542-4F25-A30F-2060157752E1} (Trojan.Downloader) -> Nenhuma ação foi feita.
HKCR\BaseFlash.1 (Trojan.Downloader) -> Nenhuma ação foi feita.
HKCR\BaseFlash (Trojan.Downloader) -> Nenhuma ação foi feita.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} (Trojan.Downloader) -> Nenhuma ação foi feita.
HKCR\AppID\{A2D3FB7A-6873-45E8-AF96-57092D721828} (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828} (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassSvc (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\CLSID\{16f059cb-3d3f-4ecc-b426-bafa47233676} (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
HKCR\TypeLib\{4ab7647f-75b6-4486-9584-efee06afee68} (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
HKCR\Interface\{AE20B22F-60C1-4753-ABAE-459C85D3E303} (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{16F059CB-3D3F-4ECC-B426-BAFA47233676} (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLive.OneClickCtrl.9 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLive.OneClickProcessLauncherMachine (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLive.OneClickProcessLauncherMachine.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLive.Update3WebControl.3 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CoCreateAsync (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CoCreateAsync.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CoreClass (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CoreClass.1 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CoreMachineClass (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CoreMachineClass.1 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CredentialDialogMachine (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.CredentialDialogMachine.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassMachine (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassMachine.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.ProcessLauncher (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.ProcessLauncher.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3COMClassService (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3COMClassService.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3WebMachine (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3WebMachine.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3WebMachineFallback (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3WebMachineFallback.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3WebSvc (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\SaveSenseLiveUpdate.Update3WebSvc.1.0 (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCR\AppID\SaveSenseLive.exe (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCU\SOFTWARE\SaveSense (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
HKCU\Software\melondrea (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
HKLM\Software\awesomehpSoftware (PUP.Optional.Awesomehp.A) -> Nenhuma ação foi feita.
HKLM\Software\melondrea (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
Valores de Registro Detectadas: 1
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer (PUM.Bad.Proxy) -> Data: http=127.0.0.1:13828 -> Nenhuma ação foi feita.
Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
Pastas Detectadas: 3
C:\Program Files (x86)\melondrea (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\bin (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\bin\plugins (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
Arquivos Detectados: 124
C:\Program Files (x86)\melondrea\updatemelondrea.exe (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\bin\utilmelondrea.exe (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Roaming\BaseFlash\IE\BaseFlash.dll (Trojan.Downloader) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveBroker.exe.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveOnDemand.exe.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_am.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ar.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_bg.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_bn.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ca.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_cs.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_da.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_de.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_el.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_en-GB.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_en.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_es-419.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_es.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_et.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fa.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fi.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fil.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fr.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_gu.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_hi.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_hr.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_hu.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_id.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_is.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_it.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_iw.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ja.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_kn.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ko.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_lt.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_lv.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ml.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_mr.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ms.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_nl.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_no.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_pl.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_pt-BR.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_pt-PT.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ro.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ru.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sk.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sl.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sr.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sv.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sw.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ta.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_te.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_th.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_tr.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_uk.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ur.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_vi.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_zh-CN.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_zh-TW.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\psmachine.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\psuser.dll.vir (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts\hosts-buttonutil64.exe.vir (PUP.Optional.Hosts.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts\Uninstall.exe.vir (PUP.Optional.Hosts.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe.vir (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdate.dll.vir (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll.vir (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\psmachine.dll.vir (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\psuser.dll.vir (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLive.exe.vir (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveBroker.exe.vir (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveHandler.exe.vir (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveOnDemand.exe.vir (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe.vir (PUP.Optional.IePluginService.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir (PUP.Optional.SupTab.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\ProgramData\IePluginService\PluginService.exe.vir (PUP.Optional.IePluginService.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\ProgramData\WPM\wprotectmanager.exe.vir (PUP.Optional.WpManager) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Users\Aderlei\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe.vir (PUP.Optional.SmartBar.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Users\Aderlei\AppData\Roaming\OpenCandy\FA5E835243D1429FA1379FF23D3B0845\LatestDLMgr.exe.vir (PUP.Optional.OpenCandy.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Users\Aderlei\AppData\Roaming\OpenCandy\FFDB180D62B84B35AA37759B3034B04C\LatestDLMgr.exe.vir (PUP.Optional.OpenCandy.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Users\Aderlei\AppData\Roaming\SupTab\SupTab.dll.vir (PUP.Optional.SupTab.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000000 (PUP.Optional.DomaIQ) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\File System\004\t\00\00000000 (PUP.Optional.DomaIQ) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\airDA56.exe (PUP.Optional.SkyTech.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\ICReinstall_any-video-converter-506-baixaki-32-bits (1).exe (PUP.Optional.InstallCore) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\ICReinstall_any-video-converter-506-baixaki-32-bits.exe (PUP.Optional.InstallCore) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\ICReinstall_assistente-pimaco.exe (PUP.Optional.Freemium.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\ICReinstall_formatfactory-311-baixaki-32-bits-5ec5bc0fbc134785483100f08027dad9.exe (PUP.Optional.InstallCore) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\LollipopInstaller_somoto_14693.exe (Adware.Lollipop) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\MyBabylonTB.exe (PUP.Optional.Babylon.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\ProtectbaseflashSetup.exe (Trojan.Agent) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\2BC51908-BAB0-7891-B6E4-E3BCBC947976\Setup.exe (PUP.Optional.Babylon.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\2BC51908-BAB0-7891-B6E4-E3BCBC947976\Latest\CrxInstaller.dum (PUP.Optional.Babylon.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\2BC51908-BAB0-7891-B6E4-E3BCBC947976\Latest\MyBabylonTB.exe (PUP.Optional.BabylonToolBar.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\2BC51908-BAB0-7891-B6E4-E3BCBC947976\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\fullpackage_temp1393951988\package1.zip (PUP.Optional.SkyTech.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\fullpackage_temp1393951988\QQBrowserFrame.dll (PUP.Optional.SkyTech.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\fullpackage_temp1393951988\tmp\SupTab.exe (PUP.Optional.SupTab.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\fullpackage_temp1393951988\tmp\wpm.exe (PUP.Optional.WpManager) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\is1373634743\IminentSetup.exe (PUP.Optional.Iminent.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\is701137889\dp.exe (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\is701137889\Setup-D502DD2B71B5.exe (PUP.Optional.WebCake.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\nsx5196.tmp\OCSetupHlp.dll (PUP.Optional.OpenCandy) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Temp\nsx5196.tmp\setup_cr.exe (PUP.Optional.Bundler) -> Nenhuma ação foi feita.
C:\Windows\Installer\2e4e9f4.msi (PUP.Optional.SmartBar.A) -> Nenhuma ação foi feita.
D:\SamsungRecovery\SamsungData\DataBackup#(2012-12-11.141840)\C Drive\Users\Aderlei\Downloads\flvplayer_v2.exe (PUP.Optional.Installcore) -> Nenhuma ação foi feita.
D:\SamsungRecovery\SamsungData\DataBackup#(2012-12-11.141840)\C Drive\Users\Aderlei\Downloads\não confirmado 404398.crdownload (PUP.Optional.Installcore) -> Nenhuma ação foi feita.
D:\SamsungRecovery\SamsungData\DataBackup#(2012-12-11.141840)\C Drive\Users\Aderlei\Downloads\não confirmado 846358.crdownload (PUP.Optional.Installcore) -> Nenhuma ação foi feita.
D:\SamsungRecovery\SamsungData\DataBackup#(2012-12-11.141840)\C Drive\Users\Aderlei\Downloads\não confirmado 849231.crdownload (PUP.Optional.Installcore) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\melondrea.ico (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\0 (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\7za.exe (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\melondreaUninstall.exe (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\updatemelondrea.InstallState (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\bin\melondrea.BrowserFilter.Helper.dll (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\bin\melondreaBrowserFilter.exe (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\bin\sqlite3.dll (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\bin\utilmelondrea.InstallState (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\bin\plugins\melondrea.BrowserFilterG.dll (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\bin\plugins\melondrea.FFUpdate.dll (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Program Files (x86)\melondrea\bin\plugins\melondrea.IEUpdate.dll (PUP.Optional.Melondrea.A) -> Nenhuma ação foi feita.
C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx (PUP.Optional.NewTab.A) -> Nenhuma ação foi feita.
C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job (PUP.Optional.SaveSense) -> Nenhuma ação foi feita.
(fim)
Aderlei Santana- Iniciante
- Mensagens : 17
Reputação : 0
Data de inscrição : 04/03/2014
Re: Não consigo remover o ads by View-Password do meu notebook
por Power Max Ter 04 Mar 2014, 23:04
Está constando que nenhuma ação foi feita. Selecione todos os problemas que o Malwarebytes encontrou e clique em Remover Selecionados. Depois disto poste o novo relatório que ele irá criar aqui em seu tópico.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Não consigo remover o ads by View-Password do meu notebook
por Aderlei Santana Ter 04 Mar 2014, 23:23
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Versão da Base de Dados: v2014.03.04.11
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Aderlei :: NP300E4A-PC [limitado]
Proteção: Permitir
04/03/2014 21:52:45
mbam-log-2014-03-04 (21-52-45).txt
Tipo de Verificação: Verificação Completa (C:\|D:\|E:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 408527
Tempo decorrido: 1 hora(s), 5 minuto(s), 7 segundo(s)
Processos de Memória Detectados: 2
C:\Program Files (x86)\melondrea\updatemelondrea.exe (PUP.Optional.Melondrea.A) -> 1320 -> Será deletado na próxima inicialização.
C:\Program Files (x86)\melondrea\bin\utilmelondrea.exe (PUP.Optional.Melondrea.A) -> 7088 -> Será deletado na próxima inicialização.
Módulos de Memória Detectados: 1
C:\Program Files (x86)\melondrea\bin\melondrea.BrowserFilter.Helper.dll (PUP.Optional.Melondrea.A) -> Será deletado na próxima inicialização.
Chaves de Registro Detectadas: 49
HKLM\SYSTEM\CurrentControlSet\Services\Update melondrea (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SYSTEM\CurrentControlSet\Services\Util melondrea (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\AppID\{90A52F08-64AC-4DC6-9D7D-4516670275D3} (Trojan.Downloader) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\CLSID\{C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} (Trojan.Downloader) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\TypeLib\{90A52F08-64AC-4DC6-9D7D-4516670275D3} (Trojan.Downloader) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\Interface\{6C51F7E9-8542-4F25-A30F-2060157752E1} (Trojan.Downloader) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\BaseFlash.1 (Trojan.Downloader) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\BaseFlash (Trojan.Downloader) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} (Trojan.Downloader) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\AppID\{A2D3FB7A-6873-45E8-AF96-57092D721828} (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828} (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassSvc (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\CLSID\{16f059cb-3d3f-4ecc-b426-bafa47233676} (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\TypeLib\{4ab7647f-75b6-4486-9584-efee06afee68} (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\Interface\{AE20B22F-60C1-4753-ABAE-459C85D3E303} (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{16F059CB-3D3F-4ECC-B426-BAFA47233676} (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLive.OneClickCtrl.9 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLive.OneClickProcessLauncherMachine (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLive.OneClickProcessLauncherMachine.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLive.Update3WebControl.3 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.CoCreateAsync (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.CoCreateAsync.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.CoreClass (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.CoreClass.1 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.CoreMachineClass (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.CoreMachineClass.1 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.CredentialDialogMachine (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.CredentialDialogMachine.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassMachine (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassMachine.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.ProcessLauncher (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.ProcessLauncher.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.Update3COMClassService (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.Update3COMClassService.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.Update3WebMachine (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.Update3WebMachine.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.Update3WebMachineFallback (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.Update3WebMachineFallback.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.Update3WebSvc (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.Update3WebSvc.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\AppID\SaveSenseLive.exe (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\SaveSense (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\Software\melondrea (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\Software\awesomehpSoftware (PUP.Optional.Awesomehp.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\Software\melondrea (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
Valores de Registro Detectadas: 1
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer (PUM.Bad.Proxy) -> Data: http=127.0.0.1:13828 -> Enviado para a Quarentena e deletado com sucesso.
Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
Pastas Detectadas: 3
C:\Program Files (x86)\melondrea (PUP.Optional.Melondrea.A) -> Será deletado na próxima inicialização.
C:\Program Files (x86)\melondrea\bin (PUP.Optional.Melondrea.A) -> Será deletado na próxima inicialização.
C:\Program Files (x86)\melondrea\bin\plugins (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
Arquivos Detectados: 124
C:\Program Files (x86)\melondrea\updatemelondrea.exe (PUP.Optional.Melondrea.A) -> Será deletado na próxima inicialização.
C:\Program Files (x86)\melondrea\bin\utilmelondrea.exe (PUP.Optional.Melondrea.A) -> Será deletado na próxima inicialização.
C:\Users\Aderlei\AppData\Roaming\BaseFlash\IE\BaseFlash.dll (Trojan.Downloader) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveBroker.exe.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveOnDemand.exe.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_am.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ar.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_bg.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_bn.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ca.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_cs.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_da.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_de.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_el.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_en-GB.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_en.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_es-419.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_es.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_et.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fa.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fi.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fil.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fr.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_gu.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_hi.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_hr.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_hu.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_id.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_is.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_it.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_iw.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ja.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_kn.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ko.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_lt.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_lv.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ml.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_mr.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ms.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_nl.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_no.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_pl.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_pt-BR.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_pt-PT.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ro.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ru.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sk.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sl.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sr.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sv.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sw.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ta.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_te.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_th.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_tr.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_uk.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ur.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_vi.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_zh-CN.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_zh-TW.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\psmachine.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\psuser.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts\hosts-buttonutil64.exe.vir (PUP.Optional.Hosts.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts\Uninstall.exe.vir (PUP.Optional.Hosts.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe.vir (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdate.dll.vir (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll.vir (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\psmachine.dll.vir (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\psuser.dll.vir (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLive.exe.vir (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveBroker.exe.vir (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveHandler.exe.vir (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveOnDemand.exe.vir (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe.vir (PUP.Optional.IePluginService.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir (PUP.Optional.SupTab.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\ProgramData\IePluginService\PluginService.exe.vir (PUP.Optional.IePluginService.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\ProgramData\WPM\wprotectmanager.exe.vir (PUP.Optional.WpManager) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Aderlei\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe.vir (PUP.Optional.SmartBar.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Aderlei\AppData\Roaming\OpenCandy\FA5E835243D1429FA1379FF23D3B0845\LatestDLMgr.exe.vir (PUP.Optional.OpenCandy.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Aderlei\AppData\Roaming\OpenCandy\FFDB180D62B84B35AA37759B3034B04C\LatestDLMgr.exe.vir (PUP.Optional.OpenCandy.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Aderlei\AppData\Roaming\SupTab\SupTab.dll.vir (PUP.Optional.SupTab.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000000 (PUP.Optional.DomaIQ) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\File System\004\t\00\00000000 (PUP.Optional.DomaIQ) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\airDA56.exe (PUP.Optional.SkyTech.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\ICReinstall_any-video-converter-506-baixaki-32-bits (1).exe (PUP.Optional.InstallCore) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\ICReinstall_any-video-converter-506-baixaki-32-bits.exe (PUP.Optional.InstallCore) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\ICReinstall_assistente-pimaco.exe (PUP.Optional.Freemium.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\ICReinstall_formatfactory-311-baixaki-32-bits-5ec5bc0fbc134785483100f08027dad9.exe (PUP.Optional.InstallCore) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\LollipopInstaller_somoto_14693.exe (Adware.Lollipop) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\MyBabylonTB.exe (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\ProtectbaseflashSetup.exe (Trojan.Agent) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\2BC51908-BAB0-7891-B6E4-E3BCBC947976\Setup.exe (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\2BC51908-BAB0-7891-B6E4-E3BCBC947976\Latest\CrxInstaller.dum (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\2BC51908-BAB0-7891-B6E4-E3BCBC947976\Latest\MyBabylonTB.exe (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\2BC51908-BAB0-7891-B6E4-E3BCBC947976\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\fullpackage_temp1393951988\package1.zip (PUP.Optional.SkyTech.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\fullpackage_temp1393951988\QQBrowserFrame.dll (PUP.Optional.SkyTech.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\fullpackage_temp1393951988\tmp\SupTab.exe (PUP.Optional.SupTab.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\fullpackage_temp1393951988\tmp\wpm.exe (PUP.Optional.WpManager) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\is1373634743\IminentSetup.exe (PUP.Optional.Iminent.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\is701137889\dp.exe (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\is701137889\Setup-D502DD2B71B5.exe (PUP.Optional.WebCake.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\nsx5196.tmp\OCSetupHlp.dll (PUP.Optional.OpenCandy) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\nsx5196.tmp\setup_cr.exe (PUP.Optional.Bundler) -> Enviado para a Quarentena e deletado com sucesso.
C:\Windows\Installer\2e4e9f4.msi (PUP.Optional.SmartBar.A) -> Enviado para a Quarentena e deletado com sucesso.
D:\SamsungRecovery\SamsungData\DataBackup#(2012-12-11.141840)\C Drive\Users\Aderlei\Downloads\flvplayer_v2.exe (PUP.Optional.Installcore) -> Enviado para a Quarentena e deletado com sucesso.
D:\SamsungRecovery\SamsungData\DataBackup#(2012-12-11.141840)\C Drive\Users\Aderlei\Downloads\não confirmado 404398.crdownload (PUP.Optional.Installcore) -> Enviado para a Quarentena e deletado com sucesso.
D:\SamsungRecovery\SamsungData\DataBackup#(2012-12-11.141840)\C Drive\Users\Aderlei\Downloads\não confirmado 846358.crdownload (PUP.Optional.Installcore) -> Enviado para a Quarentena e deletado com sucesso.
D:\SamsungRecovery\SamsungData\DataBackup#(2012-12-11.141840)\C Drive\Users\Aderlei\Downloads\não confirmado 849231.crdownload (PUP.Optional.Installcore) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\melondrea\melondrea.ico (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\melondrea\0 (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\melondrea\7za.exe (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\melondrea\melondreaUninstall.exe (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\melondrea\updatemelondrea.InstallState (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\melondrea\bin\melondrea.BrowserFilter.Helper.dll (PUP.Optional.Melondrea.A) -> Será deletado na próxima inicialização.
C:\Program Files (x86)\melondrea\bin\melondreaBrowserFilter.exe (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\melondrea\bin\sqlite3.dll (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\melondrea\bin\utilmelondrea.InstallState (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\melondrea\bin\plugins\melondrea.BrowserFilterG.dll (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\melondrea\bin\plugins\melondrea.FFUpdate.dll (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\melondrea\bin\plugins\melondrea.IEUpdate.dll (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx (PUP.Optional.NewTab.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job (PUP.Optional.SaveSense) -> Enviado para a Quarentena e deletado com sucesso.
(fim)
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Versão da Base de Dados: v2014.03.04.11
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Aderlei :: NP300E4A-PC [limitado]
Proteção: Permitir
04/03/2014 21:52:45
mbam-log-2014-03-04 (21-52-45).txt
Tipo de Verificação: Verificação Completa (C:\|D:\|E:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 408527
Tempo decorrido: 1 hora(s), 5 minuto(s), 7 segundo(s)
Processos de Memória Detectados: 2
C:\Program Files (x86)\melondrea\updatemelondrea.exe (PUP.Optional.Melondrea.A) -> 1320 -> Será deletado na próxima inicialização.
C:\Program Files (x86)\melondrea\bin\utilmelondrea.exe (PUP.Optional.Melondrea.A) -> 7088 -> Será deletado na próxima inicialização.
Módulos de Memória Detectados: 1
C:\Program Files (x86)\melondrea\bin\melondrea.BrowserFilter.Helper.dll (PUP.Optional.Melondrea.A) -> Será deletado na próxima inicialização.
Chaves de Registro Detectadas: 49
HKLM\SYSTEM\CurrentControlSet\Services\Update melondrea (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SYSTEM\CurrentControlSet\Services\Util melondrea (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\AppID\{90A52F08-64AC-4DC6-9D7D-4516670275D3} (Trojan.Downloader) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\CLSID\{C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} (Trojan.Downloader) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\TypeLib\{90A52F08-64AC-4DC6-9D7D-4516670275D3} (Trojan.Downloader) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\Interface\{6C51F7E9-8542-4F25-A30F-2060157752E1} (Trojan.Downloader) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\BaseFlash.1 (Trojan.Downloader) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\BaseFlash (Trojan.Downloader) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} (Trojan.Downloader) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\AppID\{A2D3FB7A-6873-45E8-AF96-57092D721828} (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828} (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassSvc (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\CLSID\{16f059cb-3d3f-4ecc-b426-bafa47233676} (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\TypeLib\{4ab7647f-75b6-4486-9584-efee06afee68} (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\Interface\{AE20B22F-60C1-4753-ABAE-459C85D3E303} (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{16F059CB-3D3F-4ECC-B426-BAFA47233676} (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLive.OneClickCtrl.9 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLive.OneClickProcessLauncherMachine (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLive.OneClickProcessLauncherMachine.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLive.Update3WebControl.3 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.CoCreateAsync (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.CoCreateAsync.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.CoreClass (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.CoreClass.1 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.CoreMachineClass (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.CoreMachineClass.1 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.CredentialDialogMachine (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.CredentialDialogMachine.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassMachine (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassMachine.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.ProcessLauncher (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.ProcessLauncher.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.Update3COMClassService (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.Update3COMClassService.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.Update3WebMachine (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.Update3WebMachine.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.Update3WebMachineFallback (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.Update3WebMachineFallback.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.Update3WebSvc (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.Update3WebSvc.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\AppID\SaveSenseLive.exe (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\SaveSense (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\Software\melondrea (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\Software\awesomehpSoftware (PUP.Optional.Awesomehp.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\Software\melondrea (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
Valores de Registro Detectadas: 1
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer (PUM.Bad.Proxy) -> Data: http=127.0.0.1:13828 -> Enviado para a Quarentena e deletado com sucesso.
Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
Pastas Detectadas: 3
C:\Program Files (x86)\melondrea (PUP.Optional.Melondrea.A) -> Será deletado na próxima inicialização.
C:\Program Files (x86)\melondrea\bin (PUP.Optional.Melondrea.A) -> Será deletado na próxima inicialização.
C:\Program Files (x86)\melondrea\bin\plugins (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
Arquivos Detectados: 124
C:\Program Files (x86)\melondrea\updatemelondrea.exe (PUP.Optional.Melondrea.A) -> Será deletado na próxima inicialização.
C:\Program Files (x86)\melondrea\bin\utilmelondrea.exe (PUP.Optional.Melondrea.A) -> Será deletado na próxima inicialização.
C:\Users\Aderlei\AppData\Roaming\BaseFlash\IE\BaseFlash.dll (Trojan.Downloader) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveBroker.exe.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveOnDemand.exe.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_am.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ar.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_bg.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_bn.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ca.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_cs.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_da.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_de.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_el.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_en-GB.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_en.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_es-419.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_es.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_et.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fa.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fi.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fil.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fr.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_gu.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_hi.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_hr.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_hu.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_id.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_is.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_it.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_iw.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ja.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_kn.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ko.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_lt.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_lv.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ml.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_mr.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ms.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_nl.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_no.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_pl.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_pt-BR.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_pt-PT.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ro.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ru.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sk.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sl.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sr.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sv.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sw.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ta.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_te.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_th.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_tr.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_uk.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ur.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_vi.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_zh-CN.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_zh-TW.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\psmachine.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\psuser.dll.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts\hosts-buttonutil64.exe.vir (PUP.Optional.Hosts.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts\Uninstall.exe.vir (PUP.Optional.Hosts.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe.vir (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdate.dll.vir (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll.vir (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\psmachine.dll.vir (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\psuser.dll.vir (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLive.exe.vir (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveBroker.exe.vir (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveHandler.exe.vir (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveOnDemand.exe.vir (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe.vir (PUP.Optional.IePluginService.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir (PUP.Optional.SupTab.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\ProgramData\IePluginService\PluginService.exe.vir (PUP.Optional.IePluginService.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\ProgramData\WPM\wprotectmanager.exe.vir (PUP.Optional.WpManager) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Aderlei\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe.vir (PUP.Optional.SmartBar.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Aderlei\AppData\Roaming\OpenCandy\FA5E835243D1429FA1379FF23D3B0845\LatestDLMgr.exe.vir (PUP.Optional.OpenCandy.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Aderlei\AppData\Roaming\OpenCandy\FFDB180D62B84B35AA37759B3034B04C\LatestDLMgr.exe.vir (PUP.Optional.OpenCandy.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Aderlei\AppData\Roaming\SupTab\SupTab.dll.vir (PUP.Optional.SupTab.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000000 (PUP.Optional.DomaIQ) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\File System\004\t\00\00000000 (PUP.Optional.DomaIQ) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\airDA56.exe (PUP.Optional.SkyTech.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\ICReinstall_any-video-converter-506-baixaki-32-bits (1).exe (PUP.Optional.InstallCore) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\ICReinstall_any-video-converter-506-baixaki-32-bits.exe (PUP.Optional.InstallCore) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\ICReinstall_assistente-pimaco.exe (PUP.Optional.Freemium.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\ICReinstall_formatfactory-311-baixaki-32-bits-5ec5bc0fbc134785483100f08027dad9.exe (PUP.Optional.InstallCore) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\LollipopInstaller_somoto_14693.exe (Adware.Lollipop) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\MyBabylonTB.exe (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\ProtectbaseflashSetup.exe (Trojan.Agent) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\2BC51908-BAB0-7891-B6E4-E3BCBC947976\Setup.exe (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\2BC51908-BAB0-7891-B6E4-E3BCBC947976\Latest\CrxInstaller.dum (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\2BC51908-BAB0-7891-B6E4-E3BCBC947976\Latest\MyBabylonTB.exe (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\2BC51908-BAB0-7891-B6E4-E3BCBC947976\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\fullpackage_temp1393951988\package1.zip (PUP.Optional.SkyTech.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\fullpackage_temp1393951988\QQBrowserFrame.dll (PUP.Optional.SkyTech.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\fullpackage_temp1393951988\tmp\SupTab.exe (PUP.Optional.SupTab.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\fullpackage_temp1393951988\tmp\wpm.exe (PUP.Optional.WpManager) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\is1373634743\IminentSetup.exe (PUP.Optional.Iminent.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\is701137889\dp.exe (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\is701137889\Setup-D502DD2B71B5.exe (PUP.Optional.WebCake.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\nsx5196.tmp\OCSetupHlp.dll (PUP.Optional.OpenCandy) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Temp\nsx5196.tmp\setup_cr.exe (PUP.Optional.Bundler) -> Enviado para a Quarentena e deletado com sucesso.
C:\Windows\Installer\2e4e9f4.msi (PUP.Optional.SmartBar.A) -> Enviado para a Quarentena e deletado com sucesso.
D:\SamsungRecovery\SamsungData\DataBackup#(2012-12-11.141840)\C Drive\Users\Aderlei\Downloads\flvplayer_v2.exe (PUP.Optional.Installcore) -> Enviado para a Quarentena e deletado com sucesso.
D:\SamsungRecovery\SamsungData\DataBackup#(2012-12-11.141840)\C Drive\Users\Aderlei\Downloads\não confirmado 404398.crdownload (PUP.Optional.Installcore) -> Enviado para a Quarentena e deletado com sucesso.
D:\SamsungRecovery\SamsungData\DataBackup#(2012-12-11.141840)\C Drive\Users\Aderlei\Downloads\não confirmado 846358.crdownload (PUP.Optional.Installcore) -> Enviado para a Quarentena e deletado com sucesso.
D:\SamsungRecovery\SamsungData\DataBackup#(2012-12-11.141840)\C Drive\Users\Aderlei\Downloads\não confirmado 849231.crdownload (PUP.Optional.Installcore) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\melondrea\melondrea.ico (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\melondrea\0 (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\melondrea\7za.exe (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\melondrea\melondreaUninstall.exe (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\melondrea\updatemelondrea.InstallState (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\melondrea\bin\melondrea.BrowserFilter.Helper.dll (PUP.Optional.Melondrea.A) -> Será deletado na próxima inicialização.
C:\Program Files (x86)\melondrea\bin\melondreaBrowserFilter.exe (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\melondrea\bin\sqlite3.dll (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\melondrea\bin\utilmelondrea.InstallState (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\melondrea\bin\plugins\melondrea.BrowserFilterG.dll (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\melondrea\bin\plugins\melondrea.FFUpdate.dll (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\melondrea\bin\plugins\melondrea.IEUpdate.dll (PUP.Optional.Melondrea.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx (PUP.Optional.NewTab.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job (PUP.Optional.SaveSense) -> Enviado para a Quarentena e deletado com sucesso.
(fim)
Aderlei Santana- Iniciante
- Mensagens : 17
Reputação : 0
Data de inscrição : 04/03/2014
Re: Não consigo remover o ads by View-Password do meu notebook
por Power Max Ter 04 Mar 2014, 23:58
Desative temporariamente seu antivírus para evitar conflitos.Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Dom 23 Mar 2014, 22:20, editado 2 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Não consigo remover o ads by View-Password do meu notebook
por Aderlei Santana Qua 05 Mar 2014, 11:09
Fiz a leitura, reiniciei o computador... Porém nd consta em C:\zoek-results.txt
Aderlei Santana- Iniciante
- Mensagens : 17
Reputação : 0
Data de inscrição : 04/03/2014
Re: Não consigo remover o ads by View-Password do meu notebook
por Power Max Qua 05 Mar 2014, 11:10
Siga, por gentileza, as dicas do tutorial abaixo:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste, por gentileza, o log do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt
Ficamos na espera.
Última edição por Power Max em Dom 23 Mar 2014, 22:20, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Não consigo remover o ads by View-Password do meu notebook
por Aderlei Santana Qua 05 Mar 2014, 11:27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by Aderlei on 05/03/2014 at 11:14:29,43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-580441236-439076865-2119370448-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211671166}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211671166}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311531182}
~~~ Files
~~~ Folders
~~~ FireFox
Successfully deleted: [File] C:\Users\Aderlei\AppData\Roaming\mozilla\firefox\profiles\6g63usux.default\user.js
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05/03/2014 at 11:22:59,12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by Aderlei on 05/03/2014 at 11:14:29,43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-580441236-439076865-2119370448-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211671166}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211671166}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311531182}
~~~ Files
~~~ Folders
~~~ FireFox
Successfully deleted: [File] C:\Users\Aderlei\AppData\Roaming\mozilla\firefox\profiles\6g63usux.default\user.js
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05/03/2014 at 11:22:59,12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Aderlei Santana- Iniciante
- Mensagens : 17
Reputação : 0
Data de inscrição : 04/03/2014
Encontrei o ultimo relatório ZOEK
por Aderlei Santana Qua 05 Mar 2014, 12:07
Zoek.exe v5.0.0.0 Updated 02-March-2014
Tool run by Aderlei on 05/03/2014 at 10:34:16,41.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Aderlei\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
05/03/2014 10:35:14 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Aderlei\AppData\Roaming\Mozilla\Firefox\Profiles\6g63usux.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.baixaki.com.br/portal/?utm_source=sol&utm_medium=ppi&utm_campaign=portal");
user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
user_pref("browser.search.defaultenginename", "Web");
user_pref("browser.search.selectedEngine", "Web");
user_pref("keyword.URL", "http://br.yhs4.search.yahoo.com/yhs/search");
Added to C:\Users\Aderlei\AppData\Roaming\Mozilla\Firefox\Profiles\6g63usux.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\Aderlei\AppData\Roaming\Mozilla\Firefox\Profiles\6g63usux.default
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 3);
---- FireFox user.js and prefs.js backups ----
user_032014_1050_.backup
prefs_032014_1050_.backup
==== Deleting Files \ Folders ======================
C:\Users\Aderlei\AppData\Roaming\SmileysWeLove deleted
C:\Users\Aderlei\AppData\Roaming\Baidu deleted
C:\PROGRA~3\FileSplitUpLoad.dll deleted
C:\PROGRA~3\baidu deleted
C:\Users\Aderlei\AppData\Local\nsn5097.tmp deleted
C:\Users\Aderlei\AppData\Local\cache deleted
C:\windows\Syswow64\InstallUtil.InstallLog deleted
C:\windows\SysWow64\searchplugins deleted
C:\windows\SysWow64\Extensions deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"BaseFlash@B1a2s3e4F5l6a7s8h9.es"="C:\Users\Aderlei\AppData\Roaming\BaseFlash\Firefox" [05/03/2014 07:44]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{0b5db34d-5c3d-4d15-a340-3754566390d9}"="C:\Program Files (x86)\View-Password-soft\155.xpi" [04/03/2014 14:41]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Aderlei\AppData\Roaming\Mozilla\Firefox\Profiles\6g63usux.default
- BaseFlash - C:\Users\Aderlei\AppData\Roaming\BaseFlash\Firefox
- melondrea - %ProfilePath%\extensions\{c047df5e-0fda-4055-b5db-a96a8a34a094}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\Aderlei\AppData\Roaming\Mozilla\Firefox\Profiles\6g63usux.default
D775FA6F1E88B3B99E69E8A0D6C3A819 - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll - Shockwave Flash
2C82D753EF779945977C82A3908DA20A - C:\windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.90.5
15E298B5EC5B89C5994A59863969D9FF - C:\windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System
==== Deleted Firefox Extensions ======================
C:\Users\Aderlei\AppData\Roaming\Mozilla\Firefox\Profiles\6g63usux.default\extensions\{c047df5e-0fda-4055-b5db-a96a8a34a094}.xpi deleted
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dhfcbmlocifngpbjdpgnkbjmgkadkjpp - C:\Program Files (x86)\Industriya\privitize\1.8.21.6\privitize.crx[]
fhokfmhpdoppcompklkineedkmhinhdf - C:\Users\Aderlei\AppData\Roaming\BaseFlash\Chrome\BaseFlash.crx[05/03/2014 06:56]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[03/01/2014 01:32]
pelmeidfhdlhlbjimpabfcbnnojbboma - C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx[]
Google Drive - Aderlei\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Aderlei\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Aderlei\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Aderlei\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Aderlei\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.baixaki.com.br/portal/?utm_source=sol&utm_medium=ppi&utm_campaign=portal"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://searchou.com/?id=c46067e0000000000000b80305b2f0c1&affilt=5"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://searchou.com/?id=c46067e0000000000000b80305b2f0c1&affilt=5"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com"
"SearchAssistant"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.baixaki.com.br/portal/?utm_source=sol&utm_medium=ppi&utm_campaign=portal"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-580441236-439076865-2119370448-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1C46A0DD-D53E-46C4-A435-CA11103E255E} deleted successfully
HKEY_USERS\S-1-5-21-580441236-439076865-2119370448-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1C46A0DD-D53E-46C4-A435-CA11103E255E} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{1C46A0DD-D53E-46C4-A435-CA11103E255E} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{1C46A0DD-D53E-46C4-A435-CA11103E255E} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\quick_start@gmail.com deleted successfully
==== shortcuts on Users Desktops ======================
C:\Users\Aderlei\Desktop\Arquivos de instalação do Norton.lnk -
C:\Users\Aderlei\Desktop\chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Aderlei\Desktop\MANUAL DE MONTAGEM MADINE 27-02-2014 - Atalho.lnk - C:\Users\Aderlei\Documents\MANUAL DE MONTAGEM MADINE 27-02-2014.rar
C:\Users\Aderlei\Desktop\Microsoft Office Excel 2007.lnk - C:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
C:\Users\Aderlei\Desktop\Microsoft Office Outlook 2007.lnk - C:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
C:\Users\Aderlei\Desktop\Microsoft Office Word 2007.lnk - C:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\Aderlei\Desktop\Play Games.lnk - C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsole-wt.exe /src desktoptpd
C:\Users\Aderlei\Desktop\Santana.lnk - C:\Making\Sistema\Santana.exe
C:\Users\Aderlei\Desktop\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Aderlei\Desktop\Dia dos pais\Nova pasta\DSC03341 - Atalho.lnk - C:\Users\Aderlei\Desktop\Dia dos pais\DSC03341.JPG
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Adobe Reader X.lnk - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Assistente Pimaco.lnk - C:\Pimaco\Pimaco.docm
C:\Users\Public\Desktop\Easy Settings.lnk - C:\Program Files (x86)\Samsung\Easy Settings\ControlCenter.exe
C:\Users\Public\Desktop\Easy Software Manager.lnk - C:\Program Files (x86)\Samsung\Easy Software Manager\SoftwareManager.exe
C:\Users\Public\Desktop\Easy Support Center.lnk - C:\Program Files (x86)\Samsung\Easy Support Center\SSCMain.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Multimedia POP.lnk - C:\Program Files\Samsung\MultimediaPOP\MultimediaPOP.exe
C:\Users\Public\Desktop\Norton Internet Security.lnk - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\uistub.exe
C:\Users\Public\Desktop\Skype.lnk - C:\windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe
C:\Users\Public\Desktop\User Guide.lnk - C:\Program Files\Samsung\SamsungManual\RunManual.exe
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe
==== shortcuts in Quick Launch ======================
C:\Users\Aderlei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Aderlei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Aderlei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE /recycle
C:\Users\Aderlei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Aderlei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Aderlei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\IBExpert.lnk - C:\Program Files (x86)\HK-Software\IBExpert\ibexpert.exe
C:\Users\Aderlei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Word 2007.lnk - C:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\Aderlei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe Reader X.lnk - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Users\Aderlei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Aderlei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office Outlook 2007.lnk - C:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
C:\Users\Aderlei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Aderlei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Santana.lnk - C:\Making\Sistema\Santana.exe
C:\Users\Aderlei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Software Launcher.lnk - C:\Program Files (x86)\Samsung\Software Launcher\Software Launcher.exe
C:\Users\Aderlei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\windows\explorer.exe
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyServer"="http=127.0.0.1:13828"
"ProxyEnable"=dword:00000001
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dhfcbmlocifngpbjdpgnkbjmgkadkjpp deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ee255018-77fd-4cbc-be4b-7468b4f4bee0} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\4D6EEB5A875ECFB44B4DF193C45AED12 deleted successfully
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Aderlei\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Aderlei\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Aderlei\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Aderlei\AppData\Local\Mozilla\Firefox\Profiles\6g63usux.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=24 folders=31 1729693 bytes)
==== Empty Temp Folders ======================
C:\Users\Aderlei\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\Aderlei\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== After Reboot ======================
==== Deleting Files / Folders ======================
"C:\windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted
==== EOF on 05/03/2014 at 12:04:27,88 ======================
Tool run by Aderlei on 05/03/2014 at 10:34:16,41.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Aderlei\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
05/03/2014 10:35:14 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Aderlei\AppData\Roaming\Mozilla\Firefox\Profiles\6g63usux.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.baixaki.com.br/portal/?utm_source=sol&utm_medium=ppi&utm_campaign=portal");
user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
user_pref("browser.search.defaultenginename", "Web");
user_pref("browser.search.selectedEngine", "Web");
user_pref("keyword.URL", "http://br.yhs4.search.yahoo.com/yhs/search");
Added to C:\Users\Aderlei\AppData\Roaming\Mozilla\Firefox\Profiles\6g63usux.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\Aderlei\AppData\Roaming\Mozilla\Firefox\Profiles\6g63usux.default
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 3);
---- FireFox user.js and prefs.js backups ----
user_032014_1050_.backup
prefs_032014_1050_.backup
==== Deleting Files \ Folders ======================
C:\Users\Aderlei\AppData\Roaming\SmileysWeLove deleted
C:\Users\Aderlei\AppData\Roaming\Baidu deleted
C:\PROGRA~3\FileSplitUpLoad.dll deleted
C:\PROGRA~3\baidu deleted
C:\Users\Aderlei\AppData\Local\nsn5097.tmp deleted
C:\Users\Aderlei\AppData\Local\cache deleted
C:\windows\Syswow64\InstallUtil.InstallLog deleted
C:\windows\SysWow64\searchplugins deleted
C:\windows\SysWow64\Extensions deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"BaseFlash@B1a2s3e4F5l6a7s8h9.es"="C:\Users\Aderlei\AppData\Roaming\BaseFlash\Firefox" [05/03/2014 07:44]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{0b5db34d-5c3d-4d15-a340-3754566390d9}"="C:\Program Files (x86)\View-Password-soft\155.xpi" [04/03/2014 14:41]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Aderlei\AppData\Roaming\Mozilla\Firefox\Profiles\6g63usux.default
- BaseFlash - C:\Users\Aderlei\AppData\Roaming\BaseFlash\Firefox
- melondrea - %ProfilePath%\extensions\{c047df5e-0fda-4055-b5db-a96a8a34a094}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\Aderlei\AppData\Roaming\Mozilla\Firefox\Profiles\6g63usux.default
D775FA6F1E88B3B99E69E8A0D6C3A819 - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll - Shockwave Flash
2C82D753EF779945977C82A3908DA20A - C:\windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.90.5
15E298B5EC5B89C5994A59863969D9FF - C:\windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System
==== Deleted Firefox Extensions ======================
C:\Users\Aderlei\AppData\Roaming\Mozilla\Firefox\Profiles\6g63usux.default\extensions\{c047df5e-0fda-4055-b5db-a96a8a34a094}.xpi deleted
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dhfcbmlocifngpbjdpgnkbjmgkadkjpp - C:\Program Files (x86)\Industriya\privitize\1.8.21.6\privitize.crx[]
fhokfmhpdoppcompklkineedkmhinhdf - C:\Users\Aderlei\AppData\Roaming\BaseFlash\Chrome\BaseFlash.crx[05/03/2014 06:56]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[03/01/2014 01:32]
pelmeidfhdlhlbjimpabfcbnnojbboma - C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx[]
Google Drive - Aderlei\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Aderlei\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Aderlei\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Aderlei\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Aderlei\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.baixaki.com.br/portal/?utm_source=sol&utm_medium=ppi&utm_campaign=portal"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://searchou.com/?id=c46067e0000000000000b80305b2f0c1&affilt=5"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://searchou.com/?id=c46067e0000000000000b80305b2f0c1&affilt=5"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com"
"SearchAssistant"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.baixaki.com.br/portal/?utm_source=sol&utm_medium=ppi&utm_campaign=portal"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-580441236-439076865-2119370448-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1C46A0DD-D53E-46C4-A435-CA11103E255E} deleted successfully
HKEY_USERS\S-1-5-21-580441236-439076865-2119370448-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1C46A0DD-D53E-46C4-A435-CA11103E255E} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{1C46A0DD-D53E-46C4-A435-CA11103E255E} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{1C46A0DD-D53E-46C4-A435-CA11103E255E} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\quick_start@gmail.com deleted successfully
==== shortcuts on Users Desktops ======================
C:\Users\Aderlei\Desktop\Arquivos de instalação do Norton.lnk -
C:\Users\Aderlei\Desktop\chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Aderlei\Desktop\MANUAL DE MONTAGEM MADINE 27-02-2014 - Atalho.lnk - C:\Users\Aderlei\Documents\MANUAL DE MONTAGEM MADINE 27-02-2014.rar
C:\Users\Aderlei\Desktop\Microsoft Office Excel 2007.lnk - C:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
C:\Users\Aderlei\Desktop\Microsoft Office Outlook 2007.lnk - C:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
C:\Users\Aderlei\Desktop\Microsoft Office Word 2007.lnk - C:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\Aderlei\Desktop\Play Games.lnk - C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsole-wt.exe /src desktoptpd
C:\Users\Aderlei\Desktop\Santana.lnk - C:\Making\Sistema\Santana.exe
C:\Users\Aderlei\Desktop\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Aderlei\Desktop\Dia dos pais\Nova pasta\DSC03341 - Atalho.lnk - C:\Users\Aderlei\Desktop\Dia dos pais\DSC03341.JPG
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Adobe Reader X.lnk - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Assistente Pimaco.lnk - C:\Pimaco\Pimaco.docm
C:\Users\Public\Desktop\Easy Settings.lnk - C:\Program Files (x86)\Samsung\Easy Settings\ControlCenter.exe
C:\Users\Public\Desktop\Easy Software Manager.lnk - C:\Program Files (x86)\Samsung\Easy Software Manager\SoftwareManager.exe
C:\Users\Public\Desktop\Easy Support Center.lnk - C:\Program Files (x86)\Samsung\Easy Support Center\SSCMain.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Multimedia POP.lnk - C:\Program Files\Samsung\MultimediaPOP\MultimediaPOP.exe
C:\Users\Public\Desktop\Norton Internet Security.lnk - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\uistub.exe
C:\Users\Public\Desktop\Skype.lnk - C:\windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe
C:\Users\Public\Desktop\User Guide.lnk - C:\Program Files\Samsung\SamsungManual\RunManual.exe
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe
==== shortcuts in Quick Launch ======================
C:\Users\Aderlei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Aderlei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Aderlei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE /recycle
C:\Users\Aderlei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Aderlei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Aderlei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\IBExpert.lnk - C:\Program Files (x86)\HK-Software\IBExpert\ibexpert.exe
C:\Users\Aderlei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Word 2007.lnk - C:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\Aderlei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe Reader X.lnk - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Users\Aderlei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Aderlei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office Outlook 2007.lnk - C:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
C:\Users\Aderlei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Aderlei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Santana.lnk - C:\Making\Sistema\Santana.exe
C:\Users\Aderlei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Software Launcher.lnk - C:\Program Files (x86)\Samsung\Software Launcher\Software Launcher.exe
C:\Users\Aderlei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\windows\explorer.exe
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyServer"="http=127.0.0.1:13828"
"ProxyEnable"=dword:00000001
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dhfcbmlocifngpbjdpgnkbjmgkadkjpp deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ee255018-77fd-4cbc-be4b-7468b4f4bee0} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\4D6EEB5A875ECFB44B4DF193C45AED12 deleted successfully
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Aderlei\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Aderlei\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Aderlei\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Aderlei\AppData\Local\Mozilla\Firefox\Profiles\6g63usux.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=24 folders=31 1729693 bytes)
==== Empty Temp Folders ======================
C:\Users\Aderlei\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\Aderlei\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== After Reboot ======================
==== Deleting Files / Folders ======================
"C:\windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted
==== EOF on 05/03/2014 at 12:04:27,88 ======================
Aderlei Santana- Iniciante
- Mensagens : 17
Reputação : 0
Data de inscrição : 04/03/2014
Re: Não consigo remover o ads by View-Password do meu notebook
por Power Max Qua 05 Mar 2014, 12:08
Vá no menu: Iniciar > Todos os programas > ZHP > Abra o ZHPDiagClique "SEARCH" (ou "PESQUISAR") e aguarde a conclusão.
Copie este relatório e poste em sua próxima resposta.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Não consigo remover o ads by View-Password do meu notebook
por Aderlei Santana Qua 05 Mar 2014, 12:10
Devo mesmo assim seguir a precedência do ZHP... Não sei se viu, em um comentário á cima postei o ralatório do ZOEK
Última edição por Aderlei Santana em Qua 05 Mar 2014, 12:12, editado 1 vez(es)
Aderlei Santana- Iniciante
- Mensagens : 17
Reputação : 0
Data de inscrição : 04/03/2014
Re: Não consigo remover o ads by View-Password do meu notebook
por Power Max Qua 05 Mar 2014, 12:11
Sim, vi que vários problemas foram removidos pelo Zoek.
Mas poste o novo relatório do ZHP para vermos como está o PC depois disto.
Mas poste o novo relatório do ZHP para vermos como está o PC depois disto.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Não consigo remover o ads by View-Password do meu notebook
por Aderlei Santana Qua 05 Mar 2014, 12:17
~ Relatório do ZHPDiag v2014.3.2.6 - Nicolas Coolman (03/03/2014)
~ Iniciado por Aderlei (05/03/2014 12:13:10)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.16518
MFIE: Mozilla Firefox 27.0.1 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
Windows Defender W7
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4009 MB (51% free)
System Restore: Activé (Enable)
System drive C: has 125 GB (70%) free of 178 GB
---\\ Modo de conexão ao sistema
~ Computer Name: NP300E4A-PC
~ User Name: Aderlei
~ All Users Names: UpdatusUser, HomeGroupUser$, Convidado, Administrador, Aderlei,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Aderlei\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Aderlei\AppData\Roaming\
~ %Desktop% : C:\Users\Aderlei\Desktop\
~ %Favorites% : C:\Users\Aderlei\Favorites\
~ %LocalAppData% : C:\Users\Aderlei\AppData\Local\
~ %StartMenu% : C:\Users\Aderlei\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 125 Go of 178 Go)
D: Hard drive, Flash drive, Thumb drive (Free 265 Go of 265 Go)
E: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 03:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.263B6E451526A90FF8B1CEC759F22956] - (.Microsoft Corporation - Internet Extensions para Win32.) (.06/02/2014 - 06:24:52.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.21/11/2010 - 00:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.27/09/2013 - 22:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.12/04/2013 - 11:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.25/02/2011 - 03:25:38.) -- C:\Windows\system32\Drivers\volsnap.sys [296320]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/34
~ Mes musiques (My Musics) : 1/3
Mes Videos (My Videos) : 2/2 (Modified)
~ Mes Favoris (My Favorites) : 1/12
~ Mes Documents (My Documents) : 2/49
~ Mon Bureau (My Desktop) : 2/383
~ Menu demarrer (Programs) : 1/5
~ Hidden Files: Scanned in 00mn 00s
---\\ Processos lançados
[MD5.C87442B6D17912785DC143CEDCA508C9] - (.Symantec Corporation - Norton Internet Security.) -- C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe [275696] [PID.1584]
[MD5.C48D3E40239AA459DE81F749484932F5] - (...) -- C:\Program Files (x86)\View-Password-soft\ViewPassword_wd.exe [93184] [PID.3852] =>PUP.ViewPassword
[MD5.54584D494E2FF0E25720FF45594DC2D6] - (.Samsung - SWMAgent.) -- C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe [2810448] [PID.1312]
[MD5.B7A97647B3967F825E4A064179383731] - (...) -- C:\Program Files (x86)\Baixou Agora App\BaixouAgora.exe [2190824] [PID.4012]
[MD5.4944790BD547B165F7E9F76BF3252C5D] - (.CompSoft - DoroServer.) -- C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe [172032] [PID.3108]
[MD5.57DCA6CE6F6DE6DE818654693B339ADC] - (.Samsung Electronics Co., Ltd. - MovieColorEnhancer.exe.) -- C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [784264] [PID.2612]
[MD5.D7E546DAF03DEED037D50CDF96C7CF7F] - (.Samsung Electronics Co., Ltd. - Smart Setting Program.) -- C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe [2279304] [PID.1220]
[MD5.B200A3535464E46658E9B95FDADB0834] - (.Samsung Electronics Co., Ltd. - Easy Display Manager.) -- C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe [1112968] [PID.532]
[MD5.B00F98FF6FE8682FF941BEB2559BF191] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488] [PID.408]
[MD5.57B4D34232852BFE4453BE571DF90D21] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720] [PID.4916]
[MD5.2C7CF4D4A17B5765E23F6B82C16AF4EB] - (.CyberLink Corp. - Media+Player RC Service.) -- C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe [87336] [PID.4836]
[MD5.D3A1D2987051118159D4DE38E3027CEA] - (.SEC - Samsung Recovery Solution 5.) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [4403280] [PID.6140]
[MD5.F289B31D23BB3DC8E6640A6D09E4BF51] - (.SAMSUNG Electronics - SSCKbdHk.) -- C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe [3395664] [PID.8164]
[MD5.026C4CA19FAE1F84894A99735B15AACA] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859464] [PID.21636]
[MD5.66EA3B698F9A7EA2DBF0E4B246B6C958] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8349696] [PID.114432]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1676]
[MD5.2E251B39ABEA79351E5633E5A7C36BE4] - (.Intel Corporation - Bluetooth Device Monitor.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [921664] [PID.1788]
[MD5.9E530C6F0EEE34CCEAC8104838AB68C7] - (.Microsoft Corporation - Updates Skype Click to Call.) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616] [PID.1836]
[MD5.96B14B79C71CE4A7783184CC8B5DBCE8] - (.Microsoft Corporation - Phone Number Recognition (PNR) module.) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748640] [PID.1928]
[MD5.3A1BBC09BD3D2DE69DE3F9F2FE1B7E7B] - (.FirebirdSQL Project - Firebird SQL Server.) -- C:\Program Files (x86)\Firebird\Firebird_2_0\bin\fbguard.exe [81920] [PID.2028]
[MD5.7CF1B716372B89568AE4C0FE769F5869] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872] [PID.1208]
[MD5.F12A68ED55053940CADD59CA5E3468DD] - (.No owner - RichVideo Module.) -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904] [PID.1768]
[MD5.5E66ABD041D76C46CBF55AEF910FCA56] - (...) -- C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [31624] [PID.1336]
[MD5.318706813FB613072A688F2653B0689F] - (.Banco Bradesco S.A. - scpVista.) -- C:\Program Files (x86)\Scpad\scpVista.exe [360624] [PID.1876]
[MD5.A3EF1E191ECC5C9119CB8B240E661D1B] - (.No owner - ProtectExts.) -- C:\Users\Aderlei\AppData\Roaming\ProtectExtension\protect\ProtectExtension.exe [65024] [PID.2076]
[MD5.ADB9C79CCBEF779D56A9AC931F9C8DF0] - (.Intel Corporation - Bluetooth OBEX Service.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [995392] [PID.2304]
[MD5.081FF7B4809ED7D24848DE34F4FAF353] - (.FirebirdSQL Project - Firebird SQL Server.) -- C:\Program Files (x86)\Firebird\Firebird_2_0\bin\fbserver.exe [1994752] [PID.2688]
[MD5.FD8B70E459900B1F8A4046E34D74E587] - (...) -- C:\Program Files (x86)\View-Password-soft\ViewPassword155.exe [194560] [PID.4060] =>PUP.ViewPassword
[MD5.1EC546F8B6222F1F984220C1324EA945] - (.Intel Corporation - Bluetooth Media Service.) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1355840] [PID.1724]
[MD5.F4A17DCAB576267C85663E64F3ACE5A4] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [326424] [PID.5348]
[MD5.D96DDEA6C699A99832E0186057801971] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [1997416] [PID.5588]
[MD5.DB641944F7E4B14C13C3FEFC89843F69] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2656536] [PID.6352]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [fhokfmhpdoppcompklkineedkmhinhdf] BaseFlash v.1.0, (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [zzzzzzzzzzzzzzzzoibponkmmpgpmjgl] BaseFlash v.1.0, (Désactivé)
~ Google Browser: 18 Legitimates Filtered in 00mn 01s
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\Aderlei\AppData\Roaming\Mozilla\Firefox\Profiles\6g63usux.default\prefs.js
~ Firefox Browser: 3 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ IE Browser: 23 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:13828 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects do navegador (02)
O2 - BHO: CompSegIB [64Bits] - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Banco Bradesco S.A. - scpsssh2 Module.) -- C:\Program Files (x86)\Scpad\scpsssh2.dll
O2 - BHO: BaseFlash Ads [64Bits] - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} . (...) -- C:\Users\Aderlei\AppData\Roaming\BaseFlash\IE\BaseFlash.dll
~ BHO: 10 Legitimates Filtered in 00mn 00s
---\\ Barras do Internet Explorer (03))
O3 - Toolbar: Norton Toolbar - [HKLM]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Assistente Pimaco.lnk . (...) -- C:\Pimaco\Pimaco.docm
O4 - GS\Desktop [Public]: Easy Settings.lnk . (.Samsung Electronics Co., Ltd. - Easy Settings.) -- C:\Program Files (x86)\Samsung\Easy Settings\ControlCenter.exe
O4 - GS\Desktop [Public]: Easy Software Manager.lnk . (.Samsung - SoftwareManager.) -- C:\Program Files (x86)\Samsung\Easy Software Manager\SoftwareManager.exe
O4 - GS\Desktop [Public]: Easy Support Center.lnk . (.SAMSUNG Electronics - Easy Support Center.) -- C:\Program Files (x86)\Samsung\Easy Support Center\SSCMain.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Multimedia POP.lnk . (.TODO: - TODO: .) -- C:\Program Files\Samsung\MultimediaPOP\MultimediaPOP.exe
O4 - GS\Desktop [Public]: User Guide.lnk . (.Samsung Electronics - Runmanual.) -- C:\Program Files\Samsung\SamsungManual\RunManual.exe
O4 - GS\Program [Public]: Lista Telefônica Online.lnk . (...) -- C:\Program Files (x86)\BPesq\BPesq.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [Aderlei]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Aderlei]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Aderlei]: chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Aderlei]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar [Aderlei]: Santana.lnk . (...) -- C:\Making\Sistema\Santana.exe
O4 - GS\TaskBar [Aderlei]: Software Launcher.lnk . (.Samsung Electronics CO., LTD. - Software Launcher.) -- C:\Program Files (x86)\Samsung\Software Launcher\Software Launcher.exe
O4 - GS\Desktop [Aderlei]: Arquivos de instalação do Norton.lnk - Chave orfã
O4 - GS\Desktop [Aderlei]: chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Aderlei]: MANUAL DE MONTAGEM MADINE 27-02-2014 - Atalho.lnk . (...) -- C:\Users\Aderlei\Documents\MANUAL DE MONTAGEM MADINE 27-02-2014.rar
O4 - GS\Desktop [Aderlei]: Play Games.lnk . (.WildTangent, Inc. - GameConsole.) -- C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsole-wt.exe
O4 - GS\Desktop [Aderlei]: Santana.lnk . (...) -- C:\Making\Sistema\Santana.exe
~ Global Startup: 73 Legitimates Filtered in 00mn 01s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [BTMTrayAgent] . (.Intel Corporation - Bluetooth Shell Extension.) -- C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [Baixou Agora] . (...) -- C:\Program Files (x86)\Baixou Agora App\BaixouAgora.exe
O4 - HKLM\..\Wow6432Node\Run: [DoroServer] . (.CompSoft - DoroServer.) -- C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe
O4 - HKLM\..\Wow6432Node\Run: [fst_br_82] Chave orfã
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-580441236-439076865-2119370448-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-580441236-439076865-2119370448-1000\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{64A83DD5-6103-4B06-B8EC-14657DED3F73}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{64A83DD5-6103-4B06-B8EC-14657DED3F73}: DhcpDomain = homestation
O17 - HKLM\System\CS1\Services\Tcpip\..\{64A83DD5-6103-4B06-B8EC-14657DED3F73}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{64A83DD5-6103-4B06-B8EC-14657DED3F73}: DhcpDomain = homestation
O17 - HKLM\System\CS2\Services\Tcpip\..\{64A83DD5-6103-4B06-B8EC-14657DED3F73}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{64A83DD5-6103-4B06-B8EC-14657DED3F73}: DhcpDomain = homestation
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA Compatible NVIDIA shim initializatio.) - C:\windows\system32\nvinitx.dll
~ AppInit DLL: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Baidu AntiVirus Service (bavsvc) . (...) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bavsvc.exe (.not file.) =>Adware.BDSearch
O23 - Service: Baidu Hips Service (bhipssvc) . (...) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bhipssvc.exe (.not file.) =>Adware.BDSearch
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) . (.FirebirdSQL Project - Firebird SQL Server.) - C:\Program Files (x86)\Firebird\Firebird_2_0\bin\fbguard.exe
O23 - Service: SamsungDeviceConfiguration (SamsungDeviceConfigurationWinService) . (...) - C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
O23 - Service: scpVista (scpVista) . (.Banco Bradesco S.A. - scpVista.) - C:\Program Files (x86)\Scpad\scpVista.exe
O23 - Service: Protect your browser's extensions (srvProtectExtension) . (.No owner - ProtectExts.) - C:\Users\Aderlei\AppData\Roaming\ProtectExtension\protect\ProtectExtension.exe
O23 - Service: View Password (ViewPassword) . (...) - C:\Program Files (x86)\View-Password-soft\ViewPassword155.exe =>PUP.ViewPassword
~ Services: 18 Legitimates Filtered in 00mn 07s
---\\ Tarefas planificadas automaticamente (039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\f3ven-chromeinstaller.job [3072]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HDVideo-chromeinstaller.job [3080]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\View Password Update.job [412] =>PUP.ViewPassword
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\View Password_wd.job [416] =>PUP.ViewPassword
[MD5.00000000000000000000000000000000] [APT] [f3ven-chromeinstaller] (...) -- C:\Program Files (x86)\f3ven\f3ven-chromeinstaller.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [HDVideo-chromeinstaller] (...) -- C:\Program Files (x86)\HDVideo\HDVideo-chromeinstaller.exe (.not file.) [0]
[MD5.E88291D6CB7AD093FE1B406FAD1A46DE] [APT] [View Password Update] (...) -- C:\Program Files (x86)\View-Password-soft\View-.exe [248320] =>PUP.ViewPassword
[MD5.C48D3E40239AA459DE81F749484932F5] [APT] [View Password_wd] (...) -- C:\Program Files (x86)\View-Password-soft\ViewPassword_wd.exe [93184] =>PUP.ViewPassword
[MD5.00000000000000000000000000000000] [APT] [{04415692-BC48-49A8-94F6-45CB8951AC87}] (...) -- C:\Program Files (x86)\HDVideo\Uninstall.exe (.not file.) [0]
~ Scheduled Task: 26 Legitimates Filtered in 00mn 07s
---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (badriver) . (.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) - C:\Windows\System32\drivers\badriver.sys
O41 - Driver: (Bfilter) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\windows\system32\drivers\Bfilter.sys =>Adware.BDSearch
O41 - Driver: (Bfmon) . (.Baidu, Inc. - Baidu FS Monitor Driver.) - C:\windows\system32\drivers\Bfmon.sys =>Adware.BDSearch
O41 - Driver: (Bprotect) . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - C:\windows\system32\drivers\Bprotect.sys =>Adware.BDSearch
~ Drivers: 102 Legitimates Filtered in 00mn 28s
---\\ Software instalados (042)
O42 - Logiciel: Save Sense (remove only) - (.SaveSense.) [HKCU][64Bits] -- Save Sense =>PUP.SaveSense
O42 - Logiciel: SaveSense - (.SaveSense.) [HKCU][64Bits] -- SaveSense =>PUP.SaveSense
O42 - Logiciel: melondrea - (.melondrea.) [HKLM][64Bits] -- melondrea =>PUP.Melondrea
~ Logic: 7 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\Baixou Agora]
[HKCU\Software\Filseclab]
[HKCU\Software\ForumerIT] =>Toolbar.Forumer
[HKCU\Software\Industriya]
[HKLM\Software\Wow6432Node\360Safe] =>Trojan.Trojan.Lozavita
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\BaseFlash]
[HKLM\Software\Wow6432Node\Filseclab]
[HKLM\Software\Wow6432Node\HDVideo]
[HKLM\Software\Wow6432Node\Industriya]
[HKLM\Software\Wow6432Node\ProtectExtension]
[HKLM\Software\Wow6432Node\f3ven]
~ Key Software: 164 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 04/03/2014 - 20:22:47 - [110,806] ----D C:\Program Files (x86)\Baidu Security =>Adware.BDSearch
O43 - CFD: 04/03/2014 - 15:26:55 - [4,976] ----D C:\Program Files (x86)\Baixou Agora App
O43 - CFD: 03/05/2013 - 10:36:55 - [2,642] ----D C:\Program Files (x86)\BPesq
O43 - CFD: 04/03/2014 - 23:12:44 - [0] ----D C:\Program Files (x86)\melondrea =>PUP.Melondrea
O43 - CFD: 09/02/2014 - 15:22:00 - [1,511] ----D C:\Program Files (x86)\Scpad
O43 - CFD: 04/03/2014 - 17:23:14 - [1,123] ----D C:\Program Files (x86)\View-Password-soft =>PUP.ViewPassword
O43 - CFD: 04/03/2014 - 14:00:39 - [0] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 26/06/2013 - 18:39:55 - [2,822] ----D C:\Users\Aderlei\AppData\Roaming\Baidu Security =>Adware.BDSearch
O43 - CFD: 04/03/2014 - 15:29:27 - [0,164] ----D C:\Users\Aderlei\AppData\Roaming\BaseFlash
O43 - CFD: 04/03/2014 - 14:43:51 - [1,442] ----D C:\Users\Aderlei\AppData\Roaming\ProtectExtension
~ Program Folder: 138 Legitimates Filtered in 00mn 29s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 04/03/2014 - 14:47:51 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032] =>Adware.BDSearch
O44 - LFC:[MD5.DFC1681F6645CB2AEA83897588F05362] - 04/03/2014 - 14:47:51 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624] =>Adware.BDSearch
O44 - LFC:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 04/03/2014 - 14:47:52 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992] =>Adware.BDSearch
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 05/03/2014 - 10:33:58 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.9AA597B3B8286301E4AD347F42477A86] - 05/03/2014 - 11:07:53 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [147864]
O44 - LFC:[MD5.AC942B3F4E9B38EC17D013D55181E37C] - 05/03/2014 - 11:07:53 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [706024]
O44 - LFC:[MD5.2DBAC9B1E6BDC3C231BD49C724369D89] - 05/03/2014 - 12:04:27 ---A- . (...) -- C:\zoek-results.log [19876]
O44 - LFC:[MD5.1F6195F7F0B2AD16F19CA7472F330273] - 19/02/2014 - 17:57:50 ---A- . (.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\badriver.sys [44520]
~ Files: 15 Legitimates Filtered in 00mn 02s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.F338F29E06D24AC1C162131C1C908FB5] - 19/06/2013 - 19:51:44 R--A- . (.360.cn - 360HipsOEM.) -- C:\Windows\System32\Drivers\360FltOEM.sys [288688]
O58 - SDL:[MD5.449D90F1FB6402773C2F1ECCEAE15F74] - 04/12/2011 - 21:22:58 ---A- . (.Windows (R) Win 7 DDK provider - Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual A.) -- C:\Windows\System32\Drivers\AmpPal.sys [195584]
O58 - SDL:[MD5.1F6195F7F0B2AD16F19CA7472F330273] - 19/02/2014 - 17:57:50 ---A- . (.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\badriver.sys [44520]
O58 - SDL:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 21/01/2014 - 11:14:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032] =>Adware.BDSearch
O58 - SDL:[MD5.DFC1681F6645CB2AEA83897588F05362] - 21/01/2014 - 11:14:50 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624] =>Adware.BDSearch
O58 - SDL:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992] =>Adware.BDSearch
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 18 Legitimates Filtered in 00mn 06s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 19/02/2014 - C:\Windows\System32\drivers\badriver.sys (badriver) .(.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) - LEGACY_BADRIVER
O64 - Services: CurCS - 21/01/2014 - C:\windows\system32\drivers\Bfilter.sys (Bfilter) .(.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - LEGACY_BFILTER =>Adware.BDSearch
O64 - Services: CurCS - 21/01/2014 - C:\windows\system32\drivers\Bfmon.sys (Bfmon) .(.Baidu, Inc. - Baidu FS Monitor Driver.) - LEGACY_BFMON =>Adware.BDSearch
O64 - Services: CurCS - 21/01/2014 - C:\windows\system32\drivers\Bprotect.sys (Bprotect) .(.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - LEGACY_BPROTECT =>Adware.BDSearch
O64 - Services: CurCS - 07/02/2014 - C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\IPSDefs\20140303.001\IDSvia64.sys (IDSVia64) .(.Symantec Corporation - IDS Core Driver.) - LEGACY_IDSVIA64
O64 - Services: CurCS - 04/06/2011 - C:\Windows\System32\DRIVERS\nvpciflt.sys (nvpciflt) .(.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) - LEGACY_NVPCIFLT
~ Legacy: 98 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- c:\program files (x86)\mozilla firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- c:\program files (x86)\google\chrome\application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- c:\program files\internet explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] d6ec5a97-dbd0-46b3-9c44-5b0e1240c6be - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "092BFC7DE001B504E8793801482880CB" . (.Lista Telefônica Online.) -- C:\windows\Installer\{D7CFB290-100E-405B-8E97-8310848208BC}\ARPPRODUCTICON.exe
O90 - PUC: "A6F040E19CD6FCD418C9CFEF27B00679" . (.Assistente Pimaco.) -- C:\windows\Installer\{1E040F6A-6DC9-4DCF-819C-FCFE720B6097}\Pimaco_2.exe
~ Update Products: 463 Legitimates Filtered in 00mn 00s
---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.E6E4A12D596AD8934FDD2DE83EAEE537] [WIS][24/08/2013] (.Pimaco - Assistente Pimaco.) -- C:\Windows\Installer\24716b.msi [273920]
~ WIS: 464 Legitimates Filtered in 01mn 05s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 05/03/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 10/07/1658 0 | (bavsvc) . (...) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bavsvc.exe =>Adware.BDSearch
SS - | Auto 10/07/1658 0 | (bhipssvc) . (...) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bhipssvc.exe =>Adware.BDSearch
SS - | Demand 03/06/2010 246520 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe
SS - | Demand 15/04/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 15/04/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 04/03/2014 118896 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 01/03/2011 27648 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Disabled 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 04/12/2011 659968 | (AMPPALR3) . (.Intel Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
SR - | Auto 14/11/2011 921664 | (Bluetooth Device Monitor) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
SR - | Demand 14/11/2011 1355840 | (Bluetooth Media Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
SR - | Auto 14/11/2011 995392 | (Bluetooth OBEX Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
SR - | Auto 04/12/2011 135952 | (BTHSSecurityMgr) . (.Intel(R) Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
SR - | Auto 02/03/2007 81920 | (FirebirdGuardianDefaultInstance) . (.FirebirdSQL Project.) - C:\Program Files (x86)\Firebird\Firebird_2_0\bin\fbguard.exe
SR - | Demand 02/03/2007 1994752 | (FirebirdServerDefaultInstance) . (.FirebirdSQL Project.) - C:\Program Files (x86)\Firebird\Firebird_2_0\bin\fbserver.exe
SR - | Auto 05/05/2011 326424 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 08/10/2013 275696 | (NIS) . (.Symantec Corporation.) - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
SR - | Auto 01/06/2010 2804568 | (NOBU) . (.Symantec Corporation.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe =>.Symantec Corporation
SR - | Auto 04/06/2011 993896 | (NVSvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe
SR - | Auto 04/06/2011 1997416 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
SR - | Auto 01/12/2009 244904 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
SR - | Auto 13/02/2012 31624 | (SamsungDeviceConfigurationWinService) . (...) - C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
SR - | Auto 24/10/2012 360624 | (scpVista) . (.Banco Bradesco S.A..) - C:\Program Files (x86)\Scpad\scpVista.exe
SR - | Auto 21/02/2014 65024 | (srvProtectExtension) . (...) - C:\Users\Aderlei\AppData\Roaming\ProtectExtension\protect\ProtectExtension.exe
SR - | Auto 05/05/2011 2656536 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 04/03/2014 194560 | (ViewPassword) . (...) - C:\Program Files (x86)\View-Password-soft\ViewPassword155.exe =>PUP.ViewPassword
SR - | Auto 01/03/2011 27648 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 01mn 08s
---\\ Scâner Aditional (088)
Database Version : 13031 - (03/03/2014)
Clés trouvées (Keys found) : 12
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 5
Fichiers trouvés (Files found) : 9
[HKLM\SYSTEM\CurrentControlSet\Services\bavsvc] =>Adware.BDSearch^
[HKLM\SYSTEM\CurrentControlSet\Services\bhipssvc] =>Adware.BDSearch^
[HKLM\SYSTEM\CurrentControlSet\Services\ViewPassword] =>PUP.ViewPassword^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Save Sense] =>PUP.SaveSense^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SaveSense] =>PUP.SaveSense^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\melondrea] =>PUP.Melondrea^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Wow6432Node\360Safe] =>Trojan.Lozavita
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211671166}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110211671166}] =>PUP.CrossRider
C:\Program Files (x86)\Baidu Security =>Adware.BDSearch^
C:\Program Files (x86)\melondrea =>PUP.Melondrea^
C:\Program Files (x86)\View-Password-soft =>PUP.ViewPassword^
C:\ProgramData\Baidu Security =>Adware.BDSearch^
C:\Users\Aderlei\AppData\Roaming\Baidu Security =>Adware.BDSearch^
C:\Program Files (x86)\View-Password-soft\ViewPassword_wd.exe =>PUP.ViewPassword^
C:\Program Files (x86)\View-Password-soft\ViewPassword155.exe =>PUP.ViewPassword^
C:\Windows\Tasks\View Password Update.job =>PUP.ViewPassword^
C:\Windows\Tasks\View Password_wd.job =>PUP.ViewPassword^
C:\Program Files (x86)\View-Password-soft\View-.exe =>PUP.ViewPassword^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKCU\Software\ForumerIT] =>Toolbar.Forumer^
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch^
~ Additionnel Scan: 264097 Items scanned in 00mn 20s
---\\ Sumário das deteções encontradas na sua estação
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.ViewPassword
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.Proxy
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SaveSense
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Melondrea
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.Forumer
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.Lozavita
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Tarma
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.Lozavita
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.CrossRider
~ MSI: 10 link(s) detected in 00mn 21s
~ 1420 Legitimates filtered by white list
End of the scan (544 lines in 03mn 11s)(0)
~ Iniciado por Aderlei (05/03/2014 12:13:10)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.16518
MFIE: Mozilla Firefox 27.0.1 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
Windows Defender W7
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4009 MB (51% free)
System Restore: Activé (Enable)
System drive C: has 125 GB (70%) free of 178 GB
---\\ Modo de conexão ao sistema
~ Computer Name: NP300E4A-PC
~ User Name: Aderlei
~ All Users Names: UpdatusUser, HomeGroupUser$, Convidado, Administrador, Aderlei,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Aderlei\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Aderlei\AppData\Roaming\
~ %Desktop% : C:\Users\Aderlei\Desktop\
~ %Favorites% : C:\Users\Aderlei\Favorites\
~ %LocalAppData% : C:\Users\Aderlei\AppData\Local\
~ %StartMenu% : C:\Users\Aderlei\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 125 Go of 178 Go)
D: Hard drive, Flash drive, Thumb drive (Free 265 Go of 265 Go)
E: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 03:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.263B6E451526A90FF8B1CEC759F22956] - (.Microsoft Corporation - Internet Extensions para Win32.) (.06/02/2014 - 06:24:52.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.21/11/2010 - 00:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.27/09/2013 - 22:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.12/04/2013 - 11:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.25/02/2011 - 03:25:38.) -- C:\Windows\system32\Drivers\volsnap.sys [296320]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/34
~ Mes musiques (My Musics) : 1/3
Mes Videos (My Videos) : 2/2 (Modified)
~ Mes Favoris (My Favorites) : 1/12
~ Mes Documents (My Documents) : 2/49
~ Mon Bureau (My Desktop) : 2/383
~ Menu demarrer (Programs) : 1/5
~ Hidden Files: Scanned in 00mn 00s
---\\ Processos lançados
[MD5.C87442B6D17912785DC143CEDCA508C9] - (.Symantec Corporation - Norton Internet Security.) -- C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe [275696] [PID.1584]
[MD5.C48D3E40239AA459DE81F749484932F5] - (...) -- C:\Program Files (x86)\View-Password-soft\ViewPassword_wd.exe [93184] [PID.3852] =>PUP.ViewPassword
[MD5.54584D494E2FF0E25720FF45594DC2D6] - (.Samsung - SWMAgent.) -- C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe [2810448] [PID.1312]
[MD5.B7A97647B3967F825E4A064179383731] - (...) -- C:\Program Files (x86)\Baixou Agora App\BaixouAgora.exe [2190824] [PID.4012]
[MD5.4944790BD547B165F7E9F76BF3252C5D] - (.CompSoft - DoroServer.) -- C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe [172032] [PID.3108]
[MD5.57DCA6CE6F6DE6DE818654693B339ADC] - (.Samsung Electronics Co., Ltd. - MovieColorEnhancer.exe.) -- C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [784264] [PID.2612]
[MD5.D7E546DAF03DEED037D50CDF96C7CF7F] - (.Samsung Electronics Co., Ltd. - Smart Setting Program.) -- C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe [2279304] [PID.1220]
[MD5.B200A3535464E46658E9B95FDADB0834] - (.Samsung Electronics Co., Ltd. - Easy Display Manager.) -- C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe [1112968] [PID.532]
[MD5.B00F98FF6FE8682FF941BEB2559BF191] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488] [PID.408]
[MD5.57B4D34232852BFE4453BE571DF90D21] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720] [PID.4916]
[MD5.2C7CF4D4A17B5765E23F6B82C16AF4EB] - (.CyberLink Corp. - Media+Player RC Service.) -- C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe [87336] [PID.4836]
[MD5.D3A1D2987051118159D4DE38E3027CEA] - (.SEC - Samsung Recovery Solution 5.) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [4403280] [PID.6140]
[MD5.F289B31D23BB3DC8E6640A6D09E4BF51] - (.SAMSUNG Electronics - SSCKbdHk.) -- C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe [3395664] [PID.8164]
[MD5.026C4CA19FAE1F84894A99735B15AACA] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859464] [PID.21636]
[MD5.66EA3B698F9A7EA2DBF0E4B246B6C958] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8349696] [PID.114432]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1676]
[MD5.2E251B39ABEA79351E5633E5A7C36BE4] - (.Intel Corporation - Bluetooth Device Monitor.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [921664] [PID.1788]
[MD5.9E530C6F0EEE34CCEAC8104838AB68C7] - (.Microsoft Corporation - Updates Skype Click to Call.) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616] [PID.1836]
[MD5.96B14B79C71CE4A7783184CC8B5DBCE8] - (.Microsoft Corporation - Phone Number Recognition (PNR) module.) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748640] [PID.1928]
[MD5.3A1BBC09BD3D2DE69DE3F9F2FE1B7E7B] - (.FirebirdSQL Project - Firebird SQL Server.) -- C:\Program Files (x86)\Firebird\Firebird_2_0\bin\fbguard.exe [81920] [PID.2028]
[MD5.7CF1B716372B89568AE4C0FE769F5869] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872] [PID.1208]
[MD5.F12A68ED55053940CADD59CA5E3468DD] - (.No owner - RichVideo Module.) -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904] [PID.1768]
[MD5.5E66ABD041D76C46CBF55AEF910FCA56] - (...) -- C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [31624] [PID.1336]
[MD5.318706813FB613072A688F2653B0689F] - (.Banco Bradesco S.A. - scpVista.) -- C:\Program Files (x86)\Scpad\scpVista.exe [360624] [PID.1876]
[MD5.A3EF1E191ECC5C9119CB8B240E661D1B] - (.No owner - ProtectExts.) -- C:\Users\Aderlei\AppData\Roaming\ProtectExtension\protect\ProtectExtension.exe [65024] [PID.2076]
[MD5.ADB9C79CCBEF779D56A9AC931F9C8DF0] - (.Intel Corporation - Bluetooth OBEX Service.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [995392] [PID.2304]
[MD5.081FF7B4809ED7D24848DE34F4FAF353] - (.FirebirdSQL Project - Firebird SQL Server.) -- C:\Program Files (x86)\Firebird\Firebird_2_0\bin\fbserver.exe [1994752] [PID.2688]
[MD5.FD8B70E459900B1F8A4046E34D74E587] - (...) -- C:\Program Files (x86)\View-Password-soft\ViewPassword155.exe [194560] [PID.4060] =>PUP.ViewPassword
[MD5.1EC546F8B6222F1F984220C1324EA945] - (.Intel Corporation - Bluetooth Media Service.) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1355840] [PID.1724]
[MD5.F4A17DCAB576267C85663E64F3ACE5A4] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [326424] [PID.5348]
[MD5.D96DDEA6C699A99832E0186057801971] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [1997416] [PID.5588]
[MD5.DB641944F7E4B14C13C3FEFC89843F69] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2656536] [PID.6352]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [fhokfmhpdoppcompklkineedkmhinhdf] BaseFlash v.1.0, (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [zzzzzzzzzzzzzzzzoibponkmmpgpmjgl] BaseFlash v.1.0, (Désactivé)
~ Google Browser: 18 Legitimates Filtered in 00mn 01s
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\Aderlei\AppData\Roaming\Mozilla\Firefox\Profiles\6g63usux.default\prefs.js
~ Firefox Browser: 3 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ IE Browser: 23 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:13828 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects do navegador (02)
O2 - BHO: CompSegIB [64Bits] - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Banco Bradesco S.A. - scpsssh2 Module.) -- C:\Program Files (x86)\Scpad\scpsssh2.dll
O2 - BHO: BaseFlash Ads [64Bits] - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} . (...) -- C:\Users\Aderlei\AppData\Roaming\BaseFlash\IE\BaseFlash.dll
~ BHO: 10 Legitimates Filtered in 00mn 00s
---\\ Barras do Internet Explorer (03))
O3 - Toolbar: Norton Toolbar - [HKLM]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Assistente Pimaco.lnk . (...) -- C:\Pimaco\Pimaco.docm
O4 - GS\Desktop [Public]: Easy Settings.lnk . (.Samsung Electronics Co., Ltd. - Easy Settings.) -- C:\Program Files (x86)\Samsung\Easy Settings\ControlCenter.exe
O4 - GS\Desktop [Public]: Easy Software Manager.lnk . (.Samsung - SoftwareManager.) -- C:\Program Files (x86)\Samsung\Easy Software Manager\SoftwareManager.exe
O4 - GS\Desktop [Public]: Easy Support Center.lnk . (.SAMSUNG Electronics - Easy Support Center.) -- C:\Program Files (x86)\Samsung\Easy Support Center\SSCMain.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Multimedia POP.lnk . (.TODO:
O4 - GS\Desktop [Public]: User Guide.lnk . (.Samsung Electronics - Runmanual.) -- C:\Program Files\Samsung\SamsungManual\RunManual.exe
O4 - GS\Program [Public]: Lista Telefônica Online.lnk . (...) -- C:\Program Files (x86)\BPesq\BPesq.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [Aderlei]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Aderlei]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Aderlei]: chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Aderlei]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar [Aderlei]: Santana.lnk . (...) -- C:\Making\Sistema\Santana.exe
O4 - GS\TaskBar [Aderlei]: Software Launcher.lnk . (.Samsung Electronics CO., LTD. - Software Launcher.) -- C:\Program Files (x86)\Samsung\Software Launcher\Software Launcher.exe
O4 - GS\Desktop [Aderlei]: Arquivos de instalação do Norton.lnk - Chave orfã
O4 - GS\Desktop [Aderlei]: chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Aderlei]: MANUAL DE MONTAGEM MADINE 27-02-2014 - Atalho.lnk . (...) -- C:\Users\Aderlei\Documents\MANUAL DE MONTAGEM MADINE 27-02-2014.rar
O4 - GS\Desktop [Aderlei]: Play Games.lnk . (.WildTangent, Inc. - GameConsole.) -- C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsole-wt.exe
O4 - GS\Desktop [Aderlei]: Santana.lnk . (...) -- C:\Making\Sistema\Santana.exe
~ Global Startup: 73 Legitimates Filtered in 00mn 01s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [BTMTrayAgent] . (.Intel Corporation - Bluetooth Shell Extension.) -- C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [Baixou Agora] . (...) -- C:\Program Files (x86)\Baixou Agora App\BaixouAgora.exe
O4 - HKLM\..\Wow6432Node\Run: [DoroServer] . (.CompSoft - DoroServer.) -- C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe
O4 - HKLM\..\Wow6432Node\Run: [fst_br_82] Chave orfã
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-580441236-439076865-2119370448-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-580441236-439076865-2119370448-1000\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{64A83DD5-6103-4B06-B8EC-14657DED3F73}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{64A83DD5-6103-4B06-B8EC-14657DED3F73}: DhcpDomain = homestation
O17 - HKLM\System\CS1\Services\Tcpip\..\{64A83DD5-6103-4B06-B8EC-14657DED3F73}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{64A83DD5-6103-4B06-B8EC-14657DED3F73}: DhcpDomain = homestation
O17 - HKLM\System\CS2\Services\Tcpip\..\{64A83DD5-6103-4B06-B8EC-14657DED3F73}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{64A83DD5-6103-4B06-B8EC-14657DED3F73}: DhcpDomain = homestation
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA Compatible NVIDIA shim initializatio.) - C:\windows\system32\nvinitx.dll
~ AppInit DLL: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Baidu AntiVirus Service (bavsvc) . (...) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bavsvc.exe (.not file.) =>Adware.BDSearch
O23 - Service: Baidu Hips Service (bhipssvc) . (...) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bhipssvc.exe (.not file.) =>Adware.BDSearch
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) . (.FirebirdSQL Project - Firebird SQL Server.) - C:\Program Files (x86)\Firebird\Firebird_2_0\bin\fbguard.exe
O23 - Service: SamsungDeviceConfiguration (SamsungDeviceConfigurationWinService) . (...) - C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
O23 - Service: scpVista (scpVista) . (.Banco Bradesco S.A. - scpVista.) - C:\Program Files (x86)\Scpad\scpVista.exe
O23 - Service: Protect your browser's extensions (srvProtectExtension) . (.No owner - ProtectExts.) - C:\Users\Aderlei\AppData\Roaming\ProtectExtension\protect\ProtectExtension.exe
O23 - Service: View Password (ViewPassword) . (...) - C:\Program Files (x86)\View-Password-soft\ViewPassword155.exe =>PUP.ViewPassword
~ Services: 18 Legitimates Filtered in 00mn 07s
---\\ Tarefas planificadas automaticamente (039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\f3ven-chromeinstaller.job [3072]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HDVideo-chromeinstaller.job [3080]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\View Password Update.job [412] =>PUP.ViewPassword
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\View Password_wd.job [416] =>PUP.ViewPassword
[MD5.00000000000000000000000000000000] [APT] [f3ven-chromeinstaller] (...) -- C:\Program Files (x86)\f3ven\f3ven-chromeinstaller.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [HDVideo-chromeinstaller] (...) -- C:\Program Files (x86)\HDVideo\HDVideo-chromeinstaller.exe (.not file.) [0]
[MD5.E88291D6CB7AD093FE1B406FAD1A46DE] [APT] [View Password Update] (...) -- C:\Program Files (x86)\View-Password-soft\View-.exe [248320] =>PUP.ViewPassword
[MD5.C48D3E40239AA459DE81F749484932F5] [APT] [View Password_wd] (...) -- C:\Program Files (x86)\View-Password-soft\ViewPassword_wd.exe [93184] =>PUP.ViewPassword
[MD5.00000000000000000000000000000000] [APT] [{04415692-BC48-49A8-94F6-45CB8951AC87}] (...) -- C:\Program Files (x86)\HDVideo\Uninstall.exe (.not file.) [0]
~ Scheduled Task: 26 Legitimates Filtered in 00mn 07s
---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (badriver) . (.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) - C:\Windows\System32\drivers\badriver.sys
O41 - Driver: (Bfilter) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\windows\system32\drivers\Bfilter.sys =>Adware.BDSearch
O41 - Driver: (Bfmon) . (.Baidu, Inc. - Baidu FS Monitor Driver.) - C:\windows\system32\drivers\Bfmon.sys =>Adware.BDSearch
O41 - Driver: (Bprotect) . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - C:\windows\system32\drivers\Bprotect.sys =>Adware.BDSearch
~ Drivers: 102 Legitimates Filtered in 00mn 28s
---\\ Software instalados (042)
O42 - Logiciel: Save Sense (remove only) - (.SaveSense.) [HKCU][64Bits] -- Save Sense =>PUP.SaveSense
O42 - Logiciel: SaveSense - (.SaveSense.) [HKCU][64Bits] -- SaveSense =>PUP.SaveSense
O42 - Logiciel: melondrea - (.melondrea.) [HKLM][64Bits] -- melondrea =>PUP.Melondrea
~ Logic: 7 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\Baixou Agora]
[HKCU\Software\Filseclab]
[HKCU\Software\ForumerIT] =>Toolbar.Forumer
[HKCU\Software\Industriya]
[HKLM\Software\Wow6432Node\360Safe] =>Trojan.Trojan.Lozavita
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\BaseFlash]
[HKLM\Software\Wow6432Node\Filseclab]
[HKLM\Software\Wow6432Node\HDVideo]
[HKLM\Software\Wow6432Node\Industriya]
[HKLM\Software\Wow6432Node\ProtectExtension]
[HKLM\Software\Wow6432Node\f3ven]
~ Key Software: 164 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 04/03/2014 - 20:22:47 - [110,806] ----D C:\Program Files (x86)\Baidu Security =>Adware.BDSearch
O43 - CFD: 04/03/2014 - 15:26:55 - [4,976] ----D C:\Program Files (x86)\Baixou Agora App
O43 - CFD: 03/05/2013 - 10:36:55 - [2,642] ----D C:\Program Files (x86)\BPesq
O43 - CFD: 04/03/2014 - 23:12:44 - [0] ----D C:\Program Files (x86)\melondrea =>PUP.Melondrea
O43 - CFD: 09/02/2014 - 15:22:00 - [1,511] ----D C:\Program Files (x86)\Scpad
O43 - CFD: 04/03/2014 - 17:23:14 - [1,123] ----D C:\Program Files (x86)\View-Password-soft =>PUP.ViewPassword
O43 - CFD: 04/03/2014 - 14:00:39 - [0] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 26/06/2013 - 18:39:55 - [2,822] ----D C:\Users\Aderlei\AppData\Roaming\Baidu Security =>Adware.BDSearch
O43 - CFD: 04/03/2014 - 15:29:27 - [0,164] ----D C:\Users\Aderlei\AppData\Roaming\BaseFlash
O43 - CFD: 04/03/2014 - 14:43:51 - [1,442] ----D C:\Users\Aderlei\AppData\Roaming\ProtectExtension
~ Program Folder: 138 Legitimates Filtered in 00mn 29s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 04/03/2014 - 14:47:51 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032] =>Adware.BDSearch
O44 - LFC:[MD5.DFC1681F6645CB2AEA83897588F05362] - 04/03/2014 - 14:47:51 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624] =>Adware.BDSearch
O44 - LFC:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 04/03/2014 - 14:47:52 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992] =>Adware.BDSearch
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 05/03/2014 - 10:33:58 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.9AA597B3B8286301E4AD347F42477A86] - 05/03/2014 - 11:07:53 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [147864]
O44 - LFC:[MD5.AC942B3F4E9B38EC17D013D55181E37C] - 05/03/2014 - 11:07:53 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [706024]
O44 - LFC:[MD5.2DBAC9B1E6BDC3C231BD49C724369D89] - 05/03/2014 - 12:04:27 ---A- . (...) -- C:\zoek-results.log [19876]
O44 - LFC:[MD5.1F6195F7F0B2AD16F19CA7472F330273] - 19/02/2014 - 17:57:50 ---A- . (.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\badriver.sys [44520]
~ Files: 15 Legitimates Filtered in 00mn 02s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.F338F29E06D24AC1C162131C1C908FB5] - 19/06/2013 - 19:51:44 R--A- . (.360.cn - 360HipsOEM.) -- C:\Windows\System32\Drivers\360FltOEM.sys [288688]
O58 - SDL:[MD5.449D90F1FB6402773C2F1ECCEAE15F74] - 04/12/2011 - 21:22:58 ---A- . (.Windows (R) Win 7 DDK provider - Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual A.) -- C:\Windows\System32\Drivers\AmpPal.sys [195584]
O58 - SDL:[MD5.1F6195F7F0B2AD16F19CA7472F330273] - 19/02/2014 - 17:57:50 ---A- . (.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\badriver.sys [44520]
O58 - SDL:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 21/01/2014 - 11:14:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032] =>Adware.BDSearch
O58 - SDL:[MD5.DFC1681F6645CB2AEA83897588F05362] - 21/01/2014 - 11:14:50 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624] =>Adware.BDSearch
O58 - SDL:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992] =>Adware.BDSearch
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 18 Legitimates Filtered in 00mn 06s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 19/02/2014 - C:\Windows\System32\drivers\badriver.sys (badriver) .(.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) - LEGACY_BADRIVER
O64 - Services: CurCS - 21/01/2014 - C:\windows\system32\drivers\Bfilter.sys (Bfilter) .(.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - LEGACY_BFILTER =>Adware.BDSearch
O64 - Services: CurCS - 21/01/2014 - C:\windows\system32\drivers\Bfmon.sys (Bfmon) .(.Baidu, Inc. - Baidu FS Monitor Driver.) - LEGACY_BFMON =>Adware.BDSearch
O64 - Services: CurCS - 21/01/2014 - C:\windows\system32\drivers\Bprotect.sys (Bprotect) .(.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - LEGACY_BPROTECT =>Adware.BDSearch
O64 - Services: CurCS - 07/02/2014 - C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\IPSDefs\20140303.001\IDSvia64.sys (IDSVia64) .(.Symantec Corporation - IDS Core Driver.) - LEGACY_IDSVIA64
O64 - Services: CurCS - 04/06/2011 - C:\Windows\System32\DRIVERS\nvpciflt.sys (nvpciflt) .(.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) - LEGACY_NVPCIFLT
~ Legacy: 98 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] d6ec5a97-dbd0-46b3-9c44-5b0e1240c6be - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "092BFC7DE001B504E8793801482880CB" . (.Lista Telefônica Online.) -- C:\windows\Installer\{D7CFB290-100E-405B-8E97-8310848208BC}\ARPPRODUCTICON.exe
O90 - PUC: "A6F040E19CD6FCD418C9CFEF27B00679" . (.Assistente Pimaco.) -- C:\windows\Installer\{1E040F6A-6DC9-4DCF-819C-FCFE720B6097}\Pimaco_2.exe
~ Update Products: 463 Legitimates Filtered in 00mn 00s
---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.E6E4A12D596AD8934FDD2DE83EAEE537] [WIS][24/08/2013] (.Pimaco - Assistente Pimaco.) -- C:\Windows\Installer\24716b.msi [273920]
~ WIS: 464 Legitimates Filtered in 01mn 05s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 05/03/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 10/07/1658 0 | (bavsvc) . (...) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bavsvc.exe =>Adware.BDSearch
SS - | Auto 10/07/1658 0 | (bhipssvc) . (...) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bhipssvc.exe =>Adware.BDSearch
SS - | Demand 03/06/2010 246520 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe
SS - | Demand 15/04/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 15/04/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 04/03/2014 118896 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 01/03/2011 27648 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Disabled 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 04/12/2011 659968 | (AMPPALR3) . (.Intel Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
SR - | Auto 14/11/2011 921664 | (Bluetooth Device Monitor) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
SR - | Demand 14/11/2011 1355840 | (Bluetooth Media Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
SR - | Auto 14/11/2011 995392 | (Bluetooth OBEX Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
SR - | Auto 04/12/2011 135952 | (BTHSSecurityMgr) . (.Intel(R) Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
SR - | Auto 02/03/2007 81920 | (FirebirdGuardianDefaultInstance) . (.FirebirdSQL Project.) - C:\Program Files (x86)\Firebird\Firebird_2_0\bin\fbguard.exe
SR - | Demand 02/03/2007 1994752 | (FirebirdServerDefaultInstance) . (.FirebirdSQL Project.) - C:\Program Files (x86)\Firebird\Firebird_2_0\bin\fbserver.exe
SR - | Auto 05/05/2011 326424 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 08/10/2013 275696 | (NIS) . (.Symantec Corporation.) - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
SR - | Auto 01/06/2010 2804568 | (NOBU) . (.Symantec Corporation.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe =>.Symantec Corporation
SR - | Auto 04/06/2011 993896 | (NVSvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe
SR - | Auto 04/06/2011 1997416 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
SR - | Auto 01/12/2009 244904 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
SR - | Auto 13/02/2012 31624 | (SamsungDeviceConfigurationWinService) . (...) - C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
SR - | Auto 24/10/2012 360624 | (scpVista) . (.Banco Bradesco S.A..) - C:\Program Files (x86)\Scpad\scpVista.exe
SR - | Auto 21/02/2014 65024 | (srvProtectExtension) . (...) - C:\Users\Aderlei\AppData\Roaming\ProtectExtension\protect\ProtectExtension.exe
SR - | Auto 05/05/2011 2656536 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 04/03/2014 194560 | (ViewPassword) . (...) - C:\Program Files (x86)\View-Password-soft\ViewPassword155.exe =>PUP.ViewPassword
SR - | Auto 01/03/2011 27648 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 01mn 08s
---\\ Scâner Aditional (088)
Database Version : 13031 - (03/03/2014)
Clés trouvées (Keys found) : 12
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 5
Fichiers trouvés (Files found) : 9
[HKLM\SYSTEM\CurrentControlSet\Services\bavsvc] =>Adware.BDSearch^
[HKLM\SYSTEM\CurrentControlSet\Services\bhipssvc] =>Adware.BDSearch^
[HKLM\SYSTEM\CurrentControlSet\Services\ViewPassword] =>PUP.ViewPassword^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Save Sense] =>PUP.SaveSense^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SaveSense] =>PUP.SaveSense^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\melondrea] =>PUP.Melondrea^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Wow6432Node\360Safe] =>Trojan.Lozavita
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211671166}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110211671166}] =>PUP.CrossRider
C:\Program Files (x86)\Baidu Security =>Adware.BDSearch^
C:\Program Files (x86)\melondrea =>PUP.Melondrea^
C:\Program Files (x86)\View-Password-soft =>PUP.ViewPassword^
C:\ProgramData\Baidu Security =>Adware.BDSearch^
C:\Users\Aderlei\AppData\Roaming\Baidu Security =>Adware.BDSearch^
C:\Program Files (x86)\View-Password-soft\ViewPassword_wd.exe =>PUP.ViewPassword^
C:\Program Files (x86)\View-Password-soft\ViewPassword155.exe =>PUP.ViewPassword^
C:\Windows\Tasks\View Password Update.job =>PUP.ViewPassword^
C:\Windows\Tasks\View Password_wd.job =>PUP.ViewPassword^
C:\Program Files (x86)\View-Password-soft\View-.exe =>PUP.ViewPassword^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKCU\Software\ForumerIT] =>Toolbar.Forumer^
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch^
~ Additionnel Scan: 264097 Items scanned in 00mn 20s
---\\ Sumário das deteções encontradas na sua estação
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.ViewPassword
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.Proxy
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SaveSense
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Melondrea
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.Forumer
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.Lozavita
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Tarma
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.Lozavita
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.CrossRider
~ MSI: 10 link(s) detected in 00mn 21s
~ 1420 Legitimates filtered by white list
End of the scan (544 lines in 03mn 11s)(0)
Aderlei Santana- Iniciante
- Mensagens : 17
Reputação : 0
Data de inscrição : 04/03/2014
Re: Não consigo remover o ads by View-Password do meu notebook
por Power Max Qua 05 Mar 2014, 12:51
No seu PC está instalado o Baidu, que é um antivirus meio ruim na minha opinião, você quer continuar com ele ou podemos remover?
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Não consigo remover o ads by View-Password do meu notebook
por Aderlei Santana Qua 05 Mar 2014, 12:53
No meu PC eu uso o NORTON, o Baidu é o anti virus que vem em todos os downloads que eu realizo... Vamos remover!! Mas o NORTON continuará certo? Você acha que nós vamos conseguir resolver o PC dos ''Ads by ViewPassword''?
Aderlei Santana- Iniciante
- Mensagens : 17
Reputação : 0
Data de inscrição : 04/03/2014
Re: Não consigo remover o ads by View-Password do meu notebook
por Power Max Qua 05 Mar 2014, 13:03
Acesse o site [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e envie estes arquivos destacados em negrito abaixo para serem analisados um de cada vez (se aparecer uma mensagem dizendo que já foram analisados peça para analisar novamente):C:\Program Files (x86)\Baixou Agora App\BaixouAgora.exe
C:\Users\Aderlei\AppData\Roaming\ProtectExtension\protect\ProtectExtension.exe
C:\Program Files (x86)\BPesq\BPesq.exe
C:\Making\Sistema\Santana.exe
Depois disto você posta os links com os resultados das análises acima juntamente com o relatório do ZHPFix.
_________________________________________________________________________________________
Copie todo o texto destacado em vermelho que te passei (começando em script zhpfix e indo até SysRestore)_____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Abra o Zhpfix > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas. Copie este relatório e poste em sua próxima resposta juntamente com os links das análises dos arquivos no site Virus Total.
Última edição por Power Max em Dom 23 Mar 2014, 22:17, editado 3 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Não consigo remover o ads by View-Password do meu notebook
por Aderlei Santana Qua 05 Mar 2014, 13:14
Desculpe não entendi o ''Acesse o site e envie estes arquivos destacados em negrito abaixo para serem analisados um de cada vez (se aparecer uma mensagem dizendo que já foram analisados peça para analisar novamente):'' Qual site? e serem analisados onde? obg
Aderlei Santana- Iniciante
- Mensagens : 17
Reputação : 0
Data de inscrição : 04/03/2014
Re: Não consigo remover o ads by View-Password do meu notebook
por Power Max Qua 05 Mar 2014, 13:16
Desculpe-me, tinha esquecido de citar o link: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]Aderlei Santana escreveu:Desculpe não entendi o ''Acesse o site e envie estes arquivos destacados em negrito abaixo para serem analisados um de cada vez (se aparecer uma mensagem dizendo que já foram analisados peça para analisar novamente):'' Qual site? e serem analisados onde? obg
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Não consigo remover o ads by View-Password do meu notebook
por Aderlei Santana Qua 05 Mar 2014, 13:33
AEEEEEEEEEEEEEEE... CONSEGUIMOS!!!!!!!!!!! PROBLEMA RESOLVIDO!!! CARA, EU NÃO TENHO PALAVRAS PARA TE AGRADECER, MUITO OBRIGADO MESMO... EU FICO FELIZ EM SABER QUE NO MUNDO EXISTAM PESSOAS DISPOSTAS AJUDAR DE TODAS AS MANEIRAS POSSÍVEIS!! PARABÉNS POR TUDO!!!
EM RELAÇÃO A ANALISE DOS ARQUIVOS PELO SITE, AINDA É NECESSÁRIO? SE UM... DEVE SER FEITO ARQUIVO POR ARQUIVO DENTRO DA PASTA?
É NECESSÁRIO QUE EU TE ENVIE O RELATÓRIO?
OBRIGADOOOOOOOOO
EM RELAÇÃO A ANALISE DOS ARQUIVOS PELO SITE, AINDA É NECESSÁRIO? SE UM... DEVE SER FEITO ARQUIVO POR ARQUIVO DENTRO DA PASTA?
É NECESSÁRIO QUE EU TE ENVIE O RELATÓRIO?
OBRIGADOOOOOOOOO
Aderlei Santana- Iniciante
- Mensagens : 17
Reputação : 0
Data de inscrição : 04/03/2014
Re: Não consigo remover o ads by View-Password do meu notebook
por Power Max Qua 05 Mar 2014, 13:34
Sim, poste o relatório do ZHPFix e os links dos arquivos suspeitos, por gentileza,
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Os arquivos suspeito ainda vou demorar um pouco, por enquanto nenhuma ameaça detectada!!
por Aderlei Santana Qua 05 Mar 2014, 13:36
Rapport de ZHPFix 2014.2.16.5 par Nicolas Coolman, Update du 16/02/2014
Fichier d'export Registre :
Run by Aderlei at 05/03/2014 13:24:33
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Reciclagem vazia (00mn 05s)
Reparação de atalhos do navegador
========== Processo memória ==========
ELIMINA REINICIAR: Memory Process: C:\Program Files (x86)\View-Password-soft\ViewPassword_wd.exe
ELIMINA REINICIAR: Memory Process: C:\Program Files (x86)\View-Password-soft\ViewPassword155.exe
ELIMINÉ: Memory Process: C:\Program Files (x86)\View-Password-soft\View-.exe
ELIMINÉ: Memory Process: C:\Program Files (x86)\View-Password-soft\ViewPassword_wd.exe
========== Estado dos serviços ==========
BFILTER Parado
BFMON Parado
BPROTECT Parado
========== Chaves do Registo ==========
ELIMINÉ: Service: bavsvc
ELIMINÉ: Service: bhipssvc
ELIMINÉ: Service: ViewPassword
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bprotect
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKCU\Software\ForumerIT
ELIMINÉ: HKCU\Software\Industriya
ELIMINÉ: HKLM\Software\Wow6432Node\360Safe
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu_Drp_pos
ELIMINÉ: HKLM\Software\Wow6432Node\Industriya
ELIMINÉ: HKLM\Software\Wow6432Node\f3ven
ELIMINÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Save Sense
ELIMINÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SaveSense
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\melondrea
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus
ELIMINÉ: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211671166}
ELIMINÉ: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110211671166}
========== Valores do Registo ==========
ELIMINÉ RunValue: SynTPEnh
ELIMINÉ RunValue: fst_br_82
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
========== Elementos dos dados do Registo ==========
ELIMINÉ: R1 Search Page =
========== Preferências do navegador ==========
ELIMINÉ Folder Chrome: C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhokfmhpdoppcompklkineedkmhinhdf
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ: c:\users\aderlei\appdata\local\google\chrome\user data\default\preferences
ELIMINÉ: c:\program files (x86)\view-password-soft\viewpassword155.exe
ELIMINÉ: c:\windows\tasks\f3ven-chromeinstaller.job
ELIMINÉ: c:\windows\tasks\hdvideo-chromeinstaller.job
ELIMINÉ: c:\windows\tasks\view password update.job
ELIMINÉ: c:\windows\tasks\view password_wd.job
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINÉ Temporários windows (125) (1.783.791 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Tarefa planificada ==========
ELIMINÉ: f3ven-chromeinstaller
ELIMINÉ: f3ven-chromeinstaller
ELIMINÉ: HDVideo-chromeinstaller
ELIMINÉ: HDVideo-chromeinstaller
ELIMINÉ: View Password Update
ELIMINÉ: View Password Update
ELIMINÉ: View Password_wd
ELIMINÉ: View Password_wd
ELIMINÉ: {04415692-BC48-49A8-94F6-45CB8951AC87}
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
4 : Processo memória
22 : Chaves do Registo
8 : Valores do Registo
1 : Elementos dos dados do Registo
1 : Pastas
11 : Ficheiros
1 : Preferências do navegador
3 : Estado dos serviços
9 : Tarefa planificada
1 : Restauração Sistema
End of clean in 01mn 00s
========== Caminho do ficheiro do relatório ==========
C:\Users\Aderlei\AppData\Roaming\ZHP\ZHPFix[R1].txt - 05/03/2014 13:24:38 [4307]
Fichier d'export Registre :
Run by Aderlei at 05/03/2014 13:24:33
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Reciclagem vazia (00mn 05s)
Reparação de atalhos do navegador
========== Processo memória ==========
ELIMINA REINICIAR: Memory Process: C:\Program Files (x86)\View-Password-soft\ViewPassword_wd.exe
ELIMINA REINICIAR: Memory Process: C:\Program Files (x86)\View-Password-soft\ViewPassword155.exe
ELIMINÉ: Memory Process: C:\Program Files (x86)\View-Password-soft\View-.exe
ELIMINÉ: Memory Process: C:\Program Files (x86)\View-Password-soft\ViewPassword_wd.exe
========== Estado dos serviços ==========
BFILTER Parado
BFMON Parado
BPROTECT Parado
========== Chaves do Registo ==========
ELIMINÉ: Service: bavsvc
ELIMINÉ: Service: bhipssvc
ELIMINÉ: Service: ViewPassword
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bprotect
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKCU\Software\ForumerIT
ELIMINÉ: HKCU\Software\Industriya
ELIMINÉ: HKLM\Software\Wow6432Node\360Safe
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu_Drp_pos
ELIMINÉ: HKLM\Software\Wow6432Node\Industriya
ELIMINÉ: HKLM\Software\Wow6432Node\f3ven
ELIMINÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Save Sense
ELIMINÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SaveSense
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\melondrea
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus
ELIMINÉ: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211671166}
ELIMINÉ: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110211671166}
========== Valores do Registo ==========
ELIMINÉ RunValue: SynTPEnh
ELIMINÉ RunValue: fst_br_82
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
========== Elementos dos dados do Registo ==========
ELIMINÉ: R1 Search Page =
========== Preferências do navegador ==========
ELIMINÉ Folder Chrome: C:\Users\Aderlei\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhokfmhpdoppcompklkineedkmhinhdf
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ: c:\users\aderlei\appdata\local\google\chrome\user data\default\preferences
ELIMINÉ: c:\program files (x86)\view-password-soft\viewpassword155.exe
ELIMINÉ: c:\windows\tasks\f3ven-chromeinstaller.job
ELIMINÉ: c:\windows\tasks\hdvideo-chromeinstaller.job
ELIMINÉ: c:\windows\tasks\view password update.job
ELIMINÉ: c:\windows\tasks\view password_wd.job
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINÉ Temporários windows (125) (1.783.791 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Tarefa planificada ==========
ELIMINÉ: f3ven-chromeinstaller
ELIMINÉ: f3ven-chromeinstaller
ELIMINÉ: HDVideo-chromeinstaller
ELIMINÉ: HDVideo-chromeinstaller
ELIMINÉ: View Password Update
ELIMINÉ: View Password Update
ELIMINÉ: View Password_wd
ELIMINÉ: View Password_wd
ELIMINÉ: {04415692-BC48-49A8-94F6-45CB8951AC87}
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
4 : Processo memória
22 : Chaves do Registo
8 : Valores do Registo
1 : Elementos dos dados do Registo
1 : Pastas
11 : Ficheiros
1 : Preferências do navegador
3 : Estado dos serviços
9 : Tarefa planificada
1 : Restauração Sistema
End of clean in 01mn 00s
========== Caminho do ficheiro do relatório ==========
C:\Users\Aderlei\AppData\Roaming\ZHP\ZHPFix[R1].txt - 05/03/2014 13:24:38 [4307]
Aderlei Santana- Iniciante
- Mensagens : 17
Reputação : 0
Data de inscrição : 04/03/2014
Re: Não consigo remover o ads by View-Password do meu notebook
por Power Max Qua 05 Mar 2014, 13:37
Falta só os links das análises dos arquivos.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Conteúdo patrocinado
Página 1 de 2 • 1, 2
Tópicos semelhantes» Não consigo remover o ads by View-Password do meu notebook
» Quero tirar o ads by View-Password do meu notebook
» Como remover o View Password
» Remover ads by View-Password windows 8
» Remoção do View Password
» Quero tirar o ads by View-Password do meu notebook
» Como remover o View Password
» Remover ads by View-Password windows 8
» Remoção do View Password
Página 1 de 2
Permissões neste sub-fórum
Não podes responder a tópicos|
|
|