Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

jardelpsi

[Resolvido] &nbspMalware não me deixa instalar programas

Recommended Posts

Olá, é a minha primeira vez no fórum e estou um pouco desesperado. Eu vi em outro tópico o rapaz postando o Log do Hijackthis, mas não sei como se faz, e não teria como fazer porque não consigo abrir nenhum executável. Tentei instalar o Anti Malware Byte, mas sem sucesso. Então vi em um tópico que era pra instalar o ADWClaner, mas tbm não consegui. Esses virus já estão torrando minha paciência. São eles: o que transforma pastas em atalhos (consigo excluir os atalhos, mas não o vírus), um que gera infinitos ícones do Windows Update e outro que não me permite abrir executáveis. E vai saber quantos outros há no meu notebook. Alguém me dá um help por favor? Desde já, agradeço.

Compartilhar este post


Link para o post
Compartilhar em outros sites

:) Olá Jardel.

 

:seta: Baixe esta outra versão do Malwarebytes disponível no site abaixo pois ela é feita justamente para "enganar" estes vírus que bloqueiam o funcionamento do Malwarebytes:

https://www.malwarebytes.org/chameleon/

Descompacte o conteúdo para uma pasta à sua escolha onde você se lembre depois (você também pode criar uma pasta na área de trabalho e descompactar o arquivo dentro desta pasta).

Depois disto simplesmente tente executar os arquivos clicando duas vezes sobre eles, um por um até que um deles permaneça aberto, siga as instruções na tela. Qualquer um dos arquivos são o Malwarebytes, só que cada um deles tem um nome diferente para enganar o vírus.

 

Depois disto poste o log (relatório) que ele deverá criar após a limpeza dos problemas.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Aqui está o log:


Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org


Versão da Base de Dados: v2014.01.15.08


Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Jardel Guimarães :: JARDEL [administrador]


15/01/2014 16:55:58

MBAM-log-2014-01-15 (17-04-46).txt


Tipo de Verificação: Verificação Rápida

Opções de verificações ativadas: Memória | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM

Opções de verificação desativadas: Inicialização | P2P

Objetos escaneados: 250558

Tempo decorrido: 8 minuto(s), 35 segundo(s)


Processos de Memória Detectados: 2

C:\Program Files (x86)\Kozaka\updateKozaka.exe (PUP.Optional.Kozaka.A) -> 36684 -> Nenhuma ação foi feita.

C:\Program Files (x86)\Kozaka\bin\utilKozaka.exe (PUP.Optional.Kozaka.A) -> 40964 -> Nenhuma ação foi feita.


Módulos de Memória Detectados: 1

C:\Program Files (x86)\Kozaka\bin\sqlite3.dll (PUP.Optional.Kozaka.A) -> Nenhuma ação foi feita.


Chaves de Registro Detectadas: 60

HKLM\SYSTEM\CurrentControlSet\Services\Update Kozaka (PUP.Optional.Kozaka.A) -> Nenhuma ação foi feita.

HKLM\SYSTEM\CurrentControlSet\Services\Util Kozaka (PUP.Optional.Kozaka.A) -> Nenhuma ação foi feita.

HKCR\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} (PUP.Optional.BabylonToolBar.A) -> Nenhuma ação foi feita.

HKCR\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1} (PUP.Optional.BabylonToolBar.A) -> Nenhuma ação foi feita.

HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B} (PUP.Optional.BabylonToolBar.A) -> Nenhuma ação foi feita.

HKCR\esrv.BabylonESrvc.1 (PUP.Optional.BabylonToolBar.A) -> Nenhuma ação foi feita.

HKCR\esrv.BabylonESrvc (PUP.Optional.BabylonToolBar.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Optional.SoftwareUpdater) -> Nenhuma ação foi feita.

HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Optional.SoftwareUpdater) -> Nenhuma ação foi feita.

HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Optional.SoftwareUpdater) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Optional.SoftwareUpdater) -> Nenhuma ação foi feita.

HKCR\Updater.AmiUpd.1 (PUP.Optional.SoftwareUpdater) -> Nenhuma ação foi feita.

HKCR\Updater.AmiUpd (PUP.Optional.SoftwareUpdater) -> Nenhuma ação foi feita.

HKCR\CLSID\{a45e3fa8-5048-4372-94ad-c6661671f7fc} (PUP.Optional.Kozaka.A) -> Nenhuma ação foi feita.

HKCR\TypeLib\{7357A44B-D09F-40DA-9B0B-639C741A471D} (PUP.Optional.Kozaka.A) -> Nenhuma ação foi feita.

HKCR\Interface\{C5C68B66-D3BF-4EF2-9AAD-8C15B10039FF} (PUP.Optional.Kozaka.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{A6FEED89-3BCD-4D19-9DC2-3E613A80A2A4} (PUP.Optional.Amonetize.A) -> Nenhuma ação foi feita.

HKCR\TypeLib\{1C1356DA-1E98-4810-A9F6-18D89BD1C0C0} (PUP.Optional.Amonetize.A) -> Nenhuma ação foi feita.

HKCR\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7} (PUP.Optional.Amonetize.A) -> Nenhuma ação foi feita.

HKCR\AmiBs.Installer.1 (PUP.Optional.Amonetize.A) -> Nenhuma ação foi feita.

HKCR\AmiBs.Installer (PUP.Optional.Amonetize.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575} (PUP.Optional.BabylonToolBar.A) -> Nenhuma ação foi feita.

HKCR\b (PUP.Optional.BabylonToolBar.A) -> Nenhuma ação foi feita.

HKCR\Typelib\{6E8BF012-2C85-4834-B10A-1B31AF173D70} (PUP.Optional.BabylonToolBar.A) -> Nenhuma ação foi feita.

HKCR\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} (PUP.Optional.BabylonToolBar.A) -> Nenhuma ação foi feita.

HKCR\Typelib\{DCABB943-792E-44C4-9029-ECBEE6265AF9} (PUP.Optional.OutBrowse) -> Nenhuma ação foi feita.

HKCR\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} (PUP.Optional.OutBrowse) -> Nenhuma ação foi feita.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.Optional.FunMoods.A) -> Nenhuma ação foi feita.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Optional.Funmoods.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252} (PUP.Optional.GreatSaver.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} (PUP.Optional.BabylonToolBar.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{B8873448-00E7-771A-171D-18125EF99C88} (PUP.Optional.MultiPlug.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B8873448-00E7-771A-171D-18125EF99C88} (PUP.Optional.MultiPlug.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B8873448-00E7-771A-171D-18125EF99C88} (PUP.Optional.MultiPlug.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6933C2BA-C67D-42C7-8C77-1FF4B364AF54} (PUP.Optional.MultiPlug.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{206557E9-B751-8536-624A-089631F630C8} (PUP.Optional.MultiPlug.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{206557E9-B751-8536-624A-089631F630C8} (PUP.Optional.MultiPlug.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{206557E9-B751-8536-624A-089631F630C8} (PUP.Optional.MultiPlug.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9D9BEFAE-9499-F52B-6CC4-94818CCC2AB5} (PUP.Optional.MultiPlug.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{DD108850-884B-F9EA-4B3A-7F24EBC414BA} (PUP.Optional.MultiPlug.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DD108850-884B-F9EA-4B3A-7F24EBC414BA} (PUP.Optional.MultiPlug.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hao123desk-br (PUP.Optional.Hao123.A) -> Nenhuma ação foi feita.

HKCU\SOFTWARE\BabylonToolbar (PUP.Optional.BabylonToolBar.A) -> Nenhuma ação foi feita.

HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Nenhuma ação foi feita.

HKCU\SOFTWARE\Kozaka (PUP.Optional.Kozaka.A) -> Nenhuma ação foi feita.

HKCU\SOFTWARE\DEALPLY (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.

HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Nenhuma ação foi feita.

HKCU\Software\AppDataLow\SProtector (PUP.Optional.SProtector.A) -> Nenhuma ação foi feita.

HKCU\Software\AppDataLow\Software\Crossrider (PUP.Optional.CrossRider.A) -> Nenhuma ação foi feita.

HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Nenhuma ação foi feita.

HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\BabylonToolbar (PUP.Optional.Babylon.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Kozaka (PUP.Optional.Kozaka.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\DEALPLY (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Webexp Enhanced (PUP.Optional.Webexp) -> Nenhuma ação foi feita.


Valores de Registro Detectadas: 5

HKCU\SOFTWARE\DealPly|Partner (PUP.Optional.DealPly.A) -> Data: vn -> Nenhuma ação foi feita.

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|BrowserMngr Start Page (PUP.Optional.BProtector) -> Data: http://search.babylon.com/?affID=44444&tt=120912_pcp_3712_5&babsrc=HP_ss&mntrId=32571c5b0000000000003859f9cbf03f -> Nenhuma ação foi feita.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NofolderOptions (Hijack.FolderOptions) -> Data: 1 -> Nenhuma ação foi feita.

HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: zr1F1MtGtBtH1G1T1Q0JtF1X -> Nenhuma ação foi feita.

HKLM\SOFTWARE\DealPly|ChromeCrxPath (PUP.Optional.DealPly.A) -> Data: C:\Program Files (x86)\DealPly\DealPly.crx -> Nenhuma ação foi feita.


Itens de Dados no Registro Detectadas: 7

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (Trojan.SProtector) -> Ruim: (c:\progra~3\webtect\webtect.dll) Bom: () -> Nenhuma ação foi feita.

HKCU\SOFTWARE\Policies\Microsoft\Internet Explorer\control panel|HomePage (PUM.Hijack.HomePageControl) -> Ruim: (1) Bom: (0) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Ruim: (1) Bom: (0) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Ruim: (1) Bom: (0) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Ruim: (1) Bom: (0) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel|HomePage (PUM.Hijack.HomePageControl) -> Ruim: (1) Bom: (0) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore|DisableConfig (Windows.Tool.Disabled) -> Ruim: (1) Bom: (0) -> Nenhuma ação foi feita.


Pastas Detectadas: 32

C:\Program Files (x86)\DealPly (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Nenhuma ação foi feita.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly (PUP.OPtional.Dealply.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly (PUP.OPtional.Dealply.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Kozaka (PUP.Optional.Kozaka.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Kozaka\bin (PUP.Optional.Kozaka.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Kozaka\bin\plugins (PUP.Optional.Kozaka.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Roaming\DealPly (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Roaming\DealPly\UpdateProc (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.

C:\Windows\System32\config\systemprofile\AppData\Roaming\DealPly (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.

C:\Windows\System32\config\systemprofile\AppData\Roaming\DealPly\UpdateProc (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.

C:\ProgramData\BetterSoft\OptimizerPro (PUP.Optional.OptimizerPro.A) -> Nenhuma ação foi feita.

C:\ProgramData\BetterSoft\OptimizerPro\3036567561 (PUP.Optional.OptimizerPro.A) -> Nenhuma ação foi feita.

C:\ProgramData\InstallMate\OptimizerPro (PUP.Optional.OptimizerPro.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\mt_ffx\Delta (PUP.Optional.Delta.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\mt_ffx\Delta\delta (PUP.Optional.Delta.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.21.5 (PUP.Optional.Delta.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\mt_ffx\BabylonToolbar (PUP.Optional.BabylonToolbar.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\mt_ffx\BabylonToolbar\BabylonToolbar (PUP.Optional.BabylonToolbar.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\mt_ffx\BabylonToolbar\BabylonToolbar\1.6.9.12 (PUP.Optional.BabylonToolbar.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\CT2851643 (PUP.Optional.Conduit.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\CT2851643\xpi (PUP.Optional.Conduit.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\WebexpEnhancedV1 (PUP.Optional.Webexp) -> Nenhuma ação foi feita.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885 (PUP.Optional.Webexp) -> Nenhuma ação foi feita.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ch (PUP.Optional.Webexp) -> Nenhuma ação foi feita.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ff (PUP.Optional.Webexp) -> Nenhuma ação foi feita.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ff\chrome (PUP.Optional.Webexp) -> Nenhuma ação foi feita.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ff\chrome\content (PUP.Optional.Webexp) -> Nenhuma ação foi feita.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ff\chrome\content\icons (PUP.Optional.Webexp) -> Nenhuma ação foi feita.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ff\chrome\content\icons\default (PUP.Optional.Webexp) -> Nenhuma ação foi feita.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ie (PUP.Optional.Webexp) -> Nenhuma ação foi feita.

C:\Program Files (x86)\YoutubeAdblocker (PUP.Optional.Multiplug) -> Nenhuma ação foi feita.


Arquivos Detectados: 111

C:\ProgramData\WebTect\WebTect.dll (Trojan.SProtector) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Kozaka\updateKozaka.exe (PUP.Optional.Kozaka.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Kozaka\bin\utilKozaka.exe (PUP.Optional.Kozaka.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarsrv.exe (PUP.Optional.BabylonToolBar.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\SwvUpdater\Updater.exe (PUP.Optional.SoftwareUpdater) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Kozaka\KozakaBHO.dll (PUP.Optional.Kozaka.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\Launcher_i190227513.exe (PUP.Optional.Amonetize.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarEng.dll (PUP.Optional.BabylonToolBar.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\DownloadManager.exe (PUP.Optional.OutBrowse) -> Nenhuma ação foi feita.

C:\ProgramData\CCoouPExtEnsiOn\D.dll (PUP.Optional.MultiPlug.A) -> Nenhuma ação foi feita.

C:\ProgramData\CCoouPExtEnsiOn\D.exe (PUP.Optional.MultiPlug.A) -> Nenhuma ação foi feita.

C:\ProgramData\CCoouPExtEnsiOn\D.x64.dll (PUP.Optional.MultiPlug.A) -> Nenhuma ação foi feita.

C:\ProgramData\Fun22SAve\no.dll (PUP.Optional.MultiPlug.A) -> Nenhuma ação foi feita.

C:\ProgramData\Fun22SAve\no.exe (PUP.Optional.MultiPlug.A) -> Nenhuma ação foi feita.

C:\ProgramData\Fun22SAve\no.x64.dll (PUP.Optional.MultiPlug.A) -> Nenhuma ação foi feita.

C:\ProgramData\InstallMate\{0F8C4FD6-A88B-46FA-A411-E0A9D46F6D20}\Custom.dll (PUP.Optional.InstalleRex) -> Nenhuma ação foi feita.

C:\ProgramData\savennSHarE\dwa_M5D.dll (PUP.Optional.MultiPlug.A) -> Nenhuma ação foi feita.

C:\$Recycle.Bin\S-1-5-21-1095854902-185109158-3876415704-1000\$RKOI2CD.exe (PUP.Optional.Installex) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\280413_d.exe (PUP.Optional.PCMega.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\280413_y.exe (PUP.DealPly) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\291113_f.exe (PUP.Optional.Funmoods) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\291113_y.exe (PUP.Optional.SaveSense.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\AskPIP_FF_.exe (PUP.Optional.Spigot.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\awh82E7.tmp (PUP.Optional.Amonetize) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\b01.exe (Trojan.Agent.rfz) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\toolbar1127007164.exe (PUP.Optional.Kozaka.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\toolbar206299278.exe (PUP.Optional.WebCake.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\toolbar206300714.exe (PUP.Optional.Babylon.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\uninstall133490.exe (PUP.Optional.ExpressFiles.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\90BBD7A9-BAB0-7891-BCE7-3EAF3709B173\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\90BBD7A9-BAB0-7891-BCE7-3EAF3709B173\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\90BBD7A9-BAB0-7891-BCE7-3EAF3709B173\Latest\ccp.exe (PUP.Optional.Babylon.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\90BBD7A9-BAB0-7891-BCE7-3EAF3709B173\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\90BBD7A9-BAB0-7891-BCE7-3EAF3709B173\Latest\MyDeltaTB.exe (PUP.Optional.Delta) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\90BBD7A9-BAB0-7891-BCE7-3EAF3709B173\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\is701137889\24544923_Setup.EXE (PUP.Optional.OpenCandy) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\is701137889\MyBabylonTB.exe (PUP.Optional.Babylon.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\upd780C\BabMaint.x (PUP.Optional.Babylon.A) -> Nenhuma ação foi feita.

C:\Windows\Temp\39200_updater.exe (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\Downloads\BBCPlanetaAzulWWW.RIVASANIMES.COM.rar.exe (PUP.Optional.InstalleRex) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\Downloads\Download queda livre.exe (PUP.Optional.PCMega.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\Downloads\Freier Fall.exe (PUP.Optional.InstalleRex) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\Downloads\Freier_Fall_x264.mkv_downloader.exe (PUP.Optional.GoForFiles.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\Downloads\PhotoScape_V3.6.3.exe (PUP.Optional.OpenCandy) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\Downloads\uplayermediaplayer-setup (1).exe (PUP.Optional.FullSpectrumAdmin) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\Downloads\uplayermediaplayer-setup (2).exe (PUP.Optional.FullSpectrumAdmin) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\Downloads\uplayermediaplayer-setup (3).exe (PUP.Optional.FullSpectrumAdmin) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\Downloads\uplayermediaplayer-setup (4).exe (PUP.Optional.FullSpectrumAdmin) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\Downloads\uplayermediaplayer-setup (5).exe (PUP.Optional.FullSpectrumAdmin) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\Downloads\uplayermediaplayer-setup (6).exe (PUP.Optional.FullSpectrumAdmin) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\Downloads\uplayermediaplayer-setup.exe (PUP.Optional.FullSpectrumAdmin) -> Nenhuma ação foi feita.

C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Nenhuma ação foi feita.

C:\Program Files (x86)\DealPly\DealPly.crx (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\DealPly\DealPly.xpi (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\DealPly\DealPlyIE.dll (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\DealPly\DealPlyTune.dll (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\DealPly\DealPlyUpdate.exe (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\DealPly\DealPlyUpdate.log (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\DealPly\DealPlyUpdateRun.exe (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\DealPly\icon.ico (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\DealPly\sqlite3.dll (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\DealPly\uninst.exe (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Roaming\baidu\hao123-br\hao123.1.0.0.1108.exe (PUP.Optional.Hao123.A) -> Nenhuma ação foi feita.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly\Uninstall DealPly.lnk (PUP.OPtional.Dealply.A) -> Nenhuma ação foi feita.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly\DealPly Help.lnk (PUP.OPtional.Dealply.A) -> Nenhuma ação foi feita.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly\DealPly.lnk (PUP.OPtional.Dealply.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly\Uninstall DealPly.lnk (PUP.OPtional.Dealply.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly\DealPly Help.lnk (PUP.OPtional.Dealply.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly\DealPly.lnk (PUP.OPtional.Dealply.A) -> Nenhuma ação foi feita.

C:\Windows\Tasks\schedule!3036567561.job (PUP.Optional.OptimizerPro.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Kozaka\Kozaka.ico (PUP.Optional.Kozaka.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Kozaka\KozakaUninstall.exe (PUP.Optional.Kozaka.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Kozaka\mciekghplkkgcmofonmkmlomhkamochd.crx (PUP.Optional.Kozaka.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Kozaka\sqlite3.exe (PUP.Optional.Kozaka.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Kozaka\updateKozaka.InstallState (PUP.Optional.Kozaka.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Kozaka\bin\sqlite3.dll (PUP.Optional.Kozaka.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Kozaka\bin\utilKozaka.InstallState (PUP.Optional.Kozaka.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Kozaka\bin\plugins\Kozaka.FFUpdate.dll (PUP.Optional.Kozaka.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Kozaka\bin\plugins\Kozaka.GCUpdate.dll (PUP.Optional.Kozaka.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Kozaka\bin\plugins\Kozaka.IEUpdate.dll (PUP.Optional.Kozaka.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Roaming\DealPly\UpdateProc\config.dat (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.

C:\Windows\System32\config\systemprofile\AppData\Roaming\DealPly\UpdateProc\config.dat (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.

C:\Windows\System32\config\systemprofile\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe (PUP.Optional.DealPly.A) -> Nenhuma ação foi feita.

C:\ProgramData\BetterSoft\OptimizerPro\3036567561.ini (PUP.Optional.OptimizerPro.A) -> Nenhuma ação foi feita.

C:\ProgramData\InstallMate\OptimizerPro\Custom.dll (PUP.Optional.OptimizerPro.A) -> Nenhuma ação foi feita.

C:\ProgramData\InstallMate\OptimizerPro\Readme.txt (PUP.Optional.OptimizerPro.A) -> Nenhuma ação foi feita.

C:\ProgramData\InstallMate\OptimizerPro\Setup.dat (PUP.Optional.OptimizerPro.A) -> Nenhuma ação foi feita.

C:\ProgramData\InstallMate\OptimizerPro\Setup.exe (PUP.Optional.OptimizerPro.A) -> Nenhuma ação foi feita.

C:\ProgramData\InstallMate\OptimizerPro\Setup.ico (PUP.Optional.OptimizerPro.A) -> Nenhuma ação foi feita.

C:\ProgramData\InstallMate\OptimizerPro\TsuDll.dll (PUP.Optional.OptimizerPro.A) -> Nenhuma ação foi feita.

C:\ProgramData\InstallMate\OptimizerPro\_Setup.dll (PUP.Optional.OptimizerPro.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\CT2851643\conduitStatistics.csf (PUP.Optional.Conduit.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\CT2851643\CT2851643.txt (PUP.Optional.Conduit.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\CT2851643\CT2851643.xpi (PUP.Optional.Conduit.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\CT2851643\initData.json (PUP.Optional.Conduit.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\CT2851643\manifest.json (PUP.Optional.Conduit.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\CT2851643\version.txt (PUP.Optional.Conduit.A) -> Nenhuma ação foi feita.

C:\Users\Jardel Guimarães\AppData\Local\Temp\CT2851643\xpi\install.rdf (PUP.Optional.Conduit.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\uninstall.exe (PUP.Optional.Webexp) -> Nenhuma ação foi feita.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ch\WebexpEnhancedV1alpha3885.crx (PUP.Optional.Webexp) -> Nenhuma ação foi feita.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ff\chrome.manifest (PUP.Optional.Webexp) -> Nenhuma ação foi feita.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ff\install.rdf (PUP.Optional.Webexp) -> Nenhuma ação foi feita.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ff\chrome\content\ffWebexpEnhancedV1alpha3885.js (PUP.Optional.Webexp) -> Nenhuma ação foi feita.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ff\chrome\content\ffWebexpEnhancedV1alpha3885ffaction.js (PUP.Optional.Webexp) -> Nenhuma ação foi feita.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ff\chrome\content\overlay.xul (PUP.Optional.Webexp) -> Nenhuma ação foi feita.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ff\chrome\content\icons\Thumbs.db (PUP.Optional.Webexp) -> Nenhuma ação foi feita.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ff\chrome\content\icons\default\WebexpEnhancedV1alpha3885_32.png (PUP.Optional.Webexp) -> Nenhuma ação foi feita.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ie\WebexpEnhancedV1alpha3885.dll (PUP.Optional.Webexp) -> Nenhuma ação foi feita.

C:\Program Files (x86)\YoutubeAdblocker\QE6vu.dll (PUP.Optional.Multiplug) -> Nenhuma ação foi feita.


(fim)

Compartilhar este post


Link para o post
Compartilhar em outros sites

está constando que o Malwarebytes encontrou vários problemas, mas que nenhuma ação foi feita. Selecione todos estes problemas que ele encontrou e escolha a opção de remover selecionados.

 

Depois disto poste aqui em seu tópico o novo relatório que ele irá gerar.

 

Ficamos na espera.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Coloquei em remover selecionados e ele pediu pra reiniciar. Quando o pc reinicia e eu clico em qualquer coisa ele para (trava) e nao volta mais... Já reiniciei um montes de vezes e sempre acontece isso.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Abra novamente um daqueles ícones do Malwarebytes disfarçados e execute uma Verificação Completa com ele e remova novamente os problemas que ele encontrar.

 

Depois disto poste aqui o novo relatório que ele irá criar.

 

Ficamos na espera.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Aqui está o log:


Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org


Versão da Base de Dados: v2014.01.15.08


Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Jardel Guimarães :: JARDEL [administrador]


16/01/2014 00:46:05

mbam-log-2014-01-16 (00-46-05).txt


Tipo de Verificação: Verificação Completa (C:\|D:\|G:\|Q:\|)

Opções de verificações ativadas: Memória | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM

Opções de verificação desativadas: Inicialização | P2P

Objetos escaneados: 463120

Tempo decorrido: 1 hora(s), 49 minuto(s), 10 segundo(s)


Processos de Memória Detectados: 2

C:\Program Files (x86)\Kozaka\updateKozaka.exe (PUP.Optional.Kozaka.A) -> 5000 -> Será deletado na próxima inicialização.

C:\Program Files (x86)\Kozaka\bin\utilKozaka.exe (PUP.Optional.Kozaka.A) -> 4988 -> Será deletado na próxima inicialização.


Módulos de Memória Detectados: 1

C:\Program Files (x86)\Kozaka\bin\sqlite3.dll (PUP.Optional.Kozaka.A) -> Será deletado na próxima inicialização.


Chaves de Registro Detectadas: 73

HKLM\SYSTEM\CurrentControlSet\Services\Update Kozaka (PUP.Optional.Kozaka.A) -> Enviado para a Quarentena e deletado com sucesso.

HKLM\SYSTEM\CurrentControlSet\Services\Util Kozaka (PUP.Optional.Kozaka.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1} (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B} (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\esrv.BabylonESrvc.1 (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\esrv.BabylonESrvc (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Optional.SoftwareUpdater) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Optional.SoftwareUpdater) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Optional.SoftwareUpdater) -> Enviado para a Quarentena e deletado com sucesso.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Optional.SoftwareUpdater) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\Updater.AmiUpd.1 (PUP.Optional.SoftwareUpdater) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\Updater.AmiUpd (PUP.Optional.SoftwareUpdater) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\CLSID\{a45e3fa8-5048-4372-94ad-c6661671f7fc} (PUP.Optional.Kozaka.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\TypeLib\{7357A44B-D09F-40DA-9B0B-639C741A471D} (PUP.Optional.Kozaka.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\Interface\{C5C68B66-D3BF-4EF2-9AAD-8C15B10039FF} (PUP.Optional.Kozaka.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\CLSID\{A6FEED89-3BCD-4D19-9DC2-3E613A80A2A4} (PUP.Optional.Amonetize.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\TypeLib\{1C1356DA-1E98-4810-A9F6-18D89BD1C0C0} (PUP.Optional.Amonetize.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7} (PUP.Optional.Amonetize.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\AmiBs.Installer.1 (PUP.Optional.Amonetize.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\AmiBs.Installer (PUP.Optional.Amonetize.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575} (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\b (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\Typelib\{6E8BF012-2C85-4834-B10A-1B31AF173D70} (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\Typelib\{DCABB943-792E-44C4-9029-ECBEE6265AF9} (PUP.Optional.OutBrowse) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} (PUP.Optional.OutBrowse) -> Enviado para a Quarentena e deletado com sucesso.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.Optional.FunMoods.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Optional.Funmoods.A) -> Enviado para a Quarentena e deletado com sucesso.

HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252} (PUP.Optional.GreatSaver.A) -> Enviado para a Quarentena e deletado com sucesso.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370} (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\bbylnApp.appCore.1 (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\bbylnApp.appCore (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC} (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\Babylon.dskBnd.1 (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\Babylon.dskBnd (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1} (PUP.Optional.Conduit) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} (PUP.DealPly) -> Enviado para a Quarentena e deletado com sucesso.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} (PUP.DealPly) -> Enviado para a Quarentena e deletado com sucesso.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} (PUP.DealPly) -> Enviado para a Quarentena e deletado com sucesso.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GoforFiles (PUP.Optional.GoForFiles.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\CLSID\{B8873448-00E7-771A-171D-18125EF99C88} (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B8873448-00E7-771A-171D-18125EF99C88} (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B8873448-00E7-771A-171D-18125EF99C88} (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6933C2BA-C67D-42C7-8C77-1FF4B364AF54} (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\CLSID\{206557E9-B751-8536-624A-089631F630C8} (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{206557E9-B751-8536-624A-089631F630C8} (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{206557E9-B751-8536-624A-089631F630C8} (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9D9BEFAE-9499-F52B-6CC4-94818CCC2AB5} (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCR\CLSID\{DD108850-884B-F9EA-4B3A-7F24EBC414BA} (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DD108850-884B-F9EA-4B3A-7F24EBC414BA} (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hao123desk-br (PUP.Optional.Hao123.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCU\SOFTWARE\BabylonToolbar (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCU\SOFTWARE\Kozaka (PUP.Optional.Kozaka.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCU\SOFTWARE\DEALPLY (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCU\Software\AppDataLow\SProtector (PUP.Optional.SProtector.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCU\Software\AppDataLow\Software\Crossrider (PUP.Optional.CrossRider.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.

HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Enviado para a Quarentena e deletado com sucesso.

HKLM\SOFTWARE\BabylonToolbar (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.

HKLM\SOFTWARE\Cash 'n Back (PUP.Optional.CashnBack.A) -> Enviado para a Quarentena e deletado com sucesso.

HKLM\SOFTWARE\Kozaka (PUP.Optional.Kozaka.A) -> Enviado para a Quarentena e deletado com sucesso.

HKLM\SOFTWARE\DEALPLY (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Webexp Enhanced (PUP.Optional.Webexp) -> Enviado para a Quarentena e deletado com sucesso.

HKLM\SYSTEM\CurrentControlSet\Services\CashNBack Application (PUP.Optional.CashnBack.A) -> Enviado para a Quarentena e deletado com sucesso.

HKLM\SYSTEM\CurrentControlSet\Services\cashnbackdrv (PUP.Optional.CashnBack.A) -> Enviado para a Quarentena e deletado com sucesso.


Valores de Registro Detectadas: 5

HKCU\SOFTWARE\DealPly|Partner (PUP.Optional.DealPly.A) -> Data: vn -> Enviado para a Quarentena e deletado com sucesso.

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|BrowserMngr Start Page (PUP.Optional.BProtector) -> Data: http://search.babylon.com/?affID=44444&tt=120912_pcp_3712_5&babsrc=HP_ss&mntrId=32571c5b0000000000003859f9cbf03f -> Enviado para a Quarentena e deletado com sucesso.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NofolderOptions (Hijack.FolderOptions) -> Data: 1 -> Enviado para a Quarentena e deletado com sucesso.

HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: zr1F1MtGtBtH1G1T1Q0JtF1X -> Enviado para a Quarentena e deletado com sucesso.

HKLM\SOFTWARE\DealPly|ChromeCrxPath (PUP.Optional.DealPly.A) -> Data: C:\Program Files (x86)\DealPly\DealPly.crx -> Enviado para a Quarentena e deletado com sucesso.


Itens de Dados no Registro Detectadas: 3

HKCU\SOFTWARE\Policies\Microsoft\Internet Explorer\control panel|HomePage (PUM.Hijack.HomePageControl) -> Ruim: (1) Bom: (0) -> Enviado para a Quarentena e reparado com sucesso.

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel|HomePage (PUM.Hijack.HomePageControl) -> Ruim: (1) Bom: (0) -> Enviado para a Quarentena e reparado com sucesso.

HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore|DisableConfig (Windows.Tool.Disabled) -> Ruim: (1) Bom: (0) -> Enviado para a Quarentena e reparado com sucesso.


Pastas Detectadas: 33

C:\Program Files (x86)\DealPly (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly (PUP.OPtional.Dealply.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly (PUP.OPtional.Dealply.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\Kozaka (PUP.Optional.Kozaka.A) -> Será deletado na próxima inicialização.

C:\Program Files (x86)\Kozaka\bin (PUP.Optional.Kozaka.A) -> Será deletado na próxima inicialização.

C:\Program Files (x86)\Kozaka\bin\plugins (PUP.Optional.Kozaka.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Roaming\DealPly (PUP.Optional.DealPly.A) -> Será deletado na próxima inicialização.

C:\Users\Jardel Guimarães\AppData\Roaming\DealPly\UpdateProc (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Windows\System32\config\systemprofile\AppData\Roaming\DealPly (PUP.Optional.DealPly.A) -> Será deletado na próxima inicialização.

C:\Windows\System32\config\systemprofile\AppData\Roaming\DealPly\UpdateProc (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\ProgramData\BetterSoft\OptimizerPro (PUP.Optional.OptimizerPro.A) -> Será deletado na próxima inicialização.

C:\ProgramData\BetterSoft\OptimizerPro\3036567561 (PUP.Optional.OptimizerPro.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\ProgramData\InstallMate\OptimizerPro (PUP.Optional.OptimizerPro.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\mt_ffx\Delta (PUP.Optional.Delta.A) -> Será deletado na próxima inicialização.

C:\Users\Jardel Guimarães\AppData\Local\Temp\mt_ffx\Delta\delta (PUP.Optional.Delta.A) -> Será deletado na próxima inicialização.

C:\Users\Jardel Guimarães\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.21.5 (PUP.Optional.Delta.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\mt_ffx\BabylonToolbar (PUP.Optional.BabylonToolbar.A) -> Será deletado na próxima inicialização.

C:\Users\Jardel Guimarães\AppData\Local\Temp\mt_ffx\BabylonToolbar\BabylonToolbar (PUP.Optional.BabylonToolbar.A) -> Será deletado na próxima inicialização.

C:\Users\Jardel Guimarães\AppData\Local\Temp\mt_ffx\BabylonToolbar\BabylonToolbar\1.6.9.12 (PUP.Optional.BabylonToolbar.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\CT2851643 (PUP.Optional.Conduit.A) -> Será deletado na próxima inicialização.

C:\Users\Jardel Guimarães\AppData\Local\Temp\CT2851643\xpi (PUP.Optional.Conduit.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\RBM\CashNBack (PUP.Optional.CashnBack.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\WebexpEnhancedV1 (PUP.Optional.Webexp) -> Será deletado na próxima inicialização.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885 (PUP.Optional.Webexp) -> Será deletado na próxima inicialização.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ch (PUP.Optional.Webexp) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ff (PUP.Optional.Webexp) -> Será deletado na próxima inicialização.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ff\chrome (PUP.Optional.Webexp) -> Será deletado na próxima inicialização.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ff\chrome\content (PUP.Optional.Webexp) -> Será deletado na próxima inicialização.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ff\chrome\content\icons (PUP.Optional.Webexp) -> Será deletado na próxima inicialização.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ff\chrome\content\icons\default (PUP.Optional.Webexp) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ie (PUP.Optional.Webexp) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\YoutubeAdblocker (PUP.Optional.Multiplug) -> Enviado para a Quarentena e deletado com sucesso.


Arquivos Detectados: 126

C:\Program Files (x86)\Kozaka\updateKozaka.exe (PUP.Optional.Kozaka.A) -> Será deletado na próxima inicialização.

C:\Program Files (x86)\Kozaka\bin\utilKozaka.exe (PUP.Optional.Kozaka.A) -> Será deletado na próxima inicialização.

C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarsrv.exe (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\SwvUpdater\Updater.exe (PUP.Optional.SoftwareUpdater) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\Kozaka\KozakaBHO.dll (PUP.Optional.Kozaka.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\Launcher_i190227513.exe (PUP.Optional.Amonetize.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarEng.dll (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\DownloadManager.exe (PUP.Optional.OutBrowse) -> Enviado para a Quarentena e deletado com sucesso.

C:\$Recycle.Bin\S-1-5-21-1095854902-185109158-3876415704-1000\$RKOI2CD.exe (PUP.Optional.Installex) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarApp.dll (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarTlbr.dll (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll (PUP.Optional.Conduit) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\DealPly\DealPlyIE.dll (PUP.DealPly) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\DealPly\DealPlyTune.dll (PUP.Optional.Dealply) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\DealPly\DealPlyUpdate.exe (PUP.Optional.Dealply) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\DealPly\DealPlyUpdateRun.exe (PUP.Optional.Dealply) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\GoforFiles\uninstall.exe (PUP.Optional.GoForFiles.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ie\WebexpEnhancedV1alpha3885.dll (Adware.BetterSurf) -> Enviado para a Quarentena e deletado com sucesso.

C:\ProgramData\CCoouPExtEnsiOn\D.dll (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\ProgramData\CCoouPExtEnsiOn\D.exe (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\ProgramData\CCoouPExtEnsiOn\D.x64.dll (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\ProgramData\Fun22SAve\no.dll (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\ProgramData\Fun22SAve\no.exe (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\ProgramData\Fun22SAve\no.x64.dll (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\ProgramData\InstallMate\{0F8C4FD6-A88B-46FA-A411-E0A9D46F6D20}\Custom.dll (PUP.Optional.InstalleRex) -> Enviado para a Quarentena e deletado com sucesso.

C:\ProgramData\savennSHarE\dwa_M5D.dll (PUP.Optional.MultiPlug.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Google\Chrome\User Data\Default\File System\004\t\00\00000000 (PUP.Optional.InstalleRex) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\280413_d.exe (PUP.Optional.PCMega.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\280413_y.exe (PUP.DealPly) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\291113_f.exe (PUP.Optional.Funmoods) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\291113_y.exe (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\AskPIP_FF_.exe (PUP.Optional.Spigot.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\awh82E7.tmp (PUP.Optional.Amonetize) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\toolbar1127007164.exe (PUP.Optional.Kozaka.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\toolbar206299278.exe (PUP.Optional.WebCake.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\toolbar206300714.exe (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\uninstall133490.exe (PUP.Optional.ExpressFiles.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\90BBD7A9-BAB0-7891-BCE7-3EAF3709B173\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\90BBD7A9-BAB0-7891-BCE7-3EAF3709B173\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\90BBD7A9-BAB0-7891-BCE7-3EAF3709B173\Latest\ccp.exe (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\90BBD7A9-BAB0-7891-BCE7-3EAF3709B173\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\90BBD7A9-BAB0-7891-BCE7-3EAF3709B173\Latest\MyDeltaTB.exe (PUP.Optional.Delta) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\90BBD7A9-BAB0-7891-BCE7-3EAF3709B173\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\is701137889\24544923_Setup.EXE (PUP.Optional.OpenCandy) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\is701137889\MyBabylonTB.exe (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\NeroInstallFiles\NERO20131126075306525\ISSetupPrerequisites\opencandy\OCSetupHlp.dll (PUP.Optional.OpenCandy) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\upd780C\BabMaint.x (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\Downloads\BBCPlanetaAzulWWW.RIVASANIMES.COM.rar.exe (PUP.Optional.InstalleRex) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\Downloads\Download queda livre.exe (PUP.Optional.PCMega.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\Downloads\Freier Fall.exe (PUP.Optional.InstalleRex) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\Downloads\Freier_Fall_x264.mkv_downloader.exe (PUP.Optional.GoForFiles.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\Downloads\PhotoScape_V3.6.3.exe (PUP.Optional.OpenCandy) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\Downloads\uplayermediaplayer-setup (1).exe (PUP.Optional.FullSpectrumAdmin) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\Downloads\uplayermediaplayer-setup (2).exe (PUP.Optional.FullSpectrumAdmin) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\Downloads\uplayermediaplayer-setup (3).exe (PUP.Optional.FullSpectrumAdmin) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\Downloads\uplayermediaplayer-setup (4).exe (PUP.Optional.FullSpectrumAdmin) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\Downloads\uplayermediaplayer-setup (5).exe (PUP.Optional.FullSpectrumAdmin) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\Downloads\uplayermediaplayer-setup (6).exe (PUP.Optional.FullSpectrumAdmin) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\Downloads\uplayermediaplayer-setup.exe (PUP.Optional.FullSpectrumAdmin) -> Enviado para a Quarentena e deletado com sucesso.

C:\Windows\Temp\39200_updater.exe (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\DealPly\DealPly.crx (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\DealPly\DealPly.xpi (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\DealPly\DealPlyUpdate.log (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\DealPly\icon.ico (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\DealPly\sqlite3.dll (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\DealPly\uninst.exe (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Roaming\baidu\hao123-br\hao123.1.0.0.1108.exe (PUP.Optional.Hao123.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly\Uninstall DealPly.lnk (PUP.OPtional.Dealply.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly\DealPly Help.lnk (PUP.OPtional.Dealply.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly\DealPly.lnk (PUP.OPtional.Dealply.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly\Uninstall DealPly.lnk (PUP.OPtional.Dealply.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly\DealPly Help.lnk (PUP.OPtional.Dealply.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly\DealPly.lnk (PUP.OPtional.Dealply.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Windows\Tasks\schedule!3036567561.job (PUP.Optional.OptimizerPro.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\Kozaka\Kozaka.ico (PUP.Optional.Kozaka.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\Kozaka\KozakaUninstall.exe (PUP.Optional.Kozaka.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\Kozaka\mciekghplkkgcmofonmkmlomhkamochd.crx (PUP.Optional.Kozaka.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\Kozaka\sqlite3.exe (PUP.Optional.Kozaka.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\Kozaka\updateKozaka.InstallState (PUP.Optional.Kozaka.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\Kozaka\bin\sqlite3.dll (PUP.Optional.Kozaka.A) -> Será deletado na próxima inicialização.

C:\Program Files (x86)\Kozaka\bin\utilKozaka.InstallState (PUP.Optional.Kozaka.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\Kozaka\bin\plugins\Kozaka.FFUpdate.dll (PUP.Optional.Kozaka.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\Kozaka\bin\plugins\Kozaka.GCUpdate.dll (PUP.Optional.Kozaka.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\Kozaka\bin\plugins\Kozaka.IEUpdate.dll (PUP.Optional.Kozaka.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\RBM\CashNBack\CashNBack.exe (PUP.Optional.CashnBack.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Roaming\DealPly\UpdateProc\config.dat (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Windows\System32\config\systemprofile\AppData\Roaming\DealPly\UpdateProc\config.dat (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Windows\System32\config\systemprofile\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\ProgramData\BetterSoft\OptimizerPro\3036567561.ini (PUP.Optional.OptimizerPro.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\ProgramData\InstallMate\OptimizerPro\Custom.dll (PUP.Optional.OptimizerPro.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\ProgramData\InstallMate\OptimizerPro\Readme.txt (PUP.Optional.OptimizerPro.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\ProgramData\InstallMate\OptimizerPro\Setup.dat (PUP.Optional.OptimizerPro.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\ProgramData\InstallMate\OptimizerPro\Setup.exe (PUP.Optional.OptimizerPro.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\ProgramData\InstallMate\OptimizerPro\Setup.ico (PUP.Optional.OptimizerPro.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\ProgramData\InstallMate\OptimizerPro\TsuDll.dll (PUP.Optional.OptimizerPro.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\ProgramData\InstallMate\OptimizerPro\_Setup.dll (PUP.Optional.OptimizerPro.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\CT2851643\conduitStatistics.csf (PUP.Optional.Conduit.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\CT2851643\CT2851643.txt (PUP.Optional.Conduit.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\CT2851643\CT2851643.xpi (PUP.Optional.Conduit.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\CT2851643\initData.json (PUP.Optional.Conduit.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\CT2851643\manifest.json (PUP.Optional.Conduit.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\CT2851643\version.txt (PUP.Optional.Conduit.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Users\Jardel Guimarães\AppData\Local\Temp\CT2851643\xpi\install.rdf (PUP.Optional.Conduit.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\RBM\CashNBack\icon.ico (PUP.Optional.CashnBack.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\RBM\CashNBack\libeay32.dll (PUP.Optional.CashnBack.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\RBM\CashNBack\msvcp110.dll (PUP.Optional.CashnBack.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\RBM\CashNBack\msvcr110.dll (PUP.Optional.CashnBack.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\RBM\CashNBack\nfapi.dll (PUP.Optional.CashnBack.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\RBM\CashNBack\nfregdrv.exe (PUP.Optional.CashnBack.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\RBM\CashNBack\ProtocolFilters.dll (PUP.Optional.CashnBack.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\RBM\CashNBack\rmv.exe (PUP.Optional.CashnBack.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\RBM\CashNBack\ssleay32.dll (PUP.Optional.CashnBack.A) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\uninstall.exe (PUP.Optional.Webexp) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ch\WebexpEnhancedV1alpha3885.crx (PUP.Optional.Webexp) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ff\chrome.manifest (PUP.Optional.Webexp) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ff\install.rdf (PUP.Optional.Webexp) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ff\chrome\content\ffWebexpEnhancedV1alpha3885.js (PUP.Optional.Webexp) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ff\chrome\content\ffWebexpEnhancedV1alpha3885ffaction.js (PUP.Optional.Webexp) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ff\chrome\content\overlay.xul (PUP.Optional.Webexp) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ff\chrome\content\icons\Thumbs.db (PUP.Optional.Webexp) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ff\chrome\content\icons\default\WebexpEnhancedV1alpha3885_32.png (PUP.Optional.Webexp) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ie\WebexpEnhancedV1alpha3885.dll (PUP.Optional.Webexp) -> Enviado para a Quarentena e deletado com sucesso.

C:\Program Files (x86)\YoutubeAdblocker\QE6vu.dll (PUP.Optional.Multiplug) -> Enviado para a Quarentena e deletado com sucesso.


(fim)

Compartilhar este post


Link para o post
Compartilhar em outros sites

* Inicie o PC em Modo Seguro (apertando a tecla F8 (ou a tecla F5 em alguns computadores) repetidas vezes quando o computador estiver iniciando e escolhendo a opção Modo Seguro com rede (ou Modo seguro).

 

Aí quando o PC estiver no Modo Seguro você faz a limpeza com o AdwCleaner como lhe passei e depois poste o log dele aqui em seu tópico.

 

Se mesmo no Modo Seguro não for possível executá-lo, nos diga para que possamos buscar outra alternativa.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Log:

 

# AdwCleaner v3.017 - Relatório criado 16/01/2014 às 13:50:09
# Atualizado 12/01/2014 por Xplode
# Sistema Operacional : Windows 7 Home Basic Service Pack 1 (64 bits)
# Usuário : Jardel Guimarães - JARDEL
# Executando de : C:\Users\Jardel Guimarães\Desktop\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
[#] Serviço Deletada : APNMCP
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\Ask
Pasta Deletada : C:\ProgramData\AskPartnerNetwork
Pasta Deletada : C:\ProgramData\Babylon
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\BetterSoft
Pasta Deletada : C:\ProgramData\Tarma Installer
Pasta Deletada : C:\ProgramData\Trymedia
Pasta Deletada : C:\ProgramData\WinterSoft
Pasta Deletada : C:\ProgramData\YoutubeAdblocker
Pasta Deletada : C:\ProgramData\savennSHarE
Pasta Deletada : C:\ProgramData\soureff aanD, keepo
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Claro
Pasta Deletada : C:\Program Files (x86)\AskPartnerNetwork
Pasta Deletada : C:\Program Files (x86)\BabylonToolbar
Pasta Deletada : C:\Program Files (x86)\Claro
Pasta Deletada : C:\Program Files (x86)\Conduit
Pasta Deletada : C:\Program Files (x86)\goforfiles
Pasta Deletada : C:\Program Files (x86)\soureff aanD, keepo
Pasta Deletada : C:\Program Files (x86)\uTorrentBar_PT
Pasta Deletada : C:\Users\Jardel Guimarães\AppData\Local\Conduit
Pasta Deletada : C:\Users\Jardel Guimarães\AppData\Local\SwvUpdater
Pasta Deletada : C:\Users\JARDEL~1\AppData\Local\Temp\apn
Pasta Deletada : C:\Users\Jardel Guimarães\AppData\LocalLow\BabylonToolbar
Pasta Deletada : C:\Users\Jardel Guimarães\AppData\LocalLow\Conduit
Pasta Deletada : C:\Users\Jardel Guimarães\AppData\LocalLow\uTorrentBar_PT
Pasta Deletada : C:\Users\Jardel Guimarães\AppData\Roaming\BabylonToolbar
Pasta Deletada : C:\Users\Jardel Guimarães\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Jardel Guimarães\AppData\Roaming\Claro
Pasta Deletada : C:\Users\Jardel Guimarães\AppData\Roaming\ExpressFiles
Pasta Deletada : C:\Users\Jardel Guimarães\AppData\Roaming\Funmoods
Pasta Deletada : C:\Users\Jardel Guimarães\AppData\Roaming\goforfiles
Pasta Deletada : C:\Users\Jardel Guimarães\AppData\Roaming\Mozilla\Firefox\Profiles\im7gshso.default\Extensions\aaichdow@y-poswyy.org
Pasta Deletada : C:\Users\Jardel Guimarães\AppData\Roaming\Mozilla\Firefox\Profiles\im7gshso.default\Extensions\iuiy6_auue@q-yeaie.co.uk
Arquivo Deletada : C:\END
Arquivo Deletada : C:\Users\Jardel Guimarães\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_f.dealply.com_0.localstorage
Arquivo Deletada : C:\Users\Jardel Guimarães\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_f.dealply.com_0.localstorage-journal
Arquivo Deletada : C:\Users\Jardel Guimarães\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_f.dealply.com_0.localstorage
Arquivo Deletada : C:\Users\Jardel Guimarães\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_f.dealply.com_0.localstorage-journal
Arquivo Deletada : C:\Windows\System32\Tasks\Dealply
Arquivo Deletada : C:\Windows\System32\Tasks\DealPlyUpdate
Arquivo Deletada : C:\Windows\System32\Tasks\Express FilesUpdate
Arquivo Deletada : C:\Windows\System32\Tasks\Funmoods
Arquivo Deletada : C:\Windows\System32\Tasks\GoforFilesUpdate
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Main [backup.old.Start Page]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [browserMngrDefaultScope]
Valor Deletedo : HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel [Homepage]
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Chave Deletedo : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Chave Deletedo : HKCU\Software\584dbdeb56fe913
Chave Deletedo : HKLM\SOFTWARE\584dbdeb56fe913
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar.CT2851643
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E0301295-AB3E-4AF3-979F-3D453C5F9F48}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{075FB993-E0E5-42BC-9558-BE07965E184A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E0301295-AB3E-4AF3-979F-3D453C5F9F48}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E0301295-AB3E-4AF3-979F-3D453C5F9F48}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{075FB993-E0E5-42BC-9558-BE07965E184A}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2A08AE0F-82C9-48AA-9EC7-233F56900D6B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{42AFDA72-AD78-44AA-B07F-063193CA75A2}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{E0301295-AB3E-4AF3-979F-3D453C5F9F48}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{E0301295-AB3E-4AF3-979F-3D453C5F9F48}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Chave Deletedo : HKCU\Software\APN PIP
Chave Deletedo : HKCU\Software\AskPartnerNetwork
Chave Deletedo : HKCU\Software\BabSolution
Chave Deletedo : HKCU\Software\BrowserMngr
Chave Deletedo : HKCU\Software\Conduit
Chave Deletedo : HKCU\Software\ExpressFiles
Chave Deletedo : HKCU\Software\GoforFiles
Chave Deletedo : HKCU\Software\Headlight
Chave Deletedo : HKCU\Software\Microsoft\Babylon
Chave Deletedo : HKCU\Software\Optimizer Pro
Chave Deletedo : HKCU\Software\PIP
Chave Deletedo : HKCU\Software\AppDataLow\Toolbar
Chave Deletedo : HKCU\Software\AppDataLow\Software\Conduit
Chave Deletedo : HKCU\Software\AppDataLow\Software\SmartBar
Chave Deletedo : HKCU\Software\AppDataLow\Software\uTorrentBar_PT
Chave Deletedo : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Chave Deletedo : HKLM\Software\AskPartnerNetwork
Chave Deletedo : HKLM\Software\Babylon
Chave Deletedo : HKLM\Software\BrowserMngr
Chave Deletedo : HKLM\Software\Conduit
Chave Deletedo : HKLM\Software\DataMngr
Chave Deletedo : HKLM\Software\ExpressFiles
Chave Deletedo : HKLM\Software\GoforFiles
Chave Deletedo : HKLM\Software\InstallCore
Chave Deletedo : HKLM\Software\PIP
Chave Deletedo : HKLM\Software\SP Global
Chave Deletedo : HKLM\Software\SProtector
Chave Deletedo : HKLM\Software\Trymedia Systems
Chave Deletedo : HKLM\Software\uTorrentBar_PT
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ExpressFiles
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\claro
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_PT Toolbar
Chave Deletedo : [x64] HKLM\SOFTWARE\Tarma Installer
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro
Chave Deletedo : HKLM\Software\Classes\Installer\Features\6207E55EA2FE71A4AA7ABD89AEF31D1B
Chave Deletedo : HKLM\Software\Classes\Installer\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B
***** [ Navegadores ] *****
-\\ Internet Explorer v9.0.8112.16490
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [backup.Old.Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]
-\\ Mozilla Firefox v26.0 (pt-BR)
[ Arquivo : C:\Users\Jardel Guimarães\AppData\Roaming\Mozilla\Firefox\Profiles\im7gshso.default\prefs.js ]
Linha deletada : user_pref("aol_toolbar.default.homepage.check", false);
Linha deletada : user_pref("aol_toolbar.default.search.check", false);
Linha deletada : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Linha deletada : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Linha deletada : user_pref("extensions.fQvvD5JBTTc.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};try{new function(){if(null==document.getElementById(\"id_arrrrppdjafklbvnn44[...]
Linha deletada : user_pref("extensions.m9iMKMe.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self==window.top){var script=document.createElement('script');script.t[...]
Linha deletada : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Linha deletada : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Linha deletada : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Linha deletada : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Linha deletada : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Linha deletada : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Linha deletada : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Linha deletada : user_pref("sweetim.toolbar.searchguard.enable", "");
-\\ Google Chrome v31.0.1650.63
[ Arquivo : C:\Users\Jardel Guimarães\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [24414 octets] - [16/01/2014 13:48:51]
AdwCleaner[s0].txt - [21985 octets] - [16/01/2014 13:50:09]
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [22046 octets] ##########
PS: o pc só não trava se estiver em modo de segurança, mesmo depois da limpeza do ADW Cleaner.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Log:



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.0 (01.07.2014:1)

OS: Windows 7 Home Basic x64

Ran by Jardel GuimarÆes on 16/01/2014 at 14:17:35,60

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





~~~ Services




~~~ Registry Values


Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL




~~~ Registry Keys


Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1095854902-185109158-3876415704-1000\Software\sweetim

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASMANCS




~~~ Files


Successfully deleted: [File] C:\Windows\syswow64\shoD84D.tmp




~~~ Folders


Successfully deleted: [Folder] "C:\ProgramData\baidu"

Successfully deleted: [Folder] "C:\Users\Jardel GuimarÆes\AppData\Roaming\getrighttogo"

Successfully deleted: [Folder] "C:\Users\Jardel GuimarÆes\appdata\local\cre"

Successfully deleted: [Folder] "C:\Program Files (x86)\saveshare"

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{01597FDF-3F46-4307-92C9-BB60E3162B6B}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{0780087A-0A76-4EAD-B94C-5CEAA413154F}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{09FE3F98-5C7A-4205-854E-38FA88F33CD0}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{13AC5640-39C1-4A17-B428-0E0C9C5BCA03}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{19A8CDC3-1ABB-4C9D-9B35-C8E4F368609B}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{1A9C965B-54A9-45E2-9997-B8BF5C4F7211}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{1CD649D2-83BE-4768-99D0-BAAE7C47CCD7}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{20C35A4E-2C97-461A-9175-3C8F2D6F8F96}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{29B6DE26-F74D-4170-97DD-05AD84B54BDA}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{2D1C72B2-BE97-4FB6-9DAC-4F47A6D79903}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{31D77AE3-035C-43E7-95FB-A0F3FE8B6953}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{365EDD55-9D7A-4FD7-8697-6C1DA3ECBCBE}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{36708B57-6EC4-4CF9-824D-120A37A4B4C8}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{3730F7BD-40CD-4863-B1E6-80F2336674E9}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{38FE6C19-5CBE-4A7C-8B51-A01FAB64691D}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{3A31462C-9668-48E7-9996-C0C9ECE7AD8F}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{3E1EAF08-680F-4245-AD8F-58D591C16038}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{40F74B2D-B0E0-4AB4-94EC-54B2D761E232}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{42DDDE29-1F0C-4015-8B1A-9395E862873E}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{44EABFA1-62FF-462D-8C80-6C9E65019DE7}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{48306BE3-A877-4C56-AA46-94BE60503A79}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{508F42AD-7449-406E-BE50-927ACD8A8CE6}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{50EBA3CD-146F-432D-8F78-4D8B96854962}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{5165CB4E-3E14-4477-8E18-1F78B5595280}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{52DE653C-CC91-475E-983C-9ADEEC0004AE}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{57F93693-1A87-4142-B3C4-E14EEB9661C4}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{58AB1C5F-C71F-4B8D-A4F6-4772B71979C1}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{58BD3EDB-7F8A-4DDB-8EE5-1BE8743E1EA4}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{5AF3988A-2186-40CA-85DE-5D4C1FB09846}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{5B67F75E-A5BD-432D-8AEE-5B84D51965A3}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{5FACB0FC-9C41-4743-B7EF-52B058CCEEAD}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{5FD9D5FF-AA71-402A-80C9-226A190D031F}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{65E7A927-BC8A-4D46-94CC-135566018CA5}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{6CCC8B9C-AAD0-46AC-979E-0B1A3AC440D8}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{6CDC7955-289E-462E-BB47-B6427CD9867D}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{71F03E5C-B893-4237-8F52-1E74A09E73A6}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{73D21E7E-5A4C-410A-BFC3-90C5AB3582C2}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{7747D1C6-B343-4106-ACD5-ABF5CEADE331}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{78555711-ED5C-4621-8672-350E2BB5DD12}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{7E050C2B-AD07-481B-A04F-28FCE29EC619}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{7E4D5FE7-5EAA-4898-B2B6-97D1385C33D7}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{7E8AFCE2-E555-4F9F-9612-5B44CBBC727B}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{81ED2C61-0F9F-4247-AC46-DA4EC1D527EB}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{87FFA09D-2EB7-43B7-9743-5B0216C8058E}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{8AF4C6CE-43F7-4120-A7E7-8D61798698CD}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{8D9709DC-9709-454C-959F-C2621471275C}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{9374407F-6E11-4DB5-AF47-3440FA46D521}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{9751D789-909B-4C1F-B8B9-72FCABE2C031}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{98FF75AD-8B01-4D95-B40D-24590858AFAD}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{9A951EC7-216B-48EB-BACD-456997D5C067}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{A468F2EF-8034-42C7-96CC-B95E9EC01606}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{AA364ED5-6C44-4A6B-894F-C619252BACCA}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{AE7EACA3-0DFC-4778-B7D5-AC8E7F9AD543}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{B141154C-B537-4A26-B8B6-7AC276CB78F0}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{BD09AEC0-58C5-45A6-B090-D433E1FE0333}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{C01B57FB-84DA-439E-AAFB-50AF7FDCA0E3}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{C1045EDD-38ED-496F-8D51-C594DABB54A4}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{C4509C2B-1B61-467B-BFFA-C902E249BFBF}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{C8F6B0EF-F57E-4C48-9F93-C3B984BCDBC5}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{CA608E73-F037-45A3-9689-9454BB3EC0AF}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{CCAD3326-864A-43A2-8F10-574B91D2A060}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{D288B6D5-A93D-49ED-B660-ACD52FFA443A}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{D745528A-F4A9-4EDE-BC73-68BE17E48F2C}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{D897FC62-D00F-45A1-9030-CE7555207D0B}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{DA86A2D3-2B99-437C-B406-369D7D7DE51E}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{DCAC7EF3-2667-4D99-A23B-AAE09FA27EE4}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{DD1ADE83-248F-42E2-B71B-EBC8B383F676}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{DEB033A5-96E7-4470-9196-45C2805C3341}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{E0ACCF0F-F181-4E76-BB2C-112BE738ABA5}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{E299DA4E-27D5-4CF8-8E19-1D0510A87916}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{EC8721F6-04AC-4D65-B035-28C823E52D0F}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{ED39ED6F-A259-4EA4-8933-AD9FB7CFD9C4}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{F2DF5192-12B7-463B-83FE-D8309BC8C4B5}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{F361C9B7-FFFD-4C5E-A5A6-CF6044D3C920}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{F6E9C8BA-AF6A-43F9-861A-52681A882CD0}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{F9414883-9709-43DB-8624-FDC22C7B9074}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{FB69096C-67F8-4D2E-87A1-E4B268132131}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{FEC0CEA9-F3D9-43C7-B46E-6B0B42187DA3}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{FEE30AE2-F899-4A0C-AE20-5958C4796566}

Successfully deleted: [Empty Folder] C:\Users\Jardel GuimarÆes\appdata\local\{FF963FAB-9DC8-48ED-8C1E-8CBEDA058E19}




~~~ FireFox


Successfully deleted: [File] C:\user.js

Successfully deleted the following from C:\Users\Jardel GuimarÆes\AppData\Roaming\mozilla\firefox\profiles\im7gshso.default\prefs.js


user_pref("browser.startup.homepage", "hxxp://br.hao123.com/?tn=epom_pay_hp_03_hao123_br");

user_pref("extensions.m9iMKMe.url", "hxxp://toolkitjob.info/sync2/?q=hfZ9ofV9CShEAen0rjr7qchTB6lKDzt4oktitNtVh7n0rjrFrTwHrdrHrjs5tMFHhd9FrHwGrTUErTw9rdUMDMlGojUMAe4UojgHqHrHqT




~~~ Event Viewer Logs were cleared






~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 16/01/2014 at 14:21:00,89

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Compartilhar este post


Link para o post
Compartilhar em outros sites
Segue o log:
Zoek.exe v5.0.0.0 Updated 15-Januari-2014
Tool run by Jardel GuimarÆes on 16/01/2014 at 14:54:20,11.
Microsoft Windows 7 Home Basic 6.1.7601 Service Pack 1 x64
Running in: Safe Mode NETWORK Internet Access Detected
Launched: C:\Users\Jardel Guimarães\Downloads\zoek\zoek.exe [scan all users] [script inserted]
==== System Restore Info ======================
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1095854902-185109158-3876415704-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-1095854902-185109158-3876415704-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully
HKEY_USERS\S-1-5-21-1095854902-185109158-3876415704-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{2EECD738-5844-4A99-B4B6-146BF802613B} deleted successfully
HKEY_USERS\S-1-5-21-1095854902-185109158-3876415704-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} deleted successfully
HKEY_USERS\S-1-5-21-1095854902-185109158-3876415704-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} deleted successfully
HKEY_USERS\S-1-5-21-1095854902-185109158-3876415704-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110311921100} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@WebexpEnhancedV1alpha3885.net deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
ProfilePath: C:\Users\JARDEL~1\AppData\Roaming\Mozilla\Firefox\Profiles\im7gshso.default
user.js not found
---- Lines extensions.UVL removed from prefs.js ----
user_pref("extensions.UVL.epoch", "1388619566");
user_pref("extensions.UVL.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};void(0)})();(function(){void(0)})(
---- Lines extensions.fQvvD5JBTTc removed from prefs.js ----
user_pref("extensions.fQvvD5JBTTc.epoch", "1388369658");
---- Lines extensions.m9iMKMe removed from prefs.js ----
user_pref("extensions.m9iMKMe.epoch", "1388369661");
---- Lines extensions.vkn9 removed from prefs.js ----
user_pref("extensions.vkn9.epoch", "1388619566");
user_pref("extensions.vkn9.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};void(0)})();(function(){void(0)})
---- Lines ext@WebexpEnhancedV1alpha3885.net modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{BBDA0591-3099-440a-AA10-41764D9DB4DB}\":{\"descriptor\":\"C:\\\\
---- FireFox user.js and prefs.js backups ----
prefs_012014_1502_.backup
==== Deleting Files \ Folders ======================
C:\Users\Jardel Guimarães\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hao123-Brazil not found
C:\Users\Jardel Guimarães\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8dac.js not found
"C:\Users\Jardel Guimarães\AppData\Roaming\IDT" not found
"C:\Users\Jardel Guimarães\AppData\Roaming\Sony" not found
"C:\Users\Jardel Guimarães\AppData\Roaming\Tibia" not found
"C:\Users\Jardel Guimarães\AppData\Roaming\Origin" not found
"C:\Users\Jardel Guimarães\AppData\Roaming\Dropbox" not found
"C:\Users\Jardel Guimarães\AppData\Roaming\SecuROM" not found
C:\ProgramData\kohgojghadfhlefkmlccbicohfldopoo deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\{206557E9-B751-8536-624A-089631F630C8} deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\{B8873448-00E7-771A-171D-18125EF99C88} deleted
C:\ProgramData\WebTect deleted
C:\ProgramData\7f562c2ea4308e80 deleted
C:\ProgramData\Fun22SAve deleted
C:\ProgramData\CCoouPExtEnsiOn deleted
C:\PROGRA~2\GUTA3F6.tmp deleted
C:\PROGRA~2\GUMA3F5.tmp deleted
C:\PROGRA~2\Baidu Security\PC Faster\4.0.0.0\Plugins\Plugin.PluginRemover\data\searchya.rul deleted
C:\ProgramData\FileSplitUpLoad.dll deleted
C:\ProgramData\InstallMate deleted
C:\ProgramData\SummerSoft deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\8dac.js deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
"C:\Windows\Installer\1782f95.msi" deleted
"C:\Windows\Installer\1782f95.msi" deleted
"C:\ProgramData\3260C109744D1C5B000032608EB2259B\3260C109744D1C5B000032608EB2259B" deleted
"C:\ProgramData\3260C109744D1C5B000032608EB2259B\3260C109744D1C5B000032608EB2259B.ico" deleted
"C:\ProgramData\3260C109744D1C5B000032608EB2259B" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [22/12/2012 10:45]
==== Firefox Extensions ======================
ProfilePath: C:\Users\JARDEL~1\AppData\Roaming\Mozilla\Firefox\Profiles\im7gshso.default
- Undetermined - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ff
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aaaajepeddfdaihpmdgnickofffkdlpb - C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7\CRX\ToolbarCR.crx[]
epkopmpbbfggknemfahgeidejckkncni - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha3885\ch\WebexpEnhancedV1alpha3885.crx[]
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[29/11/2012 20:35]
mciekghplkkgcmofonmkmlomhkamochd - C:\Program Files (x86)\Kozaka\mciekghplkkgcmofonmkmlomhkamochd.crx[]
mdebcffgnijbblbinknkbefciofebcda - C:\Users\Jardel GuimarÆes\AppData\Local\CRE\mdebcffgnijbblbinknkbefciofebcda.crx[]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
mdebcffgnijbblbinknkbefciofebcda - C:\Users\Jardel GuimarÆes\AppData\Local\CRE\mdebcffgnijbblbinknkbefciofebcda.crx[]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Backup.Old.Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Baidu Antivirus.lnk - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Bav.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Tibia.lnk - C:\Program Files (x86)\Tibia\Tibia.exe
==== shortcuts in Users Start Menu ======================
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Baidu PC Faster.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe -startmenu
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Feedback.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterFeedback.exe
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Uninstall.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\UninstCaller.exe
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dispositivos Bluetooth\Barbara Medeiros.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTWUIExt.exe /deviceAddr=a8922c9d4b35
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dispositivos Bluetooth\Jardel (2).lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTWUIExt.exe /deviceAddr=b8d9cecec9dc
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dispositivos Bluetooth\jardel.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTWUIExt.exe /deviceAddr=a816b2004b62
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dispositivos Bluetooth\LUDIMILA-PC.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTWUIExt.exe /deviceAddr=cc52af6d241c
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hao123-Brazil\Desinstalar hao123.lnk - C:\Users\Jardel Guimarães\AppData\Roaming\baidu\hao123-br\hao123.1.0.0.1108.exe -uninstall
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hao123-Brazil\Hao123.lnk - C:\Users\Jardel Guimarães\AppData\Roaming\baidu\hao123-br\hao123.1.0.0.1108.exe
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unified Remote\Unified Remote.lnk - C:\Program Files (x86)\Unified Remote\RemoteServer.exe
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unified Remote\Uninstall.lnk - C:\Windows\System32\msiexec.exe /x {3E68D2F8-0DF1-4EBD-9039-34FBAB4414B9}
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual do console RAR.lnk - C:\Program Files (x86)\WinRAR\Rar.txt
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Baidu Antivirus.lnk - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Bav.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Uninstall.lnk - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Baidu PC Faster.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe -startmenu
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Feedback.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterFeedback.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Uninstall.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\UninstCaller.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Uninstall Google Earth Plug-in.lnk - C:\Windows\SysWOW64\msiexec.exe /x {4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E} FEEDBACK=1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RTEQ\Help.lnk - C:\Program Files (x86)\RTEQ\plugins\dsp_rteq.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RTEQ\Readme.lnk - C:\Program Files (x86)\RTEQ\readme.htm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RTEQ\RTEQ.lnk - C:\Program Files (x86)\RTEQ\equalizer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual do console RAR.lnk - C:\Program Files (x86)\WinRAR\Rar.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Hao123.lnk - C:\Users\Jardel Guimarães\AppData\Roaming\baidu\hao123-br\hao123.1.0.0.1108.exe
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9d91276b0be3e46b\pinned.lnk -
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Hao123.lnk - C:\Users\Jardel Guimarães\AppData\Roaming\baidu\hao123-br\hao123.1.0.0.1108.exe
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.lnk - C:\Windows\system32\mspaint.exe
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Wordpad.lnk - C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Calculator.lnk - C:\Windows\system32\calc.exe
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\hpDST.lnk - C:\Program Files (x86)\Hewlett-Packard\Setup Manager\hpDST.exe
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\MPC-HC.lnk - C:\Program Files (x86)\MPC-HC\mpc-hc.exe
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\JARDEL~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{10BB0924-952F-7847-4B1B-E24BBAF2D9F0} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{44A850F8-3F89-FF4C-BC3F-EEA8821A27A5} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9187B25D-8CCB-B3F8-97B5-7DE835FB17F2} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aaaajepeddfdaihpmdgnickofffkdlpb deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\epkopmpbbfggknemfahgeidejckkncni deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mciekghplkkgcmofonmkmlomhkamochd deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mdebcffgnijbblbinknkbefciofebcda deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\mdebcffgnijbblbinknkbefciofebcda deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\JARDEL~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\JARDEL~1\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\JARDEL~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Users\JARDEL~1\AppData\Local\Mozilla\Firefox\Profiles\im7gshso.default\Cache emptied successfully
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=132 folders=20 110326944 bytes)
==== Empty Temp Folders ======================
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\JARDEL~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied


PS: o pc ainda só inicia no modo de segurança.

Compartilhar este post


Link para o post
Compartilhar em outros sites

:seta: Clique com o botão direito do mouse no Zoek.exe e selecione 8vq7ma.jpg

*Copie todo este texto em vermelho abaixo e cole-o no espaço em branco do Zoek:

installedprogs;
chrdefaults;

reset chrome;
chromelook;
ffdefaults;
firefoxlook;
resethosts;

resetieproxy;
hijackthis;
process;
uninstall-list;


*Clique [Run Script]

*Durante o scan a mensagem abaixo será apresentada. Aguarde o término...pode demorar!

Zoek.exe is running now.
Do not start any browser windows, they will be closed automatically.
Please wait! This window will close when finished.
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log

 

*Caso a reinicialização do PC seja solicitada, clique [OK]

:seta: Poste o novo log do Zoek que estará em C:\zoek-results.txt
em sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Segue o log:



Zoek.exe v5.0.0.0 Updated 17-Januari-2014

Tool run by Jardel GuimarÆes on 18/01/2014 at 0:48:29,99.

Microsoft Windows 7 Home Basic 6.1.7601 Service Pack 1 x64

Running in: Safe Mode NETWORK Internet Access Detected

Launched: C:\Users\Jardel Guimarães\Downloads\zoek\zoek.exe [scan all users] [script inserted]


==== Older Logs ======================


C:\zoek-results2014-01-16-174520.log 20927 bytes

C:\zoek-results2014-01-16-174652.log 12737 bytes


==== Reset Hosts File ======================


# Copyright © 1993-2006 Microsoft Corp.

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. Each

# entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

# space.

#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a '#' symbol.

#

# For example:

#

# 102.54.94.97 rhino.acme.com # source server

# 38.25.63.10 x.acme.com # x client host


# localhost name resolution is handle within DNS itself.

127.0.0.1 localhost

::1 localhost


==== Installed Programs ======================


æTorrent

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader X MUI

Adobe Shockwave Player 11.5

Aeria Ignite

Age of Empires III

Age of Mythology

Akamai NetSession Interface

AMCap

Ask Toolbar

Atualiza‡Æo do produto Microsoft Office Excel 2007 Help (KB963678)

Atualiza‡Æo do produto Microsoft Office Outlook 2007 Help (KB963677)

Atualiza‡Æo do produto Microsoft Office Powerpoint 2007 Help (KB963669)

Atualiza‡Æo do produto Microsoft Office Word 2007 Help (KB963665)

aTube Catcher

Audacity 2.0.3

Baidu Antivirus

Baidu PC Faster

Batman: Arkham Asylum

Bejeweled 2 Deluxe

Big City Adventure - New York City

Bing Bar

Blasterball 3

Bounce Symphony

Broadcom 2070 Bluetooth 3.0

Broadcom 802.11 Wireless LAN Adapter

Cake Mania

Cash 'n Back

Chuzzle Deluxe

Controle ActiveX do Windows Live Mesh para Conexäes Remotas

CyberLink PowerDVD 10

CyberLink YouCam

D3DX10

DAEMON Tools Lite

Diner Dash 2 Restaurant Rescue

Dropbox

Eden Eternal PT

Energy Star Digital Logo

ESU for Microsoft Windows 7 SP1

Evernote v. 4.2.2

Facebook Video Calling 2.0.0.447

Farm Frenzy

FATE

Ferramenta Criar um Mundo The SimsT 3 Beta

FormatFactory 3.1.1

Forsaken 0.11.0

Gerenciador de Downloads

Google Chrome

Google Earth Plug-in

Google Talk Plugin

Google Update Helper

Heartwild Solitaire

Hewlett-Packard ACLM.NET v1.2.1.1

Hi-Rez Studios Authenticate and Update Service

Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)

HP Auto

HP Client Services

HP Connection Manager

HP Customer Experience Enhancements

HP Documentation

HP Games

HP On Screen Display

HP Power Manager

HP Quick Launch

HP Setup

HP Setup Manager

HP Software Framework

HP Support Assistant

iba - Revistas Abril

IDT Audio

Insaniquarium Deluxe

Intel® Control Center

Intel® Management Engine Components

Intel® Processor Graphics

Intel® Rapid Storage Technology

Java 7 Update 40

Java Auto Updater

Java 6 Update 24 (64-bit)

Java 6 Update 39

Jewel Quest Solitaire

JoJo's Fashion Show

Junk Mail filter update

Kozaka

LAME v3.99.3 (for Windows)

LG United Mobile Drivers

Mah Jong Medley

Mais jogos da HP Games

Malwarebytes Anti-Malware versÆo 1.75.0.1300

Mesh Runtime

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile PTB Language Pack

Microsoft Application Error Reporting

Microsoft Games for Windows - LIVE

Microsoft Games for Windows - LIVE Redistributable

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office 2010

Microsoft Office Access MUI (Portuguese (Brazil)) 2007

Microsoft Office com Clique para Executar 2010

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

Microsoft Office Professional Plus 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Portuguese (Brazil)) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Portuguese (Brazil)) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

Microsoft Office Starter 2010 - Portuguˆs (Brasil)

Microsoft Office Word MUI (Portuguese (Brazil)) 2007

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft WSE 3.0 Runtime

MKVToolNix 6.3.0

Mozilla Firefox 26.0 (x86 pt-BR)

Mozilla Maintenance Service

MPC-HC 1.6.5.6366

MSVCRT

MSVCRT_amd64

MSXML4 Parser

Namco All-Stars PAC-MAN

Network Play System (Patching)

Norton Internet Security

NVIDIA PhysX

Origin

Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Portuguˆs (Brasil)

Penguins

PhotoScape

Plants vs. Zombies - Game of the Year

Plants vs. Zombies

Polar Bowler

QuickTime

RealDownloader

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealNetworks - Microsoft Visual C++ 2010 Runtime

RealPlayer

Realtek Ethernet Controller Driver

Realtek PCIE Card Reader

RealUpgrade 1.1

Recovery Manager

RTEQ v4.10

RunesOfMagic-PT

Samsung Kies

SAMSUNG USB Driver for Mobile Phones

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

SimCity 4 Deluxe

SkypeT 6.11

Slingo Deluxe

Smite

Synaptics Pointing Device Driver

The Sims

The SimsT 3

The SimsT 3 Ambi‡äes

The SimsT 3 Anos 70, 80, e 90 Cole‡Æo de Objetos

The SimsT 3 Caindo na Noite

The SimsT 3 Cinema Cole‡Æo de Objetos

The SimsT 3 Diesel Cole‡Æo de Objetos

The SimsT 3 Esta‡äes

The SimsT 3 Gera‡äes

The SimsT 3 Ilha Paradis¡aca

The SimsT 3 Showtime

The SimsT 3 Sobrenatural

The SimsT 3 Vida ao Ar Livre Cole‡Æo de Objetos

The SimsT 3 Vida em Alto Estilo Cole‡Æo de Objetos

The SimsT 3 Vida Universit ria

The SimsT 3 Vida Urbana Cole‡Æo de Objetos

Tibia

Unified Remote

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817327) 32-Bit Edition

Update Installer for WildTangent Games App

Vegas Movie Studio 9.0

Virtual Villagers - The Secret City

Visualizador do Microsoft PowerPoint

WebTect

Wedding Dash

Westward

WildTangent Games App (HP Games)

Windows Live Communications Platform

Windows Live Essentials

Windows Live Galeria de Fotos

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinRAR 4.20 (32-bit)

WinZip 17.5

Zuma Deluxe


==== Running Processes ======================


C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe

C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe

C:\Users\Jardel Guimarães\Downloads\zoek\zoek.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cmd.exe


==== FireFox Fix ======================


Deleted from C:\Users\JARDEL~1\AppData\Roaming\Mozilla\Firefox\Profiles\im7gshso.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");


user_pref("browser.search.useDBForOrder", true);


Added to C:\Users\JARDEL~1\AppData\Roaming\Mozilla\Firefox\Profiles\im7gshso.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");


user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);


==== Firefox Extensions Registry ======================


[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [22/12/2012 10:45]


==== Firefox Extensions ======================


AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}


==== Firefox Plugins ======================



==== Chrome Look ======================


HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[29/11/2012 20:35]


==== Reset Google Chrome ======================


Nothing found to reset


==== Reset IE Proxy ======================


Value(s) before fix:

"ProxyOverride"="<local>"

"ProxyEnable"=dword:00000001


Value(s) after fix:

"ProxyEnable"=dword:00000000


==== Uninstall List x64 ======================


æTorrent [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent]

Adobe Flash Player 10 ActiveX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX]

Adobe Flash Player 10 Plugin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin]

Adobe Reader X MUI [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}]

Adobe Shockwave Player 11.5 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Shockwave Player]

Aeria Ignite [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{332CD023-A708-4DD7-98AA-977473129549}]

Aeria Ignite [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Aeria Ignite 1.11.2111]

Aeria Ignite [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Aeria Ignite]

Age of Empires III [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}]

Age of Empires III [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}]

Age of Mythology [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Age of Mythology 1.0]

Akamai NetSession Interface [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Akamai]

AMCap [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AMCap]

Ask Toolbar [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4646332D-5637-006A-76A7-A758B70C0A00}]

aTube Catcher [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\aTube Catcher]

Audacity 2.0.3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Audacity_is1]

Baidu Antivirus [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

Baidu PC Faster [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]

Batman: Arkham Asylum [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}]

Bejeweled 2 Deluxe [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT089453]

Big City Adventure - New York City [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT089490]

Bing Bar [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}]

Blasterball 3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT089308]

Bounce Symphony [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT087330]

Broadcom 2070 Bluetooth 3.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}]

Broadcom 802.11 Wireless LAN Adapter [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Broadcom 802.11 Wireless LAN Adapter]

Cake Mania [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT089359]

Cash 'n Back [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Cash 'n Back]

Chuzzle Deluxe [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT089454]

Controle ActiveX do Windows Live Mesh para Conexäes Remotas [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}]

CyberLink PowerDVD 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}]

CyberLink PowerDVD 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}]

CyberLink YouCam [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{01FB4998-33C4-4431-85ED-079E3EEFE75D}]

CyberLink YouCam [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}]

D3DX10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E09C4DB7-630C-4F06-A631-8EA7239923AF}]

DAEMON Tools Lite [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DAEMON Tools Lite]

Diner Dash 2 Restaurant Rescue [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT087536]

Dropbox [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dropbox]

Eden Eternal PT [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Eden Eternal PT]

Energy Star Digital Logo [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}]

ESU for Microsoft Windows 7 SP1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}]

Evernote v. 4.2.2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F761359C-9CED-45AE-9A51-9D6605CD55C4}]

Facebook Video Calling 2.0.0.447 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}]

Farm Frenzy [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT089328]

FATE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT087361]

Ferramenta Criar um Mundo The SimsT 3 Beta [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{65761BAE-11E8-48FE-B30F-1F01011AB906}]

FormatFactory 3.1.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FormatFactory]

Forsaken 0.11.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Forsaken 0.11.0]

Gerenciador de Downloads [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\379a4a6880a30b62]

Google Chrome [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome]

Google Earth Plug-in [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}]

Google Talk Plugin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2A83AD05-56E6-3FBD-8752-B4143162EF59}]

Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}]

Heartwild Solitaire [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT089489]

Hewlett-Packard ACLM.NET v1.2.1.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6F340107-F9AA-47C6-B54C-C3A19F11553F}]

Hi-Rez Studios Authenticate and Update Service [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}]

HP Auto [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}]

HP Client Services [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}]

HP Connection Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{795AADBF-58C2-42D0-B779-E730702A247E}]

HP Customer Experience Enhancements [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{07FA4960-B038-49EB-891B-9F95930AA544}]

HP Documentation [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B86FB076-3531-4AF4-86CC-68CA36BFF48A}]

HP Games [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent hp Master Uninstall]

HP On Screen Display [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ED1BD69A-07E3-418C-91F1-D856582581BF}]

HP Power Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{872B1C80-38EC-4A31-A25C-980820593900}]

HP Quick Launch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EB58480C-0721-483C-B354-9D35A147999F}]

HP Setup [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{210A03F5-B2ED-4947-B27E-516F50CBB292}]

HP Setup Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AE856388-AFAD-4753-81DF-D96B19D0A17C}]

HP Software Framework [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{230D401C-7342-46E4-BF7C-885B5B55AFB1}]

HP Support Assistant [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}]

iba - Revistas Abril [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\36255574ac5ac56f]

IDT Audio [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}]

Insaniquarium Deluxe [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT087480]

Intel® Control Center [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}]

Intel® Management Engine Components [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}]

Intel® Processor Graphics [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}]

Intel® Rapid Storage Technology [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}]

Java 7 Update 40 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217040FF}]

Java Auto Updater [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}]

Java 6 Update 24 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F86416024FF}]

Java 6 Update 39 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216035FF}]

Jewel Quest Solitaire [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT087490]

JoJo's Fashion Show [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT087385]

Junk Mail filter update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}]

Kozaka [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Kozaka]

LAME v3.99.3 (for Windows) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LAME_is1]

LG United Mobile Drivers [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C2944BE7-9BFF-4EF0-A362-CB3281B7C50D}]

Mah Jong Medley [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT087393]

Malwarebytes Anti-Malware versÆo 1.75.0.1300 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1]

Mesh Runtime [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}]

Microsoft .NET Framework 4 Client Profile [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}]

Microsoft .NET Framework 4 Client Profile PTB Language Pack [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B7693CDE-074B-301C-9584-FC4343696C8B}]

Microsoft Games for Windows - LIVE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B45FABE7-D101-4D99-A671-E16DA40AF7F0}]

Microsoft Games for Windows - LIVE Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B578C85A-A84C-4230-A177-C5B2AF565B8C}]

Microsoft Office com Clique para Executar 2010 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Office14.Click2Run]

Microsoft Office Professional Plus 2007 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PROPLUS]

Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}]

Microsoft SQL Server 2005 Compact Edition [ENU] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}]

Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}]

Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7299052b-02a4-4627-81f2-1818da5d550d}]

Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A49F249F-0C91-497F-86DF-B2585E8E76B7}]

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8220EEFE-38CD-377E-8595-13398D740ACE}]

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}]

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}]

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}]

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}]

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}]

Microsoft WSE 3.0 Runtime [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}]

MKVToolNix 6.3.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MKVToolNix]

Mozilla Firefox 26.0 (x86 pt-BR) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 26.0 (x86 pt-BR)]

Mozilla Maintenance Service [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService]

MPC-HC 1.6.5.6366 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1]

MSVCRT [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}]

MSVCRT_amd64 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D0B44725-3666-492D-BEF6-587A14BD9BD9}]

MSXML4 Parser [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}]

Namco All-Stars PAC-MAN [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT089484]

Network Play System (Patching) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Network Play System (Patching)]

Norton Internet Security [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NIS]

NVIDIA PhysX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6833245E-DD86-479A-882A-8360D62C8194}]

Origin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Origin]

Penguins [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT087394]

PhotoScape [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PhotoScape]

Plants vs. Zombies - Game of the Year [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT089458]

Plants vs. Zombies [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\5a7584a730a2d892214c3d12382ecbf4]

Polar Bowler [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT087396]

QuickTime [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7BE15435-2D3E-4B58-867F-9C75BED0208C}]

RealDownloader [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}]

RealNetworks - Microsoft Visual C++ 2008 Runtime [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}]

RealNetworks - Microsoft Visual C++ 2010 Runtime [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}]

RealPlayer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\RealPlayer 16.0]

Realtek Ethernet Controller Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}]

Realtek PCIE Card Reader [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C1594429-8296-4652-BF54-9DBE4932A44C}]

RealUpgrade 1.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}]

Recovery Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DBCD5E64-7379-4648-9444-8A6558DCB614}]

RTEQ v4.10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\RTEQ_is1]

RunesOfMagic-PT [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\RunesOfMagic-PT]

Samsung Kies [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{758C8301-2696-4855-AF45-534B1200980A}]

Samsung Kies [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}]

SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\25_escape]

SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}]

SimCity 4 Deluxe [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}]

SkypeT 6.11 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}]

Slingo Deluxe [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT087510]

Smite [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}]

Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SynTPDeinstKey]

The Sims [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\The Sims]

The SimsT 3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}]

The SimsT 3 Ambi‡äes [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}]

The SimsT 3 Anos 70, 80, e 90 Cole‡Æo de Objetos [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}]

The SimsT 3 Caindo na Noite [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{45057FCE-5784-48BE-8176-D9D00AF56C3C}]

The SimsT 3 Cinema Cole‡Æo de Objetos [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D0087539-3C57-44E0-BEE7-D779D546CBE1}]

The SimsT 3 Diesel Cole‡Æo de Objetos [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}]

The SimsT 3 Esta‡äes [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3DE92282-CB49-434F-81BF-94E5B380E889}]

The SimsT 3 Gera‡äes [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}]

The SimsT 3 Ilha Paradis¡aca [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}]

The SimsT 3 Showtime [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3BBFD444-5FAB-49F6-98B1-A1954E831399}]

The SimsT 3 Sobrenatural [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}]

The SimsT 3 Vida ao Ar Livre Cole‡Æo de Objetos [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{117B6BF6-82C3-420C-B284-9247C8568E53}]

The SimsT 3 Vida em Alto Estilo Cole‡Æo de Objetos [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{71828142-5A24-4BD0-97E7-976DA08CE6CF}]

The SimsT 3 Vida Universit ria [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}]

The SimsT 3 Vida Urbana Cole‡Æo de Objetos [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}]

Tibia [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Tibia_is1]

Unified Remote [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3E68D2F8-0DF1-4EBD-9039-34FBAB4414B9}]

Update Installer for WildTangent Games App [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App]

Vegas Movie Studio 9.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CF58B132-4C67-4E0A-BE3D-8DADB1E32258}]

Virtual Villagers - The Secret City [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT087513]

WebTect [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{25e4f9bf}]

Wedding Dash [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT087519]

Westward [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT087525]

WildTangent Games App (HP Games) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp]

Windows Live Communications Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D45240D3-B6B3-4FF9-B243-54ECE3E10066}]

Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43B43577-2514-4CE0-B14A-7E85C17C0453}]

Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinLiveSuite]

Windows Live Galeria de Fotos [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F7A46527-DF1F-4B0F-9637-98547E189442}]

Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1B8ABA62-74F0-47ED-B18C-A43128E591B8}]

Windows Live Installer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B0F231F-CE6A-483D-AA23-77B364F75917}]

Windows Live Language Selector [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D07A61E5-A59C-433C-BCBD-22025FA2287B}]

Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9D56775A-93F3-44A3-8092-840E3826DE30}]

Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9DA3F03B-2CEE-4344-838E-117861E61FAF}]

Windows Live Mesh [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{644063FA-ABA3-42AC-A8AC-3EDC0706018B}]

Windows Live Mesh [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DECDCB7C-58CC-4865-91AF-627F9798FE48}]

Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D54A52A8-DF24-4CE8-850B-074CA47DFA74}]

Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EB4DF488-AAEF-406F-A341-CB2AAA315B90}]

Windows Live MIME IFilter [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DA54F80E-261C-41A2-A855-549A144F2F59}]

Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{92EA4134-10D1-418A-91E1-5A0453131A38}]

Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}]

Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}]

Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B33B61FE-701F-425F-98AB-2B85725CBF68}]

Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3336F667-9049-4D46-98B6-4C743EEBC5B1}]

Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83C292B7-38A5-440B-A731-07070E81A64F}]

Windows Live Remote Client [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DF6D988A-EEA0-4277-AAB8-158E086E439B}]

Windows Live Remote Client Resources [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CFF3C688-2198-4BC3-A399-598226949C39}]

Windows Live Remote Service [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}]

Windows Live Remote Service Resources [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A508D5A2-3AC1-4594-A718-A663D6D3CF11}]

Windows Live SOXE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{682B3E4F-696A-42DE-A41C-4C07EA1678B4}]

Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{200FEC62-3C34-4D60-9CE8-EC372E01C08F}]

Windows Live UX Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}]

Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DF71ABBB-B834-41C0-BB58-80B0545D754C}]

Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A726AE06-AAA3-43D1-87E3-70F510314F04}]

Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}]

Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B3BE54A4-8DFE-4593-8E66-56AB7133B812}]

Windows Live Writer Resources [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}]

WinRAR 4.20 (32-bit) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver]

WinZip 17.5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DB}]

Zuma Deluxe [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT089455]


==== HijackThis Entries ======================


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/3

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/3

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O1 - Hosts: ::1 localhost

O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [iMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"

O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe

O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot

O4 - HKLM\..\Run: [Aeria Ignite] "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent

O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Run: [VNT] C:\Program Files (x86)\VNT\vntldr.exe

O4 - HKLM\..\Run: [baidu Antivirus] "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe" -auto

O4 - HKLM\..\Run: [baidu PC Faster 4.0.0.0] "C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe" -auto -start

O4 - HKCU\..\Run: [Google Update] "C:\Users\Jardel Guimarães\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Jardel Guimarães\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Jardel Guimarães\AppData\Local\Akamai\netsession_win.exe"

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [dbeed] C:\Users\Jardel Guimarães\AppData\Roaming\cd\dbeed.js

O4 - HKCU\..\Run: [HW_OPENEYE_OUC_Claro] "C:\Program Files (x86)\Claro\UpdateDog\ouc.exe"

O4 - HKCU\..\Run: [unified Remote v2] C:\Program Files (x86)\Unified Remote\RemoteServer.exe

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')

O4 - Startup: 8d8d.js

O4 - Startup: Dropbox.lnk = ?

O4 - Global Startup: 8d8d.js

O4 - Global Startup: Bluetooth.lnk = ?

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Enviar imagem para Dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Enviar página para Dispositivo &Bluetooth ... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O9 - Extra button: Enviar para Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: Enviar para Dispositivo &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: www.bancobrasil.com.br

O15 - Trusted Zone: www14.bancobrasil.com.br

O15 - Trusted Zone: www2.bancobrasil.com.br

O15 - Trusted Zone: www.bb.com.br

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Baidu Antivirus Service (BAVSvc) - Baidu, Inc. - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe

O23 - Service: Baidu Hips Service (BHipsSvc) - Baidu, Inc. - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

O23 - Service: HP Connection Manager 4.0 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe

O23 - Service: Baidu PC Faster Service 4.0.0.0 (PCFasterSvc_{PCFaster_4.0.0.0}) - Baidu Inc. - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10102 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


==== C:\zoek_backup content ======================


C:\zoek_backup (files=132 folders=20 110326944 bytes)


==== EOF on 18/01/2014 at 0:50:24,69 ======================

Compartilhar este post


Link para o post
Compartilhar em outros sites
:seta: Siga, por gentileza, as dicas deste tutorial:
_______________________________________________________________________
:seta: Clique com o botão direito do mouse no Zoek.exe e selecione 8vq7ma.jpg
*Copie todo este texto em vermelho abaixo e cole-o no espaço em branco do Zoek:

C:\Users\Jardel Guimarães\AppData\Roaming\cd\dbeed.js;f

8d8d.js;z

8d8d.js;a

Ask Toolbar;u

[-HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4646332D-5637-006A-76A7-A758B70C0A00}];r

Bing Bar;u

[-HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}];r

hijackthis;

*Clique [Run Script]
*Durante o scan a mensagem parecida com abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

 

Zoek.exe is running now.
Do not start any browser windows, they will be closed automatically.
Please wait! This window will close when finished.
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log

*Caso a reinicialização do PC seja solicitada, clique [OK]

___________________________________________________________________
:seta: Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta juntamente com o log do Usbfix que estará em C:\UsbFix.txt
Ficamos no aguardo.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Log:

 

Zoek.exe v5.0.0.0 Updated 18-Januari-2014
Tool run by Jardel GuimarÆes on 18/01/2014 at 11:34:08,12.
Microsoft Windows 7 Home Basic 6.1.7601 Service Pack 1 x64
Running in: Safe Mode NETWORK Internet Access Detected
Launched: C:\Users\Jardel Guimarães\Downloads\zoek\zoek.exe [scan all users] [script inserted]
==== Older Logs ======================
C:\zoek-results2014-01-16-174520.log 20927 bytes
C:\zoek-results2014-01-16-174652.log 12737 bytes
C:\zoek-results2014-01-18-025024.log 57419 bytes
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4646332D-5637-006A-76A7-A758B70C0A00}]
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}]
==== Deleting Files \ Folders ======================
"C:\Users\Jardel Guimarães\AppData\Roaming\cd\dbeed.js" not found
"C:\Windows\Installer\3012e61.msi" deleted
"C:\Windows\Installer\f9843.msi" deleted
==== Folders Found ======================
==== Files Found ======================
==== Registry Search Results for "8d8d.js" ======================
No instances of string "8d8d.js" found.
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D23364647365A600677A7A857BC0A000 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\617DD6FF01B79624F991FF0BA74CDC59 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D23364647365A600677A7A857BC0A000 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\617DD6FF01B79624F991FF0BA74CDC59 deleted successfully
==== HijackThis Entries ======================
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/3
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/3
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [iMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [Aeria Ignite] "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [VNT] C:\Program Files (x86)\VNT\vntldr.exe
O4 - HKLM\..\Run: [baidu Antivirus] "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe" -auto
O4 - HKLM\..\Run: [baidu PC Faster 4.0.0.0] "C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe" -auto -start
O4 - HKCU\..\Run: [Google Update] "C:\Users\Jardel Guimarães\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Jardel Guimarães\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Jardel Guimarães\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [dbeed] C:\Users\Jardel Guimarães\AppData\Roaming\cd\dbeed.js
O4 - HKCU\..\Run: [HW_OPENEYE_OUC_Claro] "C:\Program Files (x86)\Claro\UpdateDog\ouc.exe"
O4 - HKCU\..\Run: [unified Remote v2] C:\Program Files (x86)\Unified Remote\RemoteServer.exe
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - Startup: 8c8c.js
O4 - Startup: Dropbox.lnk = ?
O4 - Global Startup: 8c8c.js
O4 - Global Startup: Bluetooth.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Enviar imagem para Dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Enviar página para Dispositivo &Bluetooth ... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Enviar para Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Enviar para Dispositivo &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: www.bancobrasil.com.br
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: www.bb.com.br
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Baidu Antivirus Service (BAVSvc) - Baidu, Inc. - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe
O23 - Service: Baidu Hips Service (BHipsSvc) - Baidu, Inc. - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Connection Manager 4.0 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
O23 - Service: Baidu PC Faster Service 4.0.0.0 (PCFasterSvc_{PCFaster_4.0.0.0}) - Baidu Inc. - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10102 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
==== C:\zoek_backup content ======================
C:\zoek_backup (files=134 folders=20 111533370 bytes)
==== EOF on 18/01/2014 at 11:39:38,00 ======================

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.