Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking digg  Social bookmarking delicious  Social bookmarking reddit  Social bookmarking stumbleupon  Social bookmarking slashdot  Social bookmarking yahoo  Social bookmarking google  Social bookmarking blogmarks  Social bookmarking live      

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14523 usuários registrados
O último usuário registrado atende pelo nome de Fabio Oliveira

Os nossos membros postaram um total de 35499 mensagens em 3606 assuntos
Últimos assuntos
» Computador lento
por lucasbitt Sex 31 Jan 2020, 11:20

Quem está conectado
Não há nenhum usuário online :: Nenhum usuário registrado, Nenhum Invisível e nenhuma Visita :: 1 Motor de busca

Nenhum

O recorde de usuários online foi de 163 em Seg 02 Set 2019, 16:28
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Fevereiro 2020
SegTerQuaQuiSexSabDom
     12
3456789
10111213141516
17181920212223
242526272829 

Calendário Calendário


Como removo o navegador iStartsurf!

Página 1 de 2 1, 2  Seguinte

Ir em baixo

zoek - Como removo o navegador iStartsurf! Empty Como removo o navegador iStartsurf!

Mensagem por Evanir da Costa Lerina em Ter 26 Ago 2014, 16:20

Olá boa tarde.
Como me foi pedido,estou aqui novamente pedindo ajuda de vcs.
Como faço pra desistalar o navegador iStartsurf,já tentei de várias maneiras tirá-lo mas não consigo.
Observei agora que ele não deixa eu entrar neste site de vcs,estou acessando de um tablet para poder  escrever está mensagem,pois o navegador redireciona para outro forum que desconheço.
Minha conexão  é via rádio e uso roteador.
Me ajudem por favor,sou leiga em noção de informática, mas com a ajuda de vcs quero me livrar desse vírus,pois não sei qual estrago que ele pode fazer no meu computador.
Obrigado e fico no aguardo!!!
Evanir da Costa Lerina
Evanir da Costa Lerina
Iniciante
Iniciante

Mensagens : 14
Reputação : 0
Data de inscrição : 25/08/2014

Voltar ao Topo Ir em baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Power Max em Ter 26 Ago 2014, 16:27

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

Remova adwares e toolbars maliciosas com o Adwcleaner

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

zoek - Como removo o navegador iStartsurf! Empty Envio de relatório

Mensagem por Evanir da Costa Lerina em Ter 26 Ago 2014, 22:05

# AdwCleaner v3.308 - Relatório criado 26/08/2014 às 17:55:11
# Atualizado 20/08/2014 por Xplode
# Sistema Operacional : Windows 8.1 Single Language (64 bits)
# Usuário : Mana - MANALERINA
# Executando de : C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\CV7ICFK8\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

Serviço Deletada : AllDaySavingsService64
[#] Serviço Deletada : globalUpdate
[#] Serviço Deletada : globalUpdatem
Serviço Deletada : IePluginServices
Serviço Deletada : netfilter64
Serviço Deletada : mtgaotushb64
[#] Serviço Deletada : Update ClearThink
[#] Serviço Deletada : Util ClearThink
Serviço Deletada : {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}w64

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\IePluginServices
Pasta Deletada : C:\ProgramData\WindowsMangerProtect
Pasta Deletada : C:\ProgramData\cosstminn
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Pasta Deletada : C:\Program Files (x86)\AnyProtectEx
Pasta Deletada : C:\Program Files (x86)\Claro
Pasta Deletada : C:\Program Files (x86)\globalUpdate
Pasta Deletada : C:\Program Files (x86)\predm
Pasta Deletada : C:\Program Files (x86)\Smart Driver Updater
Pasta Deletada : C:\Program Files (x86)\supporter
Pasta Deletada : C:\Program Files (x86)\SupTab
Pasta Deletada : C:\Program Files (x86)\Uniblue
Pasta Deletada : C:\Program Files (x86)\cosstminn
Pasta Deletada : C:\Program Files (x86)\HC-inemA3
Pasta Deletada : C:\Program Files (x86)\ClearThink
Pasta Deletada : C:\Program Files\AllDaySavings
Pasta Deletada : C:\Program Files\005
Pasta Deletada : C:\Users\Administrador\AppData\Local\Chromatic Browser
Pasta Deletada : C:\Users\Administrador\AppData\Local\torch
Pasta Deletada : C:\Users\Convidado\AppData\Local\Chromatic Browser
Pasta Deletada : C:\Users\Convidado\AppData\Local\torch
Pasta Deletada : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Pasta Deletada : C:\Users\HomeGroupUser$\AppData\Local\torch
Pasta Deletada : C:\Users\Mana\AppData\Local\Chromatic Browser
Pasta Deletada : C:\Users\Mana\AppData\Local\globalUpdate
Pasta Deletada : C:\Users\Mana\AppData\Local\PriceMeter
Pasta Deletada : C:\Users\Mana\AppData\Local\torch
Pasta Deletada : C:\Users\Mana\AppData\Roaming\1H1Q
Pasta Deletada : C:\Users\Mana\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Mana\AppData\Roaming\Claro
Pasta Deletada : C:\Users\Mana\AppData\Roaming\istartsurf
Pasta Deletada : C:\Users\Mana\AppData\Roaming\Systweak
Pasta Deletada : C:\Users\Public\Documents\baidu
Pasta Deletada : C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Pasta Deletada : C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
Pasta Deletada : C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
Pasta Deletada : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
Pasta Deletada : C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
[!] Pasta Deletada : C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
[!] Pasta Deletada : C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
[!] Pasta Deletada : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
[!] Pasta Deletada : C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
[!] Pasta Deletada : C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
[!] Pasta Deletada : C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
[!] Pasta Deletada : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
[!] Pasta Deletada : C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
[!] Pasta Deletada : C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
[!] Pasta Deletada : C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
[!] Pasta Deletada : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
[!] Pasta Deletada : C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
Arquivo Deletada : C:\Users\Public\Desktop\RegClean Pro.lnk
Arquivo Deletada : C:\windows\System32\drivers\netfilter64.sys
Arquivo Deletada : C:\windows\System32\roboot64.exe
Arquivo Deletada : C:\windows\System32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}w64.sys
Arquivo Deletada : C:\Users\Mana\AppData\Roaming\aps.uninstall.scan.results
Arquivo Deletada : C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx
Arquivo Deletada : C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Arquivo Deletada : C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Arquivo Deletada : C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage
Arquivo Deletada : C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage-journal

***** [ Tarefas ] *****

Tarefa Deletedo : APSnotifierPP1
Tarefa Deletedo : APSnotifierPP2
Tarefa Deletedo : APSnotifierPP3
Tarefa Deletedo : ASP
Tarefa Deletedo : globalUpdateUpdateTaskMachineCore
Tarefa Deletedo : globalUpdateUpdateTaskMachineUA
Tarefa Deletedo : LaunchSignup
Tarefa Deletedo : pricemeterdownloader
Tarefa Deletedo : RegClean Pro
Tarefa Deletedo : RegClean Pro_DEFAULT
Tarefa Deletedo : RegClean Pro_UPDATES
Tarefa Deletedo : 0ad18bc0-4642-43c6-9aca-3c52d7e72881
Tarefa Deletedo : 2e9c4686-ed4a-4796-8ff8-e7c65d85f9c8
Tarefa Deletedo : 9af27b5f-30f3-4074-9855-bed34b07f284-4
Tarefa Deletedo : 9af27b5f-30f3-4074-9855-bed34b07f284-6
Tarefa Deletedo : df731d93-04d0-4bea-8a48-269a36d7e5d8

***** [ Atalhos ] *****

Atalho Desinfectada : C:\Users\Mana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Atalho Desinfectada : C:\Users\Mana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Atalho Desinfectada : C:\Users\Mana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk

***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Chave Deletedo : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\[Você precisa estar registrado e conectado para ver este link.]
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\[Você precisa estar registrado e conectado para ver este link.]
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Chave Deletedo : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Chave Deletedo : HKLM\SOFTWARE\Classes\speedupmypc
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [AnyProtect Scanner]
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ClearThink_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ClearThink_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\updateClearThink_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\updateClearThink_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\utilClearThink_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\utilClearThink_RASMANCS
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update ClearThink
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util ClearThink
Chave Deletedo : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0061748.BHO
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0061748.BHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0061748.Sandbox
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0061748.Sandbox.1
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172248}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175548}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176648}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644174448}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172248}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175548}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176648}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Chave Deletedo : HKCU\Software\AnyProtect
Chave Deletedo : HKCU\Software\GlobalUpdate
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\InstalledBrowserExtensions
Chave Deletedo : HKCU\Software\MyBestOffersToday
Chave Deletedo : HKCU\Software\PriceMeter
Chave Deletedo : HKCU\Software\RegisteredApplicationsEx
Chave Deletedo : HKCU\Software\SupHpUISoft
Chave Deletedo : HKCU\Software\systweak
Chave Deletedo : HKCU\Software\Tune
Chave Deletedo : HKCU\Software\TutoTag
Chave Deletedo : HKCU\Software\ClearThink
Chave Deletedo : HKCU\Software\AppDataLow\Software\Crossrider
Chave Deletedo : HKCU\Software\AppDataLow\Software\HC-inemA3
Chave Deletedo : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Chave Deletedo : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Chave Deletedo : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Chave Deletedo : HKLM\SOFTWARE\AllDaySavings
Chave Deletedo : HKLM\SOFTWARE\DealPlyLive
Chave Deletedo : HKLM\SOFTWARE\GlobalUpdate
Chave Deletedo : HKLM\SOFTWARE\InstalledBrowserExtensions
Chave Deletedo : HKLM\SOFTWARE\istartsurfSoftware
Chave Deletedo : HKLM\SOFTWARE\MyBestOffersToday
Chave Deletedo : HKLM\SOFTWARE\PriceMeterLiveUpdate
Chave Deletedo : HKLM\SOFTWARE\SupDp
Chave Deletedo : HKLM\SOFTWARE\SupTab
Chave Deletedo : HKLM\SOFTWARE\supWindowsMangerProtect
Chave Deletedo : HKLM\SOFTWARE\supWPM
Chave Deletedo : HKLM\SOFTWARE\systweak
Chave Deletedo : HKLM\SOFTWARE\Tune
Chave Deletedo : HKLM\SOFTWARE\Tutorials
Chave Deletedo : HKLM\SOFTWARE\Uniblue
Chave Deletedo : HKLM\SOFTWARE\HC-inemA3
Chave Deletedo : HKLM\SOFTWARE\ClearThink
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
Chave Deletedo : [x64] HKLM\SOFTWARE\AllDaySavings
Chave Deletedo : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17239

Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v

[ Arquivo : C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Startup_urls] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Startup_urls] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Homepage] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Extension] : jecijffegdindafhdhceanolkcdmjcgi
Deletedo [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma

*************************

AdwCleaner[R0].txt - [22988 octets] - [26/08/2014 16:49:04]
AdwCleaner[S0].txt - [20439 octets] - [26/08/2014 17:55:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [20500 octets] ##########
Evanir da Costa Lerina
Evanir da Costa Lerina
Iniciante
Iniciante

Mensagens : 14
Reputação : 0
Data de inscrição : 25/08/2014

Voltar ao Topo Ir em baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Power Max em Ter 26 Ago 2014, 23:44

Desative temporariamente seu antivírus para evitar conflitos.

* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Você precisa estar registrado e conectado para ver este link.]

Para executá-lo corretamente siga as dicas deste tutorial:

Exclua adwares e outras ameaças de seu PC e browsers com o aplicativo Zoek

* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

zoek - Como removo o navegador iStartsurf! Empty relatório zoek

Mensagem por Evanir da Costa Lerina em Qua 27 Ago 2014, 14:15


Zoek.exe v5.0.0.0 Updated 27-08-2014
Tool run by Mana on 27/08/2014 at 13:47:12,38.
Microsoft Windows 8.1 Single Language 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\CV7ICFK8\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

27/08/2014 13:54:33 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\Users\Mana\AppData\Roaming\ap_logs deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\Mana\AppData\LocalLow\{7FE5F702-7DBF-382D-6A34-0E4F78BA77DD} deleted
C:\Users\Mana\AppData\Local\Packages\windows_ie_ac_001\AC\{7FE5F702-7DBF-382D-6A34-0E4F78BA77DD} deleted
C:\Users\Mana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PRICEM~1 deleted
C:\PROGRA~2\Probit Software deleted
C:\Users\Mana\AppData\Local\nsn5856.tmp deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Mana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Easy Speed PC on the Web.lnk deleted
C:\Users\Mana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Easy Speed PC.lnk deleted
C:\windows\SysNative\tasks\060184C3-9766-46a0-B258-F4518A0B2633 deleted
C:\PROGRA~3\MakeMarkerFile.exe deleted
"C:\PROGRA~3\b343567315d58ade\{CE681A67-9477-CBE6-EB9D-FE534875F98D}.20140823194804" deleted
"C:\PROGRA~3\b343567315d58ade" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [23/08/2014 19:43]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[23/08/2014 19:43]

cosstminn - Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
cosstminn - Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
cosstminn - Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
cosstminn - Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
cosstminn - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
cosstminn - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
cosstminn - Mana\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi
Google Docs - Mana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Mana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Mana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Mana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
avast Online Security - Mana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - Mana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Mana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
cosstminn - Mana\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi

==== Chromium Startpages ======================

C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com/"


==== Chrome Fix ======================

C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully
C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_myhome.vi-view.com_0.localstorage deleted successfully
C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_myhome.vi-view.com_0.localstorage-journal deleted successfully
C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.istartsurf.com_0.localstorage deleted successfully
C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.istartsurf.com_0.localstorage-journal deleted successfully
C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma deleted successfully
C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage deleted successfully
C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage-journal deleted successfully
C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi deleted successfully
C:\Users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi deleted successfully
C:\Users\Mana\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi deleted successfully
C:\Users\Mana\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jecijffegdindafhdhceanolkcdmjcgi deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://goggle/"
"Search Page"="http://br.yhs4.search.yahoo.com/yhs/search?hspart=baixaki&hsimp=yhs-baixaki_br_solimba_01&p={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://goggle/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{55F3C525-1F5E-40B8-82EE-42870EC1B3CC} Unknown Url="Not_Found"

==== Reset Google Chrome ======================

C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3819994065-4268522233-1510044923-1001\Software\Microsoft\Internet Explorer\SearchScopes\{55F3C525-1F5E-40B8-82EE-42870EC1B3CC} deleted successfully

==== Deleting CLSID Registry Values ======================


==== shortcuts on Users Desktops ======================

C:\Users\Mana\Desktop\Continuar a Instalação de Adobe Flash Player.lnk -

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\avast Free Antivirus.lnk -

==== shortcuts in Users Start Menu ======================

C:\Users\Mana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ajuda.lnk - C:\Program Files (x86)\Probit Software\Easy Speed PC\EasySpeedPC.chm
C:\Users\Mana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast antivirus.lnk -
C:\Users\Mana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Mana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uninstall.lnk - C:\Program Files (x86)\Probit Software\Easy Speed PC\uninstall.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast Free Antivirus.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PSafe Total\Desinstalar.lnk - C:\Program Files (x86)\PSafe\Total\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PSafe Total\PSafe Total.lnk - C:\Program Files (x86)\PSafe\Total\QHSafeMain.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Mana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Mana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Mana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Mana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\Mana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Help Desk.lnk - C:\Program Files (x86)\Samsung\Help Desk\HelpDesk.exe
C:\Users\Mana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Mana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office15\FIRSTRUN.EXE /OEM
C:\Users\Mana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\User Guide.lnk - C:\Program Files (x86)\Samsung\User Guide\RunManual.exe

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyOverride"="<-loopback>"
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Price Met‚r deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Mana\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=74 folders=23 15773658 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Mana\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\Mana\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 27/08/2014 at 14:14:58,76 ======================
Evanir da Costa Lerina
Evanir da Costa Lerina
Iniciante
Iniciante

Mensagens : 14
Reputação : 0
Data de inscrição : 25/08/2014

Voltar ao Topo Ir em baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Power Max em Qua 27 Ago 2014, 14:19

zoek - Como removo o navegador iStartsurf! 772309 Baixe o programa Junkware Removal Tool no link abaixo:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

Tutorial do Junkware Removal Tool
_______________________________________________________________________________________________________

Depois disto faça o seguinte:

zoek - Como removo o navegador iStartsurf! 772309 Faça o download do Malwarebytes em um destes links abaixo:
[Você precisa estar registrado e conectado para ver este link.]
[Você precisa estar registrado e conectado para ver este link.]

Para instalá-lo e executá-lo corretamente siga, por gentileza, as dicas desta postagem:

Tutorial do Malwarebytes Anti-Malware

Na sua próxima resposta poste este log (relatório) do Malwarebytes juntamente com o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Evanir da Costa Lerina em Qua 27 Ago 2014, 15:46

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 Single Language x64
Ran by Mana on 27/08/2014 at 14:58:06,11
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\displayswitch



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27/08/2014 at 15:15:59,79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Evanir da Costa Lerina
Evanir da Costa Lerina
Iniciante
Iniciante

Mensagens : 14
Reputação : 0
Data de inscrição : 25/08/2014

Voltar ao Topo Ir em baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Power Max em Qua 27 Ago 2014, 15:50

Siga as dicas abaixo para acessar o Log (relatório) do Malwarebytes:

Para isto abra o Malwarebytes > Clique no botão Histórico > Clique em Logs de Aplicativos > E dê um duplo clique com o botão esquerdo do mouse sobre o Log de Verificação mais atual para abri-lo. Isto é mostrado nesta imagem:

[Você precisa estar registrado e conectado para ver esta imagem.]

Na próxima tela que surgirá clique no botão Exportar > e clique na opção Arquivo texto (*.txt):

[Você precisa estar registrado e conectado para ver esta imagem.]

Na outra tela que vai aparecer dê um nome para este relatório (como LOG por exemplo) > Clique em Área de Trabalho (para que ele seja salvo no seu Desktop) > Clique em Salvar:

[Você precisa estar registrado e conectado para ver esta imagem.]

Clique em OK na próxima mensagem que aparece:

[Você precisa estar registrado e conectado para ver esta imagem.]

Depois disto é só postar este log do Malwarebytes em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Evanir da Costa Lerina em Qua 27 Ago 2014, 15:56

Malwarebytes Anti-Malware
[Você precisa estar registrado e conectado para ver este link.]

Data de Verificação: 27/08/2014
Hora da Verificação: 14:32:06
Logfile: LOG.txt
Administrador: Sim

Versão: 2.00.2.1012
Malware Database: v2014.08.27.05
Rootkit Database: v2014.08.21.01
Licença: Trial
Proteção de Malware: Enabled
Proteção de Site Malicioso: Enabled
Self-protection: Desabilitado

OS: Windows 8.1
CPU: x64
Sistema de Arquivo: NTFS
Usuário: Mana

Tipo da Verificação: Verificar Ameaça
Resultado: Completado
Arquivos Verificados: 337897
Tempo Decorrido: 14 min, 41 seg

Memória: Enabled
Inicialização: Enabled
Filesystem: Enabled
Arquivos: Enabled
Rootkits: Desabilitado
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processos: 0
(No malicious items detected)

Módulos: 0
(No malicious items detected)

Chaves de Registro: 15
PUP.Optional.Adpeak.A, HKLM\SOFTWARE\allday savings, Quarantined, [266be5e6710a83b3333837b9c63cbe42],
PUP.Optional.CostMin, HKLM\SOFTWARE\CLASSES\cosstminn.cosstminn, Quarantined, [f69b83481c5f80b6fbb812df837fbc44],
PUP.Optional.CostMin, HKLM\SOFTWARE\CLASSES\cosstminn.cosstminn.2.0, Quarantined, [1b76ad1eb2c959dd258e26cb7c868f71],
PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\WOW6432NODE\SearchSnacks, Quarantined, [3160cffc2a513006b5ab32cdf012c13f],
PUP.Optional.CostMin, HKLM\SOFTWARE\WOW6432NODE\CLASSES\cosstminn.cosstminn, Quarantined, [385905c60a717cba1a999160a959da26],
PUP.Optional.CostMin, HKLM\SOFTWARE\WOW6432NODE\CLASSES\cosstminn.cosstminn.2.0, Quarantined, [028f2f9c235863d3ecc705ec38ca6a96],
PUP.Optional.SearchSnacks, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ssnfd, Quarantined, [761bc803d1aa2313f9bb19d6679b6799],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110611171148}, Quarantined, [454c6d5e037857df113108e02fd5926e],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110611171148}, Quarantined, [454c6d5e037857df113108e02fd5926e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3819994065-4268522233-1510044923-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11111111-1111-1111-1111-110611171148}, Quarantined, [454c6d5e037857df113108e02fd5926e],
PUP.Optional.Costmin, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7FE5F702-7DBF-382D-6A34-0E4F78BA77DD}, Quarantined, [325ff8d3b2c91e1884fc6088d62e18e8],
PUP.Optional.Costmin, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7FE5F702-7DBF-382D-6A34-0E4F78BA77DD}, Quarantined, [325ff8d3b2c91e1884fc6088d62e18e8],
PUP.Optional.Costmin, HKU\S-1-5-21-3819994065-4268522233-1510044923-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{7FE5F702-7DBF-382D-6A34-0E4F78BA77DD}, Quarantined, [325ff8d3b2c91e1884fc6088d62e18e8],
PUP.Optional.Costmin, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{7FE5F702-7DBF-382D-6A34-0E4F78BA77DD}, Quarantined, [325ff8d3b2c91e1884fc6088d62e18e8],
PUP.Optional.Costmin, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{7FE5F702-7DBF-382D-6A34-0E4F78BA77DD}, Quarantined, [325ff8d3b2c91e1884fc6088d62e18e8],

Valores de Registro: 1
PUP.Optional.MBot.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|mbot_br_39, Quarantined, [771a2c9f5a216dc91356905b4db5728e],

Dados do Registro: 0
(No malicious items detected)

Pastas: 8
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\index-dir, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\databases, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\IndexedDB, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\IndexedDB\file__0.indexeddb.leveldb, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Local Storage, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],

Arquivos: 302
PUP.Optional.Firseria, C:\Users\Mana\Downloads\Avast! Free Antivirus.exe, Quarantined, [771a6467dc9fb87ef2e2f21653b2a957],
PUP.Optional.DomaIQ, C:\Users\Mana\Downloads\Driver_Updater.exe, Quarantined, [d2bf8e3d225947ef62e1ea67a858ca36],
PUP.Optional.PersonalCleaner, C:\Users\Mana\Downloads\PdfReaderSetup.exe, Quarantined, [1f72dbf0bcbf2b0b2e9df36d33d1eb15],
PUP.Optional.DomaIQ, C:\Users\Mana\Downloads\Setup (1).exe, Quarantined, [0c85f8d3304b5bdbc294e0d2cb36d729],
PUP.Optional.AirAdInstaller, C:\Users\Mana\Downloads\Software Update (1).exe, Quarantined, [97fa7a511c5f0b2bd6658fab7789d22e],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\QuotaManager-journal, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\cookies, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\cookies-journal, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\QuotaManager, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\website.ico, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\00242af6670b2b57_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\002f9707dc6eb2c4_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\013841b082b6149d_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\01417aa5c0186119_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\01b940d1718094b0_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\020a1462e32e94ec_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\02dede48fe2683c0_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\03b43496c2dac400_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\03febcd11bb17e65_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\041fbf9e69b77514_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\0656ba9e6e75d60e_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\09330b91a94f2f21_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\094ac41ae267f3e7_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\0d364ecacc3ba37c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\0da9e4436cd6a33b_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\6e22a876b498e8f0_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\6f698d25320ec398_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\6f7767bba8cebab3_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\6fa7df3d5aa21d91_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\745c37883c8f5881_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\75b0a172623742fb_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\75bd36039359dac2_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\75e5b0d128713d76_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\7753545310d30411_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\7790e844b0e98891_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\c76e9ef6244d745d_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\c8204462e6bd29c4_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\c85322c1bb51970c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\c95822800999c5a2_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\ca142b2577f499b4_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\ca4db7f4e93c2dd2_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\caeb5db39065b322_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\cbd1e1b7186b187a_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\cbe3d7ea6b94ef1f_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\cc1ccafa24e33b87_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\375ad8ee92fd3bfe_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\376b960fa6339830_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\39e01095b2170870_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\3ac082b88125ec40_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\3bba4aaa0a60fc9a_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\3d4ce81493740172_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\3e2a83f6125a459e_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\3e54d89302faa2c9_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\3f215f49c9698e41_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\45e3212b34078829_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\468ed3324fa00b25_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\a4ae37e9ffd4c314_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\a52540f7e242dbc1_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\a682a844981d4e40_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\a95477a05f1ed48d_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\ac79cdad26e71faf_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\ad022c837acfb2c5_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\adf2f33e1ff7f428_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\afd3853698b57ea4_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\b09158b19879cb5d_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\4d70f2ec77ec372e_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\4fc8ebc30a2a5f62_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\5084f79f56702dba_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\509121e19b767024_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\5340835db270077f_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\5396f746cdc60618_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\558b80b246af90bb_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\571d8342569f9588_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\581b0e3df86210a9_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\58582e5a9115c5c0_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\58fce9fe914c81aa_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\591ddb321e5cfba1_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\a2e25cb6bc29fd21_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\b180ccb35c60a2c1_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\c5d01da770880359_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\ccfd35b1a2f67d5c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\dc66056528c35d5d_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\e69bedb2b3d66c9b_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\dd05cf2d49253455_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\de31ab041e1b1d20_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\de46d167d5852095_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\ded9bf09be938bb0_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\df117a0941239152_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\df935297994c3232_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\dff49b41653f93d0_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\e03f65034b6fcd49_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\e2e7ec1e2d842766_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\e43fb345b8a7fd6f_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\2888a059e433b63c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\2a181501d42ac822_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\2c04bbf443eae70c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\2d7a9833e11e92ce_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\2eb4bece98d38246_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\2f607f41aafa33fe_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\2f6d3f8e061eda36_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\2f771927d8822a09_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\310b622fcdde3a1f_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\31180b29e0a84479_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\315a39b606bc4359_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\31d0e60c7add0e2c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\327e2f346370c855_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\32e165794dc5cc1c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\33340918e81b9f9a_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\346325161b82b112_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\35efc5e69c94242d_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\3679240fe3115f35_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\809948abdcda7ed7_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\80a572bb05ace41b_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\812118c9df71ec26_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\8139b0e9930a6948_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\81b63b906e9a42ac_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\83f54d7cf9d4900b_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\854e0d9fbc3a7165_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\86c16da91a7a975a_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\899b71f3cbe2ca80_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\8a2abd4eed83e9d6_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\8a9ec86f446a0901_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\604dd438878f5db8_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\60aba98990d86109_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\6327cb3559063fac_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\63aa828b09d2273f_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\63d4dfeb795e6004_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\644ef0fbfce0527e_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\6527147b416c3753_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\66dae7ea99dcbbd8_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\674ebb0f5c04525c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\67677fe6cee9c825_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\68868552a17a5984_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\69596bed7d4c9b4e_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\6a40d20d15cfecce_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\6c59d8fc05f5caee_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\6cd259e87b234e55_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\117cc044d1c92fd1_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\1186a7d8d6a83621_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\16d434c7220bb40c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\183f4e2c275db2f0_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\18d4da4c268af3a1_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\1aa0282fbbc6c50a_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\1cd768bc7c62ca8d_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\1f76ab7967d8d228_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\20b307ae435b995c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\2171dcd9dd50d84f_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\239a90dfaf073813_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\23acbc41fc929cb2_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\27e9e90e0dadb275_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\e7d194066a0b284d_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\ea63dc5a9d345db6_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\ea811130ea2288a6_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\ec6d54d86f938052_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\ef778682e23e7bff_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\f0226a79cd58ae03_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\f1820e52c31a0d88_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\f208e3720835116e_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\f3e0517777920804_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\f53209509dde1f12_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\f6a085c0478cddd1_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\f6a1cb845b5394d3_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\f6f6c2bb5710ce5e_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\f946860d923440ee_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\fa6f416abaf355ce_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\fead0dd37a5cd07f_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\index, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\b453ef1194bbd519_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\b472a66cd3f3dde1_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\b8a5b24da8656494_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\b8d27ce8e98aa36a_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\b93e330b62f2ec53_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\b946211cdd7253a4_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\bb5c07d0b0ecee14_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\bf6cb5d82b54d795_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\c0e1c5856685862b_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\c174b04fa92e1643_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\c2731446158639b0_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\c4b917d6c89772e6_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\c4d7d8b5ab74f1d8_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\c54bf716db823006_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\46ed3a4430cde43a_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\47a8f2287780e31c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\47cff2ba15008159_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\48602aaf0de52c18_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\48c66a82a6907468_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\48d9e92badcf5a9f_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\48df56f5c64d2809_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\49778c462bcba49c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\4af525c1e66750be_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\4b31449684928a10_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\4b7ef17753f89737_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\4c9bbcc506794dcc_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\4d20553ff9d3edf4_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\5b721f5ca4f2d10e_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\5c6902fd8089163c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\5dbf901a7054fc00_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\5df847142a4c64a0_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\5e044cc74ebd4935_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\5e07c22fdb6e2f4a_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\5ed1cb2ed3d4503d_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\5fc26552f3eb2adf_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\5ffa92cb5efba8c1_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\6005a9ba3bd565fe_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\788fc5c8e4ea6599_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\79c1188f07e3a4d2_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\7b022a86d239c27c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\7c55d307fe43e78a_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\7c7fc438505be20c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\7d967542a297b947_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\7db47782a6db54bc_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\7e9293acf4fd3a2a_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\7eec09c0c5bdae68_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\7f4835d74b70c19c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\7fc3efd97363b9d1_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\8b6c29d41640a606_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\91a501b48ee2cb0b_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\94ce6bea1ae45eee_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\954b9c606802895e_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\95a30a0ea2da114c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\99edabdc44ef00ee_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\9f74e5be76976027_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\a0be0767de2123e8_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\a0d11d0caa4b6ad8_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\a1604fe832ea5905_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\cdb0073af63362e3_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\ce349f633d51db9c_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\d0c0d10de9c432e1_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\d17a5d64dd15af92_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\d1e55f8e14425cef_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\d546cbe0db54d4dc_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\d681aebf460cb29b_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\d916524367abf89d_0, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Cache\index-dir\the-real-index, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\databases\Databases.db, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\databases\Databases.db-journal, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\IndexedDB\file__0.indexeddb.leveldb\000005.bak, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\IndexedDB\file__0.indexeddb.leveldb\000005.ldb, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\IndexedDB\file__0.indexeddb.leveldb\000006.log, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\IndexedDB\file__0.indexeddb.leveldb\CURRENT, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\IndexedDB\file__0.indexeddb.leveldb\LOCK, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\IndexedDB\file__0.indexeddb.leveldb\LOG, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\IndexedDB\file__0.indexeddb.leveldb\LOG.old, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\IndexedDB\file__0.indexeddb.leveldb\MANIFEST-000004, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Local Storage\file__0.localstorage, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Local Storage\file__0.localstorage-journal, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Local Storage\http_br.vplay8.com_0.localstorage, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.Gameo.A, C:\Users\Mana\AppData\Local\gameo\Local Storage\http_br.vplay8.com_0.localstorage-journal, Quarantined, [7c15b912c2b9bd796183e269d52f59a7],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Chinese_rcp.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\FileList.rcp, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Chinese_uninst.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\CleanSchedule.exe, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Danish_rcp.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Danish_uninst.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Dutch_rcp.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Dutch_uninst.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\eng_rcp.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\eng_uninst.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Japanese_rcp.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Japanese_uninst.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\korean_rcp_ko.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\korean_uninst_ko.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\LicMgr.dll, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Norwegian_rcp.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Norwegian_uninst.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\polish_rcp_pl.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\polish_uninst_pl.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\portugese_rcp_pt.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\portugese_uninst_pt.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Portuguese_rcp.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Portuguese_uninst.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\RCPUninstall.exe, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Finnish_rcp_fi.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Finnish_uninst_fi.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\French_rcp.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\French_uninst.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\German_rcp.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\German_uninst.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\greek_rcp_el.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\greek_uninst_el.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\install_left_image.bmp, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\isxdl.dll, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Italian_rcp.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Italian_uninst.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\RegCleanPro.exe, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\RegList.rcp, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\russian_rcp_ru.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\russian_uninst_ru.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Spanish_rcp.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\spanish_uninst.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Swedish_rcp.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\swedish_uninst.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\systweakasp.exe, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\TPS.ico, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\TraditionalCn_rcp_zh-tw.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\traditionalcn_uninst_zh-tw.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\turkish_rcp_tr.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Turkish_uninst_tr.ini, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\unins000.dat, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\unins000.exe, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\unins000.msg, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\xmllite.dll, Quarantined, [d4bd01ca5e1d2e08b4fb7fd331d348b8],

Physical Sectors: 0
(No malicious items detected)


(end)
Evanir da Costa Lerina
Evanir da Costa Lerina
Iniciante
Iniciante

Mensagens : 14
Reputação : 0
Data de inscrição : 25/08/2014

Voltar ao Topo Ir em baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Power Max em Qua 27 Ago 2014, 16:02

Você usou só a verificação de ameaças, que não é tão completa como a que é mostrada no tutorial que te passei. Siga as dicas abaixo para fazer a limpeza completa:

Alterando o idioma do Malwarebytes para o português:

Caso o idioma do seu Malwarebytes esteja em inglês é bem simples mudá-lo para nossa língua. Para isto abra o Malwarebytes e clique em Settings como mostra esta imagem:

[Você precisa estar registrado e conectado para ver esta imagem.]

Na próxima tela que surge, clique em Language e selecione a opção Portugueze (Brazil):

[Você precisa estar registrado e conectado para ver esta imagem.]
___________________________________________________________________________

Como executar uma verificação personalizada com o Malwarebytes:

- Abra o Malwarebytes > Clique em Verificar > clique em Verificação Personalizada > Clique em Verificar Agora:

[Você precisa estar registrado e conectado para ver esta imagem.]

Surgirá mais esta tela abaixo na qual você marcará todas as caixinhas do lado direito da tela para que todas as áreas de seu PC e mídias removíveis ligadas a ele possam ser escaneadas. E do lado esquerdo da tela deixe marcadas estas opções:

Verificar Objetos na Memória
Verificar as Configurações da Inicialização e do Registro
Verificar Arquivos Compactados


Quanto ao restante, deixe da forma já pré-configurada pelo Malwarebytes.

Depois disto clique no botão Iniciar Verificação como mostra a imagem abaixo:

[Você precisa estar registrado e conectado para ver esta imagem.]

Aguarde enquanto o escaneamento é realizado. Ele demora de acordo com a quantidade de arquivos que você possua em seu computador:

[Você precisa estar registrado e conectado para ver esta imagem.]

Assim que a verificação terminar, caso seja detectada alguma ameaça em seu PC surgirá uma mensagem como esta abaixo próximo ao relógio do Windows onde você clicará nela:

[Você precisa estar registrado e conectado para ver esta imagem.]

Neste momento aparecerá quais os malwares e itens potencialmente indesejáveis que foram detectados e os locais onde eles se encontram. Você notará que ele já mostra uma ação padrão para os itens (que normalmente é a de mover para a quarentena).

Para remover as infecções, deixe a opção Quarentena no menu Ação selecionada em todos os itens e clique no botão Aplicar Ações, como mostra esta imagem:

[Você precisa estar registrado e conectado para ver esta imagem.]

Alguns malwares são rebeldes e podem necessitar de uma reinicialização do PC para que sejam removidos. Caso isto seja solicitado pelo Malwarebytes, clique em Sim (ou Yes) como mostra esta imagem:

[Você precisa estar registrado e conectado para ver esta imagem.]

Depois disto é só postar o novo log de verificação que o Malwarebytes irá criar em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Evanir da Costa Lerina em Qua 27 Ago 2014, 18:28

Malwarebytes Anti-Malware
[Você precisa estar registrado e conectado para ver este link.]

Data de Verificação: 27/08/2014
Hora da Verificação: 16:26:16
Logfile: LOG.txt
Administrador: Sim

Versão: 2.00.2.1012
Malware Database: v2014.08.27.06
Rootkit Database: v2014.08.21.01
Licença: Trial
Proteção de Malware: Enabled
Proteção de Site Malicioso: Enabled
Self-protection: Desabilitado

OS: Windows 8.1
CPU: x64
Sistema de Arquivo: NTFS
Usuário: Mana

Tipo da Verificação: Verificação Personalizada
Resultado: Completado
Arquivos Verificados: 517678
Tempo Decorrido: 1 hr, 48 min, 57 seg

Memória: Enabled
Inicialização: Enabled
Filesystem: Enabled
Arquivos: Enabled
Rootkits: Desabilitado
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processos: 0
(No malicious items detected)

Módulos: 0
(No malicious items detected)

Chaves de Registro: 0
(No malicious items detected)

Valores de Registro: 0
(No malicious items detected)

Dados do Registro: 0
(No malicious items detected)

Pastas: 0
(No malicious items detected)

Arquivos: 18
PUP.Optional.SearchHijacker.A, C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\09AZEZM2\lly_istartsurf[1].exe, Quarantined, [fe9406c5bebd75c10426812a42bfa65a],
PUP.Optional.Firseria, C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\APDQ9SCB\AdwCleaner.exe, Quarantined, [731fbd0e96e5b18570697c8cfb0acb35],
PUP.Optional.AllDaySavings.A, C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\KPMWP6AZ\ads[1].exe, Quarantined, [3f53f0db6f0cdb5b2cfd4f1f1ce64fb1],
PUP.Optional.PriceMeter.A, C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\MLAW3EZC\pm[1].exe, Quarantined, [395944871962e74fd2e6c6c8e120f709],
PUP.Optional.Wajam, C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\MLAW3EZC\WIE_2.12.2.5[1].exe, Quarantined, [8909ca0185f692a495e17139b54cce32],
PUP.Optional.VBates, C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\MLAW3EZC\vbstub[1].exe, Quarantined, [e3af37943447072ff5d1b0f9b24fd22e],
PUP.Optional.AdPeak.A, C:\AdwCleaner\Quarantine\C\Program Files\005\mtgaotushb64.exe.vir, Quarantined, [5b378e3de398979fd536b120cd37b848],
PUP.Optional.Sanbreel.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClearThink\bin\plugins\ClearThink.FeSvc.dll.vir, Quarantined, [5e34e0eb007b38fee6ff1f7f55ace719],
PUP.Optional.Sanbreel.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClearThink\bin\plugins\ClearThink.PurBrowse.dll.vir, Quarantined, [5d3521aa453656e0de6689f9867b59a7],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\Program Files (x86)\cosstminn\_L_oS.dll.vir, Quarantined, [e8aa26a5e794b77f1e0c5a58aa57a25e],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\Program Files (x86)\cosstminn\_L_oS.x64.dll.vir, Quarantined, [aae8e7e45f1c2313b07ac5eda75a966a],
PUP.Optional.IEPluginService.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\RSHP.exe.vir, Quarantined, [0092b516ee8dfa3cbff615602dd4867a],
PUP.Optional.ELEX, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe.vir, Quarantined, [8909478499e285b19cb7b1fb659c36ca],
PUP.Optional.SupTab.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir, Quarantined, [4f433695abd040f6fb828ca942be52ae],
PUP.Optional.ELEX, C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir, Quarantined, [2d65319a99e2b482500303a9df2221df],
PUP.Optional.PriceMeter.A, C:\AdwCleaner\Quarantine\C\Users\Mana\AppData\Local\PriceMeter\pricemeterd.exe.vir, Quarantined, [d3bf2aa114670d297665bdbcc33e56aa],
PUP.Optional.PriceMeter.A, C:\AdwCleaner\Quarantine\C\Users\Mana\AppData\Local\PriceMeter\uninst.exe.vir, Quarantined, [5b37ba110a71171fcbed1c7213ee6898],
PUP.Optional.RegCleanPro, C:\AdwCleaner\Quarantine\C\windows\System32\roboot64.exe.vir, Quarantined, [0290e8e362199c9a01b453560af77c84],

Physical Sectors: 0
(No malicious items detected)


(end)
Evanir da Costa Lerina
Evanir da Costa Lerina
Iniciante
Iniciante

Mensagens : 14
Reputação : 0
Data de inscrição : 25/08/2014

Voltar ao Topo Ir em baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Power Max em Qua 27 Ago 2014, 23:36


Faça o download do < ZHPDiag > < [Você precisa estar registrado e conectado para ver esta imagem.]> ( ... de Nicolas Coolman )

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:

[Você precisa estar registrado e conectado para ver esta imagem.]

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

Tutorial de instalação e execução do aplicativo ZHPDiag

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Evanir da Costa Lerina em Qui 28 Ago 2014, 14:55

~ ZHPCleaner v2014.8.28.93 by Nicolas Coolman (28/08/2014)
~ Run by Mana (Administrator) (28/08/2014 11:01:10)
~ WebSite : [Você precisa estar registrado e conectado para ver este link.]
~ Forum : [Você precisa estar registrado e conectado para ver este link.]
~ State version : Updated version
~ Report : C:\Users\Mana\Desktop\ZHPCleaner.txt
~ Report : C:\Users\Mana\AppData\Roaming\ZHP\ZHPCleaner.txt
~ Quarantine : C:\Users\Mana\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ Windows 81, 64-bit (Build 9600)



---\\ Restoration of the browsers default proxy settings,
REPLACED PARAMS: EnableHttp1_1 ( 1 )


---\\ Redirect Shortcut Browsers repair (Argument Infection)
~ No repair necessary


---\\ Startup Browser Microsoft Internet Explorer Repair
REPLACED PARAMS: Start Page ( [Você precisa estar registrado e conectado para ver este link.] )
REPLACED PARAMS: Search Page ( [Você precisa estar registrado e conectado para ver este link.] )
REPLACED PARAMS: Default_Page_URL ( [Você precisa estar registrado e conectado para ver este link.] )
REPLACED PARAMS: Default_Search_URL ( [Você precisa estar registrado e conectado para ver este link.] )
REPLACED PARAMS: Start Page ( [Você precisa estar registrado e conectado para ver este link.] )
REPLACED PARAMS: Search Page ( [Você precisa estar registrado e conectado para ver este link.] )


---\\ Startup Browser Mozilla Firefox Repair
~ No browser faund


---\\ Startup Browser Coogle Chrome Repair
~ No browser faund


---\\ Startup Browser Opera Sofware Opera Repair
~ No browser faund


---\\ Browser Helper Objet Repair
~ No repair necessary


---\\ Toolbars Repair
~ No repair necessary


---\\ Defaul Browser Provider Repair (SearchScope) (Default)
REPLACED: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\DefaultScope (Web)
~ No repair necessary


---\\ Defaul Browser Provider Repair (SearchScope) (Others)


---\\ Remove values from startup key changing the browser settings (Run)
~ No repair necessary


---\\ Generic removal of infection by Hijacker Sambreel
~ No repair necessary


---\\ Removal of harmful extensions for Mozilla Firefox (Register).
~ No repair necessary


---\\ Repair of the hosts file
REPLACED:
Number of found redirections 1/19


End of clean at 11:01:42
Evanir da Costa Lerina
Evanir da Costa Lerina
Iniciante
Iniciante

Mensagens : 14
Reputação : 0
Data de inscrição : 25/08/2014

Voltar ao Topo Ir em baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Power Max em Qui 28 Ago 2014, 15:06

Você usou o ZHPCleaner, mas o que pedimos foi o ZHPDiag. Execute ele como mostra o tutorial que te passei na resposta anterior e poste o relatório dele.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Evanir da Costa Lerina em Qui 28 Ago 2014, 15:27

~ Relatório do ZHPDiag v2014.8.28.125 - Nicolas Coolman (28/08/2014)
~ Iniciado por Mana (28/08/2014 15:25:26)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Endereço do Webforum : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17239 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8.1 Single Language, 64-bit (Build 9600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Malwarebytes Anti-Malware versão 2.0.2.1012
Windows Defender W8 (Deactivate)

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3969 MB (62% free)
System Restore: Activé (Enable)
System drive C: has 403 GB (90%) free of 447 GB

---\\ Modo de conexão ao sistema
~ Computer Name: MANALERINA
~ User Name: Mana
~ All Users Names: Mana, HomeGroupUser$, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Mana\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Mana\AppData\Roaming\
~ %Desktop% : C:\Users\Mana\Desktop\
~ %Favorites% : C:\Users\Mana\Favorites\
~ %LocalAppData% : C:\Users\Mana\AppData\Local\
~ %StartMenu% : C:\Users\Mana\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 403 Go of 447 Go)
D: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.81394C91B7B5A7C799E249AE82491F13] - (.Microsoft Corporation - Windows Explorer.) (.04/03/2014 - 09:25:49.) -- C:\Windows\Explorer.exe [2373784]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.22/08/2013 - 06:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.8E71A5CB5312B8392D4DA4CA37BB5868] - (.Microsoft Corporation - Internet Extensions para Win32.) (.25/07/2014 - 07:52:06.) -- C:\Windows\System32\wininet.dll [2266624]
[MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.22/02/2014 - 06:45:48.) -- C:\Windows\System32\Winlogon.exe [562176]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/12/2013 - 05:54:07.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 00:03:03.) -- C:\Windows\system32\Drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 09:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 08:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 05:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.06/03/2014 - 06:22:50.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.498288DD5CA42C2D36D125893E968C53] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.18/03/2014 - 05:19:14.) -- C:\Windows\system32\Drivers\HDAudBus.sys [77312]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Driver de porta i8042.) (.22/08/2013 - 08:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.27/11/2013 - 09:02:29.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.7A1A3F213CDB3363D179D5014272025D] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.30/04/2014 - 03:41:46.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402432]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 08:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.1C80517BE6836A812F6A9B99B8321351] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.20/03/2014 - 00:41:24.) -- C:\Windows\system32\Drivers\ntfs.sys [2013016]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Driver de porta paralela.) (.22/08/2013 - 08:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 08:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Microsoft.) (.22/08/2013 - 16:12:11.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.4BB9BC49DEE1A319EC58274A7BBED663] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.06/03/2014 - 09:42:44.) -- C:\Windows\system32\Drivers\volsnap.sys [310616]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/803
~ Mes musiques (My Musics) : 32/568
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 1/14
~ Mon Bureau (My Desktop) : 1/8
~ Menu demarrer (Programs) : 1/25
~ Hidden Files: Scanned in 00mn 00s



---\\ Processos lançados
[MD5.7BF2E7C528154391F08A66206C770F7E] - (.SAMSUNG Electronics co., LTD. - ShutdownEvent.) -- C:\ProgramData\Samsung\ShutdownEvent.exe [1715592] [PID.2012]
[MD5.4FBC630768570E6AC35C3DE8F6EC79F5] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [6970168] [PID.2192]
[MD5.CE4266FC6B2FA3281332D027A269805F] - (.TODO: - DisplaySwitch.) -- C:\ProgramData\SAMSUNG\DisplaySwitch.exe [1758512] [PID.3884]
[MD5.26B558B2D31C7425B455B00E562EAD93] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [4085896] [PID.2828]
[MD5.3FF3960455C0C92D7184BC273841BA66] - (.Symantec Corporation - Norton Studio.) -- C:\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.4.0.24_x86__v68kp9n051hdp\mmamain.exe [2359624] [PID.6468]
[MD5.771E149F97AA6679DEF79F0953414435] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [812176] [PID.4092]
[MD5.33BF80A2291C54DC7D7601CDEF63138E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8099328] [PID.3964]
~ Processes Running: Scanned in 00mn 01s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
~ IE Browser: 14 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hôte est sain (The hosts file is clean) (19)
~ Hosts File: Scanned in 00mn 00s



---\\ Outras conexões do utilizador (04)
O4 - GS\Program [Mana]: Ajuda.lnk . (...) -- C:\Program Files (x86)\Probit Software\Easy Speed PC\EasySpeedPC.chm (.not file.) =>PUP.ProbitSoftware
O4 - GS\Program [Mana]: Uninstall.lnk . (...) -- C:\Program Files (x86)\Probit Software\Easy Speed PC\uninstall.exe (.not file.) =>PUP.ProbitSoftware
~ Global Startup: 2 Legitimates Filtered in 00mn 01s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [Bitcasa] . (...) -- C:\Program Files\Bitcasa\BitcasaBoot.exe
O4 - HKLM\..\Run: [Samsung Link] . (.Copyright 2013 SAMSUNG - Samsung Link Tray Agent.) -- C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [Easy Speed PC] C:\Program Files (x86)\Probit Software\Easy Speed PC\ESPCLauncher.exe (.not file.) =>PUP.ProbitSoftware
O4 - HKCU\..\Run: [DisplaySwitch] . (.TODO: - DisplaySwitch.) -- C:\programdata\samsung\DisplaySwitch.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [QHSafeTray] C:\Program Files (x86)\PSafe\Total\safemon\QHSafeTray.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\policies\Explorer\Run: [BtvStack] . (.Atheros Communications - Bluetooth Stack Server.) -- C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
O4 - HKUS\S-1-5-21-3819994065-4268522233-1510044923-1001\..\Run: [Easy Speed PC] C:\Program Files (x86)\Probit Software\Easy Speed PC\ESPCLauncher.exe (.not file.) =>PUP.ProbitSoftware
O4 - HKUS\S-1-5-21-3819994065-4268522233-1510044923-1001\..\Run: [DisplaySwitch] . (.TODO: - DisplaySwitch.) -- C:\programdata\samsung\DisplaySwitch.exe
~ Application: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{9E599739-AA18-456E-8B01-9B9D122C3302}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{9E599739-AA18-456E-8B01-9B9D122C3302}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Chave do Registo autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} . (.EldoS Corporation - CbFs Mount Notifier.) -- C:\windows\system32\CbFsMntNtf3.dll
~ SSODL: 2 Legitimates Filtered in 00mn 00s



---\\ Chave do Registo autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) [64Bits] - {5FF49FE8-B332-4CB9-B102-FB6951629E55} . (.EldoS Corporation - CbFs Mount Notifier.) -- C:\windows\SysWow64\CbFsMntNtf3.dll
~ STS/SSO: Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: AtherosSvc (AtherosSvc) . (.Windows (R) Win 7 DDK provider - Windows Setup API.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) . (...) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (.not file.)
~ Services: 15 Legitimates Filtered in 00mn 27s



---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [{2C583602-FAC1-4388-BC13-16C6DBCDB78A}] (...) -- C:\Users\Mana\AppData\Roaming\istartsurf\UninstallManager.exe (.not file.) [0] =>PUP.IsStart
[MD5.00000000000000000000000000000000] [APT] [{A78954F3-C318-411F-84D3-94DFE5085E81}] (...) -- C:\Program Files (x86)\Baidu-Security-2014-4.4.4.73687\Baidu Antivirus\Uninstall.exe (.not file.) [0]
[MD5.A53151B5EFCFEBD18895CC62E1F1CF63] [APT] [{F2DC3B7F-5D16-4069-A86D-2EF05B44E678}] (...) -- C:\Users\Mana\Desktop\avast_free_antivirus_setup_online.exe [4856496]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1082]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1086]
~ Scheduled Task: 20 Legitimates Filtered in 00mn 07s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (360Box64) . (.360.cn - 360Box64.) - C:\Windows\System32\DRIVERS\360Box64.sys
O41 - Driver: (360FsFlt) . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Proactive Defense.) - C:\Windows\System32\DRIVERS\360FsFlt.sys
O41 - Driver: (BAPIDRV) . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Cloud Security.) - C:\Windows\System32\DRIVERS\BAPIDRV64.sys
O41 - Driver: (Bfilter) . (. - .) - C:\windows\system32\drivers\Bfilter.sys (.not file.)
O41 - Driver: (Bfmon) . (. - .) - C:\windows\system32\drivers\Bfmon.sys (.not file.)
O41 - Driver: (Bnbase) . (. - .) - C:\Windows\System32\drivers\bnbasex64.sys (.not file.)
O41 - Driver: (Bndef) . (. - .) - C:\windows\system32\drivers\bndef64.sys (.not file.)
O41 - Driver: (Bprotect) . (. - .) - C:\windows\system32\drivers\Bprotect.sys (.not file.)
~ Drivers: 58 Legitimates Filtered in 00mn 01s



---\\ Software instalados (042)
O42 - Logiciel: Download & Install Packages - (...) [HKCU][64Bits] -- Download & Install Packages
~ Logic: 23 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Baidu Security]
[HKCU\Software\Download4windows]
[HKCU\Software\GoldenGate]
[HKCU\Software\Reg]
[HKCU\Software\gameo]
[HKLM\Software\AllDaySavings ] =>PUP.AllDaySavings
[HKLM\Software\Baidu Security]
[HKLM\Software\HC-inemA3-nv]
[HKLM\Software\Wow6432Node\360Safe]
[HKLM\Software\Wow6432Node\360TotalSecurity]
[HKLM\Software\Wow6432Node\4d1c5f5c-987f-43ac-b8f1-f37847f5e933]
[HKLM\Software\Wow6432Node\Baidu Security]
[HKLM\Software\Wow6432Node\HC-inemA3-nv]
[HKLM\Software\Wow6432Node\MaxPower]
[HKLM\Software\Wow6432Node\Reg]
[HKLM\Software\Wow6432Node\fecff559-642b-4bb1-9398-042725fdf5c9]
~ Key Software: 149 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 21/08/2014 - 23:22:16 - [] ----D C:\Program Files (x86)\Baidu-Security-2014-4.4.4.73687
O43 - CFD: 23/08/2014 - 19:25:09 - [] -SH-D C:\ProgramData\360Quarant
O43 - CFD: 23/08/2014 - 18:44:13 - [] ----D C:\ProgramData\360safe
O43 - CFD: 21/08/2014 - 23:22:26 - [] ----D C:\ProgramData\Baidu Security
O43 - CFD: 25/08/2014 - 13:51:47 - [] ----D C:\Users\Mana\AppData\Roaming\0D1F2W1G1I1F1T1QyE2W1L1G1Q1F2W1B
O43 - CFD: 23/08/2014 - 19:25:40 - [] ----D C:\Users\Mana\AppData\Roaming\360safe
O43 - CFD: 24/08/2014 - 00:18:55 - [] ----D C:\Users\Mana\AppData\Roaming\gameo
O43 - CFD: 21/08/2014 - 23:25:16 - [] --H-D C:\Users\Mana\AppData\Roaming\GoldenGate
~ Program Folder: 106 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.E7B53AF004BEE5112F787A6E5B04D737] - 18/08/2014 - 13:45:51 ---A- . (...) -- C:\Windows\System32\connectedsearch-results.searchconnector-ms [11109]
O44 - LFC:[MD5.DE461B86C05946D10E519F512D09E389] - 18/08/2014 - 13:45:55 ---A- . (...) -- C:\Windows\System32\RacRules.xml [100197]
O44 - LFC:[MD5.F1DB86EA935C13CDFF27AB957297136A] - 18/08/2014 - 13:45:55 ---A- . (...) -- C:\Windows\System32\connectedsearch-suggestions.searchconnector-ms [7762]
O44 - LFC:[MD5.1FDF29F970E2E843B4DC5D0626D0EDD5] - 18/08/2014 - 13:45:55 ---A- . (...) -- C:\Windows\System32\connectedsearch-zeroinput.searchconnector-ms [7130]
O44 - LFC:[MD5.119E0F7A71775A5CFB208B036ECE35E1] - 18/08/2014 - 13:46:09 ---A- . (...) -- C:\Windows\System32\WimBootCompress.ini [2255]
O44 - LFC:[MD5.DCF2510E0745720E543E84F5E921FCC0] - 18/08/2014 - 13:47:06 ---A- . (...) -- C:\Windows\System32\dfpinc.dat [262335]
O44 - LFC:[MD5.FFFCC3C3ED6886A95D3C0E1B49C652BA] - 18/08/2014 - 13:48:14 ---A- . (...) -- C:\Windows\System32\systemsf.ebd [139600]
O44 - LFC:[MD5.12B0701B1CEC1A7BB0E4C71D97661E23] - 19/08/2014 - 17:59:15 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [387210]
O44 - LFC:[MD5.08750A50CF027F93070C8BB78E27C3B7] - 21/08/2014 - 20:18:47 -SH-- . (...) -- C:\Windows\System32\desktop.ini [75]
O44 - LFC:[MD5.B7CC32E00C5C5152D221DF182827F58E] - 23/08/2014 - 18:35:49 ---A- . (...) -- C:\Windows\System32\srms.dat [50745]
O44 - LFC:[MD5.A583F4DAAA4DB87BF92FD033966ABC4B] - 23/08/2014 - 18:44:06 ---A- . (.360.cn - 360Box64.) -- C:\Windows\System32\Drivers\360Box64.sys [305736]
O44 - LFC:[MD5.15FE196A71357AC9FF6E5A4B360BDB20] - 23/08/2014 - 18:44:07 ---A- . (.360.cn - 360安全卫士 网络防黑模块.) -- C:\Windows\System32\Drivers\360AntiHacker64.sys [100424]
O44 - LFC:[MD5.D33811D3113C05B8485BF497B6CB50A9] - 23/08/2014 - 18:44:07 ---A- . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Cloud Security.) -- C:\Windows\System32\Drivers\BAPIDRV64.SYS [180816]
O44 - LFC:[MD5.3AA0D07082BF4B4EFF8BAE9F4EDF783B] - 23/08/2014 - 18:44:08 ---A- . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Proactive Defense.) -- C:\Windows\System32\Drivers\360fsflt.sys [311888]
O44 - LFC:[MD5.0AABA03736666B85AC37C01467E89578] - 23/08/2014 - 18:44:21 ---A- . (.360.cn - 360杀毒 文件监控驱动.) -- C:\Windows\System32\Drivers\360AvFlt.sys [77896]
O44 - LFC:[MD5.1EE5F9F327D19074DA82B58D8252A749] - 23/08/2014 - 18:44:22 ---A- . (.360安全中心 - 360Efimon Driver.) -- C:\Windows\System32\Drivers\efimon.sys [23752]
O44 - LFC:[MD5.8B6802F9993CCE93A1149705F8F6B5E1] - 23/08/2014 - 19:29:39 ---A- . (...) -- C:\Windows\win.ini [194]
O44 - LFC:[MD5.D95E64416A4A3ED6986E0F474DA934BD] - 23/08/2014 - 19:43:20 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 27/08/2014 - 13:46:58 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.94DACE4B80EF65996480079244BB10DD] - 27/08/2014 - 14:14:58 ---A- . (...) -- C:\zoek-results.log [14810]
O44 - LFC:[MD5.692639EEC7E3FEEA6CAFACFC5370B0CB] - 27/08/2014 - 14:51:46 ---A- . (...) -- C:\relat.malware.xml [4754]
O44 - LFC:[MD5.A368ABC74F55FC0545456BC221CE8A25] - 27/08/2014 - 14:57:59 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [158494]
O44 - LFC:[MD5.6D7027372FC4DC131CD84DA111997F04] - 27/08/2014 - 14:57:59 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [774900]
O44 - LFC:[MD5.E294573565F55B0DE98FADEAA9E7DF85] - 27/08/2014 - 15:37:55 ---A- . (...) -- C:\relatorio malware.txt [44489]
~ Files: 649 Legitimates Filtered in 00mn 41s



---\\ Negação do serviço (Local Security Authority) (048)
~ LSA: 3 Legitimates Filtered in 00mn 00s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{272500c4-fd92-11e3-8267-24f5aa54bbde}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{3407ef5c-f4c6-11e3-8266-24f5aa58d423}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{3407efb1-f4c6-11e3-8266-24f5aa58d423}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{3407f032-f4c6-11e3-8266-24f5aa54bbde}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{3407f0c1-f4c6-11e3-8266-24f5aa54bbde}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{34270573-fd5a-11e3-8266-24f5aa54bbde}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{3427059d-fd5a-11e3-8266-24f5aa54bbde}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{342705d1-fd5a-11e3-8266-24f5aa54bbde}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableCAD"=1
~ MWPS: 20 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:29/07/2014 - 00:39:50 ---A- . (.360.cn - 360安全卫士 网络防黑模块.) -- C:\Windows\System32\Drivers\360AntiHacker64.sys [100424]
O58 - SDL:29/07/2014 - 00:39:49 ---A- . (.360.cn - 360杀毒 文件监控驱动.) -- C:\Windows\System32\Drivers\360AvFlt.sys [77896]
O58 - SDL:29/07/2014 - 00:39:50 ---A- . (.360.cn - 360Box64.) -- C:\Windows\System32\Drivers\360Box64.sys [305736]
O58 - SDL:29/07/2014 - 00:39:49 ---A- . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Proactive Defense.) -- C:\Windows\System32\Drivers\360fsflt.sys [311888]
O58 - SDL:23/08/2014 - 19:43:20 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:23/08/2014 - 19:43:20 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:23/08/2014 - 19:43:20 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [224896] =>.ALWIL Software
O58 - SDL:29/07/2014 - 00:39:49 ---A- . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Cloud Security.) -- C:\Windows\System32\Drivers\BAPIDRV64.SYS [180816]
O58 - SDL:12/08/2013 - 20:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:29/07/2014 - 00:39:49 ---A- . (.360安全中心 - 360Efimon Driver.) -- C:\Windows\System32\Drivers\efimon.sys [23752]
O58 - SDL:27/07/2012 - 09:00:03 ---A- . (.Windows (R) Win 7 DDK provider - HID Radio Switch mini driver for USB Fx2 Device.) -- C:\Windows\System32\Drivers\RadioHIDMini.sys [23408]
O58 - SDL:21/08/2013 - 01:31:40 ---A- . (.DEVGURU Co., LTD.([Você precisa estar registrado e conectado para ver este link.] - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [103576]
O58 - SDL:21/08/2013 - 01:31:40 ---A- . (.DEVGURU Co., LTD.([Você precisa estar registrado e conectado para ver este link.] - SAMSUNG USB Mobile DevMgr Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssuddmgr.sys [204568]
O58 - SDL:21/08/2013 - 01:31:40 ---A- . (.DEVGURU Co., LTD.([Você precisa estar registrado e conectado para ver este link.] - SAMSUNG USB Mobile OBEX Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudobex.sys [204568]
O58 - SDL:21/08/2013 - 01:31:40 ---A- . (.DEVGURU Co., LTD. - USB Rmnet Device Driver.) -- C:\Windows\System32\Drivers\ssudrmnet.sys [68888]
O58 - SDL:21/08/2013 - 01:31:40 ---A- . (.DEVGURU Co., LTD.([Você precisa estar registrado e conectado para ver este link.] - SAMSUNG USB Mobile Logging Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudserd.sys [204568]
O58 - SDL:22/08/2013 - 09:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
~ Drivers: 79 Legitimates Filtered in 00mn 07s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} - (Google) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.A53151B5EFCFEBD18895CC62E1F1CF63] [SPRF][25/08/2014] (...) -- C:\Users\Mana\Desktop\avast_free_antivirus_setup_online.exe [4856496]
~ Files: 1 Legitimates Filtered in 00mn 00s



---\\ Listagem dos dados da chave NameSpace (MNS) (O92)
O92 - MNS: - {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
O92 - MNS: - {374DE290-123F-4565-9164-39C4925E467B}
O92 - MNS: - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
O92 - MNS: - {A0953C92-50DC-43bf-BE83-3742FED03C9C}
O92 - MNS: - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
O92 - MNS: - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
~ MNS: 6 Legitimates Filtered in 00mn 00s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PennyBeeW_RASAPI32 =>PUP.PaybyAds
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PennyBeeW_RASMANCS =>PUP.PaybyAds
~ BTK: 57 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 20/03/2014 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 10/07/1658 0 | (gupdate) . (...) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 10/07/1658 0 | (gupdatem) . (...) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 27/08/2013 828376 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SR - | Auto 26/01/2013 172104 | (AdobeActiveFileMonitor11.0) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
SR - | Auto 08/05/2014 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 01/10/2013 404360 | (AllShare Framework DMS) . (.Samsung.) - C:\Program Files\Samsung\AllShare Framework DMS\1.3.20\AllShareFrameworkManagerDMS.exe
SR - | Auto 29/10/2013 317568 | (AtherosSvc) . (.Windows (R) Win 7 DDK provider.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
SR - | Auto 23/08/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 27/08/2013 747520 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 16/09/2013 131544 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 16/09/2013 169432 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 16/09/2013 390616 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 12/05/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
SR - | Auto 12/05/2014 860472 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
SR - | Auto 10/10/2013 605768 | (Samsung Link Service) . (.Copyright 2013 SAMSUNG.) - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
SR - | Auto 31/10/2013 1595440 | (Settings Launcher) . (.Samsung Electronics CO., LTD..) - C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe
SR - | Auto 11/12/2013 3019312 | (SWUpdateService) . (.Samsung Electronics CO., LTD..) - C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
SR - | Demand 10/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Demand 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 29/10/2013 323584 | (ZAtheros Bt and Wlan Coex Agent) . (.Atheros.) - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
~ Services: Scanned in 00mn 17s



---\\ Scâner Aditional (088)
Database Version : 13026 - (28/08/2014)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1

[HKLM\Software\Wow6432Node\360Safe] =>Trojan.Lozavita
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Easy Speed PC =>PUP.ProbitSoftware^
[HKLM\Software\AllDaySavings ] =>PUP.AllDaySavings^
~ Additionnel Scan: 250817 Items scanned in 00mn 53s



---\\ Informações complémentaires do módulos
~ [Você precisa estar registrado e conectado para ver este link.] =>.Internet Explorer, Gestão do Proxy (R5)
~ [Você precisa estar registrado e conectado para ver este link.] =>.Aplicações iniciadas por registo & pastas (04)
~ [Você precisa estar registrado e conectado para ver este link.] =>.Chave do registo Shell MountPoints2 (MPKS) (O51)
~ AMI: 3 Legitimates Filtered in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.] =>PUP.ProbitSoftware
[Você precisa estar registrado e conectado para ver este link.] =>PUP.IsStart
[Você precisa estar registrado e conectado para ver este link.] =>PUP.PaybyAds
[Você precisa estar registrado e conectado para ver este link.] =>Trojan.Lozavita
~ MSI: 4 link(s) detected in 00mn 00s



~ 1175 Legitimates filtered by white list
End of the scan (470 lines in 03mn 05s)(0)
Evanir da Costa Lerina
Evanir da Costa Lerina
Iniciante
Iniciante

Mensagens : 14
Reputação : 0
Data de inscrição : 25/08/2014

Voltar ao Topo Ir em baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por joram em Sex 29 Ago 2014, 12:35

Boa Tarde! Evanir da Costa Lerina

|- O Power Max está impossibilitado de atendê-lo e pediu-me para dar continuidade,no seu caso e de outros Membros.

-/-

|- Execute este script na ferramenta ZHPFix.
|- Selecione e copie estas informações que estão em vermelho,para o Bloco de Notas.
|- Com o Bloco de Notas aberto,faça: ctrl+a >> ctrl+c ( Selecionar e Copiar )
|- À seguir,minimize o Bloco de Notas.

script zhpfix
shortcutfix
emptytemp
[MD5.00000000000000000000000000000000] [APT] [{A78954F3-C318-411F-84D3-94DFE5085E81}] (...) -- C:\Program Files (x86)\Baidu-Security-2014-4.4.4.73687\Baidu Antivirus\Uninstall.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{2C583602-FAC1-4388-BC13-16C6DBCDB78A}] (...) -- C:\Users\Mana\AppData\Roaming\istartsurf\UninstallManager.exe (.not file.) [0] =>PUP.IsStart
O4 - HKLM\..\Wow6432Node\Run: [QHSafeTray] C:\Program Files (x86)\PSafe\Total\safemon\QHSafeTray.exe (.not file.)
O4 - GS\Program [Mana]: Ajuda.lnk . (...) -- C:\Program Files (x86)\Probit Software\Easy Speed PC\EasySpeedPC.chm (.not file.) =>PUP.ProbitSoftware
O4 - GS\Program [Mana]: Uninstall.lnk . (...) -- C:\Program Files (x86)\Probit Software\Easy Speed PC\uninstall.exe (.not file.) =>PUP.ProbitSoftware
O4 - HKCU\..\Run: [Easy Speed PC] C:\Program Files (x86)\Probit Software\Easy Speed PC\ESPCLauncher.exe (.not file.) =>PUP.ProbitSoftware
O4 - HKUS\S-1-5-21-3819994065-4268522233-1510044923-1001\..\Run: [Easy Speed PC] C:\Program Files (x86)\Probit Software\Easy Speed PC\ESPCLauncher.exe (.not file.) =>PUP.ProbitSoftware
O41 - Driver: (Bfilter) . (. - .) - C:\windows\system32\drivers\Bfilter.sys (.not file.)
O41 - Driver: (Bfmon) . (. - .) - C:\windows\system32\drivers\Bfmon.sys (.not file.)
O41 - Driver: (Bnbase) . (. - .) - C:\Windows\System32\drivers\bnbasex64.sys (.not file.)
O41 - Driver: (Bndef) . (. - .) - C:\windows\system32\drivers\bndef64.sys (.not file.)
O41 - Driver: (Bprotect) . (. - .) - C:\windows\system32\drivers\Bprotect.sys (.not file.)
O43 - CFD: 23/08/2014 - 18:44:13 - [] ----D C:\ProgramData\360safe    
O43 - CFD: 21/08/2014 - 23:22:26 - [] ----D C:\ProgramData\Baidu Security    
O43 - CFD: 25/08/2014 - 13:51:47 - [] ----D C:\Users\Mana\AppData\Roaming\0D1F2W1G1I1F1T1QyE2W1L1G1Q1F2W1B    
O43 - CFD: 23/08/2014 - 19:25:40 - [] ----D C:\Users\Mana\AppData\Roaming\360safe    
O44 - LFC:[MD5.94DACE4B80EF65996480079244BB10DD] - 27/08/2014 - 14:14:58 ---A- . (...) -- C:\zoek-results.log [14810]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified    
[HKCU\Software\Baidu Security]    
[HKLM\Software\AllDaySavings ] =>PUP.AllDaySavings
[HKLM\Software\Baidu Security]    
[HKLM\Software\Wow6432Node\360Safe]    
[HKLM\Software\Wow6432Node\Baidu Security]    
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PennyBeeW_RASAPI32 =>PUP.PaybyAds
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PennyBeeW_RASMANCS =>PUP.PaybyAds
[HKLM\Software\Wow6432Node\360Safe] =>Trojan.Lozavita
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Easy Speed PC =>PUP.ProbitSoftware^
[HKLM\Software\AllDaySavings ] =>PUP.AllDaySavings^
ServiceStop:Bfilter
ServiceStop:Bfmon
ServiceStop:Bnbase
ServiceStop:Bndef
ServiceStop:Bprotect
Firewallraz
emptyclsid
emptyprefetch


|- Abra a ferramenta ZHPFix. < [Você precisa estar registrado e conectado para ver esta imagem.] >
|- Clique IMPORTAÇÃO >> OK.
|- Clique "GO".
|- Poste o relatório!

A+
joram
joram
Administrador
Administrador

Mensagens : 3905
Reputação : 428
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

zoek - Como removo o navegador iStartsurf! Empty envio de relatório

Mensagem por Evanir da Costa Lerina em Sex 29 Ago 2014, 14:28

Rapport de ZHPFix 2014.8.3.6 par Nicolas Coolman, Update du 03/08/2014
Fichier d'export Registre :
Run by Mana at 29/08/2014 14:30:54
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit Service Pack 1 (9600)

Reciclagem vazia (00mn 03s)
Prefetcher vazio
Reparação de atalhos do navegador

========== Estado dos serviços ==========
Bfilter Parado
Bfmon Parado
Bnbase Parado
Bndef Parado
Bprotect Parado

========== Chaves do Registo ==========
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bnbase
ELIMINÉ Driver Key: Bndef
ELIMINÉ Driver Key: Bprotect
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ:* HKLM\Software\AllDaySavings
ELIMINÉ:* HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\360Safe
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PennyBeeW_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PennyBeeW_RASMANCS

========== Valores do Registo ==========
ELIMINÉ RunValue: QHSafeTray
ELIMINÉ RunValue: Easy Speed PC
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :
ELIMINÉ: FirewallRaz (Domain) : {9E3D57FC-7C37-4424-9352-4831E97D029D}
ELIMINÉ: FirewallRaz (Domain) : {548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}
ELIMINÉ: FirewallRaz (Domain) : NetPres-In-TCP-NoScope
ELIMINÉ: FirewallRaz (Domain) : NetPres-Out-TCP-NoScope
ELIMINÉ: FirewallRaz (None) : NetPres-WSD-In-UDP
ELIMINÉ: FirewallRaz (None) : NetPres-WSD-Out-UDP
ELIMINÉ: FirewallRaz (Public) : NetPres-In-TCP
ELIMINÉ: FirewallRaz (Public) : NetPres-Out-TCP
ELIMINÉ: FirewallRaz (None) : MCX-Prov-Out-TCP
ELIMINÉ: FirewallRaz (None) : MCX-McrMgr-Out-TCP
ELIMINÉ: FirewallRaz (Private) : {86F44F8A-E137-4275-AAB2-E1405939617A}
ELIMINÉ: FirewallRaz (Private) : {3B773622-23A7-42BD-9848-CD844B84F8C8}
ELIMINÉ: FirewallRaz (Private) : {A62A9054-6105-467A-876E-6B2C85C30134}
ELIMINÉ: FirewallRaz (Private) : {5386131D-FD80-4A9B-B6F6-F33C30647282}

========== Elementos dos dados do Registo ==========
SUBSTITUI Value NoActiveDesktopChanges : Good (0) - Bad (1)

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ Temporários windows (12) (88.617 octets)
ELIMINÉ: c:\users\mana\appdata\roaming\microsoft\windows\start menu\programs\ajuda.lnk
ELIMINÉ: c:\users\mana\appdata\roaming\microsoft\windows\start menu\programs\uninstall.lnk
ELIMINÉ: c:\zoek-results.log

========== Tarefa planificada ==========
ELIMINÉ: {A78954F3-C318-411F-84D3-94DFE5085E81}
ELIMINÉ: {2C583602-FAC1-4388-BC13-16C6DBCDB78A}


========== Recapitulativo ==========
11 : Chaves do Registo
18 : Valores do Registo
1 : Elementos dos dados do Registo
1 : Pastas
4 : Ficheiros
5 : Estado dos serviços
2 : Tarefa planificada


End of clean in 00mn 19s

========== Caminho do ficheiro do relatório ==========
C:\Users\Mana\AppData\Roaming\ZHP\ZHPFix[R1].txt - 29/08/2014 14:30:58 [2894]
Evanir da Costa Lerina
Evanir da Costa Lerina
Iniciante
Iniciante

Mensagens : 14
Reputação : 0
Data de inscrição : 25/08/2014

Voltar ao Topo Ir em baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por joram em Sex 29 Ago 2014, 15:00

Boa Tarde! Evanir da Costa Lerina

|- Poste novo relatório da ferramenta ZHPDiag,na configuração COMPLETA.

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique "COMPLETA" e aguarde a conclusão!
|- Poste o relatório!

A+
joram
joram
Administrador
Administrador

Mensagens : 3905
Reputação : 428
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Evanir da Costa Lerina em Sex 29 Ago 2014, 18:20

Olá Boa Tarde,estou tentando enviar o relatório pedido por vc, porém aparece a seguinte mensagem: A largura da sua mensagem ultrapassa o limite autorizado. E agora...como faço para enviar o relatório!!!
Aguardo sua resposta.
Evanir da Costa Lerina
Evanir da Costa Lerina
Iniciante
Iniciante

Mensagens : 14
Reputação : 0
Data de inscrição : 25/08/2014

Voltar ao Topo Ir em baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por joram em Sex 29 Ago 2014, 21:05

Evanir da Costa Lerina escreveu:Olá Boa Tarde,estou tentando enviar o relatório pedido por vc, porém aparece a seguinte mensagem: A largura da sua mensagem ultrapassa o limite autorizado. E agora...como faço para enviar o relatório!!!
Aguardo sua resposta.
Olá! Evanir da Costa Lerina

< Hospedagem de Relatório >

|- Hospede-o em Cjoint.com,enviando-nos o link resultante.

A+
joram
joram
Administrador
Administrador

Mensagens : 3905
Reputação : 428
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Evanir da Costa Lerina em Sex 29 Ago 2014, 22:16

[Você precisa estar registrado e conectado para ver este link.]
Evanir da Costa Lerina
Evanir da Costa Lerina
Iniciante
Iniciante

Mensagens : 14
Reputação : 0
Data de inscrição : 25/08/2014

Voltar ao Topo Ir em baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por joram em Sex 29 Ago 2014, 23:20

Evanir da Costa Lerina escreveu:[Você precisa estar registrado e conectado para ver este link.]
Boa Noite! Evanir da Costa Lerina

|- Execute este script na ferramenta ZHPFix.
|- Selecione e copie estas informações que estão em vermelho,para o Bloco de Notas.
|- Com o Bloco de Notas aberto,faça: ctrl+a >> ctrl+c ( Selecionar e Copiar )
|- À seguir,minimize o Bloco de Notas.

Script ZHPFix
emptytemp
Firewallraz
[MD5.7BF2E7C528154391F08A66206C770F7E] - (.SAMSUNG Electronics co., LTD. - ShutdownEvent.) -- C:\ProgramData\Samsung\ShutdownEvent.exe   [1715592] [PID.5036]
[MD5.CE4266FC6B2FA3281332D027A269805F] - (.TODO: - DisplaySwitch.) -- C:\ProgramData\SAMSUNG\DisplaySwitch.exe   [1758512] [PID.5488]
O2 - BHO: (no name) [64Bits] - {fbdff406-2c4c-5d35-8469-34bb67ea3353} Chave orfã    
O42 - Logiciel: Download & Install Packages - (...) [HKCU][64Bits] -- Download & Install Packages
O43 - CFD: 21/08/2014 - 23:22:16 - [] ----D C:\Program Files (x86)\Baidu-Security-2014-4.4.4.73687  
O43 - CFD: 31/05/2014 - 22:45:51 - [] ----D C:\ProgramData\PopCap Games
O43 - CFD: 23/08/2014 - 18:43:07 - [] ----D C:\ProgramData\PSafe  
O61 - LFC: 23/08/2014 - 18:09:17 ---A- . (...) -- C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\09AZEZM2\VOPackage[1].exe   [290323]  =>Adware.Downware
O61 - LFC: 23/08/2014 - 18:09:17 ---A- . (.Uniblue Systems Limited.) -- C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\09AZEZM2\speedupmypc[1].exe   [1291368]  =>PUP.SpeedUpMyPC
O61 - LFC: 23/08/2014 - 18:09:18 ---A- . (.AnyProtect.com.) -- C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\KPMWP6AZ\AnyProtect[2].exe   [17050112]  =>PUP.AnyProtect
O61 - LFC: 23/08/2014 - 18:09:18 ---A- . (.Uniblue Systems Limited.) -- C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\MLAW3EZC\SpeedUpMyPC-standalone-setup[1].exe   [18464440]  =>PUP.SpeedUpMyPC
O61 - LFC: 24/08/2014 - 18:09:17 ---A- . (.ClickMeIn Limited.) -- C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\KPMWP6AZ\AnyProtectSetup[2].exe   [575544]  =>PUP.AnyProtect
O61 - LFC: 25/08/2014 - 18:09:17 ---A- . (...) -- C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\CV7ICFK8\spyhunterS4_64[1].exe   [802013]  =>Crapware.SpyHunter
O61 - LFC: 25/08/2014 - 18:09:18 ---A- . (...) -- C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\IE\KPMWP6AZ\myhome.vi-view[1].com   [3]  =>Hijacker.MyhomeViview
O61 - LFC: 25/08/2014 - 18:09:18 ---A- . (...) -- C:\Users\Mana\AppData\Local\Microsoft\Windows\INetCache\Low\IE\GNKTTQDV\SpyHunter-Installer[1].exe   [726160]  =>Crapware.SpyHunter
C:\Program Files (x86)\Baidu-Security-2014-4.4.4.73687
C:\ProgramData\PSafe
[HKCU\Software\Probit Software]   =>PUP.ProbitSoftware^
[HKCU\Software\PopCap]    
[HKCU\Software\Probit Software]  =>PUP.ProbitSoftware
[HKLM\Software\Wow6432Node\PopCap]
Emptyprefetch
Emptyclsid
Emptyflash
Ifeofix


|- Abra a ferramenta ZHPFix. < [Você precisa estar registrado e conectado para ver esta imagem.] >
|- Clique IMPORTAÇÃO >> OK.
|- Clique "GO".
|- Poste o relatório!

A+
joram
joram
Administrador
Administrador

Mensagens : 3905
Reputação : 428
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

zoek - Como removo o navegador iStartsurf! Empty Olá Boa tarde, segue o relatório

Mensagem por Evanir da Costa Lerina em Sab 30 Ago 2014, 13:42

Rapport de ZHPFix 2014.8.3.6 par Nicolas Coolman, Update du 03/08/2014
Fichier d'export Registre :
Run by Mana at 30/08/2014 13:41:58
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit Service Pack 1 (9600)

Reciclagem vazia (00mn 04s)
Prefetcher vazio

========== Chaves do Registo ==========
ELIMINÉ: CLSID BHO: {fbdff406-2c4c-5d35-8469-34bb67ea3353}
ELIMINÉ: HKCU\Software\Probit Software
ELIMINÉ: HKCU\Software\PopCap
ELIMINÉ: HKLM\Software\Wow6432Node\PopCap
Ramo Base de Registos IFEO não infetado !

========== Valores do Registo ==========
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
ELIMINÉ Flash Cookies (0)

========== Ficheiros ==========
ELIMINÉ Temporários windows (7) (73.888 octets)
ELIMINÉ: c:\users\mana\appdata\local\microsoft\windows\inetcache\ie\09azezm2\vopackage[1].exe
ELIMINÉ: c:\users\mana\appdata\local\microsoft\windows\inetcache\ie\09azezm2\speedupmypc[1].exe
ELIMINÉ: c:\users\mana\appdata\local\microsoft\windows\inetcache\ie\kpmwp6az\anyprotect[2].exe
ELIMINÉ: c:\users\mana\appdata\local\microsoft\windows\inetcache\ie\mlaw3ezc\speedupmypc-standalone-setup[1].exe
ELIMINÉ: c:\users\mana\appdata\local\microsoft\windows\inetcache\ie\kpmwp6az\anyprotectsetup[2].exe
ELIMINÉ: c:\users\mana\appdata\local\microsoft\windows\inetcache\ie\cv7icfk8\spyhunters4_64[1].exe
ELIMINÉ: c:\users\mana\appdata\local\microsoft\windows\inetcache\ie\kpmwp6az\myhome.vi-view[1].com
ELIMINÉ: c:\users\mana\appdata\local\microsoft\windows\inetcache\low\ie\gnkttqdv\spyhunter-installer[1].exe
ELIMINÉ Flash Cookies (0) (0 octets)


========== Recapitulativo ==========
5 : Chaves do Registo
2 : Valores do Registo
2 : Pastas
10 : Ficheiros


End of clean in 00mn 08s

========== Caminho do ficheiro do relatório ==========
C:\Users\Mana\AppData\Roaming\ZHP\ZHPFix[R1].txt - 29/08/2014 14:30:58 [2973]
C:\Users\Mana\AppData\Roaming\ZHP\ZHPFix[R2].txt - 30/08/2014 13:42:03 [1995]
Evanir da Costa Lerina
Evanir da Costa Lerina
Iniciante
Iniciante

Mensagens : 14
Reputação : 0
Data de inscrição : 25/08/2014

Voltar ao Topo Ir em baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por joram em Sab 30 Ago 2014, 14:01

Boa Tarde! Evanir da Costa Lerina

|- Baixe: |DelFix| ( ... de Xplode )

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Estando na página,clique em Download Now.
|- Salve-a em um local conveniente! ( desktop! )
|- Feche aplicativos que estejam abertos.

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Com as caixinhas marcadas,clique Executar!
|- O malware,ainda,lhe incomoda?

|- Tudo Ok?   isso aí!

Abs!
joram
joram
Administrador
Administrador

Mensagens : 3905
Reputação : 428
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Evanir da Costa Lerina em Sab 30 Ago 2014, 14:20

Olá Joram, acredito que agora está tudo funcionando corretamente,graças à vcs estou livre daquele maldito istartsurf e seus agregados.
Quero deixar um abraço à todos da equipe deste site e agradecer pelo empenho e seriedade em me ajudar.
Brigadão,valeu mesmo!!!!

zoek - Como removo o navegador iStartsurf! 404338
Evanir da Costa Lerina
Evanir da Costa Lerina
Iniciante
Iniciante

Mensagens : 14
Reputação : 0
Data de inscrição : 25/08/2014

Voltar ao Topo Ir em baixo

zoek - Como removo o navegador iStartsurf! Empty Re: Como removo o navegador iStartsurf!

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Página 1 de 2 1, 2  Seguinte

Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum