Scribd Logo
Upload

Welcome to Scribd!

  • Relatorio2 06MAI2017

    Uploaded by

    ricardo
    6 views5 pages
    adwcleaner

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    adwcleaner

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    6 views5 pages

    Relatorio2 06MAI2017

    Uploaded by

    ricardo
    adwcleaner

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 5

    # AdwCleaner v6.

    046 - Relat�rio criado 06/05/2017 �s 19:15:44


    # Atualizado em 24/04/2017 por Malwarebytes
    # Banco de dados : 2017-05-05.1 [Local]
    # Sistema operacional : Windows 10 Pro (X64)
    # Usu�rio : Ricardo - RICARDO-PC
    # Executando de : C:\Users\Ricardo\Desktop\adwcleaner_6.046.exe
    # Modo: Limpo
    # Apoio : https://www.malwarebytes.com/support

    ***** [ Servi�os ] *****

    [-] Servi�o exclu�do:AppleSrv

    ***** [ Pastas ] *****

    [-] Pasta exclu�da:C:\ProgramData\245c1108


    [-] Pasta exclu�da:C:\ProgramData\289b9207-3d75-0
    [-] Pasta exclu�da:C:\ProgramData\289b9207-44e3-1
    [-] Pasta exclu�da:C:\ProgramData\97c8538f-1a31-0
    [-] Pasta exclu�da:C:\ProgramData\97c8538f-3317-1
    [-] Pasta exclu�da:C:\ProgramData\97c8538f-6247-0
    [-] Pasta exclu�da:C:\ProgramData\97c8538f-6263-1
    [-] Pasta exclu�da:C:\ProgramData\{5ed55884-212c-0}
    [-] Pasta exclu�da:C:\ProgramData\{72373e50-412c-1}
    [-] Pasta exclu�da:C:\Users\Ricardo\AppData\Local\SNARER
    [-] Pasta exclu�da:C:\Users\Ricardo\AppData\Local\Everness
    [-] Pasta exclu�da:C:\Users\Ricardo\AppData\Roaming\WinSAPSvc
    [-] Pasta exclu�da:C:\Users\Ricardo\AppData\Roaming\WinSnare
    [-] Pasta exclu�da:C:\Users\Ricardo\AppData\Roaming\Kyubey
    [-] Pasta exclu�da:C:\Program Files\f09er35s
    [-] Pasta exclu�da:C:\Users\Public\Documents\Guid
    [-] Pasta exclu�da:C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\Tencent
    [-] Pasta exclu�da:C:\Program Files (x86)\Firefox
    [#] Pasta exclu�da na reinicializa��o:C:\Users\Ricardo\AppData\Roaming\WinSnare
    [-] Pasta exclu�da:C:\Users\Ricardo\AppData\Roaming\Firefox
    [-] Pasta exclu�da:C:\Users\Ricardo\AppData\Local\Firefox
    [-] Pasta exclu�da:C:\Users\Ricardo\AppData\Roaming\clean
    [-] Pasta exclu�da:C:\Users\Ricardo\AppData\Local\SNARE
    [-] Pasta exclu�da:C:\Users\Ricardo\AppData\Local\Kitty

    ***** [ Arquivos ] *****

    [-] Arquivo exclu�do:C:\WINDOWS\SysNative\log\iSafeKrnlCall.log


    [-] Arquivo exclu�do:C:\WINDOWS\SysNative\drivers\iSafeKrnlBoot.sys
    [-] Arquivo exclu�do:C:\WINDOWS\SysNative\drivers\iSafeNetFilter.sys
    [-] Arquivo exclu�do:C:\END
    [-] Arquivo exclu�do:C:\Users\Public\Documents\temp.dat
    [-] Arquivo exclu�do:C:\Users\Public\Documents\report.dat
    [-] Arquivo exclu�do:C:\Users\Ricardo\AppData\Local\AMD\amd.exe
    [-] Arquivo exclu�do:C:\ProgramData\APPLE\APPLE APPLICATION\DEVICECFG.DLL
    [-] Arquivo exclu�do:C:\Users\Ricardo\AppData\Local\Google\Chrome\User
    Data\ChromeDefaultData\Local Storage\hxxps_pstatic.eshopcomp.com_0.localstorage
    [-] Arquivo exclu�do:C:\Users\Ricardo\AppData\Local\Google\Chrome\User
    Data\ChromeDefaultData\Local Storage\hxxps_pstatic.eshopcomp.com_0.localstorage-
    journal
    [-] Arquivo exclu�do:C:\Users\Ricardo\AppData\Local\Google\Chrome\User
    Data\ChromeDefaultData\Local Storage\hxxps_static.cmptch.com_0.localstorage
    [-] Arquivo exclu�do:C:\Users\Ricardo\AppData\Local\Google\Chrome\User
    Data\ChromeDefaultData\Local Storage\hxxps_static.cmptch.com_0.localstorage-journal
    [-] Arquivo exclu�do:C:\Users\Ricardo\AppData\Local\Google\Chrome\User
    Data\ChromeDefaultData\Local Storage\hxxp_pstatic.eshopcomp.com_0.localstorage
    [-] Arquivo exclu�do:C:\Users\Ricardo\AppData\Local\Google\Chrome\User
    Data\ChromeDefaultData\Local Storage\hxxp_pstatic.eshopcomp.com_0.localstorage-
    journal
    [-] Arquivo exclu�do:C:\Users\Ricardo\AppData\Local\Google\Chrome\User
    Data\ChromeDefaultData\Local Storage\hxxp_www.ourluckysites.com_0.localstorage
    [-] Arquivo exclu�do:C:\Users\Ricardo\AppData\Local\Google\Chrome\User
    Data\ChromeDefaultData\Local Storage\hxxp_www.ourluckysites.com_0.localstorage-
    journal
    [-] Arquivo exclu�do:C:\Users\Ricardo\AppData\Local\Google\Chrome\User
    Data\ChromeDefaultData\Local Storage\hxxp_www.trotux.com_0.localstorage
    [-] Arquivo exclu�do:C:\Users\Ricardo\AppData\Local\Google\Chrome\User
    Data\ChromeDefaultData\Local Storage\hxxp_www.trotux.com_0.localstorage-journal

    ***** [ DLL ] *****

    ***** [ WMI ] *****

    ***** [ Atalhos ] *****

    [-] Atalho desinfectado:C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start


    Menu\Programs\Accessories\Internet Explorer.lnk

    ***** [ Atividades agendadas ] *****

    [-] Tarefa eliminada:heCUMxhi76


    [-] Tarefa eliminada:{7E087F47-0E7D-780E-0A11-0F0A0809117E}
    [-] Tarefa eliminada:One System Care Task
    [-] Tarefa eliminada:Milimili
    [-] Tarefa eliminada:Windows-PG

    ***** [ Registro ] *****

    [#] Chave exclu�da na


    reinicializa��o:HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnlMon
    [#] Chave exclu�da na
    reinicializa��o:HKLM\SYSTEM\CurrentControlSet\services\isafekrnlmon
    [-] Chave
    exclu�da:HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SNARER
    [#] Chave exclu�da na reinicializa��o:[x64]
    HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SNARER
    [-] Chave
    exclu�da:HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SNARE
    [#] Chave exclu�da na reinicializa��o:[x64]
    HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SNARE
    [-] Chave exclu�da:HKLM\SOFTWARE\Classes\CLSID\{D42C3A49-ABAF-464B-BBCE-
    991C3DD395E8}
    [-] Chave exclu�da:HKLM\SOFTWARE\Classes\Interface\{BF8946CD-EEBE-436B-8282-
    B19A021C9EFE}
    [-] Chave exclu�da:HKLM\SOFTWARE\Classes\Interface\{D8CB24E3-DDA3-4B7F-8BA3-
    871DB7D3D986}
    [-] Chave exclu�da:HKLM\SOFTWARE\Classes\Interface\{F6DF4318-A699-4E88-BE1D-
    84F4A009B08A}
    [-] Chave exclu�da:HKLM\SOFTWARE\Classes\TypeLib\{38DD0B4A-E4E0-4A57-99EE-
    DCCB185B4728}
    [-] Chave exclu�da:HKLM\SOFTWARE\Classes\TypeLib\{45965C76-4C88-4512-9358-
    368483E1C3B1}
    [-] Chave exclu�da:HKU\.DEFAULT\Software\ompndb
    [-] Chave exclu�da:HKU\.DEFAULT\Software\jhtrsq
    [-] Chave exclu�da:HKU\S-1-5-21-2756271659-3555287466-2582490104-
    1000\Software\b1.org
    [-] Chave exclu�da:HKU\S-1-5-21-2756271659-3555287466-2582490104-1000\Software\One
    System Care
    [#] Chave exclu�da na reinicializa��o:HKU\S-1-5-18\Software\ompndb
    [#] Chave exclu�da na reinicializa��o:HKU\S-1-5-18\Software\jhtrsq
    [#] Chave exclu�da na reinicializa��o:HKCU\Software\b1.org
    [#] Chave exclu�da na reinicializa��o:HKCU\Software\One System Care
    [-] Chave exclu�da:HKLM\SOFTWARE\b1.org
    [-] Chave exclu�da:HKLM\SOFTWARE\ScreenShot
    [-] Chave exclu�da:HKLM\SOFTWARE\ompndb
    [-] Chave exclu�da:HKLM\SOFTWARE\amule-custom
    [-] Chave exclu�da:HKLM\SOFTWARE\SoEasySvc
    [-] Chave exclu�da:HKLM\SOFTWARE\jhtrsq
    [-] Chave exclu�da:HKLM\SOFTWARE\startpageing123Software
    [-] Chave exclu�da:HKLM\SOFTWARE\{84416237-6490-494D-9AD6-4994DD978971}
    [-] Chave exclu�da:HKLM\SOFTWARE\ourluckysitesSoftware
    [-] Chave
    exclu�da:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930
    564
    [#] Chave exclu�da na reinicializa��o:[x64] HKCU\Software\b1.org
    [#] Chave exclu�da na reinicializa��o:[x64] HKCU\Software\One System Care
    [-] Chave exclu�da:[x64] HKLM\SOFTWARE\b1.org
    [-] Chave exclu�da:[x64] HKLM\SOFTWARE\ompndb
    [-] Chave exclu�da:[x64] HKLM\SOFTWARE\jhtrsq
    [-] Chave exclu�da:[x64] HKLM\SOFTWARE\InterSect Alliance
    [-] Dados restaurados:HKU\S-1-5-21-2756271659-3555287466-2582490104-
    1000\Software\Microsoft\Internet Explorer\Main [Search Page]
    [-] Dados restaurados:HKU\S-1-5-21-2756271659-3555287466-2582490104-
    1000\Software\Microsoft\Internet Explorer\Main [Start Page]
    [-] Dados restaurados:HKU\S-1-5-21-2756271659-3555287466-2582490104-
    1000\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
    [-] Dados restaurados:HKU\S-1-5-21-2756271659-3555287466-2582490104-
    1000\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
    [-] Dados restaurados:HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
    [-] Dados restaurados:HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
    [-] Dados restaurados:HKCU\Software\Microsoft\Internet Explorer\Main
    [Default_Page_URL]
    [-] Dados restaurados:HKCU\Software\Microsoft\Internet Explorer\Main
    [Default_Search_URL]
    [-] Dados restaurados:HKLM\SOFTWARE\Microsoft\Internet Explorer\Main
    [Default_Page_URL]
    [-] Dados restaurados:HKLM\SOFTWARE\Microsoft\Internet Explorer\Main
    [Default_Search_URL]
    [-] Dados restaurados:HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
    [-] Dados restaurados:HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
    [-] Dados restaurados:[x64] HKCU\Software\Microsoft\Internet Explorer\Main [Search
    Page]
    [-] Dados restaurados:[x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start
    Page]
    [-] Dados restaurados:[x64] HKCU\Software\Microsoft\Internet Explorer\Main
    [Default_Page_URL]
    [-] Dados restaurados:[x64] HKCU\Software\Microsoft\Internet Explorer\Main
    [Default_Search_URL]
    [-] Dados restaurados:[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main
    [Default_Page_URL]
    [-] Dados restaurados:[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start
    Page]
    [-] Chave exclu�da:HKU\S-1-5-21-2756271659-3555287466-2582490104-
    1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-
    49120163DE86}
    [-] Dados restaurados:HKU\S-1-5-21-2756271659-3555287466-2582490104-
    1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-
    D776-472f-A0FF-E1416B8B2E3A}
    [#] Chave exclu�da na reinicializa��o:HKCU\Software\Microsoft\Internet
    Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
    [-] Dados restaurados:HKCU\Software\Microsoft\Internet Explorer\SearchScopes
    [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    [-] Chave exclu�da:HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
    {33BB0A4E-99AF-4226-BDF6-49120163DE86}
    [-] Dados restaurados:HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
    [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    [#] Chave exclu�da na reinicializa��o:[x64] HKCU\Software\Microsoft\Internet
    Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
    [-] Dados restaurados:[x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes
    [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    [-] Chave exclu�da:[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
    {33BB0A4E-99AF-4226-BDF6-49120163DE86}
    [-] Dados restaurados:[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
    [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    [-] Dados
    restaurados:HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\
    {8621d430-e18f-46a1-811b-a25d932db236} [NameServer]
    [-] Dados
    restaurados:HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\
    {9338fbb7-9841-451e-99b1-eb858854071a} [NameServer]
    [-] Dados
    restaurados:HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\
    {ee803142-8673-4b45-8b43-a50fdbfab728} [NameServer]
    [-] Dados restaurados:[x64]
    HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{8621d430-e18f-
    46a1-811b-a25d932db236} [NameServer]
    [-] Dados restaurados:[x64]
    HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{9338fbb7-9841-
    451e-99b1-eb858854071a} [NameServer]
    [-] Dados restaurados:[x64]
    HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{ee803142-8673-
    4b45-8b43-a50fdbfab728} [NameServer]
    [-] Chave
    exclu�da:HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C
    58C7844B47FF8B6E079E5A2220E
    [-] Chave exclu�da:HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9
    [-] Chave
    exclu�da:HKLM\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\e24b7131-
    d039-43cb-9e6f-ad4be601ec1f
    [-] Chave
    exclu�da:HKLM\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\04262113-
    2a31-48e1-b4bb-3b42174bea0f
    [#] Chave exclu�da na
    reinicializa��o:HKLM\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\e24b7131-
    d039-43cb-9e6f-ad4be601ec1f
    [#] Chave exclu�da na
    reinicializa��o:HKLM\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\04262113-
    2a31-48e1-b4bb-3b42174bea0f
    [-] Valor apagado:HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost
    [WinSAPSvc]
    [-] Chave exclu�da:HKCU\SOFTWARE\Classes\ChromeHTML
    [-] Chave exclu�da:HKCU\SOFTWARE\Clients\StartMenuInternet\ChromeHTML
    [-] Valor apagado:HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [Kitty]

    ***** [ Verificando navegadores ... ] *****

    [-] [C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Web data]


    [Search Provider] Eliminado:br.ask.com
    [-] [C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\ChromeDefaultData]
    [startup_urls] Eliminado:hxxp://www.ourluckysites.com/?
    type=hp&ts=1492647414&z=c1a2592d84b1c295339cc0fg0z6t4ocqcz0m6c0b3g&from=che0812&uid
    =WDCXWD3200BEVT-75ZCT2_WD-WXA0A69U1837U1837
    [-] [C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\ChromeDefaultData]
    [startup_urls] Eliminado:hxxp://www.ourluckysites.com/?
    type=hp&ts=1493335239&z=60873b2998a50d936a38d63g6z0t1c2c3ccw5get8c&from=che0812&uid
    =WDCXWD3200BEVT-75ZCT2_WD-WXA0A69U1837U1837
    [-] [C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\ChromeDefaultData]
    [startup_urls] Eliminado:hxxp://www.ourluckysites.com/?
    type=hp&ts=1493768151&z=7a847d38afc19d644e21c54gbzctbc4m8qdb7ebt6q&from=che0812&uid
    =WDCXWD3200BEVT-75ZCT2_WD-WXA0A69U1837U1837
    [-] [C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\ChromeDefaultData]
    [favicon_url] Eliminado:hxxp://www.startpageing123.com/searchfavicon.ico

    *************************

    :: Chaves "Tracing" exclu�das


    :: Configura��es Winsock restauradas

    *************************

    C:\AdwCleaner\AdwCleaner[C0].txt - [13267 Bytes] - [06/05/2017 19:15:44]


    C:\AdwCleaner\AdwCleaner[S0].txt - [15766 Bytes] - [06/05/2017 18:02:23]
    C:\AdwCleaner\AdwCleaner[S1].txt - [15225 Bytes] - [06/05/2017 19:10:39]

    ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [13489 Bytes] ##########

    You might also like