Ir ao conteúdo
  • Cadastre-se
kogiro00

Meu computador não abre nenhum site de Bancos!

Recommended Posts

Meu computador não acessa nenhum site de banco, ele ja acessou mais agora não entra mais. Quando eu tento entrar nos sites aparece a seguinte mensagem: Não foi possível conectar-se ao servidor proxy.

Ja usei outros navegadores, internet explorer, mozila e google chrome e da o mesmo problema. Ja escaniei e nada, ja tentei entrar no site com o antivirus desligado e tanbem não entra. Ja nao sei o que mais tentar alguem pode me da uma ajuda ?

desde ja agradeço.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá

Postes os logs de acordo com Leia Antes de Postar - Criando um novo Tópico

ATENÇÃO 1: Não precisa abrir um novo tópico, coloque os novos logs neste mesmo tópico, obrigado!

ATENÇÃO 2: Não edite seu tópico, use o botão responder, obrigado!

ATENÇÃO 3: Não coloque os logs entre TAGS, obrigado!

ATENÇÃO 4: Não anexe os logs, obrigado!

Abraços :D

  • Curtir 2

Compartilhar este post


Link para o post
Compartilhar em outros sites

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16736 BrowserJavaVersion: 10.45.2

Run by kogiro at 21:05:07 on 2013-11-20

Microsoft Windows 7 Home Basic 6.1.7601.1.1252.55.1046.18.4010.2474 [GMT -2:00]

.

AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\PROGRA~2\GbPlugin\GbpSv.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe

C:\Users\kogiro\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Users\kogiro\Desktop\utorrent.exe

C:\Program Files (x86)\Control Center\CCenter.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files (x86)\BlueStacks\HD-Agent.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\system32\notepad.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.mysearchresults.com/?c=3518&t=01

uSearch Bar = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=BR&userid=bb337cc5-98be-402e-b6a1-4e5b7c44767f&searchtype=ds&q={searchTerms}&installDate=07/07/2013

uSearch Page = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=BR&userid=bb337cc5-98be-402e-b6a1-4e5b7c44767f&searchtype=ds&q={searchTerms}&installDate=07/07/2013

uDefault_Page_URL = hxxp://nmd.msn.com

mStart Page = hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal

uSearchAssistant = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=BR&userid=bb337cc5-98be-402e-b6a1-4e5b7c44767f&searchtype=ds&q={searchTerms}&installDate=07/07/2013

mWinlogon: Userinit = userinit.exe

BHO: Plus-HD-1.3: {11111111-1111-1111-1111-110311121157} - C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-bho.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\kogiro\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll

BHO: Auxiliar de Conexão do Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: IMinent WebBooster (BHO): {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll

BHO: Wajam: {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll

BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: Softonic Helper Object: {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.8.19.3\bh\Softonic.dll

BHO: BonanzaDeals: {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll

TB: Softonic Toolbar: {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.8.19.3\SoftonicTlbr.dll

TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>

uRun: [uTorrent] "C:\Users\kogiro\Desktop\utorrent.exe" /MINIMIZED

uRun: [iSUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup

mRun: [Control Center] C:\Program Files (x86)\Control Center\CCenter.exe

mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

mRun: [blueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

StartupFolder: C:\Users\kogiro\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: &Enviar para o OneNote - C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105

IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

LSP: C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll

TCP: NameServer = 187.123.95.55 187.123.95.54

TCP: Interfaces\{19CB5186-D624-484D-8972-46BF15456B47} : DHCPNameServer = 187.123.95.55 187.123.95.54

TCP: Interfaces\{7A5FFA19-E9FB-470F-8FE0-D2F949F6EE86} : DHCPNameServer = 187.123.95.55 187.123.95.54

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll

AppInit_DLLs= c:\progra~2\savesh~1\sprote~1.dll

SSODL: WebCheck - <orphaned>

SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-mStart Page = hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>

x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\

FF - prefs.js: browser.search.defaulturl -

FF - prefs.js: browser.search.selectedEngine - Web Search

FF - prefs.js: browser.startup.homepage - hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal

FF - prefs.js: keyword.URL - hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=BR&userid=bb337cc5-98be-402e-b6a1-4e5b7c44767f&searchtype=ds&installDate=07/07/2013&q=

FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll

FF - plugin: C:\Users\kogiro\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll

FF - plugin: C:\Users\kogiro\AppData\Roaming\raidcall\plugins\nprcplugin.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll

FF - ExtSQL: 2013-10-12 08:49; WebSiteRecommendation@weliketheweb.com; C:\Users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\WebSiteRecommendation@weliketheweb.com

FF - ExtSQL: 2013-10-15 05:50; {f9d03c26-0575-497e-821d-f7956d23e0ca}; C:\Users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}

FF - ExtSQL: 2013-10-15 05:51; 7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com; C:\Users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com

.

---- FIREFOX POLICIES ----

FF - user.js: extensions.autoDisableScopes - 0

FF - user.js: extensions.shownSelectionUI - true

.

============= SERVICES / DRIVERS ===============

.

R0 tpsacpi;TPS Firmware Extension Device Driver;C:\Windows\System32\drivers\tpsacpi.sys [2010-6-10 12224]

R1 avfwot;avfwot;C:\Windows\System32\drivers\avfwot.sys [2013-10-19 141376]

R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2013-10-19 28600]

R1 Bfilter;Baidu Antivirus Minifilter Driver;C:\Windows\System32\drivers\Bfilter.sys [2013-10-12 46912]

R1 Bfmon;Baidu FS Monitor Driver;C:\Windows\System32\drivers\Bfmon.sys [2013-10-12 32064]

R1 Bprotect;Baidu Protect;C:\Windows\System32\drivers\Bprotect.sys [2013-10-12 100960]

R2 AntiVirFirewallService;Avira FireWall;C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe [2013-10-19 655928]

R2 AntiVirMailService;Avira Mail Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [2013-10-19 622648]

R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-10-19 84024]

R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-10-19 108088]

R2 AntiVirWebService;Avira Web Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe [2013-10-19 815160]

R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2013-10-19 105344]

R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-9-19 70984]

R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-9-19 384840]

R2 DefaultTabUpdate;DefaultTabUpdate;C:\Users\kogiro\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2013-7-7 107520]

R2 GbpSv;Gbp Service;C:\PROGRA~2\GbPlugin\GbpSv.exe [2013-10-22 452136]

R2 SProtection;SProtection;C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [2013-8-1 2864448]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-6-12 2655768]

R2 WajamUpdater;WajamUpdater;C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [2013-5-2 109064]

R3 avfwim;AvFw Packet Filter Miniport;C:\Windows\System32\drivers\avfwim.sys [2013-10-19 114608]

R3 IntcDAud;Áudio do vídeo Intel®;C:\Windows\System32\drivers\IntcDAud.sys [2010-10-14 317440]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-10-8 883928]

R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2012-6-12 1142376]

S2 bonanzadealslive;Serviço do BonanzaDealsLive (bonanzadealslive);C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-15 148976]

S2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-9-19 393032]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 KMSServerService;KMS Server Service;C:\Windows\KMSServerService\KMS Server Service.exe DefaultPort DefaultKMSPID KillProcessOnPort --> C:\Windows\KMSServerService\KMS Server Service.exe DefaultPort DefaultKMSPID KillProcessOnPort [?]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-7-25 162672]

S2 WiseBootAssistant;Wise Boot Assistant;C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [2013-10-6 580232]

S3 bonanzadealslivem;Serviço do BonanzaDealsLive (bonanzadealslivem);C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-15 148976]

S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-6-12 48488]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]

S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);C:\Windows\System32\drivers\ss_bbus.sys [2009-9-19 127488]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]

S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2013-11-16 08:54:24 -------- d-----w- C:\ProgramData\Oracle

2013-11-16 08:50:48 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-11-14 01:24:14 1474048 ----a-w- C:\Windows\System32\crypt32.dll

2013-11-14 01:24:14 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll

2013-11-14 01:22:55 404480 ----a-w- C:\Windows\System32\gdi32.dll

2013-11-14 01:22:55 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll

2013-11-14 01:21:08 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL

2013-11-14 01:21:07 830464 ----a-w- C:\Windows\System32\nshwfp.dll

2013-11-14 01:21:07 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll

2013-11-14 01:21:07 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL

2013-11-14 01:21:07 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL

2013-11-01 23:52:21 -------- d-----w- C:\Users\kogiro\AppData\Local\{6BF3BF08-D0C1-4C19-8BD4-26F95FD2C378}

2013-11-01 23:50:48 -------- d-----w- C:\ProgramData\{6BF3BF08-D0C1-4C19-8BD4-26F95FD2C378}

2013-11-01 23:50:42 -------- d-----w- C:\Users\kogiro\AppData\Local\Cenize

2013-11-01 23:50:38 -------- d-----w- C:\Program Files (x86)\jFinanças Pessoal 2013

2013-10-24 00:18:47 -------- d-----w- C:\Program Files (x86)\BlueStacks

2013-10-24 00:17:30 -------- d-----w- C:\ProgramData\BlueStacksSetup

2013-10-24 00:17:28 -------- d-----w- C:\ProgramData\BlueStacks

2013-10-21 23:22:06 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan

.

==================== Find3M ====================

.

2013-11-20 21:43:08 31088 ----a-w- C:\Windows\SysWow64\drivers\gbpndisrd.sys

2013-10-20 00:57:15 81112 ----a-w- C:\Windows\System32\drivers\avnetflt.sys

2013-10-20 00:57:15 28600 ----a-w- C:\Windows\System32\drivers\avkmgr.sys

2013-10-20 00:57:15 105344 ----a-w- C:\Windows\System32\drivers\avgntflt.sys

2013-10-12 08:45:20 2241536 ----a-w- C:\Windows\System32\wininet.dll

2013-10-12 08:43:37 3959808 ----a-w- C:\Windows\System32\jscript9.dll

2013-10-12 08:43:32 67072 ----a-w- C:\Windows\System32\iesetup.dll

2013-10-12 08:43:32 136704 ----a-w- C:\Windows\System32\iesysprep.dll

2013-10-12 07:03:50 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-10-12 07:02:33 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-10-12 07:02:29 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll

2013-10-12 07:02:29 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2013-10-12 06:35:26 2706432 ----a-w- C:\Windows\System32\mshtml.tlb

2013-10-12 06:08:58 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-10-12 05:44:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2013-10-12 05:15:39 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe

2013-10-08 02:11:32 883928 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys

2013-10-08 02:11:32 74456 ----a-w- C:\Windows\System32\RtNicProp64.dll

2013-10-08 02:11:32 108760 ----a-w- C:\Windows\System32\RTNUninst64.dll

2013-10-08 00:08:52 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-10-08 00:08:51 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll

2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll

2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll

2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll

2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll

2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll

2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys

2013-09-27 22:01:03 106648 ----a-w- C:\Windows\System32\drivers\GRD.sys

2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll

2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll

2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll

2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll

2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll

2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll

2013-09-25 02:14:01 16504 ----a-w- C:\Windows\System32\drivers\GdPhyMem.sys

2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll

2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll

2013-09-25 01:53:58 59768 ----a-w- C:\Windows\System32\drivers\PktIcpt.sys

2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe

2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll

2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll

2013-09-04 12:12:11 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2013-09-04 12:11:51 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys

2013-09-04 12:11:49 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2013-09-04 12:11:43 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2013-09-04 12:11:43 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2013-09-04 12:11:42 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2013-09-04 12:11:40 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys

2013-09-03 17:35:10 278800 ------w- C:\Windows\System32\MpSigStub.exe

2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll

2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll

2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll

2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll

2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll

2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll

2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll

2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll

2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe

2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys

2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll

.

============= FINISH: 21:05:36,58 ===============

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro kogiro00

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.

Por favor, atente para o seguinte:

  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Sempre coloque suas respostas neste tópico... Não abra outro!
  • Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
  • Respeite a ordem das instruções passadas.
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

# Etapa nº 1 #

Faça o download Junkware Removal Tool e salve em seu Desktop.

  • Desative seus programas de proteção (antivírus etc) para evitar qualquer conflito.
  • Clique duas vezes JRT.exe
    • Se seu sistema for Windows Vista ou Windows 7 ou Windows 8, clique com o botão direito do mouse e peça para Executar como Administrador.

    [*]Seja paciente e aguarde o scan terminar.[*]Abra o log JRT.txt que está em seu Desktop.[*]Copie todo conteúdo e cole em sua próximo mensagem.

# Etapa nº 2 #

  • Clique duas vezes no adwcleaner.exe
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

  • Clique em Pesquisar
  • No final do scan será aberto um log com o resultado.
  • Caso algo seja detectado, clique então no botão Remover.
  • Novamente, no final do scan será aberto um log com o resultado.
  • Copie todo seu conteúdo e cole em sua próxima resposta.

# Etapa nº 3 #

Leia as instruções contidas neste link:

Nas instruções contidas no link acima, poderá verificar quais os fóruns onde os Analistas estão devidamente habilitados a utilizar corretamente a ferramenta:"Fóruns para receber ajuda com logs do ComboFix"

  1. Faça o download do ComboFix de um dos links oficiais listados abaixo e salve no seu desktop:

[*]Temporariamente e durante a execução destas instruções, é muito importante que mantenha desabilitados os seus programas de proteção (Antivirus, Antispyware e Firewall). Reative as proteções após a execução do(s) procedimento(s) abaixo mencionado(s).[*]Duplo clique no icone desktopicon.png que está no desktop.[*]Leia e aceite as condições, digitando 1 e enter.[*]Computadores com Windows XP deverão instalar o Console de Recuperação:

  • Se o seu computador tem instalado o Windows XP e ainda não tem instalado o Console de Recuperação, por favor certifique-se que está conectado à Internet, e clique em "Sim".
  • Clique em "OK" ao EULA.
  • Quando o Console de Recuperação estiver já instalado, clique em "SIM" para continuar.

[*]O ComboFix será executado, por favor seja paciente e aguarde. [*]Atenção: Não utilize o mouse nem o teclado enquanto a ferramenta estiver sendo executada, isso pode fazer com que o computador pare.[*]Poderá surgir o aviso que é necessário reiniciar o computador.

NÃO REINICIE!!! O ComboFix reiniciará o computador automaticamente.[*]Quando a ferramenta terminar de rodar, gerará um log (o arquivo C:\ComboFix.txt). Copie e cole o conteúdo desse arquivo na sua proxima resposta.

NÃO utilize a ferramenta por conta própria. É uma ferramenta poderosa criada pra lidar com infecções sofisticadas e caso não a utilize corretamente poderá danificar o seu computador.

  • Existem vários malwares que impedem a execução correta da ferramenta e com isso danificar gravemente o computador. Analistas habilitados a utilizar o ComboFix conhecem esses casos e sabem lidar com estas situações.
  • Muitos dos Analistas não respondem a topicos em que vejam que o ComboFix foi utilizado sem supervisão.
  • Existem varias ferramentas anti-malware generalistas em que os autores ao elaborarem a programação das mesmas, estão pensando nos usuários finais e para serem usadas sem supervisão. O Combofix não é uma ferramenta desse tipo, e assim sendo e até por respeito ao autor da ferramenta, não utilize sem supervisão.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.0.8 (11.05.2013:1)

OS: Windows 7 Home Basic x64

Ran by kogiro on 22/11/2013 at 20:00:39,86

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113}

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-735584874-838416903-3506722238-1000\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Bar

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\Default_Search_URL

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowser

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowser.1

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowseractivex

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowseractivex.1

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane.1

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.api

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.api.1

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.layers

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.layers.1

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{38495740-0035-4471-851E-F5BBB86AB085}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D34F391D-4CB7-467F-A543-F583857C63B0}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\bonanzadealslive.exe

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\defaulttabbho.dll

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortapp.dll

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escorteng.dll

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortlbr.dll

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\esrv.exe

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\iminent.webbooster.internetexplorer.dll

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\priam_bho.dll

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\webcakeieclient.dll

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{118E1BF6-6279-432F-A285-373A77B90C7A}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{14CEEA2F-3D21-46ED-A7D2-89056C520E5E}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1CC8D970-F626-4F19-815F-890032BB6606}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{33BAF587-9647-4281-A34F-F4830CDC1B9F}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{5B5E5D0E-7C83-4A32-ADD2-E5F488DD6783}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{6802463D-636F-41FE-9924-4CAD56906590}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{806785D0-375F-4C2C-92E3-B8EE65D28E83}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{944661E7-67B9-4DF7-BFF2-05388C166D34}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A7CF66EF-4F0D-46B1-AF71-A500378D6C34}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B71934E5-6B93-448D-9D32-CBAA5150C5D8}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C4BEF720-313C-420A-ACF6-77DD95D8F553}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D34F391D-4CB7-467F-A543-F583857C63B0}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E970727E-0508-4BEB-8B72-BBA9D0D047C7}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EBF1F869-D2F0-4D31-A877-386C853A9C3D}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F3CF4912-CF0A-451B-AF3B-C4F216C715E4}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}

Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bonanzadeals

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bonanzadealslive

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\default tab

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\defaulttab

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\funmoods

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminent

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbar

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wajam

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\defaulttab

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\lyrixeeker

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\plus-hd-1.3

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\sprotector

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-735584874-838416903-3506722238-1000\Software\wajam

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\bonanzadeals

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\bonanzadealslive

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\default tab

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\defaulttab

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installcore

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\softonic

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\umbrella

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\wajam

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealslive.oneclickctrl.9

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealslive.oneclickprocesslaunchermachine

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealslive.oneclickprocesslaunchermachine.1.0

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealslive.update3webcontrol.3

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.cocreateasync

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.cocreateasync.1.0

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.coreclass

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.coreclass.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.coremachineclass

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.coremachineclass.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.credentialdialogmachine

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.credentialdialogmachine.1.0

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.ondemandcomclassmachine

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.ondemandcomclassmachine.1.0

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.ondemandcomclassmachinefallback

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.ondemandcomclassmachinefallback.1.0

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.ondemandcomclasssvc

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.ondemandcomclasssvc.1.0

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.processlauncher

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.processlauncher.1.0

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.update3comclassservice

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.update3comclassservice.1.0

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.update3webmachine

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.update3webmachine.1.0

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.update3webmachinefallback

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.update3webmachinefallback.1.0

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.update3websvc

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.update3websvc.1.0

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.business.tinyfying.downloadargs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.business.tinyfying.linktopromoteargs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.business.tinyfying.rawdataargs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.business.tinyfying.tinyurlargs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.business.tinyfying.virallinkargs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.clientcallback

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.contractbase

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.addtousercontentcommand

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.checkloginstatuscommand

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.cleancachecommand

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.gameovercallback

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.getcreditcommand

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.getinstallationcontextcommand

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.getloginstatuscommand

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.getloginstatusresult

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.getvariablecommand

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.getvariableresult

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.installationcontextresult

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.loadcontentcommand

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.loadcontentcommandresult

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.logincommand

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.loginstatuschangedcallback

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.logoutcommand

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.mergeidentitycommand

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.myaccountcommand

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.playcontentcommand

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.postcontentcallback

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.recycleviewscommand

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.setvariablecommand

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.showbrowserwindowcommand

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.showcontrolcentercommand

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.showpluginwindowcommand

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.testcontentcommand

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.usercontentchangedcallback

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.variablechangedcallback

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.warmupcommand

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.welcomecommand

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.servercommand

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.serverresult

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.lightcontent

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.lighturi

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.mediatorserviceproxy

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.activecontenthandle.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.activecontenthandler

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.browserhelperobject

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.browserhelperobject.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.scriptextender

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.scriptextender.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.tinyurlhandler

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.tinyurlhandler.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\s

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\softonic.dskbnd

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\softonic.dskbnd.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\softonic.softonichlpr

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\softonic.softonichlpr.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\softonicapp.appcore

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\softonicapp.appcore.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\srv.softonicsrvc

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\srv.softonicsrvc.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajambho

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajambho.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajamdownloader

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajamdownloader.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4BEF720-313C-420A-ACF6-77DD95D8F553}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\funmoodssetup_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\funmoodssetup_rasmancs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_rasmancs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\quickshare_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\quickshare_rasmancs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\wajam_install_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\wajam_install_rasmancs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\wajamupdater_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\wajamupdater_rasmancs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasmancs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\bonanza deals

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\defaulttab

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\defaulttab chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\plus-hd-2.3

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchthewebarp

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\softonic

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\wajam

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sp global

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sprotector

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0031257.BHO

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0031257.BHO.1

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0031257.Sandbox

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0031257.Sandbox.1

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311121157}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322122257}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355125557}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366126657}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440344124457}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311121157}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220322122257}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550355125557}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660366126657}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440344124457}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0031257.BHO

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0031257.BHO.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0031257.Sandbox

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0031257.Sandbox.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355125557}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366126657}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440344124457}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311121157}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311121157}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_para_daemon-tools_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_para_daemon-tools_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_para_steam_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_para_steam_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_para_utorrent_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_para_utorrent_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_para_winrar_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_para_winrar_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Softonic_chr_1-8-19-3_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Softonic_chr_1-8-19-3_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311121157}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550355125557}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660366126657}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440344124457}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\UpdateTask_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\UpdateTask_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_para_daemon-tools_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_para_daemon-tools_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_para_steam_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_para_steam_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_para_utorrent_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_para_utorrent_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_para_winrar_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_para_winrar_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Softonic_chr_1-8-19-3_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Softonic_chr_1-8-19-3_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311121157}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2B03C4C9-7DB5-73A7-5822-26CFBD771701}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{52CDDC89-A925-49BA-B21E-A9482134A2FB}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CD9D95FB-CAFB-4B4C-9D16-2F7CC7DA8CCF}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}

~~~ Files

Successfully deleted: [File] "C:\Windows\Tasks\wise care 365.job"

Successfully deleted: [File] C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job

Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.3-chromeinstaller.job

Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.3-codedownloader.job

Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.3-enabler.job

Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.3-firefoxinstaller.job

Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.3-updater.job

Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-2.3-chromeinstaller.job

Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-2.3-firefoxinstaller.job

Successfully deleted: [File] "C:\end"

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"

Successfully deleted: [Folder] "C:\ProgramData\baidu"

Successfully deleted: [Folder] "C:\ProgramData\bonanzadealslive"

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"

Successfully deleted: [Folder] "C:\ProgramData\iminent"

Successfully deleted: [Folder] "C:\ProgramData\starapp"

Successfully deleted: [Folder] "C:\ProgramData\tarma installer"

Successfully deleted: [Folder] "C:\Users\kogiro\AppData\Roaming\baidu"

Successfully deleted: [Folder] "C:\Users\kogiro\AppData\Roaming\defaulttab"

Successfully deleted: [Folder] "C:\Users\kogiro\AppData\Roaming\funmoods"

Successfully deleted: [Folder] "C:\Users\kogiro\AppData\Roaming\iminent"

Successfully deleted: [Folder] "C:\Users\kogiro\AppData\Roaming\softonic"

Successfully deleted: [Folder] "C:\Users\kogiro\appdata\local\bonanzadealslive"

Successfully deleted: [Folder] "C:\Users\kogiro\appdata\local\lollipop"

Successfully deleted: [Folder] "C:\Users\kogiro\appdata\local\wajam"

Successfully deleted: [Folder] "C:\Users\kogiro\appdata\locallow\softonic"

Successfully deleted: [Folder] "C:\Program Files (x86)\bonanzadeals"

Successfully deleted: [Folder] "C:\Program Files (x86)\bonanzadealslive"

Successfully deleted: [Folder] "C:\Program Files (x86)\defaulttab"

Successfully deleted: [Folder] "C:\Program Files (x86)\iminent"

Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"

Successfully deleted: [Folder] "C:\Program Files (x86)\saveshare"

Successfully deleted: [Folder] "C:\Program Files (x86)\softonic"

Successfully deleted: [Folder] "C:\Program Files (x86)\wajam"

Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\umbrella"

Successfully deleted: [Folder] "C:\Users\kogiro\AppData\Roaming\microsoft\windows\start menu\programs\bonanzadeals"

Successfully deleted: [Folder] "C:\Users\kogiro\AppData\Roaming\microsoft\windows\start menu\programs\wajam"

~~~ FireFox

Successfully deleted: [File] C:\Users\kogiro\AppData\Roaming\mozilla\firefox\profiles\fa2pxj8s.default\user.js

Successfully deleted: [File] C:\Users\kogiro\AppData\Roaming\mozilla\firefox\profiles\fa2pxj8s.default\searchplugins\web search.xml

Successfully deleted: [Folder] C:\Users\kogiro\AppData\Roaming\mozilla\firefox\profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com

Successfully deleted: [Folder] C:\Users\kogiro\AppData\Roaming\mozilla\firefox\profiles\fa2pxj8s.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com

Successfully deleted: [Folder] C:\Users\kogiro\AppData\Roaming\mozilla\firefox\profiles\fa2pxj8s.default\extensions\staged

Successfully deleted: [Folder] C:\Users\kogiro\AppData\Roaming\mozilla\firefox\profiles\fa2pxj8s.default\extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.bdupdater.com/bonanzadealslive update;version=3

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.bdupdater.com/bonanzadealslive update;version=9

Successfully deleted the following from C:\Users\kogiro\AppData\Roaming\mozilla\firefox\profiles\fa2pxj8s.default\prefs.js

user_pref("aol_toolbar.default.homepage.check", false);

user_pref("aol_toolbar.default.search.check", false);

user_pref("browser.search.defaultenginename", "Web Search");

user_pref("browser.search.selectedEngine", "Web Search");

user_pref("extensions.BabylonToolbar.prtkDS", 0);

user_pref("extensions.BabylonToolbar.prtkHmpg", 0);

user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.internaldb.cache/286965653b415f505622ea74d2bd3bbe_BR.value", "%22var%20ca

user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.internaldb.cache/530e52021dc20843b1aa62957edeb9f8.value", "%22var%20adsDe

user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9.value", "%22function%20

user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.internaldb.cache/62cce7d26ab5636bceb113b988d56c59_BR.value", "%22var%20ca

user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.internaldb.cache/d9fe5d2850f1ed167451b193e8bd0e0c_BR.value", "%22var%20ca

user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.internaldb.cache/eb7a3e6f23795c98b3e36b1cf6d51c29_BR.value", "%22var%20ca

user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.internaldb.cache/286965653b415f505622ea74d2bd3bbe_BR.value", "%22var%20ca

user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.internaldb.cache/2a71b3b28494cf1854d333288ccc18ba_BR.value", "%22var%20ca

user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.internaldb.cache/530e52021dc20843b1aa62957edeb9f8.value", "%22var%20adsDe

user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9.value", "%22function%20

user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.internaldb.cache/62cce7d26ab5636bceb113b988d56c59_BR.value", "%22var%20ca

user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.internaldb.cache/bdfc9dffb595bf8997540ad068713129_BR.value", "%22var%20ca

user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.internaldb.cache/d9fe5d2850f1ed167451b193e8bd0e0c_BR.value", "%22var%20ca

user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.internaldb.cache/eb7a3e6f23795c98b3e36b1cf6d51c29_BR.value", "%22var%20ca

user_pref("extensions.crossrider.bic", "141bd4a69c65f45650cb917dbed7c4ed");

user_pref("keyword.URL", "hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=BR&userid=bb337cc5-98be-402e-b6a1-4e5b7c44767f&searchtype=ds&installDate=07/07/2013&q=");

user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");

user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");

user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");

user_pref("sweetim.toolbar.previous.keyword.URL", "");

user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");

user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");

user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");

user_pref("sweetim.toolbar.searchguard.enable", "");

Emptied folder: C:\Users\kogiro\AppData\Roaming\mozilla\firefox\profiles\fa2pxj8s.default\minidumps [9 files]

~~~ Chrome

Successfully deleted: [Folder] C:\Users\kogiro\appdata\local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\epojlgbehpaeekopencdagbdamnkppci

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 22/11/2013 at 20:07:17,25

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Compartilhar este post


Link para o post
Compartilhar em outros sites

ComboFix 13-11-23.02 - kogiro 25/11/2013 20:12:20.1.8 - x64

Microsoft Windows 7 Home Basic 6.1.7601.1.1252.55.1046.18.4010.1955 [GMT -2:00]

Executando de: c:\users\kogiro\Downloads\ComboFix.exe

AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome.manifest

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\api.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\api\asyncDB.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\api\background.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\api\browserAction.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\api\contextMenu.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\api\dbManager.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\api\dom_bg.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\api\fileManager.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\api\firefox.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\api\firefoxNotifications.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\api\firefoxOmnibox.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\api\message.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\api\pageAction.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\api\request.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\api\tabs.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\api\webRequest.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\background.html

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\baseObject.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\browser.xul

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\core\console.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\core\consts.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\core\delegate.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\core\extensionDataStore.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\core\folderIOWrapper.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\core\httpObserver.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\core\IDBWrapper.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\core\installer.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\core\logFile.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\core\prefs.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\core\progressListenerObserver.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\core\registry.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\core\reloadObserver.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\core\reports.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\core\requestObject.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\core\searchSettings.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\core\uninstallObserver.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\core\updateManager.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\core\utils.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\core\xhr.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\dialog.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\main.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\options.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\options.xul

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\search_dialog.xul

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\defaults\preferences\prefs.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\manifest.xml

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins.json

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\1_base.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\102_dealply_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\103_intext_5_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\104_jollywallet_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\105_corticas_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\108_icm_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\117_coupons_intext_ads_5_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\119_similar_web_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\120_luck_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\123_intext_adv_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\125_arcadi2_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\126_revizer_ws_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\127_revizer_p_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\128_superfish_pricora_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\13_CrossriderAppUtils.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\135_arcadi3_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\138_getdeal_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\14_CrossriderUtils.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\141_corticas_ru_m.js.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\142_intext_fa_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\155_ibario_pops_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\159_cortica_rollover_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\16_FFAppAPIWrapper.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\17_jQuery.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\171_arcadi2_sourceID_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\175_coolmirage_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\178_revizer_ws_dynamic_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\179_revizer_p_dynamic_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\180_bpo_serp_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\184_noproblemppc_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\189_active_sanity.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\190_pops_5_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\191_ciuvo_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\192_revizer_ws_dynamic_b2b_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\193_revizer_p_dynamic_b2b_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\21_debug.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\22_resources.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\28_initializer.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\4_jquery_1_7_1.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\47_resources_background.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\64_appApiMessage.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\7_hooks.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\72_appApiValidation.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\78_CrossriderInfo.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\87_ginyas_wrapper.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\9_search_engine_hook.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\91_monetizationLoader.js.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\93_superfish_no_coupons_m.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\plugins\98_omniCommands.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\userCode\background.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\extensionData\userCode\extension.js

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\install.rdf

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\locale\en-US\translations.dtd

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\skin\button1.png

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\skin\button2.png

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\skin\button3.png

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\skin\button4.png

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\skin\button5.png

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\skin\crossrider_statusbar.png

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\skin\icon128.png

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\skin\icon16.png

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\skin\icon24.png

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\skin\icon48.png

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\skin\panelarrow-up.png

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\skin\popup.html

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\skin\skin.css

c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\skin\update.css

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_DefaultTabUpdate

.

.

(((((((((((((((( Arquivos/Ficheiros criados de 2013-10-25 to 2013-11-25 ))))))))))))))))))))))))))))

.

.

2013-11-22 22:10 . 2013-11-23 10:18 -------- d-----w- C:\AdwCleaner

2013-11-22 22:00 . 2013-11-22 22:00 -------- d-----w- c:\windows\ERUNT

2013-11-16 08:54 . 2013-11-16 08:54 -------- d-----w- c:\programdata\Oracle

2013-11-16 08:51 . 2013-11-16 08:51 -------- d-----w- c:\program files (x86)\Common Files\Java

2013-11-16 08:50 . 2013-10-08 09:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-11-14 01:24 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll

2013-11-14 01:24 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll

2013-11-14 01:22 . 2013-10-03 02:23 404480 ----a-w- c:\windows\system32\gdi32.dll

2013-11-14 01:22 . 2013-10-03 02:00 311808 ----a-w- c:\windows\SysWow64\gdi32.dll

2013-11-14 01:21 . 2013-10-12 02:29 859648 ----a-w- c:\windows\system32\IKEEXT.DLL

2013-11-14 01:21 . 2013-10-12 02:30 830464 ----a-w- c:\windows\system32\nshwfp.dll

2013-11-14 01:21 . 2013-10-12 02:29 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL

2013-11-14 01:21 . 2013-10-12 02:03 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll

2013-11-14 01:21 . 2013-10-12 02:01 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL

2013-11-01 23:52 . 2013-11-01 23:52 -------- d-----w- c:\users\kogiro\AppData\Local\{6BF3BF08-D0C1-4C19-8BD4-26F95FD2C378}

2013-11-01 23:50 . 2013-11-01 23:50 -------- d-----w- c:\programdata\{6BF3BF08-D0C1-4C19-8BD4-26F95FD2C378}

2013-11-01 23:50 . 2013-11-01 23:53 -------- d-----w- c:\users\kogiro\AppData\Local\Cenize

2013-11-01 23:50 . 2013-11-25 17:20 -------- d-----w- c:\program files (x86)\jFinanças Pessoal 2013

.

.

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-11-25 22:24 . 2013-07-16 08:53 31088 ----a-w- c:\windows\SysWow64\drivers\gbpndisrd.sys

2013-10-20 00:57 . 2013-10-20 00:57 81112 ----a-w- c:\windows\system32\drivers\avnetflt.sys

2013-10-20 00:57 . 2013-10-20 00:57 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys

2013-10-20 00:57 . 2013-10-20 00:57 132088 ----a-w- c:\windows\system32\drivers\avipbb.sys

2013-10-20 00:57 . 2013-10-20 00:57 105344 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2013-10-14 07:12 . 2013-10-18 11:10 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BC6BD4C6-641D-46BC-9F67-C19EDB6A8513}\mpengine.dll

2013-10-08 02:11 . 2013-10-08 02:11 883928 ----a-w- c:\windows\system32\drivers\Rt64win7.sys

2013-10-08 02:11 . 2013-10-08 02:11 74456 ----a-w- c:\windows\system32\RtNicProp64.dll

2013-10-08 02:11 . 2012-06-12 14:34 108760 ----a-w- c:\windows\system32\RTNUninst64.dll

2013-10-08 00:08 . 2013-08-17 21:52 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-10-08 00:08 . 2013-08-17 21:52 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-09-27 22:01 . 2013-09-25 02:13 106648 ----a-w- c:\windows\system32\drivers\GRD.sys

2013-09-25 02:14 . 2013-09-25 02:14 16504 ----a-w- c:\windows\system32\drivers\GdPhyMem.sys

2013-09-25 01:53 . 2013-09-25 01:53 59768 ----a-w- c:\windows\system32\drivers\PktIcpt.sys

2013-09-08 02:30 . 2013-10-08 20:49 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-09-08 02:27 . 2013-10-08 20:49 327168 ----a-w- c:\windows\system32\mswsock.dll

2013-09-08 02:03 . 2013-10-08 20:49 231424 ----a-w- c:\windows\SysWow64\mswsock.dll

2013-09-04 12:12 . 2013-10-08 20:51 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys

2013-09-04 12:11 . 2013-10-08 20:51 325120 ----a-w- c:\windows\system32\drivers\usbport.sys

2013-09-04 12:11 . 2013-10-08 20:51 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys

2013-09-04 12:11 . 2013-10-08 20:51 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys

2013-09-04 12:11 . 2013-10-08 20:51 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys

2013-09-04 12:11 . 2013-10-08 20:51 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys

2013-09-04 12:11 . 2013-10-08 20:51 7808 ----a-w- c:\windows\system32\drivers\usbd.sys

2013-09-03 17:35 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe

2013-08-29 02:17 . 2013-10-08 20:49 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-08-29 02:16 . 2013-10-08 20:49 1732032 ----a-w- c:\windows\system32\ntdll.dll

2013-08-29 02:16 . 2013-10-08 20:49 243712 ----a-w- c:\windows\system32\wow64.dll

2013-08-29 02:16 . 2013-10-08 20:49 859648 ----a-w- c:\windows\system32\tdh.dll

2013-08-29 02:13 . 2013-10-08 20:49 878080 ----a-w- c:\windows\system32\advapi32.dll

2013-08-29 01:51 . 2013-10-08 20:49 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2013-08-29 01:51 . 2013-10-08 20:49 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2013-08-29 01:50 . 2013-10-08 20:49 5120 ----a-w- c:\windows\SysWow64\wow32.dll

2013-08-29 01:50 . 2013-10-08 20:49 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll

2013-08-29 01:50 . 2013-10-08 20:49 619520 ----a-w- c:\windows\SysWow64\tdh.dll

2013-08-29 01:48 . 2013-10-08 20:49 640512 ----a-w- c:\windows\SysWow64\advapi32.dll

2013-08-29 01:48 . 2013-10-08 20:49 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2013-08-29 00:49 . 2013-10-08 20:49 25600 ----a-w- c:\windows\SysWow64\setup16.exe

2013-08-29 00:49 . 2013-10-08 20:49 7680 ----a-w- c:\windows\SysWow64\instnm.exe

2013-08-29 00:49 . 2013-10-08 20:49 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll

2013-08-29 00:49 . 2013-10-08 20:49 2048 ----a-w- c:\windows\SysWow64\user.exe

2013-08-28 01:21 . 2013-10-08 20:49 3155968 ----a-w- c:\windows\system32\win32k.sys

2013-08-28 01:12 . 2013-10-08 20:51 461312 ----a-w- c:\windows\system32\scavengeui.dll

.

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por padrão não são apresentadas.

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"uTorrent"="c:\users\kogiro\Desktop\utorrent.exe" [2013-07-07 1126480]

"ISUSPM Startup"="c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Control Center"="c:\program files (x86)\Control Center\CCenter.exe" [2010-06-23 800256]

"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]

"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-10-20 347192]

"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2013-09-19 606024]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]

.

c:\users\kogiro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

"Userinit"="userinit.exe"

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]

2013-10-07 14:32 1487912 ----a-w- c:\program files (x86)\GbPlugin\gbieh.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

.

R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\GbpKm.sys;c:\windows\SYSNATIVE\drivers\GbpKm.sys [x]

R2 bonanzadealslive;Serviço do BonanzaDealsLive (bonanzadealslive);c:\program files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe;c:\program files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [x]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 KMSServerService;KMS Server Service;c:\windows\KMSServerService\KMS Server Service.exe DefaultPort DefaultKMSPID KillProcessOnPort;c:\windows\KMSServerService\KMS Server Service.exe DefaultPort DefaultKMSPID KillProcessOnPort [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R2 SProtection;SProtection;c:\program files (x86)\Common Files\Umbrella\umbrella.exe;c:\program files (x86)\Common Files\Umbrella\umbrella.exe [x]

R2 WajamUpdater;WajamUpdater;c:\program files (x86)\Wajam\Updater\WajamUpdater.exe;c:\program files (x86)\Wajam\Updater\WajamUpdater.exe [x]

R2 WiseBootAssistant;Wise Boot Assistant;c:\program files (x86)\Wise\Wise Care 365\BootTime.exe;c:\program files (x86)\Wise\Wise Care 365\BootTime.exe [x]

R3 bonanzadealslivem;Serviço do BonanzaDealsLive (bonanzadealslivem);c:\program files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe;c:\program files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [x]

R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]

S0 tpsacpi;TPS Firmware Extension Device Driver;c:\windows\system32\drivers\tpsacpi.SYS;c:\windows\SYSNATIVE\drivers\tpsacpi.SYS [x]

S1 avfwot;avfwot;c:\windows\system32\DRIVERS\avfwot.sys;c:\windows\SYSNATIVE\DRIVERS\avfwot.sys [x]

S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]

S1 Bfilter;Baidu Antivirus Minifilter Driver;c:\windows\System32\drivers\Bfilter.sys;c:\windows\SYSNATIVE\drivers\Bfilter.sys [x]

S1 Bfmon;Baidu FS Monitor Driver;c:\windows\System32\drivers\Bfmon.sys;c:\windows\SYSNATIVE\drivers\Bfmon.sys [x]

S1 Bprotect;Baidu Protect;c:\windows\System32\drivers\Bprotect.sys;c:\windows\SYSNATIVE\drivers\Bprotect.sys [x]

S2 AntiVirFirewallService;Avira FireWall;c:\program files (x86)\Avira\AntiVir Desktop\avfwsvc.exe;c:\program files (x86)\Avira\AntiVir Desktop\avfwsvc.exe [x]

S2 AntiVirMailService;Avira Mail Protection;c:\program files (x86)\Avira\AntiVir Desktop\avmailc.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc.exe [x]

S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]

S2 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]

S2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]

S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]

S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]

S2 GbpSv;Gbp Service;c:\progra~2\GbPlugin\GbpSv.exe;c:\progra~2\GbPlugin\GbpSv.exe [x]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]

S3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\DRIVERS\avfwim.sys;c:\windows\SYSNATIVE\DRIVERS\avfwim.sys [x]

S3 IntcDAud;Áudio do vídeo Intel®;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192Ce.sys [x]

.

.

--- =Outros Serviços/Drivers Na Memória ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

Hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-11-17 10:51 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe

.

Conteúdo da pasta 'Tarefas Agendadas'

.

2013-10-08 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-17 00:08]

.

2013-11-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cee966f1d4ec57.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-07 17:02]

.

2013-09-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-07 17:02]

.

2013-09-11 c:\windows\Tasks\HP Photo Creations Communicator.job

- c:\programdata\HP Photo Creations\Communicator.exe [2013-07-20 21:33]

.

2013-10-06 c:\windows\Tasks\Wise Turbo Checker.job

- c:\program files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2013-10-06 15:46]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-11-10 8321568]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-11-18 167960]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-11-18 391704]

"Persistence"="c:\windows\system32\igfxpers.exe" [2010-11-18 417304]

.

------- Scan Suplementar -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.com

mStart Page = hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal

mLocal Page = c:\windows\SysWOW64\blank.htm

uSearchAssistant = hxxp://www.google.com

IE: &Enviar para o OneNote - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105

IE: E&xportar para o Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000

LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll

Trusted Zone: bancobrasil.com.br\www

Trusted Zone: bancobrasil.com.br\www14

Trusted Zone: bancobrasil.com.br\www2

Trusted Zone: bb.com.br\www

TCP: DhcpNameServer = 187.123.95.55 187.123.95.54

FF - ProfilePath - c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\

FF - prefs.js: browser.search.defaulturl -

FF - prefs.js: browser.startup.homepage - hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal

FF - ExtSQL: 2013-10-12 08:49; WebSiteRecommendation@weliketheweb.com; c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\WebSiteRecommendation@weliketheweb.com

FF - ExtSQL: 2013-10-15 05:50; {f9d03c26-0575-497e-821d-f7956d23e0ca}; c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}

FF - ExtSQL: 2013-10-15 05:51; 7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com; c:\users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com

.

- - - - ORFÃOS REMOVIDOS - - - -

.

BHO-{fe063412-bea4-4d76-8ed3-183be6220d17} - c:\program files (x86)\BonanzaDeals\BonanzaDealsIE.dll

Toolbar-Locked - (no file)

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

Toolbar-Locked - (no file)

AddRemove-SP_703c874a - c:\program files (x86)\SaveShare\uninstall.exe

AddRemove-lollipop - c:\users\kogiro\appdata\local\lollipop\lollipop.bat

AddRemove-UpdaterEX - c:\users\kogiro\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe

.

.

.

--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]

"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Outros Processos em Execução ------------------------

.

c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe

c:\program files (x86)\BlueStacks\HD-Service.exe

c:\program files (x86)\BlueStacks\HD-Network.exe

c:\program files (x86)\BlueStacks\HD-BlockDevice.exe

c:\program files (x86)\BlueStacks\HD-SharedFolder.exe

c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

.

**************************************************************************

.

Tempo para conclusão: 2013-11-25 20:32:54 - Máquina reiniciou

ComboFix-quarantined-files.txt 2013-11-25 22:32

.

Pré-execução: 602.799.734.784 bytes disponíveis

Pós execução: 602.213.781.504 bytes disponíveis

.

- - End Of File - - 453F81FDEDFFE02317A5E246CBA4F03C

A36C5E4F47E84449FF07ED3517B43A31

Compartilhar este post


Link para o post
Compartilhar em outros sites

O problema continua aparece isso:

Não foi possível conectar-se ao servidor proxy

Menos

Servidor proxy é um servidor que atua como intermediário entre o computador e outros servidores. Agora o sistema está configurado para usar um proxy, mas Google Chrome não consegue se conectar a ele.

Se você usa um servidor proxy...

Verifique suas configurações de proxy ou entre em contato com o administrador de rede para verificar se o servidor proxy está funcionando. Se você acredita que não deve usar um servidor proxy: Vá para o menu do Google Chrome > Configurações > Mostrar configurações avançadas... > Alterar configurações de proxy... > Configurações da LAN e desmarque a opção "Usar um servidor proxy para a rede local".

Código de erro: ERR_PROXY_CONNECTION_FAILED

tipo não consigo clicar na configurações da LAN e quando uso outros computadores entra de boa nos sites de banco.

Obs: a minha internet é wifi, mais quando eu conecto o cabo da no mesmo.

Compartilhar este post


Link para o post
Compartilhar em outros sites

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Basic

Boot Device: \Device\HarddiskVolume1

Install Date: 07/07/2013 13:46:03

System Uptime: 28/11/2013 19:59:22 (2 hours ago)

.

Motherboard: Intel Corp. | | Emerald Lake

Processor: Intel® Core i7-2670QM CPU @ 2.20GHz | CPU | 792/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 699 GiB total, 559,544 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP67: 14/11/2013 09:44:11 - Instalador de Módulos do Windows

RP68: 16/11/2013 06:49:26 - Installed Java 7 Update 45

RP69: 25/11/2013 20:08:52 - ComboFix created restore point

RP70: 26/11/2013 01:02:57 - Windows Update

.

==== Installed Programs ======================

.

64 Bit HP CIO Components Installer

Adobe Bridge 1.0

Adobe Common File Installer

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Help Center 1.0

Adobe Photoshop CS2

Adobe Reader XI (11.0.05) - Português

Adobe Stock Photos 1.0

µTorrent

Atualização do produto Microsoft Office Excel 2007 Help (KB963678)

Atualização do produto Microsoft Office Outlook 2007 Help (KB963677)

Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669)

Atualização do produto Microsoft Office Word 2007 Help (KB963665)

Avira Internet Security

BlueStacks App Player

BlueStacks Notification Center

CCleaner

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

Control Center

Controle ActiveX do Windows Live Mesh para Conexões Remotas

D3DX10

Dota 2

FINAL FANTASY VII

Google Chrome

Google Update Helper

HP Deskjet 3510 series Ajuda

HP Deskjet 3510 series Estudo de aprimoramento de produtos

HP Deskjet 3510 series Software básico do dispositivo

HP FWUpdateEDO2

HP Photo Creations

HP Update

HPDiagnosticAlert

Iminent

Intel® Management Engine Components

Intel® Processor Graphics

Java 7 Update 45

Java Auto Updater

jFinanças Pessoal 2013

Junk Mail filter update

Killing Floor

Módulo de Segurança - Banco do Brasil

Mesh Runtime

Messenger Companion

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (Portuguese (Brazil)) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Portuguese (Brazil)) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Portuguese (Brazil)) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

Microsoft Office Word MUI (Portuguese (Brazil)) 2007

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Mozilla Firefox 25.0.1 (x86 pt-BR)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser (KB2758694)

MSXML 4.0 SP3 Parser (KB973685)

NirSoft Wireless Network Watcher

Pacote de Driver do Windows - TPS (tpsacpi) System (05/13/2010 1.00.00.0005)

Plus-HD-1.3

RaidCall

Realtek Ethernet Controller Driver

Realtek High Definition Audio Driver

REALTEK Wireless LAN Driver

safee Savve

SaveShare 1.74

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition

Skype™ 6.7

SoftPerfect WiFi Guard version 1.0.3

Steam

TeamSpeak 3 Client

TpsCap

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2836939)

Update for Microsoft .NET Framework 4 Extended (KB2836939v3)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825642) 32-Bit Edition

VLC media player 2.0.7

WebCake 3.00

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live Galeria de Fotos

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinRAR 4.20 (32-bit)

Wise Care 365 version 2.83

.

==== End Of File ===========================

Compartilhar este post


Link para o post
Compartilhar em outros sites

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.45.2

Run by kogiro at 21:01:49 on 2013-11-28

Microsoft Windows 7 Home Basic 6.1.7601.1.1252.55.1046.18.4010.2620 [GMT -2:00]

.

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\PROGRA~2\GbPlugin\GbpSv.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Users\kogiro\Desktop\utorrent.exe

C:\Program Files (x86)\Control Center\CCenter.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files (x86)\BlueStacks\HD-Agent.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\program files (x86)\avira\antivir desktop\avcenter.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com

mStart Page = hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal

uSearchAssistant = hxxp://www.google.com

mWinlogon: Userinit = userinit.exe

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Auxiliar de Conexão do Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: BonanzaDeals: {fe063412-bea4-4d76-8ed3-183be6220d17} -

uRun: [uTorrent] "C:\Users\kogiro\Desktop\utorrent.exe" /MINIMIZED

uRun: [iSUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup

mRun: [Control Center] C:\Program Files (x86)\Control Center\CCenter.exe

mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

mRun: [blueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

StartupFolder: C:\Users\kogiro\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: &Enviar para o OneNote - C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105

IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

LSP: C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll

TCP: NameServer = 187.123.95.55 187.123.95.54

TCP: Interfaces\{19CB5186-D624-484D-8972-46BF15456B47} : DHCPNameServer = 187.123.95.55 187.123.95.54

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll

SSODL: WebCheck - <orphaned>

SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-mStart Page = hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>

x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\

FF - prefs.js: browser.search.defaulturl -

FF - prefs.js: browser.startup.homepage - hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal

FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll

FF - plugin: C:\Users\kogiro\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll

FF - plugin: C:\Users\kogiro\AppData\Roaming\raidcall\plugins\nprcplugin.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll

FF - ExtSQL: 2013-10-12 08:49; WebSiteRecommendation@weliketheweb.com; C:\Users\kogiro\AppData\Roaming\Mozilla\Firefox\Profiles\fa2pxj8s.default\extensions\WebSiteRecommendation@weliketheweb.com

.

============= SERVICES / DRIVERS ===============

.

R0 tpsacpi;TPS Firmware Extension Device Driver;C:\Windows\System32\drivers\tpsacpi.sys [2010-6-10 12224]

R1 avfwot;avfwot;C:\Windows\System32\drivers\avfwot.sys [2013-10-19 141376]

R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2013-10-19 28600]

R1 Bfilter;Baidu Antivirus Minifilter Driver;C:\Windows\System32\drivers\Bfilter.sys [2013-10-12 46912]

R1 Bfmon;Baidu FS Monitor Driver;C:\Windows\System32\drivers\Bfmon.sys [2013-10-12 32064]

R1 Bprotect;Baidu Protect;C:\Windows\System32\drivers\Bprotect.sys [2013-10-12 100960]

R2 AntiVirFirewallService;Avira FireWall;C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe [2013-10-19 1012280]

R2 AntiVirMailService;Avira Mail Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [2013-10-19 948296]

R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-10-19 440376]

R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-10-19 440376]

R2 AntiVirWebService;Avira Web Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe [2013-10-19 1164360]

R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2013-10-19 106904]

R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-9-19 70984]

R2 GbpSv;Gbp Service;C:\PROGRA~2\GbPlugin\GbpSv.exe [2013-10-22 452136]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-6-12 2655768]

R3 avfwim;AvFw Packet Filter Miniport;C:\Windows\System32\drivers\avfwim.sys [2013-10-19 114608]

R3 IntcDAud;Áudio do vídeo Intel®;C:\Windows\System32\drivers\IntcDAud.sys [2010-10-14 317440]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-10-8 883928]

R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2012-6-12 1142376]

S2 bonanzadealslive;Serviço do BonanzaDealsLive (bonanzadealslive);C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe /svc --> C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [?]

S2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-9-19 393032]

S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-9-19 384840]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 KMSServerService;KMS Server Service;C:\Windows\KMSServerService\KMS Server Service.exe DefaultPort DefaultKMSPID KillProcessOnPort --> C:\Windows\KMSServerService\KMS Server Service.exe DefaultPort DefaultKMSPID KillProcessOnPort [?]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-7-25 162672]

S2 SProtection;SProtection;C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe --> C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [?]

S2 WajamUpdater;WajamUpdater;"C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe" --> C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [?]

S2 WiseBootAssistant;Wise Boot Assistant;C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [2013-10-6 580232]

S3 bonanzadealslivem;Serviço do BonanzaDealsLive (bonanzadealslivem);C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe /medsvc --> C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [?]

S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-6-12 48488]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]

S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-11-26 111616]

S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);C:\Windows\System32\drivers\ss_bbus.sys [2009-9-19 127488]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]

S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2013-11-25 22:26:35 -------- d-sh--w- C:\$RECYCLE.BIN

2013-11-25 22:08:41 208896 ----a-w- C:\Windows\MBR.exe

2013-11-25 22:08:40 98816 ----a-w- C:\Windows\sed.exe

2013-11-25 22:08:40 256000 ----a-w- C:\Windows\PEV.exe

2013-11-22 22:10:54 -------- d-----w- C:\AdwCleaner

2013-11-22 22:00:05 -------- d-----w- C:\Windows\ERUNT

2013-11-16 08:54:24 -------- d-----w- C:\ProgramData\Oracle

2013-11-16 08:50:48 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-11-14 01:24:14 1474048 ----a-w- C:\Windows\System32\crypt32.dll

2013-11-14 01:24:14 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll

2013-11-14 01:22:55 404480 ----a-w- C:\Windows\System32\gdi32.dll

2013-11-14 01:22:55 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll

2013-11-14 01:21:08 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL

2013-11-14 01:21:07 830464 ----a-w- C:\Windows\System32\nshwfp.dll

2013-11-14 01:21:07 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll

2013-11-14 01:21:07 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL

2013-11-14 01:21:07 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL

2013-11-01 23:52:21 -------- d-----w- C:\Users\kogiro\AppData\Local\{6BF3BF08-D0C1-4C19-8BD4-26F95FD2C378}

2013-11-01 23:50:48 -------- d-----w- C:\ProgramData\{6BF3BF08-D0C1-4C19-8BD4-26F95FD2C378}

2013-11-01 23:50:42 -------- d-----w- C:\Users\kogiro\AppData\Local\Cenize

2013-11-01 23:50:38 -------- d-----w- C:\Program Files (x86)\jFinanças Pessoal 2013

.

==================== Find3M ====================

.

2013-11-28 21:48:13 31088 ----a-w- C:\Windows\SysWow64\drivers\gbpndisrd.sys

2013-11-26 04:51:08 83160 ----a-w- C:\Windows\System32\drivers\avnetflt.sys

2013-11-26 04:51:08 28600 ----a-w- C:\Windows\System32\drivers\avkmgr.sys

2013-11-26 04:51:08 106904 ----a-w- C:\Windows\System32\drivers\avgntflt.sys

2013-10-08 02:11:32 883928 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys

2013-10-08 02:11:32 74456 ----a-w- C:\Windows\System32\RtNicProp64.dll

2013-10-08 02:11:32 108760 ----a-w- C:\Windows\System32\RTNUninst64.dll

2013-10-08 00:08:52 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-10-08 00:08:51 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll

2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll

2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll

2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll

2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll

2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll

2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys

2013-09-27 22:01:03 106648 ----a-w- C:\Windows\System32\drivers\GRD.sys

2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll

2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll

2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll

2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll

2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll

2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll

2013-09-25 02:14:01 16504 ----a-w- C:\Windows\System32\drivers\GdPhyMem.sys

2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll

2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll

2013-09-25 01:53:58 59768 ----a-w- C:\Windows\System32\drivers\PktIcpt.sys

2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe

2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll

2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll

2013-09-04 12:12:11 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2013-09-04 12:11:51 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys

2013-09-04 12:11:49 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2013-09-04 12:11:43 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2013-09-04 12:11:43 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2013-09-04 12:11:42 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2013-09-04 12:11:40 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys

2013-09-03 17:35:10 278800 ------w- C:\Windows\System32\MpSigStub.exe

.

============= FINISH: 21:02:42,95 ===============

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro kogiro00

Pelo jeito tinha algumas extensões maliciosas ;)

Desinstale o programa Iminent

Faça o download do Malwarebytes Anti-Malware:

  • Link1
  • Link alternativo
    • Clique duas vezes em mbam-setup.exe, escolha a linguagem e siga as instruções para o software ser instalado.
    • Certifique-se que esteja marcada a caixa Atualizar Malwarebytes Anti-Malware e Executar Malwarebytes Anti-Malware, e clique em concluir.
    • Se existirem atualizações, elas serão baixadas e instaladas.
    • Quando as atualizações terminarem, abrirá uma janela do programa. Marque "Verificação Rápida", e depois clique no botão Verificar.
    • O scan iniciará e poderá ser demorado. Por favor seja paciente.
    • Quando o scan estiver completo, clique em Ok, depois em Mostrar Resultados para ver o log.
    • Se algo for encontrado, certifique-se que tudo está marcado e clique em Remover.
    • Quando a desinfecção terminar, automaticamente um log surgirá aberto num documento do Bloco de Notas e pode ser questionado para reiniciar o PC. (Leia a nota)
    • O log é automaticamente guardado e pode ser consultado clicando na tab Logs do menu principal.
    • Copie e cole o conteúdo desse log na sua próxima resposta.

Nota: Em infecções mais complicadas, poderá haver a necessidade de reiniciar o PC. Caso lhe seja pedido para reiniciar, por favor, faça-o imediatamente.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Malwarebytes Anti-Malware (Trial) 1.75.0.1300

www.malwarebytes.org

Versão da Base de Dados: v2013.11.30.04

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 11.0.9600.16428

kogiro :: KOGIRO-WIN [administrador]

Proteção: Permitir

30/11/2013 14:46:58

MBAM-log-2013-11-30 (15-00-53).txt

Tipo de Verificação: Verificação Rápida

Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM

Opções de verificação desativadas: P2P

Objetos escaneados: 212650

Tempo decorrido: 8 minuto(s), 39 segundo(s)

Processos de Memória Detectados: 2

C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe (PUP.Optional.BonanzaDeals.A) -> 3008 -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe (PUP.Optional.BonanzaDeals.A) -> 1312 -> Nenhuma ação foi feita.

Módulos de Memória Detectados: 1

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdate.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

Chaves de Registro Detectadas: 95

HKLM\SYSTEM\CurrentControlSet\Services\bonanzadealslive (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BONANZADEALSLIVE.EXE (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{fe063412-bea4-4d76-8ed3-183be6220d17} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063412-BEA4-4D76-8ED3-183BE6220D17} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063412-BEA4-4D76-8ED3-183BE6220D17} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063412-BEA4-4D76-8ED3-183BE6220D17} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\AppID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\BonanzaDealsLiveUpdate.Update3COMClassService.1.0 (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\BonanzaDealsLiveUpdate.Update3COMClassService (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\AppID\{D34F391D-4CB7-467F-A543-F583857C63B0} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{D34F391D-4CB7-467F-A543-F583857C63B0} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc.1.0 (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7} (PUP.Optional.Iminent.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{118E1BF6-6279-432F-A285-373A77B90C7A} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\BonanzaDealsLiveUpdate.Update3WebSvc.1.0 (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\BonanzaDealsLiveUpdate.Update3WebSvc (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{14CEEA2F-3D21-46ED-A7D2-89056C520E5E} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\BonanzaDealsLiveUpdate.ProcessLauncher.1.0 (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\BonanzaDealsLiveUpdate.ProcessLauncher (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{1CC8D970-F626-4F19-815F-890032BB6606} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\BonanzaDealsLiveUpdate.Update3WebMachine.1.0 (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\BonanzaDealsLiveUpdate.Update3WebMachine (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{29494049-211F-4F5C-8545-7DA8BF7A6CF8} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\BonanzaDealsLive.OneClickCtrl.9 (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29494049-211F-4F5C-8545-7DA8BF7A6CF8} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{29494049-211F-4F5C-8545-7DA8BF7A6CF8} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{33BAF587-9647-4281-A34F-F4830CDC1B9F} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\BonanzaDealsLive.OneClickProcessLauncherMachine.1.0 (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\BonanzaDealsLive.OneClickProcessLauncherMachine (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33BAF587-9647-4281-A34F-F4830CDC1B9F} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{5B5E5D0E-7C83-4A32-ADD2-E5F488DD6783} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5} (PUP.Optional.Wajam.A) -> Nenhuma ação foi feita.

HKCR\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D} (PUP.Optional.Wajam.A) -> Nenhuma ação foi feita.

HKCR\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2} (PUP.Optional.Wajam.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{6802463D-636F-41FE-9924-4CAD56906590} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine.1.0 (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{806785D0-375F-4C2C-92E3-B8EE65D28E83} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{944661E7-67B9-4DF7-BFF2-05388C166D34} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\BonanzaDealsLiveUpdate.CoreMachineClass.1 (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\BonanzaDealsLiveUpdate.CoreMachineClass (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} (PUP.Optional.Iminent.A) -> Nenhuma ação foi feita.

HKCR\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC} (PUP.Optional.Iminent.A) -> Nenhuma ação foi feita.

HKCR\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5} (PUP.Optional.Iminent.A) -> Nenhuma ação foi feita.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} (PUP.Optional.Iminent.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam) -> Nenhuma ação foi feita.

HKCR\CLSID\{A7CF66EF-4F0D-46B1-AF71-A500378D6C34} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\BonanzaDealsLiveUpdate.CoreClass.1 (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\BonanzaDealsLiveUpdate.CoreClass (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{B71934E5-6B93-448D-9D32-CBAA5150C5D8} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback.1.0 (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{C4BEF720-313C-420A-ACF6-77DD95D8F553} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\BonanzaDealsLive.Update3WebControl.3 (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4BEF720-313C-420A-ACF6-77DD95D8F553} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C4BEF720-313C-420A-ACF6-77DD95D8F553} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{E970727E-0508-4BEB-8B72-BBA9D0D047C7} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\BonanzaDealsLiveUpdate.CoCreateAsync.1.0 (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\BonanzaDealsLiveUpdate.CoCreateAsync (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{EBF1F869-D2F0-4D31-A877-386C853A9C3D} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\BonanzaDealsLiveUpdate.CredentialDialogMachine.1.0 (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\BonanzaDealsLiveUpdate.CredentialDialogMachine (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{F3CF4912-CF0A-451B-AF3B-C4F216C715E4} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\CLSID\{F904AC50-215C-42AB-A532-77E9FDBA9B19} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\BonanzaDealsLiveUpdate.Update3WebMachineFallback.1.0 (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\BonanzaDealsLiveUpdate.Update3WebMachineFallback (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Nenhuma ação foi feita.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{AF6B0594-6008-4327-93E5-608AD710A6FA} (PUP.Optional.WebCake.A) -> Nenhuma ação foi feita.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA} (PUP.Optional.WebCake.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA} (PUP.Optional.WebCake.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0af350d9-3916-454b-ac53-0b0b65f41301} (PUP.Optional.Iminent.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} (PUP.Optional.Iminent.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2D33ED6-EBBD-467C-BF6F-F175D9B51363} (PUP.Optional.DefaultTab.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77} (PUP.Optional.DefaultTab.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A} (PUP.Funmoods) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} (PUP.Optional.Iminent.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{924C3DC2-8E4E-432E-F973-9A2174A39774} (PUP.Optional.SilentInstall.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bonanza Deals (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCR\AppID\BonanzaDealsLive.exe (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCU\SOFTWARE\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCU\SOFTWARE\BONANZADEALS (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Plus-HD-1.3 (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Plus-HD-2.3 (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\BONANZADEALS (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3 (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9 (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKLM\SYSTEM\CurrentControlSet\Services\bonanzadealslivem (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

HKLM\SYSTEM\CurrentControlSet\Services\WajamUpdater (PUP.Optional.Wajam.A) -> Nenhuma ação foi feita.

HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPROTECTION (PUP.Optional.Iminent.A) -> Nenhuma ação foi feita.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-1.3 (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

Valores de Registro Detectadas: 4

HKCU\SOFTWARE\BonanzaDeals|ChromeCrxPath (PUP.Optional.BonanzaDeals.A) -> Data: C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx -> Nenhuma ação foi feita.

HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: zr1O1I1S2WtM0U0EtR0A1Q2Y2X -> Nenhuma ação foi feita.

HKLM\SOFTWARE\BonanzaDeals|ChromeCrxPath (PUP.Optional.BonanzaDeals.A) -> Data: C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx -> Nenhuma ação foi feita.

HKLM\SYSTEM\CurrentControlSet\Services\SProtection|ImagePath (PUP.Optional.Iminent.A) -> Data: C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe -> Nenhuma ação foi feita.

Itens de Dados no Registro Detectadas: 0

(Não foram detectados ítens maliciosos)

Pastas Detectadas: 23

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent (PUP.Optional.Iminent.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDeals (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Users\kogiro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\ProgramData\safee Savve (PUP.Optional.MultiPlug.A) -> Nenhuma ação foi feita.

C:\ProgramData\safee Savve\data (PUP.Optional.MultiPlug.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Plus-HD-1.3 (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Plus-HD-2.3 (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

C:\ProgramData\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\ProgramData\BonanzaDealsLive\Update (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\ProgramData\BonanzaDealsLive\Update\Log (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Users\kogiro\AppData\Local\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Users\kogiro\AppData\Local\BonanzaDealsLive\CrashReports (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Users\kogiro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Users\kogiro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj\3.5.0.0_0 (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Users\kogiro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj\3.5.0.0_0\images (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\CrashReports (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0 (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\Download (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\Install (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\Offline (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\Offline\{1BA2E3AA-68D1-48C3-B900-C275076C893E} (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

Arquivos Detectados: 119

C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdate.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\psmachine.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\ProgramData\safee Savve\uninstall.exe (PUP.Optional.SilentInstall.A) -> Nenhuma ação foi feita.

C:\Users\kogiro\AppData\Local\Temp\is701137889\55197152_stp\bd.exe (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Windows\Installer\9e4d7a.msi (PUP.Optional.Iminent.A) -> Nenhuma ação foi feita.

C:\Users\Public\Desktop\Control Center.lnk (Rogue.ControlCenter) -> Nenhuma ação foi feita.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\SearchTheWeb.lnk (PUP.Optional.Iminent.A) -> Nenhuma ação foi feita.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\Blog.lnk (PUP.Optional.Iminent.A) -> Nenhuma ação foi feita.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\FAQ.lnk (PUP.Optional.Iminent.A) -> Nenhuma ação foi feita.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\Help.lnk (PUP.Optional.Iminent.A) -> Nenhuma ação foi feita.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\Iminent.lnk (PUP.Optional.Iminent.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.xpi (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE64.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDeals\BonanzaDealsUpdate.exe (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDeals\BonanzaDealsUpdateRun.exe (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDeals\icon.ico (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDeals\uninst.exe (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Users\kogiro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals\Bonanza Deals Help.url (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Users\kogiro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals\Bonanza Deals.url (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Users\kogiro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals\Uninstall Bonanza Deals.lnk (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\ProgramData\safee Savve\520176d0afc57.tlb (PUP.Optional.MultiPlug.A) -> Nenhuma ação foi feita.

C:\ProgramData\safee Savve\settings.ini (PUP.Optional.MultiPlug.A) -> Nenhuma ação foi feita.

C:\ProgramData\safee Savve\data\safee Savve.dat (PUP.Optional.MultiPlug.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Plus-HD-1.3\31257.crx (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Plus-HD-1.3\31257.xpi (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Plus-HD-1.3\background.html (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Plus-HD-1.3\Installer.log (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-bg.exe (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-bho.dll (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-buttonutil.dll (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-buttonutil.exe (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-buttonutil64.dll (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-buttonutil64.exe (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-chromeinstaller.exe (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-codedownloader.exe (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-enabler.exe (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-firefoxinstaller.exe (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-helper.exe (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-updater.exe (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3.ico (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Plus-HD-1.3\Uninstall.exe (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Plus-HD-1.3\utils.exe (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Plus-HD-2.3\33426.crx (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Plus-HD-2.3\33426.xpi (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-firefoxinstaller.exe (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Plus-HD-2.3\Uninstall.exe (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\Plus-HD-2.3\utils.exe (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

C:\ProgramData\BonanzaDealsLive\Update\Log\BonanzaDealsLive.log (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Users\kogiro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj\3.5.0.0_0\background.js (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Users\kogiro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj\3.5.0.0_0\manifest.json (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Users\kogiro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj\3.5.0.0_0\images\icon128.png (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Users\kogiro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj\3.5.0.0_0\images\icon16.png (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Users\kogiro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj\3.5.0.0_0\images\icon48.png (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\BonanzaDealsLive.exe (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\BonanzaDealsLiveBroker.exe (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\BonanzaDealsLiveHandler.exe (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\BonanzaDealsLiveHelper.msi (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\BonanzaDealsLiveOnDemand.exe (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_am.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ar.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_bg.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_bn.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ca.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_cs.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_da.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_de.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_el.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_en-GB.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_en.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_es-419.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_es.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_et.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_fa.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_fi.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_fil.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_fr.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_gu.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_hi.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_hr.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_hu.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_id.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_is.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_it.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_iw.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ja.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_kn.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ko.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_lt.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_lv.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ml.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_mr.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ms.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_nl.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_no.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_pl.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_pt-BR.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_pt-PT.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ro.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ru.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_sk.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_sl.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_sr.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_sv.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_sw.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ta.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_te.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_th.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_tr.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_uk.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ur.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_vi.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_zh-CN.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_zh-TW.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\psuser.dll (PUP.Optional.BonanzaDeals.A) -> Nenhuma ação foi feita.

(fim)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro kogiro00

Faça o download do Kaspersky AVP Tool de um desses links:

Alternativa 1

Alternativa 2

  • Você será direcionado a uma página da Kaspersky, solicitando um email para cadastro, nome e sobrenome.
  • Somente o campo "email" é obrigatório.
  • Informe seu email depois clique no botão Submit Form.
  • A página será recarregada. Clique no botão Download
  • Salve-o em sua área de trabalho (Desktop).
  • Execute o arquivo e aguarde a instalação.
    • ** Usuários do Windows Vista e Windows 7: Clique com o direito sobre o arquivo, depois clique em Executar como administrador

  • Na tela do contrato de licença, marque a opção I accept the license agreement e depois clique no botão Start.
  • Aparentemente o programa congela e nada acontece. É normal, apenas aguarde até aparecer a tela inicial do programa, e então clique no ícone Settings:

KRT_settings.png

Nesta tela, marque a caixa ao lado de:

  • Meu Computador;
  • Disco local (C:);
  • Marque também todas as unidades que aparecem abaixo de Disco Local, caso houverem;
  • Depois clique na aba Automatic Scan.

KRT_install2_.png

  • De volta à tela inicial do programa, clique no botão Start scanning;
  • Tenha paciência, é um pouco demorado;
  • Quando terminar, caso tenha detectado algo, o programa irá lhe perguntar o que fazer;
  • Marque o quadradinho ao lado de Apply to all objects e depois clique em Skip (queremos apenas o log).

KRT_detection_.png

Uma vez finalizado o scan, proceda da seguinte forma:

  1. Na tela principal, caso tenha sido detectado algo, então salve o log.
  2. Se você fechar o programa e esquecer de salvar o log, terá que repetir todo o scan novamente.
  3. Para salvar o log, clique no ícone Reports (ao lado do ícone "Settings").
  4. Na próxima janela, clique em Detected Threats, depois clique no ícone de disquete para salvar o log.
  5. Escolha um local de fácil acesso e salve como log.txt
  6. Copie todo o conteúdo desse bloco de notas e cole em sua próxima resposta.
  7. Se nada for detectado, então não precisa salvar o log, apenas avise.
  8. Para sair do programa, basta clicar no X no canto superior direito.

Observações:
Enquanto durar o scan, a tela inicial exibirá uma barra de progresso. Quando terminar, o programa exibirá o status concluído e um botão que ficará na cor
laranja
, caso nada tenha sido detectado; e na cor
vermelha
, caso tenha encontrado algo. Caso tenha detectado algo, o programa também exibirá uma tela de alerta, avisando que o seu sistema está desprotegido e sugerindo um produto da Kaspersky. Clique no botão
No, thanks
.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×