×
Vírus - W32.HfsAdware.578C - Instala-se para a execução automática na inicialização do Windows
- Sexta, 29th Abril, 2016
- 14:51pm
o comportamento dos W32.HfsAdware.578C?
mudanças de arquivos
IDE#CdRomVBOX_CD-ROM_____________________________1.0_____#42562d3231303037333036372020202020202020#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b} MountPointManager STORAGE#Volume#1&30a96598&0&Signature9E4C9E4COffset7E00Length27F4DB200#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b} C: \ DOCUME ~ 1 C: \ Documents and Settings \ {username} C: \ Documents and Settings \ {username} \ LOCALS ~ 1 C: \ Documents and Settings \ {username} \ Local Settings \ Temp C: \ DOCUME ~ 1 \ {username} \ LOCALS ~ 1 \ Temp \ nsp1.tmp C: \ DOCUME ~ 1 \ {username} \ LOCALS ~ 1 \ Temp \ file C: \ DOCUME ~ 1 \ {username} \ LOCALS ~ 1 \ Temp \ nsj2.tmp C: \ DOCUME ~ 1 \ {username} \ LOCALS ~ 1 \ Temp \ nsd3.tmp C: \ DOCUME ~ 1 \ {username} \ LOCALS ~ 1 \ Temp \ nsd3.tmp \ nsExec.dll C: \ DOCUME ~ 1 \ {username} \ LOCALS ~ 1 \ Temp \ nsd3.tmp \ ns4.tmp C: \ Device \ NamedPipe \ Win32Pipes.00000238.00000001 C: \ Device \ NamedPipe \ Win32Pipes.00000238.00000002 C: \ DOCUME ~ 1 \ {username} \ LOCALS ~ 1 \ Temp \ nsd3.tmp \ ns8.tmp C: \ Device \ NamedPipe \ Win32Pipes.00000238.00000003 C: \ Device \ NamedPipe \ Win32Pipes.00000238.00000004 C: \ DOCUME ~ 1 \ {username} \ LOCALS ~ 1 \ Temp \ nsd3.tmp \ ns9.tmp C: \ Device \ NamedPipe \ Win32Pipes.00000238.00000005 C: \ Device \ NamedPipe \ Win32Pipes.00000238.00000006 C: \ DOCUME ~ 1 \ {username} \ LOCALS ~ 1 \ Temp \ nsd3.tmp \ nsA.tmp C: \ Device \ NamedPipe \ Win32Pipes.00000238.00000007 C: \ Device \ NamedPipe \ Win32Pipes.00000238.00000008 C: \ DOCUME ~ 1 \ {username} \ LOCALS ~ 1 \ Temp \ nsd3.tmp \ [RANDOM_STRING] .7z C: \ DOCUME ~ 1 \ {username} \ LOCALS ~ 1 \ Temp \ nsd3.tmp \ 7za.exe C: \ DOCUME ~ 1 \ {username} \ LOCALS ~ 1 \ Temp \ nsd3.tmp \ nsB.tmp C: \ Device \ NamedPipe \ Win32Pipes.00000238.00000009 C: \ Device \ NamedPipe \ Win32Pipes.00000238.0000000a [RANDOM_STRING] .7z 7za.exe C: \ DOCUME ~ 1 \ {username} \ LOCALS ~ 1 \ Temp C: \ DOCUME ~ 1 \ {username} \ LOCALS ~ 1 C: \ DOCUME ~ 1 \ {username} C:. \ DOCUME ~ 1 \ {username} \ LOCALS ~ 1 \ Temp \ nsd3.tmp \ * * C: \ DOCUME ~ 1 \ {username} \ LOCALS ~ 1 \ Temp \ nsd3.tmp \ install60180.exe C: \ DOCUME ~ 1 \ {username} \ LOCALS ~ 1 \ Temp \ nsd3.tmp \ TempWmicBatchFile.bat C: \ DOCUME ~ 1 \ {username} \ LOCALS ~ 1 \ Temp \ nsd3.tmp \ PIPE \ LSARPC C: \ WINDOWS \ Registration \ R000000000007.clb C: \ WINDOWS \ system32 \ wbem \ Cli.mof C: \ WINDOWS \ system32 \ wbem \ CliEgAliases.mof C: \ WINDOWS \ system32 \ wbem \ CliEgAliases.mfl C: \ WINDOWS \ system32 \ WBEM \ Logs \ mofcomp.log C: \ DOCUME ~ 1 \ {username} \ LOCALS ~ 1 \ Temp \ tmp5.tmp C: \ WINDOWS \ system32 \ WBEM \ recuperação automática \ 88744D2A29102FC88ECF505DD2E984FC.mof C: \ DOCUME ~ 1 \ {username} \ LOCALS ~ 1 \ Temp \ tmp6.tmp C: \ WINDOWS \ system32 \ WBEM \ recuperação automática \ C8463ECBE33BC240263A0B094E46D510.mof C: \ DOCUME ~ 1 \ {username} \ LOCALS ~ 1 \ Temp \ tmp7.tmp C: \ WINDOWS \ system32 \ WBEM \ recuperação automática \ 23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof C: \ WINDOWS \ system32 \ wbem \ XSL-Mappings.xml C: \ WINDOWS \ System32 \ Wbem \ textvaluelist.xsl TempWmicBatchFile.bat install60180.exe \\ \ C: \ DOCUME ~ 1 \ {username} \ LOCALS ~ 1 \ Temp \ nsd3.tmp \ install60180.exe
teclas de mudanças
HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ ShellCompatibility \ Applications \ file HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{20D04FE0-3AEA-1069-A2D8-08002B30309D} HKEY_CLASSES_ROOT \ CLSID \ {20D04FE0-3AEA-1069-A2D8-08002B30309D} \ InProcServer32 HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Explorer \ MountPoints2 \ CPC \ Volume HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{7e4d33d0-880d-11e3-8639-806d6172696f}\ HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{7e4d33d2-880d-11e3-8639-806d6172696f}\ HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e4d33d2-880d-11e3-8639-806d6172696f}\ HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e4d33d0-880d-11e3-8639-806d6172696f}\ HKEY_CLASSES_ROOT \ Drive \ shellex \ FolderExtensions HKEY_CLASSES_ROOT \ Drive \ shellex \ FolderExtensions \ {fbeb8a05-beee-4442-804e-409d6c4515e9} HKEY_CLASSES_ROOT \ Directory HKEY_CLASSES_ROOT \ Directory \ CurVer HKEY_CLASSES_ROOT \ Directory \ HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Explorer HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Explorer \ HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ System HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Explorer \ Avançada HKEY_CLASSES_ROOT \ Directory \\ ShellEx \ IconHandler HKEY_CLASSES_ROOT \ Directory \\ Clsid HKEY_CLASSES_ROOT \ Folder HKEY_CLASSES_ROOT \ Folder \ Clsid HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ CurrentVersion HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Ole HKEY_LOCAL_MACHINE \ System \ CurrentControlSet \ Control \ ComputerName ActiveComputerName HKEY_LOCAL_MACHINE \ Software \ Microsoft \ COM3 HKEY_USERS \ S-1-5-21-507921405-1343024091-1060284298-1003_Classes HKEY_LOCAL_MACHINE \ Software \ Classes \ Registry \ user HKEY_LOCAL_MACHINE \ Software \ Classes \ CLSID CLSID \ {4590F811-1D3A-11D0-891F-00AA004B2E24} CLSID \ {4590F811-1D3A-11D0-891F-00AA004B2E24} \ TreatAs \ CLSID \ {4590F811-1D3A-11D0-891F-00AA004B2E24} \ CLSID \ {4590F811-1D3A-11D0-891F-00AA004B2E24} \ InprocServer32 \ CLSID \ {4590F811-1D3A-11D0-891F-00AA004B2E24} \ InprocServerX86 \ CLSID \ {4590F811-1D3A-11D0-891F-00AA004B2E24} \ LocalServer32 \ CLSID \ {4590F811-1D3A-11D0-891F-00AA004B2E24} \ InprocHandler32 \ CLSID \ {4590F811-1D3A-11D0-891F-00AA004B2E24} \ InprocHandlerX86 \ CLSID \ {4590F811-1D3A-11D0-891F-00AA004B2E24} \ LocalServer HKEY_CLASSES_ROOT \ CLSID \ {4590F811-1D3A-11D0-891F-00AA004B2E24} HKEY_CLASSES_ROOT \ CLSID \ {4590F811-1D3A-11D0-891F-00AA004B2E24} \ TreatAs HKEY_LOCAL_MACHINE \ SOFTWARE \\ Microsoft \\ Wbem \\ WMIC HKEY_CURRENT_USER \ SOFTWARE \\ Microsoft \\ Wbem \\ WMIC CLSID \ {6DAF9757-2E37-11D2-AEC9-00C04FB68820} CLSID \ {6DAF9757-2E37-11D2-AEC9-00C04FB68820} \ TreatAs \ CLSID \ {6DAF9757-2E37-11D2-AEC9-00C04FB68820} \ CLSID \ {6DAF9757-2E37-11D2-AEC9-00C04FB68820} \ InprocServer32 \ CLSID \ {6DAF9757-2E37-11D2-AEC9-00C04FB68820} \ InprocServerX86 \ CLSID \ {6DAF9757-2E37-11D2-AEC9-00C04FB68820} \ LocalServer32 \ CLSID \ {6DAF9757-2E37-11D2-AEC9-00C04FB68820} \ InprocHandler32 \ CLSID \ {6DAF9757-2E37-11D2-AEC9-00C04FB68820} \ InprocHandlerX86 \ CLSID \ {6DAF9757-2E37-11D2-AEC9-00C04FB68820} \ LocalServer HKEY_CLASSES_ROOT \ CLSID \ {6DAF9757-2E37-11D2-AEC9-00C04FB68820} HKEY_CLASSES_ROOT \ CLSID \ {6DAF9757-2E37-11D2-AEC9-00C04FB68820} \ TreatAs HKEY_LOCAL_MACHINE \ Software \ Microsoft \ WBEM \ CIMOM HKEY_LOCAL_MACHINE \ System \ CurrentControlSet \ Services \ Tcpip \ Parameters HKEY_LOCAL_MACHINE \ Software \ Policies \ Microsoft \ System \ DNSClient CLSID \ {8BC3F05E-D86B-11D0-A075-00C04FB68820} CLSID \ {8BC3F05E-D86B-11D0-A075-00C04FB68820} \ TreatAs \ CLSID \ {8BC3F05E-D86B-11D0-A075-00C04FB68820} \ CLSID \ {8BC3F05E-D86B-11D0-A075-00C04FB68820} \ InprocServer32 \ CLSID \ {8BC3F05E-D86B-11D0-A075-00C04FB68820} \ InprocServerX86 \ CLSID \ {8BC3F05E-D86B-11D0-A075-00C04FB68820} \ LocalServer32 \ CLSID \ {8BC3F05E-D86B-11D0-A075-00C04FB68820} \ InprocHandler32 \ CLSID \ {8BC3F05E-D86B-11D0-A075-00C04FB68820} \ InprocHandlerX86 \ CLSID \ {8BC3F05E-D86B-11D0-A075-00C04FB68820} \ LocalServer \ AppID \ {8BC3F05E-D86B-11D0-A075-00C04FB68820} HKEY_CLASSES_ROOT \ Interface \ {F309AD18-D86A-11D0-A075-00C04FB68820} HKEY_CLASSES_ROOT \ Interface \ {F309AD18-D86A-11D0-A075-00C04FB68820} \ ProxyStubClsid32 CLSID \ {7C857801-7381-11CF-884D-00AA004B2E24} CLSID \ {7C857801-7381-11CF-884D-00AA004B2E24} \ TreatAs \ CLSID \ {7C857801-7381-11CF-884D-00AA004B2E24} \ CLSID \ {7C857801-7381-11CF-884D-00AA004B2E24} \ InprocServer32 \ CLSID \ {7C857801-7381-11CF-884D-00AA004B2E24} \ InprocServerX86 \ CLSID \ {7C857801-7381-11CF-884D-00AA004B2E24} \ LocalServer32 \ CLSID \ {7C857801-7381-11CF-884D-00AA004B2E24} \ InprocHandler32 \ CLSID \ {7C857801-7381-11CF-884D-00AA004B2E24} \ InprocHandlerX86 \ CLSID \ {7C857801-7381-11CF-884D-00AA004B2E24} \ LocalServer HKEY_CLASSES_ROOT \ CLSID \ {7C857801-7381-11CF-884D-00AA004B2E24} HKEY_CLASSES_ROOT \ CLSID \ {7C857801-7381-11CF-884D-00AA004B2E24} \ TreatAs HKEY_CLASSES_ROOT \ Interface \ {D4781CD6-E5D3-44DF-AD94-930EFE48A887} HKEY_CLASSES_ROOT \ Interface \ {D4781CD6-E5D3-44DF-AD94-930EFE48A887} \ ProxyStubClsid32 HKEY_CLASSES_ROOT \ Interface \ {9556DC99-828C-11CF-A37E-00AA003240C7} HKEY_CLASSES_ROOT \ Interface \ {9556DC99-828C-11CF-A37E-00AA003240C7} \ ProxyStubClsid32 CLSID \ {D68AF00A-29CB-43FA-8504-CE99A996D9EA} CLSID \ {D68AF00A-29CB-43FA-8504-CE99A996D9EA} \ TreatAs \ CLSID \ {D68AF00A-29CB-43FA-8504-CE99A996D9EA} \ CLSID \ {D68AF00A-29CB-43FA-8504-CE99A996D9EA} \ InprocServer32 \ CLSID \ {D68AF00A-29CB-43FA-8504-CE99A996D9EA} \ InprocServerX86 \ CLSID \ {D68AF00A-29CB-43FA-8504-CE99A996D9EA} \ LocalServer32 \ CLSID \ {D68AF00A-29CB-43FA-8504-CE99A996D9EA} \ InprocHandler32 \ CLSID \ {D68AF00A-29CB-43FA-8504-CE99A996D9EA} \ InprocHandlerX86 \ CLSID \ {D68AF00A-29CB-43FA-8504-CE99A996D9EA} \ LocalServer HKEY_CLASSES_ROOT \ CLSID \ {D68AF00A-29CB-43FA-8504-CE99A996D9EA} HKEY_CLASSES_ROOT \ CLSID \ {D68AF00A-29CB-43FA-8504-CE99A996D9EA} \ TreatAs CLSID \ {4590F812-1D3A-11D0-891F-00AA004B2E24} CLSID \ {4590F812-1D3A-11D0-891F-00AA004B2E24} \ TreatAs \ CLSID \ {4590F812-1D3A-11D0-891F-00AA004B2E24} \ CLSID \ {4590F812-1D3A-11D0-891F-00AA004B2E24} \ InprocServer32 \ CLSID \ {4590F812-1D3A-11D0-891F-00AA004B2E24} \ InprocServerX86 \ CLSID \ {4590F812-1D3A-11D0-891F-00AA004B2E24} \ LocalServer32 \ CLSID \ {4590F812-1D3A-11D0-891F-00AA004B2E24} \ InprocHandler32 \ CLSID \ {4590F812-1D3A-11D0-891F-00AA004B2E24} \ InprocHandlerX86 \ CLSID \ {4590F812-1D3A-11D0-891F-00AA004B2E24} \ LocalServer HKEY_CLASSES_ROOT \ CLSID \ {4590F812-1D3A-11D0-891F-00AA004B2E24} HKEY_CLASSES_ROOT \ CLSID \ {4590F812-1D3A-11D0-891F-00AA004B2E24} \ TreatAs HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Wbem \ CIMOM CLSID \ {F6D90F12-9C73-11D3-B32E-00C04F990BB4} CLSID \ {F6D90F12-9C73-11D3-B32E-00C04F990BB4} \ TreatAs \ CLSID \ {F6D90F12-9C73-11D3-B32E-00C04F990BB4} \ CLSID \ {F6D90F12-9C73-11D3-B32E-00C04F990BB4} \ InprocServer32 \ CLSID \ {F6D90F12-9C73-11D3-B32E-00C04F990BB4} \ InprocServerX86 \ CLSID \ {F6D90F12-9C73-11D3-B32E-00C04F990BB4} \ LocalServer32 \ CLSID \ {F6D90F12-9C73-11D3-B32E-00C04F990BB4} \ InprocHandler32 \ CLSID \ {F6D90F12-9C73-11D3-B32E-00C04F990BB4} \ InprocHandlerX86 \ CLSID \ {F6D90F12-9C73-11D3-B32E-00C04F990BB4} \ LocalServer HKEY_CLASSES_ROOT \ CLSID \ {F6D90F12-9C73-11D3-B32E-00C04F990BB4} HKEY_CLASSES_ROOT \ CLSID \ {F6D90F12-9C73-11D3-B32E-00C04F990BB4} \ TreatAs HKEY_LOCAL_MACHINE \ Software \ Policies \ Microsoft \ Windows \ CurrentVersion \ Internet Settings HKEY_CURRENT_USER \ Software \ Policies \ Microsoft \ Windows \ CurrentVersion \ Internet Settings HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Internet Settings HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ CurrentVersion \ Internet Settings HKEY_CURRENT_USER \ Software \ Microsoft \ Internet Explorer \ Main \ FeatureControl \ FEATURE_HTTP_USERNAME_PASSWORD_DISABLE HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Internet Explorer \ Main \ FeatureControl \ FEATURE_HTTP_USERNAME_PASSWORD_DISABLE HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Internet Explorer \ Main \ FeatureControl HKEY_CURRENT_USER \ Software \ Microsoft \ Internet Explorer \ Main \ FeatureControl HKEY_CURRENT_USER \ Software \ Microsoft \ Internet Explorer \ Main \ FeatureControl \ FEATURE_ALLOW_REVERSE_SOLIDUS_IN_USERINFO_KB932562 HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Internet Explorer \ Main \ FeatureControl \ FEATURE_ALLOW_REVERSE_SOLIDUS_IN_USERINFO_KB932562 HKEY_CURRENT_USER \ Software \ Microsoft \ Internet Explorer \ Main \ FeatureControl \ FEATURE_MIME_HANDLING HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Internet Explorer \ Main \ FeatureControl \ FEATURE_MIME_HANDLING HKEY_CLASSES_ROOT \ PROTOCOLOS \ Nome-Space Handler \ HKEY_CLASSES_ROOT \ PROTOCOLOS \ Nome-Space Handler \ arquivo \ HKEY_CLASSES_ROOT \ PROTOCOLOS \ Nome-Space Handler \ * \ HKEY_CLASSES_ROOT \ .xml HKEY_CURRENT_USER \ Software \ Classes \ PROTOCOLOS \ Filter \ text / xml HKEY_LOCAL_MACHINE \ SOFTWARE \ Classes \ PROTOCOLOS \ Filter \ text / xml CLSID \ {8D1C559D-84F0-4BB3-A7D5-56A7435A9BA6} CLSID \ {8D1C559D-84F0-4BB3-A7D5-56A7435A9BA6} \ TreatAs \ CLSID \ {8D1C559D-84F0-4BB3-A7D5-56A7435A9BA6} \ CLSID \ {8D1C559D-84F0-4BB3-A7D5-56A7435A9BA6} \ InprocServer32 \ CLSID \ {8D1C559D-84F0-4BB3-A7D5-56A7435A9BA6} \ InprocServerX86 \ CLSID \ {8D1C559D-84F0-4BB3-A7D5-56A7435A9BA6} \ LocalServer32 \ CLSID \ {8D1C559D-84F0-4BB3-A7D5-56A7435A9BA6} \ InprocHandler32 \ CLSID \ {8D1C559D-84F0-4BB3-A7D5-56A7435A9BA6} \ InprocHandlerX86 \ CLSID \ {8D1C559D-84F0-4BB3-A7D5-56A7435A9BA6} \ LocalServer HKEY_CLASSES_ROOT \ CLSID \ {8D1C559D-84F0-4BB3-A7D5-56A7435A9BA6} HKEY_CLASSES_ROOT \ CLSID \ {8D1C559D-84F0-4BB3-A7D5-56A7435A9BA6} \ TreatAs CLSID \ {674B6698-EE92-11D0-AD71-00C04FD8FDFF} CLSID \ {674B6698-EE92-11D0-AD71-00C04FD8FDFF} \ TreatAs \ CLSID \ {674B6698-EE92-11D0-AD71-00C04FD8FDFF} \ CLSID \ {674B6698-EE92-11D0-AD71-00C04FD8FDFF} \ InprocServer32 \ CLSID \ {674B6698-EE92-11D0-AD71-00C04FD8FDFF} \ InprocServerX86 \ CLSID \ {674B6698-EE92-11D0-AD71-00C04FD8FDFF} \ LocalServer32 \ CLSID \ {674B6698-EE92-11D0-AD71-00C04FD8FDFF} \ InprocHandler32 \ CLSID \ {674B6698-EE92-11D0-AD71-00C04FD8FDFF} \ InprocHandlerX86 \ CLSID \ {674B6698-EE92-11D0-AD71-00C04FD8FDFF} \ LocalServer HKEY_CLASSES_ROOT \ CLSID \ {674B6698-EE92-11D0-AD71-00C04FD8FDFF} HKEY_CLASSES_ROOT \ CLSID \ {674B6698-EE92-11D0-AD71-00C04FD8FDFF} \ TreatAs HKEY_CLASSES_ROOT \ Interface \ {027947E1-D731-11CE-A357-000000000001} HKEY_CLASSES_ROOT \ Interface \ {027947E1-D731-11CE-A357-000000000001} \ ProxyStubClsid32 CLSID \ {1B1CAD8C-2DAB-11D2-B604-00104B703EFD} CLSID \ {1B1CAD8C-2DAB-11D2-B604-00104B703EFD} \ TreatAs \ CLSID \ {1B1CAD8C-2DAB-11D2-B604-00104B703EFD} \ CLSID \ {1B1CAD8C-2DAB-11D2-B604-00104B703EFD} \ InprocServer32 \ CLSID \ {1B1CAD8C-2DAB-11D2-B604-00104B703EFD} \ InprocServerX86 \ CLSID \ {1B1CAD8C-2DAB-11D2-B604-00104B703EFD} \ LocalServer32 \ CLSID \ {1B1CAD8C-2DAB-11D2-B604-00104B703EFD} \ InprocHandler32 \ CLSID \ {1B1CAD8C-2DAB-11D2-B604-00104B703EFD} \ InprocHandlerX86 \ CLSID \ {1B1CAD8C-2DAB-11D2-B604-00104B703EFD} \ LocalServer HKEY_CLASSES_ROOT \ CLSID \ {1B1CAD8C-2DAB-11D2-B604-00104B703EFD} HKEY_CLASSES_ROOT \ CLSID \ {1B1CAD8C-2DAB-11D2-B604-00104B703EFD} \ TreatAs HKEY_CLASSES_ROOT \ Interface \ {1C1C45EE-4395-11D2-B60B-00104B703EFD} HKEY_CLASSES_ROOT \ Interface \ {1C1C45EE-4395-11D2-B60B-00104B703EFD} \ ProxyStubClsid32 HKEY_CLASSES_ROOT \ Interface \ {423EC01E-2E35-11D2-B604-00104B703EFD} HKEY_CLASSES_ROOT \ Interface \ {423EC01E-2E35-11D2-B604-00104B703EFD} \ ProxyStubClsid32 HKEY_LOCAL_MACHINE \ Software \ Microsoft \ WBEM \ TextSource \ 1 CLSID \ {78103FB7-AED7-4066-8BCD-30BB27B02331} CLSID \ {78103FB7-AED7-4066-8BCD-30BB27B02331} \ TreatAs \ CLSID \ {78103FB7-AED7-4066-8BCD-30BB27B02331} \ CLSID \ {78103FB7-AED7-4066-8BCD-30BB27B02331} \ InprocServer32 \ CLSID \ {78103FB7-AED7-4066-8BCD-30BB27B02331} \ InprocServerX86 \ CLSID \ {78103FB7-AED7-4066-8BCD-30BB27B02331} \ LocalServer32 \ CLSID \ {78103FB7-AED7-4066-8BCD-30BB27B02331} \ InprocHandler32 \ CLSID \ {78103FB7-AED7-4066-8BCD-30BB27B02331} \ InprocHandlerX86 \ CLSID \ {78103FB7-AED7-4066-8BCD-30BB27B02331} \ LocalServer HKEY_CLASSES_ROOT \ CLSID \ {78103FB7-AED7-4066-8BCD-30BB27B02331} HKEY_CLASSES_ROOT \ CLSID \ {78103FB7-AED7-4066-8BCD-30BB27B02331} \ TreatAs CLSID \ {2933BF94-7B36-11D2-B20E-00C04F983E60} CLSID \ {2933BF94-7B36-11D2-B20E-00C04F983E60} \ TreatAs \ CLSID \ {2933BF94-7B36-11D2-B20E-00C04F983E60} \ CLSID \ {2933BF94-7B36-11D2-B20E-00C04F983E60} \ InprocServer32 \ CLSID \ {2933BF94-7B36-11D2-B20E-00C04F983E60} \ InprocServerX86 \ CLSID \ {2933BF94-7B36-11D2-B20E-00C04F983E60} \ LocalServer32 \ CLSID \ {2933BF94-7B36-11D2-B20E-00C04F983E60} \ InprocHandler32 \ CLSID \ {2933BF94-7B36-11D2-B20E-00C04F983E60} \ InprocHandlerX86 \ CLSID \ {2933BF94-7B36-11D2-B20E-00C04F983E60} \ LocalServer HKEY_CLASSES_ROOT \ CLSID \ {2933BF94-7B36-11D2-B20E-00C04F983E60} HKEY_CLASSES_ROOT \ CLSID \ {2933BF94-7B36-11D2-B20E-00C04F983E60} \ TreatAs HKEY_LOCAL_MACHINE \ System \ CurrentControlSet \ Control \ Session Manager HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING\FEATURE_ALLOW_REVERSE_SOLIDUS_IN_USERINFO_KB932562
exclusões mútuas mudanças
CTF.TimListCache.FMPDefaultS-1-5-21-507921405-1343024091-1060284298-1003MUTEX.DefaultS-1-5-21-507921405-1343024091-1060284298-1003
W32.HfsAdware.578C também conhecido como:
| Bkav | W32.HfsAdware.578C | 1.3.0.7744 | 20160419 |
| MicroWorld-eScan | Application.Bundler.Somoto.AG | 12.0.250.0 | 20160420 |
| CAT-QuickHeal | PUA.Somotoltd2.Gen | 14.00 | 20160420 |
| Malwarebytes | PUP.Optional.Somoto | 2.1.1.1115 | 20160420 |
| VIPRE | Trojan.Win32.Generic! BT | 48766 | 20160420 |
| Aegislab | Troj.Downloader.W32! C | 4.2 | 20160420 |
| K7GW | Adware (004b8ea81) | 9.222.19356 | 20160420 |
| K7AntiVirus | Adware (004b8ea81) | 9.222.19355 | 20160419 |
| F-Prot | W32 / Somoto.F | 4.7.1.166 | 20160420 |
| Symantec | PUA.BetterInstaller | 20151.1.0.32 | 20160420 |
| ESET NOD32- | Win32 / Somoto.G potencialmente indesejados | 13362 | 20160420 |
| TrendMicro-HouseCall | ADW_TOMOS.SMN | 9.800.0.1009 | 20160420 |
| ClamAV | Win.Adware.Somoto-1 | 0.98.5.0 | 20160420 |
| Kaspersky | not-a-virus: Downloader.Win32.Somato.r | 15.0.1.13 | 20160420 |
| BitDefender | Application.Bundler.Somoto.AG | 7.2 | 20160420 |
| NANO-Antivirus | Riskware.Nsis.Adware.dshbbp | 1.0.30.8000 | 20160420 |
| SUPERAntiSpyware | PUP.Somoto / Variant | 5.6.0.1032 | 20160420 |
| Aumentar | PE:! Malware.Generic / QRS 1.9E2D [F] | 25.0.0.18 | 20160420 |
| Ad-Aware | Application.Bundler.Somoto.AG | 3.0.2.1015 | 20160420 |
| Comodo | Application.Win32.Somoto.GH | 24841 | 20160420 |
| F-Secure | Application.Bundler.Somoto | 11.0.19100.45 | 20160420 |
| DrWeb | Adware.Somoto.139 | 7.0.18.3140 | 20160420 |
| Zillya | Adware.BrowseFoxGen.Win32.31 | 2.0.0.2799 | 20160420 |
| TrendMicro | ADW_TOMOS.SMN | 9.740.0.1012 | 20160420 |
| McAfee-GW-Edição | BehavesLike.Win32.BadFile.gc | v2015 | 20160419 |
| Sophos | Somoto BetterInstaller (PUA) | 4.98.0 | 20160420 |
| Cyren | W32 / Somoto.JHIU-2231 | 5.4.16.7 | 20160420 |
| Avira | PUA / Somoto.Gen2 | 8.3.3.4 | 20160420 |
| Antiy-AVL | Trojan / Generic.ASMalwNS.2749 | 1.0.0.1 | 20160420 |
| Arcabit | Application.Bundler.Somoto.AG | 1.0.0.672 | 20160420 |
| ViRobot | Adware.Somoto.430936.KL [h] | 2014.3.20.0 | 20160420 |
| AhnLab-V3 | PUP / Win32.Somoto | 2016.04.20.00 | 20160419 |
| McAfee | Artemis! 1A29398FF3F2 | 6.0.6.653 | 20160420 |
| AVware | Trojan.Win32.Generic! BT | 1.5.0.42 | 20160420 |
| Tencent | Win32.Downloader.Bp-somato.Rkbk | 1.0.0.1 | 20160420 |
| AVG | AdLoad.S | 16.0.0.4556 | 20160420 |
| Panda | Malware Generic | 4.6.4.2 | 20160419 |
| Qihoo 360 | Win32 / Application.159 | 1.0.0.1120 | 20160420 |
Software para se livrar de W32.HfsAdware.578C automaticamente
marcos importantes para apagar automaticamente W32.HfsAdware.578C são como se segue:
- Baixar e instalar GridinSoft Anti-Malware.
- A digitalização do seu PC com ele.
- Remoção de todas as infecções detectadas por ela (com versão completa registrado).
- A reposição do seu navegador com GridinSoft Anti-Malware.
- Reiniciar o computador.
