Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Furl  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 11085 usuários registrados
O último usuário registrado atende pelo nome de Satanzord

Os nossos membros postaram um total de 25983 mensagens em 2793 assuntos
Últimos assuntos
» "Attention Required" para algumas paginas
por joram Hoje à(s) 5:02 pm

Quem está conectado
36 usuários online :: 5 usuários cadastrados, Nenhum Invisível e 31 Visitantes :: 2 Motores de busca

Helfth, ivanskalla, joram, Satanzord, Textech

O recorde de usuários online foi de 108 em Qui Maio 15, 2014 8:18 pm
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Outubro 2014
SegTerQuaQuiSexSabDom
  12345
6789101112
13141516171819
20212223242526
2728293031  

Calendário Calendário


awesomehp alguem sabe tirar551

awesomehp alguem sabe tirar

Página 1 de 5 1, 2, 3, 4, 5  Seguinte

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

awesomehp alguem sabe tirar

Mensagem por AndreaGM em Sab Fev 15, 2014 4:19 pm

Será que alguém pode me ajudar a tirar esse vírus? o meu internet explorer desapareceu e o computador está esquisito

AndreaGM
Iniciante
Iniciante

Mensagens: 36
Data de inscrição: 15/02/2014

Voltar ao Topo Ir em baixo

Re: awesomehp alguem sabe tirar

Mensagem por Power Max em Sab Fev 15, 2014 4:21 pm

  Oi Andrea. Seja bem vinda ao Fórum PC Brasil.

Estou movendo o seu tópico para a área de Remoção de Malwares para que possamos iniciar a limpeza destes problemas de seu computador:
[Você precisa estar registrado e conectado para ver este link.]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração

Power Max
Colaborador
Colaborador

Mensagens: 8267
Data de inscrição: 14/04/2009

Voltar ao Topo Ir em baixo

obrigada pela ajuda

Mensagem por AndreaGM em Sab Fev 15, 2014 4:24 pm

Ainda não sei mexer direito aqui..rsrs

AndreaGM
Iniciante
Iniciante

Mensagens: 36
Data de inscrição: 15/02/2014

Voltar ao Topo Ir em baixo

Re: awesomehp alguem sabe tirar

Mensagem por Power Max em Sab Fev 15, 2014 4:25 pm

<div align="center"><iframe src="http://www.forumpcbrasil.com/h3-728x90" height="98px" width="736px" scrolling="no" frameborder="0"></iframe></div>
 Faça o download do [Você precisa estar registrado e conectado para ver este link.].

*Execute-o e clique no botão Main Menu.

* Na próxima tela que surgirá clique em [Do a system scan and save a logfile].

*Um relatório será apresentado.

*Selecione todo o conteúdo deste relatório e copie (Ctrl+c).

Depois disso é só voltar aqui no fórum e postar este log do Hijackthis para que ele possa ser analisado.

Ficamos no aguardo de sua resposta.


Última edição por Power Max em Sab Mar 08, 2014 9:05 pm, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração

Power Max
Colaborador
Colaborador

Mensagens: 8267
Data de inscrição: 14/04/2009

Voltar ao Topo Ir em baixo

Re: awesomehp alguem sabe tirar

Mensagem por AndreaGM em Sab Fev 15, 2014 4:29 pm

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:27:31, on 15/02/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16798)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe
C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PcfTray.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WWGA8T48\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: FindRight - {2c774641-5504-46a8-b63f-6715ae3fe376} - C:\Program Files (x86)\FindRight\FindRightbho.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll
O2 - BHO: SaveSense - {71e129ff-6c2a-4984-818c-7e2c998b8d99} - C:\Users\Ponto Frio\AppData\Local\SaveSense\SaveSenseIE.dll
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [Baidu Antivirus] "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe" -auto
O4 - HKLM\..\Run: [Baidu PC Faster 4.0.0.0] "C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe" -auto -start
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [BrStsInd00] C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe /AUTORUN
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\Ponto Frio\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SISTEMA')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Global Startup: Acer Backup Manager Tray.lnk = C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O4 - Global Startup: TMMonitor.lnk = C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
O8 - Extra context menu item: &Enviar para o OneNote - [Você precisa estar registrado e conectado para ver este link.]
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Você precisa estar registrado e conectado para ver este link.]
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
O17 - HKLM\System\CCS\Services\Tcpip\..\{1ECE701E-8812-400D-A912-0A6A25143FA1}: NameServer = 200.169.117.222 200.169.117.221
O17 - HKLM\System\CS1\Services\Tcpip\..\{1ECE701E-8812-400D-A912-0A6A25143FA1}: NameServer = 200.169.117.222 200.169.117.221
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O20 - Winlogon Notify: GbPluginUni - C:\Program Files (x86)\GbPlugin\gbiehUni.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Baidu Antivirus Service (BAVSvc) - Baidu, Inc. - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe
O23 - Service: Baidu Hips Service (BHipsSvc) - Baidu, Inc. - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe
O23 - Service: Serviço do BonanzaDealsLive (bonanzadealslive) (bonanzadealslive) - BonanzaDeals - C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
O23 - Service: Serviço do BonanzaDealsLive (bonanzadealslivem) (bonanzadealslivem) - BonanzaDeals - C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: Aplicação do Cash 'n Back (CashNBack Application) - Unknown owner - C:\Program Files (x86)\RBM\CashNBack\CashNBack.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mobinil USB Modem. OUC (Mobinil USB Modem. RunOuc) - Unknown owner - C:\Program Files (x86)\Mobinil USB Modem\UpdateDog\ouc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Baidu PC Faster Service 4.0.0.0 (PCFasterSvc_{PCFaster_4.0.0.0}) - Baidu Inc. - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SaveSenseLive Service (savesenselive) (savesenselive) - SaveSense - C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe
O23 - Service: SaveSenseLive Service (savesenselivem) (savesenselivem) - SaveSense - C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update FindRight - Unknown owner - C:\Program Files (x86)\FindRight\updateFindRight.exe
O23 - Service: Util FindRight - Unknown owner - C:\Program Files (x86)\FindRight\bin\utilFindRight.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: WinZiper service (winzipersvc) - Taiwan Shui Mu Chih Ching Technology Limited. - C:\Program Files (x86)\WinZipper\winzipersvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wpm Service (Wpm) - Cherished Technololgy LIMITED - C:\ProgramData\WPM\wprotectmanager.exe
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe

--
End of file - 14781 bytes

AndreaGM
Iniciante
Iniciante

Mensagens: 36
Data de inscrição: 15/02/2014

Voltar ao Topo Ir em baixo

Re: awesomehp alguem sabe tirar

Mensagem por AndreaGM em Sab Fev 15, 2014 4:31 pm

espero que seja esse o relatório

AndreaGM
Iniciante
Iniciante

Mensagens: 36
Data de inscrição: 15/02/2014

Voltar ao Topo Ir em baixo

Re: awesomehp alguem sabe tirar

Mensagem por Power Max em Sab Fev 15, 2014 4:32 pm

 Siga, por gentileza, as dicas do tutorial abaixo:

[Você precisa estar registrado e conectado para ver este link.]

* Na sua próxima resposta poste, por gentileza, o log do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.
<div align="center"><iframe src="http://www.forumpcbrasil.com/h1-quadrado-grande" height="283px" width="346px" scrolling="no" frameborder="0"></iframe><iframe src="http://www.forumpcbrasil.com/h1-quadrado-grande" height="283px" width="346px" scrolling="no" frameborder="0"></iframe></div>


Última edição por Power Max em Sab Mar 08, 2014 9:06 pm, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração

Power Max
Colaborador
Colaborador

Mensagens: 8267
Data de inscrição: 14/04/2009

Voltar ao Topo Ir em baixo

Re: awesomehp alguem sabe tirar

Mensagem por AndreaGM em Sab Fev 15, 2014 4:50 pm

# AdwCleaner v3.018 - Relatório criado 15/02/2014 às 19:43:26
# Atualizado 28/01/2014 por Xplode
# Sistema Operacional : Windows 8 Single Language (64 bits)
# Usuário : Ponto Frio - LOJA
# Executando de : C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WWGA8T48\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

[#] Serviço Deletada : bonanzadealslive
[#] Serviço Deletada : bonanzadealslivem
Serviço Deletada : winzipersvc

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\baidu
[!] Pasta Deletada : C:\ProgramData\BonanzaDealsLive
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\open it!
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Pasta Deletada : C:\Program Files (x86)\baidu
Pasta Deletada : C:\Program Files (x86)\BonanzaDeals
[!] Pasta Deletada : C:\Program Files (x86)\BonanzaDealsLive
Pasta Deletada : C:\Program Files (x86)\IminentToolbar
Pasta Deletada : C:\Program Files (x86)\Mysearchdial
Pasta Deletada : C:\Program Files (x86)\openit
Pasta Deletada : C:\Program Files (x86)\Wajam
Pasta Deletada : C:\Program Files (x86)\WinZipper
Pasta Deletada : C:\Program Files (x86)\Common Files\337
Pasta Deletada : C:\Users\Ponto Frio\Funmoods
Pasta Deletada : C:\Users\Ponto Frio\AppData\Local\BonanzaDealsLive
Pasta Deletada : C:\Users\Ponto Frio\AppData\Local\Wajam
Pasta Deletada : C:\Users\PONTOF~1\AppData\Local\Temp\Iminent
Pasta Deletada : C:\Users\PONTOF~1\AppData\Local\Temp\WinZipper
Pasta Deletada : C:\Users\Ponto Frio\AppData\LocalLow\IminentToolbar
Pasta Deletada : C:\Users\Ponto Frio\AppData\LocalLow\Mysearchdial
Pasta Deletada : C:\Users\Ponto Frio\AppData\LocalLow\Softonic
Pasta Deletada : C:\Users\Ponto Frio\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Ponto Frio\AppData\Roaming\Funmoods
Pasta Deletada : C:\Users\Ponto Frio\AppData\Roaming\Mysearchdial
Pasta Deletada : C:\Users\Ponto Frio\AppData\Roaming\OpenCandy
Pasta Deletada : C:\Users\Ponto Frio\AppData\Roaming\WinZipper
Pasta Deletada : C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals
Pasta Deletada : C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Pasta Deletada : C:\Users\Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Pasta Deletada : C:\Users\Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Arquivo Deletada : C:\Users\Public\Desktop\Open It!.lnk
Arquivo Deletada : C:\Users\Ponto Frio\Desktop\MySearchDial.url
Arquivo Deletada : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
Arquivo Deletada : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
Arquivo Deletada : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
Arquivo Deletada : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
Arquivo Deletada : C:\Windows\System32\Tasks\BonanzaDealsUpdate
Arquivo Deletada : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser
Arquivo Deletada : C:\Windows\Tasks\Funmoods.job
Arquivo Deletada : C:\Windows\System32\Tasks\Funmoods
Arquivo Deletada : C:\Windows\Tasks\MySearchDial.job
Arquivo Deletada : C:\Windows\System32\Tasks\MySearchDial

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\BonanzaDealsLive.exe
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickCtrl.9
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLive.Update3WebControl.3
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd.1
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr.1
Chave Deletedo : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Chave Deletedo : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Chave Deletedo : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{118E1BF6-6279-432F-A285-373A77B90C7A}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{14CEEA2F-3D21-46ED-A7D2-89056C520E5E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1CC8D970-F626-4F19-815F-890032BB6606}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5B5E5D0E-7C83-4A32-ADD2-E5F488DD6783}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6802463D-636F-41FE-9924-4CAD56906590}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{806785D0-375F-4C2C-92E3-B8EE65D28E83}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{944661E7-67B9-4DF7-BFF2-05388C166D34}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A7CF66EF-4F0D-46B1-AF71-A500378D6C34}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B71934E5-6B93-448D-9D32-CBAA5150C5D8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E970727E-0508-4BEB-8B72-BBA9D0D047C7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{EBF1F869-D2F0-4D31-A877-386C853A9C3D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F3CF4912-CF0A-451B-AF3B-C4F216C715E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F904AC50-215C-42AB-A532-77E9FDBA9B19}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Chave Deletedo : HKCU\Software\BonanzaDealsLive
Chave Deletedo : HKCU\Software\dsiteproducts
Chave Deletedo : HKCU\Software\Funmoods
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\mysearchdial
Chave Deletedo : HKCU\Software\Wajam
Chave Deletedo : HKLM\Software\BonanzaDealsLive
Chave Deletedo : HKLM\Software\Desksvc
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKLM\Software\InstallCore
Chave Deletedo : HKLM\Software\mysearchdial
Chave Deletedo : HKLM\Software\V9
Chave Deletedo : HKLM\Software\Wajam
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bonanza Deals
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OpenIt Open It!
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Chave Deletedo : [x64] HKLM\SOFTWARE\Iminent

***** [ Navegadores ] *****

-\\ Internet Explorer v10.0.9200.16798

Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v32.0.1700.107

[ Arquivo : C:\Users\Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo : homepage

*************************

AdwCleaner[R0].txt - [18464 octets] - [15/02/2014 19:42:50]
AdwCleaner[S0].txt - [16475 octets] - [15/02/2014 19:43:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16536 octets] ##########

AndreaGM
Iniciante
Iniciante

Mensagens: 36
Data de inscrição: 15/02/2014

Voltar ao Topo Ir em baixo

Re: awesomehp alguem sabe tirar

Mensagem por Power Max em Sab Fev 15, 2014 4:55 pm

<div align="center"><iframe src="http://www.forumpcbrasil.com/h3-728x90" height="98px" width="736px" scrolling="no" frameborder="0"></iframe></div>
 Siga, por gentileza, as dicas do tutorial abaixo:

[Você precisa estar registrado e conectado para ver este link.]

* Na sua próxima resposta poste, por gentileza, o log do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.


Última edição por Power Max em Sab Mar 08, 2014 9:06 pm, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração

Power Max
Colaborador
Colaborador

Mensagens: 8267
Data de inscrição: 14/04/2009

Voltar ao Topo Ir em baixo

Re: awesomehp alguem sabe tirar

Mensagem por AndreaGM em Sab Fev 15, 2014 5:11 pm

Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 8 Single Language x64
Ran by Ponto Frio on 15/02/2014 at 20:05:35,72
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Suspicious HKCU\..\Run entries found. Trojan:JS/Medfos.B?

Value Name Type Value Data
========================================================================================
NextLive REG_SZ C:\Windows\SysWOW64\rundll32.exe "C:\Users\Ponto Frio\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l




~~~ Registry Keys

Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bonanzadeals
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-261953617-2769025804-3120936794-1001\Software\wajam
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\bonanzadeals
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\bonanzadealslive
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DE587899-2625-4A73-BD8C-A191BCF79FAC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E99A657B-F434-46A1-9458-3CEB3DCC4C33}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71e129ff-6c2a-4984-818c-7e2c998b8d99}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{71e129ff-6c2a-4984-818c-7e2c998b8d99}



~~~ Files

Failed to delete: [File] C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
Failed to delete: [File] C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\baidu"
Failed to delete: [Folder] "C:\ProgramData\savesenselive"
Successfully deleted: [Folder] "C:\Users\Ponto Frio\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Users\Ponto Frio\AppData\Roaming\savesense"
Successfully deleted: [Folder] "C:\Users\Ponto Frio\appdata\local\savesense"
Successfully deleted: [Folder] "C:\Users\Ponto Frio\appdata\local\savesenselive"
Failed to delete: [Folder] "C:\Program Files (x86)\savesenselive"



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Ponto Frio\appdata\local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15/02/2014 at 20:10:22,55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

AndreaGM
Iniciante
Iniciante

Mensagens: 36
Data de inscrição: 15/02/2014

Voltar ao Topo Ir em baixo

Re: awesomehp alguem sabe tirar

Mensagem por Power Max em Sab Fev 15, 2014 5:13 pm

 Faça o download do < [Você precisa estar registrado e conectado para ver este link.] >  < [Você precisa estar registrado e conectado para ver esta imagem.]> ( ... de Nicolas Coolman )

|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.
 
|- Execute o ícone do pergaminho. ( ZHPDiag )

[Você precisa estar registrado e conectado para ver esta imagem.]
 
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!

[Você precisa estar registrado e conectado para ver esta imagem.]
 
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Você precisa estar registrado e conectado para ver esta imagem.]
<div align="center"><iframe src="http://www.forumpcbrasil.com/h1-quadrado-grande" height="283px" width="346px" scrolling="no" frameborder="0"></iframe><iframe src="http://www.forumpcbrasil.com/h1-quadrado-grande" height="283px" width="346px" scrolling="no" frameborder="0"></iframe></div>


Última edição por Power Max em Sab Mar 08, 2014 9:06 pm, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração

Power Max
Colaborador
Colaborador

Mensagens: 8267
Data de inscrição: 14/04/2009

Voltar ao Topo Ir em baixo

Re: awesomehp alguem sabe tirar

Mensagem por AndreaGM em Sab Fev 15, 2014 5:29 pm

~ Relatório do ZHPDiag v2014.2.14.14 - Nicolas Coolman (14/02/2014)
~ Iniciado por Ponto Frio (15/02/2014 20:24:36)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Fóruns de suporte gratuito para desinfecção : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v10.0.9200.16798
GCIE: Google Chrome v32.0.1700.107

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8 Single Language, 64-bit (Build 9200)
Windows Server License Manager Script : OK

---\\ Softwares de proteçao do sistema
Windows Defender W8

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 5959 MB (64% free)
System Restore: Activé (Enable)
System drive C: has 398 GB (88%) free of 449 GB

---\\ Modo de conexão ao sistema
~ Computer Name: LOJA
~ User Name: Ponto Frio
~ All Users Names: Ponto Frio, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Ponto Frio\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Ponto Frio\AppData\Roaming\
~ %Desktop% : C:\Users\Ponto Frio\Desktop\
~ %Favorites% : C:\Users\Ponto Frio\Favorites\
~ %LocalAppData% : C:\Users\Ponto Frio\AppData\Local\
~ %StartMenu% : C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 398 Go of 449 Go)
D: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Windows Explorer.) (.01/06/2013 - 08:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.26/07/2012 - 00:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.90860E913075B03369BEB7B0B510DC2F] - (.Microsoft Corporation - Internet Extensions para Win32.) (.01/02/2014 - 06:19:49.) -- C:\Windows\System32\wininet.dll [2241536]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.11/10/2012 - 02:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.26/07/2012 - 00:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.7C0E0EDF18D6CC565D7BFBB451709FA5] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.04/09/2013 - 00:11:23.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 02:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.25/07/2012 - 23:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.25/07/2012 - 23:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.25/07/2012 - 23:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 03:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Driver de porta i8042.) (.25/07/2012 - 23:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.25/07/2012 - 23:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.05/02/2013 - 19:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.25/07/2012 - 23:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.76929F4A69E425911A63B407E26C2589] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.02/02/2013 - 07:54:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1933544]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Driver de porta paralela.) (.25/07/2012 - 23:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.25/07/2012 - 23:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.25/07/2012 - 23:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 02:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.01/06/2013 - 08:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/27
~ Mes musiques (My Musics) : 3/23
~ Mes Videos (My Videos) : 1/15
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 2/112
~ Mon Bureau (My Desktop) : 1/538
~ Menu demarrer (Programs) : 1/38
~ Hidden Files: Scanned in 00mn 01s



---\\ Processos lançados
[MD5.746D5A686D60B5FF19220D64F43DD21E] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe [1176688] [PID.3328]
[MD5.349AB4F70E2AC44970894E7F03E1576E] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) -- C:\ProgramData\DatacardService\DCSHelper.exe [236384] [PID.3336]
[MD5.68B4E27EF0698FBDDD58753756C7EE6E] - (.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533568] [PID.4480]
[MD5.D0AB230E0DD69AC6F5B52719D346DACA] - (.ArcSoft, Inc. - TMMonitor.) -- C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe [258048] [PID.4640]
[MD5.A7810B302294793DE88542AAE177D1B1] - (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424] [PID.3896]
[MD5.02B7AE9FBEFCF00E0DCB3390EB9EB6B5] - (.Baidu, Inc. - Baidu Antivirus Tray Application.) -- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe [1177960] [PID.3104] =>Adware.BDSearch
[MD5.F23FEC819F6D1181C47374DF8EE89A6E] - (.Baidu Inc. - PC Faster Tray.) -- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PcfTray.exe [1300672] [PID.4228] =>Adware.BDSearch
[MD5.F5281FA7188154C928ED27911B0BA6FD] - (.Brother Industries, Ltd. - Status Monitor Application.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4509184] [PID.5172]
[MD5.99D7C6224249E7837BF2EB03F6ABA955] - (.Brother Industries, Ltd. - ControlCenter Main Process.) -- C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe [504320] [PID.5180]
[MD5.9DEF1B844FF294FE5900711764F82B72] - (.Brother Industries, Ltd. - BrIndicator.) -- C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe [1885184] [PID.5264]
[MD5.BCF9D7878AF5BC01C39A292A3E455964] - (.Brother Industries, Ltd. - ControlCenter UX System.) -- C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe [1448448] [PID.5636]
[MD5.48CECD4B4A7FA0D9C9E8E17EBA639770] - (.Baidu Inc. - PC Faster Popups.) -- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFPopups.exe [2117824] [PID.5796] =>Adware.BDSearch
[MD5.7AE4D6C70C2D7912AB2B4651DF595575] - (.CyberLink - MediaEspresso DeviceDetector.) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [990320] [PID.5944]
[MD5.804E2D61CDF360A4492C86D6132135CC] - (.No owner - iuBrowserIEAgent.) -- C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [44176] [PID.7032]
[MD5.1C1DF0FA3ED8892C42DF7C8962E328BA] - (.No owner - iuEmailOutlookAgent.) -- C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [25232] [PID.6992]
[MD5.56DBC01BF6DFBA60A863DE308FB58334] - (.Thisisu - Junkware Removal Tool.) -- C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WWGA8T48\JRT.exe [1037530] [PID.12432]
[MD5.B04EE6BFF70C11D478680BB74E1D33AB] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [770736] [PID.11616]
[MD5.B5C774CFA944AF3E9A42B592B476F570] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8337920] [PID.856]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 1 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Ponto Frio\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll
~ Firefox Browser: 4 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.] =>Hijacker.NationZoom
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.] =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.] =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.] =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.] =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.] =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.] =>PUP.Awesomehp
~ IE Browser: 17 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: FindRight [64Bits] - {2c774641-5504-46a8-b63f-6715ae3fe376} . (.FindRight - FindRight.) -- C:\Program Files (x86)\FindRight\FindRightbho.dll =>Hijacker.FindrToolbar
O2 - BHO: IETabPage Class [64Bits] - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} . (.Thinknice Co. Limited - SupTab setup package.) -- C:\Program Files (x86)\SupTab\SupTab.dll =>PUP.SupTab
O2 - BHO: SaveSense [64Bits] - {71e129ff-6c2a-4984-818c-7e2c998b8d99} . (...) -- C:\Users\Ponto Frio\AppData\Local\SaveSense\SaveSenseIE.dll (.not file.) =>PUP.SaveSense
O2 - BHO: G-Buster Browser Defense [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbieh.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540008} . (.Banco Itaú Unibanco - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbiehuni.dll
~ BHO: 9 Legitimates Filtered in 00mn 00s



---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Acer Backup Manager.lnk . (.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
O4 - GS\Desktop [Public]: Brother Utilities.lnk . (.Brother Industories, Ltd. - Application Launcher.) -- C:\Program Files (x86)\Brother\BrLauncher\BrLauncher.exe
O4 - GS\Desktop [Public]: Glow.lnk . (.Immersion Digital - Glow.) -- C:\Program Files (x86)\Immersion Digital\SBB\pt-br\Glow.exe
O4 - GS\Desktop [Public]: Help and Support.lnk - Chave orfã
O4 - GS\Desktop [Public]: Mobinil USB Modem.lnk . (...) -- C:\Program Files (x86)\Mobinil USB Modem\Mobinil USB Modem.exe
O4 - GS\Desktop [Public]: Netflix.lnk . (...) -- C:\ProgramData\OEM_E471269A730D\Netflix\StartURL.exe
O4 - GS\Desktop [Public]: TotalMedia 3.5.lnk . (.ArcSoft, Inc. - ArcSoft TotalMedia.) -- C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe
O4 - GS\Program [Public]: Desktop.lnk - Chave orfã
O4 - GS\Accessories [Public]: TMMonitor.lnk . (.ArcSoft, Inc. - TMMonitor.) -- C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
O4 - GS\Accessories [Public]: TotalMedia 3.5.lnk . (.ArcSoft, Inc. - ArcSoft TotalMedia.) -- C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe
O4 - GS\QuickLaunch [Ponto Frio]: Google Chrome.lnk - Chave orfã
O4 - GS\QuickLaunch [Ponto Frio]: Launch Internet Explorer Browser.lnk - Chave orfã
O4 - GS\TaskBar [Ponto Frio]: Amazon Weblink.lnk . (...) -- C:\Program Files (x86)\Amazon Weblink\AmazonWW.exe (.not file.)
O4 - GS\TaskBar [Ponto Frio]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Users\Ponto Frio\Desktop\iexplore.exe
O4 - GS\Program [Ponto Frio]: iexplore (2).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [Ponto Frio]: iexplore (3).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Users\Ponto Frio\Desktop\iexplore.exe
O4 - GS\Program [Ponto Frio]: iexplore (4).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Users\Ponto Frio\Desktop\iexplore.exe
O4 - GS\Program [Ponto Frio]: iexplore.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [Ponto Frio]: Internet Explorer.lnk - Chave orfã
~ Global Startup: 52 Legitimates Filtered in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - GS\Startup [Public]: Acer Backup Manager Tray.lnk . (.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O4 - GS\Startup [Public]: TMMonitor.lnk . (.ArcSoft, Inc. - TMMonitor.) -- C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [RtHDVBg_Dolby] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKCU\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\Ponto Frio\AppData\Roaming\newnext.me\nengine.dll =>PUP.NextLive
O4 - HKLM\..\Wow6432Node\Run: [LManager] Chave orfã
O4 - HKLM\..\Wow6432Node\Run: [Dolby Home Theater v4] . (.Dolby Laboratories Inc. - Dolby Profile Selector.) -- C:\Dolby PCEE4\pcee4.exe
O4 - HKLM\..\Wow6432Node\Run: [ArcSoft Connection Service] . (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [Baidu Antivirus] . (.Baidu, Inc. - Baidu Antivirus Tray Application.) -- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe =>Adware.BDSearch
O4 - HKLM\..\Wow6432Node\Run: [Baidu PC Faster 4.0.0.0] . (.Baidu Inc. - PC Faster.) -- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe =>Adware.BDSearch
O4 - HKLM\..\Wow6432Node\Run: [ControlCenter4] . (.Brother Industries, Ltd. - ControlCenter Launcher.) -- C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
O4 - HKLM\..\Wow6432Node\Run: [BrStsMon00] . (.Brother Industries, Ltd. - Status Monitor Application.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
O4 - HKLM\..\Wow6432Node\Run: [BrStsInd00] . (.Brother Industries, Ltd. - BrIndicator.) -- C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe
O4 - HKLM\..\Wow6432Node\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe (.not file.) =>PUP.Mobogenie
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Windows® installer.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Windows® installer.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Windows® installer.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Windows® installer.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-21-261953617-2769025804-3120936794-1001\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\Ponto Frio\AppData\Roaming\newnext.me\nengine.dll =>PUP.NextLive
~ Application: Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Clique para Telefonar do Lync [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office15\ONBTTN~1.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1ECE701E-8812-400D-A912-0A6A25143FA1}: NameServer = 200.169.117.222 200.169.117.221
O17 - HKLM\System\CCS\Services\Tcpip\..\{A4BC50CB-03D9-4C6A-B2EA-5CC54A0F7CFB}: DhcpNameServer = 200.162.194.244 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{70C3D19A-9EA0-4B1F-ADCB-E06239F9176E}: DhcpDomain = A39CPP.WDS
O17 - HKLM\System\CCS\Services\Tcpip\..\{A4BC50CB-03D9-4C6A-B2EA-5CC54A0F7CFB}: DhcpDomain = ajato.com.br
O17 - HKLM\System\CS1\Services\Tcpip\..\{1ECE701E-8812-400D-A912-0A6A25143FA1}: NameServer = 200.169.117.222 200.169.117.221
O17 - HKLM\System\CS1\Services\Tcpip\..\{A4BC50CB-03D9-4C6A-B2EA-5CC54A0F7CFB}: DhcpNameServer = 200.162.194.244 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{70C3D19A-9EA0-4B1F-ADCB-E06239F9176E}: DhcpDomain = A39CPP.WDS
O17 - HKLM\System\CS1\Services\Tcpip\..\{A4BC50CB-03D9-4C6A-B2EA-5CC54A0F7CFB}: DhcpDomain = ajato.com.br
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.162.194.244 192.168.0.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Baidu Antivirus Service (BAVSvc) . (.Baidu, Inc. - Baidu Antivirus Service.) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe =>Adware.BDSearch
O23 - Service: Baidu Hips Service (BHipsSvc) . (.Baidu, Inc. - Baidu Antivirus Hips Service.) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe =>Adware.BDSearch
O23 - Service: Aplicação do Cash 'n Back (CashNBack Application) . (...) - C:\Program Files (x86)\RBM\CashNBack\CashNBack.exe
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
O23 - Service: HWDeviceService64.exe (HWDeviceService64.exe) . (.No owner - DCSHOST.) - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Mobinil USB Modem. OUC (Mobinil USB Modem. RunOuc) . (...) - C:\Program Files (x86)\Mobinil USB Modem\UpdateDog\ouc.exe
O23 - Service: Baidu PC Faster Service 4.0.0.0 (PCFasterSvc_{PCFaster_4.0.0.0}) . (.Baidu Inc. - Baidu PC Faster Service.) - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe =>Adware.BDSearch
O23 - Service: SaveSenseLive Service (savesenselive) (savesenselive) . (.SaveSense - SaveSenseLive Update.) - C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe =>PUP.SaveSense
O23 - Service: Update FindRight (Update FindRight) . (...) - C:\Program Files (x86)\FindRight\updateFindRight.exe =>Hijacker.FindrToolbar
O23 - Service: Util FindRight (Util FindRight) . (...) - C:\Program Files (x86)\FindRight\bin\utilFindRight.exe =>Hijacker.FindrToolbar
O23 - Service: WajamUpdaterV3 (WajamUpdaterV3) . (...) - C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe (.not file.) =>PUP.Wajam
O23 - Service: Wpm Service (Wpm) . (.Cherished Technololgy LIMITED - WPM Service.) - C:\ProgramData\WPM\wprotectmanager.exe =>PUP.WpManager
O23 - Service: ZAtheros Wlan Agent (ZAtheros Wlan Agent) . (.Atheros - Atheros Coex Service Application.) - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
~ Services: 24 Legitimates Filtered in 00mn 11s



---\\ Tarefas planificadas automaticamente (039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Digital Sites.job [318]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SaveSense.job [318] =>Hijacker.iHaveNet
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job [946] =>PUP.SaveSense
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job [950] =>PUP.SaveSense
[MD5.5414D0106F40C518BD0AFAB31B41CBF5] [APT] [Baidu Antivirus Update] (.Baidu, Inc..) -- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavUpdater.exe [2426008] =>Adware.BDSearch
[MD5.FE1D9A95168499203C96D9F3DD27DD82] [APT] [Baidu PC Faster Update] (.Baidu Inc..) -- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\Updater.exe [1084912] =>Adware.BDSearch
[MD5.00000000000000000000000000000000] [APT] [Digital Sites] (...) -- C:\Users\Ponto Frio\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [SaveSense] (...) -- C:\Users\Ponto Frio\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>PUP.SaveSense
[MD5.C495D8665A32539660625182D23D5C59] [APT] [SaveSenseLiveUpdateTaskMachineCore] (.SaveSense.) -- C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [146920] =>PUP.SaveSense
[MD5.C495D8665A32539660625182D23D5C59] [APT] [SaveSenseLiveUpdateTaskMachineUA] (.SaveSense.) -- C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [146920] =>PUP.SaveSense
[MD5.00000000000000000000000000000000] [APT] [SpyHunter4Startup] (...) -- C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe (.not file.) [0] =>Crapware.SpyHunter
[MD5.00000000000000000000000000000000] [APT] [{3E6FAC98-4102-4EC5-83C8-6D010FA53712}] (...) -- C:\Users\Ponto Frio\AppData\Roaming\awesomehp\awesomehp.exe (.not file.) [0] =>PUP.Awesomehp
~ Scheduled Task: 29 Legitimates Filtered in 00mn 06s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (Bfilter) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\Windows\system32\drivers\Bfilter.sys =>Adware.BDSearch
O41 - Driver: (Bfmon) . (.Baidu, Inc. - Baidu FS Monitor Driver.) - C:\Windows\system32\drivers\Bfmon.sys =>Adware.BDSearch
O41 - Driver: (Bprotect) . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - C:\Windows\system32\drivers\Bprotect.sys =>Adware.BDSearch
O41 - Driver: (BprotectEx) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\Windows\system32\drivers\BprotectEx.sys =>Adware.BDSearch
O41 - Driver: (cashnbackdrv) . (.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) - C:\Windows\System32\drivers\cashnbackdrv.sys
~ Drivers: 50 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: Baidu PC Faster - (.Baidu, Inc..) [HKLM][64Bits] -- Baidu PC Faster 4.0.0.0 =>Adware.BDSearch
O42 - Logiciel: Cash 'n Back - (.RBM Solutions.) [HKLM][64Bits] -- Cash 'n Back
O42 - Logiciel: Cronometro - (.Cronômetro.) [HKCU][64Bits] -- e5e575dca876f100
O42 - Logiciel: FindRight - (.FindRight.) [HKLM][64Bits] -- FindRight =>Hijacker.FindrToolbar
O42 - Logiciel: Glow [pt-br] - (.Immersion Digital.) [HKLM][64Bits] -- Glow
O42 - Logiciel: Módulo de Segurança - Banco do Brasil - (...) [HKLM][64Bits] -- {36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1
O42 - Logiciel: Update for Zip Extractor - (.Update for Zip Extractor.) [HKCU][64Bits] -- Digital Sites
O42 - Logiciel: WPM17.8.0.3325 - (.Cherished Technololgy LIMITED.) [HKLM][64Bits] -- WPM =>PUP.WpManager
~ Logic: 30 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\BrowserOptout]
[HKCU\Software\FindRight] =>Hijacker.FindrToolbar
[HKCU\Software\POV-VDMax]
[HKCU\Software\SaveSenseLive] =>PUP.SaveSense
[HKCU\Software\SaveSense] =>PUP.SaveSense
[HKCU\Software\Shalom]
[HKCU\Software\superdownloads.com.br]
[HKCU\Software\アプリケーション ウィザードで生成されたローカル アプリケーション]
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\BonanzaDealsLive] =>Adware.BonanzaDeals
[HKLM\Software\Wow6432Node\BonanzaDeals] =>Adware.BonanzaDeals
[HKLM\Software\Wow6432Node\BrowserOptout]
[HKLM\Software\Wow6432Node\FindRight] =>Hijacker.FindrToolbar
[HKLM\Software\Wow6432Node\Immersion Digital_SBB_pt-br]
[HKLM\Software\Wow6432Node\SaveSenseLive] =>PUP.SaveSense
[HKLM\Software\Wow6432Node\baidu] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager
~ Key Software: 257 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 09/12/2013 - 16:49:53 - [323,785] ----D C:\Program Files (x86)\Baidu Security =>Adware.BDSearch
O43 - CFD: 15/02/2014 - 16:28:40 - [2,730] ----D C:\Program Files (x86)\FindRight =>Hijacker.FindrToolbar
O43 - CFD: 03/01/2014 - 23:52:46 - [31,288] ----D C:\Program Files (x86)\Immersion Digital
O43 - CFD: 21/07/2013 - 17:05:22 - [78,085] ----D C:\Program Files (x86)\Mobinil USB Modem
O43 - CFD: 05/12/2013 - 22:48:35 - [3,892] ----D C:\Program Files (x86)\RBM
O43 - CFD: 23/01/2014 - 22:52:25 - [3,431] ----D C:\Program Files (x86)\SaveSenseLive =>PUP.SaveSense
O43 - CFD: 15/02/2014 - 16:23:18 - [2,201] ----D C:\Program Files (x86)\SupTab =>PUP.SupTab
O43 - CFD: 05/12/2013 - 22:48:28 - [88,673] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 15/02/2014 - 16:23:16 - [0,484] ----D C:\ProgramData\IePluginService =>Trojan.Trojan.SProtector
O43 - CFD: 21/07/2013 - 17:05:22 - [16,723] ----D C:\ProgramData\Mobinil USB Modem
O43 - CFD: 16/04/2013 - 15:30:27 - [0,125] ----D C:\ProgramData\OEM_E471269A730D
O43 - CFD: 05/12/2013 - 22:48:38 - [1,301] ----D C:\ProgramData\SaveSenseLive =>PUP.SaveSense
O43 - CFD: 03/01/2014 - 23:52:46 - [143,921] ----D C:\ProgramData\SBB
O43 - CFD: 17/01/2014 - 10:36:14 - [0,471] ----D C:\ProgramData\WPM =>PUP.WpManager
O43 - CFD: 05/12/2013 - 22:49:01 - [0] ----D C:\Users\Ponto Frio\AppData\Roaming\Baidu Security =>Adware.BDSearch
O43 - CFD: 16/04/2013 - 15:30:09 - [0,523] ----D C:\Users\Ponto Frio\AppData\Roaming\lm
O43 - CFD: 15/02/2014 - 19:46:00 - [1,228] ----D C:\Users\Ponto Frio\AppData\Roaming\newnext.me =>PUP.NextLive
O43 - CFD: 19/01/2014 - 23:02:43 - [7,017] ----D C:\Users\Ponto Frio\AppData\Roaming\rmi
O43 - CFD: 19/01/2014 - 23:05:58 - [1,224] ----D C:\Users\Ponto Frio\AppData\Local\genienext
O43 - CFD: 03/01/2014 - 23:53:21 - [0,300] ----D C:\Users\Ponto Frio\AppData\Local\SBB
O43 - CFD: 30/12/2013 - 16:28:44 - [0,004] ----D C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster =>Adware.BDSearch
O43 - CFD: 27/01/2014 - 20:59:25 - [0] ----D C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cronômetro
~ Program Folder: 162 Legitimates Filtered in 00mn 01s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.4B916278E1487A5CD5F8F9A521980026] - 11/02/2014 - 21:02:13 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [385614]
O44 - LFC:[MD5.8CA6A82D7E1FC04219A7E7C783A749CB] - 15/02/2014 - 14:47:49 ---A- . (...) -- C:\Windows\ie8_main.log [763]
O44 - LFC:[MD5.2FB1199D89E76DBB8E7F383436144676] - 15/02/2014 - 14:48:40 ---A- . (...) -- C:\Windows\IE10_main.log [1924]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15/02/2014 - 15:34:49 ---A- . (...) -- C:\autoexec.bat [0]
O44 - LFC:[MD5.CC0CF4F9CCCCF30934918C1D6E45FD00] - 15/02/2014 - 17:38:18 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [154608]
O44 - LFC:[MD5.AC88F2B957DA30EF7F09B54321FFC508] - 15/02/2014 - 17:38:18 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [762816]
~ Files: 40 Legitimates Filtered in 00mn 08s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{5eacf273-f236-11e2-bf07-5cc9d31d9238}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{5eacf2c5-f236-11e2-bf07-5cc9d31d9238}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 21/01/2014 - 11:14:41 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032] =>Adware.BDSearch
O58 - SDL:[MD5.DFC1681F6645CB2AEA83897588F05362] - 21/01/2014 - 11:14:50 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624] =>Adware.BDSearch
O58 - SDL:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992] =>Adware.BDSearch
O58 - SDL:[MD5.90FC18CBEFCD54BE4288541558E5187E] - 13/01/2014 - 20:31:54 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\BProtectEx.sys [83264] =>Adware.BDSearch
O58 - SDL:[MD5.952448355A7C0626B140A66EFC9600F7] - 25/10/2013 - 14:59:28 ---A- . (.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\cashnbackdrv.sys [43536]
O58 - SDL:[MD5.E986F9B462326BA1D703D376801809FE] - 05/09/2012 - 06:31:46 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys [319888]
O58 - SDL:[MD5.F572B7467B5CB4FA8FB6319575902E41] - 21/07/2013 - 16:04:28 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\Drivers\ewdcsc.sys [32768]
O58 - SDL:[MD5.15E399875C850B54FC253A2323AD8021] - 21/07/2013 - 16:04:29 ---A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\Drivers\mod7700.sys [1001472]
O58 - SDL:[MD5.24ADADE4B40CE17E5648663645860B48] - 29/09/2009 - 09:55:50 ---A- . (.Siano - smsbda device driver.) -- C:\Windows\System32\Drivers\smsbda.sys [63648]
O58 - SDL:[MD5.E428DFFA96FAD07D8CA3C9082563A225] - 20/08/2013 - 06:02:12 ---A- . (.DEVGURU Co., LTD.([Você precisa estar registrado e conectado para ver este link.] - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [103576]
O58 - SDL:[MD5.AAF6F247F1DC370C593B4430974EAD9C] - 20/08/2013 - 06:02:12 ---A- . (.DEVGURU Co., LTD.([Você precisa estar registrado e conectado para ver este link.] - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [204568]
O58 - SDL:[MD5.4E85355B94CFCB67C135F6521A4895A7] - 26/07/2012 - 02:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [30960]
O58 - SDL:[MD5.B7CC2AF3D5604EFDC5F82AF7A5B21FB1] - 15/02/2014 - 18:45:00 ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpndisrd.sys [31088]
O58 - SDL:[MD5.0C9187B87C1FC96D78094BEAD9B4DF3B] - 28/07/2004 - 09:08:58 ---A- . (...) -- C:\Windows\SysWOW64\drivers\PFC027.SYS [136576]
~ Drivers: 19 Legitimates Filtered in 00mn 02s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> <BDIPCSHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [Você precisa estar registrado e conectado para ver este link.] =>PUP.Awesomehp
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe [Você precisa estar registrado e conectado para ver este link.] =>Hijacker.NationZoom
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {F2AFFA64-9545-4C43-BDAE-3B8784F39BC1} [DefaultScope] - (Pesquisa Segura) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.F1AAAD57373832346B367E3B91916984] [SPRF][22/11/2013] (.Baidu, Inc. - Baidu Antivirus FileSplitUpLoad Library.) -- C:\ProgramData\FileSplitUpLoad.dll [170344] =>Adware.BDSearch
[MD5.18676F2888613D0529928F6DC81416BB] [SPRF][18/06/2013] (...) -- C:\Users\Ponto Frio\AppData\Roaming\unins000.dat [11312]
[MD5.AD6E810B9CE3D8C0C1FF0203C68C6FA6] [SPRF][18/06/2013] (.No owner - Setup/Uninstall.) -- C:\Users\Ponto Frio\AppData\Roaming\unins000.exe [720082]
~ Files: 5 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 23/10/2012 277024 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 23/08/2012 468624 | (DeviceFastLaneService) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
SS - | Demand 12/07/2012 174160 | (EgisTec Ticket Service) . (.Egis Technology Inc..) - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
SS - | Demand 22/08/2012 658576 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
SS - | Demand 26/01/2013 655624 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 08/08/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 08/08/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 21/07/2013 246112 | (Mobinil USB Modem. RunOuc) . (...) - C:\Program Files (x86)\Mobinil USB Modem\UpdateDog\ouc.exe
SS - | Auto 15/02/2014 146920 | (savesenselive) . (.SaveSense.) - C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe =>PUP.SaveSense
SS - | Demand 15/02/2014 146920 | (savesenselivem) . (.SaveSense.) - C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe =>PUP.SaveSense
SS - | Auto 10/07/1658 0 | (WajamUpdaterV3) . (...) - C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe =>PUP.Wajam
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Auto 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 18/03/2010 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SR - | Auto 21/01/2014 1923376 | (BAVSvc) . (.Baidu, Inc..) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe =>Adware.BDSearch
SR - | Auto 21/01/2014 459416 | (BHipsSvc) . (.Baidu, Inc..) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe =>Adware.BDSearch
SR - | Auto 20/08/2012 176640 | (BrcmCardReader) . (.Broadcom Corp..) - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
SR - | Demand 26/10/2012 282112 | (BrYNSvc) . (.Brother Industries, Ltd..) - C:\Program Files (x86)\Browny02\BrYNSvc.exe
SR - | Auto 08/11/2013 407544 | (CashNBack Application) . (...) - C:\Program Files (x86)\RBM\CashNBack\CashNBack.exe
SR - | Auto 23/08/2012 2435728 | (CCDMonitorService) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
SR - | Auto 28/08/2012 348784 | (DsiWMIService) . (.Dritek System Inc..) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
SR - | Auto 05/09/2012 85904 | (ETDService) . (.ELAN Microelectronics Corp..) - C:\Program Files\Elantech\ETDService.exe
SR - | Auto 22/11/2013 449592 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
SR - | Auto 14/03/2011 346976 | (HWDeviceService64.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService64.exe
SR - | Auto 20/04/2012 635104 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 17/07/2012 165760 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 17/07/2012 276864 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 23/08/2012 259136 | (NTI IScheduleSvc) . (.NTI Corporation.) - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
SR - | Auto 13/01/2014 679920 | (PCFasterSvc_{PCFaster_4.0.0.0}) . (.Baidu Inc..) - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe =>Adware.BDSearch
SR - | Auto 26/01/2013 93296 | (RfButtonDriverService) . (.Dritek System INC..) - C:\Windows\RfBtnSvc64.exe
SR - | Auto 17/07/2012 364416 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 14/02/2014 80672 | (Update FindRight) . (...) - C:\Program Files (x86)\FindRight\updateFindRight.exe =>Hijacker.FindrToolbar
SR - | Auto 15/02/2014 80672 | (Util FindRight) . (...) - C:\Program Files (x86)\FindRight\bin\utilFindRight.exe =>Hijacker.FindrToolbar
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 17/01/2014 493568 | (Wpm) . (.Cherished Technololgy LIMITED.) - C:\ProgramData\WPM\wprotectmanager.exe =>PUP.WpManager
SR - | Auto 31/07/2012 81536 | (ZAtheros Wlan Agent) . (.Atheros.) - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe

~ Services: Scanned in 00mn 08s



---\\ Scâner Aditional (088)
Database Version : 13031 - (14/02/2014)
Clés trouvées (Keys found) : 15
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 11
Fichiers trouvés (Files found) : 35

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C774641-5504-46A8-B63F-6715AE3FE376}] =>Hijacker.FindrToolbar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] =>PUP.SupTab^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71E129FF-6C2A-4984-818C-7E2C998B8D99}] =>PUP.SaveSense^
[HKLM\SYSTEM\CurrentControlSet\Services\BAVSvc] =>Adware.BDSearch^
[HKLM\SYSTEM\CurrentControlSet\Services\BHipsSvc] =>Adware.BDSearch^
[HKLM\SYSTEM\CurrentControlSet\Services\PCFasterSvc_{PCFaster_4.0.0.0}] =>Adware.BDSearch^
[HKLM\SYSTEM\CurrentControlSet\Services\savesenselive) (savesenselive] =>PUP.SaveSense^
[HKLM\SYSTEM\CurrentControlSet\Services\Update FindRight] =>Hijacker.FindrToolbar^
[HKLM\SYSTEM\CurrentControlSet\Services\Util FindRight] =>Hijacker.FindrToolbar^
[HKLM\SYSTEM\CurrentControlSet\Services\WajamUpdaterV3] =>PUP.Wajam^
[HKLM\SYSTEM\CurrentControlSet\Services\Wpm] =>PUP.WpManager^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0] =>Adware.BDSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\FindRight] =>Hijacker.FindrToolbar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WPM] =>PUP.WpManager^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus] =>Adware.BDSearch
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:NextLive =>PUP.NextLive^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Baidu Antivirus =>Adware.BDSearch^
C:\Program Files (x86)\Baidu Security =>Adware.BDSearch^
C:\Program Files (x86)\FindRight =>Hijacker.FindrToolbar^
C:\Program Files (x86)\SaveSenseLive =>PUP.SaveSense^
C:\Program Files (x86)\SupTab =>PUP.SupTab^
C:\ProgramData\Baidu Security =>Adware.BDSearch^
C:\ProgramData\IePluginService =>Trojan.Trojan.SProtector^
C:\ProgramData\SaveSenseLive =>PUP.SaveSense^
C:\ProgramData\WPM =>PUP.WpManager^
C:\Users\Ponto Frio\AppData\Roaming\Baidu Security =>Adware.BDSearch^
C:\Users\Ponto Frio\AppData\Roaming\newnext.me =>PUP.NextLive^
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster =>Adware.BDSearch^
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe =>Adware.BDSearch^
C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PcfTray.exe =>Adware.BDSearch^
C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFPopups.exe =>Adware.BDSearch^
C:\Windows\Tasks\SaveSense.job =>Hijacker.iHaveNet^
C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job =>PUP.SaveSense^
C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job =>PUP.SaveSense^
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavUpdater.exe =>Adware.BDSearch^
C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\Updater.exe =>Adware.BDSearch^
C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe =>PUP.SaveSense^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKCU\Software\FindRight] =>Hijacker.FindrToolbar^
[HKCU\Software\SaveSenseLive] =>PUP.SaveSense^
[HKCU\Software\SaveSense] =>PUP.SaveSense^
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\BonanzaDealsLive] =>Adware.BonanzaDeals^
[HKLM\Software\Wow6432Node\BonanzaDeals] =>Adware.BonanzaDeals^
[HKLM\Software\Wow6432Node\FindRight] =>Hijacker.FindrToolbar^
[HKLM\Software\Wow6432Node\SaveSenseLive] =>PUP.SaveSense^
[HKLM\Software\Wow6432Node\baidu] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^
C:\ProgramData\FileSplitUpLoad.dll =>Adware.BDSearch^
C:\Users\Ponto Frio\Downloads\SaveAs.exe =>PUP.Offerware
C:\Users\Ponto Frio\AppData\Local\Temp\nsgA86C.exe =>Toolbar.Conduit
C:\Users\Ponto Frio\AppData\Local\Temp\nsrAA32.exe =>Toolbar.Conduit
C:\Users\Ponto Frio\AppData\Local\Temp\nss8774.exe =>Toolbar.Conduit
C:\Users\Ponto Frio\AppData\Local\Temp\nsvFDCD.exe =>Toolbar.Conduit
C:\Users\Ponto Frio\AppData\Local\Temp\nsy8969.exe =>Toolbar.Conduit
C:\Users\Ponto Frio\AppData\Local\Temp\Umbrella.exe4e8a23 =>Adware.IMBooster
~ Additionnel Scan: 242523 Items scanned in 00mn 18s



---\\ Sumário das deteções encontradas na sua estação
~ [Você precisa estar registrado e conectado para ver este link.] =>Adware.BDSearch
~ [Você precisa estar registrado e conectado para ver este link.] =>Hijacker.NationZoom
~ [Você precisa estar registrado e conectado para ver este link.] =>PUP.Awesomehp
~ [Você precisa estar registrado e conectado para ver este link.] =>Hijacker.FindrToolbar
~ [Você precisa estar registrado e conectado para ver este link.] =>PUP.SupTab
~ [Você precisa estar registrado e conectado para ver este link.] =>PUP.SaveSense
~ [Você precisa estar registrado e conectado para ver este link.] =>PUP.NextLive
~ [Você precisa estar registrado e conectado para ver este link.] =>PUP.Mobogenie
~ [Você precisa estar registrado e conectado para ver este link.] =>PUP.Wajam
~ [Você precisa estar registrado e conectado para ver este link.] =>PUP.WpManager
~ [Você precisa estar registrado e conectado para ver este link.] =>Hijacker.iHavenet
~ [Você precisa estar registrado e conectado para ver este link.] =>Crapware.SpyHunter
~ [Você precisa estar registrado e conectado para ver este link.] =>Adware.BonanzaDeals
~ [Você precisa estar registrado e conectado para ver este link.] =>Trojan.SProtector
~ [Você precisa estar registrado e conectado para ver este link.] =>PUP.Offerware
~ [Você precisa estar registrado e conectado para ver este link.] =>Toolbar.Conduit
~ [Você precisa estar registrado e conectado para ver este link.] =>Adware.IMBooster
~ MSI: 17 link(s) detected in 00mn 18s



~ 1001 Legitimates filtered by white list
End of the scan (608 lines in 01mn 15s)(0)

AndreaGM
Iniciante
Iniciante

Mensagens: 36
Data de inscrição: 15/02/2014

Voltar ao Topo Ir em baixo

Re: awesomehp alguem sabe tirar

Mensagem por Power Max em Sab Fev 15, 2014 5:33 pm

No seu relatório está constando o Baidu no seu PC, você quer removê-lo ou quer mantê-lo no computador?

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração

Power Max
Colaborador
Colaborador

Mensagens: 8267
Data de inscrição: 14/04/2009

Voltar ao Topo Ir em baixo

Re: awesomehp alguem sabe tirar

Mensagem por AndreaGM em Sab Fev 15, 2014 5:35 pm

Se possível quero manter o Baidu porque não conheço outro grátis eficiente

AndreaGM
Iniciante
Iniciante

Mensagens: 36
Data de inscrição: 15/02/2014

Voltar ao Topo Ir em baixo

Página 1 de 5 1, 2, 3, 4, 5  Seguinte

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


Permissão deste fórum:
Você não pode responder aos tópicos neste fórum