Vai logs do ZHP e do Adwclener e JRT.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (ZHP)
# AdwCleaner v4.109 - Relatório criado 02/02/2015 às 11:07:11
# Atualizado 24/01/2015 por Xplode
# Database : 2015-01-26.1 [Live]
# Sistema Operacional : Windows 7 Professional Service Pack 1 (32 bits)
# Usuário : Thamirys - THAMIRYS-PC
# Executando de : C:\Users\Thamirys\Downloads\adwcleaner_4.109.exe
# Opção : Limpar
***** [ Serviços ] *****
Serviço Deletada : IHProtect Service
Serviço Deletada : {3f6dc02a-32f1-4a7f-a53e-19dfac9f0741}Gw
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\WindowsMangerProtect
Pasta Deletada : C:\ProgramData\ZombieNews
Pasta Deletada : C:\ProgramData\IHProtectUpDate
Pasta Deletada : C:\Program Files\predm
Pasta Deletada : C:\Program Files\XTab
Pasta Deletada : C:\Users\Thamirys\AppData\Local\ZombieNews
Pasta Deletada : C:\Users\Thamirys\AppData\Local\wincheck
Pasta Deletada : C:\Users\Thamirys\AppData\Roaming\AnyProtectEx
Pasta Deletada : C:\Users\Thamirys\AppData\Roaming\Mozilla\Firefox\Profiles\j0um7qpp.default\Extensions\fftoolbar2014@etech.com
Arquivo Deletada : C:\Windows\patsearch.bin
Arquivo Deletada : C:\Windows\system32\drivers\Msft_Kernel_webinstrNHKT_01009.Wdf
Arquivo Deletada : C:\Windows\system32\drivers\{3f6dc02a-32f1-4a7f-a53e-19dfac9f0741}Gw.sys
Arquivo Deletada : C:\Users\Thamirys\AppData\Local\Temp\Uninstall.exe
Arquivo Deletada : C:\Users\Thamirys\AppData\Roaming\Mozilla\Firefox\Profiles\j0um7qpp.default\foxydeal.sqlite
Arquivo Deletada : C:\Users\Thamirys\AppData\Roaming\Mozilla\Firefox\Profiles\j0um7qpp.default\user.js
Arquivo Deletada : C:\Users\Thamirys\AppData\Roaming\Mozilla\Firefox\Profiles\j0um7qpp.default\searchplugins\mystartsearch.xml
***** [ Tarefas ] *****
Tarefa Deletedo : APSnotifierPP1
Tarefa Deletedo : APSnotifierPP2
Tarefa Deletedo : APSnotifierPP3
Tarefa Deletedo : Run_Bobby_Browser
Tarefa Deletedo : PostPoneInstall
***** [ Atalhos ] *****
***** [ Registro ] *****
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [fftoolbar2014@etech.com]
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [WinCheck]
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Chave Deletedo : HKCU\Software\AnyProtect
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\TutoTag
Chave Deletedo : HKCU\Software\BoBrowser
Chave Deletedo : HKCU\Software\foxydeal
Chave Deletedo : HKCU\Software\AppDataLow\foxydeal
Chave Deletedo : HKCU\Software\AppDataLow\Software\BlockAndSurf
Chave Deletedo : HKCU\Software\AppDataLow\Software\DynConIE
Chave Deletedo : HKLM\SOFTWARE\omiga-plusSoftware
Chave Deletedo : HKLM\SOFTWARE\SupDp
Chave Deletedo : HKLM\SOFTWARE\SupTab
Chave Deletedo : HKLM\SOFTWARE\supWindowsMangerProtect
Chave Deletedo : HKLM\SOFTWARE\Tutorials
Chave Deletedo : HKLM\SOFTWARE\Clara
Chave Deletedo : HKLM\SOFTWARE\mystartsearchSoftware
Chave Deletedo : HKLM\SOFTWARE\GAMESDESKTOP
Chave Deletedo : HKLM\SOFTWARE\IHProtect
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZombieNews
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I - Cinema
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\omiga-plus.com
***** [ Navegadores ] *****
-\\ Internet Explorer v8.0.7601.17514
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v35.0.1 (x86 pt-BR)
[j0um7qpp.default\prefs.js] - Linha deletada : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[j0um7qpp.default\prefs.js] - Linha deletada : user_pref("browser.search.defaultenginename", "mystartsearch");
[j0um7qpp.default\prefs.js] - Linha deletada : user_pref("browser.search.searchengine.iconURL", "hxxp://isearch.<HTML>web/favicon.ico");
[j0um7qpp.default\prefs.js] - Linha deletada : user_pref("browser.search.searchengine.url", "hxxp://isearch.<HTML>web/?type=dspp&q={searchTerms}");
[j0um7qpp.default\prefs.js] - Linha deletada : user_pref("browser.startup.homepage", "hxxp://isearch.<HTML>?type=hppppppppppppppppp");
[j0um7qpp.default\prefs.js] - Linha deletada : user_pref("extensions.quick_start.enable_search1", false);
[j0um7qpp.default\prefs.js] - Linha deletada : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
-\\ Google Chrome v
[C:\Users\Thamirys\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[C:\Users\Thamirys\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[C:\Users\Thamirys\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[C:\Users\Thamirys\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[C:\Users\Thamirys\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[C:\Users\Thamirys\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[C:\Users\Thamirys\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
-\\ Opera v27.0.1689.54
[C:\Users\Thamirys\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[C:\Users\Thamirys\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[C:\Users\Thamirys\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[C:\Users\Thamirys\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[C:\Users\Thamirys\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[C:\Users\Thamirys\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[C:\Users\Thamirys\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*************************
AdwCleaner[R0].txt - [9397 octets] - [02/02/2015 11:05:13]
AdwCleaner[S0].txt - [9835 octets] - [02/02/2015 11:07:11]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9895 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.9 (08.27.2015:1)
OS: Windows 7 Professional x86
Ran by Thamirys on 29/08/2015 at 15:12:09,31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\gmsd_br_173
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update Browser Good
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Util Browser Good
~~~ Files
Successfully deleted: [File] C:\ProgramData\Arafwnevnejo\1.0.1.0\iaclucee.exe
~~~ Folders
Successfully deleted: [Folder] C:\ProgramData\t122078ed
Successfully deleted: [Folder] C:\users\Public\Documents\downloaded installers
Successfully deleted: [Folder] C:\Users\Thamirys\Appdata\Local\zombienews
~~~ FireFox
Successfully deleted the following from C:\Users\Thamirys\AppData\Roaming\mozilla\firefox\profiles\j0um7qpp.default\prefs.js
user_pref(browser.search.searchengine.alias, );
user_pref(browser.search.searchengine.desc, this is my first firefox searchEngine);
user_pref(browser.search.searchengine.name, );
user_pref(browser.search.searchengine.ptid, );
user_pref(browser.search.searchengine.uid, );
~~~ Chrome
[C:\Users\Thamirys\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Thamirys\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Thamirys\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Thamirys\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29/08/2015 at 15:14:52,53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (ZHP)
# AdwCleaner v4.109 - Relatório criado 02/02/2015 às 11:07:11
# Atualizado 24/01/2015 por Xplode
# Database : 2015-01-26.1 [Live]
# Sistema Operacional : Windows 7 Professional Service Pack 1 (32 bits)
# Usuário : Thamirys - THAMIRYS-PC
# Executando de : C:\Users\Thamirys\Downloads\adwcleaner_4.109.exe
# Opção : Limpar
***** [ Serviços ] *****
Serviço Deletada : IHProtect Service
Serviço Deletada : {3f6dc02a-32f1-4a7f-a53e-19dfac9f0741}Gw
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\WindowsMangerProtect
Pasta Deletada : C:\ProgramData\ZombieNews
Pasta Deletada : C:\ProgramData\IHProtectUpDate
Pasta Deletada : C:\Program Files\predm
Pasta Deletada : C:\Program Files\XTab
Pasta Deletada : C:\Users\Thamirys\AppData\Local\ZombieNews
Pasta Deletada : C:\Users\Thamirys\AppData\Local\wincheck
Pasta Deletada : C:\Users\Thamirys\AppData\Roaming\AnyProtectEx
Pasta Deletada : C:\Users\Thamirys\AppData\Roaming\Mozilla\Firefox\Profiles\j0um7qpp.default\Extensions\fftoolbar2014@etech.com
Arquivo Deletada : C:\Windows\patsearch.bin
Arquivo Deletada : C:\Windows\system32\drivers\Msft_Kernel_webinstrNHKT_01009.Wdf
Arquivo Deletada : C:\Windows\system32\drivers\{3f6dc02a-32f1-4a7f-a53e-19dfac9f0741}Gw.sys
Arquivo Deletada : C:\Users\Thamirys\AppData\Local\Temp\Uninstall.exe
Arquivo Deletada : C:\Users\Thamirys\AppData\Roaming\Mozilla\Firefox\Profiles\j0um7qpp.default\foxydeal.sqlite
Arquivo Deletada : C:\Users\Thamirys\AppData\Roaming\Mozilla\Firefox\Profiles\j0um7qpp.default\user.js
Arquivo Deletada : C:\Users\Thamirys\AppData\Roaming\Mozilla\Firefox\Profiles\j0um7qpp.default\searchplugins\mystartsearch.xml
***** [ Tarefas ] *****
Tarefa Deletedo : APSnotifierPP1
Tarefa Deletedo : APSnotifierPP2
Tarefa Deletedo : APSnotifierPP3
Tarefa Deletedo : Run_Bobby_Browser
Tarefa Deletedo : PostPoneInstall
***** [ Atalhos ] *****
***** [ Registro ] *****
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [fftoolbar2014@etech.com]
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [WinCheck]
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Chave Deletedo : HKCU\Software\AnyProtect
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\TutoTag
Chave Deletedo : HKCU\Software\BoBrowser
Chave Deletedo : HKCU\Software\foxydeal
Chave Deletedo : HKCU\Software\AppDataLow\foxydeal
Chave Deletedo : HKCU\Software\AppDataLow\Software\BlockAndSurf
Chave Deletedo : HKCU\Software\AppDataLow\Software\DynConIE
Chave Deletedo : HKLM\SOFTWARE\omiga-plusSoftware
Chave Deletedo : HKLM\SOFTWARE\SupDp
Chave Deletedo : HKLM\SOFTWARE\SupTab
Chave Deletedo : HKLM\SOFTWARE\supWindowsMangerProtect
Chave Deletedo : HKLM\SOFTWARE\Tutorials
Chave Deletedo : HKLM\SOFTWARE\Clara
Chave Deletedo : HKLM\SOFTWARE\mystartsearchSoftware
Chave Deletedo : HKLM\SOFTWARE\GAMESDESKTOP
Chave Deletedo : HKLM\SOFTWARE\IHProtect
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZombieNews
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I - Cinema
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\omiga-plus.com
***** [ Navegadores ] *****
-\\ Internet Explorer v8.0.7601.17514
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v35.0.1 (x86 pt-BR)
[j0um7qpp.default\prefs.js] - Linha deletada : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[j0um7qpp.default\prefs.js] - Linha deletada : user_pref("browser.search.defaultenginename", "mystartsearch");
[j0um7qpp.default\prefs.js] - Linha deletada : user_pref("browser.search.searchengine.iconURL", "hxxp://isearch.<HTML>web/favicon.ico");
[j0um7qpp.default\prefs.js] - Linha deletada : user_pref("browser.search.searchengine.url", "hxxp://isearch.<HTML>web/?type=dspp&q={searchTerms}");
[j0um7qpp.default\prefs.js] - Linha deletada : user_pref("browser.startup.homepage", "hxxp://isearch.<HTML>?type=hppppppppppppppppp");
[j0um7qpp.default\prefs.js] - Linha deletada : user_pref("extensions.quick_start.enable_search1", false);
[j0um7qpp.default\prefs.js] - Linha deletada : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
-\\ Google Chrome v
[C:\Users\Thamirys\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[C:\Users\Thamirys\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[C:\Users\Thamirys\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[C:\Users\Thamirys\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[C:\Users\Thamirys\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[C:\Users\Thamirys\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[C:\Users\Thamirys\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
-\\ Opera v27.0.1689.54
[C:\Users\Thamirys\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[C:\Users\Thamirys\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[C:\Users\Thamirys\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[C:\Users\Thamirys\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[C:\Users\Thamirys\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[C:\Users\Thamirys\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[C:\Users\Thamirys\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*************************
AdwCleaner[R0].txt - [9397 octets] - [02/02/2015 11:05:13]
AdwCleaner[S0].txt - [9835 octets] - [02/02/2015 11:07:11]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9895 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.9 (08.27.2015:1)
OS: Windows 7 Professional x86
Ran by Thamirys on 29/08/2015 at 15:12:09,31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\gmsd_br_173
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update Browser Good
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Util Browser Good
~~~ Files
Successfully deleted: [File] C:\ProgramData\Arafwnevnejo\1.0.1.0\iaclucee.exe
~~~ Folders
Successfully deleted: [Folder] C:\ProgramData\t122078ed
Successfully deleted: [Folder] C:\users\Public\Documents\downloaded installers
Successfully deleted: [Folder] C:\Users\Thamirys\Appdata\Local\zombienews
~~~ FireFox
Successfully deleted the following from C:\Users\Thamirys\AppData\Roaming\mozilla\firefox\profiles\j0um7qpp.default\prefs.js
user_pref(browser.search.searchengine.alias, );
user_pref(browser.search.searchengine.desc, this is my first firefox searchEngine);
user_pref(browser.search.searchengine.name, );
user_pref(browser.search.searchengine.ptid, );
user_pref(browser.search.searchengine.uid, );
~~~ Chrome
[C:\Users\Thamirys\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Thamirys\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Thamirys\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Thamirys\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29/08/2015 at 15:14:52,53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Sáb Mar 23, 2024 10:28 am por joram
» KpRm ( ... by Kernel-panik )
Ter Ago 11, 2020 9:47 pm por joram
» ESET Rogue Applications Remover ( ... by Eset.com )
Sáb Ago 01, 2020 7:49 am por joram
» PW Clean 2.7 ( ... by Doutor PW )
Ter maio 15, 2018 9:27 am por joram
» CKScanner ( ... by askey127 )
Sáb maio 05, 2018 1:12 pm por joram
» AdwCleaner ( ... by XPlode )
Seg Abr 16, 2018 8:47 am por joram
» ZHPDiag ( ... de Nicolas Coolman )
Sáb Abr 14, 2018 8:56 am por joram
» Argente - Registry Cleaner ( ... by Argente Software )
Dom Nov 19, 2017 4:36 pm por joram
» ListChkdskResult ( ... by SleepyDude )
Dom Set 24, 2017 1:39 pm por joram