Este fórum foi descontinuado. LEIA AQUI e participe da Comunidade BABOO :)

Ir para conteúdo
Mari V.

Solicitação de Análise de Logs

Mensagem Recomendada

Boa tarde! Já fiz todos os procedimentos solicitados no Tópico Oficial. Meu problema é que tive o cartão de crédito clonado, e tenho receio que meu notebook possa estar infectado. 

Segue meu log para exame:

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:25:46, on 04/05/2019
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19326)
Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Users\Mari\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Users\Mari\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Users\Mari\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=619797&PC=UE07&ocid=UE07DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Carteira Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Carteira Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [f.lux] "C:\Users\Mari\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\Mari\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05042019142435728\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05042019142435728\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05042019142435868\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05042019142435868\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-1080541947-1274502029-1557055115-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05042019142435946\..\Run: [f.lux] "C:\Users\Mari\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow (User '?')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\Windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\Windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Bitdefender Auxiliary Service (BDAuxSrv) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
O23 - Service: Bitdefender RedLine Service (bdredline) - Bitdefender - C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Serviço Área de trabalho remota do Google Chrome (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe
O23 - Service: COM+ Leg Service (COMLegService) - Unknown owner - C:\Program Files (x86)\Legendas-3.5\srvlegendas.exe
O23 - Service: DCDhcpService - Atheros Communication Inc. - C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
O23 - Service: Serviço de Gerenciamento de Dispositivos do Bitdefender (DevMgmtService) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\elevation_service.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Oasis2Service - Unknown owner - C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update service - Popcorn Time - C:\Program Files (x86)\Popcorn Time\Updater.exe
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\vuagent.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14608 bytes
 

 

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Desative temporariamente seu Antivírus.

Baixe o ZHPCleaner e salve no Desktop. (Área de Trabalho)

Usuários do Windows 7, 8, 8.1 ou 10: clique com o botão direito do mouse no ícone do Programa e selecione  executar-como-administrador.png

Dê um duplo-clique sobre o ZHPCleaner.exe.

Clique no botão Scanner.

A Ferramenta comecará o exame do seu Sistema. Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.

Ao final da Verificação, clique no botão Reparar.

Concluída a operação, um Log se abrirá. Caso isso não aconteça, clique no botão Relatório e salve o Log.

Selecione, copie e cole o conteúdo deste Log na sua próxima resposta + um novo Log do HijackThis.


assinatura-mrmillion.png65301516_windows-insider-mvp-logo(Custom).png.36263cb7b506cc6935fb37f39e504cec.png

Compartilhar este post


Link para o post
Compartilhar em outros sites

Não estou conseguindo baixar o programa, está aparecendo a mensagem 403 forbidden. 

Compartilhar este post


Link para o post
Compartilhar em outros sites
Postado (editado)

O ZHPCleaner gerou dois logs:

~ ZHPCleaner v2019.4.25.54 by Nicolas Coolman (2019/04/25)
~ Run by Mari (Administrator)  (04/05/2019 20:33:52)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Scan
~ Report : C:\Users\Mari\Desktop\ZHPCleaner (S).txt
~ Quarantine : C:\Users\Mari\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Home Basic, 64-bit Service Pack 1 (Build 7601)


---\\  Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.


---\\  Services (0)
~ No malicious or unnecessary items found.


---\\  Browser internet (0)
~ No malicious or unnecessary items found.


---\\  Hosts file (0)
~ No malicious or unnecessary items found.


---\\  Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.


---\\  Explorer ( File, Folder) (94)
FOUND file: C:\Users\Mari\Desktop\µTorrent.lnk  [Bad : C:\Users\Mari\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..)  =>BitTorrent (P2P)
FOUND file: C:\Users\Mari\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk  [Bad : C:\Users\Mari\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..)  =>BitTorrent (P2P)
FOUND file: C:\Users\Mari\AppData\Roaming\uTorrent\uTorrent.exe [BitTorrent Inc. - µTorrent]  =>BitTorrent (P2P)
FOUND file: C:\Users\Mari\Desktop\µTorrent.lnk    =>BitTorrent (P2P)
FOUND file: C:\Users\Mari\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk    =>BitTorrent (P2P)
FOUND file: C:\Windows\Installer\wix{05AE0A65-7C26-4ED7-9848-C8675849CAAE}.SchedServiceConfig.rmi    =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{14C6B17A-F825-431E-9A36-8D89E65B24C8}.SchedServiceConfig.rmi    =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}.SchedServiceConfig.rmi    =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{2F72F540-1F60-4266-9506-952B21D6640D}.SchedServiceConfig.rmi    =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{519CE4A6-64D0-4955-A17B-751645E1163B}.SchedServiceConfig.rmi    =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{67971EAD-F5D1-45A6-B281-A09D3193DB3F}.SchedServiceConfig.rmi    =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}.SchedServiceConfig.rmi    =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{786E64DA-CDC1-432B-BCAB-5912C73A72E9}.SchedServiceConfig.rmi    =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{787136D2-F0F8-4625-AA3F-72D7795AC842}.SchedServiceConfig.rmi    =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{B678797F-DF38-4556-8A31-8B818E261868}.SchedServiceConfig.rmi    =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{BB81EEBD-7942-4796-8556-0B84A6235C99}.SchedServiceConfig.rmi    =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}.SchedServiceConfig.rmi    =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{C4123106-B685-48E6-B9BD-E4F911841EB4}.SchedServiceConfig.rmi    =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{D61C8E6E-A4F3-4CD8-8568-51CEB5660C89}.SchedServiceConfig.rmi    =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}.SchedServiceConfig.rmi    =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{F51A03C4-2DD0-43B0-900F-EAD1C45DC542}.SchedServiceConfig.rmi    =>.SUP.Empty
FOUND file: C:\Windows\Installer\wix{FBB43A99-0B72-461A-A6D2-2F1B54D36B69}.SchedServiceConfig.rmi    =>.SUP.Empty
FOUND file: C:\Windows\Installer\106349.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\10766c.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\10db4ce9.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\1839b9.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\1dac695.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\1efbe6f1.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\23226c.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\2eef6d31.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\332f5daa.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\38aa5119.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\3b1ce03.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\42925a8.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\4f978449.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\510ea5e.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\55ce37c.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\5725802.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\79911bab.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\a72d4cb.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\af4f0.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\f2d0111.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\f6eeadf.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\ff0c020.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Users\Mari\AppData\Local\Temp\Tmp1C28.tmp    =>.SUP.Temporary.Other
FOUND file: C:\Program Files (x86)\Popcorn Time\init.txt    =>.SUP.PopcornTime
FOUND file: C:\Program Files (x86)\Popcorn Time\Updater.exe [Popcorn Time - Updater]  =>.SUP.PopcornTime
FOUND folder: C:\Program Files (x86)\Popcorn Time  =>.SUP.PopcornTime
FOUND folder: C:\Windows\System32\config\systemprofile\AppData\Roaming\{90140011-0066-0416-0000-0000000FF1CE}  =>Heuristic.Suspect
FOUND folder: C:\Users\Mari\AppData\Local\PopcornTime\PopcornTime  =>.SUP.PopcornTime
FOUND folder: C:\Users\Mari\AppData\Local\PopcornTime  =>.SUP.PopcornTime
FOUND folder: C:\Users\Mari\AppData\Local\Temp\scoped_dir10216_18134  =>.SUP.Temporary.Steam
FOUND folder: C:\Users\Mari\AppData\Local\{0832FEBF-2B7A-4E0D-AAF8-F2DD22C493A3}  =>.SUP.Empty
FOUND folder: C:\Users\Mari\AppData\Local\{0FE0104A-6C44-49E9-81E1-5F6DE9B4929F}  =>.SUP.Empty
FOUND folder: C:\Users\Mari\AppData\Local\{30AC35EB-AE56-4B33-B4A5-CB2A2243001C}  =>.SUP.Empty
FOUND folder: C:\Users\Mari\AppData\Local\{3D94AF9D-54BA-4277-A7E3-627431F8AAFA}  =>.SUP.Empty
FOUND folder: C:\Users\Mari\AppData\Local\{40C5F1B3-BEA1-4380-B428-D5AEF4C617DD}  =>.SUP.Empty
FOUND folder: C:\Users\Mari\AppData\Local\{495FF35B-46B7-48A8-8494-6997F57E887B}  =>.SUP.Empty
FOUND folder: C:\Users\Mari\AppData\Local\{587072F8-0D73-4309-BD24-6E15E184D3ED}  =>.SUP.Empty
FOUND folder: C:\Users\Mari\AppData\Local\{6DD42AE6-E67B-41AB-86A5-0FA9FE12E968}  =>.SUP.Empty
FOUND folder: C:\Users\Mari\AppData\Local\{7387D8ED-70E5-4C5C-9784-69A39401E438}  =>.SUP.Empty
FOUND folder: C:\Users\Mari\AppData\Local\{8C15E876-7EB5-428F-A84F-B5D7F34A6F68}  =>.SUP.Empty
FOUND folder: C:\Users\Mari\AppData\Local\{8F9E51A1-D288-4ED9-8BCC-32D99B95B2BE}  =>.SUP.Empty
FOUND folder: C:\Users\Mari\AppData\Local\{9A5A5F6E-8F16-4F48-B4BD-BDD5900FF439}  =>.SUP.Empty
FOUND folder: C:\Users\Mari\AppData\Local\{BCEF0A60-87BE-46AC-A730-90DCEB7760C9}  =>.SUP.Empty
FOUND folder: C:\Users\Mari\AppData\Local\{D186B5AA-FFDA-444C-BB75-0E207EFFA573}  =>.SUP.Empty
FOUND folder: C:\Users\Mari\AppData\Local\{D310549F-73D4-4DB1-9DB1-2F0585ED96D4}  =>.SUP.Empty
FOUND folder: C:\Users\Mari\AppData\Local\{D3E26F4E-F6BA-4178-8C62-C975242A6714}  =>.SUP.Empty
FOUND folder: C:\Users\Mari\AppData\Local\{D41CF96E-0400-4D77-BDE7-C50CBEEC8078}  =>.SUP.Empty
FOUND folder: C:\Users\Mari\AppData\Local\{E52AF15E-FABA-4C21-AB67-B8966D2210F7}  =>.SUP.Empty
FOUND folder: C:\Users\Mari\AppData\Local\{E5891358-AA22-4829-8590-FAFCA1CA1034}  =>.SUP.Empty
FOUND folder: C:\Users\Mari\AppData\Local\{F4AE72D1-E69E-444B-ADB1-8D7271292B17}  =>.SUP.Empty
FOUND folder: C:\Windows\Installer\MSI1786.tmp-  =>.SUP.Empty
FOUND folder: C:\Windows\Installer\MSI1D12.tmp-  =>.SUP.Empty
FOUND folder: C:\Windows\Installer\MSI29B1.tmp-  =>.SUP.Empty
FOUND folder: C:\Windows\Installer\MSI2D88.tmp-  =>.SUP.Empty
FOUND folder: C:\Windows\Installer\MSI4EF.tmp-  =>.SUP.Empty
FOUND folder: C:\Windows\Installer\MSI7EA3.tmp-  =>.SUP.Empty
FOUND folder: C:\Windows\Installer\MSI8B1.tmp-  =>.SUP.Empty
FOUND folder: C:\Windows\Installer\MSI924.tmp-  =>.SUP.Empty
FOUND folder: C:\Windows\Installer\MSI9DEA.tmp-  =>.SUP.Empty
FOUND folder: C:\Windows\Installer\MSIAAE5.tmp-  =>.SUP.Empty
FOUND folder: C:\Windows\Installer\MSIAEEC.tmp-  =>.SUP.Empty
FOUND folder: C:\Windows\Installer\MSIBA04.tmp-  =>.SUP.Empty
FOUND folder: C:\Windows\Installer\MSIC03C.tmp-  =>.SUP.Empty
FOUND folder: C:\Windows\Installer\MSICAA6.tmp-  =>.SUP.Empty
FOUND folder: C:\Windows\Installer\MSICECE.tmp-  =>.SUP.Empty
FOUND folder: C:\Windows\Installer\MSID2C5.tmp-  =>.SUP.Empty
FOUND folder: C:\Windows\Installer\MSIEC30.tmp-  =>.SUP.Empty
FOUND folder: C:\Windows\Installer\MSIF2E5.tmp-  =>.SUP.Empty
FOUND folder: C:\Windows\Installer\MSIFB48.tmp-  =>.SUP.Empty
FOUND folder: C:\Users\Mari\AppData\LocalLow\EmieBrowserModeList  =>.SUP.Empty
FOUND folder: C:\Users\Mari\AppData\LocalLow\EmieSiteList  =>.SUP.Empty
FOUND folder: C:\Users\Mari\AppData\LocalLow\EmieUserList  =>.SUP.Empty


---\\  Registry ( Key, Value, Data) (95)
FOUND key: HKEY_USERS\S-1-5-21-1080541947-1274502029-1557055115-1000\SOFTWARE\Popcorn Time []  =>.SUP.PopcornTime
FOUND key: HKEY_USERS\S-1-5-21-1080541947-1274502029-1557055115-1000\SOFTWARE\PopcornTime []  =>.SUP.PopcornTime
FOUND key: HKCU\Software\Popcorn Time []  =>.SUP.PopcornTime
FOUND key: HKCU\Software\PopcornTime []  =>.SUP.PopcornTime
FOUND key: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent [BitTorrent Inc.]  =>BitTorrent (P2P)
FOUND key: [X64] HKLM\SOFTWARE\Classes\protector_dll.Protector [Protector Class]  =>Adware.BProtector
FOUND key: [X64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1 [Protector Class]  =>Adware.BProtector
FOUND key: [X64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib [ProtectorLib Class]  =>Adware.BProtector
FOUND key: [X64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1 [ProtectorLib Class]  =>Adware.BProtector
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\de\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\es\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\fr\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\it\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\ja\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\ko\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\ru\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\zh-Hans\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\zh-Hant\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\ar\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\bg\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\ca\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\cs\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\da\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\el\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\et\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\eu\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\fi\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\he\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\hr\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\hu\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\id\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\lt\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\lv\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\ms\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\nl\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\no\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\pl\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\pt-BR\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\pt\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\ro\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\sk\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\sl\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\sr-Cyrl-CS\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\sr-Latn-CS\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\sv\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\th\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\tr\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\uk\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\vi\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\de\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\es\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\fr\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\it\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\ja\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\ko\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\ru\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\zh-Hans\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\zh-Hant\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\ar\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\bg\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\ca\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\cs\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\da\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\el\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\et\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\eu\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\fi\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\he\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\hr\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\hu\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\id\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\lt\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\lv\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\ms\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\nl\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\no\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\pl\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\pt-BR\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\pt\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\ro\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\sk\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\sl\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\sr-Cyrl-CS\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\sr-Latn-CS\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\sv\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\th\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\tr\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\uk\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\vi\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.8.0_161\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\Common Files\Citrix\ [No Folder]  =>.SUP.Obsolete.NoFolder
FOUND value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{56F77844-CFD6-47BF-9816-D7E7986162A3} [C:\Program Files (x86)\Popcorn Time\Updater.exe]  =>.SUP.PopcornTime
FOUND value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{B1A273A3-F017-44B2-9A38-6D81E5039443} [C:\Program Files (x86)\Popcorn Time\Updater.exe]  =>.SUP.PopcornTime


---\\  Summary of the elements found (9)
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>BitTorrent (P2P)
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Obsolete.Adobe
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Other
https://nicolascoolman.eu/2017/02/26/superfluous-popcorntime/  =>.SUP.PopcornTime
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/  =>Heuristic.Suspect
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Steam
https://nicolascoolman.eu/2017/04/12/adware-bprotector/  =>Adware.BProtector
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Obsolete.NoFolder


---\\ Result of repair
~ Any repair made
~ Browser not found (Mozilla Firefox)


---\\ Statistics
~ Items scanned : 78911
~ Items found : 199
~ Items cancelled : 0
~ Items options : 12/12
~ Space saving (bytes) : 3625


~ End of search in 00h11mn22s

---\\  Reports (0)
ZHPCleaner--04052019-20_45_14.txt
 

~ ZHPCleaner v2019.4.25.54 by Nicolas Coolman (2019/04/25)
~ Run by Mari (Administrator)  (04/05/2019 20:49:00)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Repair
~ Report : C:\Users\Mari\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\Mari\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Home Basic, 64-bit Service Pack 1 (Build 7601)


---\\  Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.


---\\  Services (0)
~ No malicious or unnecessary items found.


---\\  Browser internet (0)
~ No malicious or unnecessary items found.


---\\  Hosts file (0)
~ No malicious or unnecessary items found.


---\\  Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.


---\\  Explorer ( File, Folder) (89)
MOVED file: C:\Users\Mari\Desktop\µTorrent.lnk  [Bad : C:\Users\Mari\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..)  =>BitTorrent (P2P)
MOVED file: C:\Users\Mari\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk  [Bad : C:\Users\Mari\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..)  =>BitTorrent (P2P)
MOVED file: C:\Windows\Installer\wix{05AE0A65-7C26-4ED7-9848-C8675849CAAE}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVED file: C:\Windows\Installer\wix{14C6B17A-F825-431E-9A36-8D89E65B24C8}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVED file: C:\Windows\Installer\wix{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVED file: C:\Windows\Installer\wix{2F72F540-1F60-4266-9506-952B21D6640D}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVED file: C:\Windows\Installer\wix{519CE4A6-64D0-4955-A17B-751645E1163B}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVED file: C:\Windows\Installer\wix{67971EAD-F5D1-45A6-B281-A09D3193DB3F}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVED file: C:\Windows\Installer\wix{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVED file: C:\Windows\Installer\wix{786E64DA-CDC1-432B-BCAB-5912C73A72E9}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVED file: C:\Windows\Installer\wix{787136D2-F0F8-4625-AA3F-72D7795AC842}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVED file: C:\Windows\Installer\wix{B678797F-DF38-4556-8A31-8B818E261868}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVED file: C:\Windows\Installer\wix{BB81EEBD-7942-4796-8556-0B84A6235C99}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVED file: C:\Windows\Installer\wix{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVED file: C:\Windows\Installer\wix{C4123106-B685-48E6-B9BD-E4F911841EB4}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVED file: C:\Windows\Installer\wix{D61C8E6E-A4F3-4CD8-8568-51CEB5660C89}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVED file: C:\Windows\Installer\wix{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVED file: C:\Windows\Installer\wix{F51A03C4-2DD0-43B0-900F-EAD1C45DC542}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVED file: C:\Windows\Installer\wix{FBB43A99-0B72-461A-A6D2-2F1B54D36B69}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVED file: C:\Windows\Installer\106349.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\10766c.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\10db4ce9.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\1839b9.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\1dac695.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\1efbe6f1.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\23226c.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\2eef6d31.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\332f5daa.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\38aa5119.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\3b1ce03.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\42925a8.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\4f978449.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\510ea5e.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\55ce37c.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\5725802.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\79911bab.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\a72d4cb.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\af4f0.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\f2d0111.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\f6eeadf.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\ff0c020.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Users\Mari\AppData\Local\Temp\Tmp1C28.tmp    =>.SUP.Temporary.Other
MOVED file: C:\Program Files (x86)\Popcorn Time\Updater.exe [Popcorn Time - Updater]  =>.SUP.PopcornTime
MOVED folder^: C:\Program Files (x86)\Popcorn Time  =>.SUP.PopcornTime
MOVED folder: C:\Windows\System32\config\systemprofile\AppData\Roaming\{90140011-0066-0416-0000-0000000FF1CE}  =>Heuristic.Suspect
MOVED folder: C:\Users\Mari\AppData\Local\PopcornTime  =>.SUP.PopcornTime
MOVED folder: C:\Users\Mari\AppData\Local\Temp\scoped_dir10216_18134  =>.SUP.Temporary.Steam
MOVED folder: C:\Users\Mari\AppData\Local\{0832FEBF-2B7A-4E0D-AAF8-F2DD22C493A3}  =>.SUP.Empty
MOVED folder: C:\Users\Mari\AppData\Local\{0FE0104A-6C44-49E9-81E1-5F6DE9B4929F}  =>.SUP.Empty
MOVED folder: C:\Users\Mari\AppData\Local\{30AC35EB-AE56-4B33-B4A5-CB2A2243001C}  =>.SUP.Empty
MOVED folder: C:\Users\Mari\AppData\Local\{3D94AF9D-54BA-4277-A7E3-627431F8AAFA}  =>.SUP.Empty
MOVED folder: C:\Users\Mari\AppData\Local\{40C5F1B3-BEA1-4380-B428-D5AEF4C617DD}  =>.SUP.Empty
MOVED folder: C:\Users\Mari\AppData\Local\{495FF35B-46B7-48A8-8494-6997F57E887B}  =>.SUP.Empty
MOVED folder: C:\Users\Mari\AppData\Local\{587072F8-0D73-4309-BD24-6E15E184D3ED}  =>.SUP.Empty
MOVED folder: C:\Users\Mari\AppData\Local\{6DD42AE6-E67B-41AB-86A5-0FA9FE12E968}  =>.SUP.Empty
MOVED folder: C:\Users\Mari\AppData\Local\{7387D8ED-70E5-4C5C-9784-69A39401E438}  =>.SUP.Empty
MOVED folder: C:\Users\Mari\AppData\Local\{8C15E876-7EB5-428F-A84F-B5D7F34A6F68}  =>.SUP.Empty
MOVED folder: C:\Users\Mari\AppData\Local\{8F9E51A1-D288-4ED9-8BCC-32D99B95B2BE}  =>.SUP.Empty
MOVED folder: C:\Users\Mari\AppData\Local\{9A5A5F6E-8F16-4F48-B4BD-BDD5900FF439}  =>.SUP.Empty
MOVED folder: C:\Users\Mari\AppData\Local\{BCEF0A60-87BE-46AC-A730-90DCEB7760C9}  =>.SUP.Empty
MOVED folder: C:\Users\Mari\AppData\Local\{D186B5AA-FFDA-444C-BB75-0E207EFFA573}  =>.SUP.Empty
MOVED folder: C:\Users\Mari\AppData\Local\{D310549F-73D4-4DB1-9DB1-2F0585ED96D4}  =>.SUP.Empty
MOVED folder: C:\Users\Mari\AppData\Local\{D3E26F4E-F6BA-4178-8C62-C975242A6714}  =>.SUP.Empty
MOVED folder: C:\Users\Mari\AppData\Local\{D41CF96E-0400-4D77-BDE7-C50CBEEC8078}  =>.SUP.Empty
MOVED folder: C:\Users\Mari\AppData\Local\{E52AF15E-FABA-4C21-AB67-B8966D2210F7}  =>.SUP.Empty
MOVED folder: C:\Users\Mari\AppData\Local\{E5891358-AA22-4829-8590-FAFCA1CA1034}  =>.SUP.Empty
MOVED folder: C:\Users\Mari\AppData\Local\{F4AE72D1-E69E-444B-ADB1-8D7271292B17}  =>.SUP.Empty
MOVED folder: C:\Windows\Installer\MSI1786.tmp-  =>.SUP.Empty
MOVED folder: C:\Windows\Installer\MSI1D12.tmp-  =>.SUP.Empty
MOVED folder: C:\Windows\Installer\MSI29B1.tmp-  =>.SUP.Empty
MOVED folder: C:\Windows\Installer\MSI2D88.tmp-  =>.SUP.Empty
MOVED folder: C:\Windows\Installer\MSI4EF.tmp-  =>.SUP.Empty
MOVED folder: C:\Windows\Installer\MSI7EA3.tmp-  =>.SUP.Empty
MOVED folder: C:\Windows\Installer\MSI8B1.tmp-  =>.SUP.Empty
MOVED folder: C:\Windows\Installer\MSI924.tmp-  =>.SUP.Empty
MOVED folder: C:\Windows\Installer\MSI9DEA.tmp-  =>.SUP.Empty
MOVED folder: C:\Windows\Installer\MSIAAE5.tmp-  =>.SUP.Empty
MOVED folder: C:\Windows\Installer\MSIAEEC.tmp-  =>.SUP.Empty
MOVED folder: C:\Windows\Installer\MSIBA04.tmp-  =>.SUP.Empty
MOVED folder: C:\Windows\Installer\MSIC03C.tmp-  =>.SUP.Empty
MOVED folder: C:\Windows\Installer\MSICAA6.tmp-  =>.SUP.Empty
MOVED folder: C:\Windows\Installer\MSICECE.tmp-  =>.SUP.Empty
MOVED folder: C:\Windows\Installer\MSID2C5.tmp-  =>.SUP.Empty
MOVED folder: C:\Windows\Installer\MSIEC30.tmp-  =>.SUP.Empty
MOVED folder: C:\Windows\Installer\MSIF2E5.tmp-  =>.SUP.Empty
MOVED folder: C:\Windows\Installer\MSIFB48.tmp-  =>.SUP.Empty
MOVED folder: C:\Users\Mari\AppData\LocalLow\EmieBrowserModeList  =>.SUP.Empty
MOVED folder: C:\Users\Mari\AppData\LocalLow\EmieSiteList  =>.SUP.Empty
MOVED folder: C:\Users\Mari\AppData\LocalLow\EmieUserList  =>.SUP.Empty


---\\  Registry ( Key, Value, Data) (95)
DELETED key*: HKEY_USERS\S-1-5-21-1080541947-1274502029-1557055115-1000\SOFTWARE\Popcorn Time []  =>.SUP.PopcornTime
DELETED key*: HKEY_USERS\S-1-5-21-1080541947-1274502029-1557055115-1000\SOFTWARE\PopcornTime []  =>.SUP.PopcornTime
DELETED key**: HKCU\Software\Popcorn Time []  =>.SUP.PopcornTime
DELETED key**: HKCU\Software\PopcornTime []  =>.SUP.PopcornTime
DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent [BitTorrent Inc.]  =>BitTorrent (P2P)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\protector_dll.Protector [Protector Class]  =>Adware.BProtector
DELETED key*: [X64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1 [Protector Class]  =>Adware.BProtector
DELETED key*: [X64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib [ProtectorLib Class]  =>Adware.BProtector
DELETED key*: [X64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1 [ProtectorLib Class]  =>Adware.BProtector
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\de\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\es\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\fr\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\it\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\ja\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\ko\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\ru\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\zh-Hans\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\zh-Hant\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\ar\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\bg\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\ca\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\cs\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\da\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\el\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\et\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\eu\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\fi\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\he\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\hr\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\hu\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\id\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\lt\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\lv\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\ms\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\nl\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\no\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\pl\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\pt-BR\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\pt\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\ro\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\sk\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\sl\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\sr-Cyrl-CS\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\sr-Latn-CS\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\sv\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\th\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\tr\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\uk\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\vi\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\de\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\es\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\fr\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\it\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\ja\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\ko\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\ru\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\zh-Hans\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\zh-Hant\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\ar\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\bg\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\ca\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\cs\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\da\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\el\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\et\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\eu\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\fi\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\he\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\hr\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\hu\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\id\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\lt\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\lv\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\ms\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\nl\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\no\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\pl\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\pt-BR\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\pt\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\ro\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\sk\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\sl\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\sr-Cyrl-CS\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\sr-Latn-CS\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\sv\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\th\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\tr\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\uk\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\c:\Program Files\Microsoft Silverlight\5.1.50907.0\vi\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.8.0_161\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\Common Files\Citrix\ [No Folder]  =>.SUP.Obsolete.NoFolder
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{56F77844-CFD6-47BF-9816-D7E7986162A3} [C:\Program Files (x86)\Popcorn Time\Updater.exe]  =>.SUP.PopcornTime
DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{B1A273A3-F017-44B2-9A38-6D81E5039443} [C:\Program Files (x86)\Popcorn Time\Updater.exe]  =>.SUP.PopcornTime


---\\  Summary of the elements found (9)
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>BitTorrent (P2P)
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Obsolete.Adobe
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Other
https://nicolascoolman.eu/2017/02/26/superfluous-popcorntime/  =>.SUP.PopcornTime
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/  =>Heuristic.Suspect
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Steam
https://nicolascoolman.eu/2017/04/12/adware-bprotector/  =>Adware.BProtector
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Obsolete.NoFolder


---\\  Other deletions. (31)
~ Registry Keys Tracing deleted (31)
~ Remove the old reports ZHPCleaner. (0)


---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Mozilla Firefox)
~ The system has been restarted.


---\\ Statistics
~ Items scanned : 3433
~ Items found : 0
~ Items cancelled : 0
~ Items options : 12/12
~ Space saving (bytes) : 3625


~ End of clean in 00h00mn32s

---\\  Reports (2)
ZHPCleaner--04052019-20_45_14.txt
ZHPCleaner-[R]-04052019-20_49_32.txt
 

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:37:51, on 04/05/2019
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19326)
Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Users\Mari\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Users\Mari\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Mari\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=619797&PC=UE07&ocid=UE07DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Carteira Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Carteira Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [f.lux] "C:\Users\Mari\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\Mari\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\Windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\Windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Bitdefender Auxiliary Service (BDAuxSrv) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
O23 - Service: Bitdefender RedLine Service (bdredline) - Bitdefender - C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Serviço Área de trabalho remota do Google Chrome (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe
O23 - Service: COM+ Leg Service (COMLegService) - Unknown owner - C:\Program Files (x86)\Legendas-3.5\srvlegendas.exe
O23 - Service: DCDhcpService - Atheros Communication Inc. - C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
O23 - Service: Serviço de Gerenciamento de Dispositivos do Bitdefender (DevMgmtService) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\elevation_service.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Oasis2Service - Unknown owner - C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update service - Unknown owner - C:\Program Files (x86)\Popcorn Time\Updater.exe (file missing)
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\vuagent.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13319 bytes
 

 

 

Editado por Mari V.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Download Malwarebytes Anti-Malware (MBAM) e salve ou imprima estas instruções:

Execute o mb3-setup.exe para instalar o programa.

Desmarque a caixa Ativar trial gratuito do MalwareBytes Anti-Malware PRO (se houver).

Verifique se as caixas Atualizar Malwarebytes Anti-Malware e Executar Malwarebytes Anti-Malware estão marcadas. Clique então, em Concluir.

Se houver atualizações a serem feitas, serão baixadas e instaladas.

Em Configurações, clique em Proteção, caso esteja desabilitado, marque Procura por Rootkits. Em Proteção contra ameaça em potencial, selecione Tratar PUPs e PUMs como Malware (recomendado).

Clique em Análise, em seguida Análise de Ameaça, por fim, clique em Iniciar Análise.

Começará então o exame. Aguarde, pois pode demorar.

Ao acabar o exame, se houver itens encontrados, clique no botão Exportar Resumo -> Arquivo texto (*.txt) e salve-o na sua Área de Trabalho (Desktop), se o Log da desinfecção não for salvo você  vai encontra-lo ali.

Clique em Aplicar Ações ou se não houver, clique em Enviar para a quarentena.

Ao final da desinfecção, poderá aparecer um aviso se quer reiniciar o PC.

O Log é automaticamente salvo pelo MBAM e será possível vê-lo clicando na aba Relatórios -> Relatórios de análise na Janela Principal do Programa após a desinfecção ter sido realizada.

NÃO USE O FORMATO ARQUIVO .XML PARA SALVAR O LOG.

Selecione, copie e cole todo o conteúdo do Log da desinfecção salvo pelo MBAM, na sua próxima resposta  e um novo Log do HijackThis.

NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.


assinatura-mrmillion.png65301516_windows-insider-mvp-logo(Custom).png.36263cb7b506cc6935fb37f39e504cec.png

Compartilhar este post


Link para o post
Compartilhar em outros sites

Malwarebytes
www.malwarebytes.com

-Detalhes de registro-
Data da análise: 04/05/2019
Hora da análise: 22:35
Arquivo de registro: 22d3e026-6ed6-11e9-aa40-642737bd2ec4.json

-Informação do software-
Versão: 3.7.1.2839
Versão de componentes: 1.0.586
Versão do pacote de definições: 1.0.10470
Licença: Versão de Avaliação

-Informação do sistema-
Sistema operacional: Windows 7 Service Pack 1
CPU: x64
Sistema de arquivos: NTFS
Usuário: Mari-VAIO\Mari

-Resumo da análise-
Tipo de análise: Análise de Ameaças
Análise Iniciada Por: Manual
Resultado: Concluído
Objetos verificados: 279012
Ameaças detectadas: 0
Ameaças em quarentena: 0
Tempo decorrido: 19 min, 41 seg

-Opções da análise-
Memória: Habilitado
Inicialização: Habilitado
Sistema de arquivos: Habilitado
Arquivos compactados: Habilitado
Rootkits: Habilitado
Heurística: Habilitado
PUP: Detectar
PUM: Detectar

-Detalhes da análise-
Processo: 0
(Nenhum item malicioso detectado)

Módulo: 0
(Nenhum item malicioso detectado)

Chave de registro: 0
(Nenhum item malicioso detectado)

Valor de registro: 0
(Nenhum item malicioso detectado)

Dados de registro: 0
(Nenhum item malicioso detectado)

Fluxo de dados: 0
(Nenhum item malicioso detectado)

Pasta: 0
(Nenhum item malicioso detectado)

Arquivo: 0
(Nenhum item malicioso detectado)

Setor físico: 0
(Nenhum item malicioso detectado)

Instrumentação do Windows (WMI): 0
(Nenhum item malicioso detectado)


(end)

 

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:11:08, on 04/05/2019
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19326)
Boot mode: Normal

Running processes:
C:\Users\Mari\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Users\Mari\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Users\Mari\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=619797&PC=UE07&ocid=UE07DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Carteira Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Carteira Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [f.lux] "C:\Users\Mari\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\Mari\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\Windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\Windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Bitdefender Auxiliary Service (BDAuxSrv) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
O23 - Service: Bitdefender RedLine Service (bdredline) - Bitdefender - C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Serviço Área de trabalho remota do Google Chrome (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe
O23 - Service: COM+ Leg Service (COMLegService) - Unknown owner - C:\Program Files (x86)\Legendas-3.5\srvlegendas.exe
O23 - Service: DCDhcpService - Atheros Communication Inc. - C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
O23 - Service: Serviço de Gerenciamento de Dispositivos do Bitdefender (DevMgmtService) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\elevation_service.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Oasis2Service - Unknown owner - C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update service - Unknown owner - C:\Program Files (x86)\Popcorn Time\Updater.exe (file missing)
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\vuagent.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13418 bytes
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Desative temporariamente seu Antivírus.

Clique em esetsmartinstaller_enu.exe para baixar o ESET Smart Installer. Salve-o em seu Desktop (Área de Trabalho).

Dê um duplo clique no seu ícone no Desktop.

Marque "YES, I accept the Terms of Use." Clique em Start.

Aceite qualquer Aviso de Segurança de seu Navegador

Marque as Opções abaixo:

Enable detection of potencially unwanted applications.

Clique em Hide advanced settings e marque:

Remove found threats

Scan archives

Scan for potentially unsafe applications

Enable Anti-Stealth technology 

Clique Change e marque também a caixa Computador.

Clique em Start.

Ele vai atualizar por conta própria, e escanear o Computador. Tenha paciência, o processo pode demorar horas. Quando o Scan terminar, clique em List Threats.

Clique em Export to text file e salve o Log na sua Área de Trabalho.

Copie e cole o conteúdo em sua próxima resposta.

Obs: Se nada for encontrado, nenhum Log será gerado.

Clique em Back.

Clique em Finish.


assinatura-mrmillion.png65301516_windows-insider-mvp-logo(Custom).png.36263cb7b506cc6935fb37f39e504cec.png

Compartilhar este post


Link para o post
Compartilhar em outros sites

Segue o log:

C:\Program Files (x86)\Legendas-3.5\nfregdrv.exe    Win32/RiskWare.NetFilter.V application    cleaned by deleting
C:\Windows\System32\drivers\legendasdrv.sys    a variant of Win64/NetFilter.A potentially unsafe application    cleaned by deleting
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ok, o PC está limpo. (Y)  

Download  DelFix, e salve no seu Desktop (Área de Trabalho). Dê um duplo-clique no delfix.exe para executá-lo.
 
No Windows 7, 8 e 10: Clique com o direito sobre o delfix.exe e selecione Executar como Administrador
 
Marque a caixa conforme a imagem.abaixo

DellFix.jpg

Clique no botão Executar. Isso removerá os Programas usados na desinfecção, Pastas e Arquivos criados por eles e o próprio DelFix.


assinatura-mrmillion.png65301516_windows-insider-mvp-logo(Custom).png.36263cb7b506cc6935fb37f39e504cec.png

Compartilhar este post


Link para o post
Compartilhar em outros sites

×
×
  • Criar Novo...