Ir para o conteúdo

Publicidade

 Estatísticas do Fórum

  • 0 Usuários ativos

    0 membro(s), 0 visitante(s) e 0 membros anônimo(s)

Foto:

[Resolvido]  PC muito lento e travando

  • Por favor, faça o login para responder
13 respostas neste tópico

#1 altasena

altasena
  • Membros
  • 58 posts

Postado 05 novembro 2011 - 20:37

Olá este pc era muito bom,tem travado muito e está muito lento!!!Desde já obrigado!!

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:30:44, on 05/11/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19154)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Ahead\Nero PhotoShow\data\Xtras\mssysmgr.exe
C:\Program Files\Ares\Ares.exe
C:\Users\RIAN\AppData\Local\sswat_hwrc_win_live\mattelhwrc_launcher.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wuauclt.exe
C:\Users\RIAN\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\RIAN\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\RIAN\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\RIAN\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\RIAN\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\RIAN\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\RIAN\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\RIAN\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\RIAN\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\HiJackThis (2).exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.globo.com.br/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI9130~1\Datamngr\ToolBar\searchqudtx.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\PROGRA~1\GbPlugin\gbiehAbn.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: kikin Plugin - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files\kikin\ie_kikin.dll
O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI9130~1\Datamngr\ToolBar\searchqudtx.dll (file missing)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [RestartNeroSetup] "C:\Users\RIAN\AppData\Local\Temp\Nero Web\SetupXu.exe" MODE="update" STARTMODE="2" USERSEL="3" FAMILYNAME="Nero 7" RUNSETUPXU="1" UPGRADE="1"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\RIAN\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Mattel HWRC Launcher] C:\Users\RIAN\AppData\Local\sswat_hwrc_win_live\mattelhwrc_launcher.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] C:\Users\RIAN\AppData\Local\Akamai\netsession_win.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [AutoLaunch] C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe monthly (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [AutoLaunch] C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe monthly (User 'Default user')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll
O9 - Extra 'Tools' menuitem: My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll
O20 - Winlogon Notify: GbPluginAbn - C:\PROGRA~1\GbPlugin\gbiehAbn.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: Watchdog do AVG (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bandoo Coordinator - Bandoo Media Inc. - C:\Program Files\Bandoo\Bandoo.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~1\GbPlugin\GbpSv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe

--
End of file - 10549 bytes
  • 0

#2 wings

wings
  • Masters
  • 3.592 posts

Postado 06 novembro 2011 - 11:39

Olá altasena


1.
*Baixe o ERUNT e salve-o no desktop
*Crie uma pasta em C:\ chamada ERUNT e extraia para ela
*Execute o arquivo C:\ERUNT\ERUNT.exe
*Clique [OK] > [OK] > [Sim] > [OK]

2.
*Baixe o AD-Remover e salve-o no desktop
*Clique com o botão direito do mouse no AD-R e selecione "Executar como administrador", clique [Clean] > [Sim] > [OK] > [Sim]. O PC poderá ser reiniciado para a completa limpeza.
*Cole o relatório C:\Ad-Report-CLEAN[1].txt

3.
*Baixe o DDS e salve-o no desktop
*Execute-o e salve os relatórios no desktop (DDS.txt e Attach.txt)
*Cole apenas o relatório DDS.txt
  • 0

#3 altasena

altasena
  • Membros
  • 58 posts

Postado 07 novembro 2011 - 10:17

Bom dia amigo, fiz os procedimentos, log postado!! Grato

======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======

Updated by TeamXscript on 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Launched at 10:35:17 on 07/11/2011, Normal boot

Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86)
RIAN@RIAN-PC (Gigabyte Technology Co., Ltd. 945GCM-S2C)

============== SEARCH ==============

Service: "Bandoo Coordinator" Service found

File found: C:\Windows\system32\Tasks\Scheduled Update for Ask Toolbar
Folder found: C:\Users\RIAN\AppData\Roaming\Mozilla\FireFox\Profiles\c46lnu1g.default\extensions\toolbar@ask.com
File found: C:\Users\RIAN\AppData\Roaming\Mozilla\FireFox\Profiles\c46lnu1g.default\searchplugins\askcom.xml
Folder found: C:\Users\RIAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ask Search Assistant
Folder found: C:\Program Files\Ask Search Assistant
Folder found: C:\Program Files\Ask.com
Folder found: C:\Users\RIAN\AppData\LocalLow\AskToolbar
Folder found: C:\Users\RIAN\AppData\Roaming\Bandoo
Folder found: C:\ProgramData\Bandoo
Folder found: C:\Users\RIAN\AppData\LocalLow\Bandoo
Folder found: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandoo
Folder found: C:\Program Files\Bandoo
Folder found: C:\Users\RIAN\AppData\LocalLow\Toolbar4
File found: C:\Users\RIAN\Downloads\BandooV7.exe

Key found: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key found: HKLM\Software\Classes\CLSID\{074E4EFE-81BB-4EA4-866E-082CB0E01070}
Key found: HKLM\Software\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}
Key found: HKLM\Software\Classes\CLSID\{0CE5B352-9D9C-41E1-9551-FCCD92820217}
Key found: HKLM\Software\Classes\CLSID\{167B2B5F-2757-434A-BBDA-2FDB2003F14F}
Key found: HKLM\Software\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Key found: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key found: HKLM\Software\Classes\CLSID\{2E9A60EA-5554-49C3-BC9D-D0404DBACC62}
Key found: HKLM\Software\Classes\CLSID\{3E63C9BC-DD51-4E83-ABA6-B350EAD28531}
Key found: HKLM\Software\Classes\CLSID\{44CFFEF4-E7E1-44BD-B1F5-29F828ADA1B8}
Key found: HKLM\Software\Classes\CLSID\{872F3C0B-4462-424c-BB9F-74C6899B9F92}
Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424c-BB9F-74C6899B9F92}
Key found: HKLM\Software\Classes\AppID\{9C123289-82E1-4da7-A3C2-B8D28AAD114B}
Key found: HKLM\Software\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}
Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7}
Key found: HKLM\Software\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Key found: HKLM\Software\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Key found: HKLM\Software\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Key found: HKLM\Software\Classes\CLSID\{CE1CB632-6817-47b3-8587-D05AF75D6D5A}
Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47b3-8587-D05AF75D6D5A}
Key found: HKLM\Software\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Key found: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key found: HKLM\Software\Classes\CLSID\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Key found: HKLM\Software\Classes\CLSID\{EF2B6317-C367-401B-83B8-80302D6588A7}
Key found: HKLM\Software\Classes\CLSID\{F5379B4B-24D8-432A-9A96-BE75EE5117DB}
Key found: HKLM\Software\Classes\CLSID\{F7FB2BC4-6C27-4EAC-B5E2-037B71FDE101}
Key found: HKLM\Software\Classes\CLSID\{FD53FE35-4368-4B71-89D6-F29F3DB29DF1}
Key found: HKLM\Software\Classes\Interface\{115CCBAE-27B0-47C3-BA42-BAB708424393}
Key found: HKLM\Software\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}
Key found: HKLM\Software\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Key found: HKLM\Software\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Key found: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key found: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key found: HKLM\Software\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}
Key found: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key found: HKLM\Software\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Key found: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key found: HKLM\Software\Classes\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Key found: HKLM\Software\Classes\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA}
Key found: HKLM\Software\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}
Key found: HKLM\Software\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Key found: HKLM\Software\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2}
Key found: HKLM\Software\Classes\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
Key found: HKLM\Software\Classes\BandooCoordinator.BandooCoordinator
Key found: HKLM\Software\Classes\BandooCoordinator.BandooCoordinator.1
Key found: HKLM\Software\Classes\BandooCoordinator.CoordinatorUI
Key found: HKLM\Software\Classes\BandooCoordinator.CoordinatorUI.1
Key found: HKLM\Software\Classes\BandooCoordinator.HTTPAsyncResult
Key found: HKLM\Software\Classes\BandooCoordinator.HTTPAsyncResult.1
Key found: HKLM\Software\Classes\BandooCoordinator.PlugInNotifier
Key found: HKLM\Software\Classes\BandooCoordinator.PlugInNotifier.1
Key found: HKLM\Software\Classes\BandooCore.BandooCore
Key found: HKLM\Software\Classes\BandooCore.BandooCore.1
Key found: HKLM\Software\Classes\BandooCore.ResourcesMngr
Key found: HKLM\Software\Classes\BandooCore.ResourcesMngr.1
Key found: HKLM\Software\Classes\BandooCore.SettingsMngr
Key found: HKLM\Software\Classes\BandooCore.SettingsMngr.1
Key found: HKLM\Software\Classes\BandooCore.StatisticMngr
Key found: HKLM\Software\Classes\BandooCore.StatisticMngr.1
Key found: HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin
Key found: HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin.1
Key found: HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl
Key found: HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl.1
Key found: HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl
Key found: HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl.1
Key found: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
Key found: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
Key found: HKLM\Software\Classes\AppID\BandooCoordinator.EXE
Key found: HKLM\Software\Classes\AppID\BandooCore.EXE
Key found: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
Key found: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key found: HKLM\Software\bandoo
Key found: HKCU\Software\Ask.com
Key found: HKCU\Software\AskSearchAsst
Key found: HKCU\Software\DataMngr
Key found: HKCU\Software\AppDataLow\AskToolbarInfo
Key found: HKCU\Software\AppDataLow\Software\AskToolbar
Key found: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2}
Key found: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}
Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}
Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask.com Search Assistant
Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}
Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ask.com Search Assistant
Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Bandoo
Key found: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar

Value found: HKCU\Software\Mozilla\Firefox\Extensions|ffox@bandoo.com
Value found: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC}
Value found: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}
Value found: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== ADDITIONNAL SCAN ==============

**** Mozilla Firefox Version [7.0.1 (pt-BR)] ****

Plugins\npganymedenet.dll ( )
HKCU_MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0 (x)
HKCU_MozillaPlugins\mattelinc.com/HotWheelsLoader (x)
Searchplugins\avg_igeared.xml (hxxp://search.avg.com/route/?d=4af21366&v=7.008.031.001&i=23&tp=chrome&q={searchTerms}&lng=pt-BR&iy=&ychte=us/)
Searchplugins\buscape.xml (hxxp://busca.buscape.com.br/cprocura)
Searchplugins\mercadolivre.xml (hxxp://pmstrk.mercadolivre.com.br/jm/PmsTrk)
Searchplugins\SearchResults.xml ( hxxp://dts.search-results.com/sr?src=ffb&appid=120&systemid=101&q={searchTerms}/)
Searchplugins\wikipedia-br.xml (hxxp://pt.wikipedia.org/wiki/Especial:Busca)
Searchplugins\yahoo-br.xml (hxxp://br.search.yahoo.com/search)
Components\browsercomps.dll (Mozilla Foundation)
HKLM_Extensions|{1E73965B-8B48-48be-9C8D-68B920ABC1C4} - C:\Program Files\AVG\AVG2012\Firefox4\
HKCU_Extensions|ffox@bandoo.com - C:\Users\RIAN\AppData\Roaming\Mozilla\Firefox\Profiles\on68i9jd.default\extensions\ffox@bandoo.com

-- C:\Users\RIAN\AppData\Roaming\Mozilla\FireFox\Profiles\c46lnu1g.default --
Extensions\toolbar@ask.com (VDownloader Toolbar)
Searchplugins\askcom.xml (?)

========================================

**** Google Chrome Version [15.0.874.106] ****

Extension\dloejdefkancmfajekobpfoacecnhpgp (C:\Program Files\Bandoo\ChromePackage.crx) (?)
Extension\jmfkcklnlgedgbglfkkgedjfmejoahla (C:\Program Files\AVG\AVG2012\Chrome\safesearch.crx) (?)
Extension\lpkbfdhlbdkjohbhnhabfecpmcdlcmff (C:\Users\RIAN\AppData\Roaming\kikin\kikin_installer_1.23.14_counterstrike2d_win.crx) (?)

-- C:\Users\RIAN\AppData\Local\Google\Chrome\User Data\Default --
Preferences - default_search_provider: "Google" (Enabled: true) (?)
Preferences - homepage: hxxp://google/
Preferences - homepage_is_newtabpage: true
Plugin - Remoting Viewer (Enabled: true) (internal-remoting-viewer) (x)
Plugin - Native Client (Enabled: true) (C:\Users\RIAN\AppData\Local\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll)
Plugin - AVG Internet Security (Enabled: true) (C:\Users\RIAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll) (x)
Plugin - Windows Live\u0099 Photo Gallery (Enabled: true) (C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll)
Plugin - Unity Player (Enabled: true) (C:\Users\RIAN\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll)
Plugin - HotWheels Loader (Enabled: true) (C:\Users\RIAN\AppData\Local\sswat_hwrc_win_live\npHotWheelsLoader.dll)
Plugin - "Java" (Enabled: true)
Plugin - "Silverlight" (Enabled: true)
Plugin - "Remoting Viewer" (Enabled: true)
Plugin - "Native Client" (Enabled: true)
Plugin - "AVG Internet Security" (Enabled: true)
Plugin - "GanymedeNet.Detector" (Enabled: true)
Plugin - "Windows Live\u0099 Photo Gallery" (Enabled: true)
Plugin - "Unity Player" (Enabled: true)
Plugin - "HotWheels Loader" (Enabled: true)

========================================

**** Internet Explorer Version [8.0.6001.19154] ****

HKCU_Main|Start Page - hxxp://www.globo.com.br/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU_URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC} - "UrlSearchHook Class" (C:\Program Files\Ask.com\GenericAskToolbar.dll)
HKCU_URLSearchHooks|*{CFBFAE00-17A6-11D0-99CB-00C04FD64497} (x)
HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "Ask Search" (hxxp://websearch.ask.com/redirect?client=ie&tb=VD&o=14782&src=crm&q={searchTerms...)
HKCU_SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2} - "Ask" (hxxp://www.plusnetwork.com/s/?q={searchTerms}&iesrc={referrer:source?})
HKCU_SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e} - "Search" (hxxp://www.bigseekpro.com/search/browser/aresdestiny/{2D1B45AE-DD6F-4047-BB1D-66...)
HKCU_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2101} - "?" (?)
HKCU_SearchScopes\{AC129BF9-68BF-4bc4-A1DC-ECB62712FF99} - "kikin Search" (hxxp://search.kikin.com/search/?q={searchTerms})
HKCU_SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - "AVG Secure Search" (hxxp://search.avg.com/route/?d=4af21366&v=6.10.6.4&i=23&tp=chrome&q={searchTerms...)
HKLM_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2101} - "Search Results" (hxxp://dts.search-results.com/sr?src=ieb&appid=120&systemid=101&q={searchTerms})
HKCU_Toolbar\WebBrowser|{C55BBCD6-41AD-48AD-9953-3609C48EACC7} (x)
HKCU_Toolbar\WebBrowser|{CCC7A320-B3CA-4199-B1A6-9F516DD69829} (x)
HKCU_Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} (C:\Program Files\Ask.com\GenericAskToolbar.dll)
HKLM_Toolbar|{CCC7A320-B3CA-4199-B1A6-9F516DD69829} (x)
HKLM_Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440} (C:\Program Files\Ask.com\GenericAskToolbar.dll)
HKLM_Toolbar|{99079a25-328f-4bd4-be04-00955acaa0a7} (C:\PROGRA~1\WI9130~1\Datamngr\ToolBar\searchqudtx.dll) (x)
HKCU_ElevationPolicy\{8F8BAD52-D4D2-4669-9E8E-A7AAE8393056} - C:\Program Files\kikin\KikinBroker.exe (kikin)
HKCU_ElevationPolicy\{96EC0988-6545-4017-9D2A-01312FA6571F} - C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
HKCU_ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} - C:\Program Files\Ask.com\SaUpdate.exe (?)
HKCU_ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} - C:\Users\RIAN\AppData\Local\Google\Chrome\Application\14.0.835.202\chrome_launcher.exe (x)
HKLM_ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC} - C:\Program Files\Bandoo\BndCore.exe (Bandoo Media Inc.)
HKLM_ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2} - C:\Program Files\Orbitdownloader\orbitdm.exe (x)
HKLM_ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} - C:\Program Files\FileBulldog Toolbar\TbHelper2.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12} - C:\Program Files\Bandoo\ExtensionsManager.exe (Bandoo Media Inc.)
HKLM_ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A} - C:\Program Files\Bandoo\Bandoo.exe (Bandoo Media Inc.)
HKLM_ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} - C:\Program Files\Ask.com\SaUpdate.exe (?)
HKLM_ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080} - C:\Program Files\Bandoo\BandooUI.exe (Bandoo Media Inc.)
HKLM_Extensions\{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - "?" (?)
BHO\{99079a25-328f-4bd4-be04-00955acaa0a7} - "Searchqu Toolbar" (C:\PROGRA~1\WI9130~1\Datamngr\ToolBar\searchqudtx.dll) (x)
BHO\{C41A1C0E-EA6C-11D4-B1B8-444553540007} - "GbIehObj Class" (C:\PROGRA~1\GbPlugin\gbiehAbn.dll)
BHO\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - "Google Dictionary Compression sdch" (C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll)
BHO\{D4027C7F-154A-4066-A1AD-4243D8127440} - "?" (C:\Program Files\Ask.com\GenericAskToolbar.dll)
BHO\{E601996F-E400-41CA-804B-CD6373A7EEE2} - "kikin Plugin" (C:\Program Files\kikin\ie_kikin.dll)
BHO\{EB5CEE80-030A-4ED8-8E20-454E9C68380F} - "BandooIEPlugin Class" (C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 File(s)
C:\Program Files\Ad-Remover\Backup: 0 File(s)

C:\Ad-Report-SCAN[1].txt - 07/11/2011 10:35:26 (17951 Byte(s))

End at: 10:36:16, 07/11/2011

============== E.O.F ==============
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.19154 BrowserJavaVersion: 1.6.0_22
Run by RIAN at 0:42:58 on 2011-11-07
Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.55.1046.18.2047.1080 [GMT -2:00]
.
AV: Lavasoft Ad-Watch Live! Anti-vírus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\PROGRA~1\GbPlugin\GbpSv.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Ahead\Nero PhotoShow\data\Xtras\mssysmgr.exe
C:\Program Files\Ares\Ares.exe
C:\Users\RIAN\AppData\Local\sswat_hwrc_win_live\mattelhwrc_launcher.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\svchost.exe -k Akamai
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\FsUsbExService.Exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Bandoo\Bandoo.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Bandoo\BndCore.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conime.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page =
uStart Page = hxxp://www.globo.com.br/
uSearch Bar =
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll
uURLSearchHooks: H - No File
mURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi9130~1\datamngr\toolbar\searchqudtx.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540007} - c:\progra~1\gbplugin\gbiehAbn.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll
BHO: : {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: kikin Plugin: {e601996f-e400-41ca-804b-cd6373a7eee2} - c:\program files\kikin\ie_kikin.dll
BHO: BandooIEPlugin Class: {eb5cee80-030a-4ed8-8e20-454e9c68380f} - c:\program files\bandoo\plugins\ie\ieplugin.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: N/A: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi9130~1\datamngr\toolbar\searchqudtx.dll
TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\MMonitor.exe" -NoStart
uRun: [PhotoShow Deluxe Media Manager] c:\progra~1\ahead\neroph~1\data\xtras\mssysmgr.exe
uRun: [Google Update] "c:\users\rian\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [ares] "c:\program files\ares\Ares.exe" -h
uRun: [Mattel HWRC Launcher] c:\users\rian\appdata\local\sswat_hwrc_win_live\mattelhwrc_launcher.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Akamai NetSession Interface] c:\users\rian\appdata\local\akamai\netsession_win.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Skytel] Skytel.exe
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [NPSStartup]
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [RestartNeroSetup] "c:\users\rian\appdata\local\temp\nero web\SetupXu.exe" MODE="update" STARTMODE="2" USERSEL="3" FAMILYNAME="Nero 7" RUNSETUPXU="1" UPGRADE="1"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [NWEReboot]
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRunOnce: [*WerKernelReporting] %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
dRunOnce: [AutoLaunch] c:\program files\lavasoft\ad-aware\AutoLaunch.exe monthly
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xportar para o Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files\kikin\ie_kikin.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: DhcpNameServer = 200.222.122.132 192.168.0.1
TCP: Interfaces\{EE8527B7-7F4B-4A6A-8133-2F6CA50E5D32} : DhcpNameServer = 200.222.122.132 192.168.0.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: GbPluginAbn - c:\progra~1\gbplugin\gbiehAbn.dll
AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll
SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399007} - c:\progra~1\gbplugin\gbiehAbn.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\rian\appdata\roaming\mozilla\firefox\profiles\on68i9jd.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4af21366&v=7.008.031.001&i=23&tp=ab&iy=&ychte=us&lng=pt-BR&q=
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npganymedenet.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\zylom\zylomgamesplayer\npzylomgamesplayer.dll
FF - plugin: c:\users\rian\appdata\local\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\users\rian\appdata\local\sswat_hwrc_win_live\npHotWheelsLoader.dll
FF - plugin: c:\users\rian\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\users\rian\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\rian\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592]
R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\GbpKm.sys [2009-10-14 31080]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2011-8-11 64512]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2009-12-11 21504]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;Watchdog do AVG;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
R2 FontCache;Serviço de Cache de Fontes do Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2009-12-11 21504]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-5-11 233472]
R2 GbpSv;Gbp Service;c:\progra~1\gbplugin\GbpSv.exe [2009-11-19 54376]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-12-3 2152152]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-6-25 35088]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134736]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-5-11 36608]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\lavalys\everest ultimate edition\kerneld.wnt [2009-6-28 26224]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2010-12-3 15232]
S3 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2010-5-4 503080]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-11-07 02:42:35 -------- d-----w- c:\users\rian\appdata\local\{754B7438-F654-41AA-AB87-8A8CD62CEE98}
2011-11-07 02:42:19 -------- d-----w- c:\program files\Ad-Remover
2011-11-07 02:42:11 -------- d-----w- c:\users\rian\appdata\local\{3D9EC1CB-D94F-4709-B85C-A0C5D7E36F1C}
2011-11-07 02:33:08 -------- d-----w- C:\erunt
2011-11-07 01:10:13 -------- d-----w- c:\users\rian\appdata\local\{66C511EB-D1AB-4276-B9BF-ADE2657B1149}
2011-11-07 01:09:52 -------- d-----w- c:\users\rian\appdata\local\{94D3DDAD-F6A9-4107-A6EA-99D0B8BFC8ED}
2011-11-06 00:20:07 -------- d-----w- c:\users\rian\appdata\local\{B8611157-348A-4295-A4DA-133D4D31814C}
2011-11-06 00:19:56 -------- d-----w- c:\users\rian\appdata\local\{B9F27BAD-5FB6-434E-A335-4BE5B92B4698}
2011-11-05 22:56:27 -------- d-----w- c:\users\rian\appdata\roaming\Malwarebytes
2011-11-05 22:56:19 -------- d-----w- c:\programdata\Malwarebytes
2011-11-05 22:56:16 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-05 22:56:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-11-05 20:10:15 -------- d-----w- c:\users\rian\appdata\local\{D179B705-DE67-4673-BF85-3C7CEEAF209E}
2011-11-05 00:28:31 -------- d-----w- c:\users\rian\appdata\local\{DA12FA44-30AE-42A9-A40E-595F7E46185B}
2011-11-05 00:28:00 -------- d-----w- c:\users\rian\appdata\local\{DF29EBB7-0A21-4119-8124-B3EB0986DD8D}
2011-11-04 01:02:00 -------- d-----w- c:\users\rian\appdata\local\{B1047CB4-10E9-4041-86BF-A3DE453F2CAD}
2011-11-04 01:01:36 -------- d-----w- c:\users\rian\appdata\local\{AED9CB92-3152-4609-9318-E9275DB9971D}
2011-11-02 18:42:28 -------- d-----w- c:\program files\common files\Akamai
2011-11-02 18:07:35 -------- d-----w- c:\users\rian\appdata\local\{293ED0DC-89E3-445D-BF33-36209DC9B450}
2011-11-02 18:07:11 -------- d-----w- c:\users\rian\appdata\local\{D7B58CC5-369C-4364-8126-FAF9E737F011}
2011-11-01 16:15:25 -------- d-----w- c:\users\rian\appdata\roaming\AVG2012
2011-11-01 16:14:48 -------- d-----w- c:\programdata\AVG2012
2011-11-01 14:37:08 -------- d-----w- c:\users\rian\appdata\local\{5B214084-F767-44A0-9E03-C1221A571A5B}
2011-11-01 14:36:46 -------- d-----w- c:\users\rian\appdata\local\{70B984CA-E69D-4B35-B75E-0FDD49DE7597}
2011-10-31 15:07:23 -------- d-----w- c:\users\rian\appdata\local\{B2C462F0-C707-413F-9A0E-311EABF30C48}
2011-10-29 22:21:53 -------- d-----w- c:\users\rian\appdata\local\{32D8A3CD-E9EF-4EF6-9D56-179B2FA65222}
2011-10-29 22:21:22 -------- d-----w- c:\users\rian\appdata\local\{77D970C3-7211-4388-B160-55FC0B3076A9}
2011-10-28 12:11:06 6144 ----a-w- c:\program files\internet explorer\iecompat.dll
2011-10-28 11:57:31 -------- d-----w- c:\users\rian\appdata\local\{7FB52253-DA6B-4CBF-BDDE-B4317ADA398C}
2011-10-28 11:57:13 -------- d-----w- c:\users\rian\appdata\local\{24BCA4B3-ECCF-438B-B78E-C4A8843D1E12}
2011-10-26 22:53:56 -------- d-----w- c:\users\rian\appdata\local\{BA6AD9E7-4841-4444-835D-E8EAC786CDD3}
2011-10-26 22:53:35 -------- d-----w- c:\users\rian\appdata\local\{09377925-1584-4E64-AF1A-25411A1B90EF}
2011-10-25 01:46:44 -------- d-----w- c:\users\rian\appdata\local\{79A02548-930B-4AF8-B979-D18486AEE448}
2011-10-25 01:46:21 -------- d-----w- c:\users\rian\appdata\local\{8C186507-8949-40AC-941D-2C8FA7FFF422}
2011-10-23 20:25:48 -------- d-----w- c:\users\rian\appdata\local\{581C6359-AE9E-4ECA-B84B-D9FC89DBF3EE}
2011-10-23 20:25:28 -------- d-----w- c:\users\rian\appdata\local\{1F25E8CE-038D-43C8-B8A3-C4568BE32AF8}
2011-10-21 23:09:28 -------- d-----w- c:\users\rian\appdata\local\{20019D68-8ADF-4373-9A6A-DE895BB68325}
2011-10-21 23:09:13 -------- d-----w- c:\users\rian\appdata\local\{489771E7-3E4E-4ED1-8BA7-9FBF8591DB09}
2011-10-20 15:48:23 -------- d-----w- c:\users\rian\appdata\local\{230F890A-92C5-47DE-AFB3-152E84D17702}
2011-10-20 15:47:58 -------- d-----w- c:\users\rian\appdata\local\{6AA23029-4679-4C9A-91C6-BF8277876396}
2011-10-18 16:32:44 -------- d-----w- c:\users\rian\appdata\local\{CAA01C1F-5C2B-42A1-82CB-8F4A292531FF}
2011-10-18 16:32:17 -------- d-----w- c:\users\rian\appdata\local\{6FC04C1A-FBBE-4FA1-ADDA-2CF88C946030}
2011-10-17 13:01:01 -------- d-----w- c:\users\rian\appdata\local\{C9256A80-421B-4681-975E-BA6E8BFF5273}
2011-10-17 13:00:46 -------- d-----w- c:\users\rian\appdata\local\{491D29B9-7FFC-469C-B5C7-17CF67D8E322}
2011-10-17 00:44:15 -------- d-----w- c:\users\rian\appdata\local\{D6A067D7-8FFE-4F1C-A5E3-71A13E2FAC11}
2011-10-17 00:43:59 -------- d-----w- c:\users\rian\appdata\local\{8DBABE9A-54D9-43E4-A10A-CDF4D20ED996}
2011-10-14 19:49:46 238080 ----a-w- c:\windows\system32\oleacc.dll
2011-10-14 19:49:45 563712 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-14 19:49:45 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-10-14 19:49:45 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-10-14 18:39:31 -------- d-----w- c:\users\rian\appdata\local\{046F9F87-5A16-4D1E-8AF9-7547EE4D0218}
2011-10-14 18:39:18 -------- d-----w- c:\users\rian\appdata\local\{967C899C-4C26-4BFC-983C-FA3A55A7A58E}
2011-10-14 01:55:04 -------- d-----w- C:\9a337c7ee329ee53eaada9
2011-10-14 01:53:53 293376 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-14 01:53:52 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2011-10-14 01:53:52 217088 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-14 01:53:51 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-10-14 01:53:42 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-10-14 01:53:34 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-10-14 01:51:59 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-10-14 01:44:58 -------- d-----w- c:\users\rian\appdata\local\{78312E1C-D0E0-47C2-83D5-48825620600F}
2011-10-14 01:44:39 -------- d-----w- c:\users\rian\appdata\local\{4ED70625-F3EB-4313-BFEF-AE04E16F223A}
2011-10-12 16:47:21 -------- d-----w- c:\users\rian\appdata\local\{1EF483A8-137D-4FB4-BF23-93EA25BDD7CB}
2011-10-12 16:47:05 -------- d-----w- c:\users\rian\appdata\local\{C7397A57-0B3C-4FF2-B63A-A535E01AC42A}
2011-10-11 14:43:37 -------- d-----w- c:\users\rian\appdata\local\{5105E559-EBDF-4C60-9FED-4F795B2DF4E2}
2011-10-11 14:39:57 -------- d-----w- c:\users\rian\appdata\local\{05102829-09CB-4C61-A9B4-6DF29FF52B5C}
2011-10-10 16:28:05 -------- d-----w- c:\users\rian\appdata\local\{E9DEDB25-FB92-4DD9-83FE-58E5FD86BB1E}
2011-10-10 16:27:40 -------- d-----w- c:\users\rian\appdata\local\{697537BE-BE2F-47CF-B694-C371AA39CAC2}
2011-10-09 16:43:28 -------- d-----w- c:\users\rian\appdata\local\{3CB04C2B-76DA-4614-A26C-12F608A6CBE0}
2011-10-09 16:43:09 -------- d-----w- c:\users\rian\appdata\local\{BC84FD5B-3F6B-4298-B416-07749A2D2B52}
2011-10-08 19:45:25 -------- d-----w- c:\users\rian\appdata\local\{38CB8F78-9B58-41F6-94D7-9679701E23E5}
2011-10-08 19:45:00 -------- d-----w- c:\users\rian\appdata\local\{8F25F06B-3530-47F1-9566-F89512B52CBE}
.
==================== Find3M ====================
.
2011-10-07 08:23:48 230608 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2011-10-04 08:21:16 16720 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys
2011-10-02 23:52:10 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-30 23:06:24 916480 ----a-w- c:\windows\system32\wininet.dll
2011-09-30 23:02:06 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-09-30 23:01:34 71680 ----a-w- c:\windows\system32\iesetup.dll
2011-09-30 23:01:34 109056 ----a-w- c:\windows\system32\iesysprep.dll
2011-09-30 22:07:25 385024 ----a-w- c:\windows\system32\html.iec
2011-09-30 21:29:54 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2011-09-30 21:28:36 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-09-13 08:30:10 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2011-08-11 23:41:55 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-08-11 23:41:46 16432 ----a-w- c:\windows\system32\lsdelete.exe
2011-08-11 23:40:54 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-08-11 13:50:56 178597 ----a-w- C:\51942_bankerfix_30.exe
2010-02-10 19:18:42 2131336 ----a-w- c:\program files\common files\AskToolbarInstaller.exe
.
============= FINISH: 0:46:02,15 ===============



Olá altasena


1.
*Baixe o ERUNT e salve-o no desktop
*Crie uma pasta em C:\ chamada ERUNT e extraia para ela
*Execute o arquivo C:\ERUNT\ERUNT.exe
*Clique [OK] > [OK] > [Sim] > [OK]

2.
*Baixe o AD-Remover e salve-o no desktop
*Clique com o botão direito do mouse no AD-R e selecione "Executar como administrador", clique [Clean] > [Sim] > [OK] > [Sim]. O PC poderá ser reiniciado para a completa limpeza.
*Cole o relatório C:\Ad-Report-CLEAN[1].txt

3.
*Baixe o DDS e salve-o no desktop
*Execute-o e salve os relatórios no desktop (DDS.txt e Attach.txt)
*Cole apenas o relatório DDS.txt


  • 0

#4 wings

wings
  • Masters
  • 3.592 posts

Postado 07 novembro 2011 - 10:25

Bom dia altasena

No programa AD-Remover, você clicou em [Scan]...observe que solicitei para clicar em [Clean].

Por favor, execute novamente o AD-Remover e clique em [Clean] e cole o relatório conforme descrevi.
  • 0

#5 altasena

altasena
  • Membros
  • 58 posts

Postado 07 novembro 2011 - 19:35

Bom dia altasena

No programa AD-Remover, você clicou em [Scan]...observe que solicitei para clicar em [Clean].

Por favor, execute novamente o AD-Remover e clique em [Clean] e cole o relatório conforme descrevi.



Boa noite, desculpe-me!! Postado o novo log! Obrigado!! Abraços.
======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======

Updated by TeamXscript on 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 20:04:38 on 07/11/2011, Normal boot

Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86)
RIAN@RIAN-PC (Gigabyte Technology Co., Ltd. 945GCM-S2C)

============== ACTION(S) ==============

Service: "Bandoo Coordinator" Service stopped and deleted

File deleted: C:\Windows\system32\Tasks\Scheduled Update for Ask Toolbar
Folder deleted: C:\Users\RIAN\AppData\Roaming\Mozilla\FireFox\Profiles\c46lnu1g.default\extensions\toolbar@ask.com
File deleted: C:\Users\RIAN\AppData\Roaming\Mozilla\FireFox\Profiles\c46lnu1g.default\searchplugins\askcom.xml
Folder deleted: C:\Users\RIAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ask Search Assistant
Folder deleted: C:\Program Files\Ask Search Assistant
Folder deleted: C:\Program Files\Ask.com
Folder deleted: C:\Users\RIAN\AppData\LocalLow\AskToolbar
Folder deleted: C:\Users\RIAN\AppData\Roaming\Bandoo
Folder deleted: C:\ProgramData\Bandoo

Boa noite, desculpe-me!! Postado o novo log! Obrigado!! Abraços.
======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======

Updated by TeamXscript on 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 20:04:38 on 07/11/2011, Normal boot

Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86)
RIAN@RIAN-PC (Gigabyte Technology Co., Ltd. 945GCM-S2C)

============== ACTION(S) ==============

Service: "Bandoo Coordinator" Service stopped and deleted

File deleted: C:\Windows\system32\Tasks\Scheduled Update for Ask Toolbar
Folder deleted: C:\Users\RIAN\AppData\Roaming\Mozilla\FireFox\Profiles\c46lnu1g.default\extensions\toolbar@ask.com
File deleted: C:\Users\RIAN\AppData\Roaming\Mozilla\FireFox\Profiles\c46lnu1g.default\searchplugins\askcom.xml
Folder deleted: C:\Users\RIAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ask Search Assistant
Folder deleted: C:\Program Files\Ask Search Assistant
Folder deleted: C:\Program Files\Ask.com
Folder deleted: C:\Users\RIAN\AppData\LocalLow\AskToolbar
Folder deleted: C:\Users\RIAN\AppData\Roaming\Bandoo
Folder deleted: C:\ProgramData\Bandoo

Olá resolvi fazer novamente achei o log acima pequeno, talvez porque travou várias vezes. Fiz novamente LOg abaixo!! Grato!
======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======

Updated by TeamXscript on 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [3]) -> Launched at 20:09:25 on 07/11/2011, Normal boot

Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86)
RIAN@RIAN-PC (Gigabyte Technology Co., Ltd. 945GCM-S2C)

============== ACTION(S) ==============


Folder deleted: C:\Users\RIAN\AppData\LocalLow\Toolbar4
File deleted: C:\Users\RIAN\Downloads\BandooV7.exe

(!) -- Temporary files deleted.


Key deleted: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key deleted: HKLM\Software\Classes\CLSID\{074E4EFE-81BB-4EA4-866E-082CB0E01070}
Key deleted: HKLM\Software\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}
Key deleted: HKLM\Software\Classes\CLSID\{0CE5B352-9D9C-41E1-9551-FCCD92820217}
Key deleted: HKLM\Software\Classes\CLSID\{167B2B5F-2757-434A-BBDA-2FDB2003F14F}
Key deleted: HKLM\Software\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Key deleted: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key deleted: HKLM\Software\Classes\CLSID\{2E9A60EA-5554-49C3-BC9D-D0404DBACC62}
Key deleted: HKLM\Software\Classes\CLSID\{3E63C9BC-DD51-4E83-ABA6-B350EAD28531}
Key deleted: HKLM\Software\Classes\CLSID\{44CFFEF4-E7E1-44BD-B1F5-29F828ADA1B8}
Key deleted: HKLM\Software\Classes\CLSID\{872F3C0B-4462-424c-BB9F-74C6899B9F92}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424c-BB9F-74C6899B9F92}
Key deleted: HKLM\Software\Classes\AppID\{9C123289-82E1-4da7-A3C2-B8D28AAD114B}
Key deleted: HKLM\Software\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7}
Key deleted: HKLM\Software\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Key deleted: HKLM\Software\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Key deleted: HKLM\Software\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Key deleted: HKLM\Software\Classes\CLSID\{CE1CB632-6817-47b3-8587-D05AF75D6D5A}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47b3-8587-D05AF75D6D5A}
Key deleted: HKLM\Software\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Key deleted: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key deleted: HKLM\Software\Classes\CLSID\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Key deleted: HKLM\Software\Classes\CLSID\{EF2B6317-C367-401B-83B8-80302D6588A7}
Key deleted: HKLM\Software\Classes\CLSID\{F5379B4B-24D8-432A-9A96-BE75EE5117DB}
Key deleted: HKLM\Software\Classes\CLSID\{F7FB2BC4-6C27-4EAC-B5E2-037B71FDE101}
Key deleted: HKLM\Software\Classes\CLSID\{FD53FE35-4368-4B71-89D6-F29F3DB29DF1}
Key deleted: HKLM\Software\Classes\Interface\{115CCBAE-27B0-47C3-BA42-BAB708424393}
Key deleted: HKLM\Software\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}
Key deleted: HKLM\Software\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Key deleted: HKLM\Software\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Key deleted: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key deleted: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key deleted: HKLM\Software\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}
Key deleted: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key deleted: HKLM\Software\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Key deleted: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key deleted: HKLM\Software\Classes\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Key deleted: HKLM\Software\Classes\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA}
Key deleted: HKLM\Software\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}
Key deleted: HKLM\Software\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Key deleted: HKLM\Software\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2}
Key deleted: HKLM\Software\Classes\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
Key deleted: HKLM\Software\Classes\BandooCoordinator.BandooCoordinator
Key deleted: HKLM\Software\Classes\BandooCoordinator.BandooCoordinator.1
Key deleted: HKLM\Software\Classes\BandooCoordinator.CoordinatorUI
Key deleted: HKLM\Software\Classes\BandooCoordinator.CoordinatorUI.1
Key deleted: HKLM\Software\Classes\BandooCoordinator.HTTPAsyncResult
Key deleted: HKLM\Software\Classes\BandooCoordinator.HTTPAsyncResult.1
Key deleted: HKLM\Software\Classes\BandooCoordinator.PlugInNotifier
Key deleted: HKLM\Software\Classes\BandooCoordinator.PlugInNotifier.1
Key deleted: HKLM\Software\Classes\BandooCore.BandooCore
Key deleted: HKLM\Software\Classes\BandooCore.BandooCore.1
Key deleted: HKLM\Software\Classes\BandooCore.ResourcesMngr
Key deleted: HKLM\Software\Classes\BandooCore.ResourcesMngr.1
Key deleted: HKLM\Software\Classes\BandooCore.SettingsMngr
Key deleted: HKLM\Software\Classes\BandooCore.SettingsMngr.1
Key deleted: HKLM\Software\Classes\BandooCore.StatisticMngr
Key deleted: HKLM\Software\Classes\BandooCore.StatisticMngr.1
Key deleted: HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin
Key deleted: HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin.1
Key deleted: HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl
Key deleted: HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl.1
Key deleted: HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl
Key deleted: HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl.1
Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
Key deleted: HKLM\Software\Classes\AppID\BandooCoordinator.EXE
Key deleted: HKLM\Software\Classes\AppID\BandooCore.EXE
Key deleted: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
Key deleted: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key deleted: HKLM\Software\bandoo
Key deleted: HKCU\Software\Ask.com
Key deleted: HKCU\Software\AskSearchAsst
Key deleted: HKCU\Software\DataMngr
Key deleted: HKCU\Software\AppDataLow\AskToolbarInfo
Key deleted: HKCU\Software\AppDataLow\Software\AskToolbar
Key deleted: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2}
Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask.com Search Assistant
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ask.com Search Assistant
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Bandoo
Key deleting error: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar

Value deleted: HKCU\Software\Mozilla\Firefox\Extensions|ffox@bandoo.com
Value deleted: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC}
Value deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}
Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== ADDITIONNAL SCAN ==============

**** Mozilla Firefox Version [7.0.1 (pt-BR)] ****

Plugins\npganymedenet.dll ( )
HKCU_MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0 (x)
HKCU_MozillaPlugins\mattelinc.com/HotWheelsLoader (x)
Searchplugins\avg_igeared.xml (hxxp://search.avg.com/route/?d=4af21366&v=7.008.031.001&i=23&tp=chrome&q={searchTerms}&lng=pt-BR&iy=&ychte=us/)
Searchplugins\buscape.xml (hxxp://busca.buscape.com.br/cprocura)
Searchplugins\mercadolivre.xml (hxxp://pmstrk.mercadolivre.com.br/jm/PmsTrk)
Searchplugins\SearchResults.xml ( hxxp://dts.search-results.com/sr?src=ffb&appid=120&systemid=101&q={searchTerms}/)
Searchplugins\wikipedia-br.xml (hxxp://pt.wikipedia.org/wiki/Especial:Busca)
Searchplugins\yahoo-br.xml (hxxp://br.search.yahoo.com/search)
Components\browsercomps.dll (Mozilla Foundation)
HKLM_Extensions|{1E73965B-8B48-48be-9C8D-68B920ABC1C4} - C:\Program Files\AVG\AVG2012\Firefox4\

-- C:\Users\RIAN\AppData\Roaming\Mozilla\FireFox\Profiles\c46lnu1g.default --

========================================

**** Google Chrome Version [15.0.874.106] ****

Extension\dloejdefkancmfajekobpfoacecnhpgp (C:\Program Files\Bandoo\ChromePackage.crx) (x)
Extension\jmfkcklnlgedgbglfkkgedjfmejoahla (C:\Program Files\AVG\AVG2012\Chrome\safesearch.crx) (?)
Extension\lpkbfdhlbdkjohbhnhabfecpmcdlcmff (C:\Users\RIAN\AppData\Roaming\kikin\kikin_installer_1.23.14_counterstrike2d_win.crx) (?)

-- C:\Users\RIAN\AppData\Local\Google\Chrome\User Data\Default --
Preferences - default_search_provider: "Google" (Enabled: true) (?)
Preferences - homepage: hxxp://google/
Preferences - homepage_is_newtabpage: true
Plugin - Remoting Viewer (Enabled: true) (internal-remoting-viewer) (x)
Plugin - Native Client (Enabled: true) (C:\Users\RIAN\AppData\Local\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll)
Plugin - AVG Internet Security (Enabled: true) (C:\Users\RIAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll) (x)
Plugin - Windows Live\u0099 Photo Gallery (Enabled: true) (C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll)
Plugin - Unity Player (Enabled: true) (C:\Users\RIAN\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll)
Plugin - HotWheels Loader (Enabled: true) (C:\Users\RIAN\AppData\Local\sswat_hwrc_win_live\npHotWheelsLoader.dll)
Plugin - "Java" (Enabled: true)
Plugin - "Silverlight" (Enabled: true)
Plugin - "Remoting Viewer" (Enabled: true)
Plugin - "Native Client" (Enabled: true)
Plugin - "AVG Internet Security" (Enabled: true)
Plugin - "GanymedeNet.Detector" (Enabled: true)
Plugin - "Windows Live\u0099 Photo Gallery" (Enabled: true)
Plugin - "Unity Player" (Enabled: true)
Plugin - "HotWheels Loader" (Enabled: true)

========================================

**** Internet Explorer Version [8.0.6001.19154] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|*{CFBFAE00-17A6-11D0-99CB-00C04FD64497} (x)
HKCU_SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e} - "Search" (hxxp://www.bigseekpro.com/search/browser/aresdestiny/{2D1B45AE-DD6F-4047-BB1D-66...)
HKCU_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2101} - "?" (?)
HKCU_SearchScopes\{AC129BF9-68BF-4bc4-A1DC-ECB62712FF99} - "kikin Search" (hxxp://search.kikin.com/search/?q={searchTerms})
HKCU_SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - "AVG Secure Search" (hxxp://search.avg.com/route/?d=4af21366&v=6.10.6.4&i=23&tp=chrome&q={searchTerms...)
HKLM_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2101} - "Search Results" (hxxp://dts.search-results.com/sr?src=ieb&appid=120&systemid=101&q={searchTerms})
HKCU_Toolbar\WebBrowser|{C55BBCD6-41AD-48AD-9953-3609C48EACC7} (x)
HKCU_Toolbar\WebBrowser|{CCC7A320-B3CA-4199-B1A6-9F516DD69829} (x)
HKLM_Toolbar|{CCC7A320-B3CA-4199-B1A6-9F516DD69829} (x)
HKLM_Toolbar|{99079a25-328f-4bd4-be04-00955acaa0a7} (x)
HKCU_ElevationPolicy\{8F8BAD52-D4D2-4669-9E8E-A7AAE8393056} - C:\Program Files\kikin\KikinBroker.exe (kikin)
HKCU_ElevationPolicy\{96EC0988-6545-4017-9D2A-01312FA6571F} - C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
HKCU_ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} - C:\Users\RIAN\AppData\Local\Google\Chrome\Application\14.0.835.202\chrome_launcher.exe (x)
HKLM_ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2} - C:\Program Files\Orbitdownloader\orbitdm.exe (x)
HKLM_ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} - C:\Program Files\FileBulldog Toolbar\TbHelper2.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_Extensions\{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - "?" (?)
BHO\{C41A1C0E-EA6C-11D4-B1B8-444553540007} - "GbIehObj Class" (C:\PROGRA~1\GbPlugin\gbiehAbn.dll)
BHO\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - "Google Dictionary Compression sdch" (C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll)
BHO\{E601996F-E400-41CA-804B-CD6373A7EEE2} - "kikin Plugin" (C:\Program Files\kikin\ie_kikin.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 284 File(s)
C:\Program Files\Ad-Remover\Backup: 17 File(s)

C:\Ad-Report-CLEAN[1].txt - 07/11/2011 20:04:46 (1179 Byte(s))
C:\Ad-Report-CLEAN[2].txt - 07/11/2011 20:07:40 (635 Byte(s))
C:\Ad-Report-CLEAN[3].txt - 07/11/2011 20:09:29 (15926 Byte(s))
C:\Ad-Report-SCAN[1].txt - 07/11/2011 10:35:26 (18090 Byte(s))

End at: 20:10:36, 07/11/2011

============== E.O.F ==============
  • 0

#6 wings

wings
  • Masters
  • 3.592 posts

Postado 07 novembro 2011 - 21:46

1.
*Execute o AD-Remover e clique [Uninstall] > [Não] > [Close]
*Delete a pasta C:\Arquivos de programas\Ad-Remover
*Delete o arquivo C:\Ad-Report-CLEAN[1].txt

2.
*Delete o DDS e seus rtelatórios

3.
*Baixe o ATF Cleaner
*Execute-o e selecione: Select All
*Clique [Empty Selected]
*Feche o programa

4.
*Baixe o PureRa
*Extraia para uma pasta
*Execute-o, clique [Next], selecione a opção [X]Check All e clique [Clean]
*Ao finalizar, clique [Exit]

Informe como está o PC.
  • 0

#7 altasena

altasena
  • Membros
  • 58 posts

Postado 08 novembro 2011 - 20:55

1.
*Execute o AD-Remover e clique [Uninstall] > [Não] > [Close]
*Delete a pasta C:\Arquivos de programas\Ad-Remover
*Delete o arquivo C:\Ad-Report-CLEAN[1].txt

2.
*Delete o DDS e seus rtelatórios

3.
*Baixe o ATF Cleaner
*Execute-o e selecione: Select All
*Clique [Empty Selected]
*Feche o programa

4.
*Baixe o PureRa
*Extraia para uma pasta
*Execute-o, clique [Next], selecione a opção [X]Check All e clique [Clean]
*Ao finalizar, clique [Exit]

Informe como está o PC.

Boa noite, muito obrigado pela atenção!! Sinto lhe informar que continua lento , demorando quando liga , quando reinicia também, e acontece muito de dar este programa não esta respondendo. Grato.Um abraço
  • 0

#8 wings

wings
  • Masters
  • 3.592 posts

Postado 08 novembro 2011 - 21:52

1.
*Delete o arquivo C:\PureRa.txt

2.
*Baixe e instale o MalwareBytes
*Aguarde a atualização e o programa será aberto automaticamente
*Na aba [Verificação], selecione [Verificação completa]
*Clique [Verificar] e selecione a partição onde o Windows está instalado
*Ao finalizar o scan, clique [SIM] > [OK] > [Ver Resultados] > [Remover Selecionados]
*Cole o relatório apresentado

Caso já tenhas o Malwarebytes instalado....

*Execute-o, clique [Atualização] > [Baixar Atualizações]
*Na aba [Verificação], selecione Verificação completa
*Clique [Verificar] e selecione a partição onde o Windows está instalado
*Ao término, clique [SIM] > [OK] > [Ver Resultados] > [Remover Selecionados]
*Cole o relatório apresentado
  • 0

#9 altasena

altasena
  • Membros
  • 58 posts

Postado 10 novembro 2011 - 16:42

1.
*Delete o arquivo C:\PureRa.txt

2.
*Baixe e instale o MalwareBytes
*Aguarde a atualização e o programa será aberto automaticamente
*Na aba [Verificação], selecione [Verificação completa]
*Clique [Verificar] e selecione a partição onde o Windows está instalado
*Ao finalizar o scan, clique [SIM] > [OK] > [Ver Resultados] > [Remover Selecionados]
*Cole o relatório apresentado

Caso já tenhas o Malwarebytes instalado....

*Execute-o, clique [Atualização] > [Baixar Atualizações]
*Na aba [Verificação], selecione Verificação completa
*Clique [Verificar] e selecione a partição onde o Windows está instalado
*Ao término, clique [SIM] > [OK] > [Ver Resultados] > [Remover Selecionados]
*Cole o relatório apresentado

Boa noite , desculpe não ter respondido antes! Fiz e relatório abaixo!Grato pela atenção! Abraço!
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Versão da Base de Dados: 8132

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19154

10/11/2011 16:12:54
mbam-log-2011-11-10 (16-12-54).txt

Tipo de Verificação: Verificação Completa (C:\|)
Objetos escaneados: 351877
Tempo decorrido: 1 hora(s), 44 minuto(s), 6 segundo(s)

Processos de Memória Infectados: 0
Módulos de Memória Infectados: 0
Chaves de Registro Infectadas: 0
Valores de Registro Infectados: 0
Itens de Dados no Registro Infectados: 0
Pastas Infectadas: 0
Arquivos Infectados: 0

Processos de Memória Infectados:
(Não foram detectados ítens maliciosos)

Módulos de Memória Infectados:
(Não foram detectados ítens maliciosos)

Chaves de Registro Infectadas:
(Não foram detectados ítens maliciosos)

Valores de Registro Infectados:
(Não foram detectados ítens maliciosos)

Itens de Dados no Registro Infectados:
(Não foram detectados ítens maliciosos)

Pastas Infectadas:
(Não foram detectados ítens maliciosos)

Arquivos Infectados:
(Não foram detectados ítens maliciosos)
  • 0

#10 wings

wings
  • Masters
  • 3.592 posts

Postado 10 novembro 2011 - 18:19

1.
*Baixe o AdwCleaner e salve-o no desktop

Obs. Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar: Imagem postada

*Execute-o e clique [Supression]
*Cole o relatório apresentado

2.
*Baixe o Kaspersky Virus Removal Tool Versão 11 e salve-o no desktop

*Execute-o e clique no botão Imagem postada

*Selecione: Meu computador

*Clique Imagem postada

*Clique [Start scanning]

*Durante o scan, janelas surgirão. Nas janelas como a abaixo, não faça nada.

Imagem postada

*Caso encontre algo, selecione Apply to all objects e clique [Skip]


Imagem postada

Imagem postada


*Ao término, clique Imagem postada


*Clique Detected threats > [Save] e salve no desktop como log.txt

*Cole o relatório log.txt salvo no desktop

3.
*Dê uma lida nestes links:

http://www.travou.co...lo-mais-rapido/
http://windows.micro...ter-performance
http://www.superdica...ais-rapido.html
  • 0

#11 altasena

altasena
  • Membros
  • 58 posts

Postado 11 novembro 2011 - 17:58

1.
*Baixe o AdwCleaner e salve-o no desktop

Obs. Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar: Imagem postada

*Execute-o e clique [Supression]
*Cole o relatório apresentado

2.
*Baixe o Kaspersky Virus Removal Tool Versão 11 e salve-o no desktop

*Execute-o e clique no botão Imagem postada

*Selecione: Meu computador

*Clique Imagem postada

*Clique [Start scanning]

*Durante o scan, janelas surgirão. Nas janelas como a abaixo, não faça nada.

Imagem postada

*Caso encontre algo, selecione Apply to all objects e clique [Skip]


Imagem postada

Imagem postada


*Ao término, clique Imagem postada


*Clique Detected threats > [Save] e salve no desktop como log.txt

*Cole o relatório log.txt salvo no desktop

3.
*Dê uma lida nestes links:

http://www.travou.co...lo-mais-rapido/
http://windows.micro...ter-performance
http://www.superdica...ais-rapido.html

Olá boa noite, não foi possivel fz o Adwcleaner pois dá erro line 4544 mesmo como administrador. Fiz o outro , log abaixo,dei uma lida nos links , a maioria dos itens já conhecia e já fiz, muito obrigado pelas dicas!! Grato!
Status: Deleted (events: 1)
11/11/2011 16:40:44 Deleted Trojan program Trojan-Downloader.WMA.FakeDRM.bb C:\Documents and Settings\RIAN\Desktop\My Shared Folder\chora me liga emplora pelo meu amor (good).wma High
  • 0

#12 wings

wings
  • Masters
  • 3.592 posts

Postado 11 novembro 2011 - 18:08

Realmente, não há relação com malwares.

Informe se o PC melhorou. Caso contrário, estas lentidões costumam ser comuns no Vista.

1.
*Execute o AdwCleaner e clique [Désinstallation] > [Sim]

2.
*Delete o arquivo setup do Kaspersky e o relatório salvo no desktop
  • 0

#13 altasena

altasena
  • Membros
  • 58 posts

Postado 11 novembro 2011 - 22:03

Boa noite,o pc melhorou sim, retirei alguns programas , li alguns arquivos sobre o vista e acho que agora ele está normal!!! Gostaria de agradecer muito a sua ajuda e sua dedicação!! Um bom final de semana p/ ti!! Abraços! :joia:
  • 0

#14 wings

wings
  • Masters
  • 3.592 posts

Postado 11 novembro 2011 - 22:35

PROBLEMA RESOLVIDO

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.
  • 0




Publicidade

/ins>