Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

rehcarlos

[Resolvido] Jollywallet e outros problemas no browser

Recommended Posts

Fala pessoal blz? To tendo uns problemas de anuncios aparecendo aqui no browser (Jollywallet por exemplo). Eu usei o MBAM, Junkware Removal Tool, ADWCleaner, CCleaner e nada (melhorou vários outros aspectos, mas o fera Jollywallet segue alive!)

 

Log do Hijackthis:

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:42:48, on 12/09/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\PROGRA~2\GbPlugin\GbpSv.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
C:\Program Files (x86)\Dell Backup and Recovery\COMPONENTS\DBRUPDATE\DBRUPD.EXE
C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: www.bancobrasil.com.br
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: www.bb.com.br
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @oem1.inf,%AEFilters.SvcDesc%;Andrea Cirrus Logic Filters Service (AECLFilters) - Unknown owner - C:\windows\system32\AECLSr64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Unknown owner - C:\windows\system32\AdminService.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Cirrus Audio Service (CirrusAudioService) - Cirrus Logic - c:\Program Files\Cirrus Logic Audio Panel\Cirrvus.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Tecnologia de armazenamento Intel® Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater15.5.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9706 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Tarde! rehcarlos

 

> Baixe: < AdwCleaner_Logo2_zps580bcd78.jpg > ( ... par Xplode )

> Ao acessar,clique em "Download Now".
> Salve-o no desktop!

< Executar_Administrador.jpg >

> Clique direito em adwcleaner.exe,e escolha sua execução como administrador.

AdwCleaner_Examinar_zps828ed634.jpg

> Ps: Dê início ao scan,clicando em "Examinar".

AdwCleaner_Limpar_zps06005ae9.jpg

> Ao concluir,clique "Limpar" >> Ok >> Ok >> Ok.
> Copie o log ou clique "Relatório".
> Poste: < C:\AdwCleaner\AdwCleaner[s0].txt >

> Baixe: < ZHPDiag2.exe > < NicolasCoolman.jpg > ( ... de Nicolas Coolman )
> Ou aqui! << Link!
> Salve-o no disco local! ( C ou D )
> Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta.

ZHPDiag_Pergaminho2_zps6e758639.jpg

> Execute o ícone do pergaminho. ( ZHPDiag )

ZHPDiagCompleta_zpse85ea35b.jpg

> Clique "COMPLETA" e aguarde a conclusão!
> Clique OK e,ao concluir,poste o relatório! ( ZHPDiag.txt )
> Ps: Como o log será extenso,envie-o à Pjjoint.malekal.

> Ou acesse: < Cjoint_Logo.jpg >

> Maiores informações: < |Link| > << Hospedagem!
>
> Ou |aqui!| << Em myfile.tk

A+

Compartilhar este post


Link para o post
Compartilhar em outros sites

# AdwCleaner v3.310 - Relatório criado 12/09/2014 às 16:45:31
# Atualizado 12/09/2014 por Xplode
# Sistema Operacional : Windows 8 Single Language (64 bits)
# Usuário : Fernando - FERNANDO
# Executando de : C:\Users\Fernando\Desktop\adwcleaner_3.310.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****


***** [ Tarefas ] *****


***** [ Atalhos ] *****


***** [ Registro ] *****


***** [ Navegadores ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v31.0 (x86 pt-BR)

[ Arquivo : C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\bsk5ff8r.default-1377563872681\prefs.js ]


-\\ Google Chrome v37.0.2062.120

[ Arquivo : C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [28521 octets] - [26/08/2013 21:25:07]
AdwCleaner[R1].txt - [30852 octets] - [12/09/2014 09:50:15]
AdwCleaner[R2].txt - [1538 octets] - [12/09/2014 11:27:26]
AdwCleaner[R3].txt - [1322 octets] - [12/09/2014 16:44:02]
AdwCleaner[s0].txt - [28957 octets] - [26/08/2013 21:26:50]
AdwCleaner[s1].txt - [29927 octets] - [12/09/2014 09:52:06]
AdwCleaner[s2].txt - [1584 octets] - [12/09/2014 11:28:43]
AdwCleaner[s3].txt - [1240 octets] - [12/09/2014 16:45:31]

########## EOF - C:\AdwCleaner\AdwCleaner[s3].txt - [1300 octets] ##########

http://cjoint.com/?DImwjCrYuS4

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! rehcarlos

> Execute este script na ferramenta ZHPFix.
> Selecione e copie estas informações que estão em vermelho,para o Bloco de Notas.
> Com o Bloco de Notas aberto,faça: ctrl+a >> ctrl+c ( Selecionar e Copiar )
> À seguir,minimize o Bloco de Notas.

Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyCLSID
EmptyTemp
EmptyFlash
[MD5.DEA3132C462938CADDC91D1FC5857B30] [APT] [bho_update] (...) -- C:\Program Files (x86)\Internet Explorer\Updater.exe [9216]
[MD5.00000000000000000000000000000000] [APT] [{3C30C207-1DE8-448A-8695-1B3B26DFDD39}] (...) -- C:\windows\system32\MarineAquariumLite.scr -d C:\windows\system32 -c \S (.not file.) [0]
[MD5.6E0BB5B9C845CDC764B2998FE612F73E] [sPRF][17/06/2014] (.No owner - Setup/Uninstall.) -- C:\Users\Fernando\AppData\Roaming\unins000.exe [815314]
[HKCU\Software\AppDataLow\Software\MarineAquarium3Free_57]
[HKCU\Software\MarineAquarium3Free_57]
[HKLM\Software\Wow6432Node\MarineAquarium3Free_57]
O4 - GS\QuickLaunch [Fernando]: Marine Aquarium Lite.lnk . (.SereneScreen - MarineAquariumFree.) -- C:\Windows\System32\MarineAquariumLite.scr
O41 - Driver: (Bfilter) . (. - .) - C:\windows\system32\drivers\Bfilter.sys (.not file.)
O41 - Driver: (Bfmon) . (. - .) - C:\windows\system32\drivers\Bfmon.sys (.not file.)
O41 - Driver: (Bnbase) . (. - .) - C:\Windows\System32\drivers\bnba---64.sys (.not file.)
O41 - Driver: (Bndef) . (. - .) - C:\windows\system32\drivers\bndef64.sys (.not file.)
O41 - Driver: (Bprotect) . (. - .) - C:\windows\system32\drivers\Bprotect.sys (.not file.)
O43 - CFD: 26/08/2013 - 20:36:06 - [] ----D C:\Program Files (x86)\Spybot - Search & Destroy
O43 - CFD: 11/09/2014 - 23:15:37 - [] ----D C:\ProgramData\Spybot - Search & Destroy
O45 - LFCP:[MD5.A468508EA51792F2376E9FABB20A382B] - 12/09/2014 - 09:45:09 ---A- - C:\Windows\Prefetch\MARINEAQUARIUMLITE.SCR-C04CAC78.pf
O45 - LFCP:[MD5.B552C882BC0828FE78D0E2750CE52579] - 17/06/2013 - 23:46:07 ---A- - C:\Windows\Prefetch\PRICEPEEP_1.EXE-7FEE9EDD.pf
O45 - LFCP:[MD5.066F36FCE857EFB368A60D463A342536] - 12/09/2014 - 09:54:14 ---A- - C:\Windows\Prefetch\SMARTERPOWER.BROWSERADAPTER.E-CD08B646.pf
O45 - LFCP:[MD5.DE1F2E2E995553AC762C01296B7FE8AA] - 12/09/2014 - 09:54:14 ---A- - C:\Windows\Prefetch\SMARTERPOWER.BROWSERADAPTER64-B03CD8C8.pf
O45 - LFCP:[MD5.7A58C5413BD596FE0EEAC6073FFEA3F4] - 11/09/2014 - 22:59:00 ---A- - C:\Windows\Prefetch\SMARTERPOWER.BRT.HELPER.EXE-56D1D3AB.pf
O45 - LFCP:[MD5.3791EA9F2E70C7421369ABF4466489A0] - 12/09/2014 - 09:27:38 ---A- - C:\Windows\Prefetch\SMARTERPOWER.PURBROWSE64.EXE-15B1ED34.pf
O45 - LFCP:[MD5.4E5B32274E0D3FF107D9F74EC4F90A01] - 12/09/2014 - 09:22:11 ---A- - C:\Windows\Prefetch\UPDATESMARTERPOWER.EXE-3E5F3E65.pf
O45 - LFCP:[MD5.C0014CEAE8CB440C328DAF9230BF08D9] - 12/09/2014 - 09:22:25 ---A- - C:\Windows\Prefetch\UTILSMARTERPOWER.EXE-0052ACED.pf
O61 - LFC: 12/09/2014 - 16:55:11 ---A- . (...) -- C:\Users\Fernando\AppData\Local\Temp\Quarantine.exe [377099]
O90 - PUC: "298F139EA89018C4D8DE0431BDE9B396" . (.Iminent.) -- C:\windows\Installer\{E931F892-098A-4C81-8DED-4013DB9E3B69}\imbooster.ico
C:\Program Files (x86)\MarineAquarium3Free_57
C:\Users\Fernando\AppData\Local\MarineAquarium3Free_57
ServiceStop:Bfilter
ServiceStop:Bfmon
ServiceStop:Bnbase
ServiceStop:Bndef
ServiceStop:Bprotect

 

> Abra a ferramenta ZHPFix. < ZHPFix_logo2_zpsea0f2aa4.jpg >
> Clique IMPORTAÇÃO >> OK.
> Ps: Antes de clicar "OK",verifique se informações estranhas ao script,são adicionadas ao campo.
> Clique "GO".
> Poste o relatório!

A+

Compartilhar este post


Link para o post
Compartilhar em outros sites

Rapport de ZHPFix 2014.8.3.6 par Nicolas Coolman, Update du 03/08/2014
Fichier d'export Registre :
Run by Fernando at 12/09/2014 22:54:55
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit (Build 9200)

Reciclagem vazia (00mn 09s)
Prefetcher vazio

========== Estado dos serviços ==========
Bfilter Parado
Bfmon Parado
Bnbase Parado
Bndef Parado
Bprotect Parado

========== Chaves do Registo ==========
ELIMINÉ: HKCU\Software\AppDataLow\Software\MarineAquarium3Free_57
ELIMINÉ: HKCU\Software\MarineAquarium3Free_57
ELIMINÉ: HKLM\Software\Wow6432Node\MarineAquarium3Free_57
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bnbase
ELIMINÉ Driver Key: Bndef
ELIMINÉ Driver Key: Bprotect
ELIMINÉ: [HKLM\Software\Classes\Installer\Products\\298F139EA89018C4D8DE0431BDE9B396]
ELIMINÉ: [HKLM\Software\Classes\Installer\Features\298F139EA89018C4D8DE0431BDE9B396]

========== Valores do Registo ==========
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :
ELIMINÉ: FirewallRaz (Domain) : {808F1451-4108-46FD-ADBB-F17324B5F0BD}
ELIMINÉ: FirewallRaz (Domain) : {E7985E1D-C36F-4787-80A8-6350D07E9266}
ELIMINÉ: FirewallRaz (Domain) : NetPres-In-TCP-NoScope
ELIMINÉ: FirewallRaz (Domain) : NetPres-Out-TCP-NoScope
ELIMINÉ: FirewallRaz (None) : NetPres-WSD-In-UDP
ELIMINÉ: FirewallRaz (None) : NetPres-WSD-Out-UDP
ELIMINÉ: FirewallRaz (Public) : NetPres-In-TCP
ELIMINÉ: FirewallRaz (Public) : NetPres-Out-TCP
ELIMINÉ: FirewallRaz (None) : MCX-Prov-Out-TCP
ELIMINÉ: FirewallRaz (None) : MCX-McrMgr-Out-TCP
ELIMINÉ: FirewallRaz (None) : {BB0C4636-86F4-453A-A0B3-B93EFE7579CC}
ELIMINÉ: FirewallRaz (None) : {B5197B38-36F5-4BBC-8316-62286E9C5BB4}
ELIMINÉ: FirewallRaz (None) : {61409005-663E-40E6-8C2C-2BCE2D2DADD0}
ELIMINÉ: FirewallRaz (None) : {65BA109C-932C-44F8-8547-0788F6D385E8}
ELIMINÉ: FirewallRaz (None) : {37F766C0-B0E3-4CFE-AE22-37D5800C6E94}
ELIMINÉ: FirewallRaz (None) : {81005706-66E2-475C-8ED9-3389939D39D0}
ELIMINÉ: FirewallRaz (Private) : {A01A1D24-338B-4659-A12B-85040C3791C0}
ELIMINÉ: FirewallRaz (Private) : {64EE4D80-A739-4C46-BC2C-DE57704AB842}
ELIMINÉ: FirewallRaz (Private) : TCP Query User{FA5EF54F-A02E-42AC-AEF1-898CD60D9E6C}C:\users\fernando\desktop\7.days.to.die.alpha.5.steam.edition.fixed-3dm\7 days to die\7daystodie.exe
ELIMINÉ: FirewallRaz (Private) : UDP Query User{07899801-2B7F-4D1A-A4E2-6775614415A4}C:\users\fernando\desktop\7.days.to.die.alpha.5.steam.edition.fixed-3dm\7 days to die\7daystodie.exe
ELIMINÉ: FirewallRaz (None) : {85CAC4C3-A67D-4C11-B099-7B09BE1639C3}
ELIMINÉ: FirewallRaz (Private) : {538F6A28-CDD3-4FC9-8BFF-FAD3C5C3FEBA}
ELIMINÉ: FirewallRaz (Private) : {9CA818CC-0624-4C57-8B80-F9C1512E0C88}
ELIMINÉ: FirewallRaz (Public) : {D9359CBB-B638-4C68-879A-C62476FBFBDF}
ELIMINÉ: FirewallRaz (Public) : {159988B4-89F6-4F4E-B4D7-D5C30B0AE7C1}

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
ELIMINÉ Temporários windows (0)
ELIMINÉ Flash Cookies (0)
ELIMINÉ: C:\Program Files (x86)\Spybot - Search & Destroy
ELIMINÉ: C:\ProgramData\Spybot - Search & Destroy
ELIMINÉ: c:\program files (x86)\marineaquarium3free_57
ELIMINÉ: c:\users\fernando\appdata\local\marineaquarium3free_57

========== Ficheiros ==========
ELIMINÉ Temporários windows (0) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
ELIMINÉ: c:\users\fernando\appdata\roaming\microsoft\internet explorer\quick launch\marine aquarium lite.lnk
ELIMINA REINICIAR: c:\windows\system32\marineaquariumlite.scr
ELIMINÉ: c:\windows\prefetch\marineaquariumlite.scr-c04cac78.pf
ELIMINÉ: c:\windows\prefetch\pricepeep_1.exe-7fee9edd.pf
ELIMINÉ: c:\windows\prefetch\smarterpower.browseradapter.e-cd08b646.pf
ELIMINÉ: c:\windows\prefetch\smarterpower.browseradapter64-b03cd8c8.pf
ELIMINÉ: c:\windows\prefetch\smarterpower.brt.helper.exe-56d1d3ab.pf
ELIMINÉ: c:\windows\prefetch\smarterpower.purbrowse64.exe-15b1ed34.pf
ELIMINÉ: c:\windows\prefetch\updatesmarterpower.exe-3e5f3e65.pf
ELIMINÉ: c:\windows\prefetch\utilsmarterpower.exe-0052aced.pf

========== Tarefa planificada ==========
ELIMINÉ: bho_update
ELIMINÉ: {3C30C207-1DE8-448A-8695-1B3B26DFDD39}


========== Recapitulativo ==========
10 : Chaves do Registo
27 : Valores do Registo
7 : Pastas
12 : Ficheiros
5 : Estado dos serviços
2 : Tarefa planificada


End of clean in 00mn 50s

========== Caminho do ficheiro do relatório ==========
C:\Users\Fernando\AppData\Roaming\ZHP\ZHPFix[R1].txt - 12/09/2014 22:55:07 [4462]

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! rehcarlos

 

|- Baixe: < Adware Removal Tool > ( ... by techsupportall.com )
|- Salve-a no desktop!

 

AdwareRemovalTool_Logo_zpsbb2fdbf0.jpg

 

|- Execute o arquivo Adware-Removal-Tool-v3.5.exe <<

 

AdwareRemovalTool_Scan_zps8096f94f.jpg

 

|- Dê início a verificação,clicando em Scan.

 

AdwareRemovalTool_Ok_zps3849c402.jpg

 

|- Ao concluir seu prescan,clique OK.
|- Ps: Cada guia irá mostrar o que será removido!

 

AdwareRemovalTool_Results_zps5b21f2d7.jp

 

|- Clique "Next" >> Aguarde!

 

< Computador >> Windows (C:) >> Program Files >> Adware-Removal-Tool >> Reports >> Repair_Logs_2014_09_dia_h_min_seg.txt <<

|- Poste o relatório!

|- Informe se o malware,ainda,permanece!

 

Abs!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Oi DigRam, segue log do AdwareRemoval:

 

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Adware Removal Tool v3.9
Time: 2014_09_15_15_33_58
OS: Windows 8 - 64 Bit
Account Name: Fernando
U0L0S18

\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\

Deleted - Folder - C:\ProgramData\Baidu Security\PC Faster
Deleted - Folder - C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._5730c780da4223b656975cf699658bf5ef42fb_37805c1a
Deleted - Folder - C:\Users\Fernando\Appdata\Roaming\Baidu Security\PC Faster
Deleted - Folder - C:\Users\Fernando\Appdata\Roaming\Baidu Security\PC Faster\3.6.0.35848\Uninstall\Baidu PC Faster Uninstall
Deleted - Folder - C:\Users\Fernando\Appdata\Roaming\Baidu Security\PC Faster\3.6.0.35848\Uninstall\Baidu PC Faster Uninstall HK
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:masterclsid
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}:dllname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\TypedURLs:url44
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2EECD738-5844-4A99-B4B6-146BF802613B}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{472734EA-242A-422B-ADF8-83D1E48CC825}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{98889811-442D-49DD-99D7-DC866BE87DBC}

\\ Finished

Acredito que o malware tenha sido deletado pois os anúncios desapareceram e as pop-ups também.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Tarde! rehcarlos

 

> Vamos remover as ferramentas que foram empregadas.

 

-/-

 

> Baixe: |DelFix| ( ... de Xplode )

 

DelFix_Download_zpsb5d944c7.jpg

 

> Estando na página,clique em Download Now.
> Salve-a em um local conveniente! ( desktop! )
> Feche aplicativos que estejam abertos.

 

DelFix_Executar_zpsd62f8dcc.jpg

 

> Com as caixinhas marcadas,clique Executar!

> Tudo Ok?

 

A+

Compartilhar este post


Link para o post
Compartilhar em outros sites

PROBLEMA RESOLVIDO

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.