Publicidade

Entre para seguir isso  
Seguidores 0
RafaeL Icassati 2

[Resolvido] &nbspLentidão

Patrocínio:

Bom dia, por favor analisem o meu log:

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:16:58, on 08/09/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16660)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Users\My\Desktop\ \Nero\WinAVI 9.0 Portable\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://*.cga.com.cn
O15 - Trusted Zone: http://*.ogdev.net
O15 - Trusted Zone: http://*.sdo.com
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} (GbPluginObj Class) - https://clickbanking.itau.com.br/itau/gbplugin/gbplugin2/cab/GbPluginUni.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O20 - Winlogon Notify: GbPluginUni - C:\PROGRA~2\GbPlugin\gbiehUni.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14265 bytes

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! Rafael Icassati2

 

|- Baixe: < ZHPDiag2.exe > < NicolasCoolman.jpg > ( ... de Nicolas Coolman )
|- Salve-o no disco local! ( C ou D )
|- Execute o ícone do pergaminho. ( ZHPDiag )

abynh7jv.jpg

|- Clique: "CONFIGURE"

ZHPDiag_Options2_zps5a090bf7.jpg

|- Clique: "Options" >> "All" >> OK

ZHPDiag_FullAnalysis_zps60157826.jpg

|- Clique: "CONFIGURE" >> "Full Analysis"
|- Aguarde a conclusão!
|- Caso ocorra travamentos e não possa obter o log,aborte a verificação completa e faça a customizada.
|- Volte a janela principal da ferramenta.

adcYraWj.jpg

|- Clique "SEARCH" e aguarde a conclusão!
|- Ou clique "Options" >> "None".

ZHPDiag_AdditionalScan_zps21f11520.jpg

|- Marque,apenas,a opção "Additional Scan (O88)".

~ Unselected Option:

O1,039,O40,O41,O42,O43,O44,O45,O46,O47,
O48,O49,O50,O51,O52,O53,O54,O55,O56,O57,
O58,O59,O60,O61,O62,O63,O64,O65,O66,O67,
O68,O69,O80,O81,O82,O83,O84,O85,O86,O87,
O89,O90,O91,O92

####

|- Desta forma,estas opções serão desabilitadas!

zhpdia11.png

|- Clique OK e,ao concluir,poste o relatório! ( ZHPDiag.txt )
|- Ps: Se o log for extenso,envie-o à Pjjoint.malekal.

|- Ou acesse: < Cjoint_Logo.jpg >

|- Maiores informações: < |Link| >

A+

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! RafaeL Icassati2

|- Baixe: < http://mystart.incredibar.com =>Adware.IncrediBar
M2 - MFEP: prefs.js [My - 1q6lsz8d.default\a2fskh@eauipfqfw.edu] [] savvenshhaRE v5.10 (..) =>Adware.SaveShare
M2 - MFEP: prefs.js [My - 1q6lsz8d.default\ooa_ooioa@cubwugm.net] [] ssafE isiavue v1.5 (..) =>Adware.SafeSave
M2 - MFEP: prefs.js [My - 1q6lsz8d.default\vqr4.oy@xskxfzeau-oyi.co.uk] [] saofee ssaive v1.5 (..) =>Adware.SafeSave
[MD5.F498F9A6044DE57744BD465662E6AD77] [APT] [bHO updater] (...) -- C:\Program Files (x86)\Internet Explorer\Updater.exe [117760]
O42 - Logiciel: Browser Helper Object - (.APC Soft.) [HKLM][64Bits] -- Browser Helper Object1.4
O42 - Logiciel: OptimizerPro - (.BetterSoft.) [HKLM][64Bits] -- OptimizerPro =>PUP.OptimizerPro
O43 - CFD: 03/09/2013 - 22:12:26 - [2,944] ----D C:\ProgramData\InstallMate
O43 - CFD: 23/08/2013 - 10:38:51 - [0] ----D C:\ProgramData\StarApp
O43 - CFD: 04/09/2013 - 07:52:25 - [0] ----D C:\Program Files (x86)\Baidu Security
O43 - CFD: 18/01/2013 - 19:37:35 - [2,258] ----D C:\Program Files (x86)\Browser Helper Object
O43 - CFD: 24/08/2013 - 09:19:27 - [0] ----D C:\ProgramData\Babylon =>Toolbar.Babylon
O43 - CFD: 04/09/2013 - 07:52:29 - [0,002] ----D C:\ProgramData\Baidu Security
O43 - CFD: 03/09/2013 - 22:12:23 - [0,025] ----D C:\ProgramData\saofee ssaive =>Adware.SafeSave
O43 - CFD: 07/09/2013 - 10:25:09 - [0,013] ----D C:\ProgramData\savvenshhaRE =>Adware.SaveShare
O43 - CFD: 03/09/2013 - 22:12:23 - [0,025] ----D C:\ProgramData\ssafE isiavue =>Adware.SafeSave
O43 - CFD: 04/09/2013 - 07:52:33 - [2,042] ----D C:\Users\My\AppData\Roaming\Baidu Security
O43 - CFD: 24/08/2013 - 09:23:25 - [0] ----D C:\Users\My\AppData\Local\Lollipop =>Adware.Lollipop
O44 - LFC:[MD5.118960D109F52515A0D9369139203D6D] - 04/09/2013 - 07:52:30 RSHAD . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\BprotectEx.sys [76096]
O45 - LFCP:[MD5.CE9318456B50068E8D453D986A5EDEBD] - 09/09/2013 - 07:34:19 ---A- - C:\Windows\Prefetch\HPSF_TASKS.EXE-9FFDF802.pf
O64 - Services: CurCS - 08/08/2013 - C:\Windows\system32\drivers\BprotectEx.sys (BprotectEx) .(.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - LEGACY_BPROTECTEX
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.admin", false); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.aflt", "babsst"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.autoRvrt", "false"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.bbDpng", "24"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.cntry", "BR"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.dfltLng", "pt"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.excTlbr", false); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.ffxUnstlRst", true); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.hdrMd5", "C1E0EA28026B7B86D822036AC137EB09"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.hpFFXOld", "http://www.google.com.br/"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.id", "284790bb000000000000705ab68ec19e"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.instlDay", "15941"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.instlRef", "sst"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.kwURLOld", "http://www.bing.com/search?FORM=UP97DF&PC=UP97&q="); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.lastB", "http://www.google.com.br/"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.8.24.69:19:50"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.newTab", false); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"72\",\"lastVrsn\":\"72\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\[...] =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.prtkDS", 0); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.prtkHmpg", 0); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.rvrt", "false"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.sg", "azb"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.smplGrp", "none"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.tlbrId", "base"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=284790bb000000000000705ab68ec1[...] =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.vrsn", "1.8.24.6"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.vrsnTs", "1.8.24.69:19:50"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.vrsni", "1.8.24.6"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar_i.babExt", ""); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar_i.babTrack", "affID=123494&tsp=4984"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("sweetim.toolbar.previous.browser.startup.homepage", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("sweetim.toolbar.previous.keyword.URL", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*"); =>PUP.SweetIM
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "1"); =>PUP.SweetIM
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "1"); =>PUP.SweetIM
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("sweetim.toolbar.searchguard.enable", "false"); =>PUP.SweetIM
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("aol_toolbar.default.homepage.check", false);
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("aol_toolbar.default.search.check", false);
O87 - FAEL: "{8339143A-5A69-4CE9-91E9-BDB503E7917F}" |In - Private - P6 - TRUE | .(...) -- C:\Levelup Games\Grand Chase\main.exe (.not file.)
O87 - FAEL: "{3514E523-0FCD-48A1-9D9B-058645C5B473}" |In - Private - P17 - TRUE | .(...) -- C:\Levelup Games\Grand Chase\main.exe (.not file.)
O87 - FAEL: "TCP Query User{ACC0102E-91F1-4923-BB23-667A30CB8CFB}C:\users\my\appdata\local\apps\2.0\gw8xpkye.8kv\17qe1x7v.3pm\leve..tion_d2c9776e4c5c026e_0000.0009_56dd4697dc5712d0\levelup.downloaderclient.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\my\appdata\local\apps\2.0\gw8xpkye.8kv\17qe1x7v.3pm\leve..tion_d2c9776e4c5c026e_0000.0009_56dd4697dc5712d0\levelup.downloaderclient.exe (.not file.)
O87 - FAEL: "UDP Query User{5754F352-477D-49AB-9BA6-D3B35D73FB54}C:\users\my\appdata\local\apps\2.0\gw8xpkye.8kv\17qe1x7v.3pm\leve..tion_d2c9776e4c5c026e_0000.0009_56dd4697dc5712d0\levelup.downloaderclient.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\my\appdata\local\apps\2.0\gw8xpkye.8kv\17qe1x7v.3pm\leve..tion_d2c9776e4c5c026e_0000.0009_56dd4697dc5712d0\levelup.downloaderclient.exe (.not file.)
O87 - FAEL: "{B1EE6552-340E-4921-A9DE-CC0D08781097}" |In - Private - P6 - FALSE | .(...) -- C:\Users\My\AppData\Local\Temp\nsqB38.tmp\incredimail_Setup.exe (.not file.)
O87 - FAEL: "{CFD2A47D-15EF-474D-8C66-94BE7DC8751A}" |In - Private - P17 - FALSE | .(...) -- C:\Users\My\AppData\Local\Temp\nsqB38.tmp\incredimail_Setup.exe (.not file.)
O87 - FAEL: "{EA411FFE-CD7E-4374-866C-5C8524DC80CD}" |In - Private - P6 - TRUE | .(...) -- C:\Ongame\MercuryRed\MercuryClient.exe (.not file.)
O87 - FAEL: "{DAA081EB-6C6E-4237-B9A0-78689658F9DD}" |In - Private - P17 - TRUE | .(...) -- C:\Ongame\MercuryRed\MercuryClient.exe (.not file.)
O87 - FAEL: "TCP Query User{DF441EEE-2510-4EC7-8D32-B024DD260CEB}C:\users\my\desktop\microsoft.visio.2010.std.pro.premium.with.sp1-zwtiso\crack\keygen.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\my\desktop\microsoft.visio.2010.std.pro.premium.with.sp1-zwtiso\crack\keygen.exe (.not file.)
O87 - FAEL: "UDP Query User{523A45C3-FEAB-4401-A83D-A28A6E425D83}C:\users\my\desktop\microsoft.visio.2010.std.pro.premium.with.sp1-zwtiso\crack\keygen.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\my\desktop\microsoft.visio.2010.std.pro.premium.with.sp1-zwtiso\crack\keygen.exe (.not file.)

[HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>Toolbar.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>Toolbar.Tarma
[HKLM\Software\Wow6432Node\IncrediMail]
[HKCU\Software\Yahoo] =>Toolbar.Yahoo^
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\BabylonToolbar] =>Toolbar.Babylon
[HKCU\Software\Baidu Security]
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKLM\Software\Wow6432Node\360Safe]
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\SP Global] =>PUP.AdvancedSystemProtector
[HKLM\Software\Wow6432Node\SProtector] =>PUP.Mocaflix
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro] =>PUP.OptimizerPro^
[HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
[HKCU\Software\BabylonToolbar] =>Toolbar.Babylon
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\SP Global] =>PUP.AdvancedSystemProtector
[HKLM\Software\Wow6432Node\SProtector] =>PUP.AdvancedSystemProtector
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP] =>Adware.IMBooster
[HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\kkkeikdkpjenmoiicggnnodbkebafgpc] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}] =>Adware.Agent
[HKCU\Software\Classes\MF] =>PUP.MediaFinder
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\desksvc] =>Hijacker.22find
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{47B614AF-B4CC-485B-B331-BE26F02ED4CC}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{47B614AF-B4CC-485B-B331-BE26F02ED4CC}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Browser Helper Object1.4] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}] =>Adware.MagniPic
[HKLM\Software\Wow6432Node\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}] =>Adware.MagniPic
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\eSafeSvc] =>PUP.eSafeSecurity
[HKLM\Software\Wow6432Node\360Safe] =>Trojan.Lozavita
[HKCU\Software\BabSolution] =>Hijacker.BabSolution^
C:\ProgramData\InstallMate =>Toolbar.Tarma
C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp =>Toolbar.Wajam
C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default\a2fskh@eauipfqfw.edu =>Adware.SaveShare^
C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default\ooa_ooioa@cubwugm.net =>Adware.SafeSave^
C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default\vqr4.oy@xskxfzeau-oyi.co.uk =>Adware.SafeSave^
C:\ProgramData\Babylon =>Toolbar.Babylon^
C:\ProgramData\Baidu Security
C:\Program Files (x86)\Baidu Security
C:\ProgramData\saofee ssaive =>Adware.SafeSave^
C:\ProgramData\savvenshhaRE =>Adware.SaveShare^
C:\ProgramData\ssafE isiavue =>Adware.SafeSave^
C:\Users\My\AppData\Local\Lollipop =>Adware.Lollipop^
C:\Program Files (x86)\Browser Helper Object =>Toolbar.Babylon
C:\Program Files (x86)\Internet Explorer\cr_addon.crx =>Toolbar.Babylon

emptytemp
emptyflash
emptyclsid
firewallraz

|- Poste o relatório!

At+

Editado por DigRam
Incluir linha de comando!
0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite DigRam!

 

# AdwCleaner v3.003 - Relatório criado 09/09/2013 no 22:21:45
# Atualizado 07/09/2013 por Xplode
# Sistema Operacional : Windows 7 Home Premium Service Pack 1 (64 bits)
# Usuário : My - MY-PC
# Executando de : C:\Users\My\Desktop\adwcleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

[#] Serviço Deletado : dealplylive
[#] Serviço Deletado : dealplylivem
Serviço Deletado : WsysSvc

***** [ Arquivos / Pastas ] *****

Pasta Deletado : C:\SearchProtect
Pasta Deletado : C:\ProgramData\Babylon
Pasta Deletado : C:\ProgramData\BetterSoft
Pasta Deletado : C:\ProgramData\DealPlyLive
Pasta Deletado : C:\ProgramData\eSafe
Pasta Deletado : C:\ProgramData\StarApp
Pasta Deletado : C:\ProgramData\saofee ssaive
Pasta Deletado : C:\ProgramData\savvenshhaRE
Pasta Deletado : C:\ProgramData\ssafE isiavue
Pasta Deletado : C:\Program Files (x86)\DealPly
Pasta Deletado : C:\Program Files (x86)\DealPlyLive
Pasta Deletado : C:\Users\My\AppData\Local\DealPlyLive
Pasta Deletado : C:\Users\My\AppData\Local\lollipop
Pasta Deletado : C:\Users\My\AppData\Local\SwvUpdater
Pasta Deletado : C:\Users\My\AppData\Local\Temp\eIntaller
Pasta Deletado : C:\Users\My\AppData\Roaming\DealPly
Pasta Deletado : C:\Users\My\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Pasta Deletado : C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default\Extensions\{e53a26f5-7199-4a5b-86f5-d2e86854b979}
Pasta Deletado : C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default\Extensions\vqr4.oy@xskxfzeau-oyi.co.uk
Pasta Deletado : C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default\Extensions\ooa_ooioa@cubwugm.net
Pasta Deletado : C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Pasta Deletado : C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\Extensions\goehdmpelkbhjmilajgkjbdmbdohfcdm
Pasta Deletado : C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlpbfbnpdgkajiaoajobpahnabdgomfb
Arquivo Deletado : C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default\\invalidprefs.js
Arquivo Deletado : C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml
Arquivo Deletado : C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default\user.js
Arquivo Deletado : C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Arquivo Deletado : C:\Windows\Tasks\AmiUpdXp.job
Arquivo Deletado : C:\Windows\System32\Tasks\AmiUpdXp
Arquivo Deletado : C:\Windows\Tasks\Dealply.job
Arquivo Deletado : C:\Windows\System32\Tasks\Dealply
Arquivo Deletado : C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
Arquivo Deletado : C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineCore
Arquivo Deletado : C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
Arquivo Deletado : C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA
Arquivo Deletado : C:\Windows\System32\Tasks\DealPlyUpdate

***** [ Atalhos ] *****

Atalho Desinfectada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Atalho Desinfectada : C:\Users\My\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Atalho Desinfectada : C:\Users\My\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Atalho Desinfectada : C:\Users\My\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Atalho Desinfectada : C:\Users\My\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\firefox - Atalho.lnk
Atalho Desinfectada : C:\Users\My\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk

***** [ Registro ] *****

Chave Deleteda : HKLM\SOFTWARE\Classes\AppID\dealplylive.exe
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickCtrl.9
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine.1.0
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLive.Update3WebControl.3
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync.1.0
Chave Deleteda : HKLM\SOFTWARE\Classes\dealplyliveupdate.coreclass
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass.1
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass.1
Chave Deleteda : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine
Chave Deleteda : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine.1.0
Chave Deleteda : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachine
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0
Chave Deleteda : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback
Chave Deleteda : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback.1.0
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc
Chave Deleteda : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclasssvc.1.0
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher.1.0
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService.1.0
Chave Deleteda : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine
Chave Deleteda : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine.1.0
Chave Deleteda : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback
Chave Deleteda : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback.1.0
Chave Deleteda : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc
Chave Deleteda : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc.1.0
Chave Deleteda : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deleteda : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Chave Deleteda : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Chave Deleteda : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3
Chave Deleteda : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9
Chave Deleteda : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Chave Deleteda : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_cheat-engine_RASAPI32
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_cheat-engine_RASMANCS
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_everest_RASAPI32
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_everest_RASMANCS
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_free-wma-to-mp3-converter_RASAPI32
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_free-wma-to-mp3-converter_RASMANCS
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_freez-flv-to-mp3-converter_RASAPI32
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_freez-flv-to-mp3-converter_RASMANCS
Chave Deleteda : HKLM\SOFTWARE\Classes\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Chave Deleteda : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Deleteda : HKLM\SOFTWARE\Classes\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{3A4DBD3A-98CC-41CE-AD21-352D42B6F754}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{C536F080-57B7-46D6-8894-C647553F2889}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deleteda : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Deleteda : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Chave Deleteda : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Deleteda : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deleteda : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Chave Deleteda : HKCU\Software\BabSolution
Chave Deleteda : HKCU\Software\BabylonToolbar
Chave Deleteda : HKCU\Software\DealPly
Chave Deleteda : HKCU\Software\dealplylive
Chave Deleteda : HKCU\Software\Iminent
Chave Deleteda : HKCU\Software\lollipop
Chave Deleteda : HKLM\Software\DealPly
Chave Deleteda : HKLM\Software\dealplylive
Chave Deleteda : HKLM\Software\eSafeSecControl
Chave Deleteda : HKLM\Software\Iminent
Chave Deleteda : HKLM\Software\qvo6Software
Chave Deleteda : HKLM\Software\SP Global
Chave Deleteda : HKLM\Software\SProtector
Chave Deleteda : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSysControl
Chave Deleteda : [x64] HKLM\SOFTWARE\DeviceVM
Chave Deleteda : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Chave Deleteda : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro

***** [ Navegadores ] *****

-\\ Internet Explorer v10.0.9200.16660

Configurações Restaurado : HKCU\Software\Microsoft\Internet Explorer\Main [start Page]
Configurações Restaurado : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restaurado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restaurado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]

-\\ Mozilla Firefox v23.0.1 (pt-BR)

[ Arquivo : C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default\prefs.js ]

Linha deletada : user_pref("aol_toolbar.default.homepage.check", false);
Linha deletada : user_pref("aol_toolbar.default.search.check", false);
Linha deletada : user_pref("browser.newtab.url", "hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&utm_campaign=eXQ&utm_content=hp&from=amt&uid=WDCXWD5000BEKT-60KA9T0_WD-WXA1E51AVM26AVM26&ts=1378775170");
Linha deletada : user_pref("browser.search.defaultenginename", "qvo6");
Linha deletada : user_pref("browser.search.order.1", "qvo6");
Linha deletada : user_pref("browser.search.selectedEngine", "qvo6");
Linha deletada : user_pref("browser.startup.homepage", "hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&utm_campaign=eXQ&utm_content=hp&from=amt&uid=WDCXWD5000BEKT-60KA9T0_WD-WXA1E51AVM26AVM26&ts=1378775170");
Linha deletada : user_pref("extensions.5217429472f7b.scode", "new function(){var a=this;a.domain_storage=\"hxxp://xls.searchfun.in\";a.prefix=\"if72ru4ruh7fewui\";a.conf={\"1\":{\"0\":1,\"1\":86400,\"2\":0,\"3\":0,\"4[...]
Linha deletada : user_pref("extensions.5218127c3c84d.scode", "new function(){var a=this;a.domain_storage=\"hxxp://xls.searchfun.in\";a.prefix=\"if72ru4ruh7fewui\";a.conf={\"1\":{\"0\":1,\"1\":86400,\"2\":0,\"3\":0,\"4[...]
Linha deletada : user_pref("extensions.BabylonToolbar.admin", false);
Linha deletada : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Linha deletada : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Linha deletada : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Linha deletada : user_pref("extensions.BabylonToolbar.bbDpng", "24");
Linha deletada : user_pref("extensions.BabylonToolbar.cntry", "BR");
Linha deletada : user_pref("extensions.BabylonToolbar.dfltLng", "pt");
Linha deletada : user_pref("extensions.BabylonToolbar.excTlbr", false);
Linha deletada : user_pref("extensions.BabylonToolbar.ffxUnstlRst", true);
Linha deletada : user_pref("extensions.BabylonToolbar.hdrMd5", "C1E0EA28026B7B86D822036AC137EB09");
Linha deletada : user_pref("extensions.BabylonToolbar.hpFFXOld", "hxxp://www.google.com.br/");
Linha deletada : user_pref("extensions.BabylonToolbar.id", "284790bb000000000000705ab68ec19e");
Linha deletada : user_pref("extensions.BabylonToolbar.instlDay", "15941");
Linha deletada : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Linha deletada : user_pref("extensions.BabylonToolbar.kwURLOld", "hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=");
Linha deletada : user_pref("extensions.BabylonToolbar.lastB", "hxxp://www.google.com.br/");
Linha deletada : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.8.24.69:19:50");
Linha deletada : user_pref("extensions.BabylonToolbar.newTab", false);
Linha deletada : user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"72\",\"lastVrsn\":\"72\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"false\",\"msgTs\":0,\"lstMsgTs\":\"0\"}");
Linha deletada : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Linha deletada : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Linha deletada : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Linha deletada : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Linha deletada : user_pref("extensions.BabylonToolbar.rvrt", "false");
Linha deletada : user_pref("extensions.BabylonToolbar.sg", "azb");
Linha deletada : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Linha deletada : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Linha deletada : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=284790bb000000000000705ab68ec19e&q=");
Linha deletada : user_pref("extensions.BabylonToolbar.vrsn", "1.8.24.6");
Linha deletada : user_pref("extensions.BabylonToolbar.vrsnTs", "1.8.24.69:19:50");
Linha deletada : user_pref("extensions.BabylonToolbar.vrsni", "1.8.24.6");
Linha deletada : user_pref("extensions.BabylonToolbar_i.babExt", "");
Linha deletada : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=123494&tsp=4984");
Linha deletada : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Linha deletada : user_pref("extensions.OfZvuMbX.scode", "if(window.self==window.top){var script=document.createElement('script');script.type='text/javascript';script.src='//www.superfish.com/ws/sf_main.jsp?dlsource=74[...]
Linha deletada : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Linha deletada : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Linha deletada : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*");
Linha deletada : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "1");
Linha deletada : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "1");
Linha deletada : user_pref("sweetim.toolbar.searchguard.enable", "false");

-\\ Google Chrome v

[ Arquivo : C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleteda : icon_url
Deleteda : search_url
Deleteda : keyword
Deleteda : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [25698 octets] - [09/09/2013 22:11:24]
AdwCleaner[s0].txt - [22747 octets] - [09/09/2013 22:21:45]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [22808 octets] ##########

 

 

 

 

 

 

 

 

 

 

 

 

Rapport de ZHPFix 2013.9.7.2 par Nicolas Coolman, Update du 07/09/2013
Fichier d'export Registre :
Run by My at 09/09/2013 22:42:54
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Reciclagem vazia

========== Softwares ==========
AUSENTE Uninstall Process: c:\program files (x86)\browser helper object\uninstall.exe

========== Processo memória ==========
ELIMINÉ Memory Process: C:\Users\My\AppData\Local\Temp\down.4248.assistant_v3.exe
ELIMINÉ Memory Process: C:\Users\My\AppData\Local\Temp\fbinstupd.exe
ELIMINÉ Memory Process: C:\Users\My\AppData\Local\Temp\lkaseoihcaig.exe
ELIMINÉ Memory Process: C:\Program Files (x86)\Internet Explorer\Updater.exe

========== Modulos memória ==========
ELIMINÉ Memory Module: C:\Users\My\AppData\Local\Temp\sqlite3.dll

========== Chaves do Registo ==========
ELIMINÉ [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Browser Helper Object1.4]
ERRO: Service Legacy: LEGACY_BPROTECTEX
ELIMINÉ*: HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
ELIMINÉ: HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS
ELIMINÉ: HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32
ELIMINÉ*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
ELIMINÉ*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
ELIMINÉ: HKLM\Software\Wow6432Node\IncrediMail
ELIMINÉ: HKCU\Software\Yahoo
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\360Safe
ELIMINÉ*: HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
ELIMINÉ*: HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
ELIMINÉ*: HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
ELIMINÉ*: HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
ELIMINÉ*: HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
ELIMINÉ*: HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
ELIMINÉ*: HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
ELIMINÉ*: HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
ELIMINÉ*: HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
ELIMINÉ*: HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
ELIMINÉ*: HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
ELIMINÉ*: HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
ELIMINÉ*: HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
ELIMINÉ*: HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
ELIMINÉ*: HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
ELIMINÉ*: HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
ELIMINÉ*: HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
ELIMINÉ*: HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
ELIMINÉ*: HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
ELIMINÉ*: HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
ELIMINÉ*: HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
ELIMINÉ*: HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
ELIMINÉ*: HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
ELIMINÉ*: HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
ELIMINÉ*: HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
ELIMINÉ*: HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
ELIMINÉ*: HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
ELIMINÉ*: HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
ELIMINÉ*: HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
ELIMINÉ*: HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
ELIMINÉ*: HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
ELIMINÉ*: HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
ELIMINÉ*: HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
ELIMINÉ*: HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
ELIMINÉ*: HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
ELIMINÉ*: HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
ELIMINÉ*: HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
ELIMINÉ*: HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
ELIMINÉ*: HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
ELIMINÉ*: HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
ELIMINÉ*: HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
ELIMINÉ*: HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
ELIMINÉ*: HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
ELIMINÉ: HKLM\Software\Wow6432Node\Google\Chrome\Extensions\kkkeikdkpjenmoiicggnnodbkebafgpc
ELIMINÉ: HKCU\Software\Classes\MF
ELIMINÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{47B614AF-B4CC-485B-B331-BE26F02ED4CC}
ELIMINÉ: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{47B614AF-B4CC-485B-B331-BE26F02ED4CC}
ELIMINÉ*: HKLM\Software\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
ELIMINÉ: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\eSafeSvc

========== Valores do Registo ==========
ELIMINÉ {8339143A-5A69-4CE9-91E9-BDB503E7917F}
ELIMINÉ {3514E523-0FCD-48A1-9D9B-058645C5B473}
ELIMINÉ TCP Query User{ACC0102E-91F1-4923-BB23-667A30CB8CFB}C:\users\my\appdata\local\apps\2.0\gw8xpkye.8kv\17qe1x7v.3pm\leve..tion_d2c9776e4c5c026e_0000.0009_56dd4697dc5712d0\levelup.downloaderclient.exe
ELIMINÉ UDP Query User{5754F352-477D-49AB-9BA6-D3B35D73FB54}C:\users\my\appdata\local\apps\2.0\gw8xpkye.8kv\17qe1x7v.3pm\leve..tion_d2c9776e4c5c026e_0000.0009_56dd4697dc5712d0\levelup.downloaderclient.exe
ELIMINÉ {B1EE6552-340E-4921-A9DE-CC0D08781097}
ELIMINÉ {CFD2A47D-15EF-474D-8C66-94BE7DC8751A}
ELIMINÉ {EA411FFE-CD7E-4374-866C-5C8524DC80CD}
ELIMINÉ {DAA081EB-6C6E-4237-B9A0-78689658F9DD}
ELIMINÉ TCP Query User{DF441EEE-2510-4EC7-8D32-B024DD260CEB}C:\users\my\desktop\microsoft.visio.2010.std.pro.premium.with.sp1-zwtiso\crack\keygen.exe
ELIMINÉ UDP Query User{523A45C3-FEAB-4401-A83D-A28A6E425D83}C:\users\my\desktop\microsoft.visio.2010.std.pro.premium.with.sp1-zwtiso\crack\keygen.exe
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :
ELIMINÉ FirewallRaz (Public) : {3B06FF2E-E1FC-47D2-8901-0C8B845CEF3B}
ELIMINÉ FirewallRaz (Public) : {49709CC9-DAD3-48FF-A94A-B65ED5AE5B59}
ELIMINÉ FirewallRaz (Domain) : NetPres-In-TCP-NoScope
ELIMINÉ FirewallRaz (Domain) : NetPres-Out-TCP-NoScope
ELIMINÉ FirewallRaz (None) : NetPres-WSD-In-UDP
ELIMINÉ FirewallRaz (None) : NetPres-WSD-Out-UDP
ELIMINÉ FirewallRaz (Public) : NetPres-In-TCP
ELIMINÉ FirewallRaz (Public) : NetPres-Out-TCP
ELIMINÉ FirewallRaz (None) : {C8ED808F-114D-4567-8CFF-839BB5CF7B6A}
ELIMINÉ FirewallRaz (None) : {4A0F7C31-F5F3-4265-9960-E50E11201B14}
ELIMINÉ FirewallRaz (None) : {28AA40B8-11EE-42D7-9928-9FCD0219BB69}
ELIMINÉ FirewallRaz (None) : {E2BCADA7-F9FA-4F97-84B3-B4F8385918CB}
ELIMINÉ FirewallRaz (None) : {18F035AC-D155-4FCC-8C0F-E05AFC319C57}
ELIMINÉ FirewallRaz (None) : {A2B8EEE5-835D-4089-A9F1-397B879E5CA5}
ELIMINÉ FirewallRaz (None) : {F9874522-58C3-469F-B9DC-E3F936E6223F}
ELIMINÉ FirewallRaz (None) : {7D4C1BF1-157C-4CFB-AD7B-04CACC13FB8B}
ELIMINÉ FirewallRaz (Private) : {B2E53216-EFFD-414F-B268-DCB21899E42A}
ELIMINÉ FirewallRaz (Private) : {21EF19DC-602A-4C88-8C25-33FD5A0578A3}
ELIMINÉ FirewallRaz (Private) : {F923EF78-8AB0-45FB-9B01-BB7BEF2509B8}
ELIMINÉ FirewallRaz (Private) : {C5336482-60C6-4091-BC2F-0D59F2B4A6DD}
ELIMINÉ FirewallRaz (Private) : {01FF13CE-0240-48EB-9B13-B0EA6CDEB1B2}
ELIMINÉ FirewallRaz (Private) : {C0B48D6A-529E-4410-828B-F4AE48233B0D}
ELIMINÉ FirewallRaz (Private) : {C0902F6A-6EF9-4578-AA1F-A5A21EB55AB9}
ELIMINÉ FirewallRaz (Private) : {A4BED9BB-A1A9-490E-AA58-96453076BBE4}
ELIMINÉ FirewallRaz (Private) : {6548D86A-E13E-4B7D-96C2-3EC00A854420}
ELIMINÉ FirewallRaz (Private) : {E635D2F1-9A0B-46C1-9E5B-0FF21B7A5ECD}
ELIMINÉ FirewallRaz (Private) : {82AE1416-BD88-481C-B31D-91D9AA0DD37B}
ELIMINÉ FirewallRaz (Private) : {49FD261B-9438-4F8E-9806-352F68BA06F6}
ELIMINÉ FirewallRaz (Private) : {256C1B56-2E9C-4BA6-8F04-8B03F5AE79DA}
ELIMINÉ FirewallRaz (Private) : {AC489CD3-0866-4D1F-81AC-269857BFA1F4}
ELIMINÉ FirewallRaz (Private) : {1300FEE8-448D-49B5-A893-C497C32F16B5}
ELIMINÉ FirewallRaz (Private) : {FFBAFE41-8745-4D15-92DB-E95CEC1EC46E}
ELIMINÉ FirewallRaz (Private) : {91555FC8-0095-4160-8854-2B4F44FAD27A}
ELIMINÉ FirewallRaz (Private) : {2D9EA947-43F7-412C-ADB0-5C1B411416FE}
ELIMINÉ FirewallRaz (Private) : {1024E515-F4BF-434F-B68C-70C3EA95D988}
ELIMINÉ FirewallRaz (Public) : {19F2D4AA-A69B-49F5-A043-0ADD45F28F8E}
ELIMINÉ FirewallRaz (Private) : {9A1654E3-083E-4DA5-9FBB-A5F0E7BF9F7C}
ELIMINÉ FirewallRaz (Private) : {6B9CD2E1-EEA4-4702-B6A9-F40233302555}
ELIMINÉ FirewallRaz (Private) : {14B8BCFC-C60D-4A07-801A-A8C217E6836D}
ELIMINÉ FirewallRaz (Private) : {7EF56B30-A767-4743-96CE-9876D556145D}
ELIMINÉ FirewallRaz (Private) : {F87BFE7B-16E0-4821-AA87-7A644B331292}
ELIMINÉ FirewallRaz (Private) : {8FC51580-DA7C-4824-8BA0-EA28261A468E}
ELIMINÉ FirewallRaz (Private) : {CBF6F262-04E7-427C-A4FF-88BB07E0582F}
ELIMINÉ FirewallRaz (Private) : {FE2C434A-2DBB-48AF-B890-BECBE71A922C}
ELIMINÉ FirewallRaz (Private) : {C5ECD555-4D33-401B-9A7B-D14001D75505}
ELIMINÉ FirewallRaz (Private) : {F7126051-2AF5-49B6-95E5-5D4BDAB26466}
ELIMINÉ FirewallRaz (Private) : {22B5C077-73AB-4DB2-86D7-A5CFFC5E2CC2}
ELIMINÉ FirewallRaz (Private) : {93B3AD0C-FB29-4964-A666-968A3A03B41B}
ELIMINÉ FirewallRaz (Private) : {1FF4BB4F-CC92-46F0-A47A-6951620A2E6C}
ELIMINÉ FirewallRaz (Private) : {C730B92C-EA2A-4461-8648-D37A4959CE60}
ELIMINÉ FirewallRaz (Private) : {5FDE7A16-6E88-4480-8E78-E6B5F7910F86}
ELIMINÉ FirewallRaz (Private) : {6EFB9894-BD34-4899-BA8B-0022960528CF}
ELIMINÉ FirewallRaz (Public) : {3E7AEF5F-33DE-4BA2-9EEB-F178CA7B4A52}
ELIMINÉ FirewallRaz (Private) : {48CFADE9-6025-44CB-BD08-EB05E8BF50BA}
ELIMINÉ FirewallRaz (Private) : {4685D470-F2EA-4EC1-9A5B-64A07E37F69B}
ELIMINÉ FirewallRaz (Private) : {7F8DD097-8E62-45E0-BD76-7CB0E1421BE5}
ELIMINÉ FirewallRaz (Private) : {F120D2BD-B7A6-4AF0-9706-431901C6D540}
ELIMINÉ FirewallRaz (Private) : {E236EDC6-01DD-42FA-815A-D1D74F489B36}
ELIMINÉ FirewallRaz (Private) : {3E5062CC-0CF1-41D4-A2B0-FF4C5485038E}
ELIMINÉ FirewallRaz (Private) : {36022797-0429-4AF9-B42D-1BF02FE1111F}
ELIMINÉ FirewallRaz (Private) : {EDBDB3FC-3B61-4DFC-9934-D65D45BE2A5C}
ELIMINÉ FirewallRaz (Private) : {F7492A9D-AECA-449D-828D-42BC84CFC1E6}
ELIMINÉ FirewallRaz (Private) : {16157B71-EBFD-413E-A924-C57501EEAA8C}
ELIMINÉ FirewallRaz (Private) : {437CB083-6F91-4844-869D-DFD09D62E8BC}
ELIMINÉ FirewallRaz (Private) : {DDECB37B-C9C2-4B8C-8CD4-1FC2840ACD2B}
ELIMINÉ FirewallRaz (Private) : {9BB18390-2B66-48B0-9BFB-068B26A5F337}
ELIMINÉ FirewallRaz (Private) : {DDC9CA20-B68B-4D52-940F-674DC581D473}
ELIMINÉ FirewallRaz (Private) : {416C9A6A-E928-4951-8463-2B2398C2E752}
ELIMINÉ FirewallRaz (Private) : {CF7B568B-56A9-4CA4-B45C-092A04A500AC}
ELIMINÉ FirewallRaz (Private) : {61096D3B-7EBE-4313-8FAA-AD8EE4A3BE2D}
ELIMINÉ FirewallRaz (Private) : {4362E18A-5416-4CA3-8D36-18CF7CE7EF8A}
ELIMINÉ FirewallRaz (Private) : {F1B94AE2-F6B0-4058-98D0-5B3517785E28}
ELIMINÉ FirewallRaz (Private) : {6F27A099-A6E2-49D0-8198-05EFAED23967}
ELIMINÉ FirewallRaz (Private) : {B9A73523-FC7E-42F2-B821-6E0248FE5812}
ELIMINÉ FirewallRaz (Private) : {34D065F3-058A-4456-99D4-3B2B49E44F32}
ELIMINÉ FirewallRaz (Private) : {ED5E5F4D-2964-4B65-980F-286DE148979A}
ELIMINÉ FirewallRaz (Private) : {0C9B45D6-8C99-4969-B2A6-43632223D8FE}
ELIMINÉ FirewallRaz (Private) : {69309560-0723-428E-8B24-6B34AF6F471C}
ELIMINÉ FirewallRaz (Private) : {0EFB5EB4-1C69-4D3A-8ADA-927F4EE36630}
ELIMINÉ FirewallRaz (Private) : {23D2A334-6E1A-44D4-8BB9-2746A7849510}
ELIMINÉ FirewallRaz (Private) : {6831A390-6BC4-4FF9-B06D-0C2B436341AA}
ELIMINÉ FirewallRaz (Private) : {CB616C16-760B-424B-9849-F4DE441F1672}
ELIMINÉ FirewallRaz (Private) : {A3201686-6C13-4C36-BC83-C85913CFD02E}
ELIMINÉ FirewallRaz (Private) : {EDA4D7B9-C1E1-49F9-B49A-0D0EB2637D7C}
ELIMINÉ FirewallRaz (Private) : {6A4492E9-24EA-4FCF-B62A-27896151B0E6}
ELIMINÉ FirewallRaz (Public) : {254D80A4-A844-4505-BF5D-AC51D6EEE6F3}
ELIMINÉ FirewallRaz (Public) : {74B60D15-B021-4870-8EB9-D204DF9921F6}
ELIMINÉ FirewallRaz (Private) : {ADF7E3D5-90B7-402E-82DD-1640E2C182C7}
ELIMINÉ FirewallRaz (Private) : {A94E6C6E-1AFD-4223-8547-3C0B29F8613F}
ELIMINÉ FirewallRaz (Private) : {364EB753-82CC-4151-AE65-C9D89E2E3560}
ELIMINÉ FirewallRaz (Private) : {23A29297-5AAB-4D39-B314-6BE72E027D98}
ELIMINÉ FirewallRaz (Private) : {9C63A46E-C241-4EB4-8181-1389C2878C20}
ELIMINÉ FirewallRaz (Private) : {B17492F5-0F90-49CE-8A53-F0581E5CF78B}
ELIMINÉ FirewallRaz (Private) : {71837E27-3CCC-423D-8632-75E12BCA5FD4}
ELIMINÉ FirewallRaz (Private) : {98D05C6C-D34E-4CAC-BD0C-429218C15A19}
ELIMINÉ FirewallRaz (Private) : {5DF7E2C8-373A-4E92-9176-535B8C332FF1}
ELIMINÉ FirewallRaz (Private) : {EB7AA14F-3E94-407F-8210-22412B2FA55C}
ELIMINÉ FirewallRaz (Private) : {C948BCAA-AF15-4583-9715-FEE5995AF709}
ELIMINÉ FirewallRaz (Private) : {F81F1F76-85B7-4E95-A32C-2D7607A7D42B}
ELIMINÉ FirewallRaz (Private) : {18E92FC3-FB2E-480F-B638-D26E954DEF4A}
ELIMINÉ FirewallRaz (Private) : {917EAF68-28A0-4C59-A5EE-5B7ED7BB31EA}
ELIMINÉ FirewallRaz (Private) : {F6B0D18D-CFE8-43F1-97AE-20D563CC5B78}
ELIMINÉ FirewallRaz (Private) : {C04EA5C1-E51D-44EF-B6D8-5986F969BC9B}
ELIMINÉ FirewallRaz (Private) : {DE325087-411F-4C49-92A2-DE23C360BB4C}
ELIMINÉ FirewallRaz (Private) : {4336158F-4862-45A6-A7B9-4B81C8E13C75}
ELIMINÉ FirewallRaz (Private) : {FF178DF7-E548-45BC-AC01-E2C2D3F9833C}
ELIMINÉ FirewallRaz (Private) : {5AFEA9A7-5EE1-4C4B-BA6E-5D7B463DEEE0}
ELIMINÉ FirewallRaz (Private) : {68319970-0F6D-48B2-BC3E-0424D3CDA00C}
ELIMINÉ FirewallRaz (Private) : {AC402314-0BBA-4CF8-B46E-B44A079E42BB}
ELIMINÉ FirewallRaz (Private) : {88F5DE28-4EE3-4CFE-8091-99C5FA98A91B}
ELIMINÉ FirewallRaz (Private) : {E9FE5234-9F2B-4978-9369-BE3B6F89DF00}
ELIMINÉ FirewallRaz (Private) : {EB3BA4E2-43FA-4242-8713-044F478165D8}
ELIMINÉ FirewallRaz (Private) : {9276CE77-38A2-4265-8B44-27BC928F98FD}
ELIMINÉ FirewallRaz (Private) : {78192540-F418-427F-9ADD-00A1355C350F}
ELIMINÉ FirewallRaz (Private) : {B190BE92-4801-4EC9-B3ED-4D61388932A0}
ELIMINÉ FirewallRaz (Private) : {9C3EA7AC-86B9-42B9-81C5-ABEFD53A48E7}
ELIMINÉ FirewallRaz (Private) : {7C4D3657-44F4-464F-82A3-5AD1CABD0555}
ELIMINÉ FirewallRaz (Private) : {F851E4E3-32E9-4966-A102-0A2129D215D1}
ELIMINÉ FirewallRaz (Private) : {06A7D4B0-7288-4803-BF94-8F9748CB1A90}
ELIMINÉ FirewallRaz (Private) : {FC88A3F8-4E97-4CFF-B44B-64E4F16BDDB6}
ELIMINÉ FirewallRaz (Private) : {DEAB5244-D7B4-42AF-A3EC-23B185034BFA}
ELIMINÉ FirewallRaz (Private) : {EA55A836-CA96-403D-8187-EEBF818AE706}
ELIMINÉ FirewallRaz (Private) : {4E2EEA24-4E24-4FF1-9F3B-81F3091CC713}
ELIMINÉ FirewallRaz (Private) : {4BF6292E-8F90-4C48-AA74-1856A59ED664}
ELIMINÉ FirewallRaz (Private) : {EE82C50E-5B3B-43BD-80D6-9EF49E3FD26B}
ELIMINÉ FirewallRaz (Private) : {F8E52709-7E43-4203-A61E-733384714C72}
ELIMINÉ FirewallRaz (Private) : {E7E67987-5644-49E3-9245-D2BC06087AD8}
ELIMINÉ FirewallRaz (Private) : {A3B23599-750A-459E-A3A2-BE9292AAA7A0}
ELIMINÉ FirewallRaz (Private) : {11C6C1EC-B092-4E38-ADA4-2BAE9F883BA4}
ELIMINÉ FirewallRaz (Private) : {FF629CB8-D48B-4296-A22E-4989A030F76F}
ELIMINÉ FirewallRaz (Private) : {35DECB37-D3FF-40EC-8069-5EDB4005F1A5}
ELIMINÉ FirewallRaz (Private) : {4E0A6303-7C99-43C0-A63C-FA7BA626414F}
ELIMINÉ FirewallRaz (Private) : {D613076C-2E8F-4D59-9719-271B28AC87D0}
ELIMINÉ FirewallRaz (Private) : {8191A2CB-C51B-48F1-8C01-D81C00C52D11}
ELIMINÉ FirewallRaz (Private) : {A68D5020-9346-4983-A3E1-B09ECDD15B39}
ELIMINÉ FirewallRaz (Private) : {9E56B704-685B-4C4D-96D2-DD30829E7D40}
ELIMINÉ FirewallRaz (Private) : {C0D2F289-70E6-4EAD-84C9-B111B9C58B6A}
ELIMINÉ FirewallRaz (Private) : {E6FCFFA3-F54D-43E2-972C-698D65B2D03D}
ELIMINÉ FirewallRaz (Private) : {880D227C-4091-4FFB-90C0-F989A7BC5E1E}
ELIMINÉ FirewallRaz (Private) : {6E18476D-9251-4ACA-9FD6-066BA71CF6D2}
ELIMINÉ FirewallRaz (Private) : {CB366178-229A-4332-BDBB-2A3C7B32C85B}
ELIMINÉ FirewallRaz (Private) : {1E65E83F-94BB-4C2C-85F3-A6CAD1AB5627}
ELIMINÉ FirewallRaz (Private) : {0A6E6903-D5F5-4564-94FE-3B958EDB9D6E}
ELIMINÉ FirewallRaz (Private) : {78EFD7CB-DBCE-4FC3-AC3A-5205E8EE070A}
ELIMINÉ FirewallRaz (Private) : {2384CBE6-BEF2-4733-BAC4-7487643E54DA}
ELIMINÉ FirewallRaz (Private) : {95A489A1-8878-48BB-9A31-12568261B443}
ELIMINÉ FirewallRaz (Private) : {DF93B571-004F-4EDE-B84B-D0FA01280D20}
ELIMINÉ FirewallRaz (Private) : {339D9481-7C19-4F8D-A504-2EBEA10888AD}
ELIMINÉ FirewallRaz (Private) : {682A40E6-A3CB-47C3-9561-E030D6D7C777}
ELIMINÉ FirewallRaz (Private) : {7E1D58D7-4C4A-4BA9-8CBD-3F4A0963E5E9}
ELIMINÉ FirewallRaz (Private) : {507C42EF-F0A3-4346-A935-4F5C080B6FCF}
ELIMINÉ FirewallRaz (Private) : {8FBEB8FA-F7B8-4B9A-A3FA-9726876FB8AF}
ELIMINÉ FirewallRaz (Private) : {B3FF2C99-E592-48B9-81F2-A17547757EDD}
ELIMINÉ FirewallRaz (Private) : {8A1142F5-C872-48FF-844C-E83DB7987A18}
ELIMINÉ FirewallRaz (Private) : {B856514B-C407-46BB-855B-069D78A72797}
ELIMINÉ FirewallRaz (Private) : {D56E042C-5ED2-41EB-985F-73FD30A2B97B}
ELIMINÉ FirewallRaz (Private) : {06A52727-81A2-43F0-8FDF-0D8AAFA1DF4A}
ELIMINÉ FirewallRaz (Private) : {395756F2-D051-4D25-B105-978A22989B72}
ELIMINÉ FirewallRaz (Private) : {4A609F40-F615-4C08-8BC1-3BE67EF02380}
ELIMINÉ FirewallRaz (Public) : {D505AF27-D5D1-4936-B16A-F820C91A5046}
ELIMINÉ FirewallRaz (Private) : {9552ADC3-7D3F-40D7-98B8-79974F7C092F}
ELIMINÉ FirewallRaz (Private) : {A2B71711-7E6D-4354-879B-7D34F0F82931}
ELIMINÉ FirewallRaz (Private) : {CDEE384A-3AA1-45C0-BA3B-AF3426C261BA}
ELIMINÉ FirewallRaz (Private) : {08733F9C-CBDD-45BA-A212-CFD2C52AFD23}
ELIMINÉ FirewallRaz (Private) : {BF3E4819-9DB8-4650-84B7-CF936DE7AF35}
ELIMINÉ FirewallRaz (Private) : {6A28BBE6-A563-45EC-A64E-A37480E9AEC9}
ELIMINÉ FirewallRaz (Private) : {F9EA13A9-F562-4DA5-83A9-1CE54F1D938A}
ELIMINÉ FirewallRaz (Private) : {D5FC09E3-9C3D-4F81-9D67-D90455B9C257}
ELIMINÉ FirewallRaz (Private) : {231C13BD-F854-428B-BC2C-61C4D8D657FA}
ELIMINÉ FirewallRaz (Private) : {3FE04583-EF67-4F71-9596-4E7DC4A5255F}
ELIMINÉ FirewallRaz (Private) : {56EA57D2-9DE0-4436-886A-4837CFE0A8AB}
ELIMINÉ FirewallRaz (Private) : {6CD5B89C-FC53-4953-A30D-D150FC854C5A}
ELIMINÉ FirewallRaz (Private) : {8537E206-21C8-4165-B25A-D4A60F94E0D3}
ELIMINÉ FirewallRaz (Private) : {0B9E3C65-1968-482F-99B1-F00C8BD02744}
ELIMINÉ FirewallRaz (Private) : {3B2A9C0B-2916-4E60-9F81-9952F466D317}
ELIMINÉ FirewallRaz (Private) : {5B567DF7-DA6E-4AFC-A720-AEAA1DB52600}
ELIMINÉ FirewallRaz (Private) : {CA808D6E-3089-41DF-956A-56172F5BFC53}
ELIMINÉ FirewallRaz (Private) : {D51EF6A5-5ECE-4FB9-B195-B7B511EE2610}
ELIMINÉ FirewallRaz (Private) : {47321AF6-00EE-4168-A130-53640F88C011}
ELIMINÉ FirewallRaz (Private) : {4D907172-FE50-405B-9B0A-83F6BCFF1AA3}
ELIMINÉ FirewallRaz (Private) : {79DC8A98-B765-4B43-A04C-D2409E7F6CC0}
ELIMINÉ FirewallRaz (Private) : {97714969-41BA-412E-AF69-6D6678A98D4E}
ELIMINÉ FirewallRaz (Private) : {46F19E37-98B3-491D-8BE6-D1399767CC87}
ELIMINÉ FirewallRaz (Private) : {D07001F1-A624-47D9-81D2-47FF7025472D}
ELIMINÉ FirewallRaz (Private) : {78523329-06DC-47DF-9C9D-E4B049F7D10C}
ELIMINÉ FirewallRaz (Private) : {9BFECBDF-14C0-49B4-9B55-554C1A701BC0}
ELIMINÉ FirewallRaz (Private) : {074CACF0-24DF-4F20-A350-EA72E6AAF5D2}
ELIMINÉ FirewallRaz (Private) : {F358F227-4502-4A13-91C6-E707C978A14B}
ELIMINÉ FirewallRaz (Private) : {5927BB04-A42D-44CC-83AD-B025B6A7F8E6}
ELIMINÉ FirewallRaz (Private) : {3C51FD42-608A-4872-98D2-D3FDA976DAB9}
ELIMINÉ FirewallRaz (Private) : {91B64984-54DA-4827-8045-8584C3ADE6BC}
ELIMINÉ FirewallRaz (Private) : {56CFBE4C-94AB-42C7-8906-461737C2E1D9}
ELIMINÉ FirewallRaz (Private) : {058DC0E4-35AD-4230-B48F-BDFC7D81AA3E}
ELIMINÉ FirewallRaz (Private) : {DEC9E409-5083-46B2-B8A5-94EDE145333B}
ELIMINÉ FirewallRaz (Private) : {3DD283D1-8757-4BCF-93BE-6199C37A6D4D}
ELIMINÉ FirewallRaz (Private) : {6FC2F98D-B521-4E3B-A292-3767B7B35674}
ELIMINÉ FirewallRaz (Private) : {2A95F493-63D1-4488-9776-D44BA73626E2}
ELIMINÉ FirewallRaz (Private) : {62393ADA-0307-4289-93FD-5666D93B76F3}
ELIMINÉ FirewallRaz (Private) : {321F0090-637E-4811-9835-71544ED23307}
ELIMINÉ FirewallRaz (Private) : {18716CA8-5252-4B01-9298-BCDF0781C645}
ELIMINÉ FirewallRaz (Private) : {91A004BE-0301-4D32-A6B0-0F311088F51B}
ELIMINÉ FirewallRaz (Private) : {5755D6B5-5CE6-4457-84ED-0282597CD7E5}
ELIMINÉ FirewallRaz (Private) : {A8095966-A0D7-4351-9ECB-96CC0F3A6FDE}
ELIMINÉ FirewallRaz (Public) : {9CADB8B6-1CCD-4DED-9B9A-33ECCBE7F7BD}
ELIMINÉ FirewallRaz (Private) : {2B285688-CB72-4F49-8B50-156909DA19F2}
ELIMINÉ FirewallRaz (Private) : {B33D995F-F7AC-42D2-B295-84ED129587BB}
ELIMINÉ FirewallRaz (Private) : {B1473787-9868-444C-BCF7-16FE5AC9D0FB}
ELIMINÉ FirewallRaz (Private) : {E6192489-4C78-46E5-8A0D-A8475B877D5E}
ELIMINÉ FirewallRaz (Private) : {17C9AFD1-6FEF-4E8A-B7C4-850DF3A7DD45}
ELIMINÉ FirewallRaz (Private) : {29A6D119-26FF-4FBA-A297-4F947AD58BFB}
ELIMINÉ FirewallRaz (Private) : {97ED8732-53E8-46F0-8D4A-C8B32A9323AE}
ELIMINÉ FirewallRaz (Private) : {D5879E0A-E6DD-4CB1-AB1B-21DDDFBDBFB3}
ELIMINÉ FirewallRaz (Private) : {43EA9097-0CA2-4389-B820-1A30AE50AA5B}
ELIMINÉ FirewallRaz (Private) : {5D8F2494-7114-456B-90F4-9CE7162A3F5C}
ELIMINÉ FirewallRaz (Private) : {5BF63C63-8924-4C5A-8640-CB3D8B88B6C8}
ELIMINÉ FirewallRaz (Private) : {48BF1C3D-7A50-4616-846E-DB177043EB8E}
ELIMINÉ FirewallRaz (Private) : {4A7ADA7C-389A-4F4F-8C6B-BF44947F9395}
ELIMINÉ FirewallRaz (Private) : {ECDDDF64-49B4-43D5-B34D-5D992EA663C8}
ELIMINÉ FirewallRaz (Private) : {5290C633-4120-4D52-8F3D-6230F0DDCAF7}
ELIMINÉ FirewallRaz (Private) : {4CF775A9-3460-48F6-9D59-48174D4BB8C4}
ELIMINÉ FirewallRaz (Private) : {7451D395-E14B-4008-9538-714A59459A35}
ELIMINÉ FirewallRaz (Private) : {3A651E19-66CF-4FE1-8CD5-5644E240B4B0}
ELIMINÉ FirewallRaz (Private) : {9DF21A74-E6CB-4CB9-8C40-D247E79C3D67}
ELIMINÉ FirewallRaz (Private) : {E65B019D-1087-454A-8D56-3AF969E4568F}
ELIMINÉ FirewallRaz (Private) : {5A732D4F-D678-4D04-8C4B-4E9853C2A028}
ELIMINÉ FirewallRaz (Private) : {4605B1F6-D54C-4F5C-8293-1508036E1A83}
ELIMINÉ FirewallRaz (Private) : {A72BF6B2-761B-4C72-8275-0BF6D1DB5E0F}
ELIMINÉ FirewallRaz (Private) : {0438906E-A036-43BE-B148-AD02F08F13B7}
ELIMINÉ FirewallRaz (Private) : {EA616F96-2299-49E4-9A99-D5B913525254}
ELIMINÉ FirewallRaz (Private) : {7D6D0469-622F-4CE3-8C26-7D3503A7B906}
ELIMINÉ FirewallRaz (Private) : {151088FF-F7FD-43D4-85DE-B72F37A84D8E}
ELIMINÉ FirewallRaz (Private) : {E17B1232-AAC0-4F3A-9469-B4582164BC1E}
ELIMINÉ FirewallRaz (Private) : {4585933D-9696-42FF-9F37-97418165563E}
ELIMINÉ FirewallRaz (Private) : {DB45D1A0-F5EF-49B4-AF86-BE101ACF695F}
ELIMINÉ FirewallRaz (Private) : {56FB521C-1B3D-45D1-8204-E1668A9B84A7}
ELIMINÉ FirewallRaz (None) : {F0B0CE2D-19E7-436A-8C12-9B74C0AFA5C5}
ELIMINÉ FirewallRaz (None) : {839D5CE0-F396-4E40-BDAE-B46713EE4926}
ELIMINÉ FirewallRaz (None) : {4DE9FB3E-B3F1-47EB-B210-8D9DB3EABDA7}
ELIMINÉ FirewallRaz (Private) : TCP Query User{FE542EFD-D9FA-4DD8-9F79-779C4BDE3927}C:\users\my\downloads\utorrent.exe
ELIMINÉ FirewallRaz (Private) : UDP Query User{4F4A9B1E-E8FF-4ECC-A90D-290FCFD3A7F9}C:\users\my\downloads\utorrent.exe
ELIMINÉ FirewallRaz (Private) : {4F02D593-A776-4AE2-A4D0-B1D558560EC3}
ELIMINÉ FirewallRaz (Private) : {C63B4956-3DAF-4B01-967E-51272BC870FD}
ELIMINÉ FirewallRaz (Public) : {ED53E188-2FED-4EA0-BD4E-4EB06D38FBE5}
ELIMINÉ FirewallRaz (Private) : {ACD1395A-A34A-4A42-8265-98722EB03835}
ELIMINÉ FirewallRaz (Public) : {39EBF665-2A1A-444B-99D2-55991E028901}
ELIMINÉ FirewallRaz (Public) : {357A7734-7230-4D03-8B6C-E9F703266DEE}
ELIMINÉ FirewallRaz (Public) : {6DF5943D-BA36-4580-AAE2-97C4CFCECDF5}
ELIMINÉ FirewallRaz (Private) : {05745CED-2F0D-4A79-B8F1-F994FAD65F1F}
ELIMINÉ FirewallRaz (Private) : {C98EE788-6D91-4EEC-A3BA-8B135FE4084F}
ELIMINÉ FirewallRaz (Private) : {BB898476-D0BB-4AED-94AD-183428B7CEE3}
ELIMINÉ FirewallRaz (Private) : {C518BE36-A5D9-4E5E-9C19-FFB08CBE61D8}
ELIMINÉ FirewallRaz (Private) : {F36BAC54-5456-4538-B9DB-B9284972F7CB}
ELIMINÉ FirewallRaz (Private) : {AE9ED4A6-4743-4642-B13B-C2BCC9E4CF12}
ELIMINÉ FirewallRaz (Private) : {5B217862-81B6-462B-A68F-A9550F473E4E}
ELIMINÉ FirewallRaz (Private) : {2C98C38B-9C09-4A0E-910F-053CDACE36FD}
ELIMINÉ FirewallRaz (Private) : {DED1B48D-6C5B-4E90-8EE8-8D2EC4D58F9C}
ELIMINÉ FirewallRaz (Private) : {8BB20F5A-BE82-491B-9C13-A8CC72953BDA}
ELIMINÉ FirewallRaz (Private) : {F992E32D-4474-4EFB-A6A1-633BA14536E0}
ELIMINÉ FirewallRaz (Private) : {D6BB2EE4-2E38-4EE9-9B78-6CFADBC892F5}
ELIMINÉ FirewallRaz (Private) : {56DA4FA2-697A-4B35-AF93-89EA1E992D94}
ELIMINÉ FirewallRaz (Private) : {CB5D10D7-3EBF-4946-B944-13DA8CC4307D}
ELIMINÉ FirewallRaz (Private) : {6193A22D-FD8C-42EF-9F9A-290413E2B6BD}
ELIMINÉ FirewallRaz (Private) : {C5A11C60-3E24-49AE-8F23-5012FA40C34F}
ELIMINÉ FirewallRaz (Private) : {D62E3710-D5BD-412E-A685-032D7A0800F7}
ELIMINÉ FirewallRaz (Private) : {ED64B82D-07B6-478C-839F-2ADCDC2C7517}
ELIMINÉ FirewallRaz (Private) : {87FDA416-60BB-4907-9EEC-A28B92A5F727}
ELIMINÉ FirewallRaz (Private) : {327BF59D-A6AC-43F7-A487-C789E43CF624}
ELIMINÉ FirewallRaz (Public) : {12C102BE-151A-42ED-8FD1-995A591F83CD}
ELIMINÉ FirewallRaz (Private) : {9DE17FC0-D6D2-4C3C-AACD-FD1AE138D033}
ELIMINÉ FirewallRaz (Private) : {93FB7337-C908-40FC-909B-38409EEFFC6D}
ELIMINÉ FirewallRaz (Private) : {B2C22318-A75D-4DD8-BBCE-D61ADC3806D6}
ELIMINÉ FirewallRaz (Private) : {7E263D3A-1249-4F34-87DA-59E662061F14}
ELIMINÉ FirewallRaz (Public) : {0AAADE79-34C8-45ED-BC31-149FCC86DA88}
ELIMINÉ FirewallRaz (Public) : {41F56935-5CEC-49EF-AA32-60625000691B}

========== Elementos dos dados do Registo ==========
ELIMINÉ Explorer Association Data Application: http://search.babylo...00000705ab68ec1[...]
AUSENTE Mozilla Pref: user_pref("extensions.BabylonToolbar.vrsn", "1.8.24.6");
AUSENTE Mozilla Pref: user_pref("extensions.BabylonToolbar.vrsnTs", "1.8.24.69:19:50");
AUSENTE Mozilla Pref: user_pref("extensions.BabylonToolbar.vrsni", "1.8.24.6");
AUSENTE Mozilla Pref: user_pref("extensions.BabylonToolbar_i.babExt", "");
AUSENTE Mozilla Pref: user_pref("extensions.BabylonToolbar_i.babTrack", "affID=123494&tsp=4984");
AUSENTE Mozilla Pref: user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
AUSENTE Mozilla Pref: user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
AUSENTE Mozilla Pref: user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
AUSENTE Mozilla Pref: user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
AUSENTE Mozilla Pref: user_pref("sweetim.toolbar.previous.keyword.URL", "");
AUSENTE Mozilla Pref: user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*");
AUSENTE Mozilla Pref: user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "1");
AUSENTE Mozilla Pref: user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "1");
AUSENTE Mozilla Pref: user_pref("sweetim.toolbar.searchguard.enable", "false");
AUSENTE Mozilla Pref: user_pref("aol_toolbar.default.homepage.check", false);
AUSENTE Mozilla Pref: user_pref("aol_toolbar.default.search.check", false);

========== Pastas ==========
ELIMINÉ: C:\Users\My\AppData\Local\{194AAE55-F989-48AB-9D7A-2A1F6A742BFD}
ELIMINÉ: C:\Users\My\AppData\Local\{1E4B2EC7-CF2D-48FE-BD5F-EDF5A4012733}
ELIMINÉ: C:\Users\My\AppData\Local\{30E77B6A-C917-446F-8CBF-596BBB19DFBC}
ELIMINÉ: C:\Users\My\AppData\Local\{50494F92-C788-44E6-BDB1-76FFEFE27F9B}
ELIMINÉ: C:\Users\My\AppData\Local\{58947618-EAA3-4D61-9973-FDCD1B39B226}
ELIMINÉ: C:\Users\My\AppData\Local\{6CE53753-37E3-4ECE-8D61-CA3841A94DB0}
ELIMINÉ: C:\Users\My\AppData\Local\{CC521DBE-4809-4C96-A0F8-ACC4EF077B63}
ELIMINÉ: C:\Users\My\AppData\Local\{E95C434A-C8A4-401A-B81E-246DD92C5151}
ELIMINÉ: C:\Users\My\AppData\Local\{EF5935AF-45B9-4AA4-85B8-A1A2B0C1257D}

========== Ficheiros ==========
ELIMINÉ File: c:\users\my\appdata\local\temp\down.4248.assistant_v3.exe
ELIMINÉ File: c:\users\my\appdata\local\temp\fbinstupd.exe
ELIMINÉ *: c:\users\my\appdata\local\temp\lkaseoihcaig.exe
ELIMINÉ File: c:\users\my\appdata\local\temp\sqlite3.dll
ELIMINÉ ***: c:\program files (x86)\internet explorer\updater.exe
ELIMINA REINICIAR c:\windows\system32\drivers\bprotectex.sys
ELIMINÉ File: c:\windows\prefetch\hpsf_tasks.exe-9ffdf802.pf
ELIMINÉ File: C:\Program Files (x86)\Internet Explorer\cr_addon.crx
ELIMINÉ Temporários windows
ELIMINÉ Flash Cookies

========== Tarefa planificada ==========
ELIMINÉ Task: Parker
ELIMINÉ Task: Tasker
ELIMINÉ Task: Wisker
ELIMINÉ Task: {CA4AF682-49C2-49F6-8BD2-7C47C346E96A}
ELIMINÉ Task: BHO updater


========== Recapitulativo ==========
4 : Processo memória
1 : Modulos memória
60 : Chaves do Registo
286 : Valores do Registo
1 : Elementos dos dados do Registo
9 : Pastas
10 : Ficheiros
1 : Softwares
46 : Preferências do navegador
5 : Tarefa planificada


End of clean in 00mn 44s

========== Caminho do ficheiro do relatório ==========
C:\ZHP\ZHPFix[R1].txt - 27/05/2012 21:34:40 [58208]
C:\ZHP\ZHPFix[R2].txt - 09/09/2013 22:43:06 [32640]

vlw

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! RafaeL Icassati2

|- Baixe: < zoek > ( ... by Smeenk )

|- Ou aqui! < 51a612a8b27e2-Zoek.png zoek.exe >

|- Salve-o no desktop!
|- Desabilite seu antivírus!
|- Para Windows 7,execute zoek.exe como administrador.

hijackthis;
ffdefaults;
autoclean;
emptyalltemp;


|- Copie e cole estas informações,em vermelho,no campo da ferramenta.
|- Clique "Run Script".

Zoek.exe is running now.
Do not start any browser windows, they will be closed automatically.
Please wait! This window will close when finished.
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log

|- Surgirão estas informações,pedindo-lhe que aguarde o relatório.

Zoek_Reboot_zpscf60b3cf.jpg

|- Aceite e/ou confirme o reboot!

zoek.hta failed by unknown error.
Restart computer, and try again.

|- Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
|- Poste o relatório,que estará em C:\zoek-results.txt <<

At+

 

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite DigRam!


Zoek.exe Version 4.0.0.4 Updated 07-September-2013
Tool run by My on 10/09/2013 at 7:44:05,01.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\My\Desktop\zoek.exe [script inserted]

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default\prefs.js:
user_pref("browser.startup.homepage", "http://*.cga.com.cn
O15 - Trusted Zone: http://*.ogdev.net
O15 - Trusted Zone: http://*.sdo.com
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} (GbPluginObj Class) - https://clickbanking.itau.com.br/itau/gbplugin/gbplugin2/cab/GbPluginUni.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Users\My\AppData\Local\DProtect\eBP.dll,C:\Users\My\AppData\Local\DProtect\eBPSD.dll
O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O20 - Winlogon Notify: GbPluginUni - C:\PROGRA~2\GbPlugin\gbiehUni.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
O23 - Service: DPService - Woodtale Technology Inc - C:\Users\My\AppData\Local\DProtect\DProtectSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\My\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\My\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\My\AppData\Local\Mozilla\Firefox\Profiles\1q6lsz8d.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\users\My\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\users\My\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\My\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\users\My\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HADW46P6\tag.userreport.com" not found

==== EOF on 10/09/2013 at 7:53:45,65 ======================

vlw

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! RafaeL Icassati2

|- Praticamente,seus logs estão limpos!
|- Abra a pasta ZHPDiag que foi estabelecida e execute arquivo "unins000.exe".
|- Mas... uma verificação com a OTS ou OTL seria,caso queira,como diagnóstico. No caso,estou-lhe pedindo a OTS,que deve vir após a ferramenta DelFix.
|- Não desejando esse scan,aborte e siga com a DelFix,para encerrarmos o Tópico.

|- Tudo Ok?


-/-

|- Baixe: |DelFix| ( ... de Xplode )

DelFix_SetaVerde.jpg

|- Estando na página,clique na seta verde para o download.
|- Salve-a em um local conveniente! ( desktop! )
|- Feche aplicativos que estejam abertos.

aciCkcnc.jpg

|- Execute-a!
|- Com as duas checkbox marcadas!
|- Clique "Run".

|- Baixe: < 331oifp.png > ( ... by Old Timer )

|- Salve-o no desktop ou C:\.
|- Duplo-clique em OTS.exe.
|- Ps: Para Windows Vista ou 7,dê clique direito e execute OTS.exe como administrador.

adpvC8bl.jpg

|- Na opção "Additional Scans",clique em "Extras".
|- Marque as caixinhas:

[] Reg - NetSvcs
[] File - Lop Check

64bitscan.png

|- Para SO 64 bits,marque a caixinha!

|- Em "Basic Scans",marque as caixinhas:

[] Use Company Name Whitelist
[] Skip Microsoft Files

|- Verifique: 250ii3s.png & n19ytt.png

%systemdrive%\*.*
%systemdrive%\drivers\*.exe
%systemroot%\system32\drivers\*.* /90
%programfiles%\*.*
%localappdata%\*.exe
%localappdata%\*.txt
%localappdata%\*.ini
%localappdata%\*.dll
%localappdata%\*.dat
%userprofile%\*.exe
%userprofile%\*.txt
%userprofile%\*.ini
%userprofile%\*.dll
%userprofile%\*.dat /30
%appdata%\*.*
%systemroot%\system32\tasks\*.*
%windir%\tasks\*.*
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT


OTS_CustomScans.jpg

|- Copie e cole estas informações que estão no Code,para o campo "Custom Scans".
|- À seguir,clique em 2lasxtt.png

|- Ao concluir,abrir-se-á o Bloco de Notas,com o relatório. ( OTS.txt )
|- Poste-o em sua resposta!
|- Acesse para isso! ( cjoint.com ou myfile.tk )

Abs!

 

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite DigRam!

 

# DelFix v10.4 - Logfile created 10/09/2013 at 19:54:19
# Updated 19/07/2013 by Xplode
# Username : My - MY-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\Qoobox
Deleted : C:\_OTL
Deleted : C:\ZHP
Deleted : C:\Program Files (x86)\ZHPDiag
Deleted : C:\Program Files (x86)\Hijackthis
Deleted : C:\AdwCleaner[s1].txt
Deleted : C:\ComboFix.txt
Deleted : C:\PhysicalDisk0_MBR.bin
Deleted : C:\TDSSKiller.2.8.16.0_20.07.2013_22.28.54_log.txt
Deleted : C:\ZHPDiag2.exe
Deleted : C:\zoek-results.log
Deleted : C:\Users\My\Desktop\OTS.exe
Deleted : C:\Windows\grep.exe
Deleted : C:\Windows\PEV.exe
Deleted : C:\Windows\NIRCMD.exe
Deleted : C:\Windows\MBR.exe
Deleted : C:\Windows\SED.exe
Deleted : C:\Windows\SWREG.exe
Deleted : C:\Windows\SWSC.exe
Deleted : C:\Windows\SWXCACLS.exe
Deleted : C:\Windows\Zip.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #375 [Windows Update | 09/03/2013 05:58:43]
Deleted : RP #376 [Removed Bonjour | 09/03/2013 10:58:45]
Deleted : RP #377 [installed Java 7 Update 25 | 09/04/2013 10:43:34]
Deleted : RP #378 [Windows Update | 09/06/2013 18:25:29]
Deleted : RP #379 [Removed Google Drive | 09/08/2013 01:45:12]
Deleted : RP #380 [Removed Validity Sensors DDK | 09/08/2013 01:49:14]
Deleted : RP #381 [Removed Facebook Video Calling 1.2.0.287 | 09/10/2013 01:52:05]
Deleted : RP #382 [Configurado MediaSmart DVD | 09/10/2013 02:04:11]
Deleted : RP #383 [Windows Update | 09/10/2013 10:17:38]

New restore point created !

########## - EOF - ##########

http://cjoint.com/?CIlbJ2Oe7Bb

 

vlw!

0

Compartilhar este post


Link para o post
Compartilhar em outros sites
Bom Dia! RafaeL Icassati2


|- Abra a ferramenta OTS.


[unregister Dlls]

[Registry - Safe List]

< 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > ->




< FireFox Settings [Prefs.js] > -> C:\Users\My\AppData\Roaming\Mozilla\FireFox\Profiles\1q6lsz8d.default\prefs.js

YN -> "qvo6" -> browser.search.order.3

YN -> "qvo6" -> browser.search.useDBForOrder

[Registry - Additional Scans - Safe List]

YN -> [2012/08/16 04:51:40 | 006,670,496 | ---- | M] (Microsoft Corporation) "{722DC91D-A2EF-488A-9A5F-B27D7BDFD991}" [HKLM] -> Reg Error: Key error. [PSafe]

YN -> [2012/08/16 04:51:40 | 006,670,496 | ---- | M] (Microsoft Corporation) "{A48EC0D3-3DDF-4A75-B35E-B1AFBC6E40F7}" [HKLM] -> Reg Error: Key error. [PSafeOL]

YN -> "{35B6525E-071A-4EA9-B3BD-F6A742572F08}" [HKLM] -> Reg Error: Key error. [PSafe LockBox]

YN -> [2011/07/04 05:38:44 | 000,443,728 | ---- | M] (Microsoft Corporation) "{722DC91D-A2EF-488A-9A5F-B27D7BDFD991}" [HKLM] -> Reg Error: Key error. [PSafe]

YN -> [PSafeOL] -> File not found

YN -> 31/08/2013 16:15:49 Computer Name = My-PC | Source = Iminent | ID = 0 -> Description = Application [ Error ]

YN -> 31/08/2013 21:05:03 Computer Name = My-PC | Source = Iminent | ID = 0 -> Description = Application [ Error ]

YY -> [2013/09/10 07:52:38 | 000,000,000 | ---D | C] AdwCleaner -> C:\AdwCleaner

YY -> [2013/09/09 22:11:04 | 000,000,000 | ---D | C] DProtect -> C:\Users\My\AppData\Local\DProtect

YY -> [2013/09/09 22:05:20 | 000,000,000 | ---D | C] BprotectEx.sys -> C:\Windows\SysNative\drivers\BprotectEx.sys

YY -> [2013/09/04 07:52:30 | 000,076,096 | ---- | C] (Baidu, Inc.) Baidu Security -> C:\Users\Public\Documents\Baidu Security

YY -> [2009/07/13 22:38:58 | 000,383,562 | RHS- | M] () DelFix.txt -> C:\DelFix.txt

[Alternate Data Streams]

NY -> @Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1


[empty temp folders]

[EmptyFlash]

[reboot]


|- Cole estas informações logo àcima,no campo: "Paste Fix Here"


OTS_RunFix.jpg


|- Clique em Run Fix --> Aguarde!

|- Terminando,poste o relatório: C:\_OTS\MovedFiles\OTS.txt


A+

Editado por DigRam
0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite DigRam!

o computador tá 95% melhor, só o maldito qvo6 que não sai de forma alguma.

obrigado pela ajuda!

 

All Processes Killed
[Registry - Safe List]
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\\CustomizeSearch deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\\SearchAssistant deleted successfully.
[Registry - Additional Scans - Safe List]
Registry key \ not found.
Registry key \ not found.
Registry key \ not found.
Registry key \ not found.
Registry key \ not found.
Registry key \ not found.
Registry key \ not found.
Registry key \ not found.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default\Extensions\{e53a26f5-7199-4a5b-86f5-d2e86854b979}\chrome\content folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default\Extensions\{e53a26f5-7199-4a5b-86f5-d2e86854b979}\chrome folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default\Extensions\{e53a26f5-7199-4a5b-86f5-d2e86854b979} folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default\Extensions folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Mozilla\Firefox folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Mozilla folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Microsoft\Windows\Start Menu\Programs folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Microsoft\Windows\Start Menu folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Microsoft\Windows folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Microsoft\Internet Explorer folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Microsoft folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData folder moved successfully.
C:\AdwCleaner\Quarantine\C folder moved successfully.
C:\AdwCleaner\Quarantine folder moved successfully.
C:\AdwCleaner\Backup\C\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\piponpp5.default-1378857008859 folder moved successfully.
C:\AdwCleaner\Backup\C\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles folder moved successfully.
C:\AdwCleaner\Backup\C\Users\My\AppData\Roaming\Mozilla\Firefox folder moved successfully.
C:\AdwCleaner\Backup\C\Users\My\AppData\Roaming\Mozilla folder moved successfully.
C:\AdwCleaner\Backup\C\Users\My\AppData\Roaming folder moved successfully.
C:\AdwCleaner\Backup\C\Users\My\AppData folder moved successfully.
C:\AdwCleaner\Backup\C\Users\My folder moved successfully.
C:\AdwCleaner\Backup\C\Users folder moved successfully.
C:\AdwCleaner\Backup\C folder moved successfully.
C:\AdwCleaner\Backup folder moved successfully.
C:\AdwCleaner folder moved successfully.
Registry key \ not found.
C:\Users\My\AppData\Local\DProtect\log folder moved successfully.
Folder move failed. C:\Users\My\AppData\Local\DProtect scheduled to be moved on reboot.
Registry key \ not found.
C:\Windows\SysNative\drivers\BprotectEx.sys moved successfully.
Registry key \ not found.
C:\Users\Public\Documents\Baidu Security\PC Faster folder moved successfully.
C:\Users\Public\Documents\Baidu Security\Bav\Dump\3.7.1.39149 folder moved successfully.
C:\Users\Public\Documents\Baidu Security\Bav\Dump folder moved successfully.
C:\Users\Public\Documents\Baidu Security\Bav folder moved successfully.
C:\Users\Public\Documents\Baidu Security folder moved successfully.
Registry key \ not found.
C:\DelFix.txt moved successfully.
[Alternate Data Streams]
ADS C:\ProgramData\Temp:D1B5B4F1 deleted successfully.
File not found!
[empty temp folders]


User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56468 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: My
->Temp folder emptied: 2400655 bytes
->Temporary Internet Files folder emptied: 4046669 bytes
->Java cache emptied: 160 bytes
->FireFox cache emptied: 82528923 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 57528 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Todos os Usuários

User: Usuário Padrão
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 65500 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 195 bytes
RecycleBin emptied: 732955245 bytes

Total Files Cleaned = 784,00 mb

< End of fix log >
OTS by OldTimer - Version 3.1.47.2 fix logfile created on 09112013_225321

Files\Folders moved on Reboot...
C:\Users\My\AppData\Local\DProtect\log folder moved successfully.
Folder move failed. C:\Users\My\AppData\Local\DProtect scheduled to be moved on reboot.
C:\Users\My\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\My\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

Registry entries deleted on Reboot...

 

t+

 

edit:

 

Oi DigRam, postando de novo pra dizer que eu consegui tirar o qvo6, que estava afetando o meu browser, tanto o mozilla, quanto o IE.

 

 

eu só precisei excluir o mecanismo de Busca do qvo6 do mozilla, depois saiu com o adwcleaner, log:

 

# AdwCleaner v3.003 - Relatório criado 11/09/2013 no 23:22:50
# Atualizado 07/09/2013 por Xplode
# Sistema Operacional : Windows 7 Home Premium Service Pack 1 (64 bits)
# Usuário : My - MY-PC
# Executando de : C:\Users\My\Desktop\adwcleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

Serviço Deletado : WsysSvc

***** [ Arquivos / Pastas ] *****

Pasta Deletado : C:\ProgramData\eSafe

***** [ Atalhos ] *****

Atalho Desinfectada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Atalho Desinfectada : C:\Users\My\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Atalho Desinfectada : C:\Users\My\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Atalho Desinfectada : C:\Users\My\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registro ] *****

Chave Deleteda : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Chave Deleteda : HKLM\Software\eSafeSecControl
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSysControl

***** [ Navegadores ] *****

-\\ Internet Explorer v10.0.9200.16686


-\\ Mozilla Firefox v23.0.1 (pt-BR)

[ Arquivo : C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\piponpp5.default-1378857008859\prefs.js ]

Linha deletada : user_pref("browser.newtab.url", "hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&utm_campaign=eXQ&utm_content=hp&from=amt&uid=WDCXWD5000BEKT-60KA9T0_WD-WXA1E51AVM26AVM26&ts=1378951030");
Linha deletada : user_pref("browser.search.defaultenginename", "qvo6");
Linha deletada : user_pref("browser.search.order.1", "qvo6");
Linha deletada : user_pref("browser.search.selectedEngine", "qvo6");

*************************

AdwCleaner[R2].txt - [3260 octets] - [11/09/2013 23:22:17]
AdwCleaner[s2].txt - [2109 octets] - [11/09/2013 23:22:50]

########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [2169 octets] ##########

 

 

 

 

novo log:

 

 

 

# AdwCleaner v3.003 - Relatório criado 11/09/2013 no 23:26:41
# Atualizado 07/09/2013 por Xplode
# Sistema Operacional : Windows 7 Home Premium Service Pack 1 (64 bits)
# Usuário : My - MY-PC
# Executando de : C:\Users\My\Desktop\adwcleaner.exe
# Opção : Examinar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****


***** [ Atalhos ] *****


***** [ Registro ] *****


***** [ Navegadores ] *****

-\\ Internet Explorer v10.0.9200.16686


-\\ Mozilla Firefox v23.0.1 (pt-BR)

[ Arquivo : C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\piponpp5.default-1378857008859\prefs.js ]


*************************

AdwCleaner[R2].txt - [3260 octets] - [11/09/2013 23:22:17]
AdwCleaner[R3].txt - [715 octets] - [11/09/2013 23:26:41]
AdwCleaner[s2].txt - [2249 octets] - [11/09/2013 23:22:50]

########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [834 octets] ##########


Editado por RafaeL Icassati 2
0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! RafaeL Icassati2

|- Abra a OTS e clique CleanUp.
|- Confirme o reboot!

-/-

|- Caso deseje otimizar o PC,temos o JetClean + JetBoost.

|- Baixe: < JetClean 1.5.0 > ( ... by BlueSprig.com )

< Maiores informações! > << Leia aqui!

|- Salve-o em Arquivos de programas. ( jetclean-setup.exe )

adzVh9sP.jpg

|- Instale o software e na guia "1-Click",escolha a opção "Registry Clean".
|- Vá em "Scan Now" e escolha: Shut down PC after Repair

adkBv5Jp.jpg

|- Ou escolhendo a opção "Scan & Repair",sem o reboot do PC.

< JetBoost >

adcx3QVr.jpg

|- À seguir,tente melhorar a performance com o JetBoost.
|- Informe!


A+

Editado por DigRam
Corrigir opção ao JetClean.
0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia, DigRam! o computador está bem melhor!

Muito obrigado, pela ajuda!

 

nenhum dos programas gereram Log's, então só vou postar um ultimo log do Hijackthis e se

estiver limpo pode dar um "closed", obrigado novamente!

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 08:44:50, on 12/09/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
C:\Users\My\Desktop\ \Nero\WinAVI 9.0 Portable\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://*.cga.com.cn
O15 - Trusted Zone: http://*.ogdev.net
O15 - Trusted Zone: http://*.sdo.com
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} (GbPluginObj Class) - https://clickbanking.itau.com.br/itau/gbplugin/gbplugin2/cab/GbPluginUni.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O20 - Winlogon Notify: GbPluginUni - C:\PROGRA~2\GbPlugin\gbiehUni.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12700 bytes

T+

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! RafaeL Icassati2

|- O "qvo6.com",ainda,retorna na configuração do navegador IE10.

-/-

|- Abra o HijackThis.
|- Clique: "Do a system scan only"

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/...6&ts=1378857322

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/...6&ts=1378857322


O2 - BHO: PSafe ClikSeguro - {802D2971-E7C7-4219-8D5C-AFDCD0DA939E} - (no file)

 

O2 - BHO: (no name) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - (no file)

|- Marque,àcima,estas entradas que estão em vermelho!
|- Após marca-las,clique "Fix Cheked". << Marque as que encontrar!
|- Se vc abre seu navegador clicando em atalhos,procure deletá-los e estabelecer novos atalhos.

-/-

|- Clique com o botão direito do mouse no atalho do IE,caso o abra utilizando esse ícone.
|- Selecione: "Propriedades"
|- Na aba "Atalho", na lacuna ao lado de Destino,coloque com aspas:

"C:\Program Files\Internet Explorer\iexplore.exe"

|- Clique "Aplicar" -> OK.

"C:\Program Files\Internet Explorer\iexplore.exe""xxxxx...xx"

|- Ou remova as informações "xxxxx...xx",após ...\iexplore.exe"

acoBcfrx.jpg

|- Ps: Procure deixar,conforme a screenshot.
|- Poste,à seguir,novo relatório do HijackThis.

At+

Editado por DigRam
0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noid, DigRam!

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:00:30, on 12/09/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
C:\Users\My\Desktop\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://*.cga.com.cn
O15 - Trusted Zone: http://*.ogdev.net
O15 - Trusted Zone: http://*.sdo.com
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} (GbPluginObj Class) - https://clickbanking.itau.com.br/itau/gbplugin/gbplugin2/cab/GbPluginUni.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O20 - Winlogon Notify: GbPluginUni - C:\PROGRA~2\GbPlugin\gbiehUni.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12448 bytes

t+

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! RafaeL Icassati2

 

|- O relatório do HijackThis veio limpo!

|- O malware,ainda,o incomoda?

 

A+

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia, DigRam!

não apareceu mais, mas eu também não uso o IE, mas abri para verificar e não apareceu nada, está limpo!

Obrigado novamente pela ajuda!

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

PROBLEMA RESOLVIDO

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Crie uma conta ou entre para comentar

Você precisar ser um membro para fazer um comentário

Criar uma conta

Crie uma nova conta em nossa comunidade. É fácil!


Crie uma nova conta

Entrar

Já tem uma conta? Faça o login.


Entrar Agora
Entre para seguir isso  
Seguidores 0