[Resolvido] Maior parte de meus downloads vêm corrompidos

[FlinN-D 0]

Boa tarde,

 

Tenho um PC com 3 partições, uma para sistema operacional (Windows 7 Ultimate) e instalação de programas, uma para uso geral e outra para arquivamento de trabalhos. Há mais ou menos uma semana meus downloads têm vindo corrompidos, o download conclui, mas muitas vezes os arquivos estão corrompidos, para gerenciamento de downloads de arquivos grandes (filmes, séries, programas, etc...) uso o aplicativo FreeRapid Downloader 0.9u4 ou então o uTorrent e para download de arquivos pequenos (revistas, livros, músicas, etc...) uso o próprio Chrome ou Firefox, as uso vezes Internet Download Manager. Ontem usei o Malwarebytes e dei uma limpada em alguns arquivos, mas o problema ainda persiste (embora tenha diminuído a quantidade de arquivos que vêm corrompidos).

 

 

Abaixo segue o Log

 

 

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 14:02:55, on 02/08/2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17207)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Users\FlinN-D\AppData\Roaming\uTorrent\uTorrent.exe

C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files (x86)\Internet Download Manager\IDMan.exe

C:\Program Files (x86)\Baidu Security\PC App Store\4.5.1.6024\AppStoreUtilExe.exe

C:\Program Files (x86)\Autodesk\SketchBook Pro 6.2\SketchBookSnapshot.exe

C:\Program Files\AVAST Software\Avast\avastui.exe

C:\Users\FlinN-D\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

C:\Program Files (x86)\Bamboo Dock\BambooCore.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe

C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFTray.exe

C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\trolatunt\bin\trolatunt.BrowserAdapter.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

E:\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.hao123.com/?tn=smt_pay_hp_01_hao123_br

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll

O2 - BHO: CrossriderApp0054491 - {11111111-1111-1111-1111-110511441191} - C:\Program Files (x86)\Amazon Mini Saver\Amazon Mini Saver-bho.dll (file missing)

O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll

O2 - BHO: trolatunt - {59bc35cc-f3cb-4e2b-a21d-481d781207af} - C:\Program Files (x86)\trolatunt\trolatuntbho.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [baidu PC Faster 4.0.0.0] "C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe" -auto -start

O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [bambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [uTorrent] "C:\Users\FlinN-D\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [iDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')

O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SISTEMA')

O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')

O4 - Startup: Dropbox.lnk = C:\Users\FlinN-D\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

O4 - Global Startup: Monitor.lnk = C:\Program Files (x86)\USB Video Camera\Monitor.exe

O4 - Global Startup: SketchBook Snapshot.lnk = C:\Program Files (x86)\Autodesk\SketchBook Pro 6.2\SketchBookSnapshot.exe

O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Fazer o download de todos os links usando o IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm

O8 - Extra context menu item: Fazer o download usando o IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: c:\progra~2\ws6ca1~1.boo

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Corporation - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe

O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - Unknown owner - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe (file missing)

O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - Unknown owner - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe (file missing)

O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: Baidu PC App Store Service 4.5.1.6024 (PCAppStoreSvc_{PCAppStore_4.5.1.6024}) - Baidu Inc. - C:\Program Files (x86)\Baidu Security\PC App Store\4.5.1.6024\PCAppStoreSvc.exe

O23 - Service: Baidu PC Faster Service 4.0.0.0 (PCFasterSvc_{PCFaster_4.0.0.0}) - Baidu Inc. - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Update trolatunt - Unknown owner - C:\Program Files (x86)\trolatunt\updatetrolatunt.exe

O23 - Service: Util trolatunt - Unknown owner - C:\Program Files (x86)\trolatunt\bin\utiltrolatunt.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe

--

End of file - 14803 bytes

[Power Max 54]

Olá.

 

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:

http://www.bleepingcomputer.com/download/adwcleaner/

 

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

 

Remova adwares e toolbars maliciosas com o Adwcleaner

 

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[s0].txt

 

Ficamos na espera.

[FlinN-D 0]

Após passar a AdwCleaner e "limpar" como fala no tutorial acima citado este é o log.

 

 

# AdwCleaner v3.302 - Relatório criado 02/08/2014 às 21:46:59

# Atualizado 30/07/2014 por Xplode

# Sistema Operacional : Windows 7 Ultimate Service Pack 1 (64 bits)

# Usuário : FlinN-D - FLINN

# Executando de : C:\Users\FlinN-D\Desktop\AdwCleaner.exe

# Opção : Limpar

***** [ Serviços ] *****

[#] Serviço Deletada : globalUpdate

[#] Serviço Deletada : globalUpdatem

[#] Serviço Deletada : Update trolatunt

[#] Serviço Deletada : Util trolatunt

Serviço Deletada : {0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\apn

Pasta Deletada : C:\ProgramData\baidu

Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Widestream6

Pasta Deletada : C:\Program Files (x86)\baidu

Pasta Deletada : C:\Program Files (x86)\globalUpdate

[!] Pasta Deletada : C:\Program Files (x86)\trolatunt

Pasta Deletada : C:\Program Files (x86)\Widestream6

[!] Pasta Deletada : C:\Program Files (x86)\trolatunt

Pasta Deletada : C:\Users\Administrador\AppData\Local\torch

Pasta Deletada : C:\Users\Convidado\AppData\Local\torch

Pasta Deletada : C:\Users\FlinN-D\AppData\Local\globalUpdate

Pasta Deletada : C:\Users\FlinN-D\AppData\Local\torch

Pasta Deletada : C:\Users\FlinN-D\AppData\Local\widestream6 Air

Pasta Deletada : C:\Users\FlinN-D\AppData\Local\Temp\baidu

Pasta Deletada : C:\Users\FlinN-D\AppData\Roaming\baidu

Pasta Deletada : C:\Users\FlinN-D\AppData\Roaming\widestream

Pasta Deletada : C:\Users\FlinN-D\Documents\widestream

Pasta Deletada : C:\Users\Public\Documents\baidu

Pasta Deletada : C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\Extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com

Arquivo Deletada : C:\Windows\System32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys

Arquivo Deletada : C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\user.js

Arquivo Deletada : C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage

Arquivo Deletada : C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Tarefas ] *****

Tarefa Deletedo : globalUpdateUpdateTaskMachineCore

Tarefa Deletedo : globalUpdateUpdateTaskMachineUA

Tarefa Deletedo : 51eaaada-22fd-4ae7-aa37-cb5b8a63daaa-1

Tarefa Deletedo : 51eaaada-22fd-4ae7-aa37-cb5b8a63daaa-11

Tarefa Deletedo : 51eaaada-22fd-4ae7-aa37-cb5b8a63daaa-2

Tarefa Deletedo : 51eaaada-22fd-4ae7-aa37-cb5b8a63daaa-4

Tarefa Deletedo : 51eaaada-22fd-4ae7-aa37-cb5b8a63daaa-5

Tarefa Deletedo : 51eaaada-22fd-4ae7-aa37-cb5b8a63daaa-5_user

Tarefa Deletedo : 51eaaada-22fd-4ae7-aa37-cb5b8a63daaa-6

Tarefa Deletedo : 51eaaada-22fd-4ae7-aa37-cb5b8a63daaa-7

***** [ Atalhos ] *****

***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10

Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine

Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0

Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4

Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync

Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0

Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass

Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1

Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass

Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1

Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine

Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0

Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine

Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0

Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback

Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0

Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc

Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0

Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher

Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0

Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService

Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0

Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine

Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0

Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback

Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0

Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc

Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0

Chave Deletedo : HKLM\SOFTWARE\Classes\Widestream6.Spointer

Chave Deletedo : HKLM\SOFTWARE\Classes\Widestream6.Spointer.4

Chave Deletedo : HKLM\SOFTWARE\Classes\Widestream6.SpointerAdProvider

Chave Deletedo : HKLM\SOFTWARE\Classes\Widestream6.SpointerAdProvider.4

Chave Deletedo : HKLM\SOFTWARE\Classes\Widestream6.SpointerBanner

Chave Deletedo : HKLM\SOFTWARE\Classes\Widestream6.SpointerBanner.4

Chave Deletedo : HKLM\SOFTWARE\Classes\Widestream6.SpointerCtrl

Chave Deletedo : HKLM\SOFTWARE\Classes\Widestream6.SpointerWebDisp

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\APN_ATU3__RASAPI32

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\APN_ATU3__RASMANCS

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Widestream_RASAPI32

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Widestream_RASMANCS

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Widestream6-setup_RASAPI32

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Widestream6-setup_RASMANCS

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ForceRenive

Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10

Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4

Chave Deletedo : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{1a34a8e0}

Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0054491.BHO

Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0054491.BHO.1

Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0054491.Sandbox

Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0054491.Sandbox.1

Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}

Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{0B25FF79-796A-4C2E-B09B-7921065D8EF8}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1EB45B75-E889-42BE-B0C9-C8E0EE687052}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{606D89E9-C72A-4E4D-8D3A-142B2A74FF1B}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{60D7E8FC-8849-46E8-B352-5ABBAE0C48B4}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9B218861-1CAD-41E9-8105-1291A91CA488}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511441191}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522442291}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{59bc35cc-f3cb-4e2b-a21d-481d781207af}

Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0B25FF79-796A-4C2E-B09B-7921065D8EF8}

Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1EB45B75-E889-42BE-B0C9-C8E0EE687052}

Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2735FAF8-D5DC-41F6-8BDA-B3F4A828C3DF}

Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}

Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{54ADB4A4-6C88-4710-A227-820961B9981E}

Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{AC146D1D-7588-4F3F-8F1E-9500F90618A8}

Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B690A281-F7D4-4E0F-BA02-A12ADD86277B}

Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F42A2432-287D-4161-8C94-99C06BEE7A81}

Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F44202AE-BE61-41C8-AFEA-5E494EC7595B}

Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}

Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555445591}

Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566446691}

Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2D36C200-0855-4AEF-9004-51647E95F0BB}

Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{25B7FAD8-85B3-40A4-BBB8-22DBB95831E1}

Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{4FD0EE11-D5B1-41B1-A3BD-F537539804EE}

Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{5D82D8DD-B839-47C1-B8E0-AD754F949BB6}

Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}

Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544444491}

Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{e153ae67-d58a-406d-a93d-c353d665c7d5}

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511441191}

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59bc35cc-f3cb-4e2b-a21d-481d781207af}

Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511441191}

Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{59bc35cc-f3cb-4e2b-a21d-481d781207af}

Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110511441191}

Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{59bc35cc-f3cb-4e2b-a21d-481d781207af}

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{606D89E9-C72A-4E4D-8D3A-142B2A74FF1B}

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9B218861-1CAD-41E9-8105-1291A91CA488}

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}

Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511441191}

Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522442291}

Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0B25FF79-796A-4C2E-B09B-7921065D8EF8}

Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1EB45B75-E889-42BE-B0C9-C8E0EE687052}

Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2735FAF8-D5DC-41F6-8BDA-B3F4A828C3DF}

Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}

Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{54ADB4A4-6C88-4710-A227-820961B9981E}

Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{AC146D1D-7588-4F3F-8F1E-9500F90618A8}

Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B690A281-F7D4-4E0F-BA02-A12ADD86277B}

Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F42A2432-287D-4161-8C94-99C06BEE7A81}

Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F44202AE-BE61-41C8-AFEA-5E494EC7595B}

Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}

Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555445591}

Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566446691}

Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2D36C200-0855-4AEF-9004-51647E95F0BB}

Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511441191}

Chave Deletedo : HKCU\Software\b1.org

Chave Deletedo : HKCU\Software\GlobalUpdate

Chave Deletedo : HKCU\Software\InstalledBrowserExtensions

Chave Deletedo : HKCU\Software\WideStream

Chave Deletedo : HKCU\Software\trolatunt

Chave Deletedo : HKCU\Software\AppDataLow\Software\Crossrider

Chave Deletedo : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}

Chave Deletedo : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}

Chave Deletedo : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}

Chave Deletedo : HKLM\Software\AedgePerformanceBCN

Chave Deletedo : HKLM\Software\b1.org

Chave Deletedo : HKLM\Software\GlobalUpdate

Chave Deletedo : HKLM\Software\InstalledBrowserExtensions

Chave Deletedo : HKLM\Software\WideStream

Chave Deletedo : HKLM\Software\trolatunt

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{835525BE-63BD-4EC4-9425-00CEAD4849C2}

Chave Deletedo : [x64] HKLM\SOFTWARE\b1.org

Chave Deletedo : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions

Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\trolatunt

Chave Deletedo : HKLM\Software\Classes\Installer\Features\EB525538DB364CE4495200ECDA84942C

Chave Deletedo : HKLM\Software\Classes\Installer\Products\EB525538DB364CE4495200ECDA84942C

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17207

-\\ Mozilla Firefox v31.0 (x86 en-US)

[ Arquivo : C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\prefs.js ]

Linha deletada : user_pref("extensions.ae5ee2b2c830545e783277e8d2f95c44d72e95ca9af64494aaba256feb04f1c1dcom54491.54491.internaldb.Resources_meta.value", "%7B%22amazon-black-icon.png%22%3A%7B%22id%22%3A569482%2C%22ver%[...]

Linha deletada : user_pref("extensions.ae5ee2b2c830545e783277e8d2f95c44d72e95ca9af64494aaba256feb04f1c1dcom54491.54491.internaldb.__ICM_DOWNLOADS__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22ama[...]

Linha deletada : user_pref("extensions.ae5ee2b2c830545e783277e8d2f95c44d72e95ca9af64494aaba256feb04f1c1dcom54491.54491.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]

Linha deletada : user_pref("extensions.crossrider.bic", "1476041087214f3850d76131326935d7");

-\\ Google Chrome v36.0.1985.125

[ Arquivo : C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [search Provider] : hxxp://br.ask.com/web?q={searchTerms}

Deletedo [search Provider] : hxxp://www.animeshost.com/index.php?option=com_search&searchword={searchTerms}

*************************

AdwCleaner[R0].txt - [18064 octets] - [02/08/2014 21:45:23]

AdwCleaner[s0].txt - [17021 octets] - [02/08/2014 21:46:59]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [17082 octets] ##########

[Power Max 54]

Desative temporariamente seu antivírus para evitar conflitos.

 

* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:

http://www.hijackthis.nl/smeenk/

 

:seta: Para executá-lo corretamente siga as dicas deste tutorial:

 

Exclua adwares e outras ameaças de seu PC e browsers com o aplicativo Zoek

 

* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.

[FlinN-D 0]

Após usar o Zoek este é o Log.

 

 

Zoek.exe v5.0.0.0 Updated 31-07-2014

Tool run by FlinN-D on 03/08/2014 at 1:45:51,81.

Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\FlinN-D\Desktop\zoek.exe [scan all users] [script inserted]

==== System Restore Info ======================

03/08/2014 02:20:25 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright © 1993-2006 Microsoft Corp.

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. Each

# entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

# space.

#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a '#' symbol.

#

# For example:

#

# 102.54.94.97 rhino.acme.com # source server

# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.

127.0.0.1 localhost

::1 localhost

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.youtube.com/");

Added to C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\prefs.js:

ProfilePath: C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default

user.js not found

---- FireFox user.js and prefs.js backups ----

prefs_082014_0229_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~3\GreatSoft deleted

C:\PROGRA~2\trzAD2F.tmp deleted

C:\456091_intl_x64_zip.exe deleted

C:\PROGRA~3\boost_interprocess deleted

C:\PROGRA~3\InstallMate deleted

C:\PROGRA~3\Package Cache deleted

C:\Users\FlinN-D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager deleted

C:\Users\FlinN-D\Searches deleted

C:\windows\SysNative\tasks\Baidu PC Faster Service deleted

C:\windows\SysNative\tasks\Baidu PC Faster Update deleted

C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\firefox@mega.co.nz.xpi deleted

C:\Users\FlinN-D\AppData\Roaming\unins000.exe deleted

"C:\PROGRA~3\685f5eeecaf3b2f0\{476D78C4-1DB0-2D88-7FCC-AA6559F59A8D}" deleted

"C:\PROGRA~2\Internet Download Manager\IDMan.exe" deleted

"C:\PROGRA~2\Internet Download Manager\idmftype.dll" deleted

"C:\PROGRA~2\Internet Download Manager\idmindex.dll" deleted

"C:\PROGRA~2\Internet Download Manager\IDMIntegrator64.exe" deleted

"C:\PROGRA~2\Internet Download Manager\idmmkb.dll" deleted

"C:\PROGRA~2\Internet Download Manager\IDMNetMon64.dll" deleted

"C:\PROGRA~2\Internet Download Manager\IDMShellExt64.dll" deleted

"C:\PROGRA~2\Internet Download Manager\IEMonitor.exe" deleted

"C:\PROGRA~3\685f5eeecaf3b2f0" deleted

"C:\PROGRA~2\Internet Download Manager" not deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [14/02/2014 22:48]

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"mozilla_cc@internetdownloadmanager.com"="C:\Users\FlinN-D\AppData\Roaming\IDM\idmmzcc5" [11/04/2014 20:36]

==== Firefox Extensions ======================

ProfilePath: C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default

- trolatunt - %ProfilePath%\extensions\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default

DB1F8BCEE65D20F7A75D22DE4CC898FD - C:\Users\FlinN-D\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll - Módulo de Proteção - Caixa Economica Federal

77B8694352764F6079A2332FAD7FD426 - C:\Users\FlinN-D\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player

DCB0BCEF594E2C410793C4A823C318F3 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll - Shockwave for Director / Shockwave for Director

EE8D96E7899D12FC3AA5DB2034C0853C - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll - Shockwave Flash

BE126CB7049E89ED6F3038016668B502 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit)

EAC427FEF96A13058C1ACD17C38966CF - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit)

96B3689320E9B16EDF38B7A5001C35F0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit)

F8CB60A5ACA5D73807ECBD9942A8BCB7 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin

D5577EFFAEB3CCC1A6166AAD6EC7B52C - C:\Windows\SysWoW64\Macromed\AUTHORWA\np32asw.dll - Authorware Web Player

B32C60F3B53085CF3B6AE0199116F5AF - C:\Users\FlinN-D\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll - Módulo de Proteção - Caixa Economica Federal

178F30EB6105041AE4FA3943DBF40C75 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll - WacomTabletPlugin

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[09/07/2014 00:46]

idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14/08/2013 15:24]

jeaohhlajejodfjadcponpnjgkiikocn - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

nnjbodopomfddehlalfilheomcahbpei - C:\Users\FlinN-D\AppData\Local\GAS Tecnologia\GBBD\cef\sf.crx[26/07/2014 15:36]

webbsave - Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nnnbkclegbjpkbhldlnelookohhiifda

webbsave - Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnnbkclegbjpkbhldlnelookohhiifda

webbsave - Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nnnbkclegbjpkbhldlnelookohhiifda

webbsave - Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nnnbkclegbjpkbhldlnelookohhiifda

webbsave - Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnnbkclegbjpkbhldlnelookohhiifda

webbsave - Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nnnbkclegbjpkbhldlnelookohhiifda

webbsave - FlinN-D\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nnnbkclegbjpkbhldlnelookohhiifda

Google Docs - FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

avast Online Security - FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

RealDownloader - FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji

IDM Integration Module - FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn

Google Wallet - FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

GBBD Caixa Economica Federal - FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnjbodopomfddehlalfilheomcahbpei

GBBD Caixa Economica Federal - FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi

Gmail - FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

webbsave - FlinN-D\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nnnbkclegbjpkbhldlnelookohhiifda

Video Download - FlinN-D\AppData\Local\Spark\User Data\Default\Extensions\djmgfiokceelcoeihknfhbnnbboaibkm

avast Online Security - FlinN-D\AppData\Local\Spark\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

RealDownloader - FlinN-D\AppData\Local\Spark\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji

==== Chrome Fix ======================

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage-journal deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.plyrics.com_0.localstorage deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.plyrics.com_0.localstorage-journal deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_banners.adultfriendfinder.com_0.localstorage deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_banners.adultfriendfinder.com_0.localstorage-journal deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.downloadfilessaver.com_0.localstorage deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.downloadfilessaver.com_0.localstorage-journal deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fastdailyfind.com_0.localstorage deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fastdailyfind.com_0.localstorage-journal deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_misposters.edicionesbabylon.es_0.localstorage deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_misposters.edicionesbabylon.es_0.localstorage-journal deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_portugues.babylon.com_0.localstorage deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_portugues.babylon.com_0.localstorage-journal deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_click.dealshark.com_0.localstorage deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_click.dealshark.com_0.localstorage-journal deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_valuedealshopper.com_0.localstorage deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_valuedealshopper.com_0.localstorage-journal deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.idealshop.com.br_0.localstorage deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.idealshop.com.br_0.localstorage-journal deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_b.scorecardresearch.com_0.localstorage deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_b.scorecardresearch.com_0.localstorage-journal deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_comps.fotosearch.com_0.localstorage deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_comps.fotosearch.com_0.localstorage-journal deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jeaohhlajejodfjadcponpnjgkiikocn deleted successfully

C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nnnbkclegbjpkbhldlnelookohhiifda deleted successfully

C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnnbkclegbjpkbhldlnelookohhiifda deleted successfully

C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nnnbkclegbjpkbhldlnelookohhiifda deleted successfully

C:\Users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nnnbkclegbjpkbhldlnelookohhiifda deleted successfully

C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnnbkclegbjpkbhldlnelookohhiifda deleted successfully

C:\Users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nnnbkclegbjpkbhldlnelookohhiifda deleted successfully

C:\Users\FlinN-D\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nnnbkclegbjpkbhldlnelookohhiifda deleted successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nnnbkclegbjpkbhldlnelookohhiifda deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://br.hao123.com/?tn=smt_pay_hp_01_hao123_br"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"

==== Reset Google Chrome ======================

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\FlinN-D\AppData\Local\Spark\User Data\Default\Preferences was reset successfully

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

C:\Users\FlinN-D\AppData\Local\Spark\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1686077500-376583763-957011888-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully

HKEY_USERS\S-1-5-21-1686077500-376583763-957011888-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully

==== Deleting CLSID Registry Values ======================

==== shortcuts on Users Desktops ======================

C:\Users\FlinN-D\Desktop\PC App Store.lnk - C:\Program Files (x86)\Baidu Security\PC App Store\4.5.1.6024\PCAppStore.exe /openfrom=shortcut

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

==== shortcuts in Users Start Menu ======================

C:\Users\FlinN-D\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -

C:\Users\FlinN-D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC App Store\PC App Store.lnk - C:\Program Files (x86)\Baidu Security\PC App Store\4.5.1.6024\PCAppStore.exe /openfrom=startmenu

C:\Users\FlinN-D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC App Store\Uninstall.lnk - C:\Program Files (x86)\Baidu Security\PC App Store\4.5.1.6024\Uninstall.exe /openfrom=startmenu

C:\Users\FlinN-D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Uninstall.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\Uninstall.exe

C:\Users\FlinN-D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\FlinN-D\AppData\Roaming\Dropbox\bin\Dropbox.exe /home

C:\Users\FlinN-D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk - C:\Users\FlinN-D\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe

C:\Users\FlinN-D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\FlinN-D\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup

C:\Users\FlinN-D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files (x86)\WinRAR\Rar.txt

C:\Users\FlinN-D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt

C:\Users\FlinN-D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm

C:\Users\FlinN-D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk - C:\Windows\system32\mstsc.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Uninstall.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\Uninstall.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader\Foxit Reader.lnk - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader\Uninstall Foxit Reader.lnk - C:\Program Files (x86)\Foxit Software\Foxit Reader\unins000.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\FlinN-D\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CDisplayEx.lnk - C:\Program Files (x86)\CDisplayEx\cdisplayex.exe

C:\Users\FlinN-D\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe

C:\Users\FlinN-D\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\FlinN-D\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\FlinN-D\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero Home.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero Home\NeroHome.exe -ScParameter=8

C:\Users\FlinN-D\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8

C:\Users\FlinN-D\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PDF To JPG.lnk - C:\PDFToJPG\PDFJPG.exe

C:\Users\FlinN-D\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\FlinN-D\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SketchBook Pro 6.2.lnk - C:\Program Files (x86)\Autodesk\SketchBook Pro 6.2\SketchBookPro.exe

C:\Users\FlinN-D\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk - C:\Program Files (x86)\Winamp\winamp.exe

C:\Users\FlinN-D\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\FlinN-D\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -

C:\Users\FlinN-D\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\FlinN-D\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\FlinN-D\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Skype.lnk - C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe

C:\Users\FlinN-D\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Winamp.lnk - C:\Program Files (x86)\Winamp\winamp.exe

C:\Users\FlinN-D\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Reset IE Proxy ======================

Value(s) before fix:

"ProxyEnable"=dword:00000000

Value(s) after fix:

"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\9270179e-c5f2-4c80-8fa1-78e1ccc0343c deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jeaohhlajejodfjadcponpnjgkiikocn deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Internet Download Manager deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\FlinN-D\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\FlinN-D\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\FlinN-D\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X9QHJURU will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\FlinN-D\AppData\Local\Mozilla\Firefox\Profiles\uqm8k419.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\FlinN-D\AppData\Local\Spark\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=249 folders=46 25662374 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\FlinN-D\AppData\Local\Temp will be emptied at reboot

C:\Users\USURIO~1\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\FlinN-D\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~2\Internet Download Manager" not found

"C:\Users\FlinN-D\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X9QHJURU" not found

==== EOF on 03/08/2014 at 2:38:50,09 ======================

[Power Max 54]

Baixe o programa Junkware Removal Tool no link abaixo:

http://thisisudax.org/downloads/JRT.exe

 

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

 

Tutorial do Junkware Removal Tool

 

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

 

Ficamos na espera.

[FlinN-D 0]

Segue log do Junkware.

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 7 Ultimate x64

Ran by FlinN-D on 03/08/2014 at 13:12:29,44

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1686077500-376583763-957011888-1000\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu

~~~ Files

~~~ Folders

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 03/08/2014 at 13:21:49,53

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Power Max 54]

Ontem usei o Malwarebytes e dei uma limpada em alguns arquivos

 

Poste, por gentileza, o log (relatório) do Malwarebytes para podermos analisar.

[FlinN-D 0]

Log do Malwarebytes.

 

 

 

Malwarebytes Anti-Malware

www.malwarebytes.org

Data de Verificação: 02/08/2014

Hora da Verificação: 00:00:04

Logfile: Log Malwarebytes 08-2014.txt

Administrador: Sim

Versão: 2.00.2.1012

Malware Database: v2014.08.01.06

Rootkit Database: v2014.08.01.01

Licença: Trial

Proteção de Malware: Enabled

Proteção de Site Malicioso: Enabled

Self-protection: Desabilitado

OS: Windows 7 Service Pack 1

CPU: x64

Sistema de Arquivo: NTFS

Usuário: FlinN-D

Tipo da Verificação: Verificar Ameaça

Resultado: Completado

Arquivos Verificados: 475761

Tempo Decorrido: 3 hr, 25 min, 26 seg

Memória: Enabled

Inicialização: Enabled

Filesystem: Enabled

Arquivos: Enabled

Rootkits: Desabilitado

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

Processos: 5

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\bin\utiltrolatunt.exe, 2600, , [303aa71a5f1c89ad65ad652810f1d22e]

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\updatetrolatunt.exe, 1504, , [5119259ce2996cca6ca64b42a1608d73]

PUP.Optional.AmazonMini.A, C:\Program Files (x86)\Amazon Mini Saver\Amazon Mini Saver-nova.exe, 6208, , [fe6c0cb5f58640f674b83334ad548878]

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\bin\trolatunt.BrowserAdapter.exe, 1584, , [a4c62e9399e21e18e42e2ac219e926da]

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\bin\trolatunt.PurBrowse64.exe, 4424, , [a4c62e9399e21e18e42e2ac219e926da]

Módulos: 4

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\bin\trolatuntBAApp.dll, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\bin\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}.dll, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\bin\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}.dll, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.AmazonMini.A, C:\Program Files (x86)\Amazon Mini Saver\Amazon Mini Saver-nova.dll, , [3733744db6c5dc5a83994b754db5ca36],

Chaves de Registro: 72

PUP.Optional.Trolatunt.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util trolatunt, , [303aa71a5f1c89ad65ad652810f1d22e],

PUP.Optional.Trolatunt.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update trolatunt, , [5119259ce2996cca6ca64b42a1608d73],

PUP.Optional.AmazonMini.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110511441191}, , [6406487981fa82b47cb0a9be2ad74bb5],

PUP.Optional.AmazonMini.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{11111111-1111-1111-1111-110511441191}, , [6406487981fa82b47cb0a9be2ad74bb5],

PUP.Optional.AmazonMini.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440544444491}, , [6406487981fa82b47cb0a9be2ad74bb5],

PUP.Optional.AmazonMini.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550555445591}, , [6406487981fa82b47cb0a9be2ad74bb5],

PUP.Optional.AmazonMini.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660566446691}, , [6406487981fa82b47cb0a9be2ad74bb5],

PUP.Optional.AmazonMini.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550555445591}, , [6406487981fa82b47cb0a9be2ad74bb5],

PUP.Optional.AmazonMini.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660566446691}, , [6406487981fa82b47cb0a9be2ad74bb5],

PUP.Optional.AmazonMini.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440544444491}, , [6406487981fa82b47cb0a9be2ad74bb5],

PUP.Optional.AmazonMini.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0054491.BHO.1, , [6406487981fa82b47cb0a9be2ad74bb5],

PUP.Optional.AmazonMini.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110511441191}, , [6406487981fa82b47cb0a9be2ad74bb5],

PUP.Optional.AmazonMini.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110511441191}, , [6406487981fa82b47cb0a9be2ad74bb5],

PUP.Optional.AmazonMini.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0054491.BHO, , [6406487981fa82b47cb0a9be2ad74bb5],

PUP.Optional.AmazonMini.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0054491.BHO, , [6406487981fa82b47cb0a9be2ad74bb5],

PUP.Optional.AmazonMini.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0054491.BHO.1, , [6406487981fa82b47cb0a9be2ad74bb5],

PUP.Optional.AmazonMini.A, HKU\S-1-5-21-1686077500-376583763-957011888-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{11111111-1111-1111-1111-110511441191}, , [6406487981fa82b47cb0a9be2ad74bb5],

PUP.Optional.AmazonMini.A, HKU\S-1-5-21-1686077500-376583763-957011888-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11111111-1111-1111-1111-110511441191}, , [6406487981fa82b47cb0a9be2ad74bb5],

PUP.Optional.AmazonMini.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{22222222-2222-2222-2222-220522442291}, , [6406487981fa82b47cb0a9be2ad74bb5],

PUP.Optional.AmazonMini.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0054491.Sandbox.1, , [6406487981fa82b47cb0a9be2ad74bb5],

PUP.Optional.AmazonMini.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0054491.Sandbox, , [6406487981fa82b47cb0a9be2ad74bb5],

PUP.Optional.AmazonMini.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0054491.Sandbox, , [6406487981fa82b47cb0a9be2ad74bb5],

PUP.Optional.AmazonMini.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0054491.Sandbox.1, , [6406487981fa82b47cb0a9be2ad74bb5],

PUP.Optional.AmazonMini.A, HKLM\SOFTWARE\CLASSES\CLSID\{22222222-2222-2222-2222-220522442291}, , [6406487981fa82b47cb0a9be2ad74bb5],

PUP.Optional.AmazonMini.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110511441191}\INPROCSERVER32, , [6406487981fa82b47cb0a9be2ad74bb5],

PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, , [39310eb3700b3303d7e8bddc49b98a76],

PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, , [39310eb3700b3303d7e8bddc49b98a76],

PUP.Optional.Trolatunt.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{59bc35cc-f3cb-4e2b-a21d-481d781207af}, , [caa00bb6b6c5e65048e1d48fa260ef11],

PUP.Optional.Trolatunt.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{E153AE67-D58A-406D-A93D-C353D665C7D5}, , [caa00bb6b6c5e65048e1d48fa260ef11],

PUP.Optional.Trolatunt.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{2D36C200-0855-4AEF-9004-51647E95F0BB}, , [caa00bb6b6c5e65048e1d48fa260ef11],

PUP.Optional.Trolatunt.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{2D36C200-0855-4AEF-9004-51647E95F0BB}, , [caa00bb6b6c5e65048e1d48fa260ef11],

PUP.Optional.Trolatunt.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E153AE67-D58A-406D-A93D-C353D665C7D5}, , [caa00bb6b6c5e65048e1d48fa260ef11],

PUP.Optional.Trolatunt.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{59BC35CC-F3CB-4E2B-A21D-481D781207AF}, , [caa00bb6b6c5e65048e1d48fa260ef11],

PUP.Optional.Trolatunt.A, HKU\S-1-5-21-1686077500-376583763-957011888-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{59BC35CC-F3CB-4E2B-A21D-481D781207AF}, , [caa00bb6b6c5e65048e1d48fa260ef11],

PUP.Optional.Trolatunt.A, HKU\S-1-5-21-1686077500-376583763-957011888-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{59BC35CC-F3CB-4E2B-A21D-481D781207AF}, , [caa00bb6b6c5e65048e1d48fa260ef11],

PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64, , [1c4e279af982f244d6c599377c86ea16],

PUP.Optional.Trolatunt.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\trolatunt, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{ac225167-00fc-452d-94c5-bb93600e7d9a}, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\25286, , [3634863b5f1ca29480b327c747bb19e7],

PUP.Optional.AmazonMini.A, HKLM\SOFTWARE\WOW6432NODE\Amazon Mini Saver, , [ee7ccdf44536df57644802db1be7f50b],

PUP.Optional.Trolatunt.A, HKLM\SOFTWARE\WOW6432NODE\trolatunt, , [0169ffc2750635018a89a24a03ff18e8],

PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, , [a5c519a86d0e5fd729c56270689ae917],

PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\25286, , [6dfdc6fbcbb0ab8bb87b8866d0325ca4],

PUP.Optional.Booster.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5F189DF5-2D05-472B-9091-84D9848AE48B}{1a34a8e0}, , [79f1b20f2754f442f1236a6c729021df],

PUP.Optional.AmazonMini.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Amazon Mini Saver, , [2a409c256d0e59dd5b539449ec169868],

PUP.Optional.Trolatunt.A, HKU\S-1-5-21-1686077500-376583763-957011888-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\trolatunt, , [c9a1b40d552649edc64e2fbd5fa337c9],

PUP.Optional.AmazonMini.A, HKU\S-1-5-21-1686077500-376583763-957011888-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Amazon Mini Saver, , [86e41fa2fb8083b318962db0669cff01],

PUP.Optional.CrossRider.A, HKU\S-1-5-21-1686077500-376583763-957011888-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [6901d1f0d0ab1323927ad64f53b157a9],

PUP.Optional.CrossRider.A, HKU\S-1-5-21-1686077500-376583763-957011888-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\25286, , [6ffb8a376912092d89abe608d62ca060],

PUP.Optional.CrossRider.A, HKU\S-1-5-21-1686077500-376583763-957011888-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Nero, , [a4c67a470c6fd5616b5de8404bb92bd5],

PUP.Optional.AmazonMini.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Amazon Mini Saver, , [3733744db6c5dc5a83994b754db5ca36],

PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [402a90319eddd363e72da423cf33827e],

PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [402a90319eddd363e72da423cf33827e],

PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [402a90319eddd363e72da423cf33827e],

PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, , [402a90319eddd363e72da423cf33827e],

PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickCtrl.10, , [402a90319eddd363e72da423cf33827e],

PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [402a90319eddd363e72da423cf33827e],

PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [402a90319eddd363e72da423cf33827e],

PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [402a90319eddd363e72da423cf33827e],

PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, , [402a90319eddd363e72da423cf33827e],

PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.Update3WebControl.4, , [402a90319eddd363e72da423cf33827e],

PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [402a90319eddd363e72da423cf33827e],

PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [402a90319eddd363e72da423cf33827e],

PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, , [402a90319eddd363e72da423cf33827e],

PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, , [402a90319eddd363e72da423cf33827e],

Valores de Registro: 1

PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, , [a5c519a86d0e5fd729c56270689ae917]

Dados do Registro: 1

PUP.Optional.Hao123.A, HKU\S-1-5-21-1686077500-376583763-957011888-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://br.hao123.com/?tn=smt_pay_hp_01_hao123_br, Good: (www.google.com), Bad: (http://br.hao123.com/?tn=smt_pay_hp_01_hao123_br),,[1357a21f2c4fca6ce528a90a37cd24dc]

Pastas: 26

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\bin, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\bin\plugins, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\bin\TEMP, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\api, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\core, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\defaults, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\defaults\preferences, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\userCode, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\locale, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\locale\en-US, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\skin, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.AmazonMini.A, C:\Users\FlinN-D\AppData\LocalLow\Amazon Mini Saver, , [73f7f0d1c1baf73f3cde40806f9323dd],

PUP.Optional.AmazonMini.A, C:\Program Files (x86)\Amazon Mini Saver, , [3733744db6c5dc5a83994b754db5ca36],

PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, , [402a90319eddd363e72da423cf33827e],

PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, , [402a90319eddd363e72da423cf33827e],

PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, , [402a90319eddd363e72da423cf33827e],

PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, , [402a90319eddd363e72da423cf33827e],

PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, , [402a90319eddd363e72da423cf33827e],

PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{ADA8AF95-616D-4107-BA81-3DA46EA1667A}, , [402a90319eddd363e72da423cf33827e],

PUP.Optional.GlobalUpdate.A, C:\Users\FlinN-D\AppData\Local\Temp\comh.116755, , [76f40db44b3069cd58d8af18936f9b65],

Arquivos: 208

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\bin\utiltrolatunt.exe, , [303aa71a5f1c89ad65ad652810f1d22e],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\updatetrolatunt.exe, , [5119259ce2996cca6ca64b42a1608d73],

PUP.Optional.AmazonMini.A, C:\Program Files (x86)\Amazon Mini Saver\Amazon Mini Saver-nova.exe, , [fe6c0cb5f58640f674b83334ad548878],

PUP.Optional.AmazonMini.A, C:\Program Files (x86)\Amazon Mini Saver\Amazon Mini Saver-bho64.dll, , [6406487981fa82b47cb0a9be2ad74bb5],

PUP.Optional.AmazonMini.A, C:\Program Files (x86)\Amazon Mini Saver\Amazon Mini Saver-bho.dll, , [6406487981fa82b47cb0a9be2ad74bb5],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\trolatuntBHO.dll, , [caa00bb6b6c5e65048e1d48fa260ef11],

Trojan.SProtector, C:\Program Files (x86)\trzAD2F.tmp, , [aac028997a0190a68b7fd292ed1445bb],

PUP.Optional.Somoto, C:\Users\FlinN-D\AppData\Local\Temp\nsd3A9D.tmp, , [81e9279a62191c1a13ad8fb21de73fc1],

PUP.Optional.Somoto, C:\Users\FlinN-D\AppData\Local\Temp\nsh10F6.tmp, , [97d30cb53c3fd95d05bb85bc9b698c74],

PUP.Optional.Somoto, C:\Users\FlinN-D\AppData\Local\Temp\nsoD3D9.tmp, , [4921447d81fa3204f1cfc77a48bc17e9],

PUP.Optional.Somoto, C:\Users\FlinN-D\AppData\Local\Temp\bitool.dll, , [79f1e2df7a018aac86daa19862a023dd],

PUP.Optional.Somoto, C:\Users\FlinN-D\AppData\Local\Temp\nsw895F.tmp, , [70faae1393e8023499270b36ac58ea16],

PUP.Optional.Trolotunt.A, C:\Users\FlinN-D\AppData\Local\Temp\trolatuntSetup.exe, , [e684f8c98af1dc5a195ed9d19a6a4db3],

PUP.Optional.Spigot.A, C:\Users\FlinN-D\AppData\Local\Temp\nsjD3E5.tmp-2\APN_ATU3_.exe, , [303ac3fedd9eeb4bf14abd7139c88977],

PUP.Optional.Spigot.A, C:\Users\FlinN-D\AppData\Local\Temp\is701137889\7165931_stp.EXE, , [8bdfb30ee6955ed899a2919d719005fb],

Riskware.Keygen, C:\Windows\AutoKMS.exe, , [d991f6cbcbb04ee80a4811a26b95c23e],

PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys, , [1c4e279af982f244d6c599377c86ea16],

PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\51eaaada-22fd-4ae7-aa37-cb5b8a63daaa-1, , [105aa51c017a0d2954954092bb479769],

PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\51eaaada-22fd-4ae7-aa37-cb5b8a63daaa-11, , [97d3972a8cef072fc7228c46f50dd828],

PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\51eaaada-22fd-4ae7-aa37-cb5b8a63daaa-2, , [2248c4fd91ea1026f1f8d3ffe81abc44],

PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\51eaaada-22fd-4ae7-aa37-cb5b8a63daaa-4, , [93d74e73ee8d1e187079dbf722e07f81],

PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\51eaaada-22fd-4ae7-aa37-cb5b8a63daaa-5, , [2e3ca71a5427db5b26c30bc7d230a060],

PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\51eaaada-22fd-4ae7-aa37-cb5b8a63daaa-5_user, , [e68413aeb5c6d165cc1d854d768c8d73],

PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\51eaaada-22fd-4ae7-aa37-cb5b8a63daaa-6, , [d892e5dc116a80b6648524aef909b749],

PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\51eaaada-22fd-4ae7-aa37-cb5b8a63daaa-7, , [8fdbd1f0e2993ef84a9fa82a7b87ee12],

PUP.Optional.Trolatunt.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}.xpi, , [89e1f3ce42390432ecfe627a5ba754ac],

PUP.Optional.DownloadFileSaver.A, C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.downloadfilessaver.com_0.localstorage, , [a7c3823f7506d75fbc4a8c5224de837d],

PUP.Optional.DownloadFileSaver.A, C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.downloadfilessaver.com_0.localstorage-journal, , [4525e1e0e695d0663bcbb32b05fd6d93],

PUP.Optional.MindSpark.A, C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_filesharefanatic.dl.tb.ask.com_0.localstorage, , [f971645d2b5069cdaaf71dc1d62c5aa6],

PUP.Optional.MindSpark.A, C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_filesharefanatic.dl.tb.ask.com_0.localstorage-journal, , [6505c3fe493292a43968a13d699912ee],

PUP.Optional.Superfish.A, C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, , [036716abdaa1d06613706979e51d57a9],

PUP.Optional.Superfish.A, C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, , [0466328f53283df95c2702e0b84ad22e],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\trolatunt.ico, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\0, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\7za.exe, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\trolatuntUn.exe, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\trolatuntUninstall.exe, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\updatetrolatunt.InstallState, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\bin\7za.exe, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\bin\BrowserAdapterS.7z, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\bin\sqlite3.dll, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\bin\trolatunt.BrowserAdapter.exe, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\bin\trolatunt.PurBrowse64.exe, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\bin\trolatunt.PurBrowseG.zip, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\bin\trolatuntBAApp.dll, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\bin\utiltrolatunt.InstallState, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\bin\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}.dll, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\bin\plugins\trolatunt.Bromon.dll, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\bin\plugins\trolatunt.BroStats.dll, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\bin\plugins\trolatunt.BrowserAdapterS.dll, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\bin\plugins\trolatunt.CompatibilityChecker.dll, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\bin\plugins\trolatunt.FFUpdate.dll, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\bin\plugins\trolatunt.IEUpdate.dll, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\bin\plugins\trolatunt.PurBrowseG.dll, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.Trolatunt.A, C:\Program Files (x86)\trolatunt\bin\plugins\trolatunt.Repmon.dll, , [a4c62e9399e21e18e42e2ac219e926da],

PUP.Optional.CrossRider.T, C:\Windows\Tasks\51eaaada-22fd-4ae7-aa37-cb5b8a63daaa-1.job, , [95d5c9f8b5c62412344daa87eb19ff01],

PUP.Optional.CrossRider.T, C:\Windows\Tasks\51eaaada-22fd-4ae7-aa37-cb5b8a63daaa-11.job, , [c1a90cb536456dc96d140e2350b452ae],

PUP.Optional.CrossRider.T, C:\Windows\Tasks\51eaaada-22fd-4ae7-aa37-cb5b8a63daaa-2.job, , [6109922fc8b33ef8a7da1a1741c332ce],

PUP.Optional.CrossRider.T, C:\Windows\Tasks\51eaaada-22fd-4ae7-aa37-cb5b8a63daaa-4.job, , [fd6d9c25b0cb171f84fd01301de71ae6],

PUP.Optional.CrossRider.T, C:\Windows\Tasks\51eaaada-22fd-4ae7-aa37-cb5b8a63daaa-5.job, , [4e1c942d9be0c472b0d16ec3c83c31cf],

PUP.Optional.CrossRider.T, C:\Windows\Tasks\51eaaada-22fd-4ae7-aa37-cb5b8a63daaa-5_user.job, , [d991a71af2893cfa730e48e9a361b947],

PUP.Optional.CrossRider.T, C:\Windows\Tasks\51eaaada-22fd-4ae7-aa37-cb5b8a63daaa-6.job, , [f476f9c8f388ae88e998220f54b06b95],

PUP.Optional.CrossRider.T, C:\Windows\Tasks\51eaaada-22fd-4ae7-aa37-cb5b8a63daaa-7.job, , [a7c3497899e20531aad750e119eb8779],

PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, , [a3c7e4dd304b6ec82671c96852b2e719],

PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, , [6dfd20a1b6c59a9c3365a190c44041bf],

PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, , [cc9eead7700b1b1b4653e8491fe517e9],

PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, , [9fcb4f72562536001d7dd85931d3ce32],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome.manifest, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\install.rdf, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\6c95a1dbbbcde7c30f5c3c060f08fd98.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\ab9980bd61a4a156181467ae9dbaf1ec.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\background.html, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\browser.xul, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\c0ac3c8c7e13dc47b82c86eda36cc992.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\dialog.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\e1e687a5c82f0563b01e4c8fa97e9b63.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\e2d95c8264b925d06b514e6ac3718029.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\ffCoreFilesIndex.txt, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\options.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\options.xul, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\search_dialog.xul, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\api\aae9ffca3b10d35e405f0d0219ff71f3.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\api\17b7f54f12eaa07d3cae05c90f75895b.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\api\3e04beaa7eb052ba11458e0551154dca.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\api\5eaaa7eeb520d92d1a2500b70ae52ae7.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\api\6b388be0f1d165d6bc9a84127c3562b5.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\api\75255b32a1712fa5c167ca2e681ff7bb.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\api\85e5956e6ebc0572f0e2518ae48a77c2.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\api\92d204b87d6593094107eae07ab8aeab.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\api\94e6cd0fc6c38d5c94bf6ddecbf4afe7.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\api\b2cb6887010ae5618efd4a3743604e43.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\api\cec08224ac7a7af91c3ea059b155478c.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\api\d2d1d0f48c0be901b8110a2f26846e64.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\api\dfbc75beef93759158ed5dd6e66decc5.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\api\e60ae5f93f2930b3ab532f33ee292aed.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\api\eb78ea4bfc9f966e8e8ec329ec4f13d7.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\api\fa6c1a61541e1c152d986b11c0d4e6c9.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\core\905fd8a5da4b951f5ca0338354ca13ad.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\core\09869d4225295477d09aaeb262f59305.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\core\0a39425316b2c53e28da1dbb211377fe.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\core\0bee38db58cfede9bcb6ebbdd5362534.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\core\4832df58851971008fda32266eeec4a7.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\core\62eabb72b9057f52be33eda3af22d353.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\core\64ca55a386e3332fb2ce387a824b0061.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\core\65f9c8637a42569b25ac4dd4da021fab.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\core\78396fab2faa8cd0dd70c1216ceb874a.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\core\7efd1396b69a9b2fccfa23ad38ef3ca1.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\core\8eee9aff36e029f1f2f4375d15f8410d.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\core\92916c79d8109c89c7b702ad0c66b20b.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\core\aec48ee4e5729a01e0e1599664ce58da.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\core\b4cbd010bfb70ff9efe66b3ea0742c37.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\core\c9ac3298ffbf53b2dfb53738646d00d7.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\core\d3179f9df2d3ee4512875cd79b692095.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\core\df7f817ea16a3cddd489d99f0bdd5c6f.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\core\ed5b9bc177eaf338fda623585725c00f.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\core\ef803b1a058569d69c7a5b3851c49417.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\core\fc3a32ce4383d85e9efb62171bd25e1f.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\chrome\content\core\installer.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\defaults\preferences\prefs.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\manifest.xml, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins.json, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\1.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\102.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\104.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\13.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\14.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\16.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\17.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\177.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\182.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\183.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\193.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\195.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\207.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\21.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\22.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\220.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\221.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\223.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\246.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\263.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\268.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\28.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\281.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\289.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\300.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\4.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\47.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\64.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\7.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\72.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\78.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\9.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\91.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\93.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\plugins\98.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\userCode\background.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\extensionData\userCode\extension.js, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\locale\en-US\translations.dtd, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\skin\button1.png, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\skin\button2.png, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\skin\button3.png, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\skin\button4.png, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\skin\button5.png, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\skin\crossrider_statusbar.png, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\skin\icon128.png, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\skin\icon16.png, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\skin\icon24.png, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\skin\icon48.png, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\skin\panelarrow-up.png, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\skin\popup.html, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\skin\skin.css, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\extensions\e5ee2b2c-8305-45e7-8327-7e8d2f95c44d@72e95ca9-af64-494a-aba2-56feb04f1c1d.com\skin\update.css, , [a1c9e7da96e51323166111a17f836c94],

PUP.Optional.AmazonMini.A, C:\Program Files (x86)\Amazon Mini Saver\Amazon Mini Saver-bg.exe, , [3733744db6c5dc5a83994b754db5ca36],

PUP.Optional.AmazonMini.A, C:\Program Files (x86)\Amazon Mini Saver\1293297481.mxaddon, , [3733744db6c5dc5a83994b754db5ca36],

PUP.Optional.AmazonMini.A, C:\Program Files (x86)\Amazon Mini Saver\51eaaada-22fd-4ae7-aa37-cb5b8a63daaa.crx, , [3733744db6c5dc5a83994b754db5ca36],

PUP.Optional.AmazonMini.A, C:\Program Files (x86)\Amazon Mini Saver\51eaaada-22fd-4ae7-aa37-cb5b8a63daaa.xpi, , [3733744db6c5dc5a83994b754db5ca36],

PUP.Optional.AmazonMini.A, C:\Program Files (x86)\Amazon Mini Saver\a8e6caab-ac98-470a-8c13-b19c2ce5f9fc.crx, , [3733744db6c5dc5a83994b754db5ca36],

PUP.Optional.AmazonMini.A, C:\Program Files (x86)\Amazon Mini Saver\Amazon Mini Saver-buttonutil.dll, , [3733744db6c5dc5a83994b754db5ca36],

PUP.Optional.AmazonMini.A, C:\Program Files (x86)\Amazon Mini Saver\Amazon Mini Saver-buttonutil.exe, , [3733744db6c5dc5a83994b754db5ca36],

PUP.Optional.AmazonMini.A, C:\Program Files (x86)\Amazon Mini Saver\Amazon Mini Saver-buttonutil64.exe, , [3733744db6c5dc5a83994b754db5ca36],

PUP.Optional.AmazonMini.A, C:\Program Files (x86)\Amazon Mini Saver\Amazon Mini Saver-nova.dll, , [3733744db6c5dc5a83994b754db5ca36],

PUP.Optional.AmazonMini.A, C:\Program Files (x86)\Amazon Mini Saver\Amazon Mini Saver.ico, , [3733744db6c5dc5a83994b754db5ca36],

PUP.Optional.AmazonMini.A, C:\Program Files (x86)\Amazon Mini Saver\background.html, , [3733744db6c5dc5a83994b754db5ca36],

PUP.Optional.AmazonMini.A, C:\Program Files (x86)\Amazon Mini Saver\bgNova.html, , [3733744db6c5dc5a83994b754db5ca36],

PUP.Optional.AmazonMini.A, C:\Program Files (x86)\Amazon Mini Saver\Uninstall.exe, , [3733744db6c5dc5a83994b754db5ca36],

PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe, , [402a90319eddd363e72da423cf33827e],

PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe, , [402a90319eddd363e72da423cf33827e],

PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe, , [402a90319eddd363e72da423cf33827e],

PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, , [402a90319eddd363e72da423cf33827e],

PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe, , [402a90319eddd363e72da423cf33827e],

PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, , [402a90319eddd363e72da423cf33827e],

PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, , [402a90319eddd363e72da423cf33827e],

PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll, , [402a90319eddd363e72da423cf33827e],

PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, , [402a90319eddd363e72da423cf33827e],

PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, , [402a90319eddd363e72da423cf33827e],

PUP.Optional.GlobalUpdate.A, C:\Users\FlinN-D\AppData\Local\Temp\comh.116755\GoogleCrashHandler.exe, , [76f40db44b3069cd58d8af18936f9b65],

PUP.Optional.GlobalUpdate.A, C:\Users\FlinN-D\AppData\Local\Temp\comh.116755\GoogleUpdate.exe, , [76f40db44b3069cd58d8af18936f9b65],

PUP.Optional.GlobalUpdate.A, C:\Users\FlinN-D\AppData\Local\Temp\comh.116755\GoogleUpdateBroker.exe, , [76f40db44b3069cd58d8af18936f9b65],

PUP.Optional.GlobalUpdate.A, C:\Users\FlinN-D\AppData\Local\Temp\comh.116755\GoogleUpdateHelper.msi, , [76f40db44b3069cd58d8af18936f9b65],

PUP.Optional.GlobalUpdate.A, C:\Users\FlinN-D\AppData\Local\Temp\comh.116755\GoogleUpdateOnDemand.exe, , [76f40db44b3069cd58d8af18936f9b65],

PUP.Optional.GlobalUpdate.A, C:\Users\FlinN-D\AppData\Local\Temp\comh.116755\goopdate.dll, , [76f40db44b3069cd58d8af18936f9b65],

PUP.Optional.GlobalUpdate.A, C:\Users\FlinN-D\AppData\Local\Temp\comh.116755\goopdateres_en.dll, , [76f40db44b3069cd58d8af18936f9b65],

PUP.Optional.GlobalUpdate.A, C:\Users\FlinN-D\AppData\Local\Temp\comh.116755\npGoogleUpdate4.dll, , [76f40db44b3069cd58d8af18936f9b65],

PUP.Optional.GlobalUpdate.A, C:\Users\FlinN-D\AppData\Local\Temp\comh.116755\psmachine.dll, , [76f40db44b3069cd58d8af18936f9b65],

PUP.Optional.GlobalUpdate.A, C:\Users\FlinN-D\AppData\Local\Temp\comh.116755\psuser.dll, , [76f40db44b3069cd58d8af18936f9b65],

PUP.Optional.Hao123.A, C:\Users\FlinN-D\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "homepage": "http://br.hao123.com/?tn=smt_pay_hp_01_hao123_br",), ,[acbe7d441e5dec4aac29af3dd2329e62]

PUP.Optional.CrossRider.A, C:\Users\FlinN-D\AppData\Roaming\Mozilla\Firefox\Profiles\uqm8k419.default\prefs.js, Good: (), Bad: (user_pref("extensions.crossrider.bic", "1476041087214f3850d76131326935d7");), ,[600a8e336516f640e26f3ab3bd47c937]

Physical Sectors: 0

(No malicious items detected)

(end)

[Power Max 54]

Neste relatório do Malwarebytes está constando que os problemas não foram selecionados e removidos, e é muito importante removê-los.

 

Além disto, você usou só a verificação de ameaças, que é incompleta. Siga as dicas abaixo para alterar o idioma do Malwarebytes para o português (caso ele esteja em outro idioma) e fazer a limpeza completa:

 

Alterando o idioma do Malwarebytes para o português:

 

Caso o idioma do seu Malwarebytes esteja em inglês é bem simples mudá-lo para nossa língua. Para isto abra o Malwarebytes e clique em Settings como mostra esta imagem:

 

 

Na próxima tela que surge, clique em Language e selecione a opção Portugueze (Brazil):

 

___________________________________________________________________________

 

Como executar uma verificação personalizada com o Malwarebytes:

 

- Abra o Malwarebytes > Clique em Verificar > clique em Verificação Personalizada > Clique em Verificar Agora:

 

 

Surgirá mais esta tela abaixo na qual você marcará todas as caixinhas do lado direito da tela para que todas as áreas de seu PC e mídias removíveis ligadas a ele possam ser escaneadas. E do lado esquerdo da tela deixe marcadas estas opções:

 

Verificar Objetos na Memória

Verificar as Configurações da Inicialização e do Registro

Verificar Arquivos Compactados

 

Quanto ao restante, deixe da forma já pré-configurada pelo Malwarebytes.

 

Depois disto clique no botão Iniciar Verificação como mostra a imagem abaixo:

 

 

Aguarde enquanto o escaneamento é realizado. Ele demora de acordo com a quantidade de arquivos que você possua em seu computador:

 

 

Assim que a verificação terminar, caso seja detectada alguma ameaça em seu PC surgirá uma mensagem como esta abaixo próximo ao relógio do Windows onde você clicará nela:

 

 

Neste momento aparecerá quais os malwares e itens potencialmente indesejáveis que foram detectados e os locais onde eles se encontram. Você notará que ele já mostra uma ação padrão para os itens (que normalmente é a de mover para a quarentena).

 

Para remover as infecções, deixe a opção Quarentena no menu Ação selecionada em todos os itens e clique no botão Aplicar Ações, como mostra esta imagem:

 

 

Alguns malwares são rebeldes e podem necessitar de uma reinicialização do PC para que sejam removidos. Caso isto seja solicitado pelo Malwarebytes, clique em Sim (ou Yes) como mostra esta imagem:

 

 

Depois disto é só postar o novo log de verificação que o Malwarebytes irá criar em sua próxima resposta.

[FlinN-D 0]

O que eu fiz foi basicamente isso, mas em vez de selecionar "quarentena" eu selecionei "adicionar excluir", de resto foi tudo igual, basicamente.

 

Mas parece que o PC voltou ao normal com os programas e processos que você me indicou, vou fazer uns testes aqui e mais tarde um pouco te dou uma resposta definitiva.

 

Mas desde já agradeço toda a ajuda e o tempo que você dedicou a isso!! Muito obrigado!!

 

 

 

Obs.: Se tiver voltado ao normal o PC eu posto uma nova resposta aqui te informando; se não, faço um novo processo no Malwarebytes e posto o novo Log aqui.

[Power Max 54]

Ok, fico no aguardo.

[FlinN-D 0]

Bem, nenhum download que fiz hoje corrompeu. Fiz download de arquivos de vários tamanhos, variando formatos, baixando direto do navegador e também usando gerenciador de download. Parece que o problema foi resolvido. Se apresentar algum problema volto a entrar em contato.

 

Grato pela ajuda!!

[Power Max 54]

Fico feliz que o problema tenha sido resolvido.

 

:seta: Só para finalizar siga estes tutoriais abaixo, por gentileza:

 

Excluindo erros e otimizando seu PC com o CCleaner

 

Elimine arquivos inúteis de seu PC com o PureRa

_______________________________________________________________________________________________________________________

 

:seta: Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas deste tutorial.

_______________________________________________________________________________________________________________________

 

:) Foi um prazer ajudar. Conte sempre conosco!

[Power Max 54]

PROBLEMA RESOLVIDO<br /><br />Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.