[Resolvido] &nbspInvasão de Pop ups!

Boa Noite! LFaber

|- Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/AdwCleaner_Logo2_zps580bcd78.jpg&key=71530441ef1621c6398a69f0f5fae6f7f5c87897579baf8487ec306c4e109626" alt="AdwCleaner_Logo2_zps580bcd78.jpg" /> > ( ... par Xplode )

|- Ao acessar,clique na imagem: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/AdwCleaner_Tlcharger.jpg&key=2319bbcd35144166c25768473f26c7f193a7ab5036b9479bd1465d8257d6f6b2" alt="AdwCleaner_Tlcharger.jpg" /> >

|- Ps: Se utilizar o navegador IE9,desabilite o filtro "SmartScreen".
|- Salve-o no desktop!
|- Clique direito em adwcleaner.exe,e escolha sua execução como /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Executar_Administrador.jpg&key=29bbf2d3836c6859afe3923102565f782321b5a7a2787d5bb24cc9918d13e9bd" alt="Executar_Administrador.jpg" />

/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/advz4z8Y.jpg&key=d014b7c10974863cb53eb98c621165d7bed35f01f9fe6800257605fc7dc58eba" alt="advz4z8Y.jpg" />

|- Ps: Dê início à ferramenta,clicando em "Scan".
|- Ao concluir,clique "Clean" >> Aguarde! >> Clique "Report".
|- Poste: < C:\AdwCleaner\AdwCleaner[s0].txt >

A+

-\\ Mozilla Firefox v25.0.1 (en-US)

[ File : C:\Users\Leila\AppData\Roaming\Mozilla\Firefox\Profiles\mgfcnw26.default-1371434733694\prefs.js ]

Line Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Line Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Line Deleted : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Line Deleted : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Line Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Line Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false);
Line Deleted : user_pref("extensions.BabylonToolbar.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.BabylonToolbar.id", "2058a665000000000000001e64757680");
Line Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15883");
Line Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Line Deleted : user_pref("extensions.BabylonToolbar.newTab", false);
Line Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Line Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Line Deleted : user_pref("extensions.BabylonToolbar.rvrt", "false");
Line Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Line Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Line Deleted : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=2058a665000000000000001e64757680&q=");
Line Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.8.11.10");
Line Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "1.8.11.1013:32:05");
Line Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.8.11.10");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=122793&tsp=4926");
Line Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Line Deleted : user_pref("extensions.enabledAddons", "%7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21,webbooster%40iminent.com:7.47.2.1,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1");
Line Deleted : user_pref("iminent.LayoutId", "1");
Line Deleted : user_pref("iminent.ShowThankyouPixel", "0");

Line Deleted : user_pref("iminent.registerToolbarEvent100", "1384977077496");
Line Deleted : user_pref("iminent.registerToolbarEvent101", "1384972042031");
Line Deleted : user_pref("iminent.registerToolbarEvent102", "1384984715292");
Line Deleted : user_pref("iminent.registerToolbarEvent105", "1384911022602");
Line Deleted : user_pref("iminent.registerToolbarEvent109", "1384991167455");
Line Deleted : user_pref("iminent.registerToolbarEvent110", "1384991708660");
Line Deleted : user_pref("iminent.registerToolbarEvent111", "1384991167461");
Line Deleted : user_pref("iminent.registerToolbarEvent112", "1384991184908");
Line Deleted : user_pref("iminent.registerToolbarEvent122", "1384991167467");
Line Deleted : user_pref("iminent.registerToolbarEvent136", "1383650690666");
Line Deleted : user_pref("iminent.registerToolbarEvent140", "1384984707823");
Line Deleted : user_pref("iminent.version", "7.47.2.1");
Line Deleted : user_pref("iminent.versioning", "{\"CurrentVersion\":\"7.41.2.1\",\"InstallEventCTime\":1382046475704,\"InstallEvent\":\"True\",\"UpdateEventCTime\":1385061328123}");

-\\ Google Chrome v31.0.1650.57

[ File : C:\Users\Leila\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : icon_url
Deleted : search_url
Deleted : keyword
Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [9055 octets] - [21/11/2013 17:26:15]
AdwCleaner[s0].txt - [8876 octets] - [21/11/2013 17:27:07]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [8936 octets] ##########

Postei certo?! Se não, me desculpe!!

LFABER

Boa Noite! LFABER

|- Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i48.tinypic.com/1268r49.png&key=be85c7a026af0cb092d2f868777759c6b4bd667a01f00e36e91558a667424520" alt="1268r49.png" /> > ( ... by Oleg N. Scherbakov )
|- Salve-o no desktop!
|- Desabilite seu antivírus!
|- Para Windows 7,clique direito em JRT.exe e execute-o ... /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Executar_Administrador.jpg&key=29bbf2d3836c6859afe3923102565f782321b5a7a2787d5bb24cc9918d13e9bd" alt="Executar_Administrador.jpg" />
|- Aguarde a conclusão e poste o relatório. ( JRT.txt )

A+

Bom dia Dig Ram!!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Leila on 22/11/2013 at 7:59:17,75
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-855506272-3775289842-286538128-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricepeep_130001_1001_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricepeep_130001_1001_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\pricepeep_130001_1001_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\pricepeep_130001_1001_RASMANCS

~~~ Files

~~~ Folders

~~~ FireFox

Emptied folder: C:\Users\Leila\AppData\Roaming\mozilla\firefox\profiles\mgfcnw26.default-1371434733694\minidumps [44 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22/11/2013 at 8:05:57,06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Bom Dia! LFABER

|- Baixe: < zoek > ( ... by Smeenk )

|- Ou aqui! < /applications/core/interface/imageproxy/imageproxy.php?img=http://www.imgdumper.nl/uploads6/51a612a8b2bc1/51a612a8b27e2-Zoek.png&key=b080d87f02699d418b53b08471d428294848da3b0e2385f0657dbc188036baad" alt="51a612a8b27e2-Zoek.png" /> zoek.exe >

|- Salve-o e descompacte-o para o desktop!
|- Estarão disponíveis: zoek.com, zoek.scr, zoek.pif e zoek.exe
|- Desabilite seu antivírus!
|- Para Windows 7,execute zoek.exe como administrador.

hijackthis;
iedefaults;
chromelook;
autoclean;
emptyalltemp;

|- Copie e cole estas informações,em vermelho,no campo da ferramenta.
|- Clique "Run Script".

Zoek.exe is running now.

|- Surgirão estas informações,pedindo-lhe que aguarde o surgimento relatório.
|- Ps: Essas informações podem permanecer estáticas na tela,por 20 minutos ou mais.

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Zoek_Reboot_zpscf60b3cf.jpg&key=cd3dbc8b6058332b5ca134f03724ff8c45ff51d7f31a8c732301729c7a9e6c94" alt="Zoek_Reboot_zpscf60b3cf.jpg" />

|- Aceite e/ou confirme o reboot!

zoek.hta failed by unknown error.

|- Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
|- Poste o relatório,que estará em C:\zoek-results.txt <<

Abs!

Olá Dig Ram, aqui está:

Zoek.exe Version 4.0.0.5 Updated 24-November-2013
Tool run by Leila on 28/11/2013 at 18:44:32,28.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Leila\AppData\Local\Temp\Temp1_zoek.zip\zoek.exe [Quick Scan] [Auto Clean]

==== System Restore Info ======================

28/11/2013 18:45:49 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apostila Escriturário - Banco do Brasil not found
C:\Users\Leila\AppData\LocalLow\store-pp.jbs deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Leila\AppData\Local\Temp ====
2013-11-22 09:58:47 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Leila\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2013-11-18 20:16:49 E73A7A04FDAC9DD46EE2A4257F09E91C 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys
2013-11-18 20:16:49 ACCEA6BC68D0C9A78EB97EE159028B4E 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys
2013-11-18 20:16:49 861C197502A5057E68F0AC75D9EFCDD7 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys
2013-11-18 20:16:49 311C1DD1088E55BEAE15954D17F50646 52736 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys
2013-11-18 20:16:48 A83D0EC9AE4C31704442099D40BA2471 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys
2013-11-18 20:16:48 9406D801042FAF859CF81B2C886413DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys
2013-11-18 20:16:48 280E90CBF4B2DDD169F0728CB44D726F 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys
2013-11-13 11:27:27 79059559E89D06E8B80CE2944BE20228 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys
2013-11-13 11:27:20 EBF28856F69CF094A902F884CF989706 458712 ----a-w- C:\Windows\Sysnative\drivers\cng.sys
2013-11-13 11:27:20 8F489706472F7E9A06BAAA198703FA64 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys
2013-11-13 11:27:20 868A2CAAB12EFC7A021682BCA0EEC54C 154560 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2013-11-21 00:31:08 -------- d-----w- C:\PROGRA~2\Trend Micro
2013-11-21 00:25:00 -------- d-----w- C:\PROGRA~2\Retsina Software
======= C: =====
====== C:\Users\Leila\AppData\Roaming ======
2013-11-21 00:25:01 -------- d-----w- C:\Users\Leila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IEJet
====== C:\Users\Leila ======
2013-11-22 09:58:01 86FB5E8D5D1E3E405C46CCBF991E6FD4 1034531 ----a-w- C:\Users\Leila\Downloads\JRT.exe
2013-11-21 19:25:02 9812917FE2FCDEA2FD800573D7842E5D 1085542 ----a-w- C:\Users\Leila\Downloads\adwcleaner.exe
2013-11-21 00:25:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IEJet

====== C: exe-files ==
2013-11-22 09:58:47 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Leila\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
2013-11-22 09:58:01 86FB5E8D5D1E3E405C46CCBF991E6FD4 1034531 ----a-w- C:\Users\Leila\Downloads\JRT.exe
=== C: other files ==
2013-11-28 20:45:04 90A594537C3731C9A3AB3B540868B60B 346 ----a-w- C:\Users\Leila\AppData\Local\Temp\drives.vbs
2013-11-22 09:58:45 CC6C23C02BE66014AD87F2678BBB3A1D 8117 ----a-w- C:\Users\Leila\AppData\Local\Temp\jrt\modules.bat
2013-11-22 09:58:45 C4A5476A9D54B400F1623A2EE7DDA5C5 13955 ----a-w- C:\Users\Leila\AppData\Local\Temp\jrt\chrome.bat
2013-11-22 09:58:45 BAD6C67C870CC81C48DBA53089929884 153331 ----a-w- C:\Users\Leila\AppData\Local\Temp\jrt\firefox.bat
2013-11-22 09:58:45 B964B792D3692699CD7D4FDB63EE470E 1239 ----a-w- C:\Users\Leila\AppData\Local\Temp\jrt\FWPolicy.bat
2013-11-22 09:58:45 B8AF52799C6359D40228B006C1432C57 16063 ----a-w- C:\Users\Leila\AppData\Local\Temp\jrt\get.bat
2013-11-22 09:58:45 B45931E5313CB14CAA0F2BC3DA30E6FC 29648 ----a-w- C:\Users\Leila\AppData\Local\Temp\jrt\ask.bat
2013-11-22 09:58:45 87458834C37183459AA6F19EF5E06533 9099 ----a-w- C:\Users\Leila\AppData\Local\Temp\jrt\runvalues.bat
2013-11-22 09:58:45 80D02380F1AC33E459324B088392A1EC 732 ----a-w- C:\Users\Leila\AppData\Local\Temp\jrt\ev_clear.bat
2013-11-22 09:58:45 75C9C20DD9839BF287B43B0E179822DC 31414 ----a-w- C:\Users\Leila\AppData\Local\Temp\jrt\iexplore.bat
2013-11-22 09:58:45 654E9FE74B930A454EE5BDE165794B65 85 ----a-w- C:\Users\Leila\AppData\Local\Temp\jrt\delorphans.bat
2013-11-22 09:58:45 58605DA3492FB918D3D40B1FB88046AE 39471 ----a-w- C:\Users\Leila\AppData\Local\Temp\jrt\prelim.bat
2013-11-22 09:58:45 504CA0FC8BE3A47ECE89CEC2E5B21E67 10261 ----a-w- C:\Users\Leila\AppData\Local\Temp\jrt\JRT.bat
2013-11-22 09:58:45 372EA6F783198102CF5779072EE78C79 24751 ----a-w- C:\Users\Leila\AppData\Local\Temp\jrt\searchlnk.bat
2013-11-22 09:58:45 1FBF882AA934A741530741FC134872A3 1243 ----a-w- C:\Users\Leila\AppData\Local\Temp\jrt\TDL4.bat
2013-11-22 09:58:45 14D6EE8B672684E2232FB430D8C4A928 18668 ----a-w- C:\Users\Leila\AppData\Local\Temp\jrt\medfos.bat
2013-11-22 09:58:45 0768E560CCD86C18F35FAD29DCEA7B80 1820 ----a-w- C:\Users\Leila\AppData\Local\Temp\jrt\delfolders.bat
2013-11-22 09:58:45 006F09DF7EB9E9E61935F16AF2B6DC71 150291 ----a-w- C:\Users\Leila\AppData\Local\Temp\jrt\misc.bat

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-855506272-3775289842-286538128-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"cdloader"="C:\Users\Leila\AppData\Roaming\mjusbsp\cdloader2.exe MAGICJACK"
"Facebook Update"="C:\Users\Leila\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_USERS\S-1-5-21-855506272-3775289842-286538128-1000\Software\Microsoft\Windows\CurrentVersion\runonce]
"FlashPlayerUpdate"="C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_Plugin.exe -update plugin"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cdloader"="C:\Users\Leila\AppData\Roaming\mjusbsp\cdloader2.exe MAGICJACK"
"Facebook Update"="C:\Users\Leila\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_Plugin.exe -update plugin"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LightScribe Control Panel]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LightScribe Control Panel"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Common Files\\LightScribe\\LightScribeControlPanel.exe -hidden"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QlbCtrl.exe]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="QlbCtrl.exe"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Hewlett-Packard\\HP Quick Launch Buttons\\QlbCtrl.exe /Start"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

==== Startup Folders ======================

2013-03-12 22:33:23 1315 ----a-w- C:\Users\Leila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de tela e Iniciador do OneNote 2007.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [08/10/2013 19:27]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-855506272-3775289842-286538128-1000Core.job --a------ C:\Users\Leila\AppData\Local\Facebook\Update\FacebookUpdate.exe [23/05/2013 00:59]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-855506272-3775289842-286538128-1000UA.job --a------ C:\Users\Leila\AppData\Local\Facebook\Update\FacebookUpdate.exe [23/05/2013 00:59]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\bho_update" ["C:\Program Files (x86)\Internet Explorer\Updater.exe"]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-855506272-3775289842-286538128-1000Core" [C:\Users\Leila\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-855506272-3775289842-286538128-1000UA" [C:\Users\Leila\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{203FB6B2-2E1E-4474-863B-4C483ECCE78E}"="C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\Leila\AppData\Roaming\Mozilla\Firefox\Profiles\mgfcnw26.default-1371434733694

• DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

AppDir: C:\Program Files (x86)\Mozilla Firefox

• Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}


• Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}


• Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Leila\AppData\Roaming\Mozilla\Firefox\Profiles\mgfcnw26.default-1371434733694
4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash
E3B4EA121F7BDEB0F6366E2BA9608CB5 - C:\Users\Leila\AppData\Local\Citrix\Plugins\104\npappdetector.dll - Citrix Online Web Deployment Plugin 1.0.0.104
D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[09/10/2013 11:59]

Skype for Chromium - Leila - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Wallet - Leila - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-855506272-3775289842-286538128-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06} deleted successfully
HKEY_USERS\S-1-5-21-855506272-3775289842-286538128-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{203FB6B2-2E1E-4474-863B-4C483ECCE78E} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Leila\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Leila\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Leila\AppData\Local\Mozilla\Firefox\Profiles\mgfcnw26.default-1371434733694\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Leila\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Leila\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 28/11/2013 at 19:03:04,63 ======================
Abraços LFABER.

Bom Dia! LFABER

|- Seus logs estão limpos. :natalsmile:

|- Tudo Ok?

-/-

|- Baixe: < DelFix > ( ... de Xplode )

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/DelFix_SetaVerde.jpg&key=a562af283f81224b0096f109e2c85fcde8abae0d109a59c91160b5f99a23e243" alt="DelFix_SetaVerde.jpg" />

|- Estando na página,clique na seta verde para o download.

|- Salve-a em um local conveniente! (** desktop! **)

|- Feche aplicativos que estejam abertos.

/applications/core/interface/imageproxy/imageproxy.php?img=http://home.kpn.nl/stefsmeenk/delfix.gif&key=18033ed0d990b9dba10f3aa620c883e92b188e95ccac98a5e1a6286226c313b9" alt="delfix.gif" />

|- Execute-a!

|- Com as 3 checkbox marcadas!

|- Clique "Run".

Abs!

PROBLEMA RESOLVIDO

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.