Fórum PC Brasil
Gostaria de reagir a esta mensagem? Crie uma conta em poucos cliques ou inicie sessão para continuar.
Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking reddit      

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14806 usuários registrados
O último membro registrado é King empero

Os nossos membros postaram um total de 36043 mensagens em 3684 assuntos
Últimos assuntos
» Possíveis vírus
por joram Sex 15 Mar 2024, 19:05

Quem está conectado?
15 usuários online :: 0 registrados, 0 invisíveis e 15 visitantes

Nenhum

O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
 
 

Resultados por:
 


Rechercher Pesquisa avançada

março 2024
SegTerQuaQuiSexSábDom
    123
45678910
11121314151617
18192021222324
25262728293031

Calendário Calendário


Como removo o navegador iStartsurf!

3 participantes

Página 1 de 2 1, 2  Seguinte

Ir para baixo

zoek - Como removo o navegador iStartsurf! Empty Como removo o navegador iStartsurf!

Mensagem por Evanir da Costa Lerina Ter 26 Ago 2014, 16:20

Olá boa tarde.
Como me foi pedido,estou aqui novamente pedindo ajuda de vcs.
Como faço pra desistalar o navegador iStartsurf,já tentei de várias maneiras tirá-lo mas não consigo.
Observei agora que ele não deixa eu entrar neste site de vcs,estou acessando de um tablet para poder  escrever está mensagem,pois o navegador redireciona para outro forum que desconheço.
Minha conexão  é via rádio e uso roteador.
Me ajudem por favor,sou leiga em noção de informática, mas com a ajuda de vcs quero me livrar desse vírus,pois não sei qual estrago que ele pode fazer no meu computador.
Obrigado e fico no aguardo!!!
Evanir da Costa Lerina
Evanir da Costa Lerina
Iniciante
Iniciante

Mensagens : 14
Reputação : 0
Data de inscrição : 25/08/2014

Ir para o topo Ir para baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Power Max Ter 26 Ago 2014, 16:27

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

zoek - Como removo o navegador iStartsurf! Empty Envio de relatório

Mensagem por Evanir da Costa Lerina Ter 26 Ago 2014, 22:05

# AdwCleaner v3.308 - Relatório criado 26/08/2014 às 17:55:11
# Atualizado 20/08/2014 por Xplode
# Sistema Operacional : Windows 8.1 Single Language (64 bits)
# Usuário : Mana - MANALERINA
# Executando de : C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\CV7ICFK8\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

Serviço Deletada : AllDaySavingsService64
[#] Serviço Deletada : globalUpdate
[#] Serviço Deletada : globalUpdatem
Serviço Deletada : IePluginServices
Serviço Deletada : netfilter64
Serviço Deletada : mtgaotushb64
[#] Serviço Deletada : Update ClearThink
[#] Serviço Deletada : Util ClearThink
Serviço Deletada : {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}w64

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\IePluginServices
Pasta Deletada : C:\ProgramData\WindowsMangerProtect
Pasta Deletada : C:\ProgramData\cosstminn
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Pasta Deletada : C:\Program Files (x86)\AnyProtectEx
Pasta Deletada : C:\Program Files (x86)\Claro
Pasta Deletada : C:\Program Files (x86)\globalUpdate
Pasta Deletada : C:\Program Files (x86)\predm
Pasta Deletada : C:\Program Files (x86)\Smart Driver Updater
Pasta Deletada : C:\Program Files (x86)\supporter
Pasta Deletada : C:\Program Files (x86)\SupTab
Pasta Deletada : C:\Program Files (x86)\Uniblue
Pasta Deletada : C:\Program Files (x86)\cosstminn
Pasta Deletada : C:\Program Files (x86)\HC-inemA3
Pasta Deletada : C:\Program Files (x86)\ClearThink
Pasta Deletada : C:\Program Files\AllDaySavings
Pasta Deletada : C:\Program Files\005
Pasta Deletada : C:\Users\Administrador\AppData\Local\Chromatic Browser
Pasta Deletada : C:\Users\Administrador\AppData\Local\torch
Pasta Deletada : C:\Users\Convidado\AppData\Local\Chromatic Browser
Pasta Deletada : C:\Users\Convidado\AppData\Local\torch
Pasta Deletada : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Pasta Deletada : C:\Users\HomeGroupUser$\AppData\Local\torch
Pasta Deletada : C:\Users\Mana\AppData\Local\Chromatic Browser
Pasta Deletada : C:\Users\Mana\AppData\Local\globalUpdate
Pasta Deletada : C:\Users\Mana\AppData\Local\PriceMeter
Pasta Deletada : C:\Users\Mana\AppData\Local\torch
Pasta Deletada : C:\Users\Mana\AppData\Roaming\1H1Q
Pasta Deletada : C:\Users\Mana\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Mana\AppData\Roaming\Claro
Pasta Deletada : C:\Users\Mana\AppData\Roaming\istartsurf
Pasta Deletada : C:\Users\Mana\AppData\Roaming\Systweak
Pasta Deletada : C:\Users\Public\Documents\baidu
Pasta Deletada : C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Pasta Deletada : C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
Pasta Deletada : C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
Pasta Deletada : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
Pasta Deletada : C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
[!] Pasta Deletada : C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
[!] Pasta Deletada : C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
[!] Pasta Deletada : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
[!] Pasta Deletada : C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
[!] Pasta Deletada : C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
[!] Pasta Deletada : C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
[!] Pasta Deletada : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
[!] Pasta Deletada : C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
[!] Pasta Deletada : C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
[!] Pasta Deletada : C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
[!] Pasta Deletada : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
[!] Pasta Deletada : C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
Arquivo Deletada : C:\Users\Public\Desktop\RegClean Pro.lnk
Arquivo Deletada : C:\windows\System32\drivers\netfilter64.sys
Arquivo Deletada : C:\windows\System32\roboot64.exe
Arquivo Deletada : C:\windows\System32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}w64.sys
Arquivo Deletada : C:\Users\Mana\AppData\Roaming\aps.uninstall.scan.results
Arquivo Deletada : C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx
Arquivo Deletada : C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Arquivo Deletada : C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Arquivo Deletada : C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage
Arquivo Deletada : C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage-journal

***** [ Tarefas ] *****

Tarefa Deletedo : APSnotifierPP1
Tarefa Deletedo : APSnotifierPP2
Tarefa Deletedo : APSnotifierPP3
Tarefa Deletedo : ASP
Tarefa Deletedo : globalUpdateUpdateTaskMachineCore
Tarefa Deletedo : globalUpdateUpdateTaskMachineUA
Tarefa Deletedo : LaunchSignup
Tarefa Deletedo : pricemeterdownloader
Tarefa Deletedo : RegClean Pro
Tarefa Deletedo : RegClean Pro_DEFAULT
Tarefa Deletedo : RegClean Pro_UPDATES
Tarefa Deletedo : 0ad18bc0-4642-43c6-9aca-3c52d7e72881
Tarefa Deletedo : 2e9c4686-ed4a-4796-8ff8-e7c65d85f9c8
Tarefa Deletedo : 9af27b5f-30f3-4074-9855-bed34b07f284-4
Tarefa Deletedo : 9af27b5f-30f3-4074-9855-bed34b07f284-6
Tarefa Deletedo : df731d93-04d0-4bea-8a48-269a36d7e5d8

***** [ Atalhos ] *****

Atalho Desinfectada : C:\Users\Mana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Atalho Desinfectada : C:\Users\Mana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Atalho Desinfectada : C:\Users\Mana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk

***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Chave Deletedo : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Chave Deletedo : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Chave Deletedo : HKLM\SOFTWARE\Classes\speedupmypc
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [AnyProtect Scanner]
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ClearThink_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ClearThink_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\updateClearThink_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\updateClearThink_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\utilClearThink_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\utilClearThink_RASMANCS
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update ClearThink
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util ClearThink
Chave Deletedo : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0061748.BHO
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0061748.BHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0061748.Sandbox
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0061748.Sandbox.1
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172248}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175548}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176648}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644174448}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172248}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175548}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176648}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Chave Deletedo : HKCU\Software\AnyProtect
Chave Deletedo : HKCU\Software\GlobalUpdate
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\InstalledBrowserExtensions
Chave Deletedo : HKCU\Software\MyBestOffersToday
Chave Deletedo : HKCU\Software\PriceMeter
Chave Deletedo : HKCU\Software\RegisteredApplicationsEx
Chave Deletedo : HKCU\Software\SupHpUISoft
Chave Deletedo : HKCU\Software\systweak
Chave Deletedo : HKCU\Software\Tune
Chave Deletedo : HKCU\Software\TutoTag
Chave Deletedo : HKCU\Software\ClearThink
Chave Deletedo : HKCU\Software\AppDataLow\Software\Crossrider
Chave Deletedo : HKCU\Software\AppDataLow\Software\HC-inemA3
Chave Deletedo : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Chave Deletedo : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Chave Deletedo : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Chave Deletedo : HKLM\SOFTWARE\AllDaySavings
Chave Deletedo : HKLM\SOFTWARE\DealPlyLive
Chave Deletedo : HKLM\SOFTWARE\GlobalUpdate
Chave Deletedo : HKLM\SOFTWARE\InstalledBrowserExtensions
Chave Deletedo : HKLM\SOFTWARE\istartsurfSoftware
Chave Deletedo : HKLM\SOFTWARE\MyBestOffersToday
Chave Deletedo : HKLM\SOFTWARE\PriceMeterLiveUpdate
Chave Deletedo : HKLM\SOFTWARE\SupDp
Chave Deletedo : HKLM\SOFTWARE\SupTab
Chave Deletedo : HKLM\SOFTWARE\supWindowsMangerProtect
Chave Deletedo : HKLM\SOFTWARE\supWPM
Chave Deletedo : HKLM\SOFTWARE\systweak
Chave Deletedo : HKLM\SOFTWARE\Tune
Chave Deletedo : HKLM\SOFTWARE\Tutorials
Chave Deletedo : HKLM\SOFTWARE\Uniblue
Chave Deletedo : HKLM\SOFTWARE\HC-inemA3
Chave Deletedo : HKLM\SOFTWARE\ClearThink
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
Chave Deletedo : [x64] HKLM\SOFTWARE\AllDaySavings
Chave Deletedo : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17239

Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v

[ Arquivo : C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Homepage] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Extension] : jecijffegdindafhdhceanolkcdmjcgi
Deletedo [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma

*************************

AdwCleaner[R0].txt - [22988 octets] - [26/08/2014 16:49:04]
AdwCleaner[S0].txt - [20439 octets] - [26/08/2014 17:55:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [20500 octets] ##########
Evanir da Costa Lerina
Evanir da Costa Lerina
Iniciante
Iniciante

Mensagens : 14
Reputação : 0
Data de inscrição : 25/08/2014

Ir para o topo Ir para baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Power Max Ter 26 Ago 2014, 23:44

Desative temporariamente seu antivírus para evitar conflitos.

* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executá-lo corretamente siga as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

zoek - Como removo o navegador iStartsurf! Empty relatório zoek

Mensagem por Evanir da Costa Lerina Qua 27 Ago 2014, 14:15


Zoek.exe v5.0.0.0 Updated 27-08-2014
Tool run by Mana on 27/08/2014 at 13:47:12,38.
Microsoft Windows 8.1 Single Language 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\CV7ICFK8\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

27/08/2014 13:54:33 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\Users\Mana\AppData\Roaming\ap_logs deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\Mana\AppData\LocalLow\{7FE5F702-7DBF-382D-6A34-0E4F78BA77DD} deleted
C:\Users\Mana\AppData\Local\Packages\windows_ie_ac_001\AC\{7FE5F702-7DBF-382D-6A34-0E4F78BA77DD} deleted
C:\Users\Mana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PRICEM~1 deleted
C:\PROGRA~2\Probit Software deleted
C:\Users\Mana\AppData\Local\nsn5856.tmp deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Mana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Easy Speed PC on the Web.lnk deleted
C:\Users\Mana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Easy Speed PC.lnk deleted
C:\windows\SysNative\tasks\060184C3-9766-46a0-B258-F4518A0B2633 deleted
C:\PROGRA~3\MakeMarkerFile.exe deleted
"C:\PROGRA~3\b343567315d58ade\{CE681A67-9477-CBE6-EB9D-FE534875F98D}.20140823194804" deleted
"C:\PROGRA~3\b343567315d58ade" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [23/08/2014 19:43]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[23/08/2014 19:43]

cosstminn - Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
cosstminn - Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
cosstminn - Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
cosstminn - Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
cosstminn - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
cosstminn - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
cosstminn - Mana\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
Google Docs - Mana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Mana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Mana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Mana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
avast Online Security - Mana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - Mana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Mana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
cosstminn - Mana\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi

==== Chromium Startpages ======================

C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com/"


==== Chrome Fix ======================

C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully
C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_myhome.vi-view.com_0.localstorage deleted successfully
C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_myhome.vi-view.com_0.localstorage-journal deleted successfully
C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.istartsurf.com_0.localstorage deleted successfully
C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.istartsurf.com_0.localstorage-journal deleted successfully
C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma deleted successfully
C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage deleted successfully
C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage-journal deleted successfully
C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi deleted successfully
C:\Users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi deleted successfully
C:\Users\Mana\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi deleted successfully
C:\Users\Mana\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://goggle/"
"Search Page"="http://br.yhs4.search.yahoo.com/yhs/search?hspart=baixaki&hsimp=yhs-baixaki_br_solimba_01&p={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://goggle/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{55F3C525-1F5E-40B8-82EE-42870EC1B3CC} Unknown Url="Not_Found"

==== Reset Google Chrome ======================

C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3819994065-4268522233-1510044923-1001\Software\Microsoft\Internet Explorer\SearchScopes\{55F3C525-1F5E-40B8-82EE-42870EC1B3CC} deleted successfully

==== Deleting CLSID Registry Values ======================


==== shortcuts on Users Desktops ======================

C:\Users\Mana\Desktop\Continuar a Instalação de Adobe Flash Player.lnk -

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\avast Free Antivirus.lnk -

==== shortcuts in Users Start Menu ======================

C:\Users\Mana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ajuda.lnk - C:\Program Files (x86)\Probit Software\Easy Speed PC\EasySpeedPC.chm
C:\Users\Mana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast antivirus.lnk -
C:\Users\Mana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Mana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uninstall.lnk - C:\Program Files (x86)\Probit Software\Easy Speed PC\uninstall.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast Free Antivirus.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PSafe Total\Desinstalar.lnk - C:\Program Files (x86)\PSafe\Total\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PSafe Total\PSafe Total.lnk - C:\Program Files (x86)\PSafe\Total\QHSafeMain.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Mana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Mana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Mana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Mana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\Mana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Help Desk.lnk - C:\Program Files (x86)\Samsung\Help Desk\HelpDesk.exe
C:\Users\Mana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Mana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office15\FIRSTRUN.EXE /OEM
C:\Users\Mana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\User Guide.lnk - C:\Program Files (x86)\Samsung\User Guide\RunManual.exe

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyOverride"="<-loopback>"
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Price Met‚r deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=74 folders=23 15773658 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Mana\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\Mana\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 27/08/2014 at 14:14:58,76 ======================
Evanir da Costa Lerina
Evanir da Costa Lerina
Iniciante
Iniciante

Mensagens : 14
Reputação : 0
Data de inscrição : 25/08/2014

Ir para o topo Ir para baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Power Max Qua 27 Ago 2014, 14:19

zoek - Como removo o navegador iStartsurf! 772309 Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________

Depois disto faça o seguinte:

zoek - Como removo o navegador iStartsurf! 772309 Faça o download do Malwarebytes em um destes links abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para instalá-lo e executá-lo corretamente siga, por gentileza, as dicas desta postagem:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Na sua próxima resposta poste este log (relatório) do Malwarebytes juntamente com o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Evanir da Costa Lerina Qua 27 Ago 2014, 15:46

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 Single Language x64
Ran by Mana on 27/08/2014 at 14:58:06,11
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\displayswitch



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27/08/2014 at 15:15:59,79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Evanir da Costa Lerina
Evanir da Costa Lerina
Iniciante
Iniciante

Mensagens : 14
Reputação : 0
Data de inscrição : 25/08/2014

Ir para o topo Ir para baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Power Max Qua 27 Ago 2014, 15:50

Siga as dicas abaixo para acessar o Log (relatório) do Malwarebytes:

Para isto abra o Malwarebytes > Clique no botão Histórico > Clique em Logs de Aplicativos > E dê um duplo clique com o botão esquerdo do mouse sobre o Log de Verificação mais atual para abri-lo. Isto é mostrado nesta imagem:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Na próxima tela que surgirá clique no botão Exportar > e clique na opção Arquivo texto (*.txt):

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Na outra tela que vai aparecer dê um nome para este relatório (como LOG por exemplo) > Clique em Área de Trabalho (para que ele seja salvo no seu Desktop) > Clique em Salvar:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Clique em OK na próxima mensagem que aparece:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Depois disto é só postar este log do Malwarebytes em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Evanir da Costa Lerina Qua 27 Ago 2014, 15:56

Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Data de Verificação: 27/08/2014
Hora da Verificação: 14:32:06
Logfile: LOG.txt
Administrador: Sim

Versão: 2.00.2.1012
Malware Database: v2014.08.27.05
Rootkit Database: v2014.08.21.01
Licença: Trial
Proteção de Malware: Enabled
Proteção de Site Malicioso: Enabled
Self-protection: Desabilitado

OS: Windows 8.1
CPU: x64
Sistema de Arquivo: NTFS
Usuário: Mana

Tipo da Verificação: Verificar Ameaça
Resultado: Completado
Arquivos Verificados: 337897
Tempo Decorrido: 14 min, 41 seg

Memória: Enabled
Inicialização: Enabled
Filesystem: Enabled
Arquivos: Enabled
Rootkits: Desabilitado
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processos: 0
(No malicious items detected)

Módulos: 0
(No malicious items detected)

Chaves de Registro: 15
PUP.Optional.Adpeak.A, HKLM\SOFTWARE\allday savings, Quarantined, [266be5e6710a83b3333837b9c63cbe42],
PUP.Optional.CostMin, HKLM\SOFTWARE\CLASSES\cosstminn.cosstminn, Quarantined, [f69b83481c5f80b6fbb812df837fbc44],
PUP.Optional.CostMin, HKLM\SOFTWARE\CLASSES\cosstminn.cosstminn.2.0, Quarantined, [1b76ad1eb2c959dd258e26cb7c868f71],
PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\WOW6432NODE\SearchSnacks, Quarantined, [3160cffc2a513006b5ab32cdf012c13f],
PUP.Optional.CostMin, HKLM\SOFTWARE\WOW6432NODE\CLASSES\cosstminn.cosstminn, Quarantined, [385905c60a717cba1a999160a959da26],
PUP.Optional.CostMin, HKLM\SOFTWARE\WOW6432NODE\CLASSES\cosstminn.cosstminn.2.0, Quarantined, [028f2f9c235863d3ecc705ec38ca6a96],
PUP.Optional.SearchSnacks, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ssnfd, Quarantined, [761bc803d1aa2313f9bb19d6679b6799],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110611171148}, Quarantined, [454c6d5e037857df113108e02fd5926e],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110611171148}, Quarantined, [454c6d5e037857df113108e02fd5926e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3819994065-4268522233-1510044923-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11111111-1111-1111-1111-110611171148}, Quarantined, [454c6d5e037857df113108e02fd5926e],
PUP.Optional.Costmin, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7FE5F702-7DBF-382D-6A34-0E4F78BA77DD}, Quarantined, [325ff8d3b2c91e1884fc6088d62e18e8],
PUP.Optional.Costmin, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7FE5F702-7DBF-382D-6A34-0E4F78BA77DD}, Quarantined, [325ff8d3b2c91e1884fc6088d62e18e8],
PUP.Optional.Costmin, HKU\S-1-5-21-3819994065-4268522233-1510044923-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{7FE5F702-7DBF-382D-6A34-0E4F78BA77DD}, Quarantined, [325ff8d3b2c91e1884fc6088d62e18e8],
PUP.Optional.Costmin, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{7FE5F702-7DBF-382D-6A34-0E4F78BA77DD}, Quarantined, [325ff8d3b2c91e1884fc6088d62e18e8],
PUP.Optional.Costmin, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{7FE5F702-7DBF-382D-6A34-0E4F78BA77DD}, Quarantined, [325ff8d3b2c91e1884fc6088d62e18e8],

Valores de Registro: 1
PUP.Optional.MBot.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|mbot_br_39, Quarantined, [771a2c9f5a216dc91356905b4db5728e],

Dados do Registro: 0
(No malicious items detected)

Pastas: 8
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\index-dir, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\databases, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\IndexedDB, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\IndexedDB\file__0.indexeddb.leveldb, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Local Storage, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],

Arquivos: 302
PUP.Optional.Firseria, C:\Users\Mana\Downloads\Avast! Free Antivirus.exe, Quarantined, [771a6467dc9fb87ef2e2f21653b2a957],
PUP.Optional.DomaIQ, C:\Users\Mana\Downloads\Driver_Updater.exe, Quarantined, [d2bf8e3d225947ef62e1ea67a858ca36],
PUP.Optional.PersonalCleaner, C:\Users\Mana\Downloads\PdfReaderSetup.exe, Quarantined, [1f72dbf0bcbf2b0b2e9df36d33d1eb15],
PUP.Optional.DomaIQ, C:\Users\Mana\Downloads\Setup (1).exe, Quarantined, [0c85f8d3304b5bdbc294e0d2cb36d729],
PUP.Optional.AirAdInstaller, C:\Users\Mana\Downloads\Software Update (1).exe, Quarantined, [97fa7a511c5f0b2bd6658fab7789d22e],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\QuotaManager-journal, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\cookies, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\cookies-journal, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\QuotaManager, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\website.ico, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\00242af6670b2b57_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\002f9707dc6eb2c4_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\013841b082b6149d_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\01417aa5c0186119_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\01b940d1718094b0_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\020a1462e32e94ec_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\02dede48fe2683c0_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\03b43496c2dac400_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\03febcd11bb17e65_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\041fbf9e69b77514_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\0656ba9e6e75d60e_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\09330b91a94f2f21_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\094ac41ae267f3e7_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\0d364ecacc3ba37c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\0da9e4436cd6a33b_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\6e22a876b498e8f0_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\6f698d25320ec398_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\6f7767bba8cebab3_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\6fa7df3d5aa21d91_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\745c37883c8f5881_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\75b0a172623742fb_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\75bd36039359dac2_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\75e5b0d128713d76_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\7753545310d30411_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\7790e844b0e98891_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\c76e9ef6244d745d_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\c8204462e6bd29c4_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\c85322c1bb51970c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\c95822800999c5a2_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\ca142b2577f499b4_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\ca4db7f4e93c2dd2_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\caeb5db39065b322_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\cbd1e1b7186b187a_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\cbe3d7ea6b94ef1f_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\cc1ccafa24e33b87_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\375ad8ee92fd3bfe_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\376b960fa6339830_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\39e01095b2170870_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\3ac082b88125ec40_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\3bba4aaa0a60fc9a_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\3d4ce81493740172_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\3e2a83f6125a459e_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\3e54d89302faa2c9_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\3f215f49c9698e41_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\45e3212b34078829_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\468ed3324fa00b25_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\a4ae37e9ffd4c314_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\a52540f7e242dbc1_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\a682a844981d4e40_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\a95477a05f1ed48d_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\ac79cdad26e71faf_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\ad022c837acfb2c5_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\adf2f33e1ff7f428_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\afd3853698b57ea4_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\b09158b19879cb5d_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\4d70f2ec77ec372e_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\4fc8ebc30a2a5f62_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\5084f79f56702dba_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\509121e19b767024_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\5340835db270077f_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\5396f746cdc60618_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\558b80b246af90bb_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\571d8342569f9588_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\581b0e3df86210a9_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\58582e5a9115c5c0_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\58fce9fe914c81aa_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\591ddb321e5cfba1_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\a2e25cb6bc29fd21_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\b180ccb35c60a2c1_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\c5d01da770880359_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\ccfd35b1a2f67d5c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\dc66056528c35d5d_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\e69bedb2b3d66c9b_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\dd05cf2d49253455_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\de31ab041e1b1d20_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\de46d167d5852095_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\ded9bf09be938bb0_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\df117a0941239152_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\df935297994c3232_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\dff49b41653f93d0_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\e03f65034b6fcd49_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\e2e7ec1e2d842766_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\e43fb345b8a7fd6f_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\2888a059e433b63c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\2a181501d42ac822_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\2c04bbf443eae70c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\2d7a9833e11e92ce_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\2eb4bece98d38246_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\2f607f41aafa33fe_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\2f6d3f8e061eda36_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\2f771927d8822a09_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\310b622fcdde3a1f_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\31180b29e0a84479_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\315a39b606bc4359_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\31d0e60c7add0e2c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\327e2f346370c855_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\32e165794dc5cc1c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\33340918e81b9f9a_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\346325161b82b112_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\35efc5e69c94242d_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\3679240fe3115f35_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\809948abdcda7ed7_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\80a572bb05ace41b_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\812118c9df71ec26_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\8139b0e9930a6948_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\81b63b906e9a42ac_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\83f54d7cf9d4900b_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\854e0d9fbc3a7165_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\86c16da91a7a975a_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\899b71f3cbe2ca80_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\8a2abd4eed83e9d6_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\8a9ec86f446a0901_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\604dd438878f5db8_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\60aba98990d86109_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\6327cb3559063fac_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\63aa828b09d2273f_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\63d4dfeb795e6004_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\644ef0fbfce0527e_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\6527147b416c3753_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\66dae7ea99dcbbd8_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\674ebb0f5c04525c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\67677fe6cee9c825_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\68868552a17a5984_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\69596bed7d4c9b4e_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\6a40d20d15cfecce_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\6c59d8fc05f5caee_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\6cd259e87b234e55_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\117cc044d1c92fd1_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\1186a7d8d6a83621_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\16d434c7220bb40c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\183f4e2c275db2f0_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\18d4da4c268af3a1_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\1aa0282fbbc6c50a_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\1cd768bc7c62ca8d_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\1f76ab7967d8d228_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\20b307ae435b995c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\2171dcd9dd50d84f_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\239a90dfaf073813_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\23acbc41fc929cb2_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\27e9e90e0dadb275_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\e7d194066a0b284d_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\ea63dc5a9d345db6_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\ea811130ea2288a6_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\ec6d54d86f938052_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\ef778682e23e7bff_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\f0226a79cd58ae03_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\f1820e52c31a0d88_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\f208e3720835116e_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\f3e0517777920804_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\f53209509dde1f12_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\f6a085c0478cddd1_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\f6a1cb845b5394d3_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\f6f6c2bb5710ce5e_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\f946860d923440ee_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\fa6f416abaf355ce_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\fead0dd37a5cd07f_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\index, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\b453ef1194bbd519_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\b472a66cd3f3dde1_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\b8a5b24da8656494_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\b8d27ce8e98aa36a_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\b93e330b62f2ec53_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\b946211cdd7253a4_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\bb5c07d0b0ecee14_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\bf6cb5d82b54d795_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\c0e1c5856685862b_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\c174b04fa92e1643_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\c2731446158639b0_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\c4b917d6c89772e6_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\c4d7d8b5ab74f1d8_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\c54bf716db823006_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\46ed3a4430cde43a_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\47a8f2287780e31c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\47cff2ba15008159_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\48602aaf0de52c18_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\48c66a82a6907468_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\48d9e92badcf5a9f_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\48df56f5c64d2809_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\49778c462bcba49c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\4af525c1e66750be_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\4b31449684928a10_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\4b7ef17753f89737_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\4c9bbcc506794dcc_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\4d20553ff9d3edf4_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\5b721f5ca4f2d10e_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\5c6902fd8089163c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\5dbf901a7054fc00_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\5df847142a4c64a0_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\5e044cc74ebd4935_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\5e07c22fdb6e2f4a_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\5ed1cb2ed3d4503d_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\5fc26552f3eb2adf_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\5ffa92cb5efba8c1_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\6005a9ba3bd565fe_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\788fc5c8e4ea6599_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\79c1188f07e3a4d2_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\7b022a86d239c27c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\7c55d307fe43e78a_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\7c7fc438505be20c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\7d967542a297b947_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\7db47782a6db54bc_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\7e9293acf4fd3a2a_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\7eec09c0c5bdae68_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\7f4835d74b70c19c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\7fc3efd97363b9d1_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\8b6c29d41640a606_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\91a501b48ee2cb0b_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\94ce6bea1ae45eee_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\954b9c606802895e_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\95a30a0ea2da114c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\99edabdc44ef00ee_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\9f74e5be76976027_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\a0be0767de2123e8_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\a0d11d0caa4b6ad8_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\a1604fe832ea5905_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\cdb0073af63362e3_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\ce349f633d51db9c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\d0c0d10de9c432e1_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\d17a5d64dd15af92_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\d1e55f8e14425cef_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\d546cbe0db54d4dc_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\d681aebf460cb29b_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\d916524367abf89d_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\index-dir\the-real-index, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\databases\Databases.db, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\databases\Databases.db-journal, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\IndexedDB\file__0.indexeddb.leveldb\000005.bak, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\IndexedDB\file__0.indexeddb.leveldb\000005.ldb, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\IndexedDB\file__0.indexeddb.leveldb\000006.log, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\IndexedDB\file__0.indexeddb.leveldb\CURRENT, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\IndexedDB\file__0.indexeddb.leveldb\LOCK, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\IndexedDB\file__0.indexeddb.leveldb\LOG, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\IndexedDB\file__0.indexeddb.leveldb\LOG.old, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\IndexedDB\file__0.indexeddb.leveldb\MANIFEST-000004, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Local Storage\file__0.localstorage, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Local Storage\file__0.localstorage-journal, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Local Storage\http_br.vplay8.com_0.localstorage, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Local Storage\http_br.vplay8.com_0.localstorage-journal, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Chinese_rcp.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\FileList.rcp, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Chinese_uninst.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\CleanSchedule.exe, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Danish_rcp.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Danish_uninst.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Dutch_rcp.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Dutch_uninst.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\eng_rcp.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\eng_uninst.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Japanese_rcp.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Japanese_uninst.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\korean_rcp_ko.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\korean_uninst_ko.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\LicMgr.dll, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Norwegian_rcp.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Norwegian_uninst.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\polish_rcp_pl.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\polish_uninst_pl.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\portugese_rcp_pt.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\portugese_uninst_pt.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Portuguese_rcp.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Portuguese_uninst.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\RCPUninstall.exe, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Finnish_rcp_fi.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Finnish_uninst_fi.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\French_rcp.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\French_uninst.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\German_rcp.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\German_uninst.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\greek_rcp_el.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\greek_uninst_el.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\install_left_image.bmp, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\isxdl.dll, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Italian_rcp.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Italian_uninst.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\RegCleanPro.exe, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\RegList.rcp, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\russian_rcp_ru.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\russian_uninst_ru.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Spanish_rcp.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\spanish_uninst.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Swedish_rcp.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\swedish_uninst.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\systweakasp.exe, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\TPS.ico, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\TraditionalCn_rcp_zh-tw.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\traditionalcn_uninst_zh-tw.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\turkish_rcp_tr.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Turkish_uninst_tr.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\unins000.dat, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\unins000.exe, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\unins000.msg, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\xmllite.dll, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],

Physical Sectors: 0
(No malicious items detected)


(end)
Evanir da Costa Lerina
Evanir da Costa Lerina
Iniciante
Iniciante

Mensagens : 14
Reputação : 0
Data de inscrição : 25/08/2014

Ir para o topo Ir para baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Power Max Qua 27 Ago 2014, 16:02

Você usou só a verificação de ameaças, que não é tão completa como a que é mostrada no tutorial que te passei. Siga as dicas abaixo para fazer a limpeza completa:

Alterando o idioma do Malwarebytes para o português:

Caso o idioma do seu Malwarebytes esteja em inglês é bem simples mudá-lo para nossa língua. Para isto abra o Malwarebytes e clique em Settings como mostra esta imagem:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Na próxima tela que surge, clique em Language e selecione a opção Portugueze (Brazil):

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
___________________________________________________________________________

Como executar uma verificação personalizada com o Malwarebytes:

- Abra o Malwarebytes > Clique em Verificar > clique em Verificação Personalizada > Clique em Verificar Agora:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Surgirá mais esta tela abaixo na qual você marcará todas as caixinhas do lado direito da tela para que todas as áreas de seu PC e mídias removíveis ligadas a ele possam ser escaneadas. E do lado esquerdo da tela deixe marcadas estas opções:

Verificar Objetos na Memória
Verificar as Configurações da Inicialização e do Registro
Verificar Arquivos Compactados


Quanto ao restante, deixe da forma já pré-configurada pelo Malwarebytes.

Depois disto clique no botão Iniciar Verificação como mostra a imagem abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Aguarde enquanto o escaneamento é realizado. Ele demora de acordo com a quantidade de arquivos que você possua em seu computador:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Assim que a verificação terminar, caso seja detectada alguma ameaça em seu PC surgirá uma mensagem como esta abaixo próximo ao relógio do Windows onde você clicará nela:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Neste momento aparecerá quais os malwares e itens potencialmente indesejáveis que foram detectados e os locais onde eles se encontram. Você notará que ele já mostra uma ação padrão para os itens (que normalmente é a de mover para a quarentena).

Para remover as infecções, deixe a opção Quarentena no menu Ação selecionada em todos os itens e clique no botão Aplicar Ações, como mostra esta imagem:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Alguns malwares são rebeldes e podem necessitar de uma reinicialização do PC para que sejam removidos. Caso isto seja solicitado pelo Malwarebytes, clique em Sim (ou Yes) como mostra esta imagem:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Depois disto é só postar o novo log de verificação que o Malwarebytes irá criar em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Evanir da Costa Lerina Qua 27 Ago 2014, 18:28

Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Data de Verificação: 27/08/2014
Hora da Verificação: 16:26:16
Logfile: LOG.txt
Administrador: Sim

Versão: 2.00.2.1012
Malware Database: v2014.08.27.06
Rootkit Database: v2014.08.21.01
Licença: Trial
Proteção de Malware: Enabled
Proteção de Site Malicioso: Enabled
Self-protection: Desabilitado

OS: Windows 8.1
CPU: x64
Sistema de Arquivo: NTFS
Usuário: Mana

Tipo da Verificação: Verificação Personalizada
Resultado: Completado
Arquivos Verificados: 517678
Tempo Decorrido: 1 hr, 48 min, 57 seg

Memória: Enabled
Inicialização: Enabled
Filesystem: Enabled
Arquivos: Enabled
Rootkits: Desabilitado
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processos: 0
(No malicious items detected)

Módulos: 0
(No malicious items detected)

Chaves de Registro: 0
(No malicious items detected)

Valores de Registro: 0
(No malicious items detected)

Dados do Registro: 0
(No malicious items detected)

Pastas: 0
(No malicious items detected)

Arquivos: 18
PUP.Optional.SearchHijacker.A, C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\09AZEZM2\lly_istartsurf[1].exe, Quarantined, [fe9406c5bebd75c10426812a42bfa65a],
PUP.Optional.Firseria, C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\APDQ9SCB\AdwCleaner.exe, Quarantined, [731fbd0e96e5b18570697c8cfb0acb35],
PUP.Optional.AllDaySavings.A, C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\KPMWP6AZ\ads[1].exe, Quarantined, [3f53f0db6f0cdb5b2cfd4f1f1ce64fb1],
PUP.Optional.PriceMeter.A, C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\MLAW3EZC\pm[1].exe, Quarantined, [395944871962e74fd2e6c6c8e120f709],
PUP.Optional.Wajam, C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\MLAW3EZC\WIE_2.12.2.5[1].exe, Quarantined, [8909ca0185f692a495e17139b54cce32],
PUP.Optional.VBates, C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\MLAW3EZC\vbstub[1].exe, Quarantined, [e3af37943447072ff5d1b0f9b24fd22e],
PUP.Optional.AdPeak.A, C:\AdwCleaner\Quarantine\C\Program Files\005\mtgaotushb64.exe.vir, Quarantined, [5b378e3de398979fd536b120cd37b848],
PUP.Optional.Sanbreel.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClearThink\bin\plugins\ClearThink.FeSvc.dll.vir, Quarantined, [5e34e0eb007b38fee6ff1f7f55ace719],
PUP.Optional.Sanbreel.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClearThink\bin\plugins\ClearThink.PurBrowse.dll.vir, Quarantined, [5d3521aa453656e0de6689f9867b59a7],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\Program Files (x86)\cosstminn\_L_oS.dll.vir, Quarantined, [e8aa26a5e794b77f1e0c5a58aa57a25e],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\Program Files (x86)\cosstminn\_L_oS.x64.dll.vir, Quarantined, [aae8e7e45f1c2313b07ac5eda75a966a],
PUP.Optional.IEPluginService.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\RSHP.exe.vir, Quarantined, [0092b516ee8dfa3cbff615602dd4867a],
PUP.Optional.ELEX, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe.vir, Quarantined, [8909478499e285b19cb7b1fb659c36ca],
PUP.Optional.SupTab.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir, Quarantined, [4f433695abd040f6fb828ca942be52ae],
PUP.Optional.ELEX, C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir, Quarantined, [2d65319a99e2b482500303a9df2221df],
PUP.Optional.PriceMeter.A, C:\AdwCleaner\Quarantine\C\Users\Mana\AppData\Local\PriceMeter\pricemeterd.exe.vir, Quarantined, [d3bf2aa114670d297665bdbcc33e56aa],
PUP.Optional.PriceMeter.A, C:\AdwCleaner\Quarantine\C\Users\Mana\AppData\Local\PriceMeter\uninst.exe.vir, Quarantined, [5b37ba110a71171fcbed1c7213ee6898],
PUP.Optional.RegCleanPro, C:\AdwCleaner\Quarantine\C\windows\System32\roboot64.exe.vir, Quarantined, [0290e8e362199c9a01b453560af77c84],

Physical Sectors: 0
(No malicious items detected)


(end)
Evanir da Costa Lerina
Evanir da Costa Lerina
Iniciante
Iniciante

Mensagens : 14
Reputação : 0
Data de inscrição : 25/08/2014

Ir para o topo Ir para baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Power Max Qua 27 Ago 2014, 23:36


Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Evanir da Costa Lerina Qui 28 Ago 2014, 14:55

~ ZHPCleaner v2014.8.28.93 by Nicolas Coolman (28/08/2014)
~ Run by Mana (Administrator) (28/08/2014 11:01:10)
~ WebSite : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Forum : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ State version : Updated version
~ Report : C:\Users\Mana\Desktop\ZHPCleaner.txt
~ Report : C:\Users\Mana\AppData\Roaming\ZHP\ZHPCleaner.txt
~ Quarantine : C:\Users\Mana\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ Windows 81, 64-bit (Build 9600)



---\\ Restoration of the browsers default proxy settings,
REPLACED PARAMS: EnableHttp1_1 ( 1 )


---\\ Redirect Shortcut Browsers repair (Argument Infection)
~ No repair necessary


---\\ Startup Browser Microsoft Internet Explorer Repair
REPLACED PARAMS: Start Page ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )
REPLACED PARAMS: Search Page ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )
REPLACED PARAMS: Default_Page_URL ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )
REPLACED PARAMS: Default_Search_URL ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )
REPLACED PARAMS: Start Page ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )
REPLACED PARAMS: Search Page ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )


---\\ Startup Browser Mozilla Firefox Repair
~ No browser faund


---\\ Startup Browser Coogle Chrome Repair
~ No browser faund


---\\ Startup Browser Opera Sofware Opera Repair
~ No browser faund


---\\ Browser Helper Objet Repair
~ No repair necessary


---\\ Toolbars Repair
~ No repair necessary


---\\ Defaul Browser Provider Repair (SearchScope) (Default)
REPLACED: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\DefaultScope (Web)
~ No repair necessary


---\\ Defaul Browser Provider Repair (SearchScope) (Others)


---\\ Remove values from startup key changing the browser settings (Run)
~ No repair necessary


---\\ Generic removal of infection by Hijacker Sambreel
~ No repair necessary


---\\ Removal of harmful extensions for Mozilla Firefox (Register).
~ No repair necessary


---\\ Repair of the hosts file
REPLACED:
Number of found redirections 1/19


End of clean at 11:01:42
Evanir da Costa Lerina
Evanir da Costa Lerina
Iniciante
Iniciante

Mensagens : 14
Reputação : 0
Data de inscrição : 25/08/2014

Ir para o topo Ir para baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Power Max Qui 28 Ago 2014, 15:06

Você usou o ZHPCleaner, mas o que pedimos foi o ZHPDiag. Execute ele como mostra o tutorial que te passei na resposta anterior e poste o relatório dele.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Evanir da Costa Lerina Qui 28 Ago 2014, 15:27

~ Relatório do ZHPDiag v2014.8.28.125 - Nicolas Coolman (28/08/2014)
~ Iniciado por Mana (28/08/2014 15:25:26)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Endereço do Webforum : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17239 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8.1 Single Language, 64-bit (Build 9600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Malwarebytes Anti-Malware versão 2.0.2.1012
Windows Defender W8 (Deactivate)

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3969 MB (62% free)
System Restore: Activé (Enable)
System drive C: has 403 GB (90%) free of 447 GB

---\\ Modo de conexão ao sistema
~ Computer Name: MANALERINA
~ User Name: Mana
~ All Users Names: Mana, HomeGroupUser$, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Mana\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Mana\AppData\Roaming\
~ %Desktop% : C:\Users\Mana\Desktop\
~ %Favorites% : C:\Users\Mana\Favorites\
~ %LocalAppData% : C:\Users\Mana\AppData\Local\
~ %StartMenu% : C:\Users\Mana\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 403 Go of 447 Go)
D: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.81394C91B7B5A7C799E249AE82491F13] - (.Microsoft Corporation - Windows Explorer.) (.04/03/2014 - 09:25:49.) -- C:\Windows\Explorer.exe [2373784]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.22/08/2013 - 06:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.8E71A5CB5312B8392D4DA4CA37BB5868] - (.Microsoft Corporation - Internet Extensions para Win32.) (.25/07/2014 - 07:52:06.) -- C:\Windows\System32\wininet.dll [2266624]
[MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.22/02/2014 - 06:45:48.) -- C:\Windows\System32\Winlogon.exe [562176]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/12/2013 - 05:54:07.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 00:03:03.) -- C:\Windows\system32\Drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 09:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 08:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 05:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.06/03/2014 - 06:22:50.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.498288DD5CA42C2D36D125893E968C53] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.18/03/2014 - 05:19:14.) -- C:\Windows\system32\Drivers\HDAudBus.sys [77312]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Driver de porta i8042.) (.22/08/2013 - 08:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.27/11/2013 - 09:02:29.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.7A1A3F213CDB3363D179D5014272025D] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.30/04/2014 - 03:41:46.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402432]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 08:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.1C80517BE6836A812F6A9B99B8321351] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.20/03/2014 - 00:41:24.) -- C:\Windows\system32\Drivers\ntfs.sys [2013016]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Driver de porta paralela.) (.22/08/2013 - 08:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 08:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Microsoft.) (.22/08/2013 - 16:12:11.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.4BB9BC49DEE1A319EC58274A7BBED663] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.06/03/2014 - 09:42:44.) -- C:\Windows\system32\Drivers\volsnap.sys [310616]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/803
~ Mes musiques (My Musics) : 32/568
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 1/14
~ Mon Bureau (My Desktop) : 1/8
~ Menu demarrer (Programs) : 1/25
~ Hidden Files: Scanned in 00mn 00s



---\\ Processos lançados
[MD5.7BF2E7C528154391F08A66206C770F7E] - (.SAMSUNG Electronics co., LTD. - ShutdownEvent.) -- C:\ProgramData\Samsung\ShutdownEvent.exe [1715592] [PID.2012]
[MD5.4FBC630768570E6AC35C3DE8F6EC79F5] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [6970168] [PID.2192]
[MD5.CE4266FC6B2FA3281332D027A269805F] - (.TODO: - DisplaySwitch.) -- C:\ProgramData\SAMSUNG\DisplaySwitch.exe [1758512] [PID.3884]
[MD5.26B558B2D31C7425B455B00E562EAD93] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [4085896] [PID.2828]
[MD5.3FF3960455C0C92D7184BC273841BA66] - (.Symantec Corporation - Norton Studio.) -- C:\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.4.0.24_x86__v68kp9n051hdp\mmamain.exe [2359624] [PID.6468]
[MD5.771E149F97AA6679DEF79F0953414435] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [812176] [PID.4092]
[MD5.33BF80A2291C54DC7D7601CDEF63138E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8099328] [PID.3964]
~ Processes Running: Scanned in 00mn 01s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ IE Browser: 14 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hôte est sain (The hosts file is clean) (19)
~ Hosts File: Scanned in 00mn 00s



---\\ Outras conexões do utilizador (04)
O4 - GS\Program [Mana]: Ajuda.lnk . (...) -- C:\Program Files (x86)\Probit Software\Easy Speed PC\EasySpeedPC.chm (.not file.) =>PUP.ProbitSoftware
O4 - GS\Program [Mana]: Uninstall.lnk . (...) -- C:\Program Files (x86)\Probit Software\Easy Speed PC\uninstall.exe (.not file.) =>PUP.ProbitSoftware
~ Global Startup: 2 Legitimates Filtered in 00mn 01s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [Bitcasa] . (...) -- C:\Program Files\Bitcasa\BitcasaBoot.exe
O4 - HKLM\..\Run: [Samsung Link] . (.Copyright 2013 SAMSUNG - Samsung Link Tray Agent.) -- C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [Easy Speed PC] C:\Program Files (x86)\Probit Software\Easy Speed PC\ESPCLauncher.exe (.not file.) =>PUP.ProbitSoftware
O4 - HKCU\..\Run: [DisplaySwitch] . (.TODO: - DisplaySwitch.) -- C:\programdata\samsung\DisplaySwitch.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [QHSafeTray] C:\Program Files (x86)\PSafe\Total\safemon\QHSafeTray.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\policies\Explorer\Run: [BtvStack] . (.Atheros Communications - Bluetooth Stack Server.) -- C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
O4 - HKUS\S-1-5-21-3819994065-4268522233-1510044923-1001\..\Run: [Easy Speed PC] C:\Program Files (x86)\Probit Software\Easy Speed PC\ESPCLauncher.exe (.not file.) =>PUP.ProbitSoftware
O4 - HKUS\S-1-5-21-3819994065-4268522233-1510044923-1001\..\Run: [DisplaySwitch] . (.TODO: - DisplaySwitch.) -- C:\programdata\samsung\DisplaySwitch.exe
~ Application: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{9E599739-AA18-456E-8B01-9B9D122C3302}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{9E599739-AA18-456E-8B01-9B9D122C3302}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Chave do Registo autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} . (.EldoS Corporation - CbFs Mount Notifier.) -- C:\windows\system32\CbFsMntNtf3.dll
~ SSODL: 2 Legitimates Filtered in 00mn 00s



---\\ Chave do Registo autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) [64Bits] - {5FF49FE8-B332-4CB9-B102-FB6951629E55} . (.EldoS Corporation - CbFs Mount Notifier.) -- C:\windows\SysWow64\CbFsMntNtf3.dll
~ STS/SSO: Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: AtherosSvc (AtherosSvc) . (.Windows (R) Win 7 DDK provider - Windows Setup API.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) . (...) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (.not file.)
~ Services: 15 Legitimates Filtered in 00mn 27s



---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [{2C583602-FAC1-4388-BC13-16C6DBCDB78A}] (...) -- C:\Users\Mana\AppData\Roaming\istartsurf\UninstallManager.exe (.not file.) [0] =>PUP.IsStart
[MD5.00000000000000000000000000000000] [APT] [{A78954F3-C318-411F-84D3-94DFE5085E81}] (...) -- C:\Program Files (x86)\Baidu-Security-2014-4.4.4.73687\Baidu Antivirus\Uninstall.exe (.not file.) [0]
[MD5.A53151B5EFCFEBD18895CC62E1F1CF63] [APT] [{F2DC3B7F-5D16-4069-A86D-2EF05B44E678}] (...) -- C:\Users\Mana\Desktop\avast_free_antivirus_setup_online.exe [4856496]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1082]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1086]
~ Scheduled Task: 20 Legitimates Filtered in 00mn 07s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (360Box64) . (.360.cn - 360Box64.) - C:\Windows\System32\DRIVERS\360Box64.sys
O41 - Driver: (360FsFlt) . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Proactive Defense.) - C:\Windows\System32\DRIVERS\360FsFlt.sys
O41 - Driver: (BAPIDRV) . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Cloud Security.) - C:\Windows\System32\DRIVERS\BAPIDRV64.sys
O41 - Driver: (Bfilter) . (. - .) - C:\windows\system32\drivers\Bfilter.sys (.not file.)
O41 - Driver: (Bfmon) . (. - .) - C:\windows\system32\drivers\Bfmon.sys (.not file.)
O41 - Driver: (Bnbase) . (. - .) - C:\Windows\System32\drivers\bnbasex64.sys (.not file.)
O41 - Driver: (Bndef) . (. - .) - C:\windows\system32\drivers\bndef64.sys (.not file.)
O41 - Driver: (Bprotect) . (. - .) - C:\windows\system32\drivers\Bprotect.sys (.not file.)
~ Drivers: 58 Legitimates Filtered in 00mn 01s



---\\ Software instalados (042)
O42 - Logiciel: Download & Install Packages - (...) [HKCU][64Bits] -- Download & Install Packages
~ Logic: 23 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Baidu Security]
[HKCU\Software\Download4windows]
[HKCU\Software\GoldenGate]
[HKCU\Software\Reg]
[HKCU\Software\gameo]
[HKLM\Software\AllDaySavings ] =>PUP.AllDaySavings
[HKLM\Software\Baidu Security]
[HKLM\Software\HC-inemA3-nv]
[HKLM\Software\Wow6432Node\360Safe]
[HKLM\Software\Wow6432Node\360TotalSecurity]
[HKLM\Software\Wow6432Node\4d1c5f5c-987f-43ac-b8f1-f37847f5e933]
[HKLM\Software\Wow6432Node\Baidu Security]
[HKLM\Software\Wow6432Node\HC-inemA3-nv]
[HKLM\Software\Wow6432Node\MaxPower]
[HKLM\Software\Wow6432Node\Reg]
[HKLM\Software\Wow6432Node\fecff559-642b-4bb1-9398-042725fdf5c9]
~ Key Software: 149 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 21/08/2014 - 23:22:16 - [] ----D C:\Program Files (x86)\Baidu-Security-2014-4.4.4.73687
O43 - CFD: 23/08/2014 - 19:25:09 - [] -SH-D C:\ProgramData\360Quarant
O43 - CFD: 23/08/2014 - 18:44:13 - [] ----D C:\ProgramData\360safe
O43 - CFD: 21/08/2014 - 23:22:26 - [] ----D C:\ProgramData\Baidu Security
O43 - CFD: 25/08/2014 - 13:51:47 - [] ----D C:\Users\Mana\AppData\Roaming\0D1F2W1G1I1F1T1QyE2W1L1G1Q1F2W1B
O43 - CFD: 23/08/2014 - 19:25:40 - [] ----D C:\Users\Mana\AppData\Roaming\360safe
O43 - CFD: 24/08/2014 - 00:18:55 - [] ----D C:\Users\Mana\AppData\Roaming\gameo
O43 - CFD: 21/08/2014 - 23:25:16 - [] --H-D C:\Users\Mana\AppData\Roaming\GoldenGate
~ Program Folder: 106 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.E7B53AF004BEE5112F787A6E5B04D737] - 18/08/2014 - 13:45:51 ---A- . (...) -- C:\Windows\System32\connectedsearch-results.searchconnector-ms [11109]
O44 - LFC:[MD5.DE461B86C05946D10E519F512D09E389] - 18/08/2014 - 13:45:55 ---A- . (...) -- C:\Windows\System32\RacRules.xml [100197]
O44 - LFC:[MD5.F1DB86EA935C13CDFF27AB957297136A] - 18/08/2014 - 13:45:55 ---A- . (...) -- C:\Windows\System32\connectedsearch-suggestions.searchconnector-ms [7762]
O44 - LFC:[MD5.1FDF29F970E2E843B4DC5D0626D0EDD5] - 18/08/2014 - 13:45:55 ---A- . (...) -- C:\Windows\System32\connectedsearch-zeroinput.searchconnector-ms [7130]
O44 - LFC:[MD5.119E0F7A71775A5CFB208B036ECE35E1] - 18/08/2014 - 13:46:09 ---A- . (...) -- C:\Windows\System32\WimBootCompress.ini [2255]
O44 - LFC:[MD5.DCF2510E0745720E543E84F5E921FCC0] - 18/08/2014 - 13:47:06 ---A- . (...) -- C:\Windows\System32\dfpinc.dat [262335]
O44 - LFC:[MD5.FFFCC3C3ED6886A95D3C0E1B49C652BA] - 18/08/2014 - 13:48:14 ---A- . (...) -- C:\Windows\System32\systemsf.ebd [139600]
O44 - LFC:[MD5.12B0701B1CEC1A7BB0E4C71D97661E23] - 19/08/2014 - 17:59:15 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [387210]
O44 - LFC:[MD5.08750A50CF027F93070C8BB78E27C3B7] - 21/08/2014 - 20:18:47 -SH-- . (...) -- C:\Windows\System32\desktop.ini [75]
O44 - LFC:[MD5.B7CC32E00C5C5152D221DF182827F58E] - 23/08/2014 - 18:35:49 ---A- . (...) -- C:\Windows\System32\srms.dat [50745]
O44 - LFC:[MD5.A583F4DAAA4DB87BF92FD033966ABC4B] - 23/08/2014 - 18:44:06 ---A- . (.360.cn - 360Box64.) -- C:\Windows\System32\Drivers\360Box64.sys [305736]
O44 - LFC:[MD5.15FE196A71357AC9FF6E5A4B360BDB20] - 23/08/2014 - 18:44:07 ---A- . (.360.cn - 360安全卫士 网络防黑模块.) -- C:\Windows\System32\Drivers\360AntiHacker64.sys [100424]
O44 - LFC:[MD5.D33811D3113C05B8485BF497B6CB50A9] - 23/08/2014 - 18:44:07 ---A- . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Cloud Security.) -- C:\Windows\System32\Drivers\BAPIDRV64.SYS [180816]
O44 - LFC:[MD5.3AA0D07082BF4B4EFF8BAE9F4EDF783B] - 23/08/2014 - 18:44:08 ---A- . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Proactive Defense.) -- C:\Windows\System32\Drivers\360fsflt.sys [311888]
O44 - LFC:[MD5.0AABA03736666B85AC37C01467E89578] - 23/08/2014 - 18:44:21 ---A- . (.360.cn - 360杀毒 文件监控驱动.) -- C:\Windows\System32\Drivers\360AvFlt.sys [77896]
O44 - LFC:[MD5.1EE5F9F327D19074DA82B58D8252A749] - 23/08/2014 - 18:44:22 ---A- . (.360安全中心 - 360Efimon Driver.) -- C:\Windows\System32\Drivers\efimon.sys [23752]
O44 - LFC:[MD5.8B6802F9993CCE93A1149705F8F6B5E1] - 23/08/2014 - 19:29:39 ---A- . (...) -- C:\Windows\win.ini [194]
O44 - LFC:[MD5.D95E64416A4A3ED6986E0F474DA934BD] - 23/08/2014 - 19:43:20 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 27/08/2014 - 13:46:58 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.94DACE4B80EF65996480079244BB10DD] - 27/08/2014 - 14:14:58 ---A- . (...) -- C:\zoek-results.log [14810]
O44 - LFC:[MD5.692639EEC7E3FEEA6CAFACFC5370B0CB] - 27/08/2014 - 14:51:46 ---A- . (...) -- C:\relat.malware.xml [4754]
O44 - LFC:[MD5.A368ABC74F55FC0545456BC221CE8A25] - 27/08/2014 - 14:57:59 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [158494]
O44 - LFC:[MD5.6D7027372FC4DC131CD84DA111997F04] - 27/08/2014 - 14:57:59 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [774900]
O44 - LFC:[MD5.E294573565F55B0DE98FADEAA9E7DF85] - 27/08/2014 - 15:37:55 ---A- . (...) -- C:\relatorio malware.txt [44489]
~ Files: 649 Legitimates Filtered in 00mn 41s



---\\ Negação do serviço (Local Security Authority) (048)
~ LSA: 3 Legitimates Filtered in 00mn 00s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{272500c4-fd92-11e3-8267-24f5aa54bbde}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{3407ef5c-f4c6-11e3-8266-24f5aa58d423}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{3407efb1-f4c6-11e3-8266-24f5aa58d423}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{3407f032-f4c6-11e3-8266-24f5aa54bbde}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{3407f0c1-f4c6-11e3-8266-24f5aa54bbde}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{34270573-fd5a-11e3-8266-24f5aa54bbde}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{3427059d-fd5a-11e3-8266-24f5aa54bbde}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{342705d1-fd5a-11e3-8266-24f5aa54bbde}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableCAD"=1
~ MWPS: 20 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:29/07/2014 - 00:39:50 ---A- . (.360.cn - 360安全卫士 网络防黑模块.) -- C:\Windows\System32\Drivers\360AntiHacker64.sys [100424]
O58 - SDL:29/07/2014 - 00:39:49 ---A- . (.360.cn - 360杀毒 文件监控驱动.) -- C:\Windows\System32\Drivers\360AvFlt.sys [77896]
O58 - SDL:29/07/2014 - 00:39:50 ---A- . (.360.cn - 360Box64.) -- C:\Windows\System32\Drivers\360Box64.sys [305736]
O58 - SDL:29/07/2014 - 00:39:49 ---A- . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Proactive Defense.) -- C:\Windows\System32\Drivers\360fsflt.sys [311888]
O58 - SDL:23/08/2014 - 19:43:20 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:23/08/2014 - 19:43:20 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:23/08/2014 - 19:43:20 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [224896] =>.ALWIL Software
O58 - SDL:29/07/2014 - 00:39:49 ---A- . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Cloud Security.) -- C:\Windows\System32\Drivers\BAPIDRV64.SYS [180816]
O58 - SDL:12/08/2013 - 20:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:29/07/2014 - 00:39:49 ---A- . (.360安全中心 - 360Efimon Driver.) -- C:\Windows\System32\Drivers\efimon.sys [23752]
O58 - SDL:27/07/2012 - 09:00:03 ---A- . (.Windows (R) Win 7 DDK provider - HID Radio Switch mini driver for USB Fx2 Device.) -- C:\Windows\System32\Drivers\RadioHIDMini.sys [23408]
O58 - SDL:21/08/2013 - 01:31:40 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [103576]
O58 - SDL:21/08/2013 - 01:31:40 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG USB Mobile DevMgr Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssuddmgr.sys [204568]
O58 - SDL:21/08/2013 - 01:31:40 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG USB Mobile OBEX Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudobex.sys [204568]
O58 - SDL:21/08/2013 - 01:31:40 ---A- . (.DEVGURU Co., LTD. - USB Rmnet Device Driver.) -- C:\Windows\System32\Drivers\ssudrmnet.sys [68888]
O58 - SDL:21/08/2013 - 01:31:40 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG USB Mobile Logging Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudserd.sys [204568]
O58 - SDL:22/08/2013 - 09:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
~ Drivers: 79 Legitimates Filtered in 00mn 07s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.A53151B5EFCFEBD18895CC62E1F1CF63] [SPRF][25/08/2014] (...) -- C:\Users\Mana\Desktop\avast_free_antivirus_setup_online.exe [4856496]
~ Files: 1 Legitimates Filtered in 00mn 00s



---\\ Listagem dos dados da chave NameSpace (MNS) (O92)
O92 - MNS: - {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
O92 - MNS: - {374DE290-123F-4565-9164-39C4925E467B}
O92 - MNS: - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
O92 - MNS: - {A0953C92-50DC-43bf-BE83-3742FED03C9C}
O92 - MNS: - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
O92 - MNS: - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
~ MNS: 6 Legitimates Filtered in 00mn 00s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PennyBeeW_RASAPI32 =>PUP.PaybyAds
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PennyBeeW_RASMANCS =>PUP.PaybyAds
~ BTK: 57 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 20/03/2014 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 10/07/1658 0 | (gupdate) . (...) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 10/07/1658 0 | (gupdatem) . (...) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 27/08/2013 828376 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SR - | Auto 26/01/2013 172104 | (AdobeActiveFileMonitor11.0) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
SR - | Auto 08/05/2014 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 01/10/2013 404360 | (AllShare Framework DMS) . (.Samsung.) - C:\Program Files\Samsung\AllShare Framework DMS\1.3.20\AllShareFrameworkManagerDMS.exe
SR - | Auto 29/10/2013 317568 | (AtherosSvc) . (.Windows (R) Win 7 DDK provider.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
SR - | Auto 23/08/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 27/08/2013 747520 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 16/09/2013 131544 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 16/09/2013 169432 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 16/09/2013 390616 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 12/05/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
SR - | Auto 12/05/2014 860472 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
SR - | Auto 10/10/2013 605768 | (Samsung Link Service) . (.Copyright 2013 SAMSUNG.) - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
SR - | Auto 31/10/2013 1595440 | (Settings Launcher) . (.Samsung Electronics CO., LTD..) - C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe
SR - | Auto 11/12/2013 3019312 | (SWUpdateService) . (.Samsung Electronics CO., LTD..) - C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
SR - | Demand 10/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Demand 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 29/10/2013 323584 | (ZAtheros Bt and Wlan Coex Agent) . (.Atheros.) - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
~ Services: Scanned in 00mn 17s



---\\ Scâner Aditional (088)
Database Version : 13026 - (28/08/2014)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1

[HKLM\Software\Wow6432Node\360Safe] =>Trojan.Lozavita
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Easy Speed PC =>PUP.ProbitSoftware^
[HKLM\Software\AllDaySavings ] =>PUP.AllDaySavings^
~ Additionnel Scan: 250817 Items scanned in 00mn 53s



---\\ Informações complémentaires do módulos
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Internet Explorer, Gestão do Proxy (R5)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Aplicações iniciadas por registo & pastas (04)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Chave do registo Shell MountPoints2 (MPKS) (O51)
~ AMI: 3 Legitimates Filtered in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.ProbitSoftware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.IsStart
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.PaybyAds
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.Lozavita
~ MSI: 4 link(s) detected in 00mn 00s



~ 1175 Legitimates filtered by white list
End of the scan (470 lines in 03mn 05s)(0)
Evanir da Costa Lerina
Evanir da Costa Lerina
Iniciante
Iniciante

Mensagens : 14
Reputação : 0
Data de inscrição : 25/08/2014

Ir para o topo Ir para baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por joram Sex 29 Ago 2014, 12:35

Boa Tarde! Evanir da Costa Lerina

|- O Power Max está impossibilitado de atendê-lo e pediu-me para dar continuidade,no seu caso e de outros Membros.

-/-

|- Execute este script na ferramenta ZHPFix.
|- Selecione e copie estas informações que estão em vermelho,para o Bloco de Notas.
|- Com o Bloco de Notas aberto,faça: ctrl+a >> ctrl+c ( Selecionar e Copiar )
|- À seguir,minimize o Bloco de Notas.

script zhpfix
shortcutfix
emptytemp
[MD5.00000000000000000000000000000000] [APT] [{A78954F3-C318-411F-84D3-94DFE5085E81}] (...) -- C:\Program Files (x86)\Baidu-Security-2014-4.4.4.73687\Baidu Antivirus\Uninstall.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{2C583602-FAC1-4388-BC13-16C6DBCDB78A}] (...) -- C:\Users\Mana\AppData\Roaming\istartsurf\UninstallManager.exe (.not file.) [0] =>PUP.IsStart
O4 - HKLM\..\Wow6432Node\Run: [QHSafeTray] C:\Program Files (x86)\PSafe\Total\safemon\QHSafeTray.exe (.not file.)
O4 - GS\Program [Mana]: Ajuda.lnk . (...) -- C:\Program Files (x86)\Probit Software\Easy Speed PC\EasySpeedPC.chm (.not file.) =>PUP.ProbitSoftware
O4 - GS\Program [Mana]: Uninstall.lnk . (...) -- C:\Program Files (x86)\Probit Software\Easy Speed PC\uninstall.exe (.not file.) =>PUP.ProbitSoftware
O4 - HKCU\..\Run: [Easy Speed PC] C:\Program Files (x86)\Probit Software\Easy Speed PC\ESPCLauncher.exe (.not file.) =>PUP.ProbitSoftware
O4 - HKUS\S-1-5-21-3819994065-4268522233-1510044923-1001\..\Run: [Easy Speed PC] C:\Program Files (x86)\Probit Software\Easy Speed PC\ESPCLauncher.exe (.not file.) =>PUP.ProbitSoftware
O41 - Driver: (Bfilter) . (. - .) - C:\windows\system32\drivers\Bfilter.sys (.not file.)
O41 - Driver: (Bfmon) . (. - .) - C:\windows\system32\drivers\Bfmon.sys (.not file.)
O41 - Driver: (Bnbase) . (. - .) - C:\Windows\System32\drivers\bnbasex64.sys (.not file.)
O41 - Driver: (Bndef) . (. - .) - C:\windows\system32\drivers\bndef64.sys (.not file.)
O41 - Driver: (Bprotect) . (. - .) - C:\windows\system32\drivers\Bprotect.sys (.not file.)
O43 - CFD: 23/08/2014 - 18:44:13 - [] ----D C:\ProgramData\360safe    
O43 - CFD: 21/08/2014 - 23:22:26 - [] ----D C:\ProgramData\Baidu Security    
O43 - CFD: 25/08/2014 - 13:51:47 - [] ----D C:\Users\Mana\AppData\Roaming\0D1F2W1G1I1F1T1QyE2W1L1G1Q1F2W1B    
O43 - CFD: 23/08/2014 - 19:25:40 - [] ----D C:\Users\Mana\AppData\Roaming\360safe    
O44 - LFC:[MD5.94DACE4B80EF65996480079244BB10DD] - 27/08/2014 - 14:14:58 ---A- . (...) -- C:\zoek-results.log [14810]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified    
[HKCU\Software\Baidu Security]    
[HKLM\Software\AllDaySavings ] =>PUP.AllDaySavings
[HKLM\Software\Baidu Security]    
[HKLM\Software\Wow6432Node\360Safe]    
[HKLM\Software\Wow6432Node\Baidu Security]    
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PennyBeeW_RASAPI32 =>PUP.PaybyAds
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PennyBeeW_RASMANCS =>PUP.PaybyAds
[HKLM\Software\Wow6432Node\360Safe] =>Trojan.Lozavita
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Easy Speed PC =>PUP.ProbitSoftware^
[HKLM\Software\AllDaySavings ] =>PUP.AllDaySavings^
ServiceStop:Bfilter
ServiceStop:Bfmon
ServiceStop:Bnbase
ServiceStop:Bndef
ServiceStop:Bprotect
Firewallraz
emptyclsid
emptyprefetch


|- Abra a ferramenta ZHPFix. < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >
|- Clique IMPORTAÇÃO >> OK.
|- Clique "GO".
|- Poste o relatório!

A+
joram
joram
Administrador
Administrador

Mensagens : 4160
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

zoek - Como removo o navegador iStartsurf! Empty envio de relatório

Mensagem por Evanir da Costa Lerina Sex 29 Ago 2014, 14:28

Rapport de ZHPFix 2014.8.3.6 par Nicolas Coolman, Update du 03/08/2014
Fichier d'export Registre :
Run by Mana at 29/08/2014 14:30:54
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit Service Pack 1 (9600)

Reciclagem vazia (00mn 03s)
Prefetcher vazio
Reparação de atalhos do navegador

========== Estado dos serviços ==========
Bfilter Parado
Bfmon Parado
Bnbase Parado
Bndef Parado
Bprotect Parado

========== Chaves do Registo ==========
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bnbase
ELIMINÉ Driver Key: Bndef
ELIMINÉ Driver Key: Bprotect
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ:* HKLM\Software\AllDaySavings
ELIMINÉ:* HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\360Safe
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PennyBeeW_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PennyBeeW_RASMANCS

========== Valores do Registo ==========
ELIMINÉ RunValue: QHSafeTray
ELIMINÉ RunValue: Easy Speed PC
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :
ELIMINÉ: FirewallRaz (Domain) : {9E3D57FC-7C37-4424-9352-4831E97D029D}
ELIMINÉ: FirewallRaz (Domain) : {548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}
ELIMINÉ: FirewallRaz (Domain) : NetPres-In-TCP-NoScope
ELIMINÉ: FirewallRaz (Domain) : NetPres-Out-TCP-NoScope
ELIMINÉ: FirewallRaz (None) : NetPres-WSD-In-UDP
ELIMINÉ: FirewallRaz (None) : NetPres-WSD-Out-UDP
ELIMINÉ: FirewallRaz (Public) : NetPres-In-TCP
ELIMINÉ: FirewallRaz (Public) : NetPres-Out-TCP
ELIMINÉ: FirewallRaz (None) : MCX-Prov-Out-TCP
ELIMINÉ: FirewallRaz (None) : MCX-McrMgr-Out-TCP
ELIMINÉ: FirewallRaz (Private) : {86F44F8A-E137-4275-AAB2-E1405939617A}
ELIMINÉ: FirewallRaz (Private) : {3B773622-23A7-42BD-9848-CD844B84F8C8}
ELIMINÉ: FirewallRaz (Private) : {A62A9054-6105-467A-876E-6B2C85C30134}
ELIMINÉ: FirewallRaz (Private) : {5386131D-FD80-4A9B-B6F6-F33C30647282}

========== Elementos dos dados do Registo ==========
SUBSTITUI Value NoActiveDesktopChanges : Good (0) - Bad (1)

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ Temporários windows (12) (88.617 octets)
ELIMINÉ: c:\users\mana\appdata\roaming\microsoft\windows\start menu\programs\ajuda.lnk
ELIMINÉ: c:\users\mana\appdata\roaming\microsoft\windows\start menu\programs\uninstall.lnk
ELIMINÉ: c:\zoek-results.log

========== Tarefa planificada ==========
ELIMINÉ: {A78954F3-C318-411F-84D3-94DFE5085E81}
ELIMINÉ: {2C583602-FAC1-4388-BC13-16C6DBCDB78A}


========== Recapitulativo ==========
11 : Chaves do Registo
18 : Valores do Registo
1 : Elementos dos dados do Registo
1 : Pastas
4 : Ficheiros
5 : Estado dos serviços
2 : Tarefa planificada


End of clean in 00mn 19s

========== Caminho do ficheiro do relatório ==========
C:\Users\Mana\AppData\Roaming\ZHP\ZHPFix[R1].txt - 29/08/2014 14:30:58 [2894]
Evanir da Costa Lerina
Evanir da Costa Lerina
Iniciante
Iniciante

Mensagens : 14
Reputação : 0
Data de inscrição : 25/08/2014

Ir para o topo Ir para baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por joram Sex 29 Ago 2014, 15:00

Boa Tarde! Evanir da Costa Lerina

|- Poste novo relatório da ferramenta ZHPDiag,na configuração COMPLETA.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "COMPLETA" e aguarde a conclusão!
|- Poste o relatório!

A+
joram
joram
Administrador
Administrador

Mensagens : 4160
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Evanir da Costa Lerina Sex 29 Ago 2014, 18:20

Olá Boa Tarde,estou tentando enviar o relatório pedido por vc, porém aparece a seguinte mensagem: A largura da sua mensagem ultrapassa o limite autorizado. E agora...como faço para enviar o relatório!!!
Aguardo sua resposta.
Evanir da Costa Lerina
Evanir da Costa Lerina
Iniciante
Iniciante

Mensagens : 14
Reputação : 0
Data de inscrição : 25/08/2014

Ir para o topo Ir para baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por joram Sex 29 Ago 2014, 21:05

Evanir da Costa Lerina escreveu:Olá Boa Tarde,estou tentando enviar o relatório pedido por vc, porém aparece a seguinte mensagem: A largura da sua mensagem ultrapassa o limite autorizado. E agora...como faço para enviar o relatório!!!
Aguardo sua resposta.
Olá! Evanir da Costa Lerina

< [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >

|- Hospede-o em Cjoint.com,enviando-nos o link resultante.

A+
joram
joram
Administrador
Administrador

Mensagens : 4160
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Evanir da Costa Lerina Sex 29 Ago 2014, 22:16

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Evanir da Costa Lerina
Evanir da Costa Lerina
Iniciante
Iniciante

Mensagens : 14
Reputação : 0
Data de inscrição : 25/08/2014

Ir para o topo Ir para baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por joram Sex 29 Ago 2014, 23:20

Evanir da Costa Lerina escreveu:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Boa Noite! Evanir da Costa Lerina

|- Execute este script na ferramenta ZHPFix.
|- Selecione e copie estas informações que estão em vermelho,para o Bloco de Notas.
|- Com o Bloco de Notas aberto,faça: ctrl+a >> ctrl+c ( Selecionar e Copiar )
|- À seguir,minimize o Bloco de Notas.

Script ZHPFix
emptytemp
Firewallraz
[MD5.7BF2E7C528154391F08A66206C770F7E] - (.SAMSUNG Electronics co., LTD. - ShutdownEvent.) -- C:\ProgramData\Samsung\ShutdownEvent.exe   [1715592] [PID.5036]
[MD5.CE4266FC6B2FA3281332D027A269805F] - (.TODO: - DisplaySwitch.) -- C:\ProgramData\SAMSUNG\DisplaySwitch.exe   [1758512] [PID.5488]
O2 - BHO: (no name) [64Bits] - {fbdff406-2c4c-5d35-8469-34bb67ea3353} Chave orfã    
O42 - Logiciel: Download & Install Packages - (...) [HKCU][64Bits] -- Download & Install Packages
O43 - CFD: 21/08/2014 - 23:22:16 - [] ----D C:\Program Files (x86)\Baidu-Security-2014-4.4.4.73687  
O43 - CFD: 31/05/2014 - 22:45:51 - [] ----D C:\ProgramData\PopCap Games
O43 - CFD: 23/08/2014 - 18:43:07 - [] ----D C:\ProgramData\PSafe  
O61 - LFC: 23/08/2014 - 18:09:17 ---A- . (...) -- C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\09AZEZM2\VOPackage[1].exe   [290323]  =>Adware.Downware
O61 - LFC: 23/08/2014 - 18:09:17 ---A- . (.Uniblue Systems Limited.) -- C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\09AZEZM2\speedupmypc[1].exe   [1291368]  =>PUP.SpeedUpMyPC
O61 - LFC: 23/08/2014 - 18:09:18 ---A- . (.AnyProtect.com.) -- C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\KPMWP6AZ\AnyProtect[2].exe   [17050112]  =>PUP.AnyProtect
O61 - LFC: 23/08/2014 - 18:09:18 ---A- . (.Uniblue Systems Limited.) -- C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\MLAW3EZC\SpeedUpMyPC-standalone-setup[1].exe   [18464440]  =>PUP.SpeedUpMyPC
O61 - LFC: 24/08/2014 - 18:09:17 ---A- . (.ClickMeIn Limited.) -- C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\KPMWP6AZ\AnyProtectSetup[2].exe   [575544]  =>PUP.AnyProtect
O61 - LFC: 25/08/2014 - 18:09:17 ---A- . (...) -- C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\CV7ICFK8\spyhunterS4_64[1].exe   [802013]  =>Crapware.SpyHunter
O61 - LFC: 25/08/2014 - 18:09:18 ---A- . (...) -- C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\KPMWP6AZ\myhome.vi-view[1].com   [3]  =>Hijacker.MyhomeViview
O61 - LFC: 25/08/2014 - 18:09:18 ---A- . (...) -- C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\Low\IE\GNKTTQDV\SpyHunter-Installer[1].exe   [726160]  =>Crapware.SpyHunter
C:\Program Files (x86)\Baidu-Security-2014-4.4.4.73687
C:\ProgramData\PSafe
[HKCU\Software\Probit Software]   =>PUP.ProbitSoftware^
[HKCU\Software\PopCap]    
[HKCU\Software\Probit Software]  =>PUP.ProbitSoftware
[HKLM\Software\Wow6432Node\PopCap]
Emptyprefetch
Emptyclsid
Emptyflash
Ifeofix


|- Abra a ferramenta ZHPFix. < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >
|- Clique IMPORTAÇÃO >> OK.
|- Clique "GO".
|- Poste o relatório!

A+
joram
joram
Administrador
Administrador

Mensagens : 4160
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

zoek - Como removo o navegador iStartsurf! Empty Olá Boa tarde, segue o relatório

Mensagem por Evanir da Costa Lerina Sáb 30 Ago 2014, 13:42

Rapport de ZHPFix 2014.8.3.6 par Nicolas Coolman, Update du 03/08/2014
Fichier d'export Registre :
Run by Mana at 30/08/2014 13:41:58
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit Service Pack 1 (9600)

Reciclagem vazia (00mn 04s)
Prefetcher vazio

========== Chaves do Registo ==========
ELIMINÉ: CLSID BHO: {fbdff406-2c4c-5d35-8469-34bb67ea3353}
ELIMINÉ: HKCU\Software\Probit Software
ELIMINÉ: HKCU\Software\PopCap
ELIMINÉ: HKLM\Software\Wow6432Node\PopCap
Ramo Base de Registos IFEO não infetado !

========== Valores do Registo ==========
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
ELIMINÉ Flash Cookies (0)

========== Ficheiros ==========
ELIMINÉ Temporários windows (7) (73.888 octets)
ELIMINÉ: c:\users\mana\appdata\local\microsoft\windows\inetcache\ie\09azezm2\vopackage[1].exe
ELIMINÉ: c:\users\mana\appdata\local\microsoft\windows\inetcache\ie\09azezm2\speedupmypc[1].exe
ELIMINÉ: c:\users\mana\appdata\local\microsoft\windows\inetcache\ie\kpmwp6az\anyprotect[2].exe
ELIMINÉ: c:\users\mana\appdata\local\microsoft\windows\inetcache\ie\mlaw3ezc\speedupmypc-standalone-setup[1].exe
ELIMINÉ: c:\users\mana\appdata\local\microsoft\windows\inetcache\ie\kpmwp6az\anyprotectsetup[2].exe
ELIMINÉ: c:\users\mana\appdata\local\microsoft\windows\inetcache\ie\cv7icfk8\spyhunters4_64[1].exe
ELIMINÉ: c:\users\mana\appdata\local\microsoft\windows\inetcache\ie\kpmwp6az\myhome.vi-view[1].com
ELIMINÉ: c:\users\mana\appdata\local\microsoft\windows\inetcache\low\ie\gnkttqdv\spyhunter-installer[1].exe
ELIMINÉ Flash Cookies (0) (0 octets)


========== Recapitulativo ==========
5 : Chaves do Registo
2 : Valores do Registo
2 : Pastas
10 : Ficheiros


End of clean in 00mn 08s

========== Caminho do ficheiro do relatório ==========
C:\Users\Mana\AppData\Roaming\ZHP\ZHPFix[R1].txt - 29/08/2014 14:30:58 [2973]
C:\Users\Mana\AppData\Roaming\ZHP\ZHPFix[R2].txt - 30/08/2014 13:42:03 [1995]
Evanir da Costa Lerina
Evanir da Costa Lerina
Iniciante
Iniciante

Mensagens : 14
Reputação : 0
Data de inscrição : 25/08/2014

Ir para o topo Ir para baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por joram Sáb 30 Ago 2014, 14:01

Boa Tarde! Evanir da Costa Lerina

|- Baixe: |[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]| ( ... de Xplode )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Estando na página,clique em Download Now.
|- Salve-a em um local conveniente! ( desktop! )
|- Feche aplicativos que estejam abertos.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Com as caixinhas marcadas,clique Executar!
|- O malware,ainda,lhe incomoda?

|- Tudo Ok?   isso aí!

Abs!
joram
joram
Administrador
Administrador

Mensagens : 4160
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Evanir da Costa Lerina Sáb 30 Ago 2014, 14:20

Olá Joram, acredito que agora está tudo funcionando corretamente,graças à vcs estou livre daquele maldito istartsurf e seus agregados.
Quero deixar um abraço à todos da equipe deste site e agradecer pelo empenho e seriedade em me ajudar.
Brigadão,valeu mesmo!!!!

zoek - Como removo o navegador iStartsurf! 404338
Evanir da Costa Lerina
Evanir da Costa Lerina
Iniciante
Iniciante

Mensagens : 14
Reputação : 0
Data de inscrição : 25/08/2014

Ir para o topo Ir para baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Ir para o topo Ir para baixo

Página 1 de 2 1, 2  Seguinte

Ir para o topo

- Tópicos semelhantes

 
Permissões neste sub-fórum
Não podes responder a tópicos