pessoal bom dia, esse tal de buzzdock ads se instalou na minha máquina e não sei como remover, fiz algumas pesquisas pela net mas nada
agradeço a ajuda.
fenixx
Membro Senior
Registrado
410 Mensagens
4 Curtidas
- Home
- >
- Fórum
- >
- Windows, Softwa...
- >
- Análise de log,...
- >
- Remover buzzdock ads
edutango
Cyber Highlander
Registrado
9.3K Mensagens
6.3K Curtidas
uSE ADWCLEANER DOWNLOAD LINK
dEpois poste o log
AMD Duron 900mhz/mobo PCCHIPS
mouse em forma de arco leadrshhep
256mb RAM SDR=WINDOWS 98
Video integrado SiS
mouse em forma de arco leadrshhep
256mb RAM SDR=WINDOWS 98
Video integrado SiS
fenixx
Membro Senior
Registrado
410 Mensagens
4 Curtidas
# AdwCleaner v4.102 - Relatório criado 29/11/2014 às 16:20:41
# Atualizado 23/11/2014 por Xplode
# Database : 2014-11-27.1 [Live]
# Sistema Operacional : Windows 7 Professional Service Pack 1 (64 bits)
# Usuário : Home - HOME-PC
# Executando de : C:\Users\Home\Desktop\adwcleaner_4.102.exe
# Opção : Limpar
***** [ Serviços ] *****
Serviço Deletada : {0c7dc56c-1fb8-4d6b-a40f-10611881a3b6}Gw64
[#] Serviço Deletada : {18fa7aee-6838-42dd-8d32-3fd665a7e664}Gw64
[#] Serviço Deletada : {2ac9eb83-636e-4a51-ab66-bf4f388a02ab}Gw64
Serviço Deletada : {38f72c19-9857-4bc2-b729-9d00bd429872}Gw64
[#] Serviço Deletada : {481a6589-8e34-4bd5-9be2-2f7ce66c44d6}Gw64
Serviço Deletada : {6cfec6a5-9d93-4492-985a-470a68eff4e9}Gw64
[#] Serviço Deletada : {9390ab08-5703-448b-94f8-b8b1934c8841}Gw64
Serviço Deletada : {9ce7879e-efcb-4d59-a160-5f2b28c004e0}Gw64
Serviço Deletada : {b35afcf6-0992-4551-b2da-3af8a5dc5119}Gw64
[#] Serviço Deletada : {c5d2a915-f26c-4145-b1b0-0ab69f6f538f}Gw64
Serviço Deletada : {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64
Serviço Deletada : {e0cbbba5-5c5d-4016-a69f-410443e505d1}Gw64
Serviço Deletada : {e5e8bd85-21de-4190-b364-33beb625e47f}Gw64
[#] Serviço Deletada : {ea2115a6-5989-483c-b1ee-19fba43198ff}Gw64
Serviço Deletada : {f304f5bf-f4de-42cd-97b2-3ce03ceff9ce}Gw64
Serviço Deletada : {fe90d265-3be8-45cd-8d93-3ca3523fd9ea}Gw64
[#] Serviço Deletada : {fff2d2b4-0f90-4edd-a75a-047e2658236a}Gw64
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC
Pasta Deletada : C:\Program Files (x86)\MyPC Backup
[!] Pasta Deletada : C:\Program Files (x86)\Elex-tech
Pasta Deletada : C:\Users\Home\AppData\Local\Temp\iSafeRightKeyScan
Pasta Deletada : C:\Users\Home\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Home\AppData\Roaming\eCyber
Pasta Deletada : C:\Users\Home\AppData\Roaming\Elex-tech
Pasta Deletada : C:\Users\Public\Documents\baidu
Arquivo Deletada : C:\Windows\System32\drivers\iSafeKrnlBoot.sys
Arquivo Deletada : C:\Windows\System32\log\iSafeKrnlCall.log
Arquivo Deletada : C:\Windows\System32\\drivers\{0c7dc56c-1fb8-4d6b-a40f-10611881a3b6}Gw64.sys
Arquivo Deletada : C:\Windows\System32\\drivers\{38f72c19-9857-4bc2-b729-9d00bd429872}Gw64.sys
Arquivo Deletada : C:\Windows\System32\\drivers\{6cfec6a5-9d93-4492-985a-470a68eff4e9}Gw64.sys
Arquivo Deletada : C:\Windows\System32\\drivers\{9ce7879e-efcb-4d59-a160-5f2b28c004e0}Gw64.sys
Arquivo Deletada : C:\Windows\System32\\drivers\{b35afcf6-0992-4551-b2da-3af8a5dc5119}Gw64.sys
Arquivo Deletada : C:\Windows\System32\\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys
Arquivo Deletada : C:\Windows\System32\\drivers\{e0cbbba5-5c5d-4016-a69f-410443e505d1}Gw64.sys
Arquivo Deletada : C:\Windows\System32\\drivers\{e5e8bd85-21de-4190-b364-33beb625e47f}Gw64.sys
Arquivo Deletada : C:\Windows\System32\\drivers\{f304f5bf-f4de-42cd-97b2-3ce03ceff9ce}Gw64.sys
Arquivo Deletada : C:\Windows\System32\\drivers\{fe90d265-3be8-45cd-8d93-3ca3523fd9ea}Gw64.sys
Arquivo Deletada : C:\Users\Home\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\YAC.lnk
Arquivo Deletada : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\b51eup2a.default\user.js
Arquivo Deletada : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
Arquivo Deletada : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Arquivo Deletada : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_<a href="'http://www.superfish.com_0.localstorage'" target="_blank">www.superfish.com_0.localstorage</a>
Arquivo Deletada : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_<a href="'http://www.superfish.com_0.localstorage-journal'" target="_blank">www.superfish.com_0.localstorage-journal</a>
Arquivo Deletada : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_<a href="'http://www.superfish.com_0.localstorage'" target="_blank">www.superfish.com_0.localstorage</a>
Arquivo Deletada : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_<a href="'http://www.superfish.com_0.localstorage-journal'" target="_blank">www.superfish.com_0.localstorage-journal</a>
***** [ Tarefas ] *****
Tarefa Deletedo : Driver Booster Scan
Tarefa Deletedo : Driver Booster Update
Tarefa Deletedo : LaunchSignup
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{5411D116-5A37-47D4-B154-5F7FCD9062F0}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DatamngrCoordinator.exe
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\hao123.com
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.17420
-\\ Mozilla Firefox v33.1 (x86 pt-BR)
[b51eup2a.default\prefs.js] - Linha deletada : user_pref("extensions.crossrider.bic", "14316e0a9b52954d4f13770493bd1940"
[b51eup2a.default\prefs.js] - Linha deletada : user_pref("extensions.iminent.admin", false);
[b51eup2a.default\prefs.js] - Linha deletada : user_pref("extensions.iminent.aflt", "orgnl"
[b51eup2a.default\prefs.js] - Linha deletada : user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}"
[b51eup2a.default\prefs.js] - Linha deletada : user_pref("extensions.iminent.autoRvrt", "false"
[b51eup2a.default\prefs.js] - Linha deletada : user_pref("extensions.iminent.dfltLng", ""
[b51eup2a.default\prefs.js] - Linha deletada : user_pref("extensions.iminent.excTlbr", false);
[b51eup2a.default\prefs.js] - Linha deletada : user_pref("extensions.iminent.ffxUnstlRst", false);
[b51eup2a.default\prefs.js] - Linha deletada : user_pref("extensions.iminent.id", "669028e70000000000008206e6d05fd5"
[b51eup2a.default\prefs.js] - Linha deletada : user_pref("extensions.iminent.instlDay", "16180"
[b51eup2a.default\prefs.js] - Linha deletada : user_pref("extensions.iminent.instlRef", ""
[b51eup2a.default\prefs.js] - Linha deletada : user_pref("extensions.iminent.newTab", false);
[b51eup2a.default\prefs.js] - Linha deletada : user_pref("extensions.iminent.prdct", "iminent"
[b51eup2a.default\prefs.js] - Linha deletada : user_pref("extensions.iminent.prtnrId", "iminent"
[b51eup2a.default\prefs.js] - Linha deletada : user_pref("extensions.iminent.rvrt", "false"
[b51eup2a.default\prefs.js] - Linha deletada : user_pref("extensions.iminent.smplGrp", "none"
[b51eup2a.default\prefs.js] - Linha deletada : user_pref("extensions.iminent.tlbrId", "base"
[b51eup2a.default\prefs.js] - Linha deletada : user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q="
[b51eup2a.default\prefs.js] - Linha deletada : user_pref("extensions.iminent.vrsn", "1.8.28.3"
[b51eup2a.default\prefs.js] - Linha deletada : user_pref("extensions.iminent.vrsnTs", "1.8.28.33:13:31"
[b51eup2a.default\prefs.js] - Linha deletada : user_pref("extensions.iminent.vrsni", "1.8.28.3"
-\\ Google Chrome v39.0.2171.71
*************************
AdwCleaner[R0].txt - [7701 octets] - [29/11/2014 16:19:13]
AdwCleaner[S0].txt - [7328 octets] - [29/11/2014 16:20:41]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7388 octets] ##########
DELL VOSTRO I5 WIN 7 PRO
Já errei sim, foi uma certa vez que pensei estar errado!
Já errei sim, foi uma certa vez que pensei estar errado! 
Otneba62
Cyber Highlander
Registrado
16.6K Mensagens
2K Curtidas
tadeuboato
Geek
Registrado
1.5K Mensagens
407 Curtidas
O Edu consegui remover bastante coisa da sua maquina e pelo log gerado ainda tem muito o que fazer.
Siga a dica:
Faça o download do < ZHPDiag > < > ( ... de Nicolas Coolman )Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:
Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:
Tutorial de instalação e execução do aplicativo ZHPDiag
* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.
É nas urnas que o povo brasileiro mostra a força e o tamanho de sua ignorância .
"Nascer, morrer, renascer ainda e progredir sempre, tal é a lei"
Allan Kardec
"Nascer, morrer, renascer ainda e progredir sempre, tal é a lei"
Allan Kardec
fenixx
Membro Senior
Registrado
410 Mensagens
4 Curtidas
~ Relatório do ZHPDiag v2014.11.26.167 - Nicolas Coolman (26/11/2014)
~ Iniciado por Home (29/11/2014 18:06:39)
~ Facebook : <a href="https://www.facebook.com/nicolascoolman1" target="_blank">https://www.facebook.com/nicolascoolman1</a>
~ Endereço do Webforum : <a href="http://forum.nicolascoolman.fr" target="_blank">http://forum.nicolascoolman.fr</a>
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17420 (Defaut)
OBIE: AvantBrowser v12.5.0.0
MFIE: Mozilla Firefox 33.1
GCIE: Google Chrome v39.0.2171.71
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
McAfee VirusScan Enterprise v8.8.00000
Trend Micro Titanium Internet Security v3.00
Spybot - Search & Destroy v1.6.2
Windows Defender W7 (Deactivate)
---\\ Softwares d'optimização do sistema
CCleaner v4.16
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 15 Plugin
Adobe Reader X
---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3998 MB (41% free)
System Restore: Activé (Enable)
System drive C: has 312 GB (69%) free of 450 GB
---\\ Modo de conexão ao sistema
~ Computer Name: HOME-PC
~ User Name: Home
~ All Users Names: HomeGroupUser$, Home, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Home\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Home\AppData\Roaming\
~ %Desktop% : C:\Users\Home\Desktop\
~ %Favorites% : C:\Users\Home\Favorites\
~ %LocalAppData% : C:\Users\Home\AppData\Local\
~ %StartMenu% : C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 312 Go of 450 Go)
D: CD-ROM drive (Free 0 Go of 0 Go)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
~ Security Center: 41 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.03/10/2012 - 22:10:46.) -- C:\WINDOWS\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\WINDOWS\System32\Wininit.exe [129024]
[MD5.6FC2819A4F80AAB2DADEDFC1EFEE3C3F] - (.Microsoft Corporation - Internet Extensions para Win32.) (.05/11/2014 - 23:17:24.) -- C:\WINDOWS\System32\wininet.dll [2365440]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.16/07/2014 - 23:07:24.) -- C:\WINDOWS\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\WINDOWS\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 03:45:52.) -- C:\WINDOWS\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\WINDOWS\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\WINDOWS\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.03/10/2012 - 22:10:30.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\WINDOWS\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:37:55.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\WINDOWS\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 00:25:07.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\WINDOWS\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\WINDOWS\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/11/2010 - 00:23:47.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/2485
~ Mes musiques (My Musics) : 1/494
~ Mes Videos (My Videos) : 1/36
~ Mes Favoris (My Favorites) : 1/36
~ Mes Documents (My Documents) : 1/79550
~ Mon Bureau (My Desktop) : 0/344
~ Menu demarrer (Programs) : 1/38
~ Hidden Files: Scanned in 01mn 06s
---\\ Processos lançados
[MD5.73511BB9B2F4070A554A6C4B67F5AC72] - (.DigitalPersona, Inc. - DigitalPersona Local Agent.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe [795984] [PID.4056]
[MD5.638CD1D8AE8630E628D4E6462D3EF88E] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe [558904] [PID.4064]
[MD5.8872B78D80682F2BE0A04EB0B3EAF554] - (.SoftThinks - Dell - DataSafe Update Launcher.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe [465216] [PID.3424]
[MD5.BA90DF05FA2E9A2C15F3A74825315BD0] - (.SoftThinks - Dell - Dell DataSafe Local Backup.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.exe [4293952] [PID.3436]
[MD5.54773C11E2122DBEA5CE7CDDAE00E89E] - (.Elex do Brasil Participações Ltda - YACTray.) -- C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe [347944] [PID.2192] =>PUP.Elex
[MD5.F205CD085B25CFC491908EFE4E8AB8F5] - (.No owner - ST Service Scheduling.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.exe [2751808] [PID.4136]
[MD5.DE1C19537602BAF9BC79BB35B794E257] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760] [PID.4836]
[MD5.C64E9B1C9EA057DCECDCB98F34377811] - (.Microsoft Corporation - Microsoft OneNote Quick Launcher.) -- C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.exe [228552] [PID.568]
[MD5.A005676B30AEB3C7703C317D992B193A] - (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648] [PID.5208]
[MD5.13F44960416C1D24DAAC3CBBBAE49D35] - (.Creative Technology Ltd - Webcam Central.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [577024] [PID.5236]
[MD5.52955E4957FFE8FD7269BC507B347051] - (.McAfee, Inc. - Common User Interface.) -- C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe [161088] [PID.5300]
[MD5.F4943A29B23A6CFD59875654BB8A36A1] - (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020704] [PID.5320]
[MD5.C0DDDAFB06D87D2227CDD3BB7B2B09C9] - (.McAfee, Inc. - McTray Application.) -- C:\Program Files (x86)\McAfee\Common Framework\McTray.exe [75072] [PID.5660]
[MD5.45E1121E6BA2D9677B3A61C2E0466B5A] - (.McAfee, Inc. - VirusScan tray icon.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.exe [215360] [PID.5932]
[MD5.591C6FD1541BAFAEEE82B1F5831C8532] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [815280] [PID.7112]
[MD5.AA3646071305CC3F0A7FB2E7B86BAC92] - (.Adblock - Helps you remove browser ads!.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.exe [4213072] [PID.2248]
[MD5.17D0F31B84A09B648A662AD5C06B5600] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8132608] [PID.8188]
[MD5.11F6F9216D8F77EAC196B07D66E819EA] - (.Elex do Brasil Participações Ltda - iSafeSvc.) -- C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048] [PID.380] =>PUP.Elex
[MD5.A03A95B389479B2ADE3A288FA2EA11D1] - (.Elex do Brasil Participações Ltda - iSafeSvc2.) -- C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe [118048] [PID.784] =>PUP.Elex
[MD5.4D30C9AA6BF04AF4223A68B771B0B7CE] - (.IObit - IObit Malware Fighter Service.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344896] [PID.1968]
[MD5.62B7936F9036DD6ED36E6A7EFA805DC0] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [63928] [PID.1704]
[MD5.608D6A90E989C6522F170E5526A64BF4] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336] [PID.1944]
[MD5.1F79342D9EB530A48742F651E570983A] - (.Microsoft Corporation - Updates Skype Click to Call.) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176] [PID.2116]
[MD5.E4938E0A376CF0B9D989EE5C0A146891] - (.Microsoft Corporation - Phone Number Recognition (PNR) module.) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520] [PID.2152]
[MD5.9A59DF2CA690019FEA3B265D5A7EB619] - (.Conexant Systems, Inc. - Utility Service.) -- C:\Program Files\Conexant\SA3\CxUtilSvc.exe [109184] [PID.2240]
[MD5.3096728F12CC59928EDE8638BE60D1E2] - (...) -- C:\ProgramData\5fd2ca9d-b04a-4998-b7e8-2d30ebba8fbe\maintainer.exe [123632] [PID.2568]
[MD5.062D80F13D762F7BC2F38430D60F5048] - (.McAfee, Inc. - Framework Service.) -- C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [120128] [PID.2596]
[MD5.113C20EB4982C5670F49718441BEE76D] - (.McAfee, Inc. - Task Manager.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe [209760] [PID.2680]
[MD5.54BAAF892AB8F092BD22CACCB5D98495] - (.McAfee, Inc. - VSCore Announcer.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe [33648] [PID.2764]
[MD5.39F313773AD1ED4C4E345A90E5666086] - (.McAfee, Inc. - NAI Product Manager.) -- C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe [185664] [PID.2876]
[MD5.4215C271D6E6898C3F4DABAB4F387DC9] - (.SoftThinks SAS - SoftThinks Agent Service.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe [1695040] [PID.3004]
[MD5.A5B25E310678175F4779499FFF7D0994] - (.Atheros - Atheros Coex Service Application.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [158880] [PID.3096]
[MD5.CB619D0957FD55244B4B819965CE5569] - (.Atheros - Atheros Coex Service Application.) -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [73728] [PID.3160]
[MD5.794D4B48DFB6E999537C7C3947863463] - (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368] [PID.3320]
[MD5.CB8C1CC4F46FBAC78150754D77460C73] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe [230792] [PID.3140]
[MD5.EA26A4A4EFF6F5677C8745D274E23913] - (.Dell Products, LP. - Dell Digital Delivery Windows Service.) -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [202248] [PID.6916]
[MD5.545462D0DBE24AF379BA869B7C185CCD] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13592] [PID.7136]
[MD5.5C08357C65F658E29B5DDC2EF18D575C] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277784] [PID.4508]
[MD5.0DFC9713D117B349E41A2A477448107A] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [363800] [PID.5712]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Preferences
---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 0 Legitimates Filtered in 00mn 01s
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\b51eup2a.default\prefs.js
M2 - MFEP: RegExtension {87F8774F-B485-47E2-A755-A40A8A5E886D} . (...) --
M2 - MFEP: Extension [Home - b51eup2a.default] {0e195523-6785-4f9c-bb2f-0a791b0c99d0}
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/cef] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Home\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll
~ Firefox Browser: 9 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.16.9:9010
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=C:\WINDOWS\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects do navegador (02)
O2 - BHO: Ads Removal [64Bits] - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} . (.Adblock - Helps you remove browser ads!.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Chave orfã
~ BHO: 26 Legitimates Filtered in 00mn 00s
---\\ Barras do Internet Explorer (03))
O3 - Toolbar: Classic Explorer Bar - [HKLM]{553891B7-A0D5-4526-BE18-D3CE461D6310} . (.IvoSoft - Adds classic Windows Explorer features.) -- C:\Program Files\Classic Shell\ClassicExplorer64.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickSet] . (.Dell Inc. - QuickSet.) -- c:\Program Files\Dell\QuickSet\QuickSet.exe
O4 - HKLM\..\Run: [IntelTBRunOnce] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\wscript.exe
O4 - HKLM\..\Run: [AtherosBtStack] . (.Atheros Communications - Bluetooth Stack Server.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
O4 - HKLM\..\Run: [AthBtTray] . (.Atheros Commnucations - Bluetooth Suite Common Rescource.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
O4 - HKLM\..\Run: [Trend Micro Client Framework] . (.Trend Micro Inc. - Trend Micro Client Session Agent Monitor.) -- C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe
O4 - HKLM\..\Run: [Classic Start Menu] . (.IvoSoft - Classic Start Menu.) -- C:\Program Files\Classic Shell\ClassicStartMenu.exe
O4 - HKLM\..\Run: [ETDCtrl] . (.ELAN Microelectronics Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [DellSystemDetect] . (.Dell - Dell System Detect.) -- C:\Users\Home\AppData\Local\Apps\2.0\CR1G1EB6.QWY\4Y59TORC.WXL\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe
O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
O4 - HKLM\..\Wow6432Node\Run: [Dell Webcam Central] . (.Creative Technology Ltd - Webcam Central.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
O4 - HKLM\..\Wow6432Node\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [McAfeeUpdaterUI] . (.McAfee, Inc. - Common User Interface.) -- C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe
O4 - HKLM\..\Wow6432Node\Run: [ShStatEXE] . (.McAfee, Inc. - VirusScan tray icon.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.exe
O4 - HKLM\..\Wow6432Node\Run: [Wondershare Helper Compact.exe] . (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3084669983-3751175768-2074562166-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-3084669983-3751175768-2074562166-1001\..\Run: [DellSystemDetect] . (.Dell - Dell System Detect.) -- C:\Users\Home\AppData\Local\Apps\2.0\CR1G1EB6.QWY\4Y59TORC.WXL\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~1\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: Classic IE9 Settings [64Bits] - {56753E59-AF1D-4FBA-9E15-31557124ADA2} -- Chave orfã
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~1\Office14\ONBTTN~1.dll (.not file.)
O9 - Extra button: Skype Click to Call settings [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.caixa.gov.br
O15 - Trusted Zone: [HKCU\...\Domains] *.dell.com
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1D8DFC21-D38D-4EBD-AC5A-9184683A523F}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{5363BF07-BB10-431F-943C-D30F9D9DAF5E}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A4D4DCE7-0E09-4511-A936-F250F102407B}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1D8DFC21-D38D-4EBD-AC5A-9184683A523F}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{5363BF07-BB10-431F-943C-D30F9D9DAF5E}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A4D4DCE7-0E09-4511-A936-F250F102407B}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{1D8DFC21-D38D-4EBD-AC5A-9184683A523F}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{5363BF07-BB10-431F-943C-D30F9D9DAF5E}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{A4D4DCE7-0E09-4511-A936-F250F102407B}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
O23 - Service: YAC Service (iSafeService) . (.Elex do Brasil Participações Ltda - iSafeSvc.) - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe =>PUP.Elex
O23 - Service: lxdn_device (lxdn_device) . (.No owner - Printer Communication System.) - C:\Windows\system32\lxdncoms.exe
O23 - Service: MaintainerSvc3.38.8461645 (MaintainerSvc3.38.8461645) . (...) - C:\ProgramData\5fd2ca9d-b04a-4998-b7e8-2d30ebba8fbe\maintainer.exe =>PUP.MaintainerSvc
O23 - Service: Update ClearThink (Update ClearThink) . (...) - C:\Program Files (x86)\ClearThink\updateClearThink.exe (.not file.) =>PUP.ClearThink
~ Services: 31 Legitimates Filtered in 00mn 07s
---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS.exe (.not file.) [0] =>Trojan.AutoKMS
[MD5.00000000000000000000000000000000] [APT] [{5F8F1839-0F27-439D-AFD3-3EE7E828EC84}] (...) -- C:\Users\Home\Desktop\irfanview_lang_portugues.exe (.not file.) [0]
O39 - APT: - (..) -- C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: - (..) -- C:\WINDOWS\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3084669983-3751175768-2074562166-1001Core [902]
O39 - APT: - (..) -- C:\WINDOWS\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3084669983-3751175768-2074562166-1001UA [924]
O39 - APT: - (..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore [1066]
O39 - APT: - (..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA [1070]
~ Scheduled Task: 18 Legitimates Filtered in 00mn 01s
---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (Bfilter) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\Windows\system32\drivers\Bfilter.sys
O41 - Driver: (Bfmon) . (.Baidu, Inc. - Baidu FS Monitor Driver.) - C:\Windows\system32\drivers\Bfmon.sys
O41 - Driver: (Bprotect) . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - C:\Windows\system32\drivers\Bprotect.sys
O41 - Driver: (iSafeKrnl) . (.Elex do Brasil Participações Ltda - iSafe Kernel Driver.) - C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys =>PUP.Elex
O41 - Driver: (iSafeKrnlKit) . (.Elex do Brasil Participações Ltda - iSafe Kernel Kit Driver.) - C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys =>PUP.Elex
O41 - Driver: (iSafeKrnlR3) . (.Elex do Brasil Participações Ltda - iSafe Kernel Ring3 Driver.) - C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys =>PUP.Elex
O41 - Driver: (iSafeNetFilter) . (.Elex do Brasil Participações Ltda - iSafeNetFilter SDK WFP Driver (WPP).) - C:\WINDOWS\System32\DRIVERS\iSafeNetFilter.sys =>Trojan.Staser
~ Drivers: 87 Legitimates Filtered in 00mn 00s
---\\ Software instalados (042)
O42 - Logiciel: Avant Browser (remove only) - (.Avant Force.) [HKLM][64Bits] -- AvantBrowser
O42 - Logiciel: GBBD Caixa Economica Federal - (...) [HKLM][64Bits] -- {5d01f486-f32d-462e-8830-cc1d116e8ece}_is1
O42 - Logiciel: Hao123-Client - (.Baidu Online Network Technology (Beijing) Co., Ltd..) [HKCU][64Bits] -- hao123desk-br
O42 - Logiciel: YAC(Yet Another Cleaner!) - (.ELEX DO BRASIL PARTICIPAÇÕES LTDA.) [HKLM][64Bits] -- iSafe =>PUP.YetAnotherCleaner
~ Logic: 30 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\Avant Browser]
[HKCU\Software\Baidu Security]
[HKCU\Software\Baidu]
[HKCU\Software\GbAs]
[HKLM\Software\Baidu Security]
[HKLM\Software\Wow6432Node\ADSRemoval]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Baidu Security]
[HKLM\Software\Wow6432Node\Elex-tech] =>PUP.Elex
~ Key Software: 311 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 14/06/2014 - 13:51:47 - [] ----D C:\Program Files (x86)\Avant Browser
O43 - CFD: 17/12/2013 - 21:26:45 - [] ----D C:\Program Files (x86)\Baidu Security
O43 - CFD: 28/11/2014 - 19:16:18 - [] ----D C:\Program Files (x86)\Elex-tech =>PUP.Elex
O43 - CFD: 23/05/2014 - 21:31:23 - [0] ----D C:\ProgramData\Baidu Security
O43 - CFD: 20/06/2014 - 14:23:37 - [] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 03/08/2014 - 14:03:21 - [] -SH-D C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 14/06/2014 - 13:51:47 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avant Browser
O43 - CFD: 03/10/2012 - 17:47:15 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
O43 - CFD: 26/10/2014 - 14:55:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
O43 - CFD: 03/10/2012 - 17:49:45 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HotSpot
O43 - CFD: 21/11/2010 - 07:48:04 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 14/06/2014 - 13:51:52 - [] ----D C:\Users\Home\AppData\Roaming\Avant Profiles
O43 - CFD: 21/09/2014 - 10:30:41 - [0] ----D C:\Users\Home\AppData\Roaming\BRT
O43 - CFD: 29/11/2014 - 16:45:11 - [] ----D C:\Users\Home\AppData\Roaming\Elex-tech =>PUP.Elex
O43 - CFD: 22/11/2014 - 10:25:56 - [] -SH-D C:\Users\Home\AppData\Local\EmieBrowserModeList
O43 - CFD: 02/10/2014 - 10:04:42 - [0] -SH-D C:\Users\Home\AppData\Local\icsxml
O43 - CFD: 02/10/2014 - 10:03:06 - [0] -SH-D C:\Users\Home\AppData\Local\ms-drivers
O43 - CFD: 29/11/2014 - 12:34:48 - [0] ----D C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hao123-Brazil
~ 4 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 276 Legitimates Filtered in 00mn 00s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.F7A5EDB11A6BDD2E73FC1DDA4C64A068] - 28/11/2014 - 18:16:29 ---A- . (.Elex do Brasil Participações Ltda - iSafeNetFilter SDK WFP Driver (WPP).) -- C:\WINDOWS\System32\Drivers\iSafeNetFilter.sys [49320] =>Trojan.Staser
~ Files: 9 Legitimates Filtered in 00mn 02s
---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj [64Bits] - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Controlo do Modo de Segurança (CSB) (49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\CleanHlp.sys . (...) -- C:\WINDOWS\System32\Drivers\CleanHlp.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\CleanHlp.sys . (...) -- C:\WINDOWS\System32\Drivers\CleanHlp.sys (.not file.)
~ CSB: 16 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:21/01/2014 - 11:14:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\WINDOWS\System32\Drivers\Bfilter.sys [52032]
O58 - SDL:21/01/2014 - 11:14:50 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\WINDOWS\System32\Drivers\Bfmon.sys [34624]
O58 - SDL:21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\WINDOWS\System32\Drivers\Bprotect.sys [128992]
O58 - SDL:10/07/2008 - 17:20:40 ---A- . (.CSR, plc - A/V Bluetooth Device.) -- C:\WINDOWS\System32\Drivers\bthav.sys [40448]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\WINDOWS\System32\Drivers\elxstor.sys [530496]
O58 - SDL:14/03/2012 - 07:42:50 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\WINDOWS\System32\Drivers\ETD.sys [201008]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\WINDOWS\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:03/11/2014 - 06:04:18 ---A- . (.Elex do Brasil Participações Ltda - iSafeNetFilter SDK WFP Driver (WPP).) -- C:\WINDOWS\System32\Drivers\iSafeNetFilter.sys [49320] =>Trojan.Staser
O58 - SDL:15/07/2011 - 21:31:22 ---A- . (.ST Microelectronics - Disk Class Filter Driver for Accelerometer.) -- C:\WINDOWS\System32\Drivers\stdcfltn.sys [22128]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\WINDOWS\System32\Drivers\stexstor.sys [24656]
O58 - SDL:03/01/2012 - 21:04:52 ---A- . (.STMicroelectronics - STM Accelerometer Device Driver.) -- C:\WINDOWS\System32\Drivers\ST_ACCEL.sys [67184]
O58 - SDL:28/07/2014 - 14:52:00 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:14/03/2014 - 19:46:42 ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\WINDOWS\SysWOW64\drivers\gbpndisrd.sys [31088]
~ Drivers: 89 Legitimates Filtered in 00mn 04s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 21/01/2014 - C:\Windows\system32\drivers\Bfilter.sys (Bfilter) .(.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - LEGACY_BFILTER
O64 - Services: CurCS - 21/01/2014 - C:\Windows\system32\drivers\Bfmon.sys (Bfmon) .(.Baidu, Inc. - Baidu FS Monitor Driver.) - LEGACY_BFMON
O64 - Services: CurCS - 21/01/2014 - C:\Windows\system32\drivers\Bprotect.sys (Bprotect) .(.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - LEGACY_BPROTECT
O64 - Services: CurCS - 27/11/2014 - C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys (iSafeKrnl) .(.Elex do Brasil Participações Ltda - iSafe Kernel Driver.) - LEGACY_ISAFEKRNL =>PUP.Elex
O64 - Services: CurCS - 27/11/2014 - C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys (iSafeKrnlKit) .(.Elex do Brasil Participações Ltda - iSafe Kernel Kit Driver.) - LEGACY_ISAFEKRNLKIT =>PUP.Elex
O64 - Services: CurCS - 27/11/2014 - C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys (iSafeKrnlR3) .(.Elex do Brasil Participações Ltda - iSafe Kernel Ring3 Driver.) - LEGACY_ISAFEKRNLR3 =>PUP.Elex
O64 - Services: CurCS - 03/11/2014 - C:\WINDOWS\System32\DRIVERS\iSafeNetFilter.sys (iSafeNetFilter) .(.Elex do Brasil Participações Ltda - iSafeNetFilter SDK WFP Driver (WPP).) - LEGACY_ISAFENETFILTER =>Trojan.Staser
O64 - Services: CurCS - 02/09/2014 - C:\Program Files (x86)\GbPlugin\wsftprp64.sys (Warsaw_PP) .(.GAS Tecnologia LTDA - GAS Tecnologia - Driver (PP).) - LEGACY_WARSAW_PP
~ Legacy: 107 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: <Avant.Browser> <Avant Browser>[HKLM\..\Shell\open\Command] (.Avant Force - Avant Browser.) -- C:\Program Files (x86)\Avant Browser\avant.exe
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: prefs.js [Home - b51eup2a.default] user_pref("extensions.crossrider.bic", "14316e0a9b52954d4f13770493bd1940" =>PUP.CrossRider
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.8DDB84FB5FD7958654F23ECE6EA14D0F] [SPRF][15/01/2014] (.Baidu, Inc. - Baidu Antivirus FileSplitUpLoad Library.) -- C:\ProgramData\FileSplitUpLoad.dll [167784]
[MD5.F42A635F04B03BF4CF8D03FE6EE5AFE3] [SPRF][20/06/2014] (...) -- C:\Users\Home\AppData\Roaming\unins000.dat [17257]
[MD5.169180F02ABCECA5DE72FC5EEBC861BB] [SPRF][20/06/2014] (.No owner - Setup/Uninstall.) -- C:\Users\Home\AppData\Roaming\unins000.exe [730322]
[MD5.5A6F21141B846BD3CE1ED0BD0F19C3AF] [SPRF][29/11/2014] (.No owner - Aut2Exe.) -- C:\Users\Home\Desktop\adwcleaner_4.102.exe [2148864]
[MD5.0FF28E91F00CA285FB51C72388A8EDEE] [SPRF][01/11/2014] (.No owner - Setup.) -- C:\Users\Home\Desktop\DellSystemDetect.exe [417064]
[MD5.5795364D45E02814F0D925E558C31353] [SPRF][20/06/2014] (.CAIXA - Instalação do Módulo Adicional de Segurança CAIXA.) -- C:\Users\Home\Desktop\iGBPCEFsf.exe [2512200]
~ Files: 6 Legitimates Filtered in 00mn 00s
---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{22222222-2222-2222-2222-220322852224}] (CrossriderApp0038524.Sandbox) =>PUP.CrossRider
~ BCK: 4513 Legitimates Filtered in 00mn 05s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 29/11/2014 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 21/05/2011 267480 | (Amsp) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
SS - | Auto 27/03/2012 242448 | (CLKMSVC10_9EC60124) . (.CyberLink.) - C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
SS - | Demand 29/03/2012 276248 | (cphs) . (.Intel Corporation.) - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 30/11/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 30/11/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 01/09/2014 640840 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Auto 27/02/2008 33960 | (lxdnCATSCustConnectService) . (.Lexmark International, Inc..) - C:\Windows\system32\spool\DRIVERS\x64\3\lxdnserv.exe
SS - | Demand 15/11/2014 114288 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 03/04/2014 315008 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 29/11/2010 149504 | (TurboBoost) . (.Intel(R) Corporation.) - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
SS - | Auto 10/07/1658 0 | (Update ClearThink) . (...) - C:\Program Files (x86)\ClearThink\updateClearThink.exe =>PUP.ClearThink
SS - | Demand 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\WINDOWS\System32\svchost.exe
SR - | Auto 04/04/2012 63928 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 28/08/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 19/01/2012 106144 | (AtherosSvc) . (.Atheros Commnucations.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 11/10/2011 109184 | (CxUtilSvc) . (.Conexant Systems, Inc..) - C:\Program Files\Conexant\SA3\CxUtilSvc.exe
SR - | Auto 10/04/2014 202248 | (DellDigitalDelivery) . (.Dell Products, LP..) - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
SR - | Auto 15/12/2011 458064 | (DpHost) . (.DigitalPersona, Inc..) - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
SR - | Auto 02/09/2014 558904 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
SR - | Auto 01/02/2012 13592 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 30/09/2014 344896 | (IMFservice) . (.IObit.) - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
SR - | Auto 10/01/2012 627936 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - c:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 27/11/2014 118048 | (iSafeService) . (.Elex do Brasil Participações Ltda.) - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe =>PUP.Elex
SR - | Auto 21/01/2012 277784 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 27/02/2008 1044648 | (lxdn_device) . (...) - C:\Windows\system32\lxdncoms.exe
SR - | Auto 29/11/2014 123632 | (MaintainerSvc3.38.8461645) . (...) - C:\ProgramData\5fd2ca9d-b04a-4998-b7e8-2d30ebba8fbe\maintainer.exe =>PUP.MaintainerSvc
SR - | Auto 12/01/2011 120128 | (McAfeeFramework) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
SR - | Auto 26/04/2014 190256 | (McShield) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
SR - | Auto 12/01/2011 209760 | (McTaskManager) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
SR - | Auto 26/04/2014 156248 | (mfevtp) . (.McAfee, Inc..) - C:\Windows\system32\mfevtps.exe
SR - | Auto 25/08/2010 2823000 | (NOBU) . (.Dell, Inc..) - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
SR - | Auto 26/01/2009 1153368 | (SBSDWSCService) . (.Safer Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
SR - | Auto 16/02/2012 1695040 | (SftService) . (.SoftThinks SAS.) - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe
SR - | Auto 21/05/2011 244440 | (TiMiniService) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
SR - | Auto 21/01/2012 363800 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 18/08/2011 3175728 | (vcsFPService) . (.Validity Sensors, Inc..) - C:\Windows\system32\vcsFPService.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 13/07/2009 27136 | C:\WINDOWS\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\WINDOWS\System32\svchost.exe
SR - | Auto 19/01/2012 158880 | (ZAtheros Bt&Wlan Coex Agent) . (.Atheros.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
SR - | Auto 31/01/2012 73728 | (ZAtheros Wlan Agent) . (.Atheros.) - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
~ Services: Scanned in 00mn 06s
---\\ Scâner Aditional (088)
Database Version : 13026 - (26/11/2014)
Clés trouvées (Keys found) : 6
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 5
[HKLM\SYSTEM\CurrentControlSet\Services\iSafeService] =>PUP.Elex^
[HKLM\SYSTEM\CurrentControlSet\Services\MaintainerSvc3.38.8461645] =>PUP.MaintainerSvc^
[HKLM\SYSTEM\CurrentControlSet\Services\Update ClearThink] =>PUP.ClearThink^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\iSafe] =>PUP.YetAnotherCleaner^
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220322852224}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311851124}] =>PUP.CrossRider
C:\Program Files (x86)\Elex-tech =>PUP.Elex^
C:\Users\Home\AppData\Roaming\Elex-tech =>PUP.Elex^
C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe =>PUP.Elex^
C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe =>PUP.Elex^
C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe =>PUP.Elex^
[HKLM\Software\Wow6432Node\Elex-tech] =>PUP.Elex^
[HKCR\CLSID\{22222222-2222-2222-2222-220322852224}] (CrossriderApp0038524.Sandbox) =>PUP.CrossRider^
~ Additionnel Scan: 324272 Items scanned in 00mn 27s
---\\ Informações complémentaires do módulos
~ <a href="http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/" target="_blank">http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/</a> =>.Internet Explorer, Gestão do Proxy (R5)
~ <a href="http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/" target="_blank">http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/</a> =>.Browser Helper Objects do navegador (02)
~ <a href="http://nicolascoolman.fr/o3-internet-explorer-toolbars/" target="_blank">http://nicolascoolman.fr/o3-internet-explorer-toolbars/</a> =>.Barras do Internet Explorer (03))
~ <a href="http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/" target="_blank">http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/</a> =>.Aplicações iniciadas por registo & pastas (04)
~ AMI: 4 Legitimates Filtered in 00mn 00s
---\\ Sumário das deteções encontradas na sua estação
<a href="http://nicolascoolman.fr/pup-elex" target="_blank">http://nicolascoolman.fr/pup-elex</a> =>PUP.Elex
<a href="http://www.nicolascoolman.fr/blog/" target="_blank">http://www.nicolascoolman.fr/blog/</a> =>PUP.MaintainerSvc
<a href="http://www.nicolascoolman.fr/blog/" target="_blank">http://www.nicolascoolman.fr/blog/</a> =>PUP.ClearThink
<a href="http://nicolascoolman.fr/trojan-autokms" target="_blank">http://nicolascoolman.fr/trojan-autokms</a> =>Trojan.AutoKMS
<a href="http://nicolascoolman.fr/trojan-staser" target="_blank">http://nicolascoolman.fr/trojan-staser</a> =>Trojan.Staser
<a href="http://www.nicolascoolman.fr/blog/" target="_blank">http://www.nicolascoolman.fr/blog/</a> =>PUP.YetAnotherCleaner
<a href="http://nicolascoolman.fr/pup-crossrider" target="_blank">http://nicolascoolman.fr/pup-crossrider</a> =>PUP.CrossRider
~ MSI: 7 link(s) detected in 00mn 00s
DELL VOSTRO I5 WIN 7 PRO
Já errei sim, foi uma certa vez que pensei estar errado!
Já errei sim, foi uma certa vez que pensei estar errado!
tadeuboato
Geek
Registrado
1.5K Mensagens
407 Curtidas
Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyTemp
EmptyFlash
ProxyFix
[HKLM\SYSTEM\CurrentControlSet\Services\iSafeService] =>PUP.Elex^
[HKLM\SYSTEM\CurrentControlSet\Services\MaintainerSvc3.38.8461645] =>PUP.MaintainerSvc^
[HKLM\SYSTEM\CurrentControlSet\Services\Update ClearThink] =>PUP.ClearThink^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\iSafe] =>PUP.YetAnotherCleaner^
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220322852224}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311851124}] =>PUP.CrossRider
C:\Program Files (x86)\Elex-tech =>PUP.Elex^
C:\Users\Home\AppData\Roaming\Elex-tech =>PUP.Elex^
C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe =>PUP.Elex^
C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe =>PUP.Elex^
C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe =>PUP.Elex^
[HKLM\Software\Wow6432Node\Elex-tech] =>PUP.Elex^
[HKCR\CLSID\{22222222-2222-2222-2222-220322852224}] (CrossriderApp0038524.Sandbox) =>PUP.CrossRider^
MD5.54773C11E2122DBEA5CE7CDDAE00E89E] - (.Elex do Brasil Participações Ltda - YACTray.) -- C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe [347944] [PID.2192] =>PUP.Elex
[MD5.11F6F9216D8F77EAC196B07D66E819EA] - (.Elex do Brasil Participações Ltda - iSafeSvc.) -- C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048] [PID.380] =>PUP.Elex
[MD5.A03A95B389479B2ADE3A288FA2EA11D1] - (.Elex do Brasil Participações Ltda - iSafeSvc2.) -- C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe [118048] [PID.784] =>PUP.Elex
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Chave orfã
O4 - HKLM\..\Run: [ETDCtrl] . (.ELAN Microelectronics Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe
O9 - Extra button: Classic IE9 Settings [64Bits] - {56753E59-AF1D-4FBA-9E15-31557124ADA2} -- Chave orfã
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O23 - Service: YAC Service (iSafeService) . (.Elex do Brasil Participações Ltda - iSafeSvc.) - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe =>PUP.Elex
O23 - Service: lxdn_device (lxdn_device) . (.No owner - Printer Communication System.) - C:\Windows\system32\lxdncoms.exe
O23 - Service: MaintainerSvc3.38.8461645 (MaintainerSvc3.38.8461645) . (...) - C:\ProgramData\5fd2ca9d-b04a-4998-b7e8-2d30ebba8fbe\maintainer.exe =>PUP.MaintainerSvc
O23 - Service: Update ClearThink (Update ClearThink) . (...) - C:\Program Files (x86)\ClearThink\updateClearThink.exe (.not file.) =>PUP.ClearThink
[MD5.00000000000000000000000000000000] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS.exe (.not file.) [0] =>Trojan.AutoKMS
[MD5.00000000000000000000000000000000] [APT] [{5F8F1839-0F27-439D-AFD3-3EE7E828EC84}] (...) -- C:\Users\Home\Desktop\irfanview_lang_portugues.exe (.not file.) [0]
O39 - APT: - (..) -- C:\WINDOWS\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3084669983-3751175768-2074562166-1001Core [902]
O39 - APT: - (..) -- C:\WINDOWS\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3084669983-3751175768-2074562166-1001UA [924]
O41 - Driver: (Bfilter) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\Windows\system32\drivers\Bfilter.sys
O41 - Driver: (Bfmon) . (.Baidu, Inc. - Baidu FS Monitor Driver.) - C:\Windows\system32\drivers\Bfmon.sys
O41 - Driver: (Bprotect) . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - C:\Windows\system32\drivers\Bprotect.sys
O41 - Driver: (iSafeKrnl) . (.Elex do Brasil Participações Ltda - iSafe Kernel Driver.) - C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys =>PUP.Elex
O41 - Driver: (iSafeKrnlKit) . (.Elex do Brasil Participações Ltda - iSafe Kernel Kit Driver.) - C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys =>PUP.Elex
O41 - Driver: (iSafeKrnlR3) . (.Elex do Brasil Participações Ltda - iSafe Kernel Ring3 Driver.) - C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys =>PUP.Elex
O41 - Driver: (iSafeNetFilter) . (.Elex do Brasil Participações Ltda - iSafeNetFilter SDK WFP Driver (WPP).) - C:\WINDOWS\System32\DRIVERS\iSafeNetFilter.sys =>Trojan.Staser
O42 - Logiciel: Avant Browser (remove only) - (.Avant Force.) [HKLM][64Bits] -- AvantBrowser
O42 - Logiciel: Hao123-Client - (.Baidu Online Network Technology (Beijing) Co., Ltd..) [HKCU][64Bits] -- hao123desk-br
O42 - Logiciel: YAC(Yet Another Cleaner!) - (.ELEX DO BRASIL PARTICIPAÇÕES LTDA.) [HKLM][64Bits] -- iSafe =>PUP.YetAnotherCleaner
[HKCU\Software\Avant Browser]
[HKCU\Software\Baidu Security]
[HKCU\Software\Baidu]
[HKLM\Software\Baidu Security]
[HKLM\Software\Wow6432Node\Baidu Security]
[HKCR\CLSID\{22222222-2222-2222-2222-220322852224}] (CrossriderApp0038524.Sandbox) =>PUP.CrossRider
SS - | Auto 10/07/1658 0 | (Update ClearThink) . (...) - C:\Program Files (x86)\ClearThink\updateClearThink.exe =>PUP.ClearThink
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 11/10/2011 109184 | (CxUtilSvc) . (.Conexant Systems, Inc..) - C:\Program Files\Conexant\SA3\CxUtilSvc.exe
SR - | Auto 27/11/2014 118048 | (iSafeService) . (.Elex do Brasil Participações Ltda.) - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe =>PUP.Elex
SR - | Auto 27/02/2008 1044648 | (lxdn_device) . (...) - C:\Windows\system32\lxdncoms.exe
SR - | Auto 29/11/2014 123632 | (MaintainerSvc3.38.8461645) . (...) - C:\ProgramData\5fd2ca9d-b04a-4998-b7e8-2d30ebba8fbe\maintainer.exe =>PUP.MaintainerSvc
[HKLM\Software\Wow6432Node\Elex-tech] =>PUP.Elex
O43 - CFD: 14/06/2014 - 13:51:47 - [] ----D C:\Program Files (x86)\Avant Browser
O43 - CFD: 17/12/2013 - 21:26:45 - [] ----D C:\Program Files (x86)\Baidu Security
O43 - CFD: 28/11/2014 - 19:16:18 - [] ----D C:\Program Files (x86)\Elex-tech =>PUP.Elex
O43 - CFD: 23/05/2014 - 21:31:23 - [0] ----D C:\ProgramData\Baidu Security
O43 - CFD: 03/08/2014 - 14:03:21 - [] -SH-D C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 14/06/2014 - 13:51:47 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avant Browser
O43 - CFD: 14/06/2014 - 13:51:52 - [] ----D C:\Users\Home\AppData\Roaming\Avant Profiles
O43 - CFD: 29/11/2014 - 16:45:11 - [] ----D C:\Users\Home\AppData\Roaming\Elex-tech =>PUP.Elex
O43 - CFD: 22/11/2014 - 10:25:56 - [] -SH-D C:\Users\Home\AppData\Local\EmieBrowserModeList
O43 - CFD: 29/11/2014 - 12:34:48 - [0] ----D C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hao123-Brazil
O44 - LFC:[MD5.F7A5EDB11A6BDD2E73FC1DDA4C64A068] - 28/11/2014 - 18:16:29 ---A- . (.Elex do Brasil Participações Ltda - iSafeNetFilter SDK WFP Driver (WPP).) -- C:\WINDOWS\System32\Drivers\iSafeNetFilter.sys [49320] =>Trojan.Staser
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\CleanHlp.sys . (...) -- C:\WINDOWS\System32\Drivers\CleanHlp.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\CleanHlp.sys . (...) -- C:\WINDOWS\System32\Drivers\CleanHlp.sys (.not file.)
O58 - SDL:21/01/2014 - 11:14:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\WINDOWS\System32\Drivers\Bfilter.sys [52032]
O58 - SDL:21/01/2014 - 11:14:50 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\WINDOWS\System32\Drivers\Bfmon.sys [34624]
O58 - SDL:21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\WINDOWS\System32\Drivers\Bprotect.sys [128992]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\WINDOWS\System32\Drivers\elxstor.sys [530496]
O58 - SDL:03/11/2014 - 06:04:18 ---A- . (.Elex do Brasil Participações Ltda - iSafeNetFilter SDK WFP Driver (WPP).) -- C:\WINDOWS\System32\Drivers\iSafeNetFilter.sys [49320] =>Trojan.Staser
O58 - SDL:03/11/2014 - 06:04:18 ---A- . (.Elex do Brasil Participações Ltda - iSafeNetFilter SDK WFP Driver (WPP).) -- C:\WINDOWS\System32\Drivers\iSafeNetFilter.sys [49320] =>Trojan.Staser
[MD5.8DDB84FB5FD7958654F23ECE6EA14D0F] [SPRF][15/01/2014] (.Baidu, Inc. - Baidu Antivirus FileSplitUpLoad Library.) -- C:\ProgramData\FileSplitUpLoad.dll [167784]
O64 - Services: CurCS - 21/01/2014 - C:\Windows\system32\drivers\Bfilter.sys (Bfilter) .(.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - LEGACY_BFILTER
O64 - Services: CurCS - 21/01/2014 - C:\Windows\system32\drivers\Bfmon.sys (Bfmon) .(.Baidu, Inc. - Baidu FS Monitor Driver.) - LEGACY_BFMON
O64 - Services: CurCS - 21/01/2014 - C:\Windows\system32\drivers\Bprotect.sys (Bprotect) .(.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - LEGACY_BPROTECT
O64 - Services: CurCS - 27/11/2014 - C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys (iSafeKrnl) .(.Elex do Brasil Participações Ltda - iSafe Kernel Driver.) - LEGACY_ISAFEKRNL =>PUP.Elex
O64 - Services: CurCS - 27/11/2014 - C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys (iSafeKrnlKit) .(.Elex do Brasil Participações Ltda - iSafe Kernel Kit Driver.) - LEGACY_ISAFEKRNLKIT =>PUP.Elex
O64 - Services: CurCS - 27/11/2014 - C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys (iSafeKrnlR3) .(.Elex do Brasil Participações Ltda - iSafe Kernel Ring3 Driver.) - LEGACY_ISAFEKRNLR3 =>PUP.Elex
O64 - Services: CurCS - 03/11/2014 - C:\WINDOWS\System32\DRIVERS\iSafeNetFilter.sys (iSafeNetFilter) .(.Elex do Brasil Participações Ltda - iSafeNetFilter SDK WFP Driver (WPP).) - LEGACY_ISAFENETFILTER =>Trojan.Staser
O68 - StartMenuInternet: <Avant.Browser> <Avant Browser>[HKLM\..\Shell\open\Command] (.Avant Force - Avant Browser.) -- C:\Program Files (x86)\Avant Browser\avant.exe
O69 - SBI: prefs.js [Home - b51eup2a.default] user_pref("extensions.crossrider.bic", "14316e0a9b52954d4f13770493bd1940" =>PUP.CrossRider
[MD5.8DDB84FB5FD7958654F23ECE6EA14D0F] [SPRF][15/01/2014] (.Baidu, Inc. - Baidu Antivirus FileSplitUpLoad Library.) -- C:\ProgramData\FileSplitUpLoad.dll [167784]
[HKCR\CLSID\{22222222-2222-2222-2222-220322852224}] (CrossriderApp0038524.Sandbox) =>PUP.CrossRider
SS - | Auto 10/07/1658 0 | (Update ClearThink) . (...) - C:\Program Files (x86)\ClearThink\updateClearThink.exe =>PUP.ClearThink
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 27/11/2014 118048 | (iSafeService) . (.Elex do Brasil Participações Ltda.) - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe =>PUP.Elex
SR - | Auto 27/02/2008 1044648 | (lxdn_device) . (...) - C:\Windows\system32\lxdncoms.exe
SR - | Auto 29/11/2014 123632 | (MaintainerSvc3.38.8461645) . (...) - C:\ProgramData\5fd2ca9d-b04a-4998-b7e8-2d30ebba8fbe\maintainer.exe =>PUP.MaintainerSvc
ServiceStop:Bfilter
ServiceStop:Bfmon
ServiceStop:BprotectPoste o log gerado, ficaremos aguardando.
É nas urnas que o povo brasileiro mostra a força e o tamanho de sua ignorância .
"Nascer, morrer, renascer ainda e progredir sempre, tal é a lei"
Allan Kardec
"Nascer, morrer, renascer ainda e progredir sempre, tal é a lei"
Allan Kardec
fenixx
Membro Senior
Registrado
410 Mensagens
4 Curtidas
Rapport de ZHPFix 2014.10.24.12 par Nicolas Coolman, Update du 24/10/2014
Fichier d'export Registre :
Run by Home at 29/11/2014 19:05:33
High Elevated Privileges : OK
Windows 7 Business Edition, 64-bit Service Pack 1 (Build 7601)
Reciclagem vazia (00mn 20s)
Prefetcher vazio
========== Softwares ==========
AUSENTE Uninstall Process: c:\program files (x86)\avant browser\uninst.exe
AUSENTE Uninstall Process: c:\users\home\appdata\roaming\baidu\hao123\hao123.1.0.0.1111.exe
AUSENTE Uninstall Process: c:\program files (x86)\elex-tech\yac\uninstall.exe
========== Processo memória ==========
ELIMINA REINICIAR: Memory Process: C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
ELIMINA REINICIAR: Memory Process: C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
ELIMINA REINICIAR: Memory Process: C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
========== Estado dos serviços ==========
BFILTER Parado
BFMON Parado
BPROTECT Parado
ISAFEKRNL Parado
ISAFEKRNLKIT Parado
ISAFEKRNLR3 Parado
ISAFENETFILTER Parado
Bfilter Parado
Bfmon Parado
Bprotect Parado
========== Chaves do Registo ==========
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AvantBrowser]
ELIMINÉ Logiciel Key: [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hao123desk-br]
ELIMINÉ:³ HKLM\SYSTEM\CurrentControlSet\Services\iSafeService
ELIMINÉ: HKLM\SYSTEM\CurrentControlSet\Services\MaintainerSvc3.38.8461645
ELIMINÉ: HKLM\SYSTEM\CurrentControlSet\Services\Update ClearThink
ELIMINÉ:* HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220322852224}
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311851124}
ELIMINÉ:³ HKLM\Software\Wow6432Node\Elex-tech
ELIMINÉ: CLSID BHO: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
ELIMINÉ:* CLSID Extra Buttons: {56753E59-AF1D-4FBA-9E15-31557124ADA2}
ELIMINÉ:³ Service: iSafeService
ELIMINÉ: Service: lxdn_device
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bprotect
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKCU\Software\Baidu
ELIMINÉ:* HKLM\Software\Baidu Security
ELIMINÉ: Service: Bonjour Service
ELIMINÉ: Service: CxUtilSvc
ELIMINÉ O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\CleanHlp.sys . (...) -- C:\WINDOWS\System32\Drivers\CleanHlp.sys (.not file.)
ELIMINÉ O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\CleanHlp.sys . (...) -- C:\WINDOWS\System32\Drivers\CleanHlp.sys (.not file.)
========== Valores do Registo ==========
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :
ELIMINÉ: FirewallRaz (None) : {A76CB551-5746-4698-9752-51BF09F253E0}
ELIMINÉ: FirewallRaz (Private) : TCP Query User{CD97550A-AFB4-420F-9483-6C693C17E99D}C:\windows\keygen.exe
ELIMINÉ: FirewallRaz (Private) : UDP Query User{686C085B-169E-4D62-9A2B-49F80A0EB362}C:\windows\keygen.exe
ELIMINÉ: FirewallRaz (None) : {19D10AD4-8D8C-4F3C-895B-0E34DE1445E3}
ELIMINÉ: FirewallRaz (Private) : TCP Query User{C52F3B64-4D11-47B6-8EE5-FFF81EA6761C}D:\easysetupassistant\easysetupassistant.exe
ELIMINÉ: FirewallRaz (Private) : UDP Query User{8E17CA9B-A1B9-40D1-88CB-CCA792920FB5}D:\easysetupassistant\easysetupassistant.exe
ELIMINÉ: FirewallRaz (Public) : {14630A61-71F0-4AA9-A7E9-FEBBBD327A5A}
ELIMINÉ: FirewallRaz (Public) : {5BDC9B31-7125-4461-852C-6ED47EDFE575}
ELIMINÉ: FirewallRaz (Public) : {03309E25-99BB-495A-B8A0-25857241E37A}
ELIMINÉ: FirewallRaz (Public) : {26A0EF86-22D4-4B09-B41B-B174D78EAE6F}
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
ELIMINÉ RunValue: ETDCtrl
========== Elementos dos dados do Registo ==========
ERRO CLSID PAPP: {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324}
========== Preferências do navegador ==========
ELIMINÉ Mozilla Pref: user_pref("extensions.crossrider.bic", "14316e0a9b52954d4f13770493bd1940"
========== Pastas ==========
ELIMINÉ Temporários windows (44)
ELIMINÉ Flash Cookies (0)
ELIMINA REINICIAR:** c:\program files (x86)\elex-tech
ELIMINÉ: c:\users\home\appdata\roaming\elex-tech
ELIMINÉ: C:\Program Files (x86)\Baidu Security
ELIMINÉ: C:\ProgramData\Baidu Security
ELIMINÉ: C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
ELIMINÉ: C:\Users\Home\AppData\Roaming\Avant Profiles
ELIMINÉ: C:\Users\Home\AppData\Local\EmieBrowserModeList
ELIMINÉ: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hao123-Brazil
========== Ficheiros ==========
ELIMINÉ Temporários windows (23) (2.593.141 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
ELIMINA REINICIAR: c:\program files\elantech\etdctrl.exe
ELIMINA REINICIAR: c:\program files (x86)\elex-tech\yac\isafesvc.exe
ELIMINA REINICIAR: c:\windows\system32\lxdncoms.exe
ELIMINÉ: c:\programdata\5fd2ca9d-b04a-4998-b7e8-2d30ebba8fbe\maintainer.exe
ELIMINA REINICIAR: c:\windows\system32\tasks\facebookupdatetaskusers-1-5-21-3084669983-3751175768-2074562166-1001core
ELIMINA REINICIAR: c:\windows\system32\tasks\facebookupdatetaskusers-1-5-21-3084669983-3751175768-2074562166-1001ua
ELIMINA REINICIAR: c:\program files\bonjour\mdnsresponder.exe
ELIMINA REINICIAR: c:\program files\conexant\sa3\cxutilsvc.exe
ELIMINA REINICIAR: c:\windows\system32\drivers\isafenetfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\elxstor.sys
========== Tarefa planificada ==========
ELIMINÉ: AutoKMS
ELIMINÉ: {5F8F1839-0F27-439D-AFD3-3EE7E828EC84}
========== Outros ==========
NÃO-TRATADO [MD5.54773C11E2122DBEA5CE7CDDAE00E89E] - (.Elex do Brasil Participações Ltda - YACTray.) -- C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe [347944] [PID.2192]
========== Recapitulativo ==========
3 : Processo memória
22 : Chaves do Registo
19 : Valores do Registo
1 : Elementos dos dados do Registo
10 : Pastas
15 : Ficheiros
3 : Softwares
1 : Preferências do navegador
10 : Estado dos serviços
2 : Tarefa planificada
1 : Outros
End of clean in 03mn 37s
========== Caminho do ficheiro do relatório ==========
C:\Users\Home\AppData\Roaming\ZHP\ZHPFix[R1].txt - 29/11/2014 19:05:54 [6345]
Após a remoção o programa pediu para reiniciar, reiniciei mas o buzzdock ads continua no Firefox , mas que praga é essa?
DELL VOSTRO I5 WIN 7 PRO
Já errei sim, foi uma certa vez que pensei estar errado!
Já errei sim, foi uma certa vez que pensei estar errado!
tadeuboato
Geek
Registrado
1.5K Mensagens
407 Curtidas
Siga essa dica:
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.
Baixe
e salve no desktop.Dê um duplo-clique para executar o Junkware Removal Tool (JRT).
*** Usuários do Windows Vista ou Windows 7 Clique com o direito sobre o arquivo JRT.exe, depois clique em
.A ferramenta comecará o exame do seu sistema. Tenha paciência pois pode demorar um pouco dependendo da quantidades de ítens a examinar.
Ao final, um log se abrirá. É salvo no desktop com o nome de JRT.txt.
Ficaremos aguardando o log gerado.
É nas urnas que o povo brasileiro mostra a força e o tamanho de sua ignorância .
"Nascer, morrer, renascer ainda e progredir sempre, tal é a lei"
Allan Kardec
"Nascer, morrer, renascer ainda e progredir sempre, tal é a lei"
Allan Kardec
fenixx
Membro Senior
Registrado
410 Mensagens
4 Curtidas
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Professional x64
Ran by Home on 30/11/2014 at 11:58:32,30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update clearthink
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util clearthink
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311851124}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311851124}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C41A1C0E-EA6C-11D4-B1B8-444553540003}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{C41A1C0E-EA6C-11D4-B1B8-444553540003}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C41A1C0E-EA6C-11D4-B1B8-444553540003}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{C41A1C0E-EA6C-11D4-B1B8-444553540003}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\pcdr"
Successfully deleted: [Folder] "C:\Users\Home\AppData\Roaming\pcdr"
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{201A8EB1-285B-48E0-820D-7042299287EB}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{3E164806-FC4C-4982-ACD6-2E356C89ED30}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{736C5BA9-BC71-42EF-B51E-346609EDA426}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{7E5EF626-0826-4F20-A75A-FDC7158F7D04}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{DD7B298D-7E52-48DD-B683-8B09CEAFC00D}
~~~ FireFox
Successfully deleted the following from C:\Users\Home\AppData\Roaming\mozilla\firefox\profiles\b51eup2a.default\prefs.js
user_pref("extensions.iminent.admin", false);
user_pref("extensions.iminent.aflt", "orgnl"
user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}"
user_pref("extensions.iminent.autoRvrt", "false"
user_pref("extensions.iminent.dfltLng", ""
user_pref("extensions.iminent.excTlbr", false);
user_pref("extensions.iminent.ffxUnstlRst", false);
user_pref("extensions.iminent.id", "669028e70000000000008206e6d05fd5"
user_pref("extensions.iminent.instlDay", "16180"
user_pref("extensions.iminent.instlRef", ""
user_pref("extensions.iminent.newTab", false);
user_pref("extensions.iminent.prdct", "iminent"
user_pref("extensions.iminent.prtnrId", "iminent"
user_pref("extensions.iminent.rvrt", "false"
user_pref("extensions.iminent.smplGrp", "none"
user_pref("extensions.iminent.tlbrId", "base"
user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q="
user_pref("extensions.iminent.vrsn", "1.8.28.3"
user_pref("extensions.iminent.vrsnTs", "1.8.28.33:13:31"
user_pref("extensions.iminent.vrsni", "1.8.28.3"
Emptied folder: C:\Users\Home\AppData\Roaming\mozilla\firefox\profiles\b51eup2a.default\minidumps [32 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30/11/2014 at 12:01:40,15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
DELL VOSTRO I5 WIN 7 PRO
Já errei sim, foi uma certa vez que pensei estar errado!
Já errei sim, foi uma certa vez que pensei estar errado!
tadeuboato
Geek
Registrado
1.5K Mensagens
407 Curtidas
Siga essa dica:
Leia atentamente para fazer o procedimento correto.
Tutorial do Malwarebytes Anti-Malware
Na sua próxima resposta poste este log (relatório) do Malwarebytes.
Ficaremos aguardando.
Lembrando que esse procedimento é normalmente demorado.
É nas urnas que o povo brasileiro mostra a força e o tamanho de sua ignorância .
"Nascer, morrer, renascer ainda e progredir sempre, tal é a lei"
Allan Kardec
"Nascer, morrer, renascer ainda e progredir sempre, tal é a lei"
Allan Kardec
fenixx
Membro Senior
Registrado
410 Mensagens
4 Curtidas
Malwarebytes Anti-Malware
<a href="'http://www.malwarebytes.org'" target="_blank">www.malwarebytes.org</a>
Data da Verificação: 30/11/2014
Hora da Verificação: 14:31:44
Arquivo de Log: log.txt
Administrador: Sim
Versão: 2.00.3.1025
Base de Dados de Malware: v2014.11.30.04
Base de Dados de Rootkit: v2014.11.29.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Auto-Proteção: Desabilitado
SO: Windows 7 Service Pack 1
Processador: x64
Sistema de Arquivos: NTFS
Usuário: Home
Tipo da Verificação: Verificação Personalizada
Resultado: Terminado
Objetos Verificados: 582180
Tempo Decorrido: 2 hr, 23 min, 51 seg
Memória: Habilitado
Inicialização: Habilitado
Sistema de Arquivos: Habilitado
Arquivos Compactados: Habilitado
Rootkits: Desabilitado
Heurística: Habilitado
PUP: Habilitado
PUM: Habilitado
Processos: 0
(Nenhum item malicioso detectado)
Módulos: 0
(Nenhum item malicioso detectado)
Chaves de Registro: 1
PUP.Optional.Feven.A, HKU\S-1-5-21-3084669983-3751175768-2074562166-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Feven 1.1, , [feee4001621ab680688988f3e91ad42c],
Valores de Registro: 0
(Nenhum item malicioso detectado)
Dados de Registro: 1
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Bom: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Ruim: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[955752ef3943122468adabb033d252ae]
Pastas: 1
PUP.Optional.Feven.A, C:\Users\Home\AppData\LocalLow\Feven 1.1, , [7c7070d1205c83b36a1ce52ec63d867a],
Arquivos: 49
PUP.Optional.InstallCore, C:\Users\Home\Desktop\Vários\video-mp3-extractor-1-6-0-35-32-bits.exe, , [5795fc45433989ad45cbd46bc1444db3],
PUP.Optional.InstallCore, C:\Users\Home\Desktop\Vários\video-mp3-extractor-1-6-0-35-32-bits.exe.x0o84i6.partial, , [20cc50f1b9c33afcd73982bdae577888],
HackTool.Wpakill, C:\Users\Home\Documents\Bkp pendrive scasdisk\Ativador win 7\WA5\RemoveWAT\RemoveWAT.exe, , [519b8db41a622b0bda13194d29d79d63],
PUP.Optional.InstallCore, C:\Users\Home\Documents\Documents\Documents\photoscape-365-32-bits.exe, , [a9435ae76f0d171ff7fc1f0244bda35d],
PUP.Optional.DealioTB.A, C:\Users\Home\Documents\Documents\Documents\BKP outlook XP\Arquivo morto\media.player.codec.pack.v4.0.1.setup.exe, , [06e6410066168fa70ef2224b48bd43bd],
PUP.Optional.DealioTB.A, C:\Users\Home\Documents\Documents\Documents\Webwin2\Arquivo\Arquivo morto\media.player.codec.pack.v4.0.1.setup.exe, , [9c5073cee89448ee857b0667966f53ad],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\Arquivo\Arquivo2\Downloads\KINGSTON (E)\Downloads\Siemens step 7\4shared_Desktop_3 1[1].2.0.exe, , [2bc150f1aece81b5476d0816ea1640c0],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\Arquivo\Arquivo2\Downloads\KINGSTON (E)\Downloads\Siemens step 7\4shared_Desktop_3 2[1].2.0.exe, , [b5370e33542882b4d3e1e737ac541ae6],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\Arquivo\Arquivo2\Downloads\KINGSTON (E)\Downloads\Siemens step 7\4shared_Desktop_3 3[1].2.0.exe, , [5a9279c8512b2313cce8849aba46d828],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\Arquivo\Arquivo2\Downloads\KINGSTON (E)\Downloads\Siemens step 7\4shared_Desktop_3 4[1].2.0.exe, , [806c62df5e1ed3632f8521fdd12fd828],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\Arquivo\Arquivo2\Downloads\KINGSTON (E)\Downloads\Siemens step 7\Apostila\4shared_Desktop_3 apostila[1].2.0.exe, , [4d9ff74a1864999d4272e935d030e51b],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\Arquivo\Arquivo2\Downloads\KINGSTON (E)\Downloads\Siemens step 7\Compactado\4shared_Desktop_3 1[1].2.0.rar, , [727a58e9a6d652e4b0045cc2fe0204fc],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\Arquivo\Arquivo2\Downloads\KINGSTON (E)\Downloads\Siemens step 7\Compactado\4shared_Desktop_3 2[1].2.0.rar, , [0ae2132e621ad3633a7ace5038c833cd],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\Arquivo\Arquivo2\Downloads\KINGSTON (E)\Downloads\Siemens step 7\Compactado\4shared_Desktop_3 3[1].2.0.rar, , [905c063b3b4148ee34803be345bbbb45],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\Arquivo\Arquivo2\Downloads\KINGSTON (E)\Downloads\Siemens step 7\Compactado\4shared_Desktop_3 4[1].2.0.rar, , [c5279fa2146876c0e8cc7aa43cc45da3],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\Arquivo\Arquivo2\Downloads\KINGSTON (E)\Downloads\Siemens step 7\Compactado\4shared_Desktop_3 3[1].2.0\4shared_Desktop_3 1[1].2.0.exe, , [01ebe16019633402f9bbc45a10f03ac6],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\Arquivo\Arquivo2\Downloads\KINGSTON (E)\Downloads\Siemens step 7\Compactado\4shared_Desktop_3 3[1].2.0\4shared_Desktop_3 2[1].2.0.exe, , [dd0f5ee389f312247440bb63ba466e92],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\Arquivo\Arquivo2\Downloads\KINGSTON (E)\Downloads\Siemens step 7\Compactado\4shared_Desktop_3 3[1].2.0\4shared_Desktop_3 3[1].2.0.exe, , [9a5282bfa3d98caac3f10d11ce3223dd],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\Arquivo\Arquivo2\Downloads\KINGSTON (E)\Downloads\Siemens step 7\Compactado\4shared_Desktop_3 3[1].2.0\4shared_Desktop_3 4[1].2.0.exe, , [29c35be63b4157df05af50cece32e51b],
HackTool.Wpakill, C:\Users\Home\Documents\Documents\Documents\Webwin2\BKP Toshiba\Ativador win 7\WA5\RemoveWAT\RemoveWAT.exe, , [0ddffb462359c86e33baf07623dda858],
PUP.Optional.IBryte, C:\Users\Home\Documents\Documents\Documents\Webwin2\BKP Toshiba\Downloads\Google_Chrome_Setup.exe, , [e309dd64fe7e78be0fee859d679a0ef2],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\Downloads\Siemens step 7\4shared_Desktop_3 1[1].2.0.exe, , [816b0e3357250f27773de33b4fb117e9],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\Downloads\Siemens step 7\4shared_Desktop_3 2[1].2.0.exe, , [6884eb564339280e73414fcfcd330000],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\Downloads\Siemens step 7\4shared_Desktop_3 3[1].2.0.exe, , [1ecebc853d3fff37caeae539788817e9],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\Downloads\Siemens step 7\4shared_Desktop_3 4[1].2.0.exe, , [8f5d4bf66517ea4c05aff22cbc44b749],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\Downloads\Siemens step 7\Apostila\4shared_Desktop_3 apostila[1].2.0.exe, , [4aa291b09be1f442c6ee62bc33cd2dd3],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\Downloads\Siemens step 7\Compactado\4shared_Desktop_3 1[1].2.0.rar, , [aa429ca5dba195a13b79df3f17e9619f],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\Downloads\Siemens step 7\Compactado\4shared_Desktop_3 2[1].2.0.rar, , [7b71cf72057786b08e266cb239c77c84],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\Downloads\Siemens step 7\Compactado\4shared_Desktop_3 3[1].2.0.rar, , [ffedff425a2214223b796faf709032ce],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\Downloads\Siemens step 7\Compactado\4shared_Desktop_3 4[1].2.0.rar, , [826a95ac5a22fd3904b0a777976941bf],
PUP.RemoveWGA, C:\Users\Home\Documents\Documents\Documents\Webwin2\Downloads\remove WGA\RemoveWGA.zip, , [cb210f32502c49ed4489f7f7e51fc937],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\KINGSTON (E)\Downloads\Siemens step 7\4shared_Desktop_3 1[1].2.0.exe, , [ce1e8fb296e63600724260bef907eb15],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\KINGSTON (E)\Downloads\Siemens step 7\4shared_Desktop_3 2[1].2.0.exe, , [a448b190126a9e98357f6eb0ff0104fc],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\KINGSTON (E)\Downloads\Siemens step 7\4shared_Desktop_3 3[1].2.0.exe, , [b43889b8403cf73f773da678758bbb45],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\KINGSTON (E)\Downloads\Siemens step 7\4shared_Desktop_3 4[1].2.0.exe, , [a6462a17f18beb4ba21261bd6a96fc04],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\KINGSTON (E)\Downloads\Siemens step 7\Apostila\4shared_Desktop_3 apostila[1].2.0.exe, , [5d8f340d3b4143f382321d019f617b85],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\KINGSTON (E)\Downloads\Siemens step 7\Compactado\4shared_Desktop_3 1[1].2.0.rar, , [618bf849d2aabb7b5163e935ec14f010],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\KINGSTON (E)\Downloads\Siemens step 7\Compactado\4shared_Desktop_3 2[1].2.0.rar, , [8765cc75b0cca98d7143140a05fb36ca],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\KINGSTON (E)\Downloads\Siemens step 7\Compactado\4shared_Desktop_3 3[1].2.0.rar, , [23c942ff106cbc7ac0f415097e825da3],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\KINGSTON (E)\Downloads\Siemens step 7\Compactado\4shared_Desktop_3 4[1].2.0.rar, , [f1fb2120a3d90333e9cb65b9a35d4eb2],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\KINGSTON (E)\Downloads\Siemens step 7\Compactado\4shared_Desktop_3 3[1].2.0\4shared_Desktop_3 1[1].2.0.exe, , [eefe72cfc1bb7cbae4d057c74eb2629e],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\KINGSTON (E)\Downloads\Siemens step 7\Compactado\4shared_Desktop_3 3[1].2.0\4shared_Desktop_3 2[1].2.0.exe, , [9359bd84f3897abc10a487975ca4de22],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\KINGSTON (E)\Downloads\Siemens step 7\Compactado\4shared_Desktop_3 3[1].2.0\4shared_Desktop_3 3[1].2.0.exe, , [5f8d4bf6b5c73204169eb26cf40cac54],
PUP.Optional.4Shared, C:\Users\Home\Documents\Documents\Documents\Webwin2\KINGSTON (E)\Downloads\Siemens step 7\Compactado\4shared_Desktop_3 3[1].2.0\4shared_Desktop_3 4[1].2.0.exe, , [c22afe437b01b77fc8ec31edad530ef2],
PUP.Optional.Firseria, C:\Users\Home\Downloads\IrfanView(1).exe, , [8567053c88f4ba7c99e1a5dd2cd96799],
PUP.Optional.Firseria, C:\Users\Home\Downloads\IrfanView.exe, , [9755ad94bbc1c1752a509fe3ee172bd5],
PUP.Optional.InstallCore.A, C:\Users\Home\Downloads\itunes-11138-64-bits.exe, , [b933c57c4e2ed75f02a62da226de8b75],
PUP.Optional.MindSpark.A, C:\Users\Home\Downloads\VideoDownloadConvert.exe, , [3ab26dd4e9931323bbd9759c2fd6669a],
Trojan.Banload, C:\Users\Home\Downloads\plug.zip, , [a04c8db4d1ab5cda26c9d4bae41d20e0],
Setores Físicos: 0
(Nenhum item malicioso detectado)
(end)
DELL VOSTRO I5 WIN 7 PRO
Já errei sim, foi uma certa vez que pensei estar errado!
Já errei sim, foi uma certa vez que pensei estar errado!
tadeuboato
Geek
Registrado
1.5K Mensagens
407 Curtidas
Depois refaça esse procedimento:
Faça o download do < ZHPDiag > < > ( ... de Nicolas Coolman )Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:
Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:
Tutorial de instalação e execução do aplicativo ZHPDiag
* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.
É nas urnas que o povo brasileiro mostra a força e o tamanho de sua ignorância .
"Nascer, morrer, renascer ainda e progredir sempre, tal é a lei"
Allan Kardec
"Nascer, morrer, renascer ainda e progredir sempre, tal é a lei"
Allan Kardec
fenixx
Membro Senior
Registrado
410 Mensagens
4 Curtidas
DELL VOSTRO I5 WIN 7 PRO
Já errei sim, foi uma certa vez que pensei estar errado!
Já errei sim, foi uma certa vez que pensei estar errado!
tadeuboato
Geek
Registrado
1.5K Mensagens
407 Curtidas
Vamos ver se conseguimos acabar com esse problema, muitas coisas já foram removidas de sua máquina.
Ficaremos aguardando o log.
É nas urnas que o povo brasileiro mostra a força e o tamanho de sua ignorância .
"Nascer, morrer, renascer ainda e progredir sempre, tal é a lei"
Allan Kardec
"Nascer, morrer, renascer ainda e progredir sempre, tal é a lei"
Allan Kardec
