Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

fanare

[Resolvido] Pc e browser travando a todo momento!

Recommended Posts

Oi pessoal, to tendo um problema muito constrangedor com meus browsers, ta saindo muita publicidade por todo lugar do browser e nao deixa navegar, pede para atualizar constantemente o adobe flash e instalar outros antivirus. e bloqueia todo o pc deixando o pc dificil de usar, e tambem muitos popups, muitos mesmos. Por favor me ajudem, nao sei o que fazer!!!. Apliquei o ccleaner, spyboot e nada...cada vez fica mais pior. Apliquei o hijackthis aqui, espero que possam me ajudar...

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:31:20, on 13-09-2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP SimplePass\TouchControl.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\HP SimplePass\BioMonitor.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1407968294&from=cor&uid=HitachiXHTS547550A9E384_J2100050JMVASAJMVASAX&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1407968294&from=cor&uid=HitachiXHTS547550A9E384_J2100050JMVASAJMVASAX&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: poriucechop - {1D773FE6-E4AB-874D-F3DE-294F7AB8596B} - C:\Program Files (x86)\poriucechop\Js1AlpjcP.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\IEBHO.DLL
O2 - BHO: Adblocker - {8C82AE6F-1D2E-E38F-77DE-D8E278C7AFAA} - C:\Program Files (x86)\Adblocker\Jv22mNAVn.dll
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll
O2 - BHO: Adblocker - {BEF9081D-B2A4-EA1F-B4E1-9FB2990F4573} - C:\Program Files (x86)\Adblocker\n8bNvXqo.dll
O2 - BHO: SupraSavings - {ca3eae2b-3b20-2e6f-a849-c126d93b6ad3} - C:\Program Files\C6CAB4CF-DAB9-45B9-AE9A-961145402E07\xkymsyyrfh.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll
O3 - Toolbar: HP SimplePass Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\IEBHO.DLL
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\RunOnce: [RocketTab Program Files Data Uninstall] cmd /C rd /Q /S "C:\Program Files (x86)\RocketTab"
O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe\uTorrent.exe" /MINIMIZED
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll
O20 - AppInit_DLLs: c:\progra~2\pc_boo~1\assist~1.dll c:\progra~3\perfor~1\perfor~1.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Update Servicio (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Update Servicio (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
O23 - Service: nuttkoqiez64 - Unknown owner - C:\Program Files\003\nuttkoqiez64.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: scores - Unknown owner - C:\Windows\score.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SupraSavingsService64 - Unknown owner - C:\Program Files (x86)\C6CAB4CF-DAB9-45B9-AE9A-961145402E07\hmhfslexky64.exe
O23 - Service: TrueAPI Service component (TrueService) - AuthenTec, Inc. - C:\Program Files\Common Files\AuthenTec\TrueService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12526 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Tarde! fanare

 

> Desinstale: Spybot Search & Destroyer ( Este é um software ultrapassado! )

 

> Baixe: < AdwCleaner_Logo2_zps580bcd78.jpg > ( ... par Xplode )

 

> Ao acessar,clique em "Download Now".

> Salve-o no desktop!

 

< Executar_Administrador.jpg >

 

> Clique direito em adwcleaner.exe,e escolha sua execução como administrador.

 

AdwCleaner_Examinar_zps828ed634.jpg

 

> Ps: Dê início ao scan,clicando em "Examinar".

 

AdwCleaner_Limpar_zps06005ae9.jpg

 

> Ao concluir,clique "Limpar" >> Ok >> Ok >> Ok.
> Copie o log ou clique "Relatório".
> Poste: < C:\AdwCleaner\AdwCleaner[s0].txt >

 

A+

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia,

apliquei o adwcleaner e meu browser continua do mesmo jeito...

 

# AdwCleaner v3.310 - Relatório criado 15/09/2014 às 06:39:15
# Atualizado 12/09/2014 por Xplode
# Sistema Operacional : Windows 7 Home Basic Service Pack 1 (64 bits)
# Usuário : User20 - USER20-HP
# Executando de : C:\Users\User20\Desktop\adwcleaner_3.310.exe
# Opção : Limpar

***** [ Serviços ] *****

Serviço Deletada : 248642b4
Serviço Deletada : IePluginServices
Serviço Deletada : netfilter64
Serviço Deletada : nuttkoqiez64
Serviço Deletada : Scores
Serviço Deletada : SupraSavingsService64
Serviço Deletada : {6eaeb8af-e4d9-4df5-b9d7-815f2928cdf7}w64
Serviço Deletada : {6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64
Serviço Deletada : {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\374311380
Pasta Deletada : C:\ProgramData\Adblocker
Pasta Deletada : C:\ProgramData\AVG Secure Search
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\IePluginServices
Pasta Deletada : C:\ProgramData\Isaver
[!] Pasta Deletada : C:\ProgramData\Performance Optimizer
Pasta Deletada : C:\ProgramData\WindowsMangerProtect
Pasta Deletada : C:\ProgramData\cosstminn
Pasta Deletada : C:\ProgramData\DigiSaveerr
Pasta Deletada : C:\ProgramData\poriucechop
Pasta Deletada : C:\ProgramData\SmaRtCoompeare
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
Pasta Deletada : C:\Program Files (x86)\Adblocker
Pasta Deletada : C:\Program Files (x86)\AVG Secure Search
Pasta Deletada : C:\Program Files (x86)\globalUpdate
Pasta Deletada : C:\Program Files (x86)\Isaver
Pasta Deletada : C:\Program Files (x86)\PC_booster
Pasta Deletada : C:\Program Files (x86)\predm
Pasta Deletada : C:\Program Files (x86)\Probit Software
Pasta Deletada : C:\Program Files (x86)\cosstminn
Pasta Deletada : C:\Program Files (x86)\DigiSaveerr
Pasta Deletada : C:\Program Files (x86)\poriucechop
Pasta Deletada : C:\Program Files (x86)\SmaRtCoompeare
Pasta Deletada : C:\Program Files (x86)\Common Files\AVG Secure Search
Pasta Deletada : C:\Program Files\003
Pasta Deletada : C:\Program Files\SupraSavings
Pasta Deletada : C:\Users\Administrador\AppData\Local\Chromatic Browser
Pasta Deletada : C:\Users\Administrador\AppData\Local\torch
Pasta Deletada : C:\Users\Invitado\AppData\Local\Chromatic Browser
Pasta Deletada : C:\Users\Invitado\AppData\Local\torch
Pasta Deletada : C:\Users\Public\Documents\baidu
Pasta Deletada : C:\Users\User20\AppData\Local\Chromatic Browser
Pasta Deletada : C:\Users\User20\AppData\Local\globalUpdate
Pasta Deletada : C:\Users\User20\AppData\Local\PriceMeter
Pasta Deletada : C:\Users\User20\AppData\Local\torch
Pasta Deletada : C:\Users\User20\AppData\Roaming\Activeris
Pasta Deletada : C:\Users\User20\AppData\Roaming\baidu
Pasta Deletada : C:\Users\User20\AppData\Roaming\GroovorioUpdater
Pasta Deletada : C:\Users\User20\AppData\Roaming\Probit Software
Pasta Deletada : C:\Users\User20\Documents\Optimizer Pro
Pasta Deletada : C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\Extensions\3alfJY7@m.com
Pasta Deletada : C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjajobcfdhpjpolbbkfddkiopbdmhldi
Pasta Deletada : C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjajobcfdhpjpolbbkfddkiopbdmhldi
Pasta Deletada : C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\gckpnbjpbdjnlmjmmphnmklkdbhjgpgg
Pasta Deletada : C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\gckpnbjpbdjnlmjmmphnmklkdbhjgpgg
Pasta Deletada : C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpaahgpglgmepnblcmllnnnhpkaioccm
Pasta Deletada : C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpaahgpglgmepnblcmllnnnhpkaioccm
Pasta Deletada : C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpaahgpglgmepnblcmllnnnhpkaioccm
[!] Pasta Deletada : C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjajobcfdhpjpolbbkfddkiopbdmhldi
[!] Pasta Deletada : C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjajobcfdhpjpolbbkfddkiopbdmhldi
[!] Pasta Deletada : C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\gckpnbjpbdjnlmjmmphnmklkdbhjgpgg
[!] Pasta Deletada : C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\gckpnbjpbdjnlmjmmphnmklkdbhjgpgg
[!] Pasta Deletada : C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpaahgpglgmepnblcmllnnnhpkaioccm
[!] Pasta Deletada : C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpaahgpglgmepnblcmllnnnhpkaioccm
[!] Pasta Deletada : C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpaahgpglgmepnblcmllnnnhpkaioccm
[!] Pasta Deletada : C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpaahgpglgmepnblcmllnnnhpkaioccm
[!] Pasta Deletada : C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpaahgpglgmepnblcmllnnnhpkaioccm
[!] Pasta Deletada : C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpaahgpglgmepnblcmllnnnhpkaioccm
Arquivo Deletada : C:\Windows\score.exe
Arquivo Deletada : C:\Windows\System32\drivers\netfilter64.sys
Arquivo Deletada : C:\Windows\System32\roboot64.exe
Arquivo Deletada : C:\Windows\System32\drivers\{6eaeb8af-e4d9-4df5-b9d7-815f2928cdf7}w64.sys
Arquivo Deletada : C:\Windows\System32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64.sys
Arquivo Deletada : C:\Windows\System32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys
Arquivo Deletada : C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\user.js
Arquivo Deletada : C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage

***** [ Tarefas ] *****

Tarefa Deletedo : Groovorio Updater
Tarefa Deletedo : LaunchSignup
Tarefa Deletedo : pricemeterdownloader
Tarefa Deletedo : PC_Booster-S-1337081322

***** [ Atalhos ] *****

***** [ Registro ] *****

Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [search-snacks@search-snacks.com]
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\blmchfpimpbbdmgpcieclabeafkljbhm
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\blmchfpimpbbdmgpcieclabeafkljbhm
Chave Deletedo : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\blmchfpimpbbdmgpcieclabeafkljbhm
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Chave Deletedo : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Chave Deletedo : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Chave Deletedo : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent
Chave Deletedo : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Chave Deletedo : HKLM\SOFTWARE\Classes\S
Chave Deletedo : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Chave Deletedo : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Chave Deletedo : HKLM\SOFTWARE\Classes\speedupmypc
Chave Deletedo : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Chave Deletedo : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Browsers Apps-codedownloader_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Browsers Apps-codedownloader_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\pricemeterd_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\pricemeterd_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\vopackage_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\vopackage_RASMANCS
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Chave Deletedo : HKLM\SOFTWARE\Classes\SmaertCompArEo.SmaertCompArEo
Chave Deletedo : HKLM\SOFTWARE\Classes\SmaertCompArEo.SmaertCompArEo.4.41
Chave Deletedo : HKLM\SOFTWARE\Classes\priceichop.priceichop
Chave Deletedo : HKLM\SOFTWARE\Classes\priceichop.priceichop.3.9
Chave Deletedo : HKLM\SOFTWARE\Classes\.
Chave Deletedo : HKLM\SOFTWARE\Classes\..9
Chave Deletedo : HKLM\SOFTWARE\Classes\Adblocker.Adblocker
Chave Deletedo : HKLM\SOFTWARE\Classes\Adblocker.Adblocker.1.0
Chave Deletedo : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-1337081322
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{248642b4}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{892cc6a3}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_msn-2011_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_msn-2011_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_windows-live-messenger-2009_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_windows-live-messenger-2009_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CA3EAE2B-3B20-2E6F-A849-C126D93B6AD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{10251181-CCC9-FB71-7552-3E5C81491A9C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1D773FE6-E4AB-874D-F3DE-294F7AB8596B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{73f0ef33-7d8e-45dd-8861-682e7d440635}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{8C82AE6F-1D2E-E38F-77DE-D8E278C7AFAA}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{BEF9081D-B2A4-EA1F-B4E1-9FB2990F4573}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA3EAE2B-3B20-2E6F-A849-C126D93B6AD3}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D773FE6-E4AB-874D-F3DE-294F7AB8596B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8C82AE6F-1D2E-E38F-77DE-D8E278C7AFAA}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BEF9081D-B2A4-EA1F-B4E1-9FB2990F4573}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA3EAE2B-3B20-2E6F-A849-C126D93B6AD3}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10251181-CCC9-FB71-7552-3E5C81491A9C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D773FE6-E4AB-874D-F3DE-294F7AB8596B}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{73f0ef33-7d8e-45dd-8861-682e7d440635}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8C82AE6F-1D2E-E38F-77DE-D8E278C7AFAA}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BEF9081D-B2A4-EA1F-B4E1-9FB2990F4573}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA3EAE2B-3B20-2E6F-A849-C126D93B6AD3}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F25AF245-4A81-40DC-92F9-E9021F207706}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10251181-CCC9-FB71-7552-3E5C81491A9C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D773FE6-E4AB-874D-F3DE-294F7AB8596B}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{73f0ef33-7d8e-45dd-8861-682e7d440635}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8C82AE6F-1D2E-E38F-77DE-D8E278C7AFAA}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BEF9081D-B2A4-EA1F-B4E1-9FB2990F4573}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{10251181-CCC9-FB71-7552-3E5C81491A9C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D773FE6-E4AB-874D-F3DE-294F7AB8596B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{73f0ef33-7d8e-45dd-8861-682e7d440635}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C82AE6F-1D2E-E38F-77DE-D8E278C7AFAA}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BEF9081D-B2A4-EA1F-B4E1-9FB2990F4573}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CC865B26-C31D-4D23-B17B-96548EEF03F6}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{10251181-CCC9-FB71-7552-3E5C81491A9C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{1D773FE6-E4AB-874D-F3DE-294F7AB8596B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{73f0ef33-7d8e-45dd-8861-682e7d440635}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{8C82AE6F-1D2E-E38F-77DE-D8E278C7AFAA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{BEF9081D-B2A4-EA1F-B4E1-9FB2990F4573}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D773FE6-E4AB-874D-F3DE-294F7AB8596B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8C82AE6F-1D2E-E38F-77DE-D8E278C7AFAA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BEF9081D-B2A4-EA1F-B4E1-9FB2990F4573}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CC865B26-C31D-4D23-B17B-96548EEF03F6}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Chave Deletedo : HKCU\Software\1ClickDownload
Chave Deletedo : HKCU\Software\AVG Secure Search
Chave Deletedo : HKCU\Software\FreeSoftToday
Chave Deletedo : HKCU\Software\GlobalUpdate
Chave Deletedo : HKCU\Software\Headlight
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\Optimizer Pro
Chave Deletedo : HKCU\Software\RegisteredApplicationsEx
Chave Deletedo : HKCU\Software\simplytech
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\SupHpUISoft
Chave Deletedo : HKCU\Software\TutoTag
Chave Deletedo : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Deletedo : HKCU\Software\AppDataLow\Software\Crossrider
Chave Deletedo : HKCU\Software\AppDataLow\Software\simplytech
Chave Deletedo : HKCU\Software\AppDataLow\Software\suprasavings
Chave Deletedo : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Deletedo : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Chave Deletedo : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Chave Deletedo : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Chave Deletedo : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Chave Deletedo : HKLM\SOFTWARE\AVG Secure Search
Chave Deletedo : HKLM\SOFTWARE\AVG Security Toolbar
Chave Deletedo : HKLM\SOFTWARE\DealPlyLive
Chave Deletedo : HKLM\SOFTWARE\FreeSoftToday
Chave Deletedo : HKLM\SOFTWARE\GlobalUpdate
Chave Deletedo : HKLM\SOFTWARE\Iminent
Chave Deletedo : HKLM\SOFTWARE\PC_Booster
Chave Deletedo : HKLM\SOFTWARE\PriceMeterLiveUpdate
Chave Deletedo : HKLM\SOFTWARE\suprasavings
Chave Deletedo : HKLM\SOFTWARE\SupTab
Chave Deletedo : HKLM\SOFTWARE\supWindowsMangerProtect
Chave Deletedo : HKLM\SOFTWARE\supWPM
Chave Deletedo : HKLM\SOFTWARE\sweet-pageSoftware
Chave Deletedo : HKLM\SOFTWARE\Tutorials
Chave Deletedo : HKLM\SOFTWARE\Uniblue
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7223EDAC-E091-B3C1-BD91-B66CE557800F}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chave Deletedo : [x64] HKLM\SOFTWARE\coupon downloader
Chave Deletedo : [x64] HKLM\SOFTWARE\Iminent
Chave Deletedo : [x64] HKLM\SOFTWARE\suprasavings
Dados Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\pc_boo~1\assist~1.dll
Dados Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\perfor~1\perfor~1.dll
Dados Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\PC_BOO~1\ASSIST~2.DLL
Dados Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\PERFOR~1\PERFOR~2.DLL
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F2E0D3DD9E5E4B74CA43BCE77815E287
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DatamngrCoordinator.exe

***** [ Navegadores ] *****

-\\ Internet Explorer v9.0.8112.16421

Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [start Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [start Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [search Bar]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [search Page]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page]

-\\ Mozilla Firefox v32.0 (x86 pt-BR)

[ Arquivo : C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\prefs.js ]

Linha deletada : user_pref("extensions.acaseyathaniel30hotmailcom63883.63883.internaldb.__ICM_DOWNLOADS__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22%2C%22amazon.com%22%2C%22anthr[...]
Linha deletada : user_pref("extensions.acaseyathaniel30hotmailcom63883.63883.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22%3A%7B%[...]
Linha deletada : user_pref("extensions.ahermanthorne45outlookcom61787.61787.internaldb.__ICM_DOWNLOADS__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22%2C%22amazon.com%22%2C%22anthro[...]
Linha deletada : user_pref("extensions.ahermanthorne45outlookcom61787.61787.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22%3A%7B%2[...]
Linha deletada : user_pref("extensions.crossrider.bic", "1484ae5bd1bc33afbe7e5009c9ea1c4e");
Linha deletada : user_pref("extensions.gquAmissnyIsTs7d.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\[...]

-\\ Google Chrome v36.0.1985.125

[ Arquivo : C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [search Provider] : hxxp://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1QzuyBzz0EtA0ByDyC0EtD0EyDyBtD0B0A0BtN0D0Tzu0SzyyDyCtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyB0FzztD0BtB0B0CtG0A0FtBzytGtAzztBzztGyCtD0ByDtGyBtCtCzytC0B0B0A0B0ByEtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0ByCtCtAyCzy0CtGzz0B0E0DtG0EtC0FyBtG0D0F0A0BtGtB0FyEtCtCtCzy0A0B0CyCtC2Q&cr=191762010&ir=
Deletedo [search Provider] : hxxp://search.gboxapp.com/?category=web&query={searchTerms}&x=0&y=0&language=en
Deletedo [Homepage] : hxxp://search.gboxapp.com/
Deletedo [Extension] : blmchfpimpbbdmgpcieclabeafkljbhm
Deletedo [Extension] : kpaahgpglgmepnblcmllnnnhpkaioccm

*************************

AdwCleaner[R0].txt - [39695 octets] - [15/09/2014 06:37:14]
AdwCleaner[s0].txt - [35554 octets] - [15/09/2014 06:39:15]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [35615 octets] ##########

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! fanare

 

> Baixe: < ZHPDiag2.exe > < NicolasCoolman.jpg > ( ... de Nicolas Coolman )
> Salve-o no disco local! ( C ou D )
> Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta.

 

ZHPDiag_Pergaminho2_zps6e758639.jpg

 

> Execute o ícone do pergaminho. ( ZHPDiag )

 

ZHPDiagCompleta_zpse85ea35b.jpg

 

> Clique "COMPLETA" e aguarde a conclusão!
> Clique OK e,ao concluir,poste o relatório! ( ZHPDiag.txt )

> Ps: Como o log será extenso,envie-o à Pjjoint.malekal.

 

> Ou acesse: < Cjoint_Logo.jpg >

 

> Maiores informações: < |Link| >

 

A+

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Tarde! fanare

 

> Execute este script na ferramenta ZHPFix.
> Selecione e copie estas informações que estão em vermelho,para o Bloco de Notas.
> Com o Bloco de Notas aberto,faça: ctrl+a >> ctrl+c ( Selecionar e Copiar )
> À seguir,minimize o Bloco de Notas.

 

Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyCLSID
ShorcutFix
EmptyTemp
EmptyFlash
SS - | Auto 10-07-1658 0 | (892cc6a3) . (...) - c:\progra~3\perfor~1\PerformanceOptimizerSvc.dll
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
O23 - Service: Performance Optimizer (892cc6a3) . (...) - c:\progra~3\perfor~1\PerformanceOptimizerSvc.dll (.not file.)
O43 - CFD: 13-09-2014 - 17:15:24 - [] ----D C:\Program Files (x86)\Spybot - Search & Destroy 2
O43 - CFD: 13-09-2014 - 17:13:13 - [] ----D C:\ProgramData\Spybot - Search & Destroy
O42 - Logiciel: DealsFactor - (.DealsFactor.) [HKLM][64Bits] -- {37476589-E48E-439E-A706-56189E2ED4C4}_is1
O42 - Logiciel: PriceChop - (.TheBflix.) [HKLM][64Bits] -- {4113E114-C95E-46D7-A43C-817C9AF0C3E2}
O45 - LFCP:[MD5.3903383D011D712063F8A7CA3DE9ABB9] - 13-09-2014 - 21:15:17 ---A- - C:\Windows\Prefetch\PC_BOOSTER.EXE-E378F3A0.pf
O69 - SBI: SearchScopes [HKCR] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Web Search) - http://search.certified-toolbar.com
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\browsers apps--bg_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\browsers apps--bg_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Browsers Apps--codedownloader_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Browsers Apps--codedownloader_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\groovorio_soft_partner_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\groovorio_soft_partner_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\HomeTab[1]_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\HomeTab[1]_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentUninstall_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentUninstall_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Muvic_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Muvic_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NetCrawlSetup_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NetCrawlSetup_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NetCrawl_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NetCrawl_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NetCrawl_Setup_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NetCrawl_Setup_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\package_costmin_installer_multilang_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\package_costmin_installer_multilang_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SupTab_ns_v5_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SupTab_ns_v5_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TheTorntv V10-codedownloader_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TheTorntv V10-codedownloader_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateNetCrawl_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateNetCrawl_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilNetCrawl_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilNetCrawl_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wpm_ns_v20_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wpm_ns_v20_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\xml_package_groovorio_installer_multilang_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\xml_package_groovorio_installer_multilang_RASMANCS
[HKLM\SYSTEM\CurrentControlSet\Services\892cc6a3]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4113E114-C95E-46D7-A43C-817C9AF0C3E2}]
[HKCU\Software\AppDataLow\Software\GenericAddon]
[HKCU\Software\Probit Software]
[HKCU\Software\UpToDown]
[HKLM\Software\SupraSavings ]
[HKLM\Software\Wow6432Node\Browsers Apps-nv]
C:\ProgramData\DealsFactor
C:\ProgramData\InstallMate
C:\Users\User20\AppData\Local\com
ServiceStop:892cc6a3

 

> Abra a ferramenta ZHPFix. < ZHPFix_logo2_zpsea0f2aa4.jpg >

 

> Clique IMPORTAÇÃO >> OK.
> Ps: Ao clicar "OK",verifique se o campo está limpo para que receba,somente,as informações do script.
> Clique "GO".
> Poste o relatório!

 

A+

Compartilhar este post


Link para o post
Compartilhar em outros sites

relatorio do ZhpFix...

 

Rapport de ZHPFix 2014.8.3.6 par Nicolas Coolman, Update du 03/08/2014
Fichier d'export Registre :
Run by User20 at 15-09-2014 15:02:58
High Elevated Privileges : OK
Windows 7 Home Basic Edition, 64-bit Service Pack 1 (Build 7601)

Vaciada papelera de reciclaje (00mn 06s)
Prefetcher de reciclaje

========== Software ==========
ELIMINA: DealsFactor

========== Servicios estatales ==========
892cc6a3 Detenido

========== Claves del registro ==========
ELIMINA: Service: 892cc6a3
ELIMINA: SearchScopes :{afdbddaa-5d3f-42ee-b79c-185a7020515b}
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\browsers apps--bg_RASAPI32
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\browsers apps--bg_RASMANCS
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Browsers Apps--codedownloader_RASAPI32
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Browsers Apps--codedownloader_RASMANCS
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\groovorio_soft_partner_RASAPI32
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\groovorio_soft_partner_RASMANCS
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentUninstall_RASAPI32
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentUninstall_RASMANCS
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Muvic_RASAPI32
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Muvic_RASMANCS
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NetCrawlSetup_RASAPI32
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NetCrawlSetup_RASMANCS
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NetCrawl_RASAPI32
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NetCrawl_RASMANCS
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NetCrawl_Setup_RASAPI32
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NetCrawl_Setup_RASMANCS
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\package_costmin_installer_multilang_RASAPI32
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\package_costmin_installer_multilang_RASMANCS
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SupTab_ns_v5_RASAPI32
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SupTab_ns_v5_RASMANCS
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TheTorntv V10-codedownloader_RASAPI32
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TheTorntv V10-codedownloader_RASMANCS
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateNetCrawl_RASAPI32
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateNetCrawl_RASMANCS
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilNetCrawl_RASAPI32
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilNetCrawl_RASMANCS
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wpm_ns_v20_RASAPI32
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wpm_ns_v20_RASMANCS
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\xml_package_groovorio_installer_multilang_RASAPI32
ELIMINA: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\xml_package_groovorio_installer_multilang_RASMANCS
ELIMINA:* HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4113E114-C95E-46D7-A43C-817C9AF0C3E2}
ELIMINA: HKCU\Software\AppDataLow\Software\GenericAddon
ELIMINA: HKCU\Software\Probit Software
ELIMINA: HKCU\Software\UpToDown
ELIMINA:* HKLM\Software\SupraSavings
ELIMINA: HKLM\Software\Wow6432Node\Browsers Apps-nv

========== Los valores del registro ==========
AUSENCIA de valor perfil estándar: FirewallRaz :
AUSENCIA de valor Perfil de dominio: FirewallRaz :
ELIMINA: FirewallRaz (None) : {DFF7DC2F-F9C9-4448-BAF2-D8D21360BEC8}
ELIMINA: FirewallRaz (None) : {EDD1E561-8BC2-4C50-833E-9C3D29856D55}
ELIMINA: FirewallRaz (None) : {4BFF88C3-E7C4-4515-B955-BB8068E0DC1C}

========== Elementos de los datos del registro ==========
ELIMINA: R1 Search Page = <-loopback>

========== Carpetas ==========
ELIMINA: C:\Users\User20\AppData\Local\{0CF01B21-C76A-4721-BE1F-2840A5382079}
ELIMINA: C:\Users\User20\AppData\Local\{30B95174-AE7A-4886-A592-2C1C53CD5758}
ELIMINA: C:\Users\User20\AppData\Local\{5B4AA0C1-0C7D-4D88-90C3-5B048F296183}
ELIMINA: C:\Users\User20\AppData\Local\{8E08FD3E-22D6-4115-B33C-C326276A6233}
ELIMINA: C:\Users\User20\AppData\Local\{BD7E6F27-26AB-4931-8C55-229267380BE1}
ELIMINA: C:\Users\User20\AppData\Local\{C36DD9C3-D31F-4888-B6D3-8949398FB025}
Borra las ventanas temporales (134)
ELIMINA las Cookies de flash (0)
ELIMINA: C:\Program Files (x86)\Spybot - Search & Destroy 2
ELIMINA: C:\ProgramData\Spybot - Search & Destroy
ELIMINA: c:\programdata\dealsfactor
ELIMINA: c:\programdata\installmate
ELIMINA: c:\users\user20\appdata\local\com

========== Archivos ==========
Borra las ventanas temporales (329) (256.083.572 octets)
ELIMINA las Cookies de flash (0) (0 octets)
ELIMINA: c:\windows\prefetch\pc_booster.exe-e378f3a0.pf

========== Otros ==========
NO TRATADO ShorcutFix

========== Resumen ==========
38 : Claves del registro
5 : Los valores del registro
1 : Elementos de los datos del registro
13 : Carpetas
3 : Archivos
1 : Software
1 : Servicios estatales
1 : Otros

End of clean in 00mn 54s

========== Ruta de acceso al informe de archivo ==========
C:\Users\User20\AppData\Roaming\ZHP\ZHPFix[R1].txt - 15-09-2014 15:03:05 [5187]

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Tarde! fanare

 

> Baixe: < Adware Removal Tool > ( ... by techsupportall.com )
> Salve-a no desktop!

 

AdwareRemovalTool_Logo_zpsbb2fdbf0.jpg

 

> Execute o arquivo Adware-Removal-Tool-v3.5.exe <<

 

AdwareRemovalTool_Scan_zps8096f94f.jpg

 

> Dê início a verificação,clicando em Scan.

 

AdwareRemovalTool_Ok_zps3849c402.jpg

 

> Ao concluir seu prescan,clique OK.
> Ps: Cada guia irá mostrar o que será removido!

 

AdwareRemovalTool_Results_zps5b21f2d7.jp

 

> Clique "Next" >> Aguarde!

< Computador >> Windows (C:) >> Program Files >> Adware-Removal-Tool >> Reports >> Repair_Logs_2014_09_dia_h_min_seg.txt <<

> Poste o relatório!

> Informe se os navegadores,ainda,acusam alguma anormalidade.

 

Abs!

Compartilhar este post


Link para o post
Compartilhar em outros sites

o relatorio é

 

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Adware Removal Tool v3.9
Time: 2014_09_15_15_35_19
OS: Windows 7 - 64 Bit
Account Name: User20
U0L0S37

\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\

Deleted - File - C:\Users\User20\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_br.ask.com_0.localstorage
Deleted - File - C:\Users\User20\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_br.ask.com_0.localstorage-journal
Deleted - File - C:\Users\User20\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_click.rockettab.com_0.localstorage
Deleted - File - C:\Users\User20\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_click.rockettab.com_0.localstorage-journal
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:masterclsid
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825}:dllname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15554B59-1DAB-46BF-93BB-825B348AB720}:apppath
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2C99BE13-63D1-400F-9585-B68A97A1D797}:apppath
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32DF3A0E-D4F3-47ED-9569-5E121BEFE10}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357BD178-AEA3-409C-B096-B5552BDF364}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5664B215-4965-495E-A24C-BCA0719B53}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5A00CBE6-4A38-44E9-A3C2-9A2E76E879DA}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{676E40F2-55A5-4700-A89B-94545DDE5BE6}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6A07CBE5-825E-4F59-B944-DBF3DB1AA6BC}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75B76089-4938-4F5B-A532-BBEA60F952CF}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7600286D-4861-4B81-A4EB-92165A92D3BE}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{79460130-D62-4E4A-9CB1-4E867A2829F8}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D8C7F5F-D85F-4CA4-A0F8-D55843E9E41}:apppath
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{81578E0B-1134-4C40-AA48-5B6ACC3E01F}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A61F9F2F-7F68-44C2-A171-B7CEB551B6BA}:apppath
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8F3522-91A7-45DC-9843-6E34A9745422}:apppath
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ABAE9C6-A601-41F3-A423-95DAE16E235C}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD96C829-4DE8-42BB-BC7A-92954AEBC7C6}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CB28FE72-ACB2-4808-8D25-61F274B034F0}:apppath
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD7DBE35-7AE0-4A51-9F7A-203388B54597}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D2DA91BB-9F4C-4877-B56C-462D6A96B260}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D2DA91BB-9F4C-4877-B56C-462D6A96B260}:apppath
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E01B6D49-EE01-4840-A6F8-B3C45F98281}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E4E37492-CC66-4401-8B28-57C88FD7DA78}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E5E0026D-A0DB-4161-8E64-4816E2D243E}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F2EF52C4-A039-45D8-ABA0-5819DE391B}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3697C7F-FE4D-41E6-9FA7-D810C0B8323C}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3697C7F-FE4D-41E6-9FA7-D810C0B8323C}:apppath
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\windows\Currentversion\Uninstall\{EAF386F0-7205-40F2-8DA6-1BABEEFCBE89}:displayicon
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{472734EA-242A-422B-ADF8-83D1E48CC825}

\\ Finished

 

 

os navegadores voltaram a sua normalidade!!!

Se tiver alguma anormalidade voltarei pedir auxilio rs

Uma ultima coisa... qual é o antivirus que vc me aconselha instalar no meu note e se tiver algum link para fazer download...

Muito muito obrigado!!!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá! fanare

 

> Antivírus bom é aquele que não lhe incomoda..rsr...

> Vc não necessita nem acionar o scan manual..tudo no automático e em 2° plano.

 

< Bitdefender Free Edition >

 

> Estou falando do Bitdefender!

> Bom trabalho!

 

A+

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ou! que ruim...

os problemas nos navegadores voltaram... o que fazer? :(

Olá! fanare

 

> Típico sintoma de Modem ou Roteador sequestrado,você sabe resetá-los?

> Execute este escaneamento em Eset,depois você arruma alguém que saiba resetar seu Modem.

 

 

> Baixe: < Eset_smartin_zps130308b3.jpg >

> Salve-o no desktop!

> Desabilite seu antivírus e execute o arquivo esetsmartinstaller_enu.exe <<

> Aceite o contrato e marque: "YES, I accept the Terms of Use"

> Clique: "Start"

 

Eset_Hideadvancedsettings_zpsd4fa6a90.jp

 

> Em "Computer scan settings",marque:

 

<1> Scan archives

<2> Remove found threats

 

> Clique em "Advanced settings" e marque:

 

<1> Scan potentially unwanted applications

<2> Scan for potentially unsafe applications

<3> Enable Anti-Stealth technology

 

> Clique "Change" e marque a caixa "Computador".

> Clique: "Start" >> Aguarde! ( Pode durar algumas horas,esse scan... )

> Ao concluir,clique em "List of found threats".

> Clique em "Export to text file" e salve o relatório no desktop.

> Clique "Back" >> "Finish".

> Poste o relatório!

 

A+

Compartilhar este post


Link para o post
Compartilhar em outros sites

mmmm,... entao aplico o escaneamento com Eset e depois obrigatoriamente preciso resetar o modem para que possam voltar a normalidade os browsers?

Compartilhar este post


Link para o post
Compartilhar em outros sites

mmmm,... entao aplico o escaneamento com Eset e depois obrigatoriamente preciso resetar o modem para que possam voltar a normalidade os browsers?

Olá! fanare

 

> Sim! Precisa do reset...

> Ps: Estas propagandas não estão relacionadas ao Linkbucks?

 

< https://www.linkbucks.com/ >

 

A+

Compartilhar este post


Link para o post
Compartilhar em outros sites

o relatorio do eset é

 

C:\Users\All Users\Wideblue installer\PC_Booster\PC_Booster.exe a variant of Win32/AdWare.MultiPlug.AB application
C:\AdwCleaner\Quarantine\C\Program Files\003\nuttkoqiez64.exe.vir a variant of Win64/Adware.Adpeak.C application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Adblocker\Jv22mNAVn.dll.vir a variant of Win32/AdWare.MultiPlug.BN application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Adblocker\Jv22mNAVn.x64.dll.vir a variant of Win64/Adware.MultiPlug.D application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Adblocker\n8bNvXqo.dll.vir a variant of Win32/AdWare.MultiPlug.BN application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Adblocker\n8bNvXqo.x64.dll.vir a variant of Win64/Adware.MultiPlug.D application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\PC_booster\Assistant.dll.vir a variant of Win32/SProtector.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\PC_booster\AssistantSvc.dll.vir a variant of Win32/SProtector.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\PC_booster\Assistant_x64.dll.vir a variant of Win64/SProtector.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\poriucechop\Js1AlpjcP.dll.vir a variant of Win32/AdWare.MultiPlug.BN application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\poriucechop\Js1AlpjcP.x64.dll.vir a variant of Win64/Adware.MultiPlug.D application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Probit Software\Easy Speed PC\ESPCSmartScan.exe.vir a variant of Win32/Adware.SpeedingUpMyPC.C application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\Adblocker\eXXUGFT40Y.exe.vir a variant of Win32/AdWare.MultiPlug.BN application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\Adblocker\SK2C4xuDH.exe.vir a variant of Win32/AdWare.MultiPlug.BN application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir Win32/ELEX.AV potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\Performance Optimizer\PerformanceOptimizer.dll.vir a variant of Win32/SProtector.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\Performance Optimizer\PerformanceOptimizer_x64.dll.vir a variant of Win64/SProtector.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\poriucechop\lTmBTlVN5e.exe.vir a variant of Win32/AdWare.MultiPlug.BN application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Windows\score.exe.vir Win32/Agent.WGA trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir a variant of Win64/Systweak.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\netfilter64.sys.vir a variant of Win64/Riskware.NetFilter.F application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64.sys.vir a variant of Win64/Riskware.NetFilter.F application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys.vir a variant of Win64/Riskware.NetFilter.F application cleaned by deleting - quarantined
C:\Program Files\Adware-Removal-Tool\ARTP3.exe MSIL/FakeTool.PS trojan cleaned by deleting - quarantined
C:\Program Files\Adware-Removal-Tool\Quarantine\Google Chrome\Default\File System\001\t\00\00000000 Win32/AdWare.1ClickDownload.AT application cleaned by deleting - quarantined
C:\Program Files\Adware-Removal-Tool\Quarantine\Google Chrome\Default\File System\002\t\00\00000000 a variant of Win32/SoftPulse.J potentially unwanted application deleted - quarantined
C:\Program Files\Adware-Removal-Tool\Quarantine\Google Chrome\Default\File System\003\t\00\00000000 a variant of Win32/SoftPulse.J potentially unwanted application deleted - quarantined
C:\Program Files\C6CAB4CF-DAB9-45B9-AE9A-961145402E07\xkymsyyrfh.dll a variant of Win32/AdWare.CouponAmazing.B application cleaned by deleting - quarantined
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegClean.exe probably a variant of Win32/Systweak potentially unwanted application deleted - quarantined
C:\Program Files (x86)\C6CAB4CF-DAB9-45B9-AE9A-961145402E07\hmhfslexky64.exe a variant of Win64/Adware.Adpeak.F application cleaned by deleting - quarantined
C:\ProgramData\Wideblue installer\PC_Booster\PC_Booster.exe a variant of Win32/AdWare.MultiPlug.AB application cleaned by deleting - quarantined
C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000000 Win32/AdWare.1ClickDownload.AT application cleaned by deleting - quarantined
C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000000 a variant of Win32/SoftPulse.J potentially unwanted application deleted - quarantined
C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000000 a variant of Win32/SoftPulse.J potentially unwanted application deleted - quarantined
C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\extensions\caseyathaniel30@hotmail.com\extensionData\plugins\91.js JS/Toolbar.Crossrider.B potentially unwanted application deleted - quarantined
C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\91.js JS/Toolbar.Crossrider.B potentially unwanted application deleted - quarantined
C:\Users\User20\AppData\Roaming\ZHP\ZHPExportRegistry-15-09-2014-15-03-05.txt JS/Toolbar.Crossrider.B potentially unwanted application deleted - quarantined
C:\Users\User20\AppData\Roaming\ZHP\Quarantine\installmate.DIR\{B3A2F910-8FC9-465C-A4B7-C7EB6841DBE6}\Custom.dll Win32/InstalleRex.M potentially unwanted application deleted - quarantined
C:\Users\User20\AppData\Roaming\ZHP\Quarantine\installmate.DIR\{E8FDCAA6-A1F1-423E-A0D5-E9D3331EE850}\Custom.dll Win32/InstalleRex.M potentially unwanted application deleted - quarantined
C:\Users\User20\Downloads\Adobe fireworks cs3 (1).exe a variant of Win32/AdWare.Midia.A application cleaned by deleting - quarantined
C:\Users\User20\Downloads\Adobe fireworks cs3.exe a variant of Win32/AdWare.Midia.A application cleaned by deleting - quarantined
C:\Users\User20\Downloads\ccleaner-4-16-4736-32-bits.exe a variant of Win32/InstallCore.QL potentially unwanted application deleted - quarantined
C:\Users\User20\Downloads\CCleaner_4164763(01).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\User20\Downloads\CCleaner_4164763.exe a variant of Win32/UltraDownloads.E potentially unwanted application deleted - quarantined
C:\Users\User20\Downloads\driver_updater (1).exe a variant of Win32/SoftPulse.J potentially unwanted application deleted - quarantined
C:\Users\User20\Downloads\driver_updater (2).exe a variant of Win32/SoftPulse.J potentially unwanted application deleted - quarantined
C:\Users\User20\Downloads\driver_updater (3).exe a variant of Win32/SoftPulse.J potentially unwanted application deleted - quarantined
C:\Users\User20\Downloads\driver_updater.exe a variant of Win32/SoftPulse.J potentially unwanted application deleted - quarantined
C:\Users\User20\Downloads\flash_player_14_plugin (1).exe a variant of Win32/SoftPulse.J potentially unwanted application deleted - quarantined
C:\Users\User20\Downloads\flash_player_14_plugin(1).exe a variant of Win32/SoftPulse.L potentially unwanted application deleted - quarantined
C:\Users\User20\Downloads\flash_player_14_plugin.exe a variant of Win32/SoftPulse.J potentially unwanted application deleted - quarantined
C:\Users\User20\Downloads\FuzeZipSetup-r186-w-bi.exe a variant of Win32/KoyoteLab.A potentially unwanted application deleted - quarantined
C:\Users\User20\Downloads\HijackThis_204.exe a variant of Win32/UltraDownloads.E potentially unwanted application deleted - quarantined
C:\Users\User20\Downloads\iL10Setup-r514-t-bi.exe Win32/Toolbar.SearchSuite potentially unwanted application deleted - quarantined
C:\Users\User20\Downloads\javaupdate_setup.exe a variant of Win32/AdWare.iBryte.BF application cleaned by deleting - quarantined
C:\Users\User20\Downloads\jurassic-park-torrent--bluray-rip-1080p-3d-dublado-1993.exe a variant of Win32/AdWare.CNBTech.D application cleaned by deleting - quarantined
C:\Users\User20\Downloads\mkv-player-2-1-17-es.exe a variant of Win32/InstallCore.PL potentially unwanted application deleted - quarantined
C:\Users\User20\Downloads\New_Player (1).exe a variant of Win32/SoftPulse.L potentially unwanted application deleted - quarantined
C:\Users\User20\Downloads\New_Player (2).exe a variant of Win32/SoftPulse.L potentially unwanted application deleted - quarantined
C:\Users\User20\Downloads\New_Player (3).exe a variant of Win32/SoftPulse.L potentially unwanted application deleted - quarantined
C:\Users\User20\Downloads\New_Player.exe a variant of Win32/SoftPulse.L potentially unwanted application deleted - quarantined
C:\Users\User20\Downloads\o-rei-le-eo-torrent--bluray-rip-1080p-3d-dublado-1994.exe a variant of Win32/AdWare.CNBTech.D application cleaned by deleting - quarantined
C:\Users\User20\Downloads\setup (1).exe a variant of Win32/AirAdInstaller.A potentially unwanted application deleted - quarantined
C:\Users\User20\Downloads\Setup (2).exe a variant of Win32/SoftPulse.J potentially unwanted application deleted - quarantined
C:\Users\User20\Downloads\Setup (3).exe a variant of Win32/SoftPulse.J potentially unwanted application deleted - quarantined
C:\Users\User20\Downloads\Setup.exe a variant of Win32/SoftPulse.J potentially unwanted application deleted - quarantined
C:\Users\User20\Downloads\SoftonicDownloader_para_plantillas-gratis-para-powerpoint.exe a variant of Win32/SoftonicDownloader.F potentially unwanted application deleted - quarantined
C:\Users\User20\Downloads\utorrent-3-4-2-build-32691-32-bits.exe a variant of Win32/InstallCore.PZ potentially unwanted application deleted - quarantined
C:\Users\User20\Downloads\utorrent-341-build-30888-32-bits.exe a variant of Win32/InstallCore.OG potentially unwanted application deleted - quarantined
C:\Users\User20\Downloads\utorrent-64-bit.exe a variant of Win32/InstallCore.OX potentially unwanted application deleted - quarantined
C:\Windows\Installer\1208acd.msi probably a variant of Win32/Systweak potentially unwanted application deleted - quarantined

 

Se linkbugs sao sites que abren sozinhos no browser e propagandas que enche o browser com minis janelas que nao deixa fazer nada, ... entao é

e nunca resetei o modem :(

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! fanare

 

> Pelo visto,você terá que resetar o Modem.

 

-/-

 

> Faça o download do HitmanPro.

 

< HitmanPro (32bit) >

< HitmanPro (64bit) >

 

> Salve-o em Arquivos de programas ou Program Files.
> Clique direito em "HitmanPro.exe" e execute-o como administrador.
> Clique "Próximo" >> Aceite o Acordo de licença.
> Clique "Próximo" e aguarde a finalização do escaneamento.
> Caso o engenho tenha dificuldades ao iniciar,utilize o modo "Force Breach".
> Basta manter apertada a tecla "Ctrl" esquerda,enquanto você inicia o HitmanPro com duplo clique em seu ícone.
> Ao concluir,clique "Próximo" e ative a licença gratuita.

 

abu1HPue.jpg

 

> Clique,novamente,em "Próximo" para que ocorra a remoção dos objetos detectados.
> Ao concluir,clique "Guardar relatório" e escolha seu desktop!
> Poste o relatório!

 

A+

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite DigRam!

 

Apliquei o Hitman Pro. O registro esta aqui...

 

 

HitmanPro 3.7.9.225
www.hitmanpro.com
   Computer name . . . . : USER20-HP
   Windows . . . . . . . : 6.1.1.7601.X64/2
   User name . . . . . . : User20-HP\User20
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Trial (31 days left)
   Scan date . . . . . . : 2014-09-15 22:03:36
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 7m 9s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : Yes
   Threats . . . . . . . : 1
   Traces  . . . . . . . : 106
   Objects scanned . . . : 1.433.227
   Files scanned . . . . : 38.245
   Remnants scanned  . . : 403.253 files / 991.729 keys
Malware _____________________________________________________________________
   C:\Users\User20\Downloads\mkv-player-2-1-17-es [1].exe -> Quarantined
      Size . . . . . . . : 6.740.514 bytes
      Age  . . . . . . . : 69.1 days (2014-07-08 19:04:29)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : DB561984183D3B2C9B6532EBDED1F8E1A6E7E6A79A861D15906A5118DBB33AAF
      Product  . . . . . : MKV Player                                                 
      Publisher  . . . . :                                                            
      Description  . . . : MKV Player Setup                                           
      Version  . . . . . : 2.1.17
      LanguageID . . . . : 0
    > Kaspersky  . . . . : not-a-virus:WebToolbar.Win32.RK.fv
      Fuzzy  . . . . . . : 103.0

Potential Unwanted Programs _________________________________________________
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ehhlaekjfiiojlddgndcnefflngfmhen_0.localstorage (Iminent) -> Deleted
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\offer0_RASAPI32\ (BrowserSecurity) -> Deleted
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\offer0_RASMANCS\ (BrowserSecurity) -> Deleted
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\optprosetup_RASAPI32\ (PCOptimizerPro) -> Deleted
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\optprosetup_RASMANCS\ (PCOptimizerPro) -> Deleted
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PluginService_RASAPI32\ (Qone8) -> Deleted
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PluginService_RASMANCS\ (Qone8) -> Deleted
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\putfu_RASAPI32\ (SpeedSurfing) -> Deleted
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\putfu_RASMANCS\ (SpeedSurfing) -> Deleted
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\rkinstaller_RASAPI32\ (RelevantKnowledge) -> Deleted
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\rkinstaller_RASMANCS\ (RelevantKnowledge) -> Deleted
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\rlvknlg_RASAPI32\ (RelevantKnowledge) -> Deleted
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\rlvknlg_RASMANCS\ (RelevantKnowledge) -> Deleted
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\umbrella_RASAPI32\ (Iminent) -> Deleted
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\umbrella_RASMANCS\ (Iminent) -> Deleted
   HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\ (FLV Player) -> Deleted
   HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}\ (PCOptimizerPro) -> Deleted
   HKU\S-1-5-18\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\ (FLV Player) -> PendingDelete
   HKU\S-1-5-18\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}\ (PCOptimizerPro) -> PendingDelete
   HKU\S-1-5-19\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}\ (PCOptimizerPro) -> Deleted
   HKU\S-1-5-20\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}\ (PCOptimizerPro) -> Deleted
   HKU\S-1-5-21-2340823659-2091682607-326471706-1000\Software\ForumerIT\ (Bandoo) -> Deleted
Cookies _____________________________________________________________________
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.mlnadvertising.com
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.zanox.com
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:adinterax.com
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.adsrvmedia.com
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.creative-serving.com
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.globo.com
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.mediade.sk
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.minhavida.com.br
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.p161.net
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.yahoo.com
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:adverts.creativemark.co.uk
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:collective-media.net
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:tribalfusion.com
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:ww488.smartadserver.com
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.burstnet.com
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com
   C:\Users\User20\AppData\Local\Google\Chrome\User Data\Default\Cookies:zedo.com
   C:\Users\User20\AppData\Roaming\Microsoft\Windows\Cookies\5Z8YQW3W.txt
   C:\Users\User20\AppData\Roaming\Microsoft\Windows\Cookies\BF7M197J.txt
   C:\Users\User20\AppData\Roaming\Microsoft\Windows\Cookies\O2Q52ONU.txt
   C:\Users\User20\AppData\Roaming\Microsoft\Windows\Cookies\QYKKHU82.txt
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:ad.360yield.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:ad.mlnadvertising.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:ad.zanox.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:adinterax.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:ads.ad-center.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:ads.adsrvmedia.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:ads.adsrvmedia.net
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:ads.creative-serving.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:ads.globo.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:ads.mediade.sk
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:ads.minhavida.com.br
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:ads.p161.net
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:ads.pubmatic.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:ads.yahoo.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:adserv.psafe.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:adservingml.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:adtech.de
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:adtechus.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:advertising.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:adverts.creativemark.co.uk
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:at.atwola.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:atdmt.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:bs.serving-sys.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:burstnet.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:casalemedia.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:clickbank.net
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:collective-media.net
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:doubleclick.net
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:fastclick.net
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:in.getclicky.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:media6degrees.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:oracle.112.2o7.net
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:revsci.net
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:ru4.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:serving-sys.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:smartadserver.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:statcounter.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:track.adform.net
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:track.efiliacao.com.br
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:tribalfusion.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:ww488.smartadserver.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:ww489.smartadserver.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:www.burstnet.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:www.googleadservices.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:xiti.com
   C:\Users\User20\AppData\Roaming\Mozilla\Firefox\Profiles\luf3z819.default\cookies.sqlite:zedo.com

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! fanare

 

###
--\\ Alert Messages
WARNING : Hijacker Proxy found, Clean with ZHPCleaner Tool
###
>
> Creio já ter limpo as entradas do hijacker,por intermédio de ZHPfix.
> Mas existe uma sugestão automática ao uso de ZHPCleaner,que pode não funcionar no Windows 7. (64 bits)
>
> Baixe: < ZHPCleaner_zps71d274df.jpg > ( ... de Nicolas Coolman )

 

> Estando na página,clique 53cb8e11d3f80.jpg
> Salve-a no desktop!
> Execute-a e ao abrir,clique "J'accept/I Agree".

 

ZHPCleaner_Tous_zpsae2ad662.jpg

 

> Para correções mais abrangentes,marque todas as opções disponíveis.
> Clique Réparer.
> Clique Rapport.
> Poste o relatório!

 

A+

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia DigRam...

 

já resetei meu modem... agora tem que aplicar tudo de novo o so ZhpCleaner?


> Para correções mais abrangentes,marque todas as opções disponíveis.

 

aplicando o ZhpCleaner nao consigo marcar todas as opções, só a primeira

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia DigRam...

 

já resetei meu modem... agora tem que aplicar tudo de novo o so ZhpCleaner?

> Para correções mais abrangentes,marque todas as opções disponíveis.

 

aplicando o ZhpCleaner nao consigo marcar todas as opções, só a primeira

Olá! fanare

 

> Aborte o uso do ZHPCleaner,já que essa ferramenta está otimizada para o Windows 8 ou 8.1.

> Poste outro relatório de ZHPDiag,para que veja se necessidade de novo script e se existe,ainda,resquícios do proxy hijacker.

 

A+

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.