Gustavo Mend...
General de Pijama
Registrado
4.3K Mensagens
91 Curtidas
- Home
- >
- Fórum
- >
- Windows, Softwa...
- >
- Análise de log,...
- >
- Ski.exe
Gustavo Mend...
General de Pijama
Registrado
4.3K Mensagens
91 Curtidas
Eu agradeço a essa escola querida
O homem que aprende na escola do mundo
Está preparado pro resto da vida
O homem que aprende na escola do mundo
Está preparado pro resto da vida
TmfeijoMMonr...
Cyber Highlander
Registrado
13.7K Mensagens
4.2K Curtidas
Sim ; usando o mbam chameleon; consigo instalar .
Mas sem este recurso ; não . Diretamente do site .
Compartilhando :
Pode ser a solução . Removi todos os pontos de restauração ( às vezes sujos ) e o malwarebytes se instalou :
http://s1062.photobucket.com/user/Edson_Melo/media/ScreenShot10-31-14at0727PM.png.html?sort=3&o=0
http://s1062.photobucket.com/user/Edson_Melo/media/ScreenShot10-31-14at0723PM.png.html?sort=3&o=0
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 31/10/2014
Scan Time: 19:28:00
Logfile: LOG.txt
Administrator: Yes
Version: 2.00.3.1025
Malware Database: v2014.10.31.11
Rootkit Database: v2014.10.22.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: EDSON
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 289411
Time Elapsed: 6 min, 20 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
Abraços
A ignorância é a pior inimiga do homem . Não tenho medo de nada; apenas da inveja . E o mundo cada vez melhor !!
Palavras sábias de um hiper profissional do judiciário; perito digital e em psicologia jurídica .
A sua inveja é a velocidade de meu sucesso .
Um coração medroso congela o trabalho . Um coração temerário incendeia qualquer serviço ; arrasando - o .
Palavras sábias de um hiper profissional do judiciário; perito digital e em psicologia jurídica .
A sua inveja é a velocidade de meu sucesso .
Um coração medroso congela o trabalho . Um coração temerário incendeia qualquer serviço ; arrasando - o .
Gustavo Mend...
General de Pijama
Registrado
4.3K Mensagens
91 Curtidas
Resolveu tirando os pontos de restauração??
Eu agradeço a essa escola querida
O homem que aprende na escola do mundo
Está preparado pro resto da vida
O homem que aprende na escola do mundo
Está preparado pro resto da vida
TmfeijoMMonr...
Cyber Highlander
Registrado
13.7K Mensagens
4.2K Curtidas
Sim . Em relação ao malwarewbytes sim . Só vou ratificar algo aqui . Mas creio que caso resolvido .
Compartilhando :
Aqui muitos problemas no sistema . Estava relacionado também à esta chave bloqueada:
HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security
@Denied: (Full) (Everyone)
Foi só removê - la e o seven rodando flash !
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Tempo para conclusão: 2014-10-31 15:38:06
ComboFix-quarantined-files.txt 2014-10-31 17:38
.
Pré-execução: 481.072.840.704 bytes disponíveis
Pós execução: 480.869.187.584 bytes disponíveis
.
- - End Of File - - 8DB9781266EC9400F2EBC21AE3D27AB9
A36C5E4F47E84449FF07ED3517B43A31
http://www.cjoint.com/data3/3JFtkELlgti.htm
Podemos encerrar !
Editando :
Porém depois de mês :
http://www.cjoint.com/data3/3KnwdzU2CaK.htm
http://www.cjoint.com/data3/3KnwsynR0La.htm
http://www.cjoint.com/data3/3Kps2q2s0Mu.htm
http://www.cjoint.com/data3/3KqrErpDpxj.htm
# AdwCleaner v4.101 - Relatório criado 13/11/2014 às 21:56:03
# Atualizado 09/11/2014 por Xplode
# Database : 2014-11-13.1 [Live]
# Sistema Operacional : Windows 7 Home Basic Service Pack 1 (32 bits)
# Usuário : EDSON - EDSON-PC
# Executando de : C:\Users\EDSON\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\Users\EDSON\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
***** [ Tarefas ] *****
***** [ Atalhos ] *****
***** [ Registro ] *****
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.17420
-\\ Google Chrome v38.0.2125.122
-\\ Comodo Dragon v33.1.0.0
[C:\Users\EDSON\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Deletedo [Extension] : cmaiofennmphjldldcpphcechfnnohja
-\\ Opera v25.0.1614.68
*************************
AdwCleaner[R0].txt - [1075 octets] - [13/11/2014 21:54:11]
AdwCleaner[S0].txt - [991 octets] - [13/11/2014 21:56:03]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1050 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.7 (11.08.2014:1)
OS: Windows 7 Home Basic x86
Ran by EDSON on 13/11/2014 at 22:41:56,74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] C:\Windows\prefetch\DRIVERUPDATEUI.EXE-5E1C563A.pf
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13/11/2014 at 22:43:43,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://systemexplorer.net/pt/file-database/file/driverupdateui-exe
Sem mozilla na máquina ! E realmente algumas chaves ( umas cinco ) do mozilla firefox que eu deleto - as e elas voltam .
http://s1062.photobucket.com/user/Edson_Melo/media/ScreenShot11-14-14at0113PM.png.html?sort=3&o=1
http://s1062.photobucket.com/user/Edson_Melo/media/ScreenShot11-14-14at0617PM.png.html?sort=3&o=0
http://s1062.photobucket.com/user/Edson_Melo/media/ScreenShot11-13-14at0641PM.png.html?sort=3&o=2
Já tive um problema sério com o FF . E olha que este caso foi muito antes de 5 formatações . Meu último post aqui :
https://www.hardware.com.br/comunidade/infeccoes-antigas/1350207/
Até então no tópico acima :
Se remover s5mdtf9j.default o FF não existe mais . O interessante que só consta eu ( digo um arquivo do FF só para a minha máquina ) :
Pesquisando por s5mdtf9j.default só constava a minha máquina !!
https://www.google.com.br/search?q=...i57.752j0j8&sourceid=chrome&es_sm=93&ie=UTF-8
Suporte estranho :
Sabe as chaves aí acima ( pelo menos uma delas que cito sobre o FF ) ? É do google chrome !!!!
Abrindo uma delas ( mozilla plugins ) consta @tools.google.com/google upadate version =9
http://s1062.photobucket.com/user/Edson_Melo/media/ScreenShot11-14-14at0838PM.png.html?sort=3&o=0
Porém a que consta apenas o nome mozilla; abrindo a mesma consta o termo firefox :
http://s1062.photobucket.com/user/Edson_Melo/media/ScreenShot11-14-14at0113PM.png.html?sort=3&o=3
Já pesquisando por :
@tools.google.com/google upadate version =9
Encontra :
http://s1062.photobucket.com/user/Edson_Melo/media/ScreenShot11-14-14at0900PM.png.html?sort=3&o=0
Virus !!!
Reinfecção mesmo :
http://www.cjoint.com/data3/3KqrErpDpxj.htm
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 16/11/2014
Scan Time: 13:51:08
Logfile: LOg.txt
Administrator: Yes
Version: 2.00.3.1025
Malware Database: v2014.11.16.02
Rootkit Database: v2014.11.12.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: EDSON
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 295449
Time Elapsed: 9 min, 27 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 2
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, 3796, Delete-on-Reboot, [16d355e5d5a7a294d2dd80efd130f709]
PUP.Optional.SupTab.A, C:\Program Files\SupTab\HpUI.exe, 3896, Delete-on-Reboot, [727779c185f7a39338a9909226dde917]
Modules: 0
(No malicious items detected)
Registry Keys: 18
PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginServices, Quarantined, [16d355e5d5a7a294d2dd80efd130f709],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [15d445f5e79552e4bcc7dd585fa1728e],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, Quarantined, [15d445f5e79552e4bcc7dd585fa1728e],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, Quarantined, [15d445f5e79552e4bcc7dd585fa1728e],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [15d445f5e79552e4bcc7dd585fa1728e],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [15d445f5e79552e4bcc7dd585fa1728e],
PUP.Optional.SupTab.A, HKU\S-1-5-21-1783420540-2071620594-760296276-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [15d445f5e79552e4bcc7dd585fa1728e],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}\INPROCSERVER32, Quarantined, [15d445f5e79552e4bcc7dd585fa1728e],
PUP.Optional.MyPCBackup.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BackupStack, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MyPC Backup, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [90593802e19b8caadf44682b51b39d63],
PUP.Optional.IEPluginServices.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginServices, Quarantined, [f3f679c196e6d4625a8955e1e61de61a],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, Quarantined, [9950fc3e6b11c175479d8bab669d23dd],
PUP.Optional.WebSearches.A, HKU\S-1-5-21-1783420540-2071620594-760296276-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SupHpUISoft, Quarantined, [d316f347116b46f090feac97b152aa56],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1783420540-2071620594-760296276-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Quarantined, [2abfe1590a728da984d2551c5da640c0],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1783420540-2071620594-760296276-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [0bdee159b3c9f244f19d196e44c025db],
PUP.Optional.Qone8, HKU\S-1-5-21-1783420540-2071620594-760296276-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [0ddc46f4ccb0290d32f08b08897bea16],
PUP.Optional.FastStart.A, HKU\S-1-5-21-1783420540-2071620594-760296276-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS, Quarantined, [75749f9bf4881323bc3053eb8a79946c],
Registry Values: 4
PUP.Optional.FastStart.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|[EMAIL]faststartff@gmail.com[/EMAIL], C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL], Quarantined, [7b6e82b82f4db1858917cfd709fb669a]
PUP.Optional.MyPCBackup.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BACKUPSTACK|ImagePath, C:\Program Files\MyPC Backup\BackupStack.exe, Quarantined, [6e7b4eec324adf576467ab8a659e936d]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1783420540-2071620594-760296276-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0X1L1C1C1J2Z, Quarantined, [0bdee159b3c9f244f19d196e44c025db]
PUP.Optional.FastStart.A, HKU\S-1-5-21-1783420540-2071620594-760296276-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, [EMAIL]faststartff@gmail.com[/EMAIL], Quarantined, [75749f9bf4881323bc3053eb8a79946c]
Registry Data: 8
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.sweet-page.com/web/?type=ds&ts=1416152318&from=cor&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUA31234812348&q={searchTerms}, Good: (www.google.com), Bad: (http://www.sweet-page.com/web/?type=ds&ts=1416152318&from=cor&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUA31234812348&q={searchTerms}),Replaced,[37b2ee4c9fdd43f3ec2ffd4d92730ff1]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.sweet-page.com/?type=hp&ts=1416152318&from=cor&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUA31234812348, Good: (www.google.com), Bad: (http://www.sweet-page.com/?type=hp&ts=1416152318&from=cor&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUA31234812348),Replaced,[a24755e5f488cd6946d4ce7c788d7090]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.sweet-page.com/?type=hp&ts=1416152318&from=cor&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUA31234812348, Good: (www.google.com), Bad: (http://www.sweet-page.com/?type=hp&ts=1416152318&from=cor&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUA31234812348),Replaced,[a445bc7efa82b2845dbf39110500a55b]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.sweet-page.com/web/?type=ds&ts=1416152318&from=cor&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUA31234812348&q={searchTerms}, Good: (www.google.com), Bad: (http://www.sweet-page.com/web/?type=ds&ts=1416152318&from=cor&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUA31234812348&q={searchTerms}),Replaced,[9d4cb486daa20f278f86e35c788d669a]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|CustomizeSearch, http://www.sweet-page.com/web/?type=ds&ts=1416152318&from=cor&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUA31234812348&q={searchTerms}, Good: (www.google.com/), Bad: (http://www.sweet-page.com/web/?type=ds&ts=1416152318&from=cor&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUA31234812348&q={searchTerms}),Replaced,[38b1b387c4b8ce686db0ca805ea75da3]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://www.sweet-page.com/web/?type=ds&ts=1416152318&from=cor&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUA31234812348&q={searchTerms}, Good: (www.google.com/), Bad: (http://www.sweet-page.com/web/?type=ds&ts=1416152318&from=cor&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUA31234812348&q={searchTerms}),Replaced,[e60385b51c6073c36ab492b8e71e9b65]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Delete-on-Reboot,[3cadff3b5d1f24126c4a4cfd689d6a96]
PUP.Optional.SweetPage.A, HKU\S-1-5-21-1783420540-2071620594-760296276-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.sweet-page.com/?type=hp&ts=1416152318&from=cor&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUA31234812348, Good: (www.google.com), Bad: (http://www.sweet-page.com/?type=hp&ts=1416152318&from=cor&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUA31234812348),Replaced,[be2bf04a2e4ea2946ea8c48626df2ad6]
Folders: 67
PUP.Optional.MyPCBackup.A, C:\Users\EDSON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup, Quarantined, [02e7bc7eacd039fdecdd043121e20af6],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup, Delete-on-Reboot, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Database, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\log, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\x64, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\x86, Delete-on-Reboot, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, Delete-on-Reboot, [effada60d8a485b15b1350ca30d3867a],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, Quarantined, [effada60d8a485b15b1350ca30d3867a],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL], Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\content, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\content\include, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\content\include\tools, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\content\js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\content\js\lib, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\content\js\module, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\content\js\pack, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\en, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\en-US, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\es, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\es-419, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\fr, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\fr-BE, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\fr-CA, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\fr-CH, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\fr-LU, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\it, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\it-CH, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\pl, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\pt-BR, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\ru, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\ru-MO, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\tr, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\vi, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\zh-CN, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\zh-TW, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\skin, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\defaults, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\defaults\preferences, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\modules, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.SupTab.A, C:\Program Files\SupTab, Delete-on-Reboot, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\skin, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\skin\image, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\en-US, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\es-419, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\es-ES, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-BE, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-CA, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-CH, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-FR, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-LU, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\it-CH, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\it-IT, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\pl, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\pt, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\pt-BR, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\ru, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\ru-MO, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\tr-TR, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\vi-VI, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\zh-CN, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\zh-TW, Quarantined, [727779c185f7a39338a9909226dde917],
Files: 189
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, Delete-on-Reboot, [16d355e5d5a7a294d2dd80efd130f709],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\SupTab.dll, Quarantined, [15d445f5e79552e4bcc7dd585fa1728e],
PUP.Optional.Skytech.A, C:\Program Files\SupTab\DpInterface32.dll, Quarantined, [a74232080f6dc373bcb7049bb05121df],
PUP.Optional.Skytech.A, C:\Program Files\SupTab\DpInterface64.dll, Quarantined, [3eab4ceed8a489addf941b849b66ab55],
PUP.Optional.SearchProtect, C:\Program Files\SupTab\Loader64.exe, Quarantined, [fbee1822c6b6cd69ed9729b5c938f709],
PUP.Optional.IEPluginService.A, C:\Program Files\SupTab\RSHP.exe, Quarantined, [faef89b13d3fe35376ffd4aecb366f91],
PUP.Optional.Skytech.A, C:\Program Files\SupTab\SearchProtect32.dll, Quarantined, [b93078c2fe7e0135ed86257af40dd22e],
PUP.Optional.Skytech.A, C:\Program Files\SupTab\SearchProtect64.dll, Quarantined, [00e9a09a097378be50232c7345bc31cf],
PUP.Optional.IePluginService.A, C:\Program Files\SupTab\SupIePluginServiceUpdate.exe, Quarantined, [49a0f4465a2248ee703fcba4f70a3dc3],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\MyPC Backup.exe, Quarantined, [db0ee8521666fd39c092ad31fc05817f],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Service Start.exe, Quarantined, [29c0de5c3c40be7896bc20be12ef51af],
PUP.Optional.WPM.A, C:\$RECYCLE.BIN\S-1-5-21-1783420540-2071620594-760296276-1000\$R9XVMQV\ProtectWindowsManager.exe, Quarantined, [3dac64d6f785bc7ab7652083b24fdd23],
PUP.Optional.MyPCBackup.A, C:\$RECYCLE.BIN\S-1-5-21-1783420540-2071620594-760296276-1000\$RZWD48V\MyPC Backup.exe, Quarantined, [40a9b3872f4dd95d5cf68856966b30d0],
PUP.Optional.MyPCBackup.A, C:\$RECYCLE.BIN\S-1-5-21-1783420540-2071620594-760296276-1000\$RZWD48V\Service Start.exe, Quarantined, [4b9e89b12d4feb4b232fc01e5aa7c63a],
PUP.Optional.FriedCookie, C:\Users\EDSON\AppData\Local\Temp\ICReinstall_windows-8-transformation-pack-9-1-32-bits.exe, Quarantined, [cc1d3dfdbac291a5b07796a7fd0805fb],
PUP.Optional.MyPCBackup.A, C:\Users\EDSON\AppData\Local\Temp\CloudBackup9147.exe, Quarantined, [de0b3dfd2d4f40f680d206d816eb2ed2],
PUP.Optional.MyPCBackup.A, C:\Users\EDSON\AppData\Local\Temp\CloudBackup1790.exe, Quarantined, [c227af8b9ce0c3738dc5f1eddf2216ea],
PUP.Optional.WPM.A, C:\Users\EDSON\AppData\Local\Temp\9C108286-D1F6-47E7-8DC2-7F5757C78459\tmp\wpm_v20.0.0.1270.exe, Quarantined, [90594eec0f6d7cbaa676dfc4a160aa56],
PUP.Optional.BundleInstaller.A, C:\Users\EDSON\AppData\Local\Temp\is863293414\0CF78324_stp\aff_setup.exe, Quarantined, [de0bd1694c301521f07e73c91ee7ae52],
PUP.Optional.MyPCBackup.A, C:\Users\EDSON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk, Quarantined, [c5244feb4a32f145cafdc96c8281c040],
PUP.Optional.MyPCBackup.A, C:\Users\EDSON\Desktop\MyPC Backup.lnk, Quarantined, [a44579c1710b1620deea80b5748f7b85],
PUP.Optional.MyPCBackup.A, C:\Users\EDSON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup\MyPC Backup.lnk, Quarantined, [02e7bc7eacd039fdecdd043121e20af6],
PUP.Optional.MyPCBackup.A, C:\Users\EDSON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup\Uninstall.lnk, Quarantined, [02e7bc7eacd039fdecdd043121e20af6],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\pt_PT.mo, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\LogicNP.EZShellExtensions.dll, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\aff.conf, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\AlphaVSS.51.x86.dll, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\AlphaVSS.52.x64.dll, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\AlphaVSS.52.x86.dll, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\AlphaVSS.60.x64.dll, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\AlphaVSS.60.x86.dll, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\AlphaVSS.Common.dll, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\AWSSDK.dll, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\BackupStack.exe, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Configuration Updater.exe, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Crypto32.dll, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Crypto64.dll, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\de_DE.mo, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\diffstack.dll, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\es_ES.mo, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\fr_FR.mo, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\GetText.dll, Delete-on-Reboot, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\it_IT.mo, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\LinqBridge.dll, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\MPCBClient.dll, Delete-on-Reboot, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\MPCBContextMenu.dll, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\MPCBIconOverlays.dll, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\mypcbackup.ico, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\ObjectListView.dll, Delete-on-Reboot, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\RegisterExtensionDotNet20_x64.exe, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\RegisterExtensionDotNet20_x86.exe, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\RestartExplorer.exe, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Shared Stack.dll, Delete-on-Reboot, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Signup Wizard.exe, Delete-on-Reboot, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\syncicon.ico, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\syncing.ico, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\tick.ico, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\uninst.exe, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\UnRegisterExtensions.exe, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Updater.exe, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Database\mpcb_backup_conf.db, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Database\mpcb_file_cache.db, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Database\mpcb_queues.db, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Database\mpcb_settings.db, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Database\mpcb_sig_cache.db, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\log\WAIT_HANDLES.log, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\x64\System.Data.SQLite.dll, Quarantined, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\x86\System.Data.SQLite.dll, Delete-on-Reboot, [91582d0d89f3989e8c3e181d0bf8926e],
PUP.Optional.SweetPage.A, C:\Program Files\Mozilla Firefox\browser\searchplugins\sweet-page.xml, Quarantined, [24c5eb4f4a328da96b97f2aa06fef60a],
PUP.Optional.CrossRider.A, C:\Windows\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633, Quarantined, [c7228fabfd7f8ea8afde93177f85b848],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update\conf, Quarantined, [effada60d8a485b15b1350ca30d3867a],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome.manifest, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\install.rdf, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\content\index.html, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\content\quick_start.js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\content\quick_start.xul, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\content\include\speed_dial.js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\content\include\tools\about_blank_hook.js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\content\include\tools\misc.js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\content\include\tools\popup_image_helper.js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\content\include\tools\urlrequestor.js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\content\js\js.js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\content\js\lib\doT.min.js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\content\js\lib\jquery-2.1.0.min.js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\content\js\lib\jquery.autocomplete.js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\content\js\module\hotSearch.js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\content\js\module\mostgrid.js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\content\js\module\search.js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\content\js\module\stat.js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\content\js\pack\common.js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\content\js\pack\ga.js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\content\js\pack\xagainit.js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\en\locale.properties, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\en-US\locale.properties, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\es\locale.properties, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\es-419\locale.properties, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\fr\locale.properties, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\fr-BE\locale.properties, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\fr-CA\locale.properties, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\fr-CH\locale.properties, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\fr-LU\locale.properties, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\it\locale.properties, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\it-CH\locale.properties, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\pl\locale.properties, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\pt-BR\locale.properties, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\ru\locale.properties, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\ru-MO\locale.properties, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\tr\locale.properties, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\vi\locale.properties, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\zh-CN\locale.properties, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\locale\zh-TW\locale.properties, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\skin\default_logo.png, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\skin\googlelogo.png, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\skin\google_trends.png, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\skin\icon.png, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\skin\loading.gif, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\skin\logo.png, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\skin\newtab.ico, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\skin\simple.css, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\chrome\skin\style.css, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\defaults\preferences\fvd.js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\defaults\preferences\preferences.js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\modules\addonmanager.js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\modules\aes.js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\modules\config.js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\modules\dialogs.js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\modules\last_tab.js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\modules\misc.js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\modules\properties.js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\modules\remoterequest.js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\modules\restoreprefs.js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.FastStart.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\extensions\[EMAIL]faststartff@gmail.com[/EMAIL]\modules\settings.js, Quarantined, [9e4b1f1b0d6f69cd484ef72440c33ac6],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\HpUI.exe, Delete-on-Reboot, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\ient.json, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\install.data, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\Loader32.exe, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\msvcp110.dll, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\msvcr110.dll, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\uninstall.exe, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\WindowsSupportDll32.dll, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\WindowsSupportDll64.dll, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\skin\bk_shadow.png, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\skin\btn.png, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\skin\close.png, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\skin\main.xml, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\skin\main.xml.bak, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\skin\image\ck_box.png, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\skin\image\ck_check.png, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\skin\image\radio_bk.png, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\skin\image\radio_check.png, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\data.html, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\indexIE.html, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\indexIE8.html, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\main.css, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\ver.txt, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\google_trends.png, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\icon128.png, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\icon16.png, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\icon48.png, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\loading.gif, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\logo32.ico, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\common.js, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\ga.js, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\jquery-1.11.0.min.js, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\jquery.autocomplete.js, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\js.js, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\library.js, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\xagainit-ie8.js, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\xagainit2.0.js, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\en-US\messages.json, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\es-419\messages.json, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\es-ES\messages.json, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-BE\messages.json, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-CA\messages.json, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-CH\messages.json, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-FR\messages.json, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-LU\messages.json, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\it-CH\messages.json, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\it-IT\messages.json, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\pl\messages.json, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\pt\messages.json, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\pt-BR\messages.json, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\ru\messages.json, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\ru-MO\messages.json, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\tr-TR\messages.json, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\vi-VI\messages.json, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\zh-CN\messages.json, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\zh-TW\messages.json, Quarantined, [727779c185f7a39338a9909226dde917],
PUP.Optional.SweetPage.A, C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\jvdc9r48.default\prefs.js, Good: (), Bad: (user_pref("browser.newtab.url", "http://www.sweet-page.com/newtab/?type=nt&ts=1416152318&from=cor&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUA31234812348")
, Replaced,[f2f7ea500e6eec4ac8a7b1d02fd6ff01]Physical Sectors: 0
(No malicious items detected)
(end)
http://www.cjoint.com/data3/3KqswpHJmgO.htm
E MP`s aos analistas #Leandro# , edutango e caedurodrigues; pendentes .
Agora com o mozilla cfe. acima . Já recomeça :
http://www.cjoint.com/data3/3KstYCaUQWW.htm
http://www.cjoint.com/data3/3Kst0jTZMFq.htm
https://www.hardware.com.br/comunidade/v-t/1357074/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.9 (11.15.2014:2)
OS: Windows 7 Home Basic x86
Ran by EDSON on 18/11/2014 at 17:17:53,94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Successfully deleted: [File] C:\Users\EDSON\AppData\Roaming\mozilla\firefox\profiles\jvdc9r48.default\invalidprefs.js
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18/11/2014 at 17:19:54,19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# AdwCleaner v4.101 - Relatório criado 18/11/2014 às 17:29:02
# Atualizado 09/11/2014 por Xplode
# Database : 2014-11-16.1 [Live]
# Sistema Operacional : Windows 7 Home Basic Service Pack 1 (32 bits)
# Usuário : EDSON - EDSON-PC
# Executando de : C:\Users\EDSON\Downloads\AdwCleaner (1).exe
# Opção : Examinar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
***** [ Tarefas ] *****
***** [ Atalhos ] *****
***** [ Registro ] *****
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.17420
-\\ Mozilla Firefox v33.1.1 (x86 pt-BR)
-\\ Google Chrome v38.0.2125.122
-\\ Opera v25.0.1614.71
*************************
AdwCleaner[R0].txt - [692 octets] - [18/11/2014 17:29:02]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [751 octets] ##########
#Leandro# ; se não vejamos :
Pesquisando por jvdc9r48.default\invalidprefs.js :
https://www.google.com.br/?gws_rd=ssl#q=jvdc9r48.default\invalidprefs.js
SystemLook 30.07.11 by jpshortstuff
Log created at 14:16 on 20/11/2014 by EDSON
Administrator - Elevation successful
========== filefind ==========
Searching for "Autorun.inf "
C:\Windows\winsxs\x86_microsoft-windows-s..ccessagent-binaries_31bf3856ad364e35_6.1.7600.16385_none_de06b4fbd5b45f78\autorun.inf --a---- 116 bytes [20:21 13/07/2009] [21:43 10/06/2009] 58835871E57FA4900939E252DAE4090F
========== folderfind ==========
Searching for "Autorun.inf "
No folders found.
========== regfind ==========
Searching for "Autorun.inf"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
-= EOF =-
http://www.cjoint.com/data3/3Kuxu4JYZBC.htm
http://www.cjoint.com/data3/3KuxvWWboND.htm
Ao rodar combofix constou caminhos genuinos próximos ao C:\Windows\winsxs\x86_microsoft-windows-s..ccessagent-binaries_31bf3856ad364e35_6.1.7600.16385_none_de06b4fbd5b45f78\autorun.inf :
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2011-02-26 . 0FB9C74046656D1579A64660AD67B746 . 2616320 . . [6.1.7601.21669] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[-] 2011-02-25 . 2A780FF484E7533F35F285BB74A9C2EE . 2788864 . . [6.1.7600.16385] . . c:\windows\explorer.exe
[7] 2011-02-25 . 8B88EBBB05A0E56B7DCC708498C02B3E . 2616320 . . [6.1.7601.17567] . . c:\windows\UXBackup\explorer.exe
[7] 2011-02-25 . 8B88EBBB05A0E56B7DCC708498C02B3E . 2616320 . . [6.1.7601.17567] . . c:\windows\erdnt\cache\explorer.exe
[7] 2011-02-25 . 8B88EBBB05A0E56B7DCC708498C02B3E . 2616320 . . [6.1.7601.17567] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[7] 2010-11-20 . 40D777B7A95E00593EB1568C68514493 . 2616320 . . [6.1.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
http://www.cjoint.com/data3/3KwtnUBc8LA.htm
Abraços e obrigado
A ignorância é a pior inimiga do homem . Não tenho medo de nada; apenas da inveja . E o mundo cada vez melhor !!
Palavras sábias de um hiper profissional do judiciário; perito digital e em psicologia jurídica .
A sua inveja é a velocidade de meu sucesso .
Um coração medroso congela o trabalho . Um coração temerário incendeia qualquer serviço ; arrasando - o .
Palavras sábias de um hiper profissional do judiciário; perito digital e em psicologia jurídica .
A sua inveja é a velocidade de meu sucesso .
Um coração medroso congela o trabalho . Um coração temerário incendeia qualquer serviço ; arrasando - o .
