~ ZHPCleaner v2015.8.1.312 by Nicolas Coolman (2015/08/1) ~ Run by Evanio N Mariano (Administrator) (01/08/2015 11:48:55) ~ Site : http://www.nicolascoolman.fr ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Scanner ~ Report : C:\Users\Evanio\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Evanio\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) ~ Windows 8.1 Single Language, 64-bit (Build 9600) ---\\ Serviços (3) [S] ENCONTRADO : globalUpdate =>PUP.Optional.GlobalUpdate [S] ENCONTRADO : globalUpdatem =>PUP.Optional.GlobalUpdate [S] ENCONTRADO : wsfd_vw_1_10_0_20 =>PUP.Optional.Gen ---\\ Navegadores de Internet (3) ENCONTRADO Chrome Secure Preferences: "hxxp://br.hao123.com/?tn=sdkc_inner_hp_09_hao123_br&fr=EUsc4l0yRP999idrAAps6xFMHedVIAm3Mg%3D%3D" =>PUP.Optional.Browser ENCONTRADO IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [hxxp://www.istartsurf.com/web/?type=ds&ts=1436926343&z=261ba1af1b7391cdbbac917g5[...]] =>PUP.Optional.IsStart ENCONTRADO IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Search Page [hxxp://www.istartsurf.com/web/?type=ds&ts=1436926343&z=261ba1af1b7391cdbbac917g5[...]] =>PUP.Optional.IsStart ---\\ Arquivo hosts (1) ~ O arquivo hosts é legítimo (20) ---\\ Tarefas automáticas agendadas. (2) ENCONTRADO tarefas: [globalUpdateUpdateTaskMachineCore] [C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job] (PUP.Optional.GlobalUpdate) ENCONTRADO tarefas: [globalUpdateUpdateTaskMachineUA] [C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job] (PUP.Optional.GlobalUpdate) ---\\ Explorer ( Arquivos, Pastas) (46) ENCONTRADO pasta: C:\Users\Evanio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk [Bad : C:\Users\Evanio\AppData\Local\iLivid\iLivid.exe] =>PUP.Optional.Bandoo ENCONTRADO pasta: C:\Users\Evanio\AppData\Local\DF0604BD-97D1-47C4-AAB2-623E4D30B9D2\DF0604BD-97D1-47C4-AAB2-623E4D30B9D2.exe =>PUP.Optional.Pirrit ENCONTRADO arquivo: C:\Users\Evanio\AppData\Local\DF0604BD-97D1-47C4-AAB2-623E4D30B9D2 =>PUP.Optional.Pirrit ENCONTRADO arquivo: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DF0604BD-97D1-47C4-AAB2-623E4D30B9D2 =>PUP.Optional.Pirrit ENCONTRADO pasta: C:\Users\Evanio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk =>PUP.Optional.Bandoo ENCONTRADO pasta: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job =>PUP.Optional.GlobalUpdate ENCONTRADO pasta: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job =>PUP.Optional.GlobalUpdate ENCONTRADO pasta: C:\Windows\Prefetch\3D BUBBLESOUND.EXE-0711FD62.pf =>PUP.Optional.BubbleSound ENCONTRADO pasta: C:\Windows\Prefetch\BOBROWSER.EXE-F1D73566.pf =>PUP.Optional.BoBrowser ENCONTRADO pasta: C:\Windows\Prefetch\CROSSBROWSE.EXE-3A672F00.pf =>PUP.Optional.CrossBrowse ENCONTRADO pasta: C:\Windows\Prefetch\PACKAGE_BOBROWSER_INSTALLER_M-6A90D3AF.pf =>PUP.Optional.BoBrowser ENCONTRADO pasta: C:\Windows\Prefetch\PACKAGE_BUBBLESOUND_INSTALLER-C5D52826.pf =>PUP.Optional.BubbleSound ENCONTRADO pasta: C:\Windows\Prefetch\PACKAGE_PCROSSBROWSER_INSTALL-2EF30761.pf =>PUP.Optional.CrossBrowser ENCONTRADO arquivo: C:\BreakingNewsAlert =>PUP.Optional.BreakingNewsAlert ENCONTRADO pasta: C:\ProgramData\17423361420062902849\007121ca3d25fb73092a7bfceceb621a.ini =>PUP.Optional.CrossRider ENCONTRADO pasta: C:\ProgramData\17423361420062902849\038355bd783dcb7d092a7bfceceb621a.ini =>PUP.Optional.CrossRider ENCONTRADO pasta: C:\ProgramData\17423361420062902849\1c31b7bc8924fefa092a7bfceceb621a.ini =>PUP.Optional.CrossRider ENCONTRADO pasta: C:\ProgramData\17423361420062902849\76a5682abd2d8dac092a7bfceceb621a.ini =>PUP.Optional.CrossRider ENCONTRADO pasta: C:\ProgramData\17423361420062902849\89db013df7661b20092a7bfceceb621a.ini =>PUP.Optional.CrossRider ENCONTRADO pasta: C:\ProgramData\Browser\prompt.exe [Copyright © 2014 - Prompt] =>PUP.Optional.SpeedBrowser ENCONTRADO pasta: C:\ProgramData\Browser\prompt.exe.config =>PUP.Optional.SpeedBrowser ENCONTRADO pasta: C:\ProgramData\f1cc36e60c184a41\b91660cef92e6f82092a7bfceceb621a.ini =>PUP.Optional.CrossRider ENCONTRADO pasta: C:\ProgramData\f1cc36e60c184a41\b9b03d8e2fa397bd092a7bfceceb621a.ini =>PUP.Optional.CrossRider ENCONTRADO pasta: C:\ProgramData\f1cc36e60c184a41\{851FFBBE-65A6-03DF-0222-8B58ABEC0C48}.20150503234203 =>PUP.Optional.CrossRider ENCONTRADO arquivo: C:\ProgramData\IHProtectUpDate\update =>PUP.Optional.AgentODR ENCONTRADO arquivo: C:\ProgramData\17423361420062902849 =>PUP.Optional.CrossRider ENCONTRADO arquivo: C:\ProgramData\4562091c00007a66 =>PUP.Optional.CrossRider ENCONTRADO arquivo: C:\ProgramData\Browser =>PUP.Optional.SpeedBrowser ENCONTRADO arquivo: C:\ProgramData\f1cc36e60c184a41 =>PUP.Optional.CrossRider ENCONTRADO arquivo: C:\ProgramData\IHProtectUpDate =>PUP.Optional.AgentODR ENCONTRADO pasta: C:\Users\Evanio\Documents\Optimizer Pro\CookiesException.txt =>PUP.Optional.OptimizerPro ENCONTRADO arquivo: C:\Users\Evanio\Documents\Optimizer Pro =>PUP.Optional.OptimizerPro ENCONTRADO arquivo: C:\Users\Evanio\AppData\Local\Crossbrowse\Crossbrowse =>PUP.Optional.CrossBrowse ENCONTRADO arquivo: C:\Users\Evanio\AppData\Local\globalUpdate\CrashReports =>PUP.Optional.GlobalUpdate ENCONTRADO arquivo: C:\Users\Evanio\AppData\Local\Crossbrowse =>PUP.Optional.CrossBrowse ENCONTRADO arquivo: C:\Users\Evanio\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate ENCONTRADO arquivo: C:\Users\Estela\AppData\Roaming\DSite\UpdateProc =>PUP.Optional.SimpleSearches ENCONTRADO arquivo: C:\Users\Estela\AppData\Roaming\DSite =>PUP.Optional.SimpleSearches ENCONTRADO pasta: C:\Users\Estela\AppData\Local\BreakingNewsAlert\data2.dat =>PUP.Optional.BreakingNewsAlert ENCONTRADO arquivo: C:\Users\Estela\AppData\Local\BreakingNewsAlert =>PUP.Optional.BreakingNewsAlert ENCONTRADO arquivo: C:\Users\RachãoPraiaClube\AppData\Local\BreakingNewsAlert =>PUP.Optional.BreakingNewsAlert ENCONTRADO arquivo: C:\Users\Rachão-Rachinha\AppData\Roaming\PriceMeterUpdater\UpdateProc =>PUP.Optional.PriceMeter ENCONTRADO arquivo: C:\Users\Rachão-Rachinha\AppData\Roaming\PriceMeterUpdater =>PUP.Optional.PriceMeter ENCONTRADO arquivo: C:\Users\Rachão-Rachinha\AppData\Local\PriceMeterLiveUpdate\CrashReports =>PUP.Optional.PriceMeter ENCONTRADO arquivo: C:\Users\Rachão-Rachinha\AppData\Local\BreakingNewsAlert =>PUP.Optional.BreakingNewsAlert ENCONTRADO arquivo: C:\Users\Rachão-Rachinha\AppData\Local\PriceMeterLiveUpdate =>PUP.Optional.PriceMeter ---\\ Registro ( Chaves, Valores, Dados ) (61) ENCONTRADO chave: [X64] HKLM\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10 [globalUpdate Update] =>PUP.Optional.GlobalUpdate ENCONTRADO chave: [X64] HKLM\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4 [globalUpdate Update] =>PUP.Optional.GlobalUpdate ENCONTRADO chave: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [http://www.istartsurf.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&fr[...]] [Bing] (PUP.Optional.IsStart) ENCONTRADO chave: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} [http://www.istartsurf.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&fr[...]] [e] (PUP.Optional.IsStart) ENCONTRADO chave: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} [http://www.istartsurf.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&fr[...]] [] (PUP.Optional.IsStart) ENCONTRADO chave: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{747D42F5-1D2D-4C8B-A22A-A439A35CF639} [http://www.istartsurf.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&fr[...]] [] (PUP.Optional.IsStart) ENCONTRADO dados: HKLM\...\IEXPLORE.EXE\Shell\open\Command\\C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1436926102&z=cb58fa798f86a6c12aacd30g9zecbqeteoeq8eebde&from=smt&uid=ST1000LM024XHN-M101MBB_S2VMJ5DC801054801054 (PUP.Optional.IsStart) ENCONTRADO chave: HKLM\SYSTEM\CurrentControlSet\Services\globalUpdate [C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe (Not File)] =>PUP.Optional.GlobalUpdate ENCONTRADO chave: HKLM\SYSTEM\CurrentControlSet\Services\globalUpdatem [C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe (Not File)] =>PUP.Optional.GlobalUpdate ENCONTRADO chave: HKCU\Software\BrowserV14.07-nv [] =>Heuristic.CrossRider ENCONTRADO chave: HKCU\Software\I - Cinema-nv [] =>Heuristic.CrossRider ENCONTRADO chave: HKCU\Software\BrowserV14.07-nv-ie [] =>Heuristic.CrossRider ENCONTRADO chave: HKCU\Software\I - Cinema-nv-ie [] =>Heuristic.CrossRider ENCONTRADO chave: [X64] HKLM\SYSTEM\CurrentControlSet\Services\globalUpdate [C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe (Not File)] =>PUP.Optional.GlobalUpdate ENCONTRADO chave: [X64] HKLM\SYSTEM\CurrentControlSet\Services\globalUpdatem [C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe (Not File)] =>PUP.Optional.GlobalUpdate ENCONTRADO chave: [X64] HKLM\SYSTEM\CurrentControlSet\Services\wsfd_vw_1_10_0_20 [C:\WINDOWS\System32\drivers\wsfd_vw_1_10_0_20.sys (Not File)] =>PUP.Optional.Gen ENCONTRADO valor: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\3D BubbleSound ["C:\Program Files\BubbleSound\3D BubbleSound.exe"] =>PUP.Optional.BubbleSound ENCONTRADO chave: HKEY_USERS\S-1-5-21-122634110-2796016627-362079612-1001\Software\Conduit [] =>PUP.Optional.Conduit ENCONTRADO chave: HKCU\Software\ArenaHD [] =>PUP.Optional.CrossRider ENCONTRADO chave: HKCU\Software\BoBrowser [] =>PUP.Optional.BoBrowser ENCONTRADO chave: HKCU\Software\BrowserV14.07 [] =>PUP.Optional.CrossRider ENCONTRADO chave: HKCU\Software\BrowserV14.07-nv [] =>PUP.Optional.CrossRider ENCONTRADO chave: HKCU\Software\BrowserV14.07-nv-ie [] =>PUP.Optional.CrossRider ENCONTRADO chave: HKCU\Software\Crossbrowse [] =>PUP.Optional.CrossBrowse ENCONTRADO chave: HKCU\Software\CrossBrowser [] =>PUP.Optional.CrossBrowser ENCONTRADO chave: HKCU\Software\gamesdesktop [] =>PUP.Optional.GamesDesktop ENCONTRADO chave: HKCU\Software\globalUpdate [] =>PUP.Optional.GlobalUpdate ENCONTRADO chave: HKCU\Software\HighDefAction [] =>PUP.Optional.CrossRider ENCONTRADO chave: HKCU\Software\I - Cinema [] =>PUP.Optional.CrossRider ENCONTRADO chave: HKCU\Software\I - Cinema-nv [] =>PUP.Optional.CrossRider ENCONTRADO chave: HKCU\Software\I - Cinema-nv-ie [] =>PUP.Optional.CrossRider ENCONTRADO chave: HKCU\Software\InstalledBrowserExtensions [] =>PUP.Optional.BrowserExtensions ENCONTRADO chave: HKCU\Software\YorkNewCin [] =>PUP.Optional.CrossRider ENCONTRADO chave: HKCU\Software\AppDataLow\Software\Crossrider [] =>PUP.Optional.CrossRider ENCONTRADO chave: HKCU\Software\AppDataLow\Software\DynConIE [] =>PUP.Optional.DynConIE ENCONTRADO chave: [X64] HKLM\SOFTWARE\Classes\Applications\iLividSetup-r905-n-bi.exe [] =>PUP.Optional.Bandoo ENCONTRADO chave: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect [] =>PUP.Optional.Fuyu ENCONTRADO chave: [X64] HKLM\SOFTWARE\ArenaHD [] =>PUP.Optional.CrossRider ENCONTRADO chave: [X64] HKLM\SOFTWARE\HighDefAction [] =>PUP.Optional.CrossRider ENCONTRADO chave: [X64] HKLM\SOFTWARE\YorkNewCin [] =>PUP.Optional.CrossRider ENCONTRADO chave: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\globalupdate.exe [] =>PUP.Optional.GlobalUpdate ENCONTRADO chave: [X64] HKLM\SOFTWARE\Wow6432Node\ArenaHD [] =>PUP.Optional.CrossRider ENCONTRADO chave: [X64] HKLM\SOFTWARE\Wow6432Node\Clara [] =>PUP.Optional.SupTab ENCONTRADO chave: [X64] HKLM\SOFTWARE\Wow6432Node\Crossbrowse [] =>PUP.Optional.CrossBrowse ENCONTRADO chave: [X64] HKLM\SOFTWARE\Wow6432Node\GlobalUpdate [] =>PUP.Optional.GlobalUpdate ENCONTRADO chave: [X64] HKLM\SOFTWARE\Wow6432Node\HighDefAction [] =>PUP.Optional.CrossRider ENCONTRADO chave: [X64] HKLM\SOFTWARE\Wow6432Node\IHProtect [] =>PUP.Optional.AgentODR ENCONTRADO chave: [X64] HKLM\SOFTWARE\Wow6432Node\istartsurfSoftware [] =>PUP.Optional.IsStart ENCONTRADO chave: [X64] HKLM\SOFTWARE\Wow6432Node\SupDp [] =>PUP.Optional.SupTab ENCONTRADO chave: [X64] HKLM\SOFTWARE\Wow6432Node\supTab [] =>PUP.Optional.SupTab ENCONTRADO chave: [X64] HKLM\SOFTWARE\Wow6432Node\supWindowsMangerProtect [] =>PUP.Optional.Fuyu ENCONTRADO chave: [X64] HKLM\SOFTWARE\Wow6432Node\Tutorials [] =>PUP.Optional.AgenceExclusive ENCONTRADO chave: [X64] HKLM\SOFTWARE\Wow6432Node\WordShark_1.10.0.20 [] =>PUP.Optional.WordShark ENCONTRADO chave: [X64] HKLM\SOFTWARE\Wow6432Node\YorkNewCin [] =>PUP.Optional.CrossRider ENCONTRADO chave: [X64] HKLM\SOFTWARE\Wow6432Node\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} [] =>PUP.Optional.Graftor ENCONTRADO chave: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ScanTack_RASAPI32 [] =>PUP.Optional.Sambreel ENCONTRADO chave: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ScanTack_RASMANCS [] =>PUP.Optional.Sambreel ENCONTRADO chave: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateScanTack_RASAPI32 [] =>PUP.Optional.Sambreel ENCONTRADO chave: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateScanTack_RASMANCS [] =>PUP.Optional.Sambreel ENCONTRADO chave: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WordSharkAutoUpdateClient_RASAPI32 [] =>PUP.Optional.WordShark ENCONTRADO chave: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WordSharkAutoUpdateClient_RASMANCS [] =>PUP.Optional.WordShark ---\\ Resultado de reparação ~ Eventuais reparações feita ~ Este navegador está faltando ! (Mozilla Firefox) ~ Este navegador está faltando ! (Opera Software) ---\\ Estatísticas ~ Items scan : 77078 ~ Items encontrado : 133 ~ items cancelados : 0 ~ Items réparo : 0 End of clean in 6 minutes =================== ZHPCleaner-[S]-01082015-11_55_50.txt