Flux 
Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 17 usuários online :: 0 registrados, 0 invisíveis e 17 visitantes :: 1 motor de buscaNenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
| Power Max |
| |||
| joram |
| |||
| Wings [In Memoriam] |
| |||
| caedurodrigues |
| |||
| Amigo Brasileiro |
| |||
| luizvilarinho |
| |||
| Danii |
| |||
| Admin |
| |||
| Danilo Marsaro |
| |||
| Andreata |
|
Como remover ícone que foi colocado por vírus?
2 participantes
Página 1 de 1
Como remover ícone que foi colocado por vírus?
por smurff Dom 20 Abr 2014, 19:21
:[2014/04/14 22:37:59 | 000,502,544 | ---- | C] (AppsInstaller) -- C:\Users\Sergio\Desktop\Internet%20Explorer%2010.exe
é um icone executavel que nao pode ser excluido em modo normal havia acontecido anteriormente e foi resolvido dessa forma :
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
mas desta vez nao concegui remover.
é um icone executavel que nao pode ser excluido em modo normal havia acontecido anteriormente e foi resolvido dessa forma :
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
mas desta vez nao concegui remover.
smurff- Membro
- Mensagens : 164
Reputação : 1
Data de inscrição : 09/12/2013
Idade : 46
Localização : videira santa catarina
Re: Como remover ícone que foi colocado por vírus?
por Power Max Dom 20 Abr 2014, 19:41
Olá Smurff. Tente primeiramente fazer assim: Vá no menu: Iniciar > Computador > Área de Trabalho > clique sobre o ícone e escolha a opção de Excluir. Depois nos diga o resultado.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como remover ícone que foi colocado por vírus?
por smurff Dom 20 Abr 2014, 19:47
nao adianta da outra vez foi tentado de todas as formas a unica maneira foi como mostra o topico do link q postei
mas desta vez segui os passos e nao deu certo
mas desta vez segui os passos e nao deu certo
smurff- Membro
- Mensagens : 164
Reputação : 1
Data de inscrição : 09/12/2013
Idade : 46
Localização : videira santa catarina
Re: Como remover ícone que foi colocado por vírus?
por Power Max Dom 20 Abr 2014, 19:49
Você usou o OTL como o Wings lhe passou? Poste o log gerado aqui em seu tópico.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como remover ícone que foi colocado por vírus?
por smurff Dom 20 Abr 2014, 19:55
OTL logfile created on: 20/04/2014 18:39:44 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sergio\Desktop
64bit- Home Basic Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16866)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
1,91 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 52,28% Memory free
3,83 Gb Paging File | 2,29 Gb Available in Paging File | 59,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,25 Gb Total Space | 350,54 Gb Free Space | 77,51% Space Free | Partition Type: NTFS
Drive D: | 13,41 Gb Total Space | 1,66 Gb Free Space | 12,37% Space Free | Partition Type: NTFS
Computer Name: BOLZAN | User Name: Sergio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Files/Folders - Created Within 30 Days ==========
[2014/04/20 18:33:05 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Sergio\Desktop\OTL.com
[2014/04/20 17:05:34 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Sergio\Desktop\HijackThis.vtsafe.exe
[2014/04/20 09:45:10 | 000,000,000 | ---D | C] -- C:\Users\Sergio\Desktop\recoveri azamerias922
[2014/04/20 08:22:00 | 000,000,000 | ---D | C] -- C:\Users\Sergio\Desktop\bamda enigma
[2014/04/19 20:20:56 | 000,000,000 | ---D | C] -- C:\Users\Sergio\Desktop\tres porquinhos
[2014/04/19 18:57:56 | 000,000,000 | ---D | C] -- C:\Users\Sergio\Desktop\VIDEO_TS
[2014/04/19 18:57:56 | 000,000,000 | ---D | C] -- C:\Users\Sergio\Desktop\AUDIO_TS
[2014/04/19 18:57:00 | 000,000,000 | ---D | C] -- C:\Users\Sergio\Documents\CyberLink
[2014/04/19 17:28:13 | 001,017,344 | ---- | C] (The OpenSSL Project, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -- C:\Users\Sergio\Desktop\libeay32.dll
[2014/04/19 13:53:24 | 000,000,000 | ---D | C] -- C:\Users\Sergio\Desktop\dongle_ibox 15-04-2014
[2014/04/19 00:32:31 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/04/18 16:43:32 | 000,000,000 | ---D | C] -- C:\Users\Sergio\Desktop\Step 2
[2014/04/18 16:43:32 | 000,000,000 | ---D | C] -- C:\Users\Sergio\Desktop\Step 1
[2014/04/18 12:56:57 | 000,000,000 | ---D | C] -- C:\Users\Sergio\Desktop\Loader S806 S807 S810 S810b
[2014/04/18 08:11:08 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/04/18 08:11:08 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/04/18 08:11:07 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/04/18 08:11:07 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/04/18 08:11:07 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/04/18 08:11:05 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/04/18 08:11:05 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/04/18 08:11:03 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/04/18 08:11:02 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/04/18 08:11:01 | 003,959,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/04/18 08:11:00 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/04/18 08:11:00 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/04/18 08:11:00 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/04/18 08:10:59 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/04/18 08:10:59 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/04/18 08:10:59 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/04/18 08:10:59 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/04/17 23:22:57 | 000,000,000 | ---D | C] -- C:\Users\Sergio\AppData\Roaming\SupTab
[2014/04/17 23:22:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SupTab
[2014/04/17 23:22:56 | 000,000,000 | ---D | C] -- C:\ProgramData\IePluginService
[2014/04/17 23:22:50 | 000,000,000 | ---D | C] -- C:\ProgramData\WPM
[2014/04/17 23:22:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Marcos Velasco Security
[2014/04/17 23:22:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Marcos Velasco Security
[2014/04/17 23:22:29 | 000,000,000 | ---D | C] -- C:\Users\Sergio\AppData\Roaming\qone8
[2014/04/17 23:22:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\bettermarkit-soft
[2014/04/17 23:21:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IminentToolbar
[2014/04/17 23:21:48 | 000,000,000 | ---D | C] -- C:\Users\Sergio\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
[2014/04/17 23:21:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Umbrella
[2014/04/17 23:21:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Iminent
[2014/04/17 23:21:22 | 000,000,000 | ---D | C] -- C:\Users\Sergio\AppData\Local\ZombieAlert
[2014/04/17 23:21:09 | 000,000,000 | ---D | C] -- C:\ProgramData\ZombieAlert
[2014/04/17 22:36:19 | 000,000,000 | ---D | C] -- C:\Users\Sergio\Desktop\smartII loaderabril 2014
[2014/04/16 22:34:48 | 000,000,000 | ---D | C] -- C:\Users\Sergio\AppData\Roaming\Baidu
[2014/04/16 22:34:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Baidu Security
[2014/04/16 22:34:36 | 000,000,000 | ---D | C] -- C:\ProgramData\baidu
[2014/04/16 22:34:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Baidu Security
[2014/04/16 22:34:23 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Baidu
[2014/04/16 22:34:14 | 000,000,000 | ---D | C] -- C:\Program Files\HomeTab
[2014/04/16 22:33:48 | 000,000,000 | ---D | C] -- C:\Users\Sergio\AppData\Local\Mobogenie
[2014/04/16 22:31:58 | 000,000,000 | ---D | C] -- C:\Users\Sergio\AppData\Roaming\Carambis
[2014/04/16 22:31:42 | 000,000,000 | ---D | C] -- C:\Users\Sergio\AppData\Local\TempDIR
[2014/04/14 22:37:59 | 000,502,544 | ---- | C] (AppsInstaller) -- C:\Users\Sergio\Desktop\Internet%20Explorer%2010.exe
[2014/04/12 07:39:01 | 000,000,000 | -HSD | C] -- C:\Users\Sergio\AppData\Local\EmieUserList
[2014/04/12 07:39:01 | 000,000,000 | -HSD | C] -- C:\Users\Sergio\AppData\Local\EmieSiteList
[2014/04/09 18:02:46 | 000,000,000 | ---D | C] -- C:\ProgramData\DuiscOuNtExtensi
[2014/04/09 08:00:16 | 000,190,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014/04/09 08:00:16 | 000,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2014/04/09 08:00:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iologmsg.dll
[2014/04/09 08:00:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll
[2014/04/09 08:00:15 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/04/09 08:00:15 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014/04/09 08:00:15 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014/04/09 08:00:15 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014/04/09 08:00:15 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014/04/09 08:00:15 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014/04/09 08:00:15 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014/04/09 08:00:15 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014/04/09 08:00:15 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014/04/09 08:00:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2014/04/02 20:37:29 | 000,061,112 | ---- | C] (StdLib) -- C:\Windows\SysNative\drivers\wStLibG64.sys
[2014/04/02 19:03:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Supporter
[2014/04/02 19:00:40 | 000,000,000 | ---D | C] -- C:\Users\Sergio\AppData\Local\Packages
[2014/04/02 19:00:40 | 000,000,000 | ---D | C] -- C:\ProgramData\df7ed04cb9c932d7
[2014/04/02 19:00:39 | 000,000,000 | ---D | C] -- C:\Users\Sergio\AppData\Local\Comodo
[2014/03/29 23:07:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/03/28 23:25:34 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
[2014/03/28 23:25:29 | 000,000,000 | ---D | C] -- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
[2014/03/28 23:25:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
[2014/03/28 23:24:56 | 000,000,000 | ---D | C] -- C:\Users\Sergio\.android
[2014/03/28 23:24:55 | 000,000,000 | ---D | C] -- C:\Users\Sergio\AppData\Local\cache
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/04/20 18:33:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sergio\Desktop\OTL.com
[2014/04/20 18:30:14 | 000,000,432 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2014/04/20 17:05:35 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Sergio\Desktop\HijackThis.vtsafe.exe
[2014/04/20 17:01:30 | 000,022,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/20 17:01:30 | 000,022,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/20 17:00:07 | 004,486,688 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
[2014/04/20 17:00:07 | 004,430,046 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/04/20 17:00:07 | 003,757,680 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
[2014/04/20 17:00:07 | 003,731,170 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/04/20 17:00:07 | 000,006,254 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/04/20 16:58:43 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForSergio.job
[2014/04/20 16:53:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/20 16:53:27 | 1541,767,168 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/20 10:27:16 | 002,074,826 | ---- | M] () -- C:\Users\Sergio\Desktop\azamerica s922_v01_014_usb-140205-by-parceiros-dos-decos.rar
[2014/04/20 09:44:44 | 001,891,149 | ---- | M] () -- C:\Users\Sergio\Desktop\S922_MP_4M_ROM_120109.zip
[2014/04/20 09:44:22 | 000,178,837 | ---- | M] () -- C:\Users\Sergio\Desktop\S922_PC_Recovery_Tool.rar
[2014/04/18 20:11:57 | 000,670,769 | ---- | M] () -- C:\Users\Sergio\Desktop\Dongle Upgrade Tool.rar
[2014/04/18 16:43:25 | 004,212,500 | ---- | M] () -- C:\Users\Sergio\Desktop\S925 az america 09_04_14.rar
[2014/04/18 12:56:41 | 000,203,825 | ---- | M] () -- C:\Users\Sergio\Desktop\Loader S806 S807 S810 S810b.rar
[2014/04/17 22:36:01 | 002,443,267 | ---- | M] () -- C:\Users\Sergio\Desktop\dongle smart 2-16-04-2014-by-parceiros-dos-decos.rar
[2014/04/17 22:30:40 | 007,733,304 | ---- | M] () -- C:\Users\Sergio\Desktop\Globalsat_GS300_V1.68_14042014.bin
[2014/04/17 18:35:18 | 000,203,627 | ---- | M] () -- C:\Users\Sergio\Desktop\S810_AZ-Loader.rar
[2014/04/16 22:34:56 | 000,000,029 | ---- | M] () -- C:\Windows\SysWow64\config.ini
[2014/04/16 18:41:32 | 000,063,294 | ---- | M] () -- C:\Users\Sergio\Desktop\10177951_323631321095438_8771802658022131698_n.jpg
[2014/04/15 10:10:02 | 002,173,139 | ---- | M] () -- C:\Users\Sergio\Desktop\mg3hd plus sat recovery.zip
[2014/04/14 22:37:59 | 000,502,544 | ---- | M] (AppsInstaller) -- C:\Users\Sergio\Desktop\Internet%20Explorer%2010.exe
[2014/04/11 13:20:17 | 001,048,576 | ---- | M] () -- C:\Users\Sergio\Desktop\Power_Dump_Mbox_New_Ibox.bin
[2014/04/06 22:54:00 | 000,019,483 | ---- | M] () -- C:\Users\Sergio\Documents\tutorial-do-igo-2014.rar
[2014/04/04 07:38:50 | 000,842,221 | ---- | M] () -- C:\Users\Sergio\Desktop\DuoActivation.rar
[2014/04/02 20:37:29 | 000,061,112 | ---- | M] (StdLib) -- C:\Windows\SysNative\drivers\wStLibG64.sys
[2014/03/28 07:40:40 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/28 07:40:40 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/04/20 10:27:42 | 003,997,764 | ---- | C] () -- C:\Users\Sergio\Desktop\S922_V01_014_USB-140205.BIN
[2014/04/20 10:27:37 | 002,074,826 | ---- | C] () -- C:\Users\Sergio\Desktop\azamerica s922_v01_014_usb-140205-by-parceiros-dos-decos.rar
[2014/04/20 10:24:11 | 005,556,425 | ---- | C] () -- C:\Users\Sergio\Documents\perto de mim.mp3
[2014/04/20 10:24:11 | 005,044,150 | ---- | C] () -- C:\Users\Sergio\Documents\thiaguinho - buquê de flores.mp3
[2014/04/20 10:23:58 | 008,381,793 | ---- | C] () -- C:\Users\Sergio\Documents\marcos e belutti irracional[1].mp3
[2014/04/20 10:23:58 | 005,391,367 | ---- | C] () -- C:\Users\Sergio\Documents\luan_santana_-_te_vejo_linda_-_lanÇamento_top_2013_-_dvd_2013.mp3
[2014/04/20 09:44:44 | 001,891,149 | ---- | C] () -- C:\Users\Sergio\Desktop\S922_MP_4M_ROM_120109.zip
[2014/04/20 09:44:26 | 000,178,837 | ---- | C] () -- C:\Users\Sergio\Desktop\S922_PC_Recovery_Tool.rar
[2014/04/19 17:28:09 | 000,842,221 | ---- | C] () -- C:\Users\Sergio\Desktop\DuoActivation.rar
[2014/04/18 20:12:12 | 000,646,034 | ---- | C] () -- C:\Users\Sergio\Desktop\ProOne100_20130205.sks
[2014/04/18 20:12:12 | 000,151,552 | ---- | C] () -- C:\Users\Sergio\Desktop\Dongle Upgrade Tool.exe
[2014/04/18 20:12:00 | 000,670,769 | ---- | C] () -- C:\Users\Sergio\Desktop\Dongle Upgrade Tool.rar
[2014/04/18 19:00:03 | 001,048,576 | ---- | C] () -- C:\Users\Sergio\Desktop\Power_Dump_Mbox_New_Ibox.bin
[2014/04/18 16:43:21 | 004,212,500 | ---- | C] () -- C:\Users\Sergio\Desktop\S925 az america 09_04_14.rar
[2014/04/18 12:54:59 | 000,203,825 | ---- | C] () -- C:\Users\Sergio\Desktop\Loader S806 S807 S810 S810b.rar
[2014/04/17 22:35:25 | 002,443,267 | ---- | C] () -- C:\Users\Sergio\Desktop\dongle smart 2-16-04-2014-by-parceiros-dos-decos.rar
[2014/04/17 22:30:13 | 007,733,304 | ---- | C] () -- C:\Users\Sergio\Desktop\Globalsat_GS300_V1.68_14042014.bin
[2014/04/17 18:35:32 | 000,421,888 | ---- | C] () -- C:\Users\Sergio\Desktop\AZ-Upgrade.exe
[2014/04/17 18:35:32 | 000,000,112 | ---- | C] () -- C:\Users\Sergio\Desktop\vssver.scc
[2014/04/17 18:35:21 | 000,203,627 | ---- | C] () -- C:\Users\Sergio\Desktop\S810_AZ-Loader.rar
[2014/04/16 22:32:13 | 000,000,000 | ---- | C] () -- C:\Users\Sergio\AppData\Local\Web Data
[2014/04/16 18:41:32 | 000,063,294 | ---- | C] () -- C:\Users\Sergio\Desktop\10177951_323631321095438_8771802658022131698_n.jpg
[2014/04/15 10:10:11 | 004,128,768 | ---- | C] () -- C:\Users\Sergio\Desktop\MG3HD(SAT)_Recovery.abs
[2014/04/15 10:10:11 | 000,397,312 | ---- | C] () -- C:\Users\Sergio\Desktop\EromUpgrade.exe
[2014/04/15 10:10:11 | 000,131,072 | ---- | C] () -- C:\Users\Sergio\Desktop\LZMA.EXE
[2014/04/15 10:10:11 | 000,056,412 | ---- | C] () -- C:\Users\Sergio\Desktop\eromclient_128M_32bit_sf.abs
[2014/04/15 10:10:11 | 000,038,408 | ---- | C] () -- C:\Users\Sergio\Desktop\eromclient_M3606.abs
[2014/04/15 10:10:11 | 000,038,408 | ---- | C] () -- C:\Users\Sergio\Desktop\eromclient_M3603.abs
[2014/04/15 10:10:11 | 000,038,408 | ---- | C] () -- C:\Users\Sergio\Desktop\eromclient.abs
[2014/04/15 10:10:11 | 000,002,552 | ---- | C] () -- C:\Users\Sergio\Desktop\config.bat
[2014/04/15 10:10:11 | 000,001,512 | ---- | C] () -- C:\Users\Sergio\Desktop\sdram.ini
[2014/04/15 10:10:11 | 000,001,512 | ---- | C] () -- C:\Users\Sergio\Desktop\ddram_128M_32bit_M3602.ini
[2014/04/15 10:10:11 | 000,001,512 | ---- | C] () -- C:\Users\Sergio\Desktop\ddr_128M_M3606.ini
[2014/04/15 10:10:11 | 000,001,512 | ---- | C] () -- C:\Users\Sergio\Desktop\ddr_128M_M3603.ini
[2014/04/15 10:10:11 | 000,000,326 | ---- | C] () -- C:\Users\Sergio\Desktop\flashburn.ini
[2014/04/15 10:10:02 | 002,173,139 | ---- | C] () -- C:\Users\Sergio\Desktop\mg3hd plus sat recovery.zip
[2014/04/06 22:57:37 | 000,019,483 | ---- | C] () -- C:\Users\Sergio\Documents\tutorial-do-igo-2014.rar
[2014/04/05 07:56:35 | 000,000,336 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForSergio.job
[2014/03/15 20:01:47 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2013/12/15 15:37:33 | 000,000,029 | ---- | C] () -- C:\Windows\SysWow64\config.ini
[2013/01/11 20:00:21 | 000,000,216 | ---- | C] () -- C:\Windows\SysWow64\iCMS.dat
[2013/01/10 21:33:55 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013/01/10 21:33:55 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013/01/10 21:33:55 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2013/01/10 21:33:54 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013/01/10 21:33:52 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013/01/07 22:14:24 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2013/01/07 18:40:29 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012/05/22 02:37:09 | 000,000,196 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2012/05/22 02:17:51 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/05/22 02:17:51 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012/05/22 02:17:51 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012/05/22 02:17:51 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/05/22 02:17:50 | 013,899,776 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
========== ZeroAccess Check ==========
[2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/09/11 09:02:17 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/09/11 09:02:17 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 00:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sergio\Desktop
64bit- Home Basic Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16866)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
1,91 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 52,28% Memory free
3,83 Gb Paging File | 2,29 Gb Available in Paging File | 59,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,25 Gb Total Space | 350,54 Gb Free Space | 77,51% Space Free | Partition Type: NTFS
Drive D: | 13,41 Gb Total Space | 1,66 Gb Free Space | 12,37% Space Free | Partition Type: NTFS
Computer Name: BOLZAN | User Name: Sergio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Files/Folders - Created Within 30 Days ==========
[2014/04/20 18:33:05 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Sergio\Desktop\OTL.com
[2014/04/20 17:05:34 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Sergio\Desktop\HijackThis.vtsafe.exe
[2014/04/20 09:45:10 | 000,000,000 | ---D | C] -- C:\Users\Sergio\Desktop\recoveri azamerias922
[2014/04/20 08:22:00 | 000,000,000 | ---D | C] -- C:\Users\Sergio\Desktop\bamda enigma
[2014/04/19 20:20:56 | 000,000,000 | ---D | C] -- C:\Users\Sergio\Desktop\tres porquinhos
[2014/04/19 18:57:56 | 000,000,000 | ---D | C] -- C:\Users\Sergio\Desktop\VIDEO_TS
[2014/04/19 18:57:56 | 000,000,000 | ---D | C] -- C:\Users\Sergio\Desktop\AUDIO_TS
[2014/04/19 18:57:00 | 000,000,000 | ---D | C] -- C:\Users\Sergio\Documents\CyberLink
[2014/04/19 17:28:13 | 001,017,344 | ---- | C] (The OpenSSL Project, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -- C:\Users\Sergio\Desktop\libeay32.dll
[2014/04/19 13:53:24 | 000,000,000 | ---D | C] -- C:\Users\Sergio\Desktop\dongle_ibox 15-04-2014
[2014/04/19 00:32:31 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/04/18 16:43:32 | 000,000,000 | ---D | C] -- C:\Users\Sergio\Desktop\Step 2
[2014/04/18 16:43:32 | 000,000,000 | ---D | C] -- C:\Users\Sergio\Desktop\Step 1
[2014/04/18 12:56:57 | 000,000,000 | ---D | C] -- C:\Users\Sergio\Desktop\Loader S806 S807 S810 S810b
[2014/04/18 08:11:08 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/04/18 08:11:08 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/04/18 08:11:07 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/04/18 08:11:07 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/04/18 08:11:07 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/04/18 08:11:05 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/04/18 08:11:05 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/04/18 08:11:03 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/04/18 08:11:02 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/04/18 08:11:01 | 003,959,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/04/18 08:11:00 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/04/18 08:11:00 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/04/18 08:11:00 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/04/18 08:10:59 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/04/18 08:10:59 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/04/18 08:10:59 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/04/18 08:10:59 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/04/17 23:22:57 | 000,000,000 | ---D | C] -- C:\Users\Sergio\AppData\Roaming\SupTab
[2014/04/17 23:22:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SupTab
[2014/04/17 23:22:56 | 000,000,000 | ---D | C] -- C:\ProgramData\IePluginService
[2014/04/17 23:22:50 | 000,000,000 | ---D | C] -- C:\ProgramData\WPM
[2014/04/17 23:22:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Marcos Velasco Security
[2014/04/17 23:22:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Marcos Velasco Security
[2014/04/17 23:22:29 | 000,000,000 | ---D | C] -- C:\Users\Sergio\AppData\Roaming\qone8
[2014/04/17 23:22:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\bettermarkit-soft
[2014/04/17 23:21:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IminentToolbar
[2014/04/17 23:21:48 | 000,000,000 | ---D | C] -- C:\Users\Sergio\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
[2014/04/17 23:21:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Umbrella
[2014/04/17 23:21:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Iminent
[2014/04/17 23:21:22 | 000,000,000 | ---D | C] -- C:\Users\Sergio\AppData\Local\ZombieAlert
[2014/04/17 23:21:09 | 000,000,000 | ---D | C] -- C:\ProgramData\ZombieAlert
[2014/04/17 22:36:19 | 000,000,000 | ---D | C] -- C:\Users\Sergio\Desktop\smartII loaderabril 2014
[2014/04/16 22:34:48 | 000,000,000 | ---D | C] -- C:\Users\Sergio\AppData\Roaming\Baidu
[2014/04/16 22:34:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Baidu Security
[2014/04/16 22:34:36 | 000,000,000 | ---D | C] -- C:\ProgramData\baidu
[2014/04/16 22:34:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Baidu Security
[2014/04/16 22:34:23 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Baidu
[2014/04/16 22:34:14 | 000,000,000 | ---D | C] -- C:\Program Files\HomeTab
[2014/04/16 22:33:48 | 000,000,000 | ---D | C] -- C:\Users\Sergio\AppData\Local\Mobogenie
[2014/04/16 22:31:58 | 000,000,000 | ---D | C] -- C:\Users\Sergio\AppData\Roaming\Carambis
[2014/04/16 22:31:42 | 000,000,000 | ---D | C] -- C:\Users\Sergio\AppData\Local\TempDIR
[2014/04/14 22:37:59 | 000,502,544 | ---- | C] (AppsInstaller) -- C:\Users\Sergio\Desktop\Internet%20Explorer%2010.exe
[2014/04/12 07:39:01 | 000,000,000 | -HSD | C] -- C:\Users\Sergio\AppData\Local\EmieUserList
[2014/04/12 07:39:01 | 000,000,000 | -HSD | C] -- C:\Users\Sergio\AppData\Local\EmieSiteList
[2014/04/09 18:02:46 | 000,000,000 | ---D | C] -- C:\ProgramData\DuiscOuNtExtensi
[2014/04/09 08:00:16 | 000,190,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014/04/09 08:00:16 | 000,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2014/04/09 08:00:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iologmsg.dll
[2014/04/09 08:00:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll
[2014/04/09 08:00:15 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/04/09 08:00:15 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014/04/09 08:00:15 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014/04/09 08:00:15 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014/04/09 08:00:15 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014/04/09 08:00:15 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014/04/09 08:00:15 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014/04/09 08:00:15 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014/04/09 08:00:15 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014/04/09 08:00:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2014/04/02 20:37:29 | 000,061,112 | ---- | C] (StdLib) -- C:\Windows\SysNative\drivers\wStLibG64.sys
[2014/04/02 19:03:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Supporter
[2014/04/02 19:00:40 | 000,000,000 | ---D | C] -- C:\Users\Sergio\AppData\Local\Packages
[2014/04/02 19:00:40 | 000,000,000 | ---D | C] -- C:\ProgramData\df7ed04cb9c932d7
[2014/04/02 19:00:39 | 000,000,000 | ---D | C] -- C:\Users\Sergio\AppData\Local\Comodo
[2014/03/29 23:07:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/03/28 23:25:34 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
[2014/03/28 23:25:29 | 000,000,000 | ---D | C] -- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
[2014/03/28 23:25:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
[2014/03/28 23:24:56 | 000,000,000 | ---D | C] -- C:\Users\Sergio\.android
[2014/03/28 23:24:55 | 000,000,000 | ---D | C] -- C:\Users\Sergio\AppData\Local\cache
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/04/20 18:33:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sergio\Desktop\OTL.com
[2014/04/20 18:30:14 | 000,000,432 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2014/04/20 17:05:35 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Sergio\Desktop\HijackThis.vtsafe.exe
[2014/04/20 17:01:30 | 000,022,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/20 17:01:30 | 000,022,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/20 17:00:07 | 004,486,688 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
[2014/04/20 17:00:07 | 004,430,046 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/04/20 17:00:07 | 003,757,680 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
[2014/04/20 17:00:07 | 003,731,170 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/04/20 17:00:07 | 000,006,254 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/04/20 16:58:43 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForSergio.job
[2014/04/20 16:53:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/20 16:53:27 | 1541,767,168 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/20 10:27:16 | 002,074,826 | ---- | M] () -- C:\Users\Sergio\Desktop\azamerica s922_v01_014_usb-140205-by-parceiros-dos-decos.rar
[2014/04/20 09:44:44 | 001,891,149 | ---- | M] () -- C:\Users\Sergio\Desktop\S922_MP_4M_ROM_120109.zip
[2014/04/20 09:44:22 | 000,178,837 | ---- | M] () -- C:\Users\Sergio\Desktop\S922_PC_Recovery_Tool.rar
[2014/04/18 20:11:57 | 000,670,769 | ---- | M] () -- C:\Users\Sergio\Desktop\Dongle Upgrade Tool.rar
[2014/04/18 16:43:25 | 004,212,500 | ---- | M] () -- C:\Users\Sergio\Desktop\S925 az america 09_04_14.rar
[2014/04/18 12:56:41 | 000,203,825 | ---- | M] () -- C:\Users\Sergio\Desktop\Loader S806 S807 S810 S810b.rar
[2014/04/17 22:36:01 | 002,443,267 | ---- | M] () -- C:\Users\Sergio\Desktop\dongle smart 2-16-04-2014-by-parceiros-dos-decos.rar
[2014/04/17 22:30:40 | 007,733,304 | ---- | M] () -- C:\Users\Sergio\Desktop\Globalsat_GS300_V1.68_14042014.bin
[2014/04/17 18:35:18 | 000,203,627 | ---- | M] () -- C:\Users\Sergio\Desktop\S810_AZ-Loader.rar
[2014/04/16 22:34:56 | 000,000,029 | ---- | M] () -- C:\Windows\SysWow64\config.ini
[2014/04/16 18:41:32 | 000,063,294 | ---- | M] () -- C:\Users\Sergio\Desktop\10177951_323631321095438_8771802658022131698_n.jpg
[2014/04/15 10:10:02 | 002,173,139 | ---- | M] () -- C:\Users\Sergio\Desktop\mg3hd plus sat recovery.zip
[2014/04/14 22:37:59 | 000,502,544 | ---- | M] (AppsInstaller) -- C:\Users\Sergio\Desktop\Internet%20Explorer%2010.exe
[2014/04/11 13:20:17 | 001,048,576 | ---- | M] () -- C:\Users\Sergio\Desktop\Power_Dump_Mbox_New_Ibox.bin
[2014/04/06 22:54:00 | 000,019,483 | ---- | M] () -- C:\Users\Sergio\Documents\tutorial-do-igo-2014.rar
[2014/04/04 07:38:50 | 000,842,221 | ---- | M] () -- C:\Users\Sergio\Desktop\DuoActivation.rar
[2014/04/02 20:37:29 | 000,061,112 | ---- | M] (StdLib) -- C:\Windows\SysNative\drivers\wStLibG64.sys
[2014/03/28 07:40:40 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/28 07:40:40 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/04/20 10:27:42 | 003,997,764 | ---- | C] () -- C:\Users\Sergio\Desktop\S922_V01_014_USB-140205.BIN
[2014/04/20 10:27:37 | 002,074,826 | ---- | C] () -- C:\Users\Sergio\Desktop\azamerica s922_v01_014_usb-140205-by-parceiros-dos-decos.rar
[2014/04/20 10:24:11 | 005,556,425 | ---- | C] () -- C:\Users\Sergio\Documents\perto de mim.mp3
[2014/04/20 10:24:11 | 005,044,150 | ---- | C] () -- C:\Users\Sergio\Documents\thiaguinho - buquê de flores.mp3
[2014/04/20 10:23:58 | 008,381,793 | ---- | C] () -- C:\Users\Sergio\Documents\marcos e belutti irracional[1].mp3
[2014/04/20 10:23:58 | 005,391,367 | ---- | C] () -- C:\Users\Sergio\Documents\luan_santana_-_te_vejo_linda_-_lanÇamento_top_2013_-_dvd_2013.mp3
[2014/04/20 09:44:44 | 001,891,149 | ---- | C] () -- C:\Users\Sergio\Desktop\S922_MP_4M_ROM_120109.zip
[2014/04/20 09:44:26 | 000,178,837 | ---- | C] () -- C:\Users\Sergio\Desktop\S922_PC_Recovery_Tool.rar
[2014/04/19 17:28:09 | 000,842,221 | ---- | C] () -- C:\Users\Sergio\Desktop\DuoActivation.rar
[2014/04/18 20:12:12 | 000,646,034 | ---- | C] () -- C:\Users\Sergio\Desktop\ProOne100_20130205.sks
[2014/04/18 20:12:12 | 000,151,552 | ---- | C] () -- C:\Users\Sergio\Desktop\Dongle Upgrade Tool.exe
[2014/04/18 20:12:00 | 000,670,769 | ---- | C] () -- C:\Users\Sergio\Desktop\Dongle Upgrade Tool.rar
[2014/04/18 19:00:03 | 001,048,576 | ---- | C] () -- C:\Users\Sergio\Desktop\Power_Dump_Mbox_New_Ibox.bin
[2014/04/18 16:43:21 | 004,212,500 | ---- | C] () -- C:\Users\Sergio\Desktop\S925 az america 09_04_14.rar
[2014/04/18 12:54:59 | 000,203,825 | ---- | C] () -- C:\Users\Sergio\Desktop\Loader S806 S807 S810 S810b.rar
[2014/04/17 22:35:25 | 002,443,267 | ---- | C] () -- C:\Users\Sergio\Desktop\dongle smart 2-16-04-2014-by-parceiros-dos-decos.rar
[2014/04/17 22:30:13 | 007,733,304 | ---- | C] () -- C:\Users\Sergio\Desktop\Globalsat_GS300_V1.68_14042014.bin
[2014/04/17 18:35:32 | 000,421,888 | ---- | C] () -- C:\Users\Sergio\Desktop\AZ-Upgrade.exe
[2014/04/17 18:35:32 | 000,000,112 | ---- | C] () -- C:\Users\Sergio\Desktop\vssver.scc
[2014/04/17 18:35:21 | 000,203,627 | ---- | C] () -- C:\Users\Sergio\Desktop\S810_AZ-Loader.rar
[2014/04/16 22:32:13 | 000,000,000 | ---- | C] () -- C:\Users\Sergio\AppData\Local\Web Data
[2014/04/16 18:41:32 | 000,063,294 | ---- | C] () -- C:\Users\Sergio\Desktop\10177951_323631321095438_8771802658022131698_n.jpg
[2014/04/15 10:10:11 | 004,128,768 | ---- | C] () -- C:\Users\Sergio\Desktop\MG3HD(SAT)_Recovery.abs
[2014/04/15 10:10:11 | 000,397,312 | ---- | C] () -- C:\Users\Sergio\Desktop\EromUpgrade.exe
[2014/04/15 10:10:11 | 000,131,072 | ---- | C] () -- C:\Users\Sergio\Desktop\LZMA.EXE
[2014/04/15 10:10:11 | 000,056,412 | ---- | C] () -- C:\Users\Sergio\Desktop\eromclient_128M_32bit_sf.abs
[2014/04/15 10:10:11 | 000,038,408 | ---- | C] () -- C:\Users\Sergio\Desktop\eromclient_M3606.abs
[2014/04/15 10:10:11 | 000,038,408 | ---- | C] () -- C:\Users\Sergio\Desktop\eromclient_M3603.abs
[2014/04/15 10:10:11 | 000,038,408 | ---- | C] () -- C:\Users\Sergio\Desktop\eromclient.abs
[2014/04/15 10:10:11 | 000,002,552 | ---- | C] () -- C:\Users\Sergio\Desktop\config.bat
[2014/04/15 10:10:11 | 000,001,512 | ---- | C] () -- C:\Users\Sergio\Desktop\sdram.ini
[2014/04/15 10:10:11 | 000,001,512 | ---- | C] () -- C:\Users\Sergio\Desktop\ddram_128M_32bit_M3602.ini
[2014/04/15 10:10:11 | 000,001,512 | ---- | C] () -- C:\Users\Sergio\Desktop\ddr_128M_M3606.ini
[2014/04/15 10:10:11 | 000,001,512 | ---- | C] () -- C:\Users\Sergio\Desktop\ddr_128M_M3603.ini
[2014/04/15 10:10:11 | 000,000,326 | ---- | C] () -- C:\Users\Sergio\Desktop\flashburn.ini
[2014/04/15 10:10:02 | 002,173,139 | ---- | C] () -- C:\Users\Sergio\Desktop\mg3hd plus sat recovery.zip
[2014/04/06 22:57:37 | 000,019,483 | ---- | C] () -- C:\Users\Sergio\Documents\tutorial-do-igo-2014.rar
[2014/04/05 07:56:35 | 000,000,336 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForSergio.job
[2014/03/15 20:01:47 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2013/12/15 15:37:33 | 000,000,029 | ---- | C] () -- C:\Windows\SysWow64\config.ini
[2013/01/11 20:00:21 | 000,000,216 | ---- | C] () -- C:\Windows\SysWow64\iCMS.dat
[2013/01/10 21:33:55 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013/01/10 21:33:55 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013/01/10 21:33:55 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2013/01/10 21:33:54 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013/01/10 21:33:52 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013/01/07 22:14:24 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2013/01/07 18:40:29 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012/05/22 02:37:09 | 000,000,196 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2012/05/22 02:17:51 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/05/22 02:17:51 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012/05/22 02:17:51 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012/05/22 02:17:51 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/05/22 02:17:50 | 013,899,776 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
========== ZeroAccess Check ==========
[2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/09/11 09:02:17 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/09/11 09:02:17 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 00:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report >
smurff- Membro
- Mensagens : 164
Reputação : 1
Data de inscrição : 09/12/2013
Idade : 46
Localização : videira santa catarina
Re: Como remover ícone que foi colocado por vírus?
por Power Max Dom 20 Abr 2014, 19:56
Na verdade seu PC está com vários adwares.
Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt
Ficamos na espera.
Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt
Ficamos na espera.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como remover ícone que foi colocado por vírus?
por smurff Dom 20 Abr 2014, 20:23
# AdwCleaner v3.101 - Relatório criado 20/04/2014 às 20:20:47
# Atualizado 20/04/2014 por Xplode
# Sistema Operacional : Windows 7 Home Basic Service Pack 1 (64 bits)
# Usuário : Sergio - BOLZAN
# Executando de : C:\Users\Sergio\Desktop\adwcleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
Serviço Deletada : wStLibG64
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\IePluginService
Pasta Deletada : C:\ProgramData\WPM
Pasta Deletada : C:\Program Files (x86)\Iminent
Pasta Deletada : C:\Program Files (x86)\IminentToolbar
Pasta Deletada : C:\Program Files (x86)\Supporter
Pasta Deletada : C:\Program Files (x86)\SupTab
Pasta Deletada : C:\Program Files (x86)\Common Files\Umbrella
Pasta Deletada : C:\Program Files\HomeTab
Pasta Deletada : C:\Users\Administrador\AppData\Local\torch
Pasta Deletada : C:\Users\Convidado\AppData\Local\torch
Pasta Deletada : C:\Users\Sergio\.android
Pasta Deletada : C:\Users\Sergio\AppData\Local\Mobogenie
Pasta Deletada : C:\Users\Sergio\AppData\LocalLow\IminentToolbar
Pasta Deletada : C:\Users\Sergio\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Sergio\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
Pasta Deletada : C:\Users\Sergio\AppData\Roaming\qone8
Pasta Deletada : C:\Users\Sergio\AppData\Roaming\SupTab
Pasta Deletada : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\aaywiser.default\Extensions\ffxtlbr@iminent.com
Pasta Deletada : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\aaywiser.default\Extensions\quick_start@gmail.com
Arquivo Deletada : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\g3dn05dw.default\Extensions\{29b136c9-938d-4d3d-8df8-d649d9b74d02}.xpi
Arquivo Deletada : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\xlvuoc0k.default-1383174806577\Extensions\{29b136c9-938d-4d3d-8df8-d649d9b74d02}.xpi
Arquivo Deletada : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\aaywiser.default\Extensions\webbooster@iminent.com.xpi
Arquivo Deletada : C:\Users\Sergio\daemonprocess.txt
Arquivo Deletada : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\aaywiser.default\searchplugins\iminent.xml
Arquivo Deletada : C:\Program Files (x86)\Mozilla Firefox\searchplugins\qone8.xml
Arquivo Deletada : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\aaywiser.default\searchplugins\Web Search.xml
Arquivo Deletada : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\g3dn05dw.default\searchplugins\Web Search.xml
Arquivo Deletada : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\xlvuoc0k.default-1383174806577\searchplugins\Web Search.xml
Arquivo Deletada : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\aaywiser.default\user.js
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MegaBrowse_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MegaBrowse_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\updateMegaBrowse_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\updateMegaBrowse_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\utilMegaBrowse_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\utilMegaBrowse_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Chave Deletedo : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{be0fb33b}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F6E8FC04-8B05-48B1-9399-848229502A06}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Chave Deletedo : HKCU\Software\RegisteredApplicationsEx
Chave Deletedo : HKCU\Software\simplytech
Chave Deletedo : HKCU\Software\AppDataLow\Software\simplytech
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : [x64] HKLM\SOFTWARE\Iminent
Dados Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SUPPOR~1\SUPPOR~2.DLL
***** [ Navegadores ] *****
-\\ Internet Explorer v10.0.9200.16866
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]
-\\ Mozilla Firefox v28.0 (pt-BR)
[ Arquivo : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\aaywiser.default\prefs.js ]
Linha deletada : user_pref("browser.search.defaultengine", "Web Search");
Linha deletada : user_pref("browser.search.order.1", "Web Search");
Linha deletada : user_pref("extensions.enabledAddons", "webbooster%40iminent.com:8.15.4.1,ffxtlbr%40iminent.com:1.6.0,%7B12477a84-2e51-4281-acac-68f2ca244f23%7D:1.1,quick_start%40gmail.com:3.2.0,%7B972ce4c6-7e08-4474-[...]
Linha deletada : user_pref("extensions.iminent.admin", false);
Linha deletada : user_pref("extensions.iminent.aflt", "orgnl");
Linha deletada : user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
Linha deletada : user_pref("extensions.iminent.autoRvrt", "false");
Linha deletada : user_pref("extensions.iminent.cntry", "BR");
Linha deletada : user_pref("extensions.iminent.dfltLng", "");
Linha deletada : user_pref("extensions.iminent.excTlbr", false);
Linha deletada : user_pref("extensions.iminent.ffxUnstlRst", false);
Linha deletada : user_pref("extensions.iminent.hdrMd5", "D288AE056868E913754EFBC36F4310EE");
Linha deletada : user_pref("extensions.iminent.id", "2c8b167000000000000080c16e8ce06f");
Linha deletada : user_pref("extensions.iminent.instlDay", "16177");
Linha deletada : user_pref("extensions.iminent.instlRef", "");
Linha deletada : user_pref("extensions.iminent.lastVrsnTs", "1.8.28.321:45:10");
Linha deletada : user_pref("extensions.iminent.newTab", false);
Linha deletada : user_pref("extensions.iminent.prdct", "iminent");
Linha deletada : user_pref("extensions.iminent.prtnrId", "iminent");
Linha deletada : user_pref("extensions.iminent.rvrt", "false");
Linha deletada : user_pref("extensions.iminent.sg", "none");
Linha deletada : user_pref("extensions.iminent.smplGrp", "none");
Linha deletada : user_pref("extensions.iminent.tlbrId", "YBCPCSTIPO");
Linha deletada : user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");
Linha deletada : user_pref("extensions.iminent.vrsn", "1.8.28.3");
Linha deletada : user_pref("extensions.iminent.vrsnTs", "1.8.28.321:45:10");
Linha deletada : user_pref("extensions.iminent.vrsni", "1.8.28.3");
Linha deletada : user_pref("iminent.LayoutId", "1");
Linha deletada : user_pref("iminent.ShowThankyouPixel", "0");
Linha deletada : user_pref("iminent._oaZGabJJ8Q_", "{\"cpt\":0,\"cpr\":0.13005649484947943,\"s\":0,\"es\":1}");
Linha deletada : user_pref("iminent.adapters", "{\"[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Linha deletada : user_pref("iminent.enabledAds", "obsolete");
Linha deletada : user_pref("iminent.externalScripts", "{\"value\":[{\"addonUid\":\"10bb6277-6b2b-413e-8d82-ad9398543254\",\"name\":\"Dealply\",\"addonId\":1,\"url\":\"http://i.iminentjs.info/imitin/javascript.js\",\"queryS[...]
Linha deletada : user_pref("iminent.externalScripts.iRobinHood.IROBPKG", "{\"pkgid\":\"wrDCt8KwwrLCucK1wrDCtsK5\",\"raw_pkgid\":\"161384178\"}");
Linha deletada : user_pref("iminent.externalScripts.iRobinHood.irobsettings", "[{\"TM\":\"59620\",\"IA\":\"1\",\"HU\":\"hxxp://iminent.donation-tools.org/home.aspx\",\"CC\":\"Fight Cancer\",\"CI\":\"5719\",\"AU\":\"ir[...]
Linha deletada : user_pref("iminent.externalScripts.iRobinHood.menuURL", "hxxp://iminent.donation-tools.org/home.aspx?pkgId=wrDCt8KwwrLCucK1wrDCtsK5");
Linha deletada : user_pref("iminent.nomsi", "true");
Linha deletada : user_pref("iminent.registerToolbarEvent100", "1397948002662");
Linha deletada : user_pref("iminent.registerToolbarEvent101", "1397869588419");
Linha deletada : user_pref("iminent.registerToolbarEvent102", "1398007997731");
Linha deletada : user_pref("iminent.registerToolbarEvent109", "1398017899720");
Linha deletada : user_pref("iminent.registerToolbarEvent110", "1397822106771");
Linha deletada : user_pref("iminent.registerToolbarEvent111", "1398017901500");
Linha deletada : user_pref("iminent.registerToolbarEvent112", "1398017938825");
Linha deletada : user_pref("iminent.registerToolbarEvent122", "1398017901814");
Linha deletada : user_pref("iminent.registerToolbarEvent140", "1397945790175");
Linha deletada : user_pref("iminent.trackExternalScripts1", "1397695551865");
Linha deletada : user_pref("iminent.trackExternalScripts2", "1397695552261");
Linha deletada : user_pref("iminent.trackExternalScripts3", "1397821634498");
Linha deletada : user_pref("iminent.trackingInfo", "{\"state\":0,\"samplingRate\":0}");
Linha deletada : user_pref("iminent.version", "8.15.4.1");
Linha deletada : user_pref("iminent.versioning", "{\"CurrentVersion\":\"8.15.4.1\",\"InstallEventCTime\":1398035913137,\"InstallEvent\":\"True\"}");
Linha deletada : user_pref("wtb18144.homepage", "hxxp://search.certified-toolbar.com?si=77301&st=home&tid=18144&ver=5.7&ts=1397617200000.000000&tguid=77301-18144-1397698423675-9A4E6074E12B1FA64E507D38EBD7A4D2");
Linha deletada : user_pref("wtb18144.newtab", "hxxp://search.certified-toolbar.com?si=77301&st=home&tid=18144&ver=5.7&ts=1397617200000.000000&tguid=77301-18144-1397698423675-9A4E6074E12B1FA64E507D38EBD7A4D2");
[ Arquivo : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\g3dn05dw.default\prefs.js ]
Linha deletada : user_pref("browser.newtab.url", "hxxp://search.certified-toolbar.com?si=77301&st=newtab&tid=18144&ver=5.7&ts=1397617200000.000000&tguid=77301-18144-1397698423675-9A4E6074E12B1FA64E507D38EBD7A4D2");
Linha deletada : user_pref("browser.search.defaultengine", "Web Search");
Linha deletada : user_pref("browser.search.defaultenginename", "Web Search");
Linha deletada : user_pref("browser.search.order.1", "Web Search");
Linha deletada : user_pref("browser.search.selectedEngine", "Web Search");
Linha deletada : user_pref("browser.startup.homepage", "hxxp://search.certified-toolbar.com?si=77301&st=home&tid=18144&ver=5.7&ts=1397617200000.000000&tguid=77301-18144-1397698423675-9A4E6074E12B1FA64E507D38EBD7A4D2")[...]
Linha deletada : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=77301&tid=18144&ver=5.7&ts=1397617200000.000000&tguid=77301-18144-1397698423675-9A4E6074E12B1FA64E507D38EBD7A4D2&st=chrome&q=");
Linha deletada : user_pref("wtb18144.homepage", "hxxp://search.certified-toolbar.com?si=77301&st=home&tid=18144&ver=5.7&ts=1397617200000.000000&tguid=77301-18144-1397698423675-9A4E6074E12B1FA64E507D38EBD7A4D2");
Linha deletada : user_pref("wtb18144.newtab", "hxxp://search.certified-toolbar.com?si=77301&st=home&tid=18144&ver=5.7&ts=1397617200000.000000&tguid=77301-18144-1397698423675-9A4E6074E12B1FA64E507D38EBD7A4D2");
[ Arquivo : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\xlvuoc0k.default-1383174806577\prefs.js ]
Linha deletada : user_pref("browser.newtab.url", "hxxp://search.certified-toolbar.com?si=77301&st=newtab&tid=18144&ver=5.7&ts=1397617200000.000000&tguid=77301-18144-1397698423675-9A4E6074E12B1FA64E507D38EBD7A4D2");
Linha deletada : user_pref("browser.search.defaultengine", "Web Search");
Linha deletada : user_pref("browser.search.defaultenginename", "Web Search");
Linha deletada : user_pref("browser.search.order.1", "Web Search");
Linha deletada : user_pref("browser.search.selectedEngine", "Web Search");
Linha deletada : user_pref("browser.startup.homepage", "hxxp://search.certified-toolbar.com?si=77301&st=home&tid=18144&ver=5.7&ts=1397617200000.000000&tguid=77301-18144-1397698423675-9A4E6074E12B1FA64E507D38EBD7A4D2")[...]
Linha deletada : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=77301&tid=18144&ver=5.7&ts=1397617200000.000000&tguid=77301-18144-1397698423675-9A4E6074E12B1FA64E507D38EBD7A4D2&st=chrome&q=");
Linha deletada : user_pref("wtb18144.homepage", "hxxp://search.certified-toolbar.com?si=77301&st=home&tid=18144&ver=5.7&ts=1397617200000.000000&tguid=77301-18144-1397698423675-9A4E6074E12B1FA64E507D38EBD7A4D2");
Linha deletada : user_pref("wtb18144.newtab", "hxxp://search.certified-toolbar.com?si=77301&st=home&tid=18144&ver=5.7&ts=1397617200000.000000&tguid=77301-18144-1397698423675-9A4E6074E12B1FA64E507D38EBD7A4D2");
*************************
AdwCleaner[R0].txt - [3021 octets] - [14/03/2014 22:35:14]
AdwCleaner[R1].txt - [10502 octets] - [14/04/2014 22:19:58]
AdwCleaner[R2].txt - [10563 octets] - [14/04/2014 22:24:01]
AdwCleaner[R3].txt - [20548 octets] - [20/04/2014 20:19:47]
AdwCleaner[S0].txt - [2946 octets] - [14/03/2014 22:36:21]
AdwCleaner[S1].txt - [10430 octets] - [14/04/2014 22:24:57]
AdwCleaner[S2].txt - [16349 octets] - [20/04/2014 20:20:47]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [16410 octets] ##########
# Atualizado 20/04/2014 por Xplode
# Sistema Operacional : Windows 7 Home Basic Service Pack 1 (64 bits)
# Usuário : Sergio - BOLZAN
# Executando de : C:\Users\Sergio\Desktop\adwcleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
Serviço Deletada : wStLibG64
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\IePluginService
Pasta Deletada : C:\ProgramData\WPM
Pasta Deletada : C:\Program Files (x86)\Iminent
Pasta Deletada : C:\Program Files (x86)\IminentToolbar
Pasta Deletada : C:\Program Files (x86)\Supporter
Pasta Deletada : C:\Program Files (x86)\SupTab
Pasta Deletada : C:\Program Files (x86)\Common Files\Umbrella
Pasta Deletada : C:\Program Files\HomeTab
Pasta Deletada : C:\Users\Administrador\AppData\Local\torch
Pasta Deletada : C:\Users\Convidado\AppData\Local\torch
Pasta Deletada : C:\Users\Sergio\.android
Pasta Deletada : C:\Users\Sergio\AppData\Local\Mobogenie
Pasta Deletada : C:\Users\Sergio\AppData\LocalLow\IminentToolbar
Pasta Deletada : C:\Users\Sergio\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Sergio\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
Pasta Deletada : C:\Users\Sergio\AppData\Roaming\qone8
Pasta Deletada : C:\Users\Sergio\AppData\Roaming\SupTab
Pasta Deletada : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\aaywiser.default\Extensions\ffxtlbr@iminent.com
Pasta Deletada : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\aaywiser.default\Extensions\quick_start@gmail.com
Arquivo Deletada : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\g3dn05dw.default\Extensions\{29b136c9-938d-4d3d-8df8-d649d9b74d02}.xpi
Arquivo Deletada : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\xlvuoc0k.default-1383174806577\Extensions\{29b136c9-938d-4d3d-8df8-d649d9b74d02}.xpi
Arquivo Deletada : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\aaywiser.default\Extensions\webbooster@iminent.com.xpi
Arquivo Deletada : C:\Users\Sergio\daemonprocess.txt
Arquivo Deletada : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\aaywiser.default\searchplugins\iminent.xml
Arquivo Deletada : C:\Program Files (x86)\Mozilla Firefox\searchplugins\qone8.xml
Arquivo Deletada : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\aaywiser.default\searchplugins\Web Search.xml
Arquivo Deletada : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\g3dn05dw.default\searchplugins\Web Search.xml
Arquivo Deletada : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\xlvuoc0k.default-1383174806577\searchplugins\Web Search.xml
Arquivo Deletada : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\aaywiser.default\user.js
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MegaBrowse_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MegaBrowse_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\updateMegaBrowse_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\updateMegaBrowse_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\utilMegaBrowse_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\utilMegaBrowse_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Chave Deletedo : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{be0fb33b}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F6E8FC04-8B05-48B1-9399-848229502A06}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Chave Deletedo : HKCU\Software\RegisteredApplicationsEx
Chave Deletedo : HKCU\Software\simplytech
Chave Deletedo : HKCU\Software\AppDataLow\Software\simplytech
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : [x64] HKLM\SOFTWARE\Iminent
Dados Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SUPPOR~1\SUPPOR~2.DLL
***** [ Navegadores ] *****
-\\ Internet Explorer v10.0.9200.16866
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]
-\\ Mozilla Firefox v28.0 (pt-BR)
[ Arquivo : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\aaywiser.default\prefs.js ]
Linha deletada : user_pref("browser.search.defaultengine", "Web Search");
Linha deletada : user_pref("browser.search.order.1", "Web Search");
Linha deletada : user_pref("extensions.enabledAddons", "webbooster%40iminent.com:8.15.4.1,ffxtlbr%40iminent.com:1.6.0,%7B12477a84-2e51-4281-acac-68f2ca244f23%7D:1.1,quick_start%40gmail.com:3.2.0,%7B972ce4c6-7e08-4474-[...]
Linha deletada : user_pref("extensions.iminent.admin", false);
Linha deletada : user_pref("extensions.iminent.aflt", "orgnl");
Linha deletada : user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
Linha deletada : user_pref("extensions.iminent.autoRvrt", "false");
Linha deletada : user_pref("extensions.iminent.cntry", "BR");
Linha deletada : user_pref("extensions.iminent.dfltLng", "");
Linha deletada : user_pref("extensions.iminent.excTlbr", false);
Linha deletada : user_pref("extensions.iminent.ffxUnstlRst", false);
Linha deletada : user_pref("extensions.iminent.hdrMd5", "D288AE056868E913754EFBC36F4310EE");
Linha deletada : user_pref("extensions.iminent.id", "2c8b167000000000000080c16e8ce06f");
Linha deletada : user_pref("extensions.iminent.instlDay", "16177");
Linha deletada : user_pref("extensions.iminent.instlRef", "");
Linha deletada : user_pref("extensions.iminent.lastVrsnTs", "1.8.28.321:45:10");
Linha deletada : user_pref("extensions.iminent.newTab", false);
Linha deletada : user_pref("extensions.iminent.prdct", "iminent");
Linha deletada : user_pref("extensions.iminent.prtnrId", "iminent");
Linha deletada : user_pref("extensions.iminent.rvrt", "false");
Linha deletada : user_pref("extensions.iminent.sg", "none");
Linha deletada : user_pref("extensions.iminent.smplGrp", "none");
Linha deletada : user_pref("extensions.iminent.tlbrId", "YBCPCSTIPO");
Linha deletada : user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");
Linha deletada : user_pref("extensions.iminent.vrsn", "1.8.28.3");
Linha deletada : user_pref("extensions.iminent.vrsnTs", "1.8.28.321:45:10");
Linha deletada : user_pref("extensions.iminent.vrsni", "1.8.28.3");
Linha deletada : user_pref("iminent.LayoutId", "1");
Linha deletada : user_pref("iminent.ShowThankyouPixel", "0");
Linha deletada : user_pref("iminent._oaZGabJJ8Q_", "{\"cpt\":0,\"cpr\":0.13005649484947943,\"s\":0,\"es\":1}");
Linha deletada : user_pref("iminent.adapters", "{\"[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Linha deletada : user_pref("iminent.enabledAds", "obsolete");
Linha deletada : user_pref("iminent.externalScripts", "{\"value\":[{\"addonUid\":\"10bb6277-6b2b-413e-8d82-ad9398543254\",\"name\":\"Dealply\",\"addonId\":1,\"url\":\"http://i.iminentjs.info/imitin/javascript.js\",\"queryS[...]
Linha deletada : user_pref("iminent.externalScripts.iRobinHood.IROBPKG", "{\"pkgid\":\"wrDCt8KwwrLCucK1wrDCtsK5\",\"raw_pkgid\":\"161384178\"}");
Linha deletada : user_pref("iminent.externalScripts.iRobinHood.irobsettings", "[{\"TM\":\"59620\",\"IA\":\"1\",\"HU\":\"hxxp://iminent.donation-tools.org/home.aspx\",\"CC\":\"Fight Cancer\",\"CI\":\"5719\",\"AU\":\"ir[...]
Linha deletada : user_pref("iminent.externalScripts.iRobinHood.menuURL", "hxxp://iminent.donation-tools.org/home.aspx?pkgId=wrDCt8KwwrLCucK1wrDCtsK5");
Linha deletada : user_pref("iminent.nomsi", "true");
Linha deletada : user_pref("iminent.registerToolbarEvent100", "1397948002662");
Linha deletada : user_pref("iminent.registerToolbarEvent101", "1397869588419");
Linha deletada : user_pref("iminent.registerToolbarEvent102", "1398007997731");
Linha deletada : user_pref("iminent.registerToolbarEvent109", "1398017899720");
Linha deletada : user_pref("iminent.registerToolbarEvent110", "1397822106771");
Linha deletada : user_pref("iminent.registerToolbarEvent111", "1398017901500");
Linha deletada : user_pref("iminent.registerToolbarEvent112", "1398017938825");
Linha deletada : user_pref("iminent.registerToolbarEvent122", "1398017901814");
Linha deletada : user_pref("iminent.registerToolbarEvent140", "1397945790175");
Linha deletada : user_pref("iminent.trackExternalScripts1", "1397695551865");
Linha deletada : user_pref("iminent.trackExternalScripts2", "1397695552261");
Linha deletada : user_pref("iminent.trackExternalScripts3", "1397821634498");
Linha deletada : user_pref("iminent.trackingInfo", "{\"state\":0,\"samplingRate\":0}");
Linha deletada : user_pref("iminent.version", "8.15.4.1");
Linha deletada : user_pref("iminent.versioning", "{\"CurrentVersion\":\"8.15.4.1\",\"InstallEventCTime\":1398035913137,\"InstallEvent\":\"True\"}");
Linha deletada : user_pref("wtb18144.homepage", "hxxp://search.certified-toolbar.com?si=77301&st=home&tid=18144&ver=5.7&ts=1397617200000.000000&tguid=77301-18144-1397698423675-9A4E6074E12B1FA64E507D38EBD7A4D2");
Linha deletada : user_pref("wtb18144.newtab", "hxxp://search.certified-toolbar.com?si=77301&st=home&tid=18144&ver=5.7&ts=1397617200000.000000&tguid=77301-18144-1397698423675-9A4E6074E12B1FA64E507D38EBD7A4D2");
[ Arquivo : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\g3dn05dw.default\prefs.js ]
Linha deletada : user_pref("browser.newtab.url", "hxxp://search.certified-toolbar.com?si=77301&st=newtab&tid=18144&ver=5.7&ts=1397617200000.000000&tguid=77301-18144-1397698423675-9A4E6074E12B1FA64E507D38EBD7A4D2");
Linha deletada : user_pref("browser.search.defaultengine", "Web Search");
Linha deletada : user_pref("browser.search.defaultenginename", "Web Search");
Linha deletada : user_pref("browser.search.order.1", "Web Search");
Linha deletada : user_pref("browser.search.selectedEngine", "Web Search");
Linha deletada : user_pref("browser.startup.homepage", "hxxp://search.certified-toolbar.com?si=77301&st=home&tid=18144&ver=5.7&ts=1397617200000.000000&tguid=77301-18144-1397698423675-9A4E6074E12B1FA64E507D38EBD7A4D2")[...]
Linha deletada : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=77301&tid=18144&ver=5.7&ts=1397617200000.000000&tguid=77301-18144-1397698423675-9A4E6074E12B1FA64E507D38EBD7A4D2&st=chrome&q=");
Linha deletada : user_pref("wtb18144.homepage", "hxxp://search.certified-toolbar.com?si=77301&st=home&tid=18144&ver=5.7&ts=1397617200000.000000&tguid=77301-18144-1397698423675-9A4E6074E12B1FA64E507D38EBD7A4D2");
Linha deletada : user_pref("wtb18144.newtab", "hxxp://search.certified-toolbar.com?si=77301&st=home&tid=18144&ver=5.7&ts=1397617200000.000000&tguid=77301-18144-1397698423675-9A4E6074E12B1FA64E507D38EBD7A4D2");
[ Arquivo : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\xlvuoc0k.default-1383174806577\prefs.js ]
Linha deletada : user_pref("browser.newtab.url", "hxxp://search.certified-toolbar.com?si=77301&st=newtab&tid=18144&ver=5.7&ts=1397617200000.000000&tguid=77301-18144-1397698423675-9A4E6074E12B1FA64E507D38EBD7A4D2");
Linha deletada : user_pref("browser.search.defaultengine", "Web Search");
Linha deletada : user_pref("browser.search.defaultenginename", "Web Search");
Linha deletada : user_pref("browser.search.order.1", "Web Search");
Linha deletada : user_pref("browser.search.selectedEngine", "Web Search");
Linha deletada : user_pref("browser.startup.homepage", "hxxp://search.certified-toolbar.com?si=77301&st=home&tid=18144&ver=5.7&ts=1397617200000.000000&tguid=77301-18144-1397698423675-9A4E6074E12B1FA64E507D38EBD7A4D2")[...]
Linha deletada : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=77301&tid=18144&ver=5.7&ts=1397617200000.000000&tguid=77301-18144-1397698423675-9A4E6074E12B1FA64E507D38EBD7A4D2&st=chrome&q=");
Linha deletada : user_pref("wtb18144.homepage", "hxxp://search.certified-toolbar.com?si=77301&st=home&tid=18144&ver=5.7&ts=1397617200000.000000&tguid=77301-18144-1397698423675-9A4E6074E12B1FA64E507D38EBD7A4D2");
Linha deletada : user_pref("wtb18144.newtab", "hxxp://search.certified-toolbar.com?si=77301&st=home&tid=18144&ver=5.7&ts=1397617200000.000000&tguid=77301-18144-1397698423675-9A4E6074E12B1FA64E507D38EBD7A4D2");
*************************
AdwCleaner[R0].txt - [3021 octets] - [14/03/2014 22:35:14]
AdwCleaner[R1].txt - [10502 octets] - [14/04/2014 22:19:58]
AdwCleaner[R2].txt - [10563 octets] - [14/04/2014 22:24:01]
AdwCleaner[R3].txt - [20548 octets] - [20/04/2014 20:19:47]
AdwCleaner[S0].txt - [2946 octets] - [14/03/2014 22:36:21]
AdwCleaner[S1].txt - [10430 octets] - [14/04/2014 22:24:57]
AdwCleaner[S2].txt - [16349 octets] - [20/04/2014 20:20:47]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [16410 octets] ##########
smurff- Membro
- Mensagens : 164
Reputação : 1
Data de inscrição : 09/12/2013
Idade : 46
Localização : videira santa catarina
Re: Como remover ícone que foi colocado por vírus?
por Power Max Dom 20 Abr 2014, 20:24
Faça o download do Malwarebytes em um destes links abaixo:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para instalá-lo e executá-lo corretamente siga, por gentileza, as dicas desta postagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Na sua próxima resposta poste este log (relatório) do Malwarebytes.
Ficamos no aguardo.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como remover ícone que foi colocado por vírus?
por smurff Dom 20 Abr 2014, 22:41
aparentemente resolvido o icone sumiu do desktop
obrigado pela ajuda
Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Data de Verificação: 20/04/2014
Hora da Verificação: 22:30:32
Logfile: log.txt
Administrador: Sim
Versão: 2.00.1.1004
Malware Database: v2014.04.20.07
Rootkit Database: v2014.03.27.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Chameleon: Desabilitado
OS: Windows 7 Service Pack 1
CPU: x64
Sistema de Arquivo: NTFS
Usuário: Sergio
Tipo da Verificação: Verificação Personalizada
Resultado: Completado
Arquivos Verificados: 416082
Tempo Decorrido: 1 hr, 55 min, 6 seg
Memória: Enabled
Inicialização: Enabled
Filesystem: Enabled
Arquivos: Enabled
Rootkits: Desabilitado
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processos: 0
(No malicious items detected)
Módulos: 0
(No malicious items detected)
Chaves de Registro: 5
PUP.Optional.Highlightly, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}, Quarantined, [1b7c4edeb1ca42f4c52b2aedaa588977],
PUP.Optional.Highlightly, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}, Quarantined, [1b7c4edeb1ca42f4c52b2aedaa588977],
PUP.Optional.SaveClicker.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{41F2D11C-F8C6-5FF3-6C37-F8E8ACDDBA00}, Quarantined, [99fe9e8ef586a88e1f1b32fb7e86cb35],
PUP.Optional.SaveClicker.A, HKU\S-1-5-21-1190544074-2727672657-2929601756-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{41F2D11C-F8C6-5FF3-6C37-F8E8ACDDBA00}, Quarantined, [99fe9e8ef586a88e1f1b32fb7e86cb35],
PUP.Optional.SaveClicker.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{41F2D11C-F8C6-5FF3-6C37-F8E8ACDDBA00}, Quarantined, [99fe9e8ef586a88e1f1b32fb7e86cb35],
Valores de Registro: 1
PUP.Optional.HomeTab.A, HKU\S-1-5-21-1190544074-2727672657-2929601756-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigURL, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Quarantined, [1582d05ca6d5f93dbf014338ae5438c8]
Dados do Registro: 1
PUP.Optional.SearchCertifiedTB.A, HKU\S-1-5-21-1190544074-2727672657-2929601756-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Good: (http://www.google.com), Bad: (http://search.certified-toolbar.com?si=77301&st=bs&tid=18144&ver=5.7&ts=1397617200000.000000&tguid=77301-18144-1397698423675-9A4E6074E12B1FA64E507D38EBD7A4D2&q=%s),Replaced,[e4b339f3b0cb10269be543e763a16c94]
Pastas: 1
PUP.Optional.ZombieAlert.A, C:\Users\Sergio\AppData\Local\ZombieAlert, Quarantined, [45525ece35467bbbc5ac155bf012e41c],
Arquivos: 7
PUP.Optional.SimplyTech, C:\Users\Sergio\AppData\Local\Mozilla\Firefox\Profiles\aaywiser.default\Cache\2\CA\5EA52d01, Quarantined, [7c1be646bac171c50960b9659e666a96],
PUP.Optional.AppsInstall, C:\Users\Sergio\Desktop\Internet%20Explorer%2010.exe, Quarantined, [d0c7fa327ffc82b40f1e86370ef5e21e],
PUP.Optional.SimplyTech, C:\$RECYCLE.BIN\S-1-5-21-1190544074-2727672657-2929601756-1000\$RD26GUK.exe, Quarantined, [d6c1ed3f8dee0a2c9ccd6bb3f11334cc],
PUP.Optional.ZombieAlert.A, C:\Users\Sergio\AppData\Local\ZombieAlert\data2.dat, Quarantined, [45525ece35467bbbc5ac155bf012e41c],
PUP.Optional.Melondrea.A, C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\g3dn05dw.default\extensions\{c047df5e-0fda-4055-b5db-a96a8a34a094}.xpi, Quarantined, [f6a153d92853989eac5420551fe3956b],
PUP.Optional.Melondrea.A, C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\xlvuoc0k.default-1383174806577\extensions\{c047df5e-0fda-4055-b5db-a96a8a34a094}.xpi, Quarantined, [d8bfae7e1e5d1323bb45680d48baf50b],
PUP.Optional.Cashback, C:\Windows\System32\drivers\cashnbackdrv.sys, Quarantined, [4f486cc05328e1554b1c515d768d659b],
Physical Sectors: 0
(No malicious items detected)
(end)
obrigado pela ajuda
Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Data de Verificação: 20/04/2014
Hora da Verificação: 22:30:32
Logfile: log.txt
Administrador: Sim
Versão: 2.00.1.1004
Malware Database: v2014.04.20.07
Rootkit Database: v2014.03.27.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Chameleon: Desabilitado
OS: Windows 7 Service Pack 1
CPU: x64
Sistema de Arquivo: NTFS
Usuário: Sergio
Tipo da Verificação: Verificação Personalizada
Resultado: Completado
Arquivos Verificados: 416082
Tempo Decorrido: 1 hr, 55 min, 6 seg
Memória: Enabled
Inicialização: Enabled
Filesystem: Enabled
Arquivos: Enabled
Rootkits: Desabilitado
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processos: 0
(No malicious items detected)
Módulos: 0
(No malicious items detected)
Chaves de Registro: 5
PUP.Optional.Highlightly, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}, Quarantined, [1b7c4edeb1ca42f4c52b2aedaa588977],
PUP.Optional.Highlightly, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}, Quarantined, [1b7c4edeb1ca42f4c52b2aedaa588977],
PUP.Optional.SaveClicker.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{41F2D11C-F8C6-5FF3-6C37-F8E8ACDDBA00}, Quarantined, [99fe9e8ef586a88e1f1b32fb7e86cb35],
PUP.Optional.SaveClicker.A, HKU\S-1-5-21-1190544074-2727672657-2929601756-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{41F2D11C-F8C6-5FF3-6C37-F8E8ACDDBA00}, Quarantined, [99fe9e8ef586a88e1f1b32fb7e86cb35],
PUP.Optional.SaveClicker.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{41F2D11C-F8C6-5FF3-6C37-F8E8ACDDBA00}, Quarantined, [99fe9e8ef586a88e1f1b32fb7e86cb35],
Valores de Registro: 1
PUP.Optional.HomeTab.A, HKU\S-1-5-21-1190544074-2727672657-2929601756-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigURL, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Quarantined, [1582d05ca6d5f93dbf014338ae5438c8]
Dados do Registro: 1
PUP.Optional.SearchCertifiedTB.A, HKU\S-1-5-21-1190544074-2727672657-2929601756-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Good: (http://www.google.com), Bad: (http://search.certified-toolbar.com?si=77301&st=bs&tid=18144&ver=5.7&ts=1397617200000.000000&tguid=77301-18144-1397698423675-9A4E6074E12B1FA64E507D38EBD7A4D2&q=%s),Replaced,[e4b339f3b0cb10269be543e763a16c94]
Pastas: 1
PUP.Optional.ZombieAlert.A, C:\Users\Sergio\AppData\Local\ZombieAlert, Quarantined, [45525ece35467bbbc5ac155bf012e41c],
Arquivos: 7
PUP.Optional.SimplyTech, C:\Users\Sergio\AppData\Local\Mozilla\Firefox\Profiles\aaywiser.default\Cache\2\CA\5EA52d01, Quarantined, [7c1be646bac171c50960b9659e666a96],
PUP.Optional.AppsInstall, C:\Users\Sergio\Desktop\Internet%20Explorer%2010.exe, Quarantined, [d0c7fa327ffc82b40f1e86370ef5e21e],
PUP.Optional.SimplyTech, C:\$RECYCLE.BIN\S-1-5-21-1190544074-2727672657-2929601756-1000\$RD26GUK.exe, Quarantined, [d6c1ed3f8dee0a2c9ccd6bb3f11334cc],
PUP.Optional.ZombieAlert.A, C:\Users\Sergio\AppData\Local\ZombieAlert\data2.dat, Quarantined, [45525ece35467bbbc5ac155bf012e41c],
PUP.Optional.Melondrea.A, C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\g3dn05dw.default\extensions\{c047df5e-0fda-4055-b5db-a96a8a34a094}.xpi, Quarantined, [f6a153d92853989eac5420551fe3956b],
PUP.Optional.Melondrea.A, C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\xlvuoc0k.default-1383174806577\extensions\{c047df5e-0fda-4055-b5db-a96a8a34a094}.xpi, Quarantined, [d8bfae7e1e5d1323bb45680d48baf50b],
PUP.Optional.Cashback, C:\Windows\System32\drivers\cashnbackdrv.sys, Quarantined, [4f486cc05328e1554b1c515d768d659b],
Physical Sectors: 0
(No malicious items detected)
(end)
smurff- Membro
- Mensagens : 164
Reputação : 1
Data de inscrição : 09/12/2013
Idade : 46
Localização : videira santa catarina
Re: Como remover ícone que foi colocado por vírus?
por Power Max Dom 20 Abr 2014, 22:49
aparentemente resolvido, o ícone sumiu do desktop
obrigado pela ajuda
Fico feliz que o problema tenha sido resolvido. Só para finalizar siga estes tutoriais abaixo, por gentileza:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________
Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]._______________________________________________________________________________________________________________________
Foi um prazer ajudar. Conte sempre conosco!Última edição por Power Max em Sáb 10 maio 2014, 14:07, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como remover ícone que foi colocado por vírus?
por Power Max Sáb 10 maio 2014, 14:09
CASO RESOLVIDO
Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Página 1 de 1
Permissões neste sub-fórum
Não podes responder a tópicos