Flux 
Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 13 usuários online :: 0 registrados, 0 invisíveis e 13 visitantes :: 2 motores de buscaNenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
| Power Max |
| |||
| joram |
| |||
| Wings [In Memoriam] |
| |||
| caedurodrigues |
| |||
| Amigo Brasileiro |
| |||
| luizvilarinho |
| |||
| Danii |
| |||
| Admin |
| |||
| Danilo Marsaro |
| |||
| Andreata |
|
Software Melondrea e Highlightly
2 participantes
Página 1 de 3
Página 1 de 3 • 1, 2, 3 
Software Melondrea e Highlightly
por ma.rita Seg 28 Abr 2014, 21:08
Fui tentar baixar o Winrar e percebi que programa malicioso foi se instalando. Dei um cancelar e consegui desinstalar pelo painel de controle mas ficaram o Software Melondrea e Highlightly. Eles não dão opção de Desinstalar eles me obrigam a instalar primeiro o programa. Depois disso, o PC ficou super lento, várias janelas incomum de propagandas começaram abrir. Eu não sei o que fazer, vcs poderiam me ajudar?
ma.rita- Iniciante
- Mensagens : 31
Reputação : 0
Data de inscrição : 28/04/2014
Re: Software Melondrea e Highlightly
por Power Max Seg 28 Abr 2014, 21:52
Olá ma.rita. 
Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt
Ficamos na espera.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Software Melondrea e Highlightly
por ma.rita Ter 29 Abr 2014, 21:07
Tudo isso era lixo que tinha na minha máquina? Eu rodei o programa Adwcleaner conforme orientação. Cliquei no botão LIMPAR pra limpar tudo. Será que deletou algo que não era pra ser?
Segue o relatório:
# AdwCleaner v3.205 - Relatório criado 29/04/2014 às 20:44:01
# Atualizado 28/04/2014 por Xplode
# Sistema Operacional : Windows 7 Home Premium Service Pack 1 (32 bits)
# Usuário : Maria - MARIA-PC
# Executando de : C:\Users\Maria\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
[#] Serviço Deletada : hlnfd
Serviço Deletada : hlsvc
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\Program Files\Conduit
Pasta Deletada : C:\Program Files\Freecorder extension
Pasta Deletada : C:\Program Files\Highlightly
Pasta Deletada : C:\Program Files\Iminent
[!] Pasta Deletada : C:\Program Files\melondrea
Pasta Deletada : C:\Program Files\Red Sky
Pasta Deletada : C:\Program Files\Freecorder
Pasta Deletada : C:\Users\Maria\.android
Pasta Deletada : C:\Users\Maria\AppData\Local\Conduit
Pasta Deletada : C:\Users\Maria\AppData\Local\DownTango
Pasta Deletada : C:\Users\Maria\AppData\Local\Genesis
Pasta Deletada : C:\Users\Maria\AppData\Local\Mobogenie
Pasta Deletada : C:\Users\Maria\AppData\LocalLow\Claro LTD
Pasta Deletada : C:\Users\Maria\AppData\LocalLow\Conduit
Pasta Deletada : C:\Users\Maria\AppData\LocalLow\Funmoods
Pasta Deletada : C:\Users\Maria\AppData\LocalLow\PriceGong
Pasta Deletada : C:\Users\Maria\AppData\LocalLow\SimplyTech
Pasta Deletada : C:\Users\Maria\AppData\LocalLow\Freecorder
Pasta Deletada : C:\Users\Maria\AppData\Roaming\Babylon
Pasta Deletada : C:\Users\Maria\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Maria\AppData\Roaming\Funmoods
Pasta Deletada : C:\Users\Maria\AppData\Roaming\UpdaterEX
Pasta Deletada : C:\Users\Maria\Documents\Mobogenie
Pasta Deletada : C:\Users\Maria\Documents\Freecorder
Pasta Deletada : C:\Users\Public\Documents\baidu
Pasta Deletada : C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Pasta Deletada : C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Arquivo Deletada : C:\END
Arquivo Deletada : C:\Users\Maria\daemonprocess.txt
Arquivo Deletada : C:\Users\Maria\AppData\Local\funmoods.crx
Arquivo Deletada : C:\Users\Maria\AppData\Local\funmoods-speeddial_sf.crx
Arquivo Deletada : C:\Program Files\Mozilla Firefox\user.js
Arquivo Deletada : C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage
Arquivo Deletada : C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage
Arquivo Deletada : C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Arquivo Deletada : C:\Windows\System32\Tasks\Funmoods
Arquivo Deletada : C:\Windows\Tasks\UpdaterEX.job
Arquivo Deletada : C:\Windows\System32\Tasks\UpdaterEX
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6DA3157A-AEC0-4717-89EE-9A25CCFB0160}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DA3157A-AEC0-4717-89EE-9A25CCFB0160}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{49EE18A9-754F-4188-BBB1-DFB8432D7B3B}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49EE18A9-754F-4188-BBB1-DFB8432D7B3B}
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\RegistryHelper.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Chave Deletedo : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar.CT1060933
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{544C2426-48FD-4C40-AE3B-31257FF334D0}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1917AB4C-E2E9-42AE-A51E-B5750F160BFB}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6C65F1F0-8088-414B-828C-813207ADE75A}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A4341726-E922-47BB-86A6-23F4F4F67342}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C9B4F046-2A8C-46BD-B1A1-CF0EAE5EA521}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{DCA1528D-A3C0-4A9F-AA6E-DCE643F91495}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1392B8D2-5C05-419F-A8F6-B9F15A596612}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9E92257F-3F0A-451D-B231-6E2DB60CDC71}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B887CA3B-D82B-4A01-AD29-E97444D01CE6}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1392B8D2-5C05-419F-A8F6-B9F15A596612}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1392B8D2-5C05-419F-A8F6-B9F15A596612}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9E92257F-3F0A-451D-B231-6E2DB60CDC71}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1392B8D2-5C05-419F-A8F6-B9F15A596612}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9E92257F-3F0A-451D-B231-6E2DB60CDC71}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB904C4-C255-4540-B97E-A75A34F1FFB0}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{51BD387C-B063-441C-A100-83577AA6AA5E}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6416057-1224-4783-BAEF-6F04ACDE5241}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{1392B8D2-5C05-419F-A8F6-B9F15A596612}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{1392B8D2-5C05-419F-A8F6-B9F15A596612}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{1392B8D2-5C05-419F-A8F6-B9F15A596612}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{1392B8D2-5C05-419F-A8F6-B9F15A596612}]
Chave Deletedo : HKCU\Software\Ask&Record
Chave Deletedo : HKCU\Software\Conduit
Chave Deletedo : HKCU\Software\DataMngr
[#] Chave Deletedo : HKCU\Software\DataMngr_Toolbar
Chave Deletedo : HKCU\Software\Funmoods
Chave Deletedo : HKCU\Software\genesis
Chave Deletedo : HKCU\Software\Iminent
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\ProtectedSearch
Chave Deletedo : HKCU\Software\UpdaterEX
Chave Deletedo : HKCU\Software\Freecorder
Chave Deletedo : HKCU\Software\AppDataLow\Toolbar
Chave Deletedo : HKCU\Software\AppDataLow\Software\Conduit
Chave Deletedo : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Chave Deletedo : HKCU\Software\AppDataLow\Software\PriceGong
Chave Deletedo : HKCU\Software\AppDataLow\Software\simplytech
Chave Deletedo : HKCU\Software\AppDataLow\Software\SmartBar
Chave Deletedo : HKCU\Software\AppDataLow\Software\Freecorder
Chave Deletedo : HKLM\Software\Babylon
Chave Deletedo : HKLM\Software\BrowserMngr
Chave Deletedo : HKLM\Software\Conduit
Chave Deletedo : HKLM\Software\DataMngr
Chave Deletedo : HKLM\Software\Funmoods
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKLM\Software\SimplyGen
Chave Deletedo : HKLM\Software\Tarma Installer
Chave Deletedo : HKLM\Software\Freecorder
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Freecorder extension
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Freecorder Toolbar
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.17041
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]
-\\ Google Chrome v
[ Arquivo : C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Extension] : bbjciahceamgodcoidkjpchnokgfpphh
Deletedo [Extension] : cjpglkicenollcignonpgiafdgfeehoj
Deletedo [Extension] : dlfienamagdnkekbbbocojppncdambda
*************************
AdwCleaner[R0].txt - [23547 octets] - [29/04/2014 20:32:07]
AdwCleaner[S0].txt - [22505 octets] - [29/04/2014 20:44:01]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [22566 octets] ##########
Segue o relatório:
# AdwCleaner v3.205 - Relatório criado 29/04/2014 às 20:44:01
# Atualizado 28/04/2014 por Xplode
# Sistema Operacional : Windows 7 Home Premium Service Pack 1 (32 bits)
# Usuário : Maria - MARIA-PC
# Executando de : C:\Users\Maria\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
[#] Serviço Deletada : hlnfd
Serviço Deletada : hlsvc
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\Program Files\Conduit
Pasta Deletada : C:\Program Files\Freecorder extension
Pasta Deletada : C:\Program Files\Highlightly
Pasta Deletada : C:\Program Files\Iminent
[!] Pasta Deletada : C:\Program Files\melondrea
Pasta Deletada : C:\Program Files\Red Sky
Pasta Deletada : C:\Program Files\Freecorder
Pasta Deletada : C:\Users\Maria\.android
Pasta Deletada : C:\Users\Maria\AppData\Local\Conduit
Pasta Deletada : C:\Users\Maria\AppData\Local\DownTango
Pasta Deletada : C:\Users\Maria\AppData\Local\Genesis
Pasta Deletada : C:\Users\Maria\AppData\Local\Mobogenie
Pasta Deletada : C:\Users\Maria\AppData\LocalLow\Claro LTD
Pasta Deletada : C:\Users\Maria\AppData\LocalLow\Conduit
Pasta Deletada : C:\Users\Maria\AppData\LocalLow\Funmoods
Pasta Deletada : C:\Users\Maria\AppData\LocalLow\PriceGong
Pasta Deletada : C:\Users\Maria\AppData\LocalLow\SimplyTech
Pasta Deletada : C:\Users\Maria\AppData\LocalLow\Freecorder
Pasta Deletada : C:\Users\Maria\AppData\Roaming\Babylon
Pasta Deletada : C:\Users\Maria\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Maria\AppData\Roaming\Funmoods
Pasta Deletada : C:\Users\Maria\AppData\Roaming\UpdaterEX
Pasta Deletada : C:\Users\Maria\Documents\Mobogenie
Pasta Deletada : C:\Users\Maria\Documents\Freecorder
Pasta Deletada : C:\Users\Public\Documents\baidu
Pasta Deletada : C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Pasta Deletada : C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Arquivo Deletada : C:\END
Arquivo Deletada : C:\Users\Maria\daemonprocess.txt
Arquivo Deletada : C:\Users\Maria\AppData\Local\funmoods.crx
Arquivo Deletada : C:\Users\Maria\AppData\Local\funmoods-speeddial_sf.crx
Arquivo Deletada : C:\Program Files\Mozilla Firefox\user.js
Arquivo Deletada : C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage
Arquivo Deletada : C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage
Arquivo Deletada : C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Arquivo Deletada : C:\Windows\System32\Tasks\Funmoods
Arquivo Deletada : C:\Windows\Tasks\UpdaterEX.job
Arquivo Deletada : C:\Windows\System32\Tasks\UpdaterEX
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6DA3157A-AEC0-4717-89EE-9A25CCFB0160}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DA3157A-AEC0-4717-89EE-9A25CCFB0160}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{49EE18A9-754F-4188-BBB1-DFB8432D7B3B}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49EE18A9-754F-4188-BBB1-DFB8432D7B3B}
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\RegistryHelper.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Chave Deletedo : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar.CT1060933
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{544C2426-48FD-4C40-AE3B-31257FF334D0}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1917AB4C-E2E9-42AE-A51E-B5750F160BFB}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6C65F1F0-8088-414B-828C-813207ADE75A}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A4341726-E922-47BB-86A6-23F4F4F67342}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C9B4F046-2A8C-46BD-B1A1-CF0EAE5EA521}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{DCA1528D-A3C0-4A9F-AA6E-DCE643F91495}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1392B8D2-5C05-419F-A8F6-B9F15A596612}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9E92257F-3F0A-451D-B231-6E2DB60CDC71}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B887CA3B-D82B-4A01-AD29-E97444D01CE6}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1392B8D2-5C05-419F-A8F6-B9F15A596612}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1392B8D2-5C05-419F-A8F6-B9F15A596612}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9E92257F-3F0A-451D-B231-6E2DB60CDC71}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1392B8D2-5C05-419F-A8F6-B9F15A596612}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9E92257F-3F0A-451D-B231-6E2DB60CDC71}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB904C4-C255-4540-B97E-A75A34F1FFB0}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{51BD387C-B063-441C-A100-83577AA6AA5E}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6416057-1224-4783-BAEF-6F04ACDE5241}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{1392B8D2-5C05-419F-A8F6-B9F15A596612}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{1392B8D2-5C05-419F-A8F6-B9F15A596612}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{1392B8D2-5C05-419F-A8F6-B9F15A596612}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{1392B8D2-5C05-419F-A8F6-B9F15A596612}]
Chave Deletedo : HKCU\Software\Ask&Record
Chave Deletedo : HKCU\Software\Conduit
Chave Deletedo : HKCU\Software\DataMngr
[#] Chave Deletedo : HKCU\Software\DataMngr_Toolbar
Chave Deletedo : HKCU\Software\Funmoods
Chave Deletedo : HKCU\Software\genesis
Chave Deletedo : HKCU\Software\Iminent
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\ProtectedSearch
Chave Deletedo : HKCU\Software\UpdaterEX
Chave Deletedo : HKCU\Software\Freecorder
Chave Deletedo : HKCU\Software\AppDataLow\Toolbar
Chave Deletedo : HKCU\Software\AppDataLow\Software\Conduit
Chave Deletedo : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Chave Deletedo : HKCU\Software\AppDataLow\Software\PriceGong
Chave Deletedo : HKCU\Software\AppDataLow\Software\simplytech
Chave Deletedo : HKCU\Software\AppDataLow\Software\SmartBar
Chave Deletedo : HKCU\Software\AppDataLow\Software\Freecorder
Chave Deletedo : HKLM\Software\Babylon
Chave Deletedo : HKLM\Software\BrowserMngr
Chave Deletedo : HKLM\Software\Conduit
Chave Deletedo : HKLM\Software\DataMngr
Chave Deletedo : HKLM\Software\Funmoods
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKLM\Software\SimplyGen
Chave Deletedo : HKLM\Software\Tarma Installer
Chave Deletedo : HKLM\Software\Freecorder
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Freecorder extension
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Freecorder Toolbar
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.17041
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]
-\\ Google Chrome v
[ Arquivo : C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Extension] : bbjciahceamgodcoidkjpchnokgfpphh
Deletedo [Extension] : cjpglkicenollcignonpgiafdgfeehoj
Deletedo [Extension] : dlfienamagdnkekbbbocojppncdambda
*************************
AdwCleaner[R0].txt - [23547 octets] - [29/04/2014 20:32:07]
AdwCleaner[S0].txt - [22505 octets] - [29/04/2014 20:44:01]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [22566 octets] ##########
ma.rita- Iniciante
- Mensagens : 31
Reputação : 0
Data de inscrição : 28/04/2014
Re: Software Melondrea e Highlightly
por Power Max Ter 29 Abr 2014, 21:12
Sim, isto tudo são adwares que estavam no seu PC. E ainda tem outros.Tudo isso era lixo que tinha na minha máquina?
Faça o download do Malwarebytes em um destes links abaixo:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para instalá-lo e executá-lo corretamente siga, por gentileza, as dicas desta postagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Na sua próxima resposta poste este log (relatório) do Malwarebytes.
Ficamos no aguardo.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Software Melondrea e Highlightly
por ma.rita Qua 30 Abr 2014, 00:23
Rodei o Malwarebytes conforme orientação e foram encontrados 53 arquivos. Eu analisei e percebi que todos se referiam a Melondrea e Highlightly então optei por Deletar todos. Será que eu fiz certo?
Segue Log para sua análise e aguardo novas orientações.
Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Data de Verificação: 30/04/2014
Hora da Verificação: 00:08:31
Logfile: LOG Malwarebytes.txt
Administrador: Sim
Versão: 2.00.1.1004
Malware Database: v2014.04.30.01
Rootkit Database: v2014.03.27.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Chameleon: Desabilitado
OS: Windows 7 Service Pack 1
CPU: x86
Sistema de Arquivo: NTFS
Usuário: Maria
Tipo da Verificação: Verificação Personalizada
Resultado: Completado
Arquivos Verificados: 329891
Tempo Decorrido: 2 hr, 24 min, 30 seg
Memória: Enabled
Inicialização: Enabled
Filesystem: Enabled
Arquivos: Enabled
Rootkits: Desabilitado
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processos: 0
(No malicious items detected)
Módulos: 0
(No malicious items detected)
Chaves de Registro: 18
PUP.Optional.Melondrea.A, HKLM\SOFTWARE\CLASSES\CLSID\{16f059cb-3d3f-4ecc-b426-bafa47233676}, No Action By User, [fc7da888720975c1aa84c558d42e3fc1],
PUP.Optional.Melondrea.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{4ab7647f-75b6-4486-9584-efee06afee68}, No Action By User, [fc7da888720975c1aa84c558d42e3fc1],
PUP.Optional.Melondrea.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{AE20B22F-60C1-4753-ABAE-459C85D3E303}, No Action By User, [fc7da888720975c1aa84c558d42e3fc1],
PUP.Optional.Melondrea.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{16F059CB-3D3F-4ECC-B426-BAFA47233676}, No Action By User, [fc7da888720975c1aa84c558d42e3fc1],
PUP.Optional.Melondrea.A, HKU\S-1-5-21-1420172195-3808617618-1639142973-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{16F059CB-3D3F-4ECC-B426-BAFA47233676}, No Action By User, [fc7da888720975c1aa84c558d42e3fc1],
PUP.Optional.Melondrea.A, HKU\S-1-5-21-1420172195-3808617618-1639142973-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{16F059CB-3D3F-4ECC-B426-BAFA47233676}, No Action By User, [fc7da888720975c1aa84c558d42e3fc1],
PUP.Optional.Highlightly, HKLM\SOFTWARE\CLASSES\CLSID\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}, No Action By User, [d1a8a28e7a0185b18d54fa23bc46e41c],
PUP.Optional.Highlightly, HKLM\SOFTWARE\CLASSES\TYPELIB\{EA3802D2-C00A-4478-9319-34075A31C28F}, No Action By User, [d1a8a28e7a0185b18d54fa23bc46e41c],
PUP.Optional.Highlightly, HKLM\SOFTWARE\CLASSES\INTERFACE\{483F56D2-1D67-44A5-A4C5-67DBB724F7A0}, No Action By User, [d1a8a28e7a0185b18d54fa23bc46e41c],
PUP.Optional.Highlightly, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}, No Action By User, [d1a8a28e7a0185b18d54fa23bc46e41c],
PUP.Optional.Highlightly, HKU\S-1-5-21-1420172195-3808617618-1639142973-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}, No Action By User, [d1a8a28e7a0185b18d54fa23bc46e41c],
PUP.Optional.Highlightly, HKU\S-1-5-21-1420172195-3808617618-1639142973-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}, No Action By User, [d1a8a28e7a0185b18d54fa23bc46e41c],
PUP.Optional.Highlightly, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}, No Action By User, [d1a8a28e7a0185b18d54fa23bc46e41c],
PUP.Optional.Highlightly, HKLM\SOFTWARE\Highlightly, No Action By User, [de9b2010e09bd1652fb3bcf8af54768a],
PUP.Optional.Melondrea.A, HKLM\SOFTWARE\melondrea, No Action By User, [126761cfb8c3c571bb4987fc17ebd32d],
PUP.Optional.HighLightly.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\cmclajginlihohopoeofghddnhpplhom, No Action By User, [c3b6022e3249d462e927f78245bdfb05],
PUP.Optional.Melondrea.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update melondrea, No Action By User, [4c2d7cb4057663d3ba4ba3e0bf4356aa],
PUP.Optional.Melondrea.A, HKU\S-1-5-21-1420172195-3808617618-1639142973-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\melondrea, No Action By User, [df9a57d9116a4ceaf80ba8db37cbd927],
Valores de Registro: 1
PUP.Optional.BProtector, HKU\S-1-5-21-1420172195-3808617618-1639142973-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|BrowserMngr Start Page, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] No Action By User, [df9a151be89395a17a76109b2fd4f30d]
Dados do Registro: 1
PUP.Optional.SearchCertifiedTB.A, HKU\S-1-5-21-1420172195-3808617618-1639142973-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Good: (http://www.google.com), Bad: (http://search.certified-toolbar.com?si=41460&bs=true&tid=2938&q=%s),No Action By User,[e99058d84833989ed49a9c9955af55ab]
Pastas: 3
PUP.Optional.Highlightly.A, C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom, No Action By User, [5f1abf719fdce3530da96308e71b07f9],
PUP.Optional.Highlightly.A, C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom\1.9.0.2_0, No Action By User, [5f1abf719fdce3530da96308e71b07f9],
PUP.Optional.FunMoods.A, C:\Users\Maria\AppData\Roaming\FunmoodsChat\UpdateProc, No Action By User, [473231ff205bdb5bac66432aab576f91],
Arquivos: 30
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Program Files\Conduit\Community Alerts\Alert.dll.vir, No Action By User, [82f7a888ec8f0c2a700e2b044db3fa06],
PUP.Optional.BestToolBars, C:\AdwCleaner\Quarantine\C\Program Files\Freecorder extension\AddonsFramework.dll.vir, No Action By User, [3544b87873088babedf3332b31d36f91],
PUP.Optional.BestToolBars.A, C:\AdwCleaner\Quarantine\C\Program Files\Freecorder extension\ButtonSite.dll.vir, No Action By User, [c3b6969a354642f466f018522ed33cc4],
PUP.Optional.BestToolBars, C:\AdwCleaner\Quarantine\C\Program Files\Freecorder extension\PropertySyncPS.dll.vir, No Action By User, [691040f09dde63d34d934a14d3316799],
PUP.Optional.BestToolBars.A, C:\AdwCleaner\Quarantine\C\Program Files\Freecorder extension\ScriptHost.dll.vir, No Action By User, [780168c8a7d4b284084f85e57e83f30d],
PUP.Optional.HighLightly.A, C:\AdwCleaner\Quarantine\C\Program Files\Highlightly\Uninstall.exe.vir, No Action By User, [5e1b959b4c2fde58500931391fe2916f],
PUP.Optional.Melondrea.A, C:\AdwCleaner\Quarantine\C\Program Files\melondrea\melondreaBHO.dll.vir, No Action By User, [88f1191744377cbac2ba1d3aed1441bf],
PUP.Optional.Melondrea.A, C:\AdwCleaner\Quarantine\C\Program Files\melondrea\updatemelondrea.exe.vir, No Action By User, [2158d35d8fec9f977805cc8bdb262fd1],
PUP.Optional.Melondrea.A, C:\AdwCleaner\Quarantine\C\Program Files\melondrea\bin\utilmelondrea.exe.vir, No Action By User, [354482ae85f644f2bdc0282f6e933fc1],
PUP.Optional.Sanbreel.A, C:\AdwCleaner\Quarantine\C\Program Files\melondrea\bin\plugins\melondrea.PurBrowseG.dll.vir, No Action By User, [83f632fe89f20135ad58353e659cc13f],
PUP.Optional.Iminent.A, C:\Users\Maria\AppData\Local\Temp\is701137889\IminentSetup.exe, No Action By User, [10697cb45724f442a69542e8c041936d],
PUP.Optional.HighLightly.A, C:\Users\Maria\AppData\Local\Temp\n693\highlightly_1404-c9d836f8.exe, No Action By User, [a4d5082832498fa785d4dd8d9e630cf4],
PUP.Optional.Melondrea.A, C:\Users\Maria\AppData\Local\Temp\n693\melondrea_0702-81cfb2ef.exe, No Action By User, [4e2b7fb13942e650f086ff12ef15fd03],
PUP.Optional.BundleInstaller.A, C:\Users\Maria\AppData\Local\Temp\n693\s693.exe, No Action By User, [720719170e6da5916d6a61e0a25ece32],
PUP.Optional.Highlightly.A, C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom\1.9.0.2_0\background.html, No Action By User, [5f1abf719fdce3530da96308e71b07f9],
PUP.Optional.Highlightly.A, C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom\1.9.0.2_0\background.js, No Action By User, [5f1abf719fdce3530da96308e71b07f9],
PUP.Optional.Highlightly.A, C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom\1.9.0.2_0\icon-128.png, No Action By User, [5f1abf719fdce3530da96308e71b07f9],
PUP.Optional.Highlightly.A, C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom\1.9.0.2_0\icon-16.png, No Action By User, [5f1abf719fdce3530da96308e71b07f9],
PUP.Optional.Highlightly.A, C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom\1.9.0.2_0\icon-48.png, No Action By User, [5f1abf719fdce3530da96308e71b07f9],
PUP.Optional.Highlightly.A, C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom\1.9.0.2_0\manifest.json, No Action By User, [5f1abf719fdce3530da96308e71b07f9],
PUP.Optional.Highlightly.A, C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom\1.9.0.2_0\options.css, No Action By User, [5f1abf719fdce3530da96308e71b07f9],
PUP.Optional.Highlightly.A, C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom\1.9.0.2_0\options.html, No Action By User, [5f1abf719fdce3530da96308e71b07f9],
PUP.Optional.Highlightly.A, C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom\1.9.0.2_0\options.js, No Action By User, [5f1abf719fdce3530da96308e71b07f9],
PUP.Optional.Highlightly.A, C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom\1.9.0.2_0\vitruvian.bootstrap.js, No Action By User, [5f1abf719fdce3530da96308e71b07f9],
PUP.Optional.Highlightly.A, C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom\1.9.0.2_0\vitruvian.plugin-api.js, No Action By User, [5f1abf719fdce3530da96308e71b07f9],
PUP.Optional.FunMoods.A, C:\Users\Maria\AppData\Roaming\FunmoodsChat\UpdateProc\config.dat, No Action By User, [473231ff205bdb5bac66432aab576f91],
PUP.Optional.FunMoods.A, C:\Users\Maria\AppData\Roaming\FunmoodsChat\UpdateProc\info.dat, No Action By User, [473231ff205bdb5bac66432aab576f91],
PUP.Optional.FunMoods.A, C:\Users\Maria\AppData\Roaming\FunmoodsChat\UpdateProc\src.dat, No Action By User, [473231ff205bdb5bac66432aab576f91],
PUP.Optional.FunMoods.A, C:\Users\Maria\AppData\Roaming\FunmoodsChat\UpdateProc\STTL.DAT, No Action By User, [473231ff205bdb5bac66432aab576f91],
PUP.Optional.FunMoods.A, C:\Users\Maria\AppData\Roaming\FunmoodsChat\UpdateProc\TTL.DAT, No Action By User, [473231ff205bdb5bac66432aab576f91],
Physical Sectors: 0
(No malicious items detected)
(end)
Segue Log para sua análise e aguardo novas orientações.
Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Data de Verificação: 30/04/2014
Hora da Verificação: 00:08:31
Logfile: LOG Malwarebytes.txt
Administrador: Sim
Versão: 2.00.1.1004
Malware Database: v2014.04.30.01
Rootkit Database: v2014.03.27.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Chameleon: Desabilitado
OS: Windows 7 Service Pack 1
CPU: x86
Sistema de Arquivo: NTFS
Usuário: Maria
Tipo da Verificação: Verificação Personalizada
Resultado: Completado
Arquivos Verificados: 329891
Tempo Decorrido: 2 hr, 24 min, 30 seg
Memória: Enabled
Inicialização: Enabled
Filesystem: Enabled
Arquivos: Enabled
Rootkits: Desabilitado
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processos: 0
(No malicious items detected)
Módulos: 0
(No malicious items detected)
Chaves de Registro: 18
PUP.Optional.Melondrea.A, HKLM\SOFTWARE\CLASSES\CLSID\{16f059cb-3d3f-4ecc-b426-bafa47233676}, No Action By User, [fc7da888720975c1aa84c558d42e3fc1],
PUP.Optional.Melondrea.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{4ab7647f-75b6-4486-9584-efee06afee68}, No Action By User, [fc7da888720975c1aa84c558d42e3fc1],
PUP.Optional.Melondrea.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{AE20B22F-60C1-4753-ABAE-459C85D3E303}, No Action By User, [fc7da888720975c1aa84c558d42e3fc1],
PUP.Optional.Melondrea.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{16F059CB-3D3F-4ECC-B426-BAFA47233676}, No Action By User, [fc7da888720975c1aa84c558d42e3fc1],
PUP.Optional.Melondrea.A, HKU\S-1-5-21-1420172195-3808617618-1639142973-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{16F059CB-3D3F-4ECC-B426-BAFA47233676}, No Action By User, [fc7da888720975c1aa84c558d42e3fc1],
PUP.Optional.Melondrea.A, HKU\S-1-5-21-1420172195-3808617618-1639142973-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{16F059CB-3D3F-4ECC-B426-BAFA47233676}, No Action By User, [fc7da888720975c1aa84c558d42e3fc1],
PUP.Optional.Highlightly, HKLM\SOFTWARE\CLASSES\CLSID\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}, No Action By User, [d1a8a28e7a0185b18d54fa23bc46e41c],
PUP.Optional.Highlightly, HKLM\SOFTWARE\CLASSES\TYPELIB\{EA3802D2-C00A-4478-9319-34075A31C28F}, No Action By User, [d1a8a28e7a0185b18d54fa23bc46e41c],
PUP.Optional.Highlightly, HKLM\SOFTWARE\CLASSES\INTERFACE\{483F56D2-1D67-44A5-A4C5-67DBB724F7A0}, No Action By User, [d1a8a28e7a0185b18d54fa23bc46e41c],
PUP.Optional.Highlightly, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}, No Action By User, [d1a8a28e7a0185b18d54fa23bc46e41c],
PUP.Optional.Highlightly, HKU\S-1-5-21-1420172195-3808617618-1639142973-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}, No Action By User, [d1a8a28e7a0185b18d54fa23bc46e41c],
PUP.Optional.Highlightly, HKU\S-1-5-21-1420172195-3808617618-1639142973-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}, No Action By User, [d1a8a28e7a0185b18d54fa23bc46e41c],
PUP.Optional.Highlightly, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}, No Action By User, [d1a8a28e7a0185b18d54fa23bc46e41c],
PUP.Optional.Highlightly, HKLM\SOFTWARE\Highlightly, No Action By User, [de9b2010e09bd1652fb3bcf8af54768a],
PUP.Optional.Melondrea.A, HKLM\SOFTWARE\melondrea, No Action By User, [126761cfb8c3c571bb4987fc17ebd32d],
PUP.Optional.HighLightly.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\cmclajginlihohopoeofghddnhpplhom, No Action By User, [c3b6022e3249d462e927f78245bdfb05],
PUP.Optional.Melondrea.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update melondrea, No Action By User, [4c2d7cb4057663d3ba4ba3e0bf4356aa],
PUP.Optional.Melondrea.A, HKU\S-1-5-21-1420172195-3808617618-1639142973-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\melondrea, No Action By User, [df9a57d9116a4ceaf80ba8db37cbd927],
Valores de Registro: 1
PUP.Optional.BProtector, HKU\S-1-5-21-1420172195-3808617618-1639142973-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|BrowserMngr Start Page, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] No Action By User, [df9a151be89395a17a76109b2fd4f30d]
Dados do Registro: 1
PUP.Optional.SearchCertifiedTB.A, HKU\S-1-5-21-1420172195-3808617618-1639142973-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Good: (http://www.google.com), Bad: (http://search.certified-toolbar.com?si=41460&bs=true&tid=2938&q=%s),No Action By User,[e99058d84833989ed49a9c9955af55ab]
Pastas: 3
PUP.Optional.Highlightly.A, C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom, No Action By User, [5f1abf719fdce3530da96308e71b07f9],
PUP.Optional.Highlightly.A, C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom\1.9.0.2_0, No Action By User, [5f1abf719fdce3530da96308e71b07f9],
PUP.Optional.FunMoods.A, C:\Users\Maria\AppData\Roaming\FunmoodsChat\UpdateProc, No Action By User, [473231ff205bdb5bac66432aab576f91],
Arquivos: 30
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Program Files\Conduit\Community Alerts\Alert.dll.vir, No Action By User, [82f7a888ec8f0c2a700e2b044db3fa06],
PUP.Optional.BestToolBars, C:\AdwCleaner\Quarantine\C\Program Files\Freecorder extension\AddonsFramework.dll.vir, No Action By User, [3544b87873088babedf3332b31d36f91],
PUP.Optional.BestToolBars.A, C:\AdwCleaner\Quarantine\C\Program Files\Freecorder extension\ButtonSite.dll.vir, No Action By User, [c3b6969a354642f466f018522ed33cc4],
PUP.Optional.BestToolBars, C:\AdwCleaner\Quarantine\C\Program Files\Freecorder extension\PropertySyncPS.dll.vir, No Action By User, [691040f09dde63d34d934a14d3316799],
PUP.Optional.BestToolBars.A, C:\AdwCleaner\Quarantine\C\Program Files\Freecorder extension\ScriptHost.dll.vir, No Action By User, [780168c8a7d4b284084f85e57e83f30d],
PUP.Optional.HighLightly.A, C:\AdwCleaner\Quarantine\C\Program Files\Highlightly\Uninstall.exe.vir, No Action By User, [5e1b959b4c2fde58500931391fe2916f],
PUP.Optional.Melondrea.A, C:\AdwCleaner\Quarantine\C\Program Files\melondrea\melondreaBHO.dll.vir, No Action By User, [88f1191744377cbac2ba1d3aed1441bf],
PUP.Optional.Melondrea.A, C:\AdwCleaner\Quarantine\C\Program Files\melondrea\updatemelondrea.exe.vir, No Action By User, [2158d35d8fec9f977805cc8bdb262fd1],
PUP.Optional.Melondrea.A, C:\AdwCleaner\Quarantine\C\Program Files\melondrea\bin\utilmelondrea.exe.vir, No Action By User, [354482ae85f644f2bdc0282f6e933fc1],
PUP.Optional.Sanbreel.A, C:\AdwCleaner\Quarantine\C\Program Files\melondrea\bin\plugins\melondrea.PurBrowseG.dll.vir, No Action By User, [83f632fe89f20135ad58353e659cc13f],
PUP.Optional.Iminent.A, C:\Users\Maria\AppData\Local\Temp\is701137889\IminentSetup.exe, No Action By User, [10697cb45724f442a69542e8c041936d],
PUP.Optional.HighLightly.A, C:\Users\Maria\AppData\Local\Temp\n693\highlightly_1404-c9d836f8.exe, No Action By User, [a4d5082832498fa785d4dd8d9e630cf4],
PUP.Optional.Melondrea.A, C:\Users\Maria\AppData\Local\Temp\n693\melondrea_0702-81cfb2ef.exe, No Action By User, [4e2b7fb13942e650f086ff12ef15fd03],
PUP.Optional.BundleInstaller.A, C:\Users\Maria\AppData\Local\Temp\n693\s693.exe, No Action By User, [720719170e6da5916d6a61e0a25ece32],
PUP.Optional.Highlightly.A, C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom\1.9.0.2_0\background.html, No Action By User, [5f1abf719fdce3530da96308e71b07f9],
PUP.Optional.Highlightly.A, C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom\1.9.0.2_0\background.js, No Action By User, [5f1abf719fdce3530da96308e71b07f9],
PUP.Optional.Highlightly.A, C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom\1.9.0.2_0\icon-128.png, No Action By User, [5f1abf719fdce3530da96308e71b07f9],
PUP.Optional.Highlightly.A, C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom\1.9.0.2_0\icon-16.png, No Action By User, [5f1abf719fdce3530da96308e71b07f9],
PUP.Optional.Highlightly.A, C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom\1.9.0.2_0\icon-48.png, No Action By User, [5f1abf719fdce3530da96308e71b07f9],
PUP.Optional.Highlightly.A, C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom\1.9.0.2_0\manifest.json, No Action By User, [5f1abf719fdce3530da96308e71b07f9],
PUP.Optional.Highlightly.A, C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom\1.9.0.2_0\options.css, No Action By User, [5f1abf719fdce3530da96308e71b07f9],
PUP.Optional.Highlightly.A, C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom\1.9.0.2_0\options.html, No Action By User, [5f1abf719fdce3530da96308e71b07f9],
PUP.Optional.Highlightly.A, C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom\1.9.0.2_0\options.js, No Action By User, [5f1abf719fdce3530da96308e71b07f9],
PUP.Optional.Highlightly.A, C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom\1.9.0.2_0\vitruvian.bootstrap.js, No Action By User, [5f1abf719fdce3530da96308e71b07f9],
PUP.Optional.Highlightly.A, C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom\1.9.0.2_0\vitruvian.plugin-api.js, No Action By User, [5f1abf719fdce3530da96308e71b07f9],
PUP.Optional.FunMoods.A, C:\Users\Maria\AppData\Roaming\FunmoodsChat\UpdateProc\config.dat, No Action By User, [473231ff205bdb5bac66432aab576f91],
PUP.Optional.FunMoods.A, C:\Users\Maria\AppData\Roaming\FunmoodsChat\UpdateProc\info.dat, No Action By User, [473231ff205bdb5bac66432aab576f91],
PUP.Optional.FunMoods.A, C:\Users\Maria\AppData\Roaming\FunmoodsChat\UpdateProc\src.dat, No Action By User, [473231ff205bdb5bac66432aab576f91],
PUP.Optional.FunMoods.A, C:\Users\Maria\AppData\Roaming\FunmoodsChat\UpdateProc\STTL.DAT, No Action By User, [473231ff205bdb5bac66432aab576f91],
PUP.Optional.FunMoods.A, C:\Users\Maria\AppData\Roaming\FunmoodsChat\UpdateProc\TTL.DAT, No Action By User, [473231ff205bdb5bac66432aab576f91],
Physical Sectors: 0
(No malicious items detected)
(end)
ma.rita- Iniciante
- Mensagens : 31
Reputação : 0
Data de inscrição : 28/04/2014
Re: Software Melondrea e Highlightly
por Power Max Qua 30 Abr 2014, 10:37
Sim, você fez o certo. Realmente é preciso remover todos estes que o Malwarebytes encontrou. Mas você tem certeza que removeu todos eles? porque no seu log está constando que nenhuma ação foi tomada. A não ser que este log seja de antes de você remover os problemas encontrados. Para você ter certeza de que ele removeu os problemas é só você entrar na quarentena do Malwarebytes e ver se eles estão lá, se estiverem é porque foram removidos.Rodei o Malwarebytes conforme orientação e foram encontrados 53 arquivos. Eu analisei e percebi que todos se referiam a Melondrea e Highlightly então optei por Deletar todos. Será que eu fiz certo?
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) Re: Software Melondrea e Highlightly
por ma.rita Qua 30 Abr 2014, 21:38
Eu removi todos porém continua aparecendo janelas e abrindo telas de propaganda e obrigando instalação de software como vc pode ver no arquivo anexo a cópia de algumas telas
ma.rita- Iniciante
- Mensagens : 31
Reputação : 0
Data de inscrição : 28/04/2014
Re: Software Melondrea e Highlightly
por Power Max Qua 30 Abr 2014, 21:40
Desative temporariamente seu antivírus para evitar conflitos.* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executá-lo corretamente siga as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) Re: Software Melondrea e Highlightly
por ma.rita Qua 30 Abr 2014, 21:58
Preciso de orientação. Entrei no programa pra ver se estão na quarentena veja o que apareceu. Eu entendi que os Malvares não foram deletados. É isso mesmo? OBS: O log que eu te mandei anteriomente foi depois que eu executei a ação de Remover os arquivos. To mandando as telas pra me ajudar na orientação. O que devo fazer agora? Aguardo sua orientação.
ma.rita- Iniciante
- Mensagens : 31
Reputação : 0
Data de inscrição : 28/04/2014
Re: Software Melondrea e Highlightly
por Power Max Qua 30 Abr 2014, 22:00
Não apareceu tela nenhuma na sua resposta.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Software Melondrea e Highlightly
por ma.rita Qua 30 Abr 2014, 22:22
Eu devo n estar fazendo certo. Posso mandar msg e arquivo simultaneamente?
ma.rita- Iniciante
- Mensagens : 31
Reputação : 0
Data de inscrição : 28/04/2014
Re: Software Melondrea e Highlightly
por Power Max Qua 30 Abr 2014, 22:29
Pode mandar, mas se você olhou na quarentena do Malwarebytes e os arquivos não estão lá, certamente é porque não foram removidos.
É só você seguir passo a passo aquele tutorial do Malwarebytes que lhe passei que os vírus serão removidos.
É só você seguir passo a passo aquele tutorial do Malwarebytes que lhe passei que os vírus serão removidos.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Software Melondrea e Highlightly
por ma.rita Qua 30 Abr 2014, 23:03
Será que desta vez foi deletado os Malwares? Eu rodei o software Zoe conforme orientação e segue o log para sua análise. Vou navegar na Internet e te retorno em seguida.
Relatório
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Maria on 30/04/2014 at 22:28:25,79.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Maria\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
30/04/2014 22:30:00 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1420172195-3808617618-1639142973-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
HKEY_USERS\S-1-5-21-1420172195-3808617618-1639142973-1001\Software\Microsoft\Internet Explorer\SearchScopes\{316C7532-4A48-8614-3FA8-6E24BDD01E3E} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util melondrea deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util melondrea deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util melondrea deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util melondrea deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update melondrea deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update melondrea deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update melondrea deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update melondrea deleted successfully
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"BrowserMngr Start Page"=-
==== Deleting Files \ Folders ======================
C:\Users\Maria\AppData\Roaming\DownTango4SToolbar deleted
C:\Users\Maria\AppData\Roaming\DRPSu deleted
C:\PROGRA~2\Ask deleted
C:\PROGRA~2\baidu deleted
C:\PROGRA~2\Tarma Installer deleted
C:\PROGRA~2\Babylon deleted
C:\Users\Maria\AppData\Local\cache deleted
C:\Users\Maria\AppData\LocalLow\DownTango4SToolbar deleted
C:\Windows\system32\tasks\Baidu PC Faster Update deleted
C:\user.js deleted
C:\Windows\Launcher.exe deleted
C:\Windows\System32\InstallUtil.InstallLog deleted
C:\Windows\System32\searchplugins deleted
C:\Windows\System32\Extensions deleted
C:\Program Files\melondrea deleted
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
cmclajginlihohopoeofghddnhpplhom - C:\Program Files\Highlightly\Chrome\cmclajginlihohopoeofghddnhpplhom.crx[]
gpicboiclhmnllnjdcfcffifpoaebgkm - C:\Program Files\Freecorder extension\Freecorder.crx[]
YouTube - Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Highlightly - Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom
Google Search - Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chrome Fix ======================
C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_anki.softonic.com.br_0.localstorage deleted successfully
C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_anki.softonic.com.br_0.localstorage-journal deleted successfully
C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.claro-search.com_0.localstorage deleted successfully
C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.claro-search.com_0.localstorage-journal deleted successfully
C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.baixaki.com.br/portal/?utm_source=sol&utm_medium=ppi&utm_campaign=portal"
"Search Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.certified-toolbar.com?si=41460&home=true&tid=2938"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=2938"
"Default_Search_URL"="http://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q="
"Search Bar"="http://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q="
"Search Page"="http://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=2938&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=2938&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=2938&q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=2938&q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://search.certified-toolbar.com?si=41460&home=true&tid=2938"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=2938"
"Default_Search_URL"="http://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q="
"Search Bar"="http://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q="
"Search Page"="http://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.baixaki.com.br/portal/?utm_source=sol&utm_medium=ppi&utm_campaign=portal"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1420172195-3808617618-1639142973-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{16f059cb-3d3f-4ecc-b426-bafa47233676} deleted successfully
HKEY_USERS\S-1-5-21-1420172195-3808617618-1639142973-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{16f059cb-3d3f-4ecc-b426-bafa47233676} deleted successfully
HKEY_USERS\S-1-5-21-1420172195-3808617618-1639142973-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} deleted successfully
HKEY_USERS\S-1-5-21-1420172195-3808617618-1639142973-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{16f059cb-3d3f-4ecc-b426-bafa47233676} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{16f059cb-3d3f-4ecc-b426-bafa47233676} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} deleted successfully
==== Deleting CLSID Registry Values ======================
==== shortcuts on Users Desktops ======================
C:\Users\Maria\Desktop\Audacity.lnk - C:\Program Files\Audacity\audacity.exe
C:\Users\Maria\Desktop\Microsoft Excel 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe
C:\Users\Maria\Desktop\Microsoft PowerPoint 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pptico.exe
C:\Users\Maria\Desktop\Microsoft Security Essentials.lnk - C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\Maria\Desktop\Microsoft Word 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Adobe Reader 9.lnk - C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files\iTunes\iTunes.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Microsoft LifeCam.lnk - C:\Program Files\Microsoft LifeCam\LifeCam.exe
C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk - C:\Program Files\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe
C:\Users\Public\Desktop\QuickTime Player.lnk - C:\Program Files\QuickTime\QuickTimePlayer.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
==== shortcuts in Users Start Menu ======================
C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Users\Maria\AppData\Local\Google\Chrome\Application\chrome.exe
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk - C:\Program Files\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe
C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Freecorder Converter.lnk - C:\Program Files\Freecorder\FCConv.exe
C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Excel 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe
C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Word 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Users\Maria\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cmclajginlihohopoeofghddnhpplhom deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm deleted successfully
==== Empty IE Cache ======================
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Maria\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Maria\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=247 folders=41 9097000 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Maria\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Maria\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 30/04/2014 at 22:53:39,09 ======================
Relatório
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Maria on 30/04/2014 at 22:28:25,79.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Maria\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
30/04/2014 22:30:00 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1420172195-3808617618-1639142973-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
HKEY_USERS\S-1-5-21-1420172195-3808617618-1639142973-1001\Software\Microsoft\Internet Explorer\SearchScopes\{316C7532-4A48-8614-3FA8-6E24BDD01E3E} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util melondrea deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util melondrea deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util melondrea deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util melondrea deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update melondrea deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update melondrea deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update melondrea deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update melondrea deleted successfully
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"BrowserMngr Start Page"=-
==== Deleting Files \ Folders ======================
C:\Users\Maria\AppData\Roaming\DownTango4SToolbar deleted
C:\Users\Maria\AppData\Roaming\DRPSu deleted
C:\PROGRA~2\Ask deleted
C:\PROGRA~2\baidu deleted
C:\PROGRA~2\Tarma Installer deleted
C:\PROGRA~2\Babylon deleted
C:\Users\Maria\AppData\Local\cache deleted
C:\Users\Maria\AppData\LocalLow\DownTango4SToolbar deleted
C:\Windows\system32\tasks\Baidu PC Faster Update deleted
C:\user.js deleted
C:\Windows\Launcher.exe deleted
C:\Windows\System32\InstallUtil.InstallLog deleted
C:\Windows\System32\searchplugins deleted
C:\Windows\System32\Extensions deleted
C:\Program Files\melondrea deleted
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
cmclajginlihohopoeofghddnhpplhom - C:\Program Files\Highlightly\Chrome\cmclajginlihohopoeofghddnhpplhom.crx[]
gpicboiclhmnllnjdcfcffifpoaebgkm - C:\Program Files\Freecorder extension\Freecorder.crx[]
YouTube - Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Highlightly - Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom
Google Search - Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chrome Fix ======================
C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_anki.softonic.com.br_0.localstorage deleted successfully
C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_anki.softonic.com.br_0.localstorage-journal deleted successfully
C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.claro-search.com_0.localstorage deleted successfully
C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.claro-search.com_0.localstorage-journal deleted successfully
C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmclajginlihohopoeofghddnhpplhom deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.baixaki.com.br/portal/?utm_source=sol&utm_medium=ppi&utm_campaign=portal"
"Search Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.certified-toolbar.com?si=41460&home=true&tid=2938"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=2938"
"Default_Search_URL"="http://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q="
"Search Bar"="http://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q="
"Search Page"="http://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=2938&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=2938&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=2938&q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=2938&q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://search.certified-toolbar.com?si=41460&home=true&tid=2938"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=2938"
"Default_Search_URL"="http://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q="
"Search Bar"="http://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q="
"Search Page"="http://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.baixaki.com.br/portal/?utm_source=sol&utm_medium=ppi&utm_campaign=portal"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1420172195-3808617618-1639142973-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{16f059cb-3d3f-4ecc-b426-bafa47233676} deleted successfully
HKEY_USERS\S-1-5-21-1420172195-3808617618-1639142973-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{16f059cb-3d3f-4ecc-b426-bafa47233676} deleted successfully
HKEY_USERS\S-1-5-21-1420172195-3808617618-1639142973-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} deleted successfully
HKEY_USERS\S-1-5-21-1420172195-3808617618-1639142973-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{16f059cb-3d3f-4ecc-b426-bafa47233676} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{16f059cb-3d3f-4ecc-b426-bafa47233676} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} deleted successfully
==== Deleting CLSID Registry Values ======================
==== shortcuts on Users Desktops ======================
C:\Users\Maria\Desktop\Audacity.lnk - C:\Program Files\Audacity\audacity.exe
C:\Users\Maria\Desktop\Microsoft Excel 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe
C:\Users\Maria\Desktop\Microsoft PowerPoint 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pptico.exe
C:\Users\Maria\Desktop\Microsoft Security Essentials.lnk - C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\Maria\Desktop\Microsoft Word 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Adobe Reader 9.lnk - C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files\iTunes\iTunes.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Microsoft LifeCam.lnk - C:\Program Files\Microsoft LifeCam\LifeCam.exe
C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk - C:\Program Files\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe
C:\Users\Public\Desktop\QuickTime Player.lnk - C:\Program Files\QuickTime\QuickTimePlayer.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
==== shortcuts in Users Start Menu ======================
C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Users\Maria\AppData\Local\Google\Chrome\Application\chrome.exe
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk - C:\Program Files\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe
C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Freecorder Converter.lnk - C:\Program Files\Freecorder\FCConv.exe
C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Excel 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe
C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Word 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Users\Maria\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cmclajginlihohopoeofghddnhpplhom deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm deleted successfully
==== Empty IE Cache ======================
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Maria\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Maria\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=247 folders=41 9097000 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Maria\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Maria\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 30/04/2014 at 22:53:39,09 ======================
ma.rita- Iniciante
- Mensagens : 31
Reputação : 0
Data de inscrição : 28/04/2014
Re: Software Melondrea e Highlightly
por Power Max Qua 30 Abr 2014, 23:10
Quanto ao zoek você fez a limpeza corretamente e vários problemas foram removidos. Mas e quanto ao Malwarebytes? será que você removeu todos os problemas mesmo? Conseguiu olhar na quarentena dele para ver se os vírus estão lá?
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Software Melondrea e Highlightly
por ma.rita Qua 30 Abr 2014, 23:44
Estou enviando a tela da quarentena. Há 3 tipos de LOG e veficando o histórico do LOG eles estão na tela da Quarentena. O link Apagar tudo fica habilitado. Como n entendo nada aguardo sua orientação. No meu entender os Malwarebytes estão lá em Quarentena.
ma.rita- Iniciante
- Mensagens : 31
Reputação : 0
Data de inscrição : 28/04/2014
Re: Software Melondrea e Highlightly
por Power Max Qua 30 Abr 2014, 23:47
Esta tela que você mostrou na imagem mostra que você está olhando é nos logs do programa, mas clique no botão quarentena (do lado esquerdo da tela acima do botão de logs) e você verá se há ou não há arquivos na quarentena.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Software Melondrea e Highlightly
por ma.rita Qua 30 Abr 2014, 23:56
Essa deve ser a tela da Quarentena. Não há arquivos
ma.rita- Iniciante
- Mensagens : 31
Reputação : 0
Data de inscrição : 28/04/2014
Re: Software Melondrea e Highlightly
por Power Max Qua 30 Abr 2014, 23:59
Isto mostra que você não excluiu os arquivos encontrados pelo Malwarebytes. Faça uma nova verificação com ele seguindo o passo a passo daquele tutorial que lhe passei, remova todos os problemas que ele encontrar e depois poste um novo relatório dele.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Software Melondrea e Highlightly
por ma.rita Qui 01 maio 2014, 00:09
Como o programa do Malwarebytes já está na minha máquina eu posso Atualizar a versão dos dados e clicar no botão Verificar Agora para escanear todos os arquivos novamente, ok?
ma.rita- Iniciante
- Mensagens : 31
Reputação : 0
Data de inscrição : 28/04/2014
Re: Software Melondrea e Highlightly
por Power Max Qui 01 maio 2014, 00:16
Atualize a versão dos dados.
Depois disto faça o seguinte: Clique em Verificar > clique em Verificação Personalizada > Clique em Verificar Agora:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Surgirá mais esta tela abaixo na qual você marcará todas as caixinhas do lado direito da tela para que todas as áreas de seu PC e mídias removíveis ligadas a ele possam ser escaneadas. E do lado esquerdo da tela deixe marcadas estas opções:
Verificar Objetos na Memória
Verificar as Configurações da Inicialização e do Registro
Verificar Arquivos Compactados
Quanto ao restante, deixe da forma já pré-configurada pelo Malwarebytes.
Depois disto clique no botão Iniciar Verificação como mostra a imagem abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Aguarde enquanto o escaneamento é realizado. Ele demora de acordo com a quantidade de arquivos que você possua em seu computador:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Assim que a verificação terminar, caso seja detectada alguma ameaça em seu PC surgirá uma mensagem como esta abaixo próximo ao relógio do Windows onde você clicará nela:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Neste momento aparecerá quais os malwares e itens potencialmente indesejáveis que foram detectados e os locais onde eles se encontram. Você notará que ele já mostra uma ação padrão para os itens (que normalmente é a de mover para a quarentena)
Para remover a infecção, deixe a opção Quarentena no menu Ação selecionada em todos os itens que quiser excluir e clique no botão Aplicar Ações, como mostra esta imagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Alguns malwares são rebeldes e podem necessitar de uma reinicialização do PC para que sejam removidos. Caso isto seja solicitado pelo Malwarebytes, clique em Yes como mostra esta imagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Depois disto é só postar este novo log dele para análise aqui no seu tópico.
Depois disto faça o seguinte: Clique em Verificar > clique em Verificação Personalizada > Clique em Verificar Agora:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Surgirá mais esta tela abaixo na qual você marcará todas as caixinhas do lado direito da tela para que todas as áreas de seu PC e mídias removíveis ligadas a ele possam ser escaneadas. E do lado esquerdo da tela deixe marcadas estas opções:
Verificar Objetos na Memória
Verificar as Configurações da Inicialização e do Registro
Verificar Arquivos Compactados
Quanto ao restante, deixe da forma já pré-configurada pelo Malwarebytes.
Depois disto clique no botão Iniciar Verificação como mostra a imagem abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Aguarde enquanto o escaneamento é realizado. Ele demora de acordo com a quantidade de arquivos que você possua em seu computador:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Assim que a verificação terminar, caso seja detectada alguma ameaça em seu PC surgirá uma mensagem como esta abaixo próximo ao relógio do Windows onde você clicará nela:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Neste momento aparecerá quais os malwares e itens potencialmente indesejáveis que foram detectados e os locais onde eles se encontram. Você notará que ele já mostra uma ação padrão para os itens (que normalmente é a de mover para a quarentena)
Para remover a infecção, deixe a opção Quarentena no menu Ação selecionada em todos os itens que quiser excluir e clique no botão Aplicar Ações, como mostra esta imagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Alguns malwares são rebeldes e podem necessitar de uma reinicialização do PC para que sejam removidos. Caso isto seja solicitado pelo Malwarebytes, clique em Yes como mostra esta imagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Depois disto é só postar este novo log dele para análise aqui no seu tópico.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Software Melondrea e Highlightly
por ma.rita Qui 01 maio 2014, 00:38
Power Max, vc é um excelente colaborador, tem me ajudado muito. A navegação na Internet já melhorou e muito. A performance da minha máquina já está muito mas muito melhor e eu que no dia seguinte ao ocorrido já estava levando minha máquina pra formatação. Mas resolvi apostar no Fórum PC Brasil eu aprendi muito com vcs eu que não entendo nada. Vocês passam orientações auto explicativas muito bom mesmo qualquer leigo entende. Só tenho que agradecer mas já estamos na reta final, eu acho.
Já estou escaneando os arquivos novamente e logo te envio o relatório do log.
Já estou escaneando os arquivos novamente e logo te envio o relatório do log.
ma.rita- Iniciante
- Mensagens : 31
Reputação : 0
Data de inscrição : 28/04/2014
Re: Software Melondrea e Highlightly
por Power Max Qui 01 maio 2014, 00:52
Ok, fico na espera. Se eu não te responder hoje te respondo amanhã porque já está tarde.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Software Melondrea e Highlightly
por ma.rita Qui 01 maio 2014, 11:14
Segue relatório sacaneado do programa Malwarebytes. Não apareceu tela Malwarebytes Anti-Malware que mostra PC infectado e nem mostrou Tela Aplicar Ações. Aguardo orientações
Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Update, 29/04/2014 21:39:19, SYSTEM, MARIA-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1,
Update, 29/04/2014 21:40:19, SYSTEM, MARIA-PC, Manual, Malware Database, 2014.3.4.9, 2014.4.30.1,
(end)
Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Update, 29/04/2014 21:39:19, SYSTEM, MARIA-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1,
Update, 29/04/2014 21:40:19, SYSTEM, MARIA-PC, Manual, Malware Database, 2014.3.4.9, 2014.4.30.1,
(end)
ma.rita- Iniciante
- Mensagens : 31
Reputação : 0
Data de inscrição : 28/04/2014
Re: Software Melondrea e Highlightly
por Power Max Qui 01 maio 2014, 11:15
Você olhou o log de proteção, mas o que precisamos é do log de verificação.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Software Melondrea e Highlightly
por ma.rita Qui 01 maio 2014, 20:35
Estou lhe enviando o arquivo com as telas de Verificação e Quarentena para sua análise.
Segue abaixo o relatório do LOG de Verificação
Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Data de Verificação: 01/05/2014
Hora da Verificação: 20:16:13
Logfile: LOG Malwarebytes 01_05.txt
Administrador: Sim
Versão: 2.00.1.1004
Malware Database: v2014.05.01.12
Rootkit Database: v2014.03.27.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Chameleon: Desabilitado
OS: Windows 7 Service Pack 1
CPU: x86
Sistema de Arquivo: NTFS
Usuário: Maria
Tipo da Verificação: Verificação Personalizada
Resultado: Completado
Arquivos Verificados: 326909
Tempo Decorrido: 2 hr, 55 min, 39 seg
Memória: Enabled
Inicialização: Enabled
Filesystem: Enabled
Arquivos: Enabled
Rootkits: Desabilitado
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processos: 0
(No malicious items detected)
Módulos: 0
(No malicious items detected)
Chaves de Registro: 0
(No malicious items detected)
Valores de Registro: 0
(No malicious items detected)
Dados do Registro: 0
(No malicious items detected)
Pastas: 0
(No malicious items detected)
Arquivos: 2
Adware.DomaIQ, C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000000, Quarantined, [f24e0b4176054bebf64e66dc837de21e],
Adware.DomaIQ, C:\Users\Maria\Downloads\Setup.exe, Quarantined, [63ddca823645a88e95af2a18ac54c040],
Physical Sectors: 0
(No malicious items detected)
(end)
Segue abaixo o relatório do LOG de Verificação
Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Data de Verificação: 01/05/2014
Hora da Verificação: 20:16:13
Logfile: LOG Malwarebytes 01_05.txt
Administrador: Sim
Versão: 2.00.1.1004
Malware Database: v2014.05.01.12
Rootkit Database: v2014.03.27.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Chameleon: Desabilitado
OS: Windows 7 Service Pack 1
CPU: x86
Sistema de Arquivo: NTFS
Usuário: Maria
Tipo da Verificação: Verificação Personalizada
Resultado: Completado
Arquivos Verificados: 326909
Tempo Decorrido: 2 hr, 55 min, 39 seg
Memória: Enabled
Inicialização: Enabled
Filesystem: Enabled
Arquivos: Enabled
Rootkits: Desabilitado
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processos: 0
(No malicious items detected)
Módulos: 0
(No malicious items detected)
Chaves de Registro: 0
(No malicious items detected)
Valores de Registro: 0
(No malicious items detected)
Dados do Registro: 0
(No malicious items detected)
Pastas: 0
(No malicious items detected)
Arquivos: 2
Adware.DomaIQ, C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000000, Quarantined, [f24e0b4176054bebf64e66dc837de21e],
Adware.DomaIQ, C:\Users\Maria\Downloads\Setup.exe, Quarantined, [63ddca823645a88e95af2a18ac54c040],
Physical Sectors: 0
(No malicious items detected)
(end)
ma.rita- Iniciante
- Mensagens : 31
Reputação : 0
Data de inscrição : 28/04/2014
Página 1 de 3 • 1, 2, 3
Tópicos semelhantes» Outro ADS em meu PC... Highlightly
» Browsers contaminados com highlightly
» Problema com um só software
» Vírus Melondrea
» virus melondrea
» Browsers contaminados com highlightly
» Problema com um só software
» Vírus Melondrea
» virus melondrea
Página 1 de 3
Permissões neste sub-fórum
Não podes responder a tópicos