Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

RafaeL Icassati 2

[Resolvido] &nbspLentidão

Recommended Posts

Bom dia, por favor analisem o meu log:

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:16:58, on 08/09/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16660)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Users\My\Desktop\ \Nero\WinAVI 9.0 Portable\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://*.cga.com.cn
O15 - Trusted Zone: http://*.ogdev.net
O15 - Trusted Zone: http://*.sdo.com
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} (GbPluginObj Class) - https://clickbanking.itau.com.br/itau/gbplugin/gbplugin2/cab/GbPluginUni.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O20 - Winlogon Notify: GbPluginUni - C:\PROGRA~2\GbPlugin\gbiehUni.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14265 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! Rafael Icassati2

 

|- Baixe: < ZHPDiag2.exe > < NicolasCoolman.jpg > ( ... de Nicolas Coolman )
|- Salve-o no disco local! ( C ou D )
|- Execute o ícone do pergaminho. ( ZHPDiag )

abynh7jv.jpg

|- Clique: "CONFIGURE"

ZHPDiag_Options2_zps5a090bf7.jpg

|- Clique: "Options" >> "All" >> OK

ZHPDiag_FullAnalysis_zps60157826.jpg

|- Clique: "CONFIGURE" >> "Full Analysis"
|- Aguarde a conclusão!
|- Caso ocorra travamentos e não possa obter o log,aborte a verificação completa e faça a customizada.
|- Volte a janela principal da ferramenta.

adcYraWj.jpg

|- Clique "SEARCH" e aguarde a conclusão!
|- Ou clique "Options" >> "None".

ZHPDiag_AdditionalScan_zps21f11520.jpg

|- Marque,apenas,a opção "Additional Scan (O88)".

~ Unselected Option:

O1,039,O40,O41,O42,O43,O44,O45,O46,O47,
O48,O49,O50,O51,O52,O53,O54,O55,O56,O57,
O58,O59,O60,O61,O62,O63,O64,O65,O66,O67,
O68,O69,O80,O81,O82,O83,O84,O85,O86,O87,
O89,O90,O91,O92

####

|- Desta forma,estas opções serão desabilitadas!

zhpdia11.png

|- Clique OK e,ao concluir,poste o relatório! ( ZHPDiag.txt )
|- Ps: Se o log for extenso,envie-o à Pjjoint.malekal.

|- Ou acesse: < Cjoint_Logo.jpg >

|- Maiores informações: < |Link| >

A+

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! RafaeL Icassati2

|- Baixe: < http://mystart.incredibar.com =>Adware.IncrediBar
M2 - MFEP: prefs.js [My - 1q6lsz8d.default\a2fskh@eauipfqfw.edu] [] savvenshhaRE v5.10 (..) =>Adware.SaveShare
M2 - MFEP: prefs.js [My - 1q6lsz8d.default\ooa_ooioa@cubwugm.net] [] ssafE isiavue v1.5 (..) =>Adware.SafeSave
M2 - MFEP: prefs.js [My - 1q6lsz8d.default\vqr4.oy@xskxfzeau-oyi.co.uk] [] saofee ssaive v1.5 (..) =>Adware.SafeSave
[MD5.F498F9A6044DE57744BD465662E6AD77] [APT] [bHO updater] (...) -- C:\Program Files (x86)\Internet Explorer\Updater.exe [117760]
O42 - Logiciel: Browser Helper Object - (.APC Soft.) [HKLM][64Bits] -- Browser Helper Object1.4
O42 - Logiciel: OptimizerPro - (.BetterSoft.) [HKLM][64Bits] -- OptimizerPro =>PUP.OptimizerPro
O43 - CFD: 03/09/2013 - 22:12:26 - [2,944] ----D C:\ProgramData\InstallMate
O43 - CFD: 23/08/2013 - 10:38:51 - [0] ----D C:\ProgramData\StarApp
O43 - CFD: 04/09/2013 - 07:52:25 - [0] ----D C:\Program Files (x86)\Baidu Security
O43 - CFD: 18/01/2013 - 19:37:35 - [2,258] ----D C:\Program Files (x86)\Browser Helper Object
O43 - CFD: 24/08/2013 - 09:19:27 - [0] ----D C:\ProgramData\Babylon =>Toolbar.Babylon
O43 - CFD: 04/09/2013 - 07:52:29 - [0,002] ----D C:\ProgramData\Baidu Security
O43 - CFD: 03/09/2013 - 22:12:23 - [0,025] ----D C:\ProgramData\saofee ssaive =>Adware.SafeSave
O43 - CFD: 07/09/2013 - 10:25:09 - [0,013] ----D C:\ProgramData\savvenshhaRE =>Adware.SaveShare
O43 - CFD: 03/09/2013 - 22:12:23 - [0,025] ----D C:\ProgramData\ssafE isiavue =>Adware.SafeSave
O43 - CFD: 04/09/2013 - 07:52:33 - [2,042] ----D C:\Users\My\AppData\Roaming\Baidu Security
O43 - CFD: 24/08/2013 - 09:23:25 - [0] ----D C:\Users\My\AppData\Local\Lollipop =>Adware.Lollipop
O44 - LFC:[MD5.118960D109F52515A0D9369139203D6D] - 04/09/2013 - 07:52:30 RSHAD . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\BprotectEx.sys [76096]
O45 - LFCP:[MD5.CE9318456B50068E8D453D986A5EDEBD] - 09/09/2013 - 07:34:19 ---A- - C:\Windows\Prefetch\HPSF_TASKS.EXE-9FFDF802.pf
O64 - Services: CurCS - 08/08/2013 - C:\Windows\system32\drivers\BprotectEx.sys (BprotectEx) .(.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - LEGACY_BPROTECTEX
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.admin", false); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.aflt", "babsst"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.autoRvrt", "false"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.bbDpng", "24"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.cntry", "BR"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.dfltLng", "pt"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.excTlbr", false); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.ffxUnstlRst", true); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.hdrMd5", "C1E0EA28026B7B86D822036AC137EB09"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.hpFFXOld", "http://www.google.com.br/"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.id", "284790bb000000000000705ab68ec19e"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.instlDay", "15941"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.instlRef", "sst"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.kwURLOld", "http://www.bing.com/search?FORM=UP97DF&PC=UP97&q="); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.lastB", "http://www.google.com.br/"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.8.24.69:19:50"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.newTab", false); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"72\",\"lastVrsn\":\"72\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\[...] =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.prtkDS", 0); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.prtkHmpg", 0); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.rvrt", "false"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.sg", "azb"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.smplGrp", "none"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.tlbrId", "base"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=284790bb000000000000705ab68ec1[...] =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.vrsn", "1.8.24.6"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.vrsnTs", "1.8.24.69:19:50"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar.vrsni", "1.8.24.6"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar_i.babExt", ""); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar_i.babTrack", "affID=123494&tsp=4984"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); =>Toolbar.Babylon
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("sweetim.toolbar.previous.browser.startup.homepage", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("sweetim.toolbar.previous.keyword.URL", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*"); =>PUP.SweetIM
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "1"); =>PUP.SweetIM
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "1"); =>PUP.SweetIM
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("sweetim.toolbar.searchguard.enable", "false"); =>PUP.SweetIM
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("aol_toolbar.default.homepage.check", false);
O69 - SBI: prefs.js [My - 1q6lsz8d.default] user_pref("aol_toolbar.default.search.check", false);
O87 - FAEL: "{8339143A-5A69-4CE9-91E9-BDB503E7917F}" |In - Private - P6 - TRUE | .(...) -- C:\Levelup Games\Grand Chase\main.exe (.not file.)
O87 - FAEL: "{3514E523-0FCD-48A1-9D9B-058645C5B473}" |In - Private - P17 - TRUE | .(...) -- C:\Levelup Games\Grand Chase\main.exe (.not file.)
O87 - FAEL: "TCP Query User{ACC0102E-91F1-4923-BB23-667A30CB8CFB}C:\users\my\appdata\local\apps\2.0\gw8xpkye.8kv\17qe1x7v.3pm\leve..tion_d2c9776e4c5c026e_0000.0009_56dd4697dc5712d0\levelup.downloaderclient.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\my\appdata\local\apps\2.0\gw8xpkye.8kv\17qe1x7v.3pm\leve..tion_d2c9776e4c5c026e_0000.0009_56dd4697dc5712d0\levelup.downloaderclient.exe (.not file.)
O87 - FAEL: "UDP Query User{5754F352-477D-49AB-9BA6-D3B35D73FB54}C:\users\my\appdata\local\apps\2.0\gw8xpkye.8kv\17qe1x7v.3pm\leve..tion_d2c9776e4c5c026e_0000.0009_56dd4697dc5712d0\levelup.downloaderclient.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\my\appdata\local\apps\2.0\gw8xpkye.8kv\17qe1x7v.3pm\leve..tion_d2c9776e4c5c026e_0000.0009_56dd4697dc5712d0\levelup.downloaderclient.exe (.not file.)
O87 - FAEL: "{B1EE6552-340E-4921-A9DE-CC0D08781097}" |In - Private - P6 - FALSE | .(...) -- C:\Users\My\AppData\Local\Temp\nsqB38.tmp\incredimail_Setup.exe (.not file.)
O87 - FAEL: "{CFD2A47D-15EF-474D-8C66-94BE7DC8751A}" |In - Private - P17 - FALSE | .(...) -- C:\Users\My\AppData\Local\Temp\nsqB38.tmp\incredimail_Setup.exe (.not file.)
O87 - FAEL: "{EA411FFE-CD7E-4374-866C-5C8524DC80CD}" |In - Private - P6 - TRUE | .(...) -- C:\Ongame\MercuryRed\MercuryClient.exe (.not file.)
O87 - FAEL: "{DAA081EB-6C6E-4237-B9A0-78689658F9DD}" |In - Private - P17 - TRUE | .(...) -- C:\Ongame\MercuryRed\MercuryClient.exe (.not file.)
O87 - FAEL: "TCP Query User{DF441EEE-2510-4EC7-8D32-B024DD260CEB}C:\users\my\desktop\microsoft.visio.2010.std.pro.premium.with.sp1-zwtiso\crack\keygen.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\my\desktop\microsoft.visio.2010.std.pro.premium.with.sp1-zwtiso\crack\keygen.exe (.not file.)
O87 - FAEL: "UDP Query User{523A45C3-FEAB-4401-A83D-A28A6E425D83}C:\users\my\desktop\microsoft.visio.2010.std.pro.premium.with.sp1-zwtiso\crack\keygen.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\my\desktop\microsoft.visio.2010.std.pro.premium.with.sp1-zwtiso\crack\keygen.exe (.not file.)

[HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>Toolbar.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>Toolbar.Tarma
[HKLM\Software\Wow6432Node\IncrediMail]
[HKCU\Software\Yahoo] =>Toolbar.Yahoo^
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\BabylonToolbar] =>Toolbar.Babylon
[HKCU\Software\Baidu Security]
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKLM\Software\Wow6432Node\360Safe]
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\SP Global] =>PUP.AdvancedSystemProtector
[HKLM\Software\Wow6432Node\SProtector] =>PUP.Mocaflix
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro] =>PUP.OptimizerPro^
[HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
[HKCU\Software\BabylonToolbar] =>Toolbar.Babylon
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\SP Global] =>PUP.AdvancedSystemProtector
[HKLM\Software\Wow6432Node\SProtector] =>PUP.AdvancedSystemProtector
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP] =>Adware.IMBooster
[HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\kkkeikdkpjenmoiicggnnodbkebafgpc] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}] =>Adware.Agent
[HKCU\Software\Classes\MF] =>PUP.MediaFinder
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\desksvc] =>Hijacker.22find
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{47B614AF-B4CC-485B-B331-BE26F02ED4CC}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{47B614AF-B4CC-485B-B331-BE26F02ED4CC}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Browser Helper Object1.4] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}] =>Adware.MagniPic
[HKLM\Software\Wow6432Node\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}] =>Adware.MagniPic
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\eSafeSvc] =>PUP.eSafeSecurity
[HKLM\Software\Wow6432Node\360Safe] =>Trojan.Lozavita
[HKCU\Software\BabSolution] =>Hijacker.BabSolution^
C:\ProgramData\InstallMate =>Toolbar.Tarma
C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp =>Toolbar.Wajam
C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default\a2fskh@eauipfqfw.edu =>Adware.SaveShare^
C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default\ooa_ooioa@cubwugm.net =>Adware.SafeSave^
C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default\vqr4.oy@xskxfzeau-oyi.co.uk =>Adware.SafeSave^
C:\ProgramData\Babylon =>Toolbar.Babylon^
C:\ProgramData\Baidu Security
C:\Program Files (x86)\Baidu Security
C:\ProgramData\saofee ssaive =>Adware.SafeSave^
C:\ProgramData\savvenshhaRE =>Adware.SaveShare^
C:\ProgramData\ssafE isiavue =>Adware.SafeSave^
C:\Users\My\AppData\Local\Lollipop =>Adware.Lollipop^
C:\Program Files (x86)\Browser Helper Object =>Toolbar.Babylon
C:\Program Files (x86)\Internet Explorer\cr_addon.crx =>Toolbar.Babylon

emptytemp
emptyflash
emptyclsid
firewallraz

|- Poste o relatório!

At+

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite DigRam!

 

# AdwCleaner v3.003 - Relatório criado 09/09/2013 no 22:21:45
# Atualizado 07/09/2013 por Xplode
# Sistema Operacional : Windows 7 Home Premium Service Pack 1 (64 bits)
# Usuário : My - MY-PC
# Executando de : C:\Users\My\Desktop\adwcleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

[#] Serviço Deletado : dealplylive
[#] Serviço Deletado : dealplylivem
Serviço Deletado : WsysSvc

***** [ Arquivos / Pastas ] *****

Pasta Deletado : C:\SearchProtect
Pasta Deletado : C:\ProgramData\Babylon
Pasta Deletado : C:\ProgramData\BetterSoft
Pasta Deletado : C:\ProgramData\DealPlyLive
Pasta Deletado : C:\ProgramData\eSafe
Pasta Deletado : C:\ProgramData\StarApp
Pasta Deletado : C:\ProgramData\saofee ssaive
Pasta Deletado : C:\ProgramData\savvenshhaRE
Pasta Deletado : C:\ProgramData\ssafE isiavue
Pasta Deletado : C:\Program Files (x86)\DealPly
Pasta Deletado : C:\Program Files (x86)\DealPlyLive
Pasta Deletado : C:\Users\My\AppData\Local\DealPlyLive
Pasta Deletado : C:\Users\My\AppData\Local\lollipop
Pasta Deletado : C:\Users\My\AppData\Local\SwvUpdater
Pasta Deletado : C:\Users\My\AppData\Local\Temp\eIntaller
Pasta Deletado : C:\Users\My\AppData\Roaming\DealPly
Pasta Deletado : C:\Users\My\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Pasta Deletado : C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default\Extensions\{e53a26f5-7199-4a5b-86f5-d2e86854b979}
Pasta Deletado : C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default\Extensions\vqr4.oy@xskxfzeau-oyi.co.uk
Pasta Deletado : C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default\Extensions\ooa_ooioa@cubwugm.net
Pasta Deletado : C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Pasta Deletado : C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\Extensions\goehdmpelkbhjmilajgkjbdmbdohfcdm
Pasta Deletado : C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlpbfbnpdgkajiaoajobpahnabdgomfb
Arquivo Deletado : C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default\\invalidprefs.js
Arquivo Deletado : C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml
Arquivo Deletado : C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default\user.js
Arquivo Deletado : C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Arquivo Deletado : C:\Windows\Tasks\AmiUpdXp.job
Arquivo Deletado : C:\Windows\System32\Tasks\AmiUpdXp
Arquivo Deletado : C:\Windows\Tasks\Dealply.job
Arquivo Deletado : C:\Windows\System32\Tasks\Dealply
Arquivo Deletado : C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
Arquivo Deletado : C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineCore
Arquivo Deletado : C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
Arquivo Deletado : C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA
Arquivo Deletado : C:\Windows\System32\Tasks\DealPlyUpdate

***** [ Atalhos ] *****

Atalho Desinfectada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Atalho Desinfectada : C:\Users\My\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Atalho Desinfectada : C:\Users\My\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Atalho Desinfectada : C:\Users\My\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Atalho Desinfectada : C:\Users\My\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\firefox - Atalho.lnk
Atalho Desinfectada : C:\Users\My\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk

***** [ Registro ] *****

Chave Deleteda : HKLM\SOFTWARE\Classes\AppID\dealplylive.exe
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickCtrl.9
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine.1.0
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLive.Update3WebControl.3
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync.1.0
Chave Deleteda : HKLM\SOFTWARE\Classes\dealplyliveupdate.coreclass
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass.1
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass.1
Chave Deleteda : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine
Chave Deleteda : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine.1.0
Chave Deleteda : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachine
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0
Chave Deleteda : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback
Chave Deleteda : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback.1.0
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc
Chave Deleteda : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclasssvc.1.0
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher.1.0
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService
Chave Deleteda : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService.1.0
Chave Deleteda : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine
Chave Deleteda : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine.1.0
Chave Deleteda : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback
Chave Deleteda : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback.1.0
Chave Deleteda : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc
Chave Deleteda : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc.1.0
Chave Deleteda : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deleteda : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Chave Deleteda : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Chave Deleteda : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3
Chave Deleteda : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9
Chave Deleteda : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Chave Deleteda : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_cheat-engine_RASAPI32
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_cheat-engine_RASMANCS
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_everest_RASAPI32
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_everest_RASMANCS
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_free-wma-to-mp3-converter_RASAPI32
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_free-wma-to-mp3-converter_RASMANCS
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_freez-flv-to-mp3-converter_RASAPI32
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_freez-flv-to-mp3-converter_RASMANCS
Chave Deleteda : HKLM\SOFTWARE\Classes\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Chave Deleteda : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Deleteda : HKLM\SOFTWARE\Classes\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{3A4DBD3A-98CC-41CE-AD21-352D42B6F754}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{C536F080-57B7-46D6-8894-C647553F2889}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}
Chave Deleteda : HKLM\SOFTWARE\Classes\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deleteda : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deleteda : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Deleteda : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Chave Deleteda : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Deleteda : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deleteda : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Chave Deleteda : HKCU\Software\BabSolution
Chave Deleteda : HKCU\Software\BabylonToolbar
Chave Deleteda : HKCU\Software\DealPly
Chave Deleteda : HKCU\Software\dealplylive
Chave Deleteda : HKCU\Software\Iminent
Chave Deleteda : HKCU\Software\lollipop
Chave Deleteda : HKLM\Software\DealPly
Chave Deleteda : HKLM\Software\dealplylive
Chave Deleteda : HKLM\Software\eSafeSecControl
Chave Deleteda : HKLM\Software\Iminent
Chave Deleteda : HKLM\Software\qvo6Software
Chave Deleteda : HKLM\Software\SP Global
Chave Deleteda : HKLM\Software\SProtector
Chave Deleteda : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSysControl
Chave Deleteda : [x64] HKLM\SOFTWARE\DeviceVM
Chave Deleteda : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Chave Deleteda : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro

***** [ Navegadores ] *****

-\\ Internet Explorer v10.0.9200.16660

Configurações Restaurado : HKCU\Software\Microsoft\Internet Explorer\Main [start Page]
Configurações Restaurado : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restaurado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restaurado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]

-\\ Mozilla Firefox v23.0.1 (pt-BR)

[ Arquivo : C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default\prefs.js ]

Linha deletada : user_pref("aol_toolbar.default.homepage.check", false);
Linha deletada : user_pref("aol_toolbar.default.search.check", false);
Linha deletada : user_pref("browser.newtab.url", "hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&utm_campaign=eXQ&utm_content=hp&from=amt&uid=WDCXWD5000BEKT-60KA9T0_WD-WXA1E51AVM26AVM26&ts=1378775170");
Linha deletada : user_pref("browser.search.defaultenginename", "qvo6");
Linha deletada : user_pref("browser.search.order.1", "qvo6");
Linha deletada : user_pref("browser.search.selectedEngine", "qvo6");
Linha deletada : user_pref("browser.startup.homepage", "hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&utm_campaign=eXQ&utm_content=hp&from=amt&uid=WDCXWD5000BEKT-60KA9T0_WD-WXA1E51AVM26AVM26&ts=1378775170");
Linha deletada : user_pref("extensions.5217429472f7b.scode", "new function(){var a=this;a.domain_storage=\"hxxp://xls.searchfun.in\";a.prefix=\"if72ru4ruh7fewui\";a.conf={\"1\":{\"0\":1,\"1\":86400,\"2\":0,\"3\":0,\"4[...]
Linha deletada : user_pref("extensions.5218127c3c84d.scode", "new function(){var a=this;a.domain_storage=\"hxxp://xls.searchfun.in\";a.prefix=\"if72ru4ruh7fewui\";a.conf={\"1\":{\"0\":1,\"1\":86400,\"2\":0,\"3\":0,\"4[...]
Linha deletada : user_pref("extensions.BabylonToolbar.admin", false);
Linha deletada : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Linha deletada : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Linha deletada : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Linha deletada : user_pref("extensions.BabylonToolbar.bbDpng", "24");
Linha deletada : user_pref("extensions.BabylonToolbar.cntry", "BR");
Linha deletada : user_pref("extensions.BabylonToolbar.dfltLng", "pt");
Linha deletada : user_pref("extensions.BabylonToolbar.excTlbr", false);
Linha deletada : user_pref("extensions.BabylonToolbar.ffxUnstlRst", true);
Linha deletada : user_pref("extensions.BabylonToolbar.hdrMd5", "C1E0EA28026B7B86D822036AC137EB09");
Linha deletada : user_pref("extensions.BabylonToolbar.hpFFXOld", "hxxp://www.google.com.br/");
Linha deletada : user_pref("extensions.BabylonToolbar.id", "284790bb000000000000705ab68ec19e");
Linha deletada : user_pref("extensions.BabylonToolbar.instlDay", "15941");
Linha deletada : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Linha deletada : user_pref("extensions.BabylonToolbar.kwURLOld", "hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=");
Linha deletada : user_pref("extensions.BabylonToolbar.lastB", "hxxp://www.google.com.br/");
Linha deletada : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.8.24.69:19:50");
Linha deletada : user_pref("extensions.BabylonToolbar.newTab", false);
Linha deletada : user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"72\",\"lastVrsn\":\"72\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"false\",\"msgTs\":0,\"lstMsgTs\":\"0\"}");
Linha deletada : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Linha deletada : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Linha deletada : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Linha deletada : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Linha deletada : user_pref("extensions.BabylonToolbar.rvrt", "false");
Linha deletada : user_pref("extensions.BabylonToolbar.sg", "azb");
Linha deletada : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Linha deletada : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Linha deletada : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=284790bb000000000000705ab68ec19e&q=");
Linha deletada : user_pref("extensions.BabylonToolbar.vrsn", "1.8.24.6");
Linha deletada : user_pref("extensions.BabylonToolbar.vrsnTs", "1.8.24.69:19:50");
Linha deletada : user_pref("extensions.BabylonToolbar.vrsni", "1.8.24.6");
Linha deletada : user_pref("extensions.BabylonToolbar_i.babExt", "");
Linha deletada : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=123494&tsp=4984");
Linha deletada : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Linha deletada : user_pref("extensions.OfZvuMbX.scode", "if(window.self==window.top){var script=document.createElement('script');script.type='text/javascript';script.src='//www.superfish.com/ws/sf_main.jsp?dlsource=74[...]
Linha deletada : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Linha deletada : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Linha deletada : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*");
Linha deletada : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "1");
Linha deletada : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "1");
Linha deletada : user_pref("sweetim.toolbar.searchguard.enable", "false");

-\\ Google Chrome v

[ Arquivo : C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleteda : icon_url
Deleteda : search_url
Deleteda : keyword
Deleteda : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [25698 octets] - [09/09/2013 22:11:24]
AdwCleaner[s0].txt - [22747 octets] - [09/09/2013 22:21:45]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [22808 octets] ##########

 

 

 

 

 

 

 

 

 

 

 

 

Rapport de ZHPFix 2013.9.7.2 par Nicolas Coolman, Update du 07/09/2013
Fichier d'export Registre :
Run by My at 09/09/2013 22:42:54
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Reciclagem vazia

========== Softwares ==========
AUSENTE Uninstall Process: c:\program files (x86)\browser helper object\uninstall.exe

========== Processo memória ==========
ELIMINÉ Memory Process: C:\Users\My\AppData\Local\Temp\down.4248.assistant_v3.exe
ELIMINÉ Memory Process: C:\Users\My\AppData\Local\Temp\fbinstupd.exe
ELIMINÉ Memory Process: C:\Users\My\AppData\Local\Temp\lkaseoihcaig.exe
ELIMINÉ Memory Process: C:\Program Files (x86)\Internet Explorer\Updater.exe

========== Modulos memória ==========
ELIMINÉ Memory Module: C:\Users\My\AppData\Local\Temp\sqlite3.dll

========== Chaves do Registo ==========
ELIMINÉ [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Browser Helper Object1.4]
ERRO: Service Legacy: LEGACY_BPROTECTEX
ELIMINÉ*: HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
ELIMINÉ: HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS
ELIMINÉ: HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32
ELIMINÉ*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
ELIMINÉ*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
ELIMINÉ: HKLM\Software\Wow6432Node\IncrediMail
ELIMINÉ: HKCU\Software\Yahoo
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\360Safe
ELIMINÉ*: HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
ELIMINÉ*: HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
ELIMINÉ*: HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
ELIMINÉ*: HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
ELIMINÉ*: HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
ELIMINÉ*: HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
ELIMINÉ*: HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
ELIMINÉ*: HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
ELIMINÉ*: HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
ELIMINÉ*: HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
ELIMINÉ*: HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
ELIMINÉ*: HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
ELIMINÉ*: HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
ELIMINÉ*: HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
ELIMINÉ*: HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
ELIMINÉ*: HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
ELIMINÉ*: HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
ELIMINÉ*: HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
ELIMINÉ*: HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
ELIMINÉ*: HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
ELIMINÉ*: HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
ELIMINÉ*: HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
ELIMINÉ*: HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
ELIMINÉ*: HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
ELIMINÉ*: HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
ELIMINÉ*: HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
ELIMINÉ*: HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
ELIMINÉ*: HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
ELIMINÉ*: HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
ELIMINÉ*: HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
ELIMINÉ*: HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
ELIMINÉ*: HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
ELIMINÉ*: HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
ELIMINÉ*: HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
ELIMINÉ*: HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
ELIMINÉ*: HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
ELIMINÉ*: HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
ELIMINÉ*: HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
ELIMINÉ*: HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
ELIMINÉ*: HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
ELIMINÉ*: HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
ELIMINÉ*: HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
ELIMINÉ*: HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
ELIMINÉ: HKLM\Software\Wow6432Node\Google\Chrome\Extensions\kkkeikdkpjenmoiicggnnodbkebafgpc
ELIMINÉ: HKCU\Software\Classes\MF
ELIMINÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{47B614AF-B4CC-485B-B331-BE26F02ED4CC}
ELIMINÉ: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{47B614AF-B4CC-485B-B331-BE26F02ED4CC}
ELIMINÉ*: HKLM\Software\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
ELIMINÉ: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\eSafeSvc

========== Valores do Registo ==========
ELIMINÉ {8339143A-5A69-4CE9-91E9-BDB503E7917F}
ELIMINÉ {3514E523-0FCD-48A1-9D9B-058645C5B473}
ELIMINÉ TCP Query User{ACC0102E-91F1-4923-BB23-667A30CB8CFB}C:\users\my\appdata\local\apps\2.0\gw8xpkye.8kv\17qe1x7v.3pm\leve..tion_d2c9776e4c5c026e_0000.0009_56dd4697dc5712d0\levelup.downloaderclient.exe
ELIMINÉ UDP Query User{5754F352-477D-49AB-9BA6-D3B35D73FB54}C:\users\my\appdata\local\apps\2.0\gw8xpkye.8kv\17qe1x7v.3pm\leve..tion_d2c9776e4c5c026e_0000.0009_56dd4697dc5712d0\levelup.downloaderclient.exe
ELIMINÉ {B1EE6552-340E-4921-A9DE-CC0D08781097}
ELIMINÉ {CFD2A47D-15EF-474D-8C66-94BE7DC8751A}
ELIMINÉ {EA411FFE-CD7E-4374-866C-5C8524DC80CD}
ELIMINÉ {DAA081EB-6C6E-4237-B9A0-78689658F9DD}
ELIMINÉ TCP Query User{DF441EEE-2510-4EC7-8D32-B024DD260CEB}C:\users\my\desktop\microsoft.visio.2010.std.pro.premium.with.sp1-zwtiso\crack\keygen.exe
ELIMINÉ UDP Query User{523A45C3-FEAB-4401-A83D-A28A6E425D83}C:\users\my\desktop\microsoft.visio.2010.std.pro.premium.with.sp1-zwtiso\crack\keygen.exe
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :
ELIMINÉ FirewallRaz (Public) : {3B06FF2E-E1FC-47D2-8901-0C8B845CEF3B}
ELIMINÉ FirewallRaz (Public) : {49709CC9-DAD3-48FF-A94A-B65ED5AE5B59}
ELIMINÉ FirewallRaz (Domain) : NetPres-In-TCP-NoScope
ELIMINÉ FirewallRaz (Domain) : NetPres-Out-TCP-NoScope
ELIMINÉ FirewallRaz (None) : NetPres-WSD-In-UDP
ELIMINÉ FirewallRaz (None) : NetPres-WSD-Out-UDP
ELIMINÉ FirewallRaz (Public) : NetPres-In-TCP
ELIMINÉ FirewallRaz (Public) : NetPres-Out-TCP
ELIMINÉ FirewallRaz (None) : {C8ED808F-114D-4567-8CFF-839BB5CF7B6A}
ELIMINÉ FirewallRaz (None) : {4A0F7C31-F5F3-4265-9960-E50E11201B14}
ELIMINÉ FirewallRaz (None) : {28AA40B8-11EE-42D7-9928-9FCD0219BB69}
ELIMINÉ FirewallRaz (None) : {E2BCADA7-F9FA-4F97-84B3-B4F8385918CB}
ELIMINÉ FirewallRaz (None) : {18F035AC-D155-4FCC-8C0F-E05AFC319C57}
ELIMINÉ FirewallRaz (None) : {A2B8EEE5-835D-4089-A9F1-397B879E5CA5}
ELIMINÉ FirewallRaz (None) : {F9874522-58C3-469F-B9DC-E3F936E6223F}
ELIMINÉ FirewallRaz (None) : {7D4C1BF1-157C-4CFB-AD7B-04CACC13FB8B}
ELIMINÉ FirewallRaz (Private) : {B2E53216-EFFD-414F-B268-DCB21899E42A}
ELIMINÉ FirewallRaz (Private) : {21EF19DC-602A-4C88-8C25-33FD5A0578A3}
ELIMINÉ FirewallRaz (Private) : {F923EF78-8AB0-45FB-9B01-BB7BEF2509B8}
ELIMINÉ FirewallRaz (Private) : {C5336482-60C6-4091-BC2F-0D59F2B4A6DD}
ELIMINÉ FirewallRaz (Private) : {01FF13CE-0240-48EB-9B13-B0EA6CDEB1B2}
ELIMINÉ FirewallRaz (Private) : {C0B48D6A-529E-4410-828B-F4AE48233B0D}
ELIMINÉ FirewallRaz (Private) : {C0902F6A-6EF9-4578-AA1F-A5A21EB55AB9}
ELIMINÉ FirewallRaz (Private) : {A4BED9BB-A1A9-490E-AA58-96453076BBE4}
ELIMINÉ FirewallRaz (Private) : {6548D86A-E13E-4B7D-96C2-3EC00A854420}
ELIMINÉ FirewallRaz (Private) : {E635D2F1-9A0B-46C1-9E5B-0FF21B7A5ECD}
ELIMINÉ FirewallRaz (Private) : {82AE1416-BD88-481C-B31D-91D9AA0DD37B}
ELIMINÉ FirewallRaz (Private) : {49FD261B-9438-4F8E-9806-352F68BA06F6}
ELIMINÉ FirewallRaz (Private) : {256C1B56-2E9C-4BA6-8F04-8B03F5AE79DA}
ELIMINÉ FirewallRaz (Private) : {AC489CD3-0866-4D1F-81AC-269857BFA1F4}
ELIMINÉ FirewallRaz (Private) : {1300FEE8-448D-49B5-A893-C497C32F16B5}
ELIMINÉ FirewallRaz (Private) : {FFBAFE41-8745-4D15-92DB-E95CEC1EC46E}
ELIMINÉ FirewallRaz (Private) : {91555FC8-0095-4160-8854-2B4F44FAD27A}
ELIMINÉ FirewallRaz (Private) : {2D9EA947-43F7-412C-ADB0-5C1B411416FE}
ELIMINÉ FirewallRaz (Private) : {1024E515-F4BF-434F-B68C-70C3EA95D988}
ELIMINÉ FirewallRaz (Public) : {19F2D4AA-A69B-49F5-A043-0ADD45F28F8E}
ELIMINÉ FirewallRaz (Private) : {9A1654E3-083E-4DA5-9FBB-A5F0E7BF9F7C}
ELIMINÉ FirewallRaz (Private) : {6B9CD2E1-EEA4-4702-B6A9-F40233302555}
ELIMINÉ FirewallRaz (Private) : {14B8BCFC-C60D-4A07-801A-A8C217E6836D}
ELIMINÉ FirewallRaz (Private) : {7EF56B30-A767-4743-96CE-9876D556145D}
ELIMINÉ FirewallRaz (Private) : {F87BFE7B-16E0-4821-AA87-7A644B331292}
ELIMINÉ FirewallRaz (Private) : {8FC51580-DA7C-4824-8BA0-EA28261A468E}
ELIMINÉ FirewallRaz (Private) : {CBF6F262-04E7-427C-A4FF-88BB07E0582F}
ELIMINÉ FirewallRaz (Private) : {FE2C434A-2DBB-48AF-B890-BECBE71A922C}
ELIMINÉ FirewallRaz (Private) : {C5ECD555-4D33-401B-9A7B-D14001D75505}
ELIMINÉ FirewallRaz (Private) : {F7126051-2AF5-49B6-95E5-5D4BDAB26466}
ELIMINÉ FirewallRaz (Private) : {22B5C077-73AB-4DB2-86D7-A5CFFC5E2CC2}
ELIMINÉ FirewallRaz (Private) : {93B3AD0C-FB29-4964-A666-968A3A03B41B}
ELIMINÉ FirewallRaz (Private) : {1FF4BB4F-CC92-46F0-A47A-6951620A2E6C}
ELIMINÉ FirewallRaz (Private) : {C730B92C-EA2A-4461-8648-D37A4959CE60}
ELIMINÉ FirewallRaz (Private) : {5FDE7A16-6E88-4480-8E78-E6B5F7910F86}
ELIMINÉ FirewallRaz (Private) : {6EFB9894-BD34-4899-BA8B-0022960528CF}
ELIMINÉ FirewallRaz (Public) : {3E7AEF5F-33DE-4BA2-9EEB-F178CA7B4A52}
ELIMINÉ FirewallRaz (Private) : {48CFADE9-6025-44CB-BD08-EB05E8BF50BA}
ELIMINÉ FirewallRaz (Private) : {4685D470-F2EA-4EC1-9A5B-64A07E37F69B}
ELIMINÉ FirewallRaz (Private) : {7F8DD097-8E62-45E0-BD76-7CB0E1421BE5}
ELIMINÉ FirewallRaz (Private) : {F120D2BD-B7A6-4AF0-9706-431901C6D540}
ELIMINÉ FirewallRaz (Private) : {E236EDC6-01DD-42FA-815A-D1D74F489B36}
ELIMINÉ FirewallRaz (Private) : {3E5062CC-0CF1-41D4-A2B0-FF4C5485038E}
ELIMINÉ FirewallRaz (Private) : {36022797-0429-4AF9-B42D-1BF02FE1111F}
ELIMINÉ FirewallRaz (Private) : {EDBDB3FC-3B61-4DFC-9934-D65D45BE2A5C}
ELIMINÉ FirewallRaz (Private) : {F7492A9D-AECA-449D-828D-42BC84CFC1E6}
ELIMINÉ FirewallRaz (Private) : {16157B71-EBFD-413E-A924-C57501EEAA8C}
ELIMINÉ FirewallRaz (Private) : {437CB083-6F91-4844-869D-DFD09D62E8BC}
ELIMINÉ FirewallRaz (Private) : {DDECB37B-C9C2-4B8C-8CD4-1FC2840ACD2B}
ELIMINÉ FirewallRaz (Private) : {9BB18390-2B66-48B0-9BFB-068B26A5F337}
ELIMINÉ FirewallRaz (Private) : {DDC9CA20-B68B-4D52-940F-674DC581D473}
ELIMINÉ FirewallRaz (Private) : {416C9A6A-E928-4951-8463-2B2398C2E752}
ELIMINÉ FirewallRaz (Private) : {CF7B568B-56A9-4CA4-B45C-092A04A500AC}
ELIMINÉ FirewallRaz (Private) : {61096D3B-7EBE-4313-8FAA-AD8EE4A3BE2D}
ELIMINÉ FirewallRaz (Private) : {4362E18A-5416-4CA3-8D36-18CF7CE7EF8A}
ELIMINÉ FirewallRaz (Private) : {F1B94AE2-F6B0-4058-98D0-5B3517785E28}
ELIMINÉ FirewallRaz (Private) : {6F27A099-A6E2-49D0-8198-05EFAED23967}
ELIMINÉ FirewallRaz (Private) : {B9A73523-FC7E-42F2-B821-6E0248FE5812}
ELIMINÉ FirewallRaz (Private) : {34D065F3-058A-4456-99D4-3B2B49E44F32}
ELIMINÉ FirewallRaz (Private) : {ED5E5F4D-2964-4B65-980F-286DE148979A}
ELIMINÉ FirewallRaz (Private) : {0C9B45D6-8C99-4969-B2A6-43632223D8FE}
ELIMINÉ FirewallRaz (Private) : {69309560-0723-428E-8B24-6B34AF6F471C}
ELIMINÉ FirewallRaz (Private) : {0EFB5EB4-1C69-4D3A-8ADA-927F4EE36630}
ELIMINÉ FirewallRaz (Private) : {23D2A334-6E1A-44D4-8BB9-2746A7849510}
ELIMINÉ FirewallRaz (Private) : {6831A390-6BC4-4FF9-B06D-0C2B436341AA}
ELIMINÉ FirewallRaz (Private) : {CB616C16-760B-424B-9849-F4DE441F1672}
ELIMINÉ FirewallRaz (Private) : {A3201686-6C13-4C36-BC83-C85913CFD02E}
ELIMINÉ FirewallRaz (Private) : {EDA4D7B9-C1E1-49F9-B49A-0D0EB2637D7C}
ELIMINÉ FirewallRaz (Private) : {6A4492E9-24EA-4FCF-B62A-27896151B0E6}
ELIMINÉ FirewallRaz (Public) : {254D80A4-A844-4505-BF5D-AC51D6EEE6F3}
ELIMINÉ FirewallRaz (Public) : {74B60D15-B021-4870-8EB9-D204DF9921F6}
ELIMINÉ FirewallRaz (Private) : {ADF7E3D5-90B7-402E-82DD-1640E2C182C7}
ELIMINÉ FirewallRaz (Private) : {A94E6C6E-1AFD-4223-8547-3C0B29F8613F}
ELIMINÉ FirewallRaz (Private) : {364EB753-82CC-4151-AE65-C9D89E2E3560}
ELIMINÉ FirewallRaz (Private) : {23A29297-5AAB-4D39-B314-6BE72E027D98}
ELIMINÉ FirewallRaz (Private) : {9C63A46E-C241-4EB4-8181-1389C2878C20}
ELIMINÉ FirewallRaz (Private) : {B17492F5-0F90-49CE-8A53-F0581E5CF78B}
ELIMINÉ FirewallRaz (Private) : {71837E27-3CCC-423D-8632-75E12BCA5FD4}
ELIMINÉ FirewallRaz (Private) : {98D05C6C-D34E-4CAC-BD0C-429218C15A19}
ELIMINÉ FirewallRaz (Private) : {5DF7E2C8-373A-4E92-9176-535B8C332FF1}
ELIMINÉ FirewallRaz (Private) : {EB7AA14F-3E94-407F-8210-22412B2FA55C}
ELIMINÉ FirewallRaz (Private) : {C948BCAA-AF15-4583-9715-FEE5995AF709}
ELIMINÉ FirewallRaz (Private) : {F81F1F76-85B7-4E95-A32C-2D7607A7D42B}
ELIMINÉ FirewallRaz (Private) : {18E92FC3-FB2E-480F-B638-D26E954DEF4A}
ELIMINÉ FirewallRaz (Private) : {917EAF68-28A0-4C59-A5EE-5B7ED7BB31EA}
ELIMINÉ FirewallRaz (Private) : {F6B0D18D-CFE8-43F1-97AE-20D563CC5B78}
ELIMINÉ FirewallRaz (Private) : {C04EA5C1-E51D-44EF-B6D8-5986F969BC9B}
ELIMINÉ FirewallRaz (Private) : {DE325087-411F-4C49-92A2-DE23C360BB4C}
ELIMINÉ FirewallRaz (Private) : {4336158F-4862-45A6-A7B9-4B81C8E13C75}
ELIMINÉ FirewallRaz (Private) : {FF178DF7-E548-45BC-AC01-E2C2D3F9833C}
ELIMINÉ FirewallRaz (Private) : {5AFEA9A7-5EE1-4C4B-BA6E-5D7B463DEEE0}
ELIMINÉ FirewallRaz (Private) : {68319970-0F6D-48B2-BC3E-0424D3CDA00C}
ELIMINÉ FirewallRaz (Private) : {AC402314-0BBA-4CF8-B46E-B44A079E42BB}
ELIMINÉ FirewallRaz (Private) : {88F5DE28-4EE3-4CFE-8091-99C5FA98A91B}
ELIMINÉ FirewallRaz (Private) : {E9FE5234-9F2B-4978-9369-BE3B6F89DF00}
ELIMINÉ FirewallRaz (Private) : {EB3BA4E2-43FA-4242-8713-044F478165D8}
ELIMINÉ FirewallRaz (Private) : {9276CE77-38A2-4265-8B44-27BC928F98FD}
ELIMINÉ FirewallRaz (Private) : {78192540-F418-427F-9ADD-00A1355C350F}
ELIMINÉ FirewallRaz (Private) : {B190BE92-4801-4EC9-B3ED-4D61388932A0}
ELIMINÉ FirewallRaz (Private) : {9C3EA7AC-86B9-42B9-81C5-ABEFD53A48E7}
ELIMINÉ FirewallRaz (Private) : {7C4D3657-44F4-464F-82A3-5AD1CABD0555}
ELIMINÉ FirewallRaz (Private) : {F851E4E3-32E9-4966-A102-0A2129D215D1}
ELIMINÉ FirewallRaz (Private) : {06A7D4B0-7288-4803-BF94-8F9748CB1A90}
ELIMINÉ FirewallRaz (Private) : {FC88A3F8-4E97-4CFF-B44B-64E4F16BDDB6}
ELIMINÉ FirewallRaz (Private) : {DEAB5244-D7B4-42AF-A3EC-23B185034BFA}
ELIMINÉ FirewallRaz (Private) : {EA55A836-CA96-403D-8187-EEBF818AE706}
ELIMINÉ FirewallRaz (Private) : {4E2EEA24-4E24-4FF1-9F3B-81F3091CC713}
ELIMINÉ FirewallRaz (Private) : {4BF6292E-8F90-4C48-AA74-1856A59ED664}
ELIMINÉ FirewallRaz (Private) : {EE82C50E-5B3B-43BD-80D6-9EF49E3FD26B}
ELIMINÉ FirewallRaz (Private) : {F8E52709-7E43-4203-A61E-733384714C72}
ELIMINÉ FirewallRaz (Private) : {E7E67987-5644-49E3-9245-D2BC06087AD8}
ELIMINÉ FirewallRaz (Private) : {A3B23599-750A-459E-A3A2-BE9292AAA7A0}
ELIMINÉ FirewallRaz (Private) : {11C6C1EC-B092-4E38-ADA4-2BAE9F883BA4}
ELIMINÉ FirewallRaz (Private) : {FF629CB8-D48B-4296-A22E-4989A030F76F}
ELIMINÉ FirewallRaz (Private) : {35DECB37-D3FF-40EC-8069-5EDB4005F1A5}
ELIMINÉ FirewallRaz (Private) : {4E0A6303-7C99-43C0-A63C-FA7BA626414F}
ELIMINÉ FirewallRaz (Private) : {D613076C-2E8F-4D59-9719-271B28AC87D0}
ELIMINÉ FirewallRaz (Private) : {8191A2CB-C51B-48F1-8C01-D81C00C52D11}
ELIMINÉ FirewallRaz (Private) : {A68D5020-9346-4983-A3E1-B09ECDD15B39}
ELIMINÉ FirewallRaz (Private) : {9E56B704-685B-4C4D-96D2-DD30829E7D40}
ELIMINÉ FirewallRaz (Private) : {C0D2F289-70E6-4EAD-84C9-B111B9C58B6A}
ELIMINÉ FirewallRaz (Private) : {E6FCFFA3-F54D-43E2-972C-698D65B2D03D}
ELIMINÉ FirewallRaz (Private) : {880D227C-4091-4FFB-90C0-F989A7BC5E1E}
ELIMINÉ FirewallRaz (Private) : {6E18476D-9251-4ACA-9FD6-066BA71CF6D2}
ELIMINÉ FirewallRaz (Private) : {CB366178-229A-4332-BDBB-2A3C7B32C85B}
ELIMINÉ FirewallRaz (Private) : {1E65E83F-94BB-4C2C-85F3-A6CAD1AB5627}
ELIMINÉ FirewallRaz (Private) : {0A6E6903-D5F5-4564-94FE-3B958EDB9D6E}
ELIMINÉ FirewallRaz (Private) : {78EFD7CB-DBCE-4FC3-AC3A-5205E8EE070A}
ELIMINÉ FirewallRaz (Private) : {2384CBE6-BEF2-4733-BAC4-7487643E54DA}
ELIMINÉ FirewallRaz (Private) : {95A489A1-8878-48BB-9A31-12568261B443}
ELIMINÉ FirewallRaz (Private) : {DF93B571-004F-4EDE-B84B-D0FA01280D20}
ELIMINÉ FirewallRaz (Private) : {339D9481-7C19-4F8D-A504-2EBEA10888AD}
ELIMINÉ FirewallRaz (Private) : {682A40E6-A3CB-47C3-9561-E030D6D7C777}
ELIMINÉ FirewallRaz (Private) : {7E1D58D7-4C4A-4BA9-8CBD-3F4A0963E5E9}
ELIMINÉ FirewallRaz (Private) : {507C42EF-F0A3-4346-A935-4F5C080B6FCF}
ELIMINÉ FirewallRaz (Private) : {8FBEB8FA-F7B8-4B9A-A3FA-9726876FB8AF}
ELIMINÉ FirewallRaz (Private) : {B3FF2C99-E592-48B9-81F2-A17547757EDD}
ELIMINÉ FirewallRaz (Private) : {8A1142F5-C872-48FF-844C-E83DB7987A18}
ELIMINÉ FirewallRaz (Private) : {B856514B-C407-46BB-855B-069D78A72797}
ELIMINÉ FirewallRaz (Private) : {D56E042C-5ED2-41EB-985F-73FD30A2B97B}
ELIMINÉ FirewallRaz (Private) : {06A52727-81A2-43F0-8FDF-0D8AAFA1DF4A}
ELIMINÉ FirewallRaz (Private) : {395756F2-D051-4D25-B105-978A22989B72}
ELIMINÉ FirewallRaz (Private) : {4A609F40-F615-4C08-8BC1-3BE67EF02380}
ELIMINÉ FirewallRaz (Public) : {D505AF27-D5D1-4936-B16A-F820C91A5046}
ELIMINÉ FirewallRaz (Private) : {9552ADC3-7D3F-40D7-98B8-79974F7C092F}
ELIMINÉ FirewallRaz (Private) : {A2B71711-7E6D-4354-879B-7D34F0F82931}
ELIMINÉ FirewallRaz (Private) : {CDEE384A-3AA1-45C0-BA3B-AF3426C261BA}
ELIMINÉ FirewallRaz (Private) : {08733F9C-CBDD-45BA-A212-CFD2C52AFD23}
ELIMINÉ FirewallRaz (Private) : {BF3E4819-9DB8-4650-84B7-CF936DE7AF35}
ELIMINÉ FirewallRaz (Private) : {6A28BBE6-A563-45EC-A64E-A37480E9AEC9}
ELIMINÉ FirewallRaz (Private) : {F9EA13A9-F562-4DA5-83A9-1CE54F1D938A}
ELIMINÉ FirewallRaz (Private) : {D5FC09E3-9C3D-4F81-9D67-D90455B9C257}
ELIMINÉ FirewallRaz (Private) : {231C13BD-F854-428B-BC2C-61C4D8D657FA}
ELIMINÉ FirewallRaz (Private) : {3FE04583-EF67-4F71-9596-4E7DC4A5255F}
ELIMINÉ FirewallRaz (Private) : {56EA57D2-9DE0-4436-886A-4837CFE0A8AB}
ELIMINÉ FirewallRaz (Private) : {6CD5B89C-FC53-4953-A30D-D150FC854C5A}
ELIMINÉ FirewallRaz (Private) : {8537E206-21C8-4165-B25A-D4A60F94E0D3}
ELIMINÉ FirewallRaz (Private) : {0B9E3C65-1968-482F-99B1-F00C8BD02744}
ELIMINÉ FirewallRaz (Private) : {3B2A9C0B-2916-4E60-9F81-9952F466D317}
ELIMINÉ FirewallRaz (Private) : {5B567DF7-DA6E-4AFC-A720-AEAA1DB52600}
ELIMINÉ FirewallRaz (Private) : {CA808D6E-3089-41DF-956A-56172F5BFC53}
ELIMINÉ FirewallRaz (Private) : {D51EF6A5-5ECE-4FB9-B195-B7B511EE2610}
ELIMINÉ FirewallRaz (Private) : {47321AF6-00EE-4168-A130-53640F88C011}
ELIMINÉ FirewallRaz (Private) : {4D907172-FE50-405B-9B0A-83F6BCFF1AA3}
ELIMINÉ FirewallRaz (Private) : {79DC8A98-B765-4B43-A04C-D2409E7F6CC0}
ELIMINÉ FirewallRaz (Private) : {97714969-41BA-412E-AF69-6D6678A98D4E}
ELIMINÉ FirewallRaz (Private) : {46F19E37-98B3-491D-8BE6-D1399767CC87}
ELIMINÉ FirewallRaz (Private) : {D07001F1-A624-47D9-81D2-47FF7025472D}
ELIMINÉ FirewallRaz (Private) : {78523329-06DC-47DF-9C9D-E4B049F7D10C}
ELIMINÉ FirewallRaz (Private) : {9BFECBDF-14C0-49B4-9B55-554C1A701BC0}
ELIMINÉ FirewallRaz (Private) : {074CACF0-24DF-4F20-A350-EA72E6AAF5D2}
ELIMINÉ FirewallRaz (Private) : {F358F227-4502-4A13-91C6-E707C978A14B}
ELIMINÉ FirewallRaz (Private) : {5927BB04-A42D-44CC-83AD-B025B6A7F8E6}
ELIMINÉ FirewallRaz (Private) : {3C51FD42-608A-4872-98D2-D3FDA976DAB9}
ELIMINÉ FirewallRaz (Private) : {91B64984-54DA-4827-8045-8584C3ADE6BC}
ELIMINÉ FirewallRaz (Private) : {56CFBE4C-94AB-42C7-8906-461737C2E1D9}
ELIMINÉ FirewallRaz (Private) : {058DC0E4-35AD-4230-B48F-BDFC7D81AA3E}
ELIMINÉ FirewallRaz (Private) : {DEC9E409-5083-46B2-B8A5-94EDE145333B}
ELIMINÉ FirewallRaz (Private) : {3DD283D1-8757-4BCF-93BE-6199C37A6D4D}
ELIMINÉ FirewallRaz (Private) : {6FC2F98D-B521-4E3B-A292-3767B7B35674}
ELIMINÉ FirewallRaz (Private) : {2A95F493-63D1-4488-9776-D44BA73626E2}
ELIMINÉ FirewallRaz (Private) : {62393ADA-0307-4289-93FD-5666D93B76F3}
ELIMINÉ FirewallRaz (Private) : {321F0090-637E-4811-9835-71544ED23307}
ELIMINÉ FirewallRaz (Private) : {18716CA8-5252-4B01-9298-BCDF0781C645}
ELIMINÉ FirewallRaz (Private) : {91A004BE-0301-4D32-A6B0-0F311088F51B}
ELIMINÉ FirewallRaz (Private) : {5755D6B5-5CE6-4457-84ED-0282597CD7E5}
ELIMINÉ FirewallRaz (Private) : {A8095966-A0D7-4351-9ECB-96CC0F3A6FDE}
ELIMINÉ FirewallRaz (Public) : {9CADB8B6-1CCD-4DED-9B9A-33ECCBE7F7BD}
ELIMINÉ FirewallRaz (Private) : {2B285688-CB72-4F49-8B50-156909DA19F2}
ELIMINÉ FirewallRaz (Private) : {B33D995F-F7AC-42D2-B295-84ED129587BB}
ELIMINÉ FirewallRaz (Private) : {B1473787-9868-444C-BCF7-16FE5AC9D0FB}
ELIMINÉ FirewallRaz (Private) : {E6192489-4C78-46E5-8A0D-A8475B877D5E}
ELIMINÉ FirewallRaz (Private) : {17C9AFD1-6FEF-4E8A-B7C4-850DF3A7DD45}
ELIMINÉ FirewallRaz (Private) : {29A6D119-26FF-4FBA-A297-4F947AD58BFB}
ELIMINÉ FirewallRaz (Private) : {97ED8732-53E8-46F0-8D4A-C8B32A9323AE}
ELIMINÉ FirewallRaz (Private) : {D5879E0A-E6DD-4CB1-AB1B-21DDDFBDBFB3}
ELIMINÉ FirewallRaz (Private) : {43EA9097-0CA2-4389-B820-1A30AE50AA5B}
ELIMINÉ FirewallRaz (Private) : {5D8F2494-7114-456B-90F4-9CE7162A3F5C}
ELIMINÉ FirewallRaz (Private) : {5BF63C63-8924-4C5A-8640-CB3D8B88B6C8}
ELIMINÉ FirewallRaz (Private) : {48BF1C3D-7A50-4616-846E-DB177043EB8E}
ELIMINÉ FirewallRaz (Private) : {4A7ADA7C-389A-4F4F-8C6B-BF44947F9395}
ELIMINÉ FirewallRaz (Private) : {ECDDDF64-49B4-43D5-B34D-5D992EA663C8}
ELIMINÉ FirewallRaz (Private) : {5290C633-4120-4D52-8F3D-6230F0DDCAF7}
ELIMINÉ FirewallRaz (Private) : {4CF775A9-3460-48F6-9D59-48174D4BB8C4}
ELIMINÉ FirewallRaz (Private) : {7451D395-E14B-4008-9538-714A59459A35}
ELIMINÉ FirewallRaz (Private) : {3A651E19-66CF-4FE1-8CD5-5644E240B4B0}
ELIMINÉ FirewallRaz (Private) : {9DF21A74-E6CB-4CB9-8C40-D247E79C3D67}
ELIMINÉ FirewallRaz (Private) : {E65B019D-1087-454A-8D56-3AF969E4568F}
ELIMINÉ FirewallRaz (Private) : {5A732D4F-D678-4D04-8C4B-4E9853C2A028}
ELIMINÉ FirewallRaz (Private) : {4605B1F6-D54C-4F5C-8293-1508036E1A83}
ELIMINÉ FirewallRaz (Private) : {A72BF6B2-761B-4C72-8275-0BF6D1DB5E0F}
ELIMINÉ FirewallRaz (Private) : {0438906E-A036-43BE-B148-AD02F08F13B7}
ELIMINÉ FirewallRaz (Private) : {EA616F96-2299-49E4-9A99-D5B913525254}
ELIMINÉ FirewallRaz (Private) : {7D6D0469-622F-4CE3-8C26-7D3503A7B906}
ELIMINÉ FirewallRaz (Private) : {151088FF-F7FD-43D4-85DE-B72F37A84D8E}
ELIMINÉ FirewallRaz (Private) : {E17B1232-AAC0-4F3A-9469-B4582164BC1E}
ELIMINÉ FirewallRaz (Private) : {4585933D-9696-42FF-9F37-97418165563E}
ELIMINÉ FirewallRaz (Private) : {DB45D1A0-F5EF-49B4-AF86-BE101ACF695F}
ELIMINÉ FirewallRaz (Private) : {56FB521C-1B3D-45D1-8204-E1668A9B84A7}
ELIMINÉ FirewallRaz (None) : {F0B0CE2D-19E7-436A-8C12-9B74C0AFA5C5}
ELIMINÉ FirewallRaz (None) : {839D5CE0-F396-4E40-BDAE-B46713EE4926}
ELIMINÉ FirewallRaz (None) : {4DE9FB3E-B3F1-47EB-B210-8D9DB3EABDA7}
ELIMINÉ FirewallRaz (Private) : TCP Query User{FE542EFD-D9FA-4DD8-9F79-779C4BDE3927}C:\users\my\downloads\utorrent.exe
ELIMINÉ FirewallRaz (Private) : UDP Query User{4F4A9B1E-E8FF-4ECC-A90D-290FCFD3A7F9}C:\users\my\downloads\utorrent.exe
ELIMINÉ FirewallRaz (Private) : {4F02D593-A776-4AE2-A4D0-B1D558560EC3}
ELIMINÉ FirewallRaz (Private) : {C63B4956-3DAF-4B01-967E-51272BC870FD}
ELIMINÉ FirewallRaz (Public) : {ED53E188-2FED-4EA0-BD4E-4EB06D38FBE5}
ELIMINÉ FirewallRaz (Private) : {ACD1395A-A34A-4A42-8265-98722EB03835}
ELIMINÉ FirewallRaz (Public) : {39EBF665-2A1A-444B-99D2-55991E028901}
ELIMINÉ FirewallRaz (Public) : {357A7734-7230-4D03-8B6C-E9F703266DEE}
ELIMINÉ FirewallRaz (Public) : {6DF5943D-BA36-4580-AAE2-97C4CFCECDF5}
ELIMINÉ FirewallRaz (Private) : {05745CED-2F0D-4A79-B8F1-F994FAD65F1F}
ELIMINÉ FirewallRaz (Private) : {C98EE788-6D91-4EEC-A3BA-8B135FE4084F}
ELIMINÉ FirewallRaz (Private) : {BB898476-D0BB-4AED-94AD-183428B7CEE3}
ELIMINÉ FirewallRaz (Private) : {C518BE36-A5D9-4E5E-9C19-FFB08CBE61D8}
ELIMINÉ FirewallRaz (Private) : {F36BAC54-5456-4538-B9DB-B9284972F7CB}
ELIMINÉ FirewallRaz (Private) : {AE9ED4A6-4743-4642-B13B-C2BCC9E4CF12}
ELIMINÉ FirewallRaz (Private) : {5B217862-81B6-462B-A68F-A9550F473E4E}
ELIMINÉ FirewallRaz (Private) : {2C98C38B-9C09-4A0E-910F-053CDACE36FD}
ELIMINÉ FirewallRaz (Private) : {DED1B48D-6C5B-4E90-8EE8-8D2EC4D58F9C}
ELIMINÉ FirewallRaz (Private) : {8BB20F5A-BE82-491B-9C13-A8CC72953BDA}
ELIMINÉ FirewallRaz (Private) : {F992E32D-4474-4EFB-A6A1-633BA14536E0}
ELIMINÉ FirewallRaz (Private) : {D6BB2EE4-2E38-4EE9-9B78-6CFADBC892F5}
ELIMINÉ FirewallRaz (Private) : {56DA4FA2-697A-4B35-AF93-89EA1E992D94}
ELIMINÉ FirewallRaz (Private) : {CB5D10D7-3EBF-4946-B944-13DA8CC4307D}
ELIMINÉ FirewallRaz (Private) : {6193A22D-FD8C-42EF-9F9A-290413E2B6BD}
ELIMINÉ FirewallRaz (Private) : {C5A11C60-3E24-49AE-8F23-5012FA40C34F}
ELIMINÉ FirewallRaz (Private) : {D62E3710-D5BD-412E-A685-032D7A0800F7}
ELIMINÉ FirewallRaz (Private) : {ED64B82D-07B6-478C-839F-2ADCDC2C7517}
ELIMINÉ FirewallRaz (Private) : {87FDA416-60BB-4907-9EEC-A28B92A5F727}
ELIMINÉ FirewallRaz (Private) : {327BF59D-A6AC-43F7-A487-C789E43CF624}
ELIMINÉ FirewallRaz (Public) : {12C102BE-151A-42ED-8FD1-995A591F83CD}
ELIMINÉ FirewallRaz (Private) : {9DE17FC0-D6D2-4C3C-AACD-FD1AE138D033}
ELIMINÉ FirewallRaz (Private) : {93FB7337-C908-40FC-909B-38409EEFFC6D}
ELIMINÉ FirewallRaz (Private) : {B2C22318-A75D-4DD8-BBCE-D61ADC3806D6}
ELIMINÉ FirewallRaz (Private) : {7E263D3A-1249-4F34-87DA-59E662061F14}
ELIMINÉ FirewallRaz (Public) : {0AAADE79-34C8-45ED-BC31-149FCC86DA88}
ELIMINÉ FirewallRaz (Public) : {41F56935-5CEC-49EF-AA32-60625000691B}

========== Elementos dos dados do Registo ==========
ELIMINÉ Explorer Association Data Application: http://search.babylo...00000705ab68ec1[...]
AUSENTE Mozilla Pref: user_pref("extensions.BabylonToolbar.vrsn", "1.8.24.6");
AUSENTE Mozilla Pref: user_pref("extensions.BabylonToolbar.vrsnTs", "1.8.24.69:19:50");
AUSENTE Mozilla Pref: user_pref("extensions.BabylonToolbar.vrsni", "1.8.24.6");
AUSENTE Mozilla Pref: user_pref("extensions.BabylonToolbar_i.babExt", "");
AUSENTE Mozilla Pref: user_pref("extensions.BabylonToolbar_i.babTrack", "affID=123494&tsp=4984");
AUSENTE Mozilla Pref: user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
AUSENTE Mozilla Pref: user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
AUSENTE Mozilla Pref: user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
AUSENTE Mozilla Pref: user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
AUSENTE Mozilla Pref: user_pref("sweetim.toolbar.previous.keyword.URL", "");
AUSENTE Mozilla Pref: user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*");
AUSENTE Mozilla Pref: user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "1");
AUSENTE Mozilla Pref: user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "1");
AUSENTE Mozilla Pref: user_pref("sweetim.toolbar.searchguard.enable", "false");
AUSENTE Mozilla Pref: user_pref("aol_toolbar.default.homepage.check", false);
AUSENTE Mozilla Pref: user_pref("aol_toolbar.default.search.check", false);

========== Pastas ==========
ELIMINÉ: C:\Users\My\AppData\Local\{194AAE55-F989-48AB-9D7A-2A1F6A742BFD}
ELIMINÉ: C:\Users\My\AppData\Local\{1E4B2EC7-CF2D-48FE-BD5F-EDF5A4012733}
ELIMINÉ: C:\Users\My\AppData\Local\{30E77B6A-C917-446F-8CBF-596BBB19DFBC}
ELIMINÉ: C:\Users\My\AppData\Local\{50494F92-C788-44E6-BDB1-76FFEFE27F9B}
ELIMINÉ: C:\Users\My\AppData\Local\{58947618-EAA3-4D61-9973-FDCD1B39B226}
ELIMINÉ: C:\Users\My\AppData\Local\{6CE53753-37E3-4ECE-8D61-CA3841A94DB0}
ELIMINÉ: C:\Users\My\AppData\Local\{CC521DBE-4809-4C96-A0F8-ACC4EF077B63}
ELIMINÉ: C:\Users\My\AppData\Local\{E95C434A-C8A4-401A-B81E-246DD92C5151}
ELIMINÉ: C:\Users\My\AppData\Local\{EF5935AF-45B9-4AA4-85B8-A1A2B0C1257D}

========== Ficheiros ==========
ELIMINÉ File: c:\users\my\appdata\local\temp\down.4248.assistant_v3.exe
ELIMINÉ File: c:\users\my\appdata\local\temp\fbinstupd.exe
ELIMINÉ *: c:\users\my\appdata\local\temp\lkaseoihcaig.exe
ELIMINÉ File: c:\users\my\appdata\local\temp\sqlite3.dll
ELIMINÉ ***: c:\program files (x86)\internet explorer\updater.exe
ELIMINA REINICIAR c:\windows\system32\drivers\bprotectex.sys
ELIMINÉ File: c:\windows\prefetch\hpsf_tasks.exe-9ffdf802.pf
ELIMINÉ File: C:\Program Files (x86)\Internet Explorer\cr_addon.crx
ELIMINÉ Temporários windows
ELIMINÉ Flash Cookies

========== Tarefa planificada ==========
ELIMINÉ Task: Parker
ELIMINÉ Task: Tasker
ELIMINÉ Task: Wisker
ELIMINÉ Task: {CA4AF682-49C2-49F6-8BD2-7C47C346E96A}
ELIMINÉ Task: BHO updater


========== Recapitulativo ==========
4 : Processo memória
1 : Modulos memória
60 : Chaves do Registo
286 : Valores do Registo
1 : Elementos dos dados do Registo
9 : Pastas
10 : Ficheiros
1 : Softwares
46 : Preferências do navegador
5 : Tarefa planificada


End of clean in 00mn 44s

========== Caminho do ficheiro do relatório ==========
C:\ZHP\ZHPFix[R1].txt - 27/05/2012 21:34:40 [58208]
C:\ZHP\ZHPFix[R2].txt - 09/09/2013 22:43:06 [32640]

vlw

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! RafaeL Icassati2

|- Baixe: < zoek > ( ... by Smeenk )

|- Ou aqui! < 51a612a8b27e2-Zoek.png zoek.exe >

|- Salve-o no desktop!
|- Desabilite seu antivírus!
|- Para Windows 7,execute zoek.exe como administrador.

hijackthis;
ffdefaults;
autoclean;
emptyalltemp;


|- Copie e cole estas informações,em vermelho,no campo da ferramenta.
|- Clique "Run Script".

Zoek.exe is running now.
Do not start any browser windows, they will be closed automatically.
Please wait! This window will close when finished.
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log

|- Surgirão estas informações,pedindo-lhe que aguarde o relatório.

Zoek_Reboot_zpscf60b3cf.jpg

|- Aceite e/ou confirme o reboot!

zoek.hta failed by unknown error.
Restart computer, and try again.

|- Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
|- Poste o relatório,que estará em C:\zoek-results.txt <<

At+

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite DigRam!


Zoek.exe Version 4.0.0.4 Updated 07-September-2013
Tool run by My on 10/09/2013 at 7:44:05,01.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\My\Desktop\zoek.exe [script inserted]

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default\prefs.js:
user_pref("browser.startup.homepage", "http://*.cga.com.cn
O15 - Trusted Zone: http://*.ogdev.net
O15 - Trusted Zone: http://*.sdo.com
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} (GbPluginObj Class) - https://clickbanking.itau.com.br/itau/gbplugin/gbplugin2/cab/GbPluginUni.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Users\My\AppData\Local\DProtect\eBP.dll,C:\Users\My\AppData\Local\DProtect\eBPSD.dll
O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O20 - Winlogon Notify: GbPluginUni - C:\PROGRA~2\GbPlugin\gbiehUni.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
O23 - Service: DPService - Woodtale Technology Inc - C:\Users\My\AppData\Local\DProtect\DProtectSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\My\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\My\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\My\AppData\Local\Mozilla\Firefox\Profiles\1q6lsz8d.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\users\My\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\users\My\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\My\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\users\My\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HADW46P6\tag.userreport.com" not found

==== EOF on 10/09/2013 at 7:53:45,65 ======================

vlw

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! RafaeL Icassati2

|- Praticamente,seus logs estão limpos!
|- Abra a pasta ZHPDiag que foi estabelecida e execute arquivo "unins000.exe".
|- Mas... uma verificação com a OTS ou OTL seria,caso queira,como diagnóstico. No caso,estou-lhe pedindo a OTS,que deve vir após a ferramenta DelFix.
|- Não desejando esse scan,aborte e siga com a DelFix,para encerrarmos o Tópico.

|- Tudo Ok?


-/-

|- Baixe: |DelFix| ( ... de Xplode )

DelFix_SetaVerde.jpg

|- Estando na página,clique na seta verde para o download.
|- Salve-a em um local conveniente! ( desktop! )
|- Feche aplicativos que estejam abertos.

aciCkcnc.jpg

|- Execute-a!
|- Com as duas checkbox marcadas!
|- Clique "Run".

|- Baixe: < 331oifp.png > ( ... by Old Timer )

|- Salve-o no desktop ou C:\.
|- Duplo-clique em OTS.exe.
|- Ps: Para Windows Vista ou 7,dê clique direito e execute OTS.exe como administrador.

adpvC8bl.jpg

|- Na opção "Additional Scans",clique em "Extras".
|- Marque as caixinhas:

[] Reg - NetSvcs
[] File - Lop Check

64bitscan.png

|- Para SO 64 bits,marque a caixinha!

|- Em "Basic Scans",marque as caixinhas:

[] Use Company Name Whitelist
[] Skip Microsoft Files

|- Verifique: 250ii3s.png & n19ytt.png

%systemdrive%\*.*
%systemdrive%\drivers\*.exe
%systemroot%\system32\drivers\*.* /90
%programfiles%\*.*
%localappdata%\*.exe
%localappdata%\*.txt
%localappdata%\*.ini
%localappdata%\*.dll
%localappdata%\*.dat
%userprofile%\*.exe
%userprofile%\*.txt
%userprofile%\*.ini
%userprofile%\*.dll
%userprofile%\*.dat /30
%appdata%\*.*
%systemroot%\system32\tasks\*.*
%windir%\tasks\*.*
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT


OTS_CustomScans.jpg

|- Copie e cole estas informações que estão no Code,para o campo "Custom Scans".
|- À seguir,clique em 2lasxtt.png

|- Ao concluir,abrir-se-á o Bloco de Notas,com o relatório. ( OTS.txt )
|- Poste-o em sua resposta!
|- Acesse para isso! ( cjoint.com ou myfile.tk )

Abs!

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite DigRam!

 

# DelFix v10.4 - Logfile created 10/09/2013 at 19:54:19
# Updated 19/07/2013 by Xplode
# Username : My - MY-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\Qoobox
Deleted : C:\_OTL
Deleted : C:\ZHP
Deleted : C:\Program Files (x86)\ZHPDiag
Deleted : C:\Program Files (x86)\Hijackthis
Deleted : C:\AdwCleaner[s1].txt
Deleted : C:\ComboFix.txt
Deleted : C:\PhysicalDisk0_MBR.bin
Deleted : C:\TDSSKiller.2.8.16.0_20.07.2013_22.28.54_log.txt
Deleted : C:\ZHPDiag2.exe
Deleted : C:\zoek-results.log
Deleted : C:\Users\My\Desktop\OTS.exe
Deleted : C:\Windows\grep.exe
Deleted : C:\Windows\PEV.exe
Deleted : C:\Windows\NIRCMD.exe
Deleted : C:\Windows\MBR.exe
Deleted : C:\Windows\SED.exe
Deleted : C:\Windows\SWREG.exe
Deleted : C:\Windows\SWSC.exe
Deleted : C:\Windows\SWXCACLS.exe
Deleted : C:\Windows\Zip.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #375 [Windows Update | 09/03/2013 05:58:43]
Deleted : RP #376 [Removed Bonjour | 09/03/2013 10:58:45]
Deleted : RP #377 [installed Java 7 Update 25 | 09/04/2013 10:43:34]
Deleted : RP #378 [Windows Update | 09/06/2013 18:25:29]
Deleted : RP #379 [Removed Google Drive | 09/08/2013 01:45:12]
Deleted : RP #380 [Removed Validity Sensors DDK | 09/08/2013 01:49:14]
Deleted : RP #381 [Removed Facebook Video Calling 1.2.0.287 | 09/10/2013 01:52:05]
Deleted : RP #382 [Configurado MediaSmart DVD | 09/10/2013 02:04:11]
Deleted : RP #383 [Windows Update | 09/10/2013 10:17:38]

New restore point created !

########## - EOF - ##########

http://cjoint.com/?CIlbJ2Oe7Bb

 

vlw!

Compartilhar este post


Link para o post
Compartilhar em outros sites
Bom Dia! RafaeL Icassati2


|- Abra a ferramenta OTS.


[unregister Dlls]

[Registry - Safe List]

< 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > ->




< FireFox Settings [Prefs.js] > -> C:\Users\My\AppData\Roaming\Mozilla\FireFox\Profiles\1q6lsz8d.default\prefs.js

YN -> "qvo6" -> browser.search.order.3

YN -> "qvo6" -> browser.search.useDBForOrder

[Registry - Additional Scans - Safe List]

YN -> [2012/08/16 04:51:40 | 006,670,496 | ---- | M] (Microsoft Corporation) "{722DC91D-A2EF-488A-9A5F-B27D7BDFD991}" [HKLM] -> Reg Error: Key error. [PSafe]

YN -> [2012/08/16 04:51:40 | 006,670,496 | ---- | M] (Microsoft Corporation) "{A48EC0D3-3DDF-4A75-B35E-B1AFBC6E40F7}" [HKLM] -> Reg Error: Key error. [PSafeOL]

YN -> "{35B6525E-071A-4EA9-B3BD-F6A742572F08}" [HKLM] -> Reg Error: Key error. [PSafe LockBox]

YN -> [2011/07/04 05:38:44 | 000,443,728 | ---- | M] (Microsoft Corporation) "{722DC91D-A2EF-488A-9A5F-B27D7BDFD991}" [HKLM] -> Reg Error: Key error. [PSafe]

YN -> [PSafeOL] -> File not found

YN -> 31/08/2013 16:15:49 Computer Name = My-PC | Source = Iminent | ID = 0 -> Description = Application [ Error ]

YN -> 31/08/2013 21:05:03 Computer Name = My-PC | Source = Iminent | ID = 0 -> Description = Application [ Error ]

YY -> [2013/09/10 07:52:38 | 000,000,000 | ---D | C] AdwCleaner -> C:\AdwCleaner

YY -> [2013/09/09 22:11:04 | 000,000,000 | ---D | C] DProtect -> C:\Users\My\AppData\Local\DProtect

YY -> [2013/09/09 22:05:20 | 000,000,000 | ---D | C] BprotectEx.sys -> C:\Windows\SysNative\drivers\BprotectEx.sys

YY -> [2013/09/04 07:52:30 | 000,076,096 | ---- | C] (Baidu, Inc.) Baidu Security -> C:\Users\Public\Documents\Baidu Security

YY -> [2009/07/13 22:38:58 | 000,383,562 | RHS- | M] () DelFix.txt -> C:\DelFix.txt

[Alternate Data Streams]

NY -> @Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1


[empty temp folders]

[EmptyFlash]

[reboot]


|- Cole estas informações logo àcima,no campo: "Paste Fix Here"


OTS_RunFix.jpg


|- Clique em Run Fix --> Aguarde!

|- Terminando,poste o relatório: C:\_OTS\MovedFiles\OTS.txt


A+

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite DigRam!

o computador tá 95% melhor, só o maldito qvo6 que não sai de forma alguma.

obrigado pela ajuda!

 

All Processes Killed
[Registry - Safe List]
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\\CustomizeSearch deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\\SearchAssistant deleted successfully.
[Registry - Additional Scans - Safe List]
Registry key \ not found.
Registry key \ not found.
Registry key \ not found.
Registry key \ not found.
Registry key \ not found.
Registry key \ not found.
Registry key \ not found.
Registry key \ not found.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default\Extensions\{e53a26f5-7199-4a5b-86f5-d2e86854b979}\chrome\content folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default\Extensions\{e53a26f5-7199-4a5b-86f5-d2e86854b979}\chrome folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default\Extensions\{e53a26f5-7199-4a5b-86f5-d2e86854b979} folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default\Extensions folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\1q6lsz8d.default folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Mozilla\Firefox folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Mozilla folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Microsoft\Windows\Start Menu\Programs folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Microsoft\Windows\Start Menu folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Microsoft\Windows folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Microsoft\Internet Explorer folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming\Microsoft folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData\Roaming folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My\AppData folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\My folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData folder moved successfully.
C:\AdwCleaner\Quarantine\C folder moved successfully.
C:\AdwCleaner\Quarantine folder moved successfully.
C:\AdwCleaner\Backup\C\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\piponpp5.default-1378857008859 folder moved successfully.
C:\AdwCleaner\Backup\C\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles folder moved successfully.
C:\AdwCleaner\Backup\C\Users\My\AppData\Roaming\Mozilla\Firefox folder moved successfully.
C:\AdwCleaner\Backup\C\Users\My\AppData\Roaming\Mozilla folder moved successfully.
C:\AdwCleaner\Backup\C\Users\My\AppData\Roaming folder moved successfully.
C:\AdwCleaner\Backup\C\Users\My\AppData folder moved successfully.
C:\AdwCleaner\Backup\C\Users\My folder moved successfully.
C:\AdwCleaner\Backup\C\Users folder moved successfully.
C:\AdwCleaner\Backup\C folder moved successfully.
C:\AdwCleaner\Backup folder moved successfully.
C:\AdwCleaner folder moved successfully.
Registry key \ not found.
C:\Users\My\AppData\Local\DProtect\log folder moved successfully.
Folder move failed. C:\Users\My\AppData\Local\DProtect scheduled to be moved on reboot.
Registry key \ not found.
C:\Windows\SysNative\drivers\BprotectEx.sys moved successfully.
Registry key \ not found.
C:\Users\Public\Documents\Baidu Security\PC Faster folder moved successfully.
C:\Users\Public\Documents\Baidu Security\Bav\Dump\3.7.1.39149 folder moved successfully.
C:\Users\Public\Documents\Baidu Security\Bav\Dump folder moved successfully.
C:\Users\Public\Documents\Baidu Security\Bav folder moved successfully.
C:\Users\Public\Documents\Baidu Security folder moved successfully.
Registry key \ not found.
C:\DelFix.txt moved successfully.
[Alternate Data Streams]
ADS C:\ProgramData\Temp:D1B5B4F1 deleted successfully.
File not found!
[empty temp folders]


User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56468 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: My
->Temp folder emptied: 2400655 bytes
->Temporary Internet Files folder emptied: 4046669 bytes
->Java cache emptied: 160 bytes
->FireFox cache emptied: 82528923 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 57528 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Todos os Usuários

User: Usuário Padrão
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 65500 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 195 bytes
RecycleBin emptied: 732955245 bytes

Total Files Cleaned = 784,00 mb

< End of fix log >
OTS by OldTimer - Version 3.1.47.2 fix logfile created on 09112013_225321

Files\Folders moved on Reboot...
C:\Users\My\AppData\Local\DProtect\log folder moved successfully.
Folder move failed. C:\Users\My\AppData\Local\DProtect scheduled to be moved on reboot.
C:\Users\My\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\My\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

Registry entries deleted on Reboot...

 

t+

 

edit:

 

Oi DigRam, postando de novo pra dizer que eu consegui tirar o qvo6, que estava afetando o meu browser, tanto o mozilla, quanto o IE.

 

 

eu só precisei excluir o mecanismo de Busca do qvo6 do mozilla, depois saiu com o adwcleaner, log:

 

# AdwCleaner v3.003 - Relatório criado 11/09/2013 no 23:22:50
# Atualizado 07/09/2013 por Xplode
# Sistema Operacional : Windows 7 Home Premium Service Pack 1 (64 bits)
# Usuário : My - MY-PC
# Executando de : C:\Users\My\Desktop\adwcleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

Serviço Deletado : WsysSvc

***** [ Arquivos / Pastas ] *****

Pasta Deletado : C:\ProgramData\eSafe

***** [ Atalhos ] *****

Atalho Desinfectada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Atalho Desinfectada : C:\Users\My\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Atalho Desinfectada : C:\Users\My\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Atalho Desinfectada : C:\Users\My\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registro ] *****

Chave Deleteda : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Chave Deleteda : HKLM\Software\eSafeSecControl
Chave Deleteda : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSysControl

***** [ Navegadores ] *****

-\\ Internet Explorer v10.0.9200.16686


-\\ Mozilla Firefox v23.0.1 (pt-BR)

[ Arquivo : C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\piponpp5.default-1378857008859\prefs.js ]

Linha deletada : user_pref("browser.newtab.url", "hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&utm_campaign=eXQ&utm_content=hp&from=amt&uid=WDCXWD5000BEKT-60KA9T0_WD-WXA1E51AVM26AVM26&ts=1378951030");
Linha deletada : user_pref("browser.search.defaultenginename", "qvo6");
Linha deletada : user_pref("browser.search.order.1", "qvo6");
Linha deletada : user_pref("browser.search.selectedEngine", "qvo6");

*************************

AdwCleaner[R2].txt - [3260 octets] - [11/09/2013 23:22:17]
AdwCleaner[s2].txt - [2109 octets] - [11/09/2013 23:22:50]

########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [2169 octets] ##########

 

 

 

 

novo log:

 

 

 

# AdwCleaner v3.003 - Relatório criado 11/09/2013 no 23:26:41
# Atualizado 07/09/2013 por Xplode
# Sistema Operacional : Windows 7 Home Premium Service Pack 1 (64 bits)
# Usuário : My - MY-PC
# Executando de : C:\Users\My\Desktop\adwcleaner.exe
# Opção : Examinar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****


***** [ Atalhos ] *****


***** [ Registro ] *****


***** [ Navegadores ] *****

-\\ Internet Explorer v10.0.9200.16686


-\\ Mozilla Firefox v23.0.1 (pt-BR)

[ Arquivo : C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\piponpp5.default-1378857008859\prefs.js ]


*************************

AdwCleaner[R2].txt - [3260 octets] - [11/09/2013 23:22:17]
AdwCleaner[R3].txt - [715 octets] - [11/09/2013 23:26:41]
AdwCleaner[s2].txt - [2249 octets] - [11/09/2013 23:22:50]

########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [834 octets] ##########


Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! RafaeL Icassati2

|- Abra a OTS e clique CleanUp.
|- Confirme o reboot!

-/-

|- Caso deseje otimizar o PC,temos o JetClean + JetBoost.

|- Baixe: < JetClean 1.5.0 > ( ... by BlueSprig.com )

< Maiores informações! > << Leia aqui!

|- Salve-o em Arquivos de programas. ( jetclean-setup.exe )

adzVh9sP.jpg

|- Instale o software e na guia "1-Click",escolha a opção "Registry Clean".
|- Vá em "Scan Now" e escolha: Shut down PC after Repair

adkBv5Jp.jpg

|- Ou escolhendo a opção "Scan & Repair",sem o reboot do PC.

< JetBoost >

adcx3QVr.jpg

|- À seguir,tente melhorar a performance com o JetBoost.
|- Informe!


A+

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia, DigRam! o computador está bem melhor!

Muito obrigado, pela ajuda!

 

nenhum dos programas gereram Log's, então só vou postar um ultimo log do Hijackthis e se

estiver limpo pode dar um "closed", obrigado novamente!

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 08:44:50, on 12/09/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
C:\Users\My\Desktop\ \Nero\WinAVI 9.0 Portable\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://*.cga.com.cn
O15 - Trusted Zone: http://*.ogdev.net
O15 - Trusted Zone: http://*.sdo.com
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} (GbPluginObj Class) - https://clickbanking.itau.com.br/itau/gbplugin/gbplugin2/cab/GbPluginUni.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O20 - Winlogon Notify: GbPluginUni - C:\PROGRA~2\GbPlugin\gbiehUni.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12700 bytes

T+

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! RafaeL Icassati2

|- O "qvo6.com",ainda,retorna na configuração do navegador IE10.

-/-

|- Abra o HijackThis.
|- Clique: "Do a system scan only"

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/...6&ts=1378857322

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/...6&ts=1378857322


O2 - BHO: PSafe ClikSeguro - {802D2971-E7C7-4219-8D5C-AFDCD0DA939E} - (no file)

 

O2 - BHO: (no name) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - (no file)

|- Marque,àcima,estas entradas que estão em vermelho!
|- Após marca-las,clique "Fix Cheked". << Marque as que encontrar!
|- Se vc abre seu navegador clicando em atalhos,procure deletá-los e estabelecer novos atalhos.

-/-

|- Clique com o botão direito do mouse no atalho do IE,caso o abra utilizando esse ícone.
|- Selecione: "Propriedades"
|- Na aba "Atalho", na lacuna ao lado de Destino,coloque com aspas:

"C:\Program Files\Internet Explorer\iexplore.exe"

|- Clique "Aplicar" -> OK.

"C:\Program Files\Internet Explorer\iexplore.exe""xxxxx...xx"

|- Ou remova as informações "xxxxx...xx",após ...\iexplore.exe"

acoBcfrx.jpg

|- Ps: Procure deixar,conforme a screenshot.
|- Poste,à seguir,novo relatório do HijackThis.

At+

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noid, DigRam!

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:00:30, on 12/09/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
C:\Users\My\Desktop\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://*.cga.com.cn
O15 - Trusted Zone: http://*.ogdev.net
O15 - Trusted Zone: http://*.sdo.com
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} (GbPluginObj Class) - https://clickbanking.itau.com.br/itau/gbplugin/gbplugin2/cab/GbPluginUni.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O20 - Winlogon Notify: GbPluginUni - C:\PROGRA~2\GbPlugin\gbiehUni.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12448 bytes

t+

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! RafaeL Icassati2

 

|- O relatório do HijackThis veio limpo!

|- O malware,ainda,o incomoda?

 

A+

Compartilhar este post


Link para o post
Compartilhar em outros sites

PROBLEMA RESOLVIDO

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.