Usamos cookies para medir audiência e melhorar sua experiência. Você pode aceitar ou recusar a qualquer momento. Veja sobre o iMasters.
Olá queridos amigos do imasters,
Envio para vocês o log do meu computador. Não está acontecendo nada de muito grave, só quero saber se realmente está tudo bem quanto parece, rs.
Vocês já me ajudaram outras vezes em outro computador, por isso retorno para saber a opinião e conselho de vocês.
Ultimamente uso o antivirus McAfee. Uso também o Cccleaner e o MV regclean. Não tenho instalado o desfragmentador e nem um programa anti spy. Vocês me recomendam usar?
Agradeço desde já,
Manoela
LOG HIJACKTHIS:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:42:21, on 22/10/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
C:\Hijack this\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/5
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2475029
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
R3 - URLSearchHook: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110511184201.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Manoela Maia\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files (x86)\Velocidade Do PC\PCSpeedUp.lnk
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O8 - Extra context menu item: Enviar imagem para Dispositivo &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Enviar página para Dispositivo &Bluetooth ... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Enviar para Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Enviar para Dispositivo &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: McAfee Application Installer Cleanup (0228081292633325) (0228081292633325mcinstcleanup) - - (no file)
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Serviço de estado do ASP.NET (aspnet_state) - Unknown owner - (no file)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Serviço Personal Firewall (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - (no file)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\SysWOW64\rpcnet.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\STacSV64.exe
O23 - Service: TurboBoost - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: DW WLAN Tray Service (wltrysvc) - Dell Inc. - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: WMPNetworkSvc - Unknown owner - (no file)
--
End of file - 13668 bytes
Olá,
desculpe a ignorância, mas você poderia me explicar o que esse programa AD remover irá fazer?!
Agradeço,
Manoela
>
Olá Manoela
1.
*Execute o hijack, clique em [Do a system scan only], selecione as entradas abaixo e clique [Fix checked]
R3 - URLSearchHook: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
*Feche o hijack
2.
*Baixe o AD-Remover e salve-o no desktop
*Clique com o botão direito no AD-R.exe e selecione "Executar como administrador", clique [Clean] > [sim] > [OK] > [sim]. O PC poderá ser reiniciado para a completa limpeza.
*Cole o relatório C:\Ad-Report-CLEAN[1].txt
Olá,desculpe a ignorância, mas você poderia me explicar o que esse programa AD remover irá fazer?!
Agradeço,
Manoela
Desculpe me intrometer no tópico, pois não é minha área, mais pelo que li Manoela, é uma Ferramenta francesa criada por Chiquitine29, C_XX e Chimay8 que visa a remoção de diversos adwares e toolbars maliciosas..
Lista de alguns adwares e toolbars maliciosas removidos pelo Ad-Remover:
180 solutions
180SearchAssistant
180solutions
21Nova Casino
2ACA5CC3-0F83-453D-A079-1076FE1A8B65
2M Games\Free Tetris
888poker.net
AAAScreenSavers_WhenUSaveNow_Installer
AbsoluCasino
AcezSoftware_WhenUSaveNow_Installer
AD ON Multimedia
Adparatus
Adssite Advanced Toolbar
Adssite Games Collection
AdvancedBrowserShoppingTips
AdVantage
Adzgalore Games Collection
aedgency
Agence Exclusive
AGI
alot
Application Updater
AresP2P_WhenUSave_Installer
AsesoftNet iToolbar
Ask & Record Toolbar
Ask Search Assistant
Ask.com
AskBar
AskBarDis
AskBarFr
AskPBar
AskSBar
AskSearch
AskTBar
AskToolbar
AstuteSoftware_WhenUSaveNow_Installer
AutocompletePro
Automated Content Enhancer
AwesomeBestShoppingTipsProgram
baidu
Bandoo
bardiscover
BarQuery
Barre d'outils Crawler
BestShoppingTipsEver
BestShoppingTipsProgram
Best-Softs
BestWayToShop
BetterBrowsingExperienceTool
BetterShoppingExperienceTool
bfgtoolbar
BigSeekPro Toolbar
Bingo Day
BrowserQuery
BrowserQuest
Browserseek
BrowserZinc
BrowsingAdvisor
BrowsingEnhancer
BrowsingSoftware
browsingtool
BSplayer_WhenUSave_Installer
Burn4Free Toolbar
CashOn
Casino-On-Net
Casino Del Rio
Casino Elegance
Casino King
Casino Lux
Casino Nederland
Casino Tropez
Casino.com
Casino.com Poker
Casino770
CasinoOnNet
Cirrus pound Casino
ClearlyBetterShoppingExperienceTool
ClickPotato
ClickPotatoLite
ClickPotatoLiteSA
Cliprex_WhenUSave_Installer
CloverPlus
Conduit
ConduitEngine
Content Management Wizard
ContextAdvisor
contexttool
CrackSearch
Crawler
Crawler Toolbar
CursorCafe
Customized Platform Advancer
DaemonTools_WhenUSave_Installer
DaemonTools_WhenUSaveNow_Installer
dbar
Dcads Advanced Toolbar
Dcads Games Collection
dealassistant
Dealio
Dealio Toolbar
Deenero
Deskbar
DesktopFun
DesktopFun Toolbar
DesktopIcon
DomainDecoder
DoubleD
Dynamic Toolbar
Dynamic Toolbar 4 Pro Trial
EasySearch
ecobar
EgoADS
EmpirePoker
EmpirePokerMaster
EoRezo
EUcasino
Eurobarre
Europa Casino
EvenMoreGenerousAdsForYou
EvenMoreMegaSwellAdsForYou
Everest Casino
Everest Poker
ExcellentAdvisorPop
Excite
ExpertEnhancer
ExtremelyFairBrowsingHelper
ezLife
Ezthemes_WhenUSaveNow_Installer
Ezthemes_WhenUSaveNowCrunch_Installer
Fair Poker
FairBrowsingHelper
Family Toolbar
Fast Browser Search
FBrowserAdvisor
FBrowsingAdvisor
FBSearch Toolbar
FileSharingRevolution_WhenUSaveNow_Installer
FileSubmit
Find Basic
findbasic
FissaSearch
Flamingo Club Casino
FLV Direct Player
freeTVRadio
FreeVideoMaster
Fun Web Products
FunkyEmoticons
FunPopupAdsForYou
FunWebProducts
GabPath
Games-Attack
Games\888poker.net
GamesBar
Gameztar Toolbar
GamiePlay Toolbar
GenerousAdsForYou
GetModule
Gigablast
Golden Casino
Golden Palace Casino
Golden Riviera Casino
GoldenCasino
GoSing_WhenUSave_Installer
GrandVirtual\Casino Nederland
GreatAdsForYou
gtsrp
GV AbsoluCasino
GV Luxe
HandyInternetAdvice
HappyQuickPop
HBLite
HBLiteSA
HbTools
HelpfulBrowserAddition
HelpfulTipsToSave
HighQualityAds
Horizonads Games Collection
Hotbar
HotbarSA
HottieStar Toolbar
I-Tori
icheck
IEToolbar
ILoveThisAdPlatform
iMesh
iMesh Applications
iMeshMediabarTb
IncomparableDealsAdviser
IndisputablyBetterBrowsingExperienceTool
InferiorBrandingSystem
InstallPedia
InstallShield Installation Information\{8EF1FB4F-5C75-4B9E-B55E-061465DD05E0}
Internet Optimizer
Internet Saving Optimizer
Internet Today
InternetGameBox
InternetProgram
intothemap CP
IST
Its Label
ItsLabel
Jackpot Capital
KapowPop
Keenfinder
Kiwee Toolbar
Kiwee Toolbar2
kwanzy
kwinzy
kwinzysearchK
KwinzySrch
Letmin
live-player
Lphant_WhenUSave_Installer
Luxe
M3Development_WhenUSave_Installer
Magic Box Casino
MailSkinner
Media Access Startup
MegaSwellAdsForYou
MessengerSkinner
Milehighads Games Collection
Montorgueil
MoreRelevantAdvertisingProgram
MSearch
My Speedy Alert
My.Freeze.com Toolbar
MyEmoticons_WhenUSaveNow_Installer
Myfreezetoolbar
MyGlobalSearch
mypcguard
MyPlayCity_WhenUSave_Installer
MyQuickSearch
MySearch
MySpeedyAlert
MyTotalSearch
MyVideoDaily2
MyWay
MyWaySA
MyWebSearch
MyWebSearchWB
NavigationProgram
Need2Find
networker
NewDotNet
NPSSoftware_WhenUSaveNow_Installer
OfferBox
OfferBoxSearch
OneStep
OneStepSearch
OneStepSrch
Original-Solitaire
p2pmax
Pacific Poker
PacificPoker
PacificPoker4
PandoBar
PartyGaming
PartyPoker
pcas
pdfforge
pdfforge Toolbar
Phoenician Casino
Platrium
PlatriumSA
PlatriumWeather
PlayMP3z
pointcash
pointgo
pointin
PointingToDeals
pointok
Poker 770
Poker Mile
PokerMile
PowerhouseAdsForYou
PremiereAdvertisingPlatform
PremierOpinion
PriceGong
Prime Casino
PrimoAdsForYou
ProsperaSoftware_WhenUSave_Installer
ProvenInternetExperienceImprover
Pushware
QualityProductAdviser
QueryExplorer
QueryService
QuestDns
QuestService
QuestService1
Radio_Bar_1
RadLight_WhenUSave_Installer
RecFree.com
RelevantKnowledge
RewardNet
Rightdown Software SearchBar
River Belle Casino
Roxy Palace Casino en Ligne
Roxy Palace Online Casino
roxypalace
roxypalace_fr_T
RPlatinum
Ruby Fortune Casino
runit
RXToolBar
Saint-Coran Toolbar
SaveNow
Search Enhancer Toolbar
Search Guard Plus
Search Guard PlusU
Search Settings
Search Toolbar
SearchInOneStep
SearchquTB
SearchToolbarCorp
Seekapp
SeekappSrch
Seekdns
Seekeen
SeekeenSrch
Seekmo
Seekmo Programs
Seekmo search assistant
SeekmoSA
SeekmoToolbar
SeekService
SFS Toolbar
SGPSA
ShopGuide
ShopperReports
ShopperReports3
ShoppingAdsHelper
ShoppingImprovementsTipCenter
ShoppingReport
ShoppingReport2
SideGreen
Sky-Banners
Smart-Ads-Solutions
Smart-Shopper
Snappyads Games Collection
Soft-Search
Soft2PC
SoftwareRevenue.org
spacequery
SpamBlocker
SpamBlockerUtility
SpamBlockerUtility_Icons
SpiderMessenger
Spigot
Starware*
Street-Ads
Stylish Profile
Sukoku
SunnyGames_WhenUSave_Installer
SuperHighQualityAds
SupremeAdvertisingProgram
SwellAdsForYou
Swiss Casino
System Search Dispatcher
TabQuery
TeamTaylorMadeSoftware_WhenUSaveNow_Installer
Textual Content Provider
Titan Poker
Toolbar4
ToolBarCI
TorrentSpeeder
Trymedia
Tuto4pc
Ucontrol
UnifiedToolbar
ValueableShoppingTips
Vegas Red Casino
Vicman_WhenUSave_Installer
Viewpoint
Visicom Media\Dynamic Toolbar 4 Pro Trial
VisualTool
VMNTOOLBAR
VnrBlock
VnrPack
vsvvss
vvsn
WeatherDPA
Web Match Enhancer
Web Search Operator
WebExcellenceAdviceTool
WebGuide
webHancer
webkey
WebMediaPlayer
Weemi
WhenU
WhenUSave
WhenUSearch
WhereSphere
whInstall
WickedAdsForYou
WinButler
Winletmin
Winsudate
wkagent
WonderPop
WordUninstaller
WowzerAdsForYou
Wyeke
Wyyo
XLToolbar
YouWontFindBetterDeals
Zango
Zango Applications
Zango Games
Zango Programs
Zango SiteFinder
Zango TvTimes
Zango Weather
ZangoClient
ZangoSA
ZangoToolbar
ziniky
ZinkWink
Zumie
ZumieSearch
Zwangi
Zwangie
zwangisearch
ZwangiSrch
zwankysearch
Zwunzi
OBS: Pode confiar, se o wings está pedindo é porque precisa mesmo!! ;)
Oi wings,
eu tô com dificuldade nesse programa AD remover. Porque ele vem em francês, e você não comentou nada sobre ter que instalar ele, salvar em C:...aí eu não sei devo instalar ou não. Quando eu clico com o botão direito do mouse, e seleciono em executar como administrador, abre a opção de instalar o programa no computador e nada escrito Clear...como faço? :P
Agradeço,
Manoela
>
Olá Manoela
1.
*Execute o hijack, clique em [Do a system scan only], selecione as entradas abaixo e clique [Fix checked]
R3 - URLSearchHook: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
*Feche o hijack
2.
*Baixe o AD-Remover e salve-o no desktop
*Clique com o botão direito no AD-R.exe e selecione "Executar como administrador", clique [Clean] > [sim] > [OK] > [sim]. O PC poderá ser reiniciado para a completa limpeza.
*Cole o relatório C:\Ad-Report-CLEAN[1].txt
>
Oi wings,
eu tô com dificuldade nesse programa AD remover. Porque ele vem em francês, e você não comentou nada sobre ter que instalar ele, salvar em C:...aí eu não sei devo instalar ou não. Quando eu clico com o botão direito do mouse, e seleciono em executar como administrador, abre a opção de instalar o programa no computador e nada escrito Clear...como faço? :P
Agradeço,
Manoela
Eu não pedi para salvar em C:\
Leia o procedimento atentamente. Instale o programa e siga conforme orientei.
Eu sei que você não pediu, por isso eu pergunto.
Pois através do link que você me enviou sempre aparece para salvar o programa em C:\
Posso procurar outro link para download?
>
Eu não pedi para salvar em C:\
Leia o procedimento atentamente. Instale o programa e siga conforme orientei.
Quem determina onde salvar é você!
Basta mudar o local onde vai salvar...
achei outro link para fazer download e deu certo.
Segue o relatório, wings:
= REPORT FROM AD-REMOVER | ONLY XP/VISTA/7 =======
Updated by C_XX on 12/06/10 at 19:20
Contact: AdRemover.contact@gmail.com
website: http://pagesperso-orange.fr/NosTools/ad_remover.html
C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 17:07:12 on 30/10/2011, Normal boot
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Manoela Maia, MANOELAMAIA-PC (Dell Inc. Inspiron N5010)
============== ACTION(S) ==============
(!) -- Temporary files deleted.
-- File opened: C:\Users\Manoela Maia\AppData\Roaming\Mozilla\FireFox\Profiles\z1tlmjde.default\Prefs.js --
Line deleted: user_pref("browser.search.defaultthis.engineName", "MyAshampoo Customized Web Search");
Line deleted: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&Sea...
-- File closed --
1,Key deleted: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
1,Key deleted: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
1,Key deleted: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
1,Key deleted: HKLM\Software\Classes\Interface\{D8F245F7-60CF-4370-A70D-6867467ECBF2}
0,Key deleted: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
1,Key deleted: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
0,Key deleted: HKCU\Software\Ask.com
0,Key deleted: HKCU\Software\AppDataLow\AskToolbarInfo
0,Key deleted: HKCU\Software\AppDataLow\Software\AskToolbar
3,Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
3,Key deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
3,Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
0,Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
============== ADDITIONNAL SCAN ==============
Mozilla Firefox Version [7.0.1 (pt-BR)]
-- C:\Users\Manoela Maia\AppData\Roaming\Mozilla\FireFox\Profiles\z1tlmjde.default\Prefs.js --
browser.download.lastDir, C:\\Users\\Manoela Maia\\Desktop
browser.search.selectedEngine, Pesquisa Segura
browser.startup.homepage, www.google.com
browser.startup.homepage_override.buildID, 20110928134238
browser.startup.homepage_override.mstone, rv:7.0.1
keyword.URL, hxxp://br.search.yahoo.com/search?fr=mcafee&p=
========================================
Internet Explorer Version [8.0.7601.17514]
[HKCU\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Search Asst: no
[HKLM\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Enable Browser Extensions: yes
Local Page: C:\Windows\SysWOW64\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Use Search Asst: no
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
========================================
C:\Program Files (x86)\Ad-Remover\Quarantine: 2 File(s)
C:\Program Files (x86)\Ad-Remover\Backup: 17 File(s)
C:\Ad-Report-CLEAN[1].txt - 3838 Byte(s)
End at: 17:09:14, 30/10/2011
============== E.O.F ==============
agradeço a atenção e ajuda,
manoela
ah, claro, agora faz sentido...eu achei que tava errado...hehehe
não entendo muito dessa área, desculpe...
>
Quem determina onde salvar é você!
Basta mudar o local onde vai salvar...
OK..:)
O log está limpo.
*Execute o AD-Remover e clique [uninstall] > [Não] > [Close]
*Delete a pasta C:\Arquivos de programas\Ad-Remover
Um abraço.
PROBLEMA RESOLVIDO
Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.
Olá Manoela
1.
*Execute o hijack, clique em [Do a system scan only], selecione as entradas abaixo e clique [Fix checked]
R3 - URLSearchHook: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
*Feche o hijack
2.
*Baixe o AD-Remover e salve-o no desktop
*Clique com o botão direito no AD-R.exe e selecione "Executar como administrador", clique [Clean] > [sim] > [OK] > [sim]. O PC poderá ser reiniciado para a completa limpeza.
*Cole o relatório C:\Ad-Report-CLEAN[1].txt