Usamos cookies para medir audiência e melhorar sua experiência. Você pode aceitar ou recusar a qualquer momento. Veja sobre o iMasters.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 08:25:25, on 25/07/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17028)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Users\Rose\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll
O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll
O2 - BHO: G-Buster Browser Defense BANESTES - {C41A1C0E-EA6C-11D4-B1B8-444553540017} - C:\Program Files (x86)\GbPlugin\gbiehbnt.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [HP Deskjet 3510 series (NET)] "C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe" -deviceID "BR33LFB2JY05TY:NW" -scfn "HP Deskjet 3510 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Rose\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SISTEMA')
O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: Curse.lnk = Rose\AppData\Roaming\Curse Client\Bin\Curse.exe
O4 - Global Startup: Acer Backup Manager Tray.lnk = C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: www.bancobrasil.com.br
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: seg.banestes.com.br
O15 - Trusted Zone: www.banestes.com.br
O15 - Trusted Zone: wwws.banestes.com.br
O15 - Trusted Zone: www.bb.com.br
O15 - Trusted Zone: www.santander.com.br
O15 - Trusted Zone: www.santanderempresarial.com.br
O15 - Trusted Zone: www.santandernet.com.br
O15 - Trusted Zone: wwws.santandernet.com.br
O15 - Trusted Zone: wwws2.santandernet.com.br
O15 - Trusted Zone: www.santandernetibe.com.br
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: GbPluginAbn - C:\Program Files (x86)\GbPlugin\gbiehAbn.dll
O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O20 - Winlogon Notify: GbPluginBnt - C:\Program Files (x86)\GbPlugin\gbiehBnt.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Agendamento (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
--
End of file - 13076 bytes
*** [ Serviços ] ***
*** [ Arquivos / Pastas ] ***
*** [ Tarefas ] ***
*** [ Atalhos ] ***
*** [ Registro ] ***
Chave Deletedo : HKCU\Software\Conduit
Chave Deletedo : HKCU\Software\Softonic
*** [ Navegadores ] ***
-\\ Internet Explorer v10.0.9200.17028
-\\ Google Chrome v36.0.1985.125
[ Arquivo : C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [6632 octets] - [15/09/2013 15:03:13]
AdwCleaner[R1].txt - [10919 octets] - [19/07/2014 21:17:47]
AdwCleaner[R2].txt - [1226 octets] - [30/07/2014 09:56:23]
AdwCleaner[s0].txt - [6271 octets] - [15/09/2013 15:04:59]
AdwCleaner[s1].txt - [10036 octets] - [19/07/2014 21:18:34]
AdwCleaner[s2].txt - [1044 octets] - [30/07/2014 09:57:21]
########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [1104 octets] ##########
Boa Tarde! sr.silva
|- Baixe: < ZHPDiag2.exe > < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/NicolasCoolman.jpg&key=31eaca9d787a5cb7b785eaca882cfe95bdd41bfffaf35086b6e7ecf044ef83cf" alt="NicolasCoolman.jpg" /> > ( ... de Nicolas Coolman )
|- Salve-o no disco local! ( C ou D )
|- Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/ZHPDiag_Pergaminho2_zps6e758639.jpg&key=6ea716e3ff0c1e80fdbb9b821ab86cbec4d10a8ec6466840625e1b7577bb9e18" alt="ZHPDiag_Pergaminho2_zps6e758639.jpg" />
|- Execute o ícone do pergaminho. ( ZHPDiag )
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/ZHPDiagCompleta_zpse85ea35b.jpg&key=32059d48f2d322104f1cb762d37015d71684e7a50868f2c84da3ff60600282cc" alt="ZHPDiagCompleta_zpse85ea35b.jpg" />
|- Clique "COMPLETA" e aguarde a conclusão!
/applications/core/interface/imageproxy/imageproxy.php?img=http://i39.servimg.com/u/f39/11/05/93/83/zhpdia11.png&key=cd2bcbee7ecda71a202f64af97b2896faaf1bddc4af00b80af5b456d12007af6" alt="zhpdia11.png" />
|- Clique OK e,ao concluir,poste o relatório! ( ZHPDiag.txt )
|- Ps: Se o log for extenso,envie-o à Pjjoint.malekal.
|- Maiores informações: < |Link| >
A+
Boa Noite! sr.silva
|- Execute este script na ferramenta ZHPFix.
|- Copie estas informações que estão em vermelho,para o Bloco de Notas.
|- Com o Bloco de Notas aberto,faça: ctrl+a >> ctrl+c ( Selecionar e Copiar )
|- À seguir,minimize o Bloco de Notas.
script zhpfix
P2 - FPN: [HKCU] [pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[MD5.45D18DC0CA53BFFAA11F992BEF63280D] [sPRF][16/09/2013] (.No owner - Setup/Uninstall.) -- C:\Users\Rose\AppData\Roaming\unins000.exe [706250]
[MD5.AD6E810B9CE3D8C0C1FF0203C68C6FA6] [sPRF][07/01/2014] (.No owner - Setup/Uninstall.) -- C:\Users\Rose\AppData\Roaming\unins001.exe [720082]
[MD5.169180F02ABCECA5DE72FC5EEBC861BB] [sPRF][20/01/2014] (.No owner - Setup/Uninstall.) -- C:\Users\Rose\AppData\Roaming\unins002.exe [730322]
**[MD5.A03592875F26DC6547E5B080BFC63A70] [sPRF][16/10/2013] (.No owner - Powered by BetterInstaller.) -- C:\Users\Rose\Desktop\DVDShrink_downloader_by_DVDShrink.exe [163352] =>Adware.MegaSearch**
**[MD5.00000000000000000000000000000000] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS.exe (.not file.) [0] =>Trojan.Keygen**R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.baixaki.com
**O39 - APT: AutoKMS - (...) -- C:\Windows\Tasks\AutoKMS.job [214] =>Trojan.Keygen**
**O39 - APT: AutoKMS - (...) -- C:\Windows\System32\Tasks\AutoKMS [214] =>Trojan.Keygen**
**O42 - Logiciel: Search-Results Toolbar - (.APN LLC.) [HKLM][64Bits] -- ilividtoolbargaw =>Adware.Bandoo**O43 - CFD: 16/10/2013 - 10:23:29 - [] ----D C:\Program Files (x86)\Baidu Security
O43 - CFD: 16/10/2013 - 10:30:19 - [] ----D C:\ProgramData\Baidu Security
O43 - CFD: 16/10/2013 - 10:23:29 - [] ----D C:\Users\Rose\AppData\Roaming\Baidu Security
O43 - CFD: 06/07/2013 - 00:19:10 - [] ----D C:\Program Files (x86)\MyFree Codec
O43 - CFD: 27/01/2014 - 04:39:39 - [] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 04/07/2013 - 16:14:35 - [0] ----D C:\Users\Rose\AppData\Local\MusicPlayer
**O45 - LFCP:[MD5.3FDA1843202679D8DF26AFEEDF31EB40] - 25/07/2014 - 08:39:35 ---A- - C:\Windows\Prefetch\SOFTONICDOWNLOADER_PARA_POCKE-ED6636E9.pf =>Toolbar.Conduit**
**[http://nicolascoolman.fr/toolbar-conduit](http://nicolascoolman.fr/toolbar-conduit) =>Toolbar.Conduit **O51 - MPSK:{7da3b545-9f5a-11e3-bebc-208984082313}\AutoRun\command. (...) -- F:\LGAutoRun.exe (.not file.)
O51 - MPSK:{9861d387-5c4e-11e3-bea7-208984082313}\AutoRun\command. (...) -- F:\LGAutoRun.exe (.not file.)
O61 - LFC: 28/07/2014 - 19:36:33 ---A- . (...) -- C:\Users\Rose\AppData\Local\Temp\Quarantine.exe [384485]
[HKCU\Software\Baidu Security]
[HKCU\Software\ilividtoolbargaw] =>Adware.Bandoo
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
**HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SmartbarExeInstaller_RASAPI32 =>Hijacker.SmartBar**
**HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SmartbarExeInstaller_RASMANCS =>Hijacker.SmartBar**
**[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilividtoolbargaw] =>Adware.Bandoo^**
**[HKCU\Software\ilividtoolbargaw] =>Adware.Bandoo^**
**C:\Windows\Tasks\AutoKMS.job =>Trojan.Keygen^**
**C:\Windows\System32\Tasks\AutoKMS =>Trojan.Keygen^**
**C:\Users\Rose\Desktop\DVDShrink_downloader_by_DVDShrink.exe =>Adware.MegaSearch^**
**C:\Users\Rose\AppData\Local\Temp\MoviesToolbarSetup_Somoto_9_10_2013.exe =>Adware.MegaSearch**
**C:\Users\Rose\AppData\Local\Temp\180713_y.exe =>PUP.DealPly**
**C:\Users\Rose\AppData\Local\Temp\appshat-distribution.exe =>Adware.MegaSearch**
**C:\Users\Rose\AppData\Local\Temp\dp.exe =>PUP.DealPly**
**C:\Users\Rose\AppData\Local\Temp\nsw6AF4.tmp =>Adware.MegaSearch**
**C:\Users\Rose\AppData\Local\Temp\UpdateCheckerSetup.exe =>Adware.MegaSearch**firewallraz
emptytemp
|- Abra a ferramenta ZHPFix. < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/My%2520Tools%25204/ZHPFix_logo2_zpsea0f2aa4.jpg&key=d5542cfa8c2927966334db1e22757054447548c1fa99304069314737b6934181" alt="ZHPFix_logo2_zpsea0f2aa4.jpg" /> >
|- Clique IMPORTAÇÃO >> OK.
|- Clique "GO".
|- Poste o relatório!
A+
Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Rose at 05/08/2014 08:14:12
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit (Build 9200)
Reciclagem vazia (01mn 10s)
========== Softwares ==========
AUSENTE Uninstall Process: c:\progra~2\search~1\datamngr\srtool~1\uninstall.exe
========== Processo memória ==========
ELIMINÉ: Memory Process: C:\Users\Rose\Desktop\DVDShrink_downloader_by_DVDShrink.exe
ELIMINÉ: Memory Process: C:\Users\Rose\AppData\Local\Temp\MoviesToolbarSetup_Somoto_9_10_2013.exe
ELIMINÉ: Memory Process: C:\Users\Rose\AppData\Local\Temp\180713_y.exe
ELIMINÉ: Memory Process: C:\Users\Rose\AppData\Local\Temp\appshat-distribution.exe
ELIMINÉ: Memory Process: C:\Users\Rose\AppData\Local\Temp\dp.exe
ELIMINÉ: Memory Process: C:\Users\Rose\AppData\Local\Temp\UpdateCheckerSetup.exe
========== Chaves do Registo ==========
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilividtoolbargaw]
ELIMINÉ: Mozilla Plugin: pandonetworks.com/PandoWebPlugin
ELIMINÉ CLSID MPSK: {7da3b545-9f5a-11e3-bebc-208984082313}
ELIMINÉ CLSID MPSK: {9861d387-5c4e-11e3-bea7-208984082313}
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKCU\Software\ilividtoolbargaw
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SmartbarExeInstaller_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SmartbarExeInstaller_RASMANCS
========== Valores do Registo ==========
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :
ELIMINÉ: FirewallRaz (Domain) : {808F1451-4108-46FD-ADBB-F17324B5F0BD}
ELIMINÉ: FirewallRaz (Domain) : {E7985E1D-C36F-4787-80A8-6350D07E9266}
ELIMINÉ: FirewallRaz (Domain) : NetPres-In-TCP-NoScope
ELIMINÉ: FirewallRaz (Domain) : NetPres-Out-TCP-NoScope
ELIMINÉ: FirewallRaz (None) : NetPres-WSD-In-UDP
ELIMINÉ: FirewallRaz (None) : NetPres-WSD-Out-UDP
ELIMINÉ: FirewallRaz (Public) : NetPres-In-TCP
ELIMINÉ: FirewallRaz (Public) : NetPres-Out-TCP
ELIMINÉ: FirewallRaz (None) : MCX-Prov-Out-TCP
ELIMINÉ: FirewallRaz (None) : MCX-McrMgr-Out-TCP
ELIMINÉ: FirewallRaz (Public) : {F7BD2C54-9DBB-413A-98B1-484DB898C371}
ELIMINÉ: FirewallRaz (Public) : {640F5DBB-6D8A-4D32-B71F-EA23092D0F5B}
ELIMINÉ: FirewallRaz (None) : {824A3541-ED14-4621-AEDA-28A522A638DB}
ELIMINÉ: FirewallRaz (None) : {FC4A8001-74B6-415F-8AE1-5D7D8AD5CDCC}
ELIMINÉ: FirewallRaz (Private) : {566563F0-A99E-4C4F-8F06-8EE2B410AB8A}
ELIMINÉ: FirewallRaz (Private) : {6A8FACA0-1775-4213-B46B-0E52099BE4AD}
ELIMINÉ: FirewallRaz (Private) : TCP Query User{2CA380E0-9A99-4693-895E-F0C10F54C5A0}C:\program files (x86)\ares\ares.exe
ELIMINÉ: FirewallRaz (Private) : UDP Query User{2CBF0673-9827-417D-A6B1-DAA9F23DADE7}C:\program files (x86)\ares\ares.exe
ELIMINÉ: FirewallRaz (Public) : TCP Query User{B052745E-1CE4-42F2-A15D-E89134D874C7}C:\program files (x86)\symantec\norton online backup\nobuclient.exe
ELIMINÉ: FirewallRaz (Public) : UDP Query User{7989D434-AD23-471F-A649-AD6AAD89A14D}C:\program files (x86)\symantec\norton online backup\nobuclient.exe
========== Elementos dos dados do Registo ==========
ELIMINÉ: R0 - Main,Start Page = KLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page
ELIMINÉ: R0 - Main,Start Page = KCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page
SUBSTITUI Value NoActiveDesktopChanges : Good (0) - Bad (1)
========== Pastas ==========
ELIMINÉ: C:\Program Files (x86)\Baidu Security
ELIMINÉ: C:\ProgramData\Baidu Security
ELIMINÉ: C:\Users\Rose\AppData\Roaming\Baidu Security
ELIMINÉ: C:\Program Files (x86)\MyFree Codec
ELIMINÉ: C:\ProgramData\boost_interprocess
ELIMINÉ: C:\Users\Rose\AppData\Local\MusicPlayer
ELIMINÉ Temporários windows (0)
========== Ficheiros ==========
ELIMINÉ: c:\program files (x86)\pando networks\media booster\nppandowebplugin.dll
ELIMINÉ: c:\windows\prefetch\softonicdownloader_para_pocke-ed6636e9.pf
ELIMINÉ: c:\users\rose\appdata\local\temp\quarantine.exe
ELIMINÉ: C:\Users\Rose\AppData\Local\Temp\nsw6AF4.tmp
ELIMINÉ Temporários windows (0) (0 octets)
========== Tarefa planificada ==========
ELIMINÉ: AutoKMS
========== Outros ==========
NÃO-TRATADO http://nicolascoolma...toolbar-conduit
========== Recapitulativo ==========
6 : Processo memória
8 : Chaves do Registo
22 : Valores do Registo
3 : Elementos dos dados do Registo
7 : Pastas
5 : Ficheiros
1 : Softwares
1 : Tarefa planificada
1 : Outros
End of clean in 06mn 58s
========== Caminho do ficheiro do relatório ==========
C:\Users\Rose\AppData\Roaming\ZHP\ZHPFix[R1].txt - 05/08/2014 08:15:23 [4606]
Bom Dia! sr.silva
|- Foram encontrados processos na memória,que causam lentidão na máquina.
|- Siga,na ordem estabelecida,estas instruções!
|- Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i48.tinypic.com/1268r49.png&key=be85c7a026af0cb092d2f868777759c6b4bd667a01f00e36e91558a667424520" alt="1268r49.png" /> > ( ... by Oleg N. Scherbakov )
|- Salve-o no desktop!
|- Desabilite seu antivírus!
|- Para Windows 7,clique direito em JRT.exe e execute-o ... /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Executar_Administrador.jpg&key=29bbf2d3836c6859afe3923102565f782321b5a7a2787d5bb24cc9918d13e9bd" alt="Executar_Administrador.jpg" />
|- Aguarde a conclusão e poste o relatório. ( JRT.txt )
|- Baixe: < NCDiag > < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/NicolasCoolman.jpg&key=31eaca9d787a5cb7b785eaca882cfe95bdd41bfffaf35086b6e7ecf044ef83cf" alt="NicolasCoolman.jpg" /> > ( ... de Nicolas Coolman )
|- Clique direito em NCDiag.exe e execute-o como administrador.
|- Aguarde a conclusão,que é rápida,e poste o relatório! ( NCScript.txt )
|- Serão 2 relatórios! ( NCDiag.txt e NCScript.txt )
|- Ps: Disponibilize o relatório NCDiag.txt em /applications/core/interface/imageproxy/imageproxy.php?img=http://cjoint.com/images/pub.gif&key=8ad045e550fc155ba40e049c58be6aeac96002c2401035248e0d5d133e5adc87" alt="pub.gif" />
A+
Boa Noite! sr.silva
|- Execute este script na ferramenta ZHPFix.
|- Copie estas informações que estão em vermelho,para o Bloco de Notas.
|- Com o Bloco de Notas aberto,faça: ctrl+a >> ctrl+c
|- À seguir,minimize o Bloco de Notas.
Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyTemp
EmptyFlash
**C:\Users\Rose\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.µTorrent**
**C:\Users\Rose\Desktop\µTorrent.lnk =>P2P.µTorrent**
**C:\Users\Rose\AppData\Roaming\uTorrent\uTorrent.exe = >P2P.µTorrent =>P2P.µTorrent**
**C:\Users\Public\Desktop\Netflix.lnk =>Hijacker.Browser**
**[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.µTorrent**
**[HKUS\S-1-5-21-4234301874-2312579503-1689864410-1002\S-1-5-21-4234301874-2312579503-1689864410-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.µTorrent**
**HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{980A182F-E0A2-4A40-94C1-AE0C1235902E} =>P2P.Pando**
**HKLM\SOFTWARE\Wow6432Node\Pando Networks =>P2P.Pando**
**HKCU\Software\BitTorrent =>P2P.BitTorrent**
**HKCU\Software\Pando Networks =>P2P.Pando**
**C:\Program Files (x86)\Pando Networks =>P2P.Pando**
**C:\Users\Rose\AppData\Roaming\uTorrent =>P2P.µTorrent**
**C:\Users\Rose\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent**
**C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe =>P2P.Pando**
**[HKCR\CLSID\{33BCC8EC-0D01-4E10-AD3D-4DAF749873ED}] (Browser Application State) =>PUP.BrowserApp**
**[HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] (Groove GFS Browser Helper) =>Trojan.FindFDSearch**
**[HKCR\CLSID\{ADBE6DEC-9B04-4A3D-A09C-4BB38EF1351C}] (XAML Browser Application) =>PUP.BrowserApp**
**[HKCR\CLSID\{E569BDE7-A8DC-47F3-893F-FD2B31B3EEFD}] (Browser Application State) =>PUP.BrowserApp**
**C:\Windows\Prefetch\UTORRENT.EXE-BB3A126A.pf =>P2P.µTorrent**|- Abra a ferramenta ZHPFix. < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/My%2520Tools%25204/ZHPFix_logo2_zpsea0f2aa4.jpg&key=d5542cfa8c2927966334db1e22757054447548c1fa99304069314737b6934181" alt="ZHPFix_logo2_zpsea0f2aa4.jpg" /> >
|- Clique IMPORTAÇÃO >> OK.
|- Clique "GO".
|- Poste o relatório!
#####
#####
... Editando!
< TORCH >
|- Vá à este endereço,e instale o TORCHBrowser.
|- Ps: Como gostas de jogos,Torrents e Players,este navegador seria mais adequado à esse propósito.
< /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/My%2520Tools%25204/Torch_Torrents_zps886dd1a9.jpg&key=20b16f16599b28619126c19f83e2882948a2355fa1188feaba5def7e25cc7709" alt="Torch_Torrents_zps886dd1a9.jpg" /> >
|- Faça seus ensaios e se gostar,pode até desinstalar o Google Chrome e ficar com o TORCH.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/My%2520Tools%25204/TORCHBrowser_zpsadf71aac.jpg&key=8291a4b761f31f509b026093bdf669436530472701aecf0da3a5a3b615882da2" alt="TORCHBrowser_zpsadf71aac.jpg" />
|- Clique "TORCH Free Download ou,caso queira,pode utilizar a instalação** *offline***.
A+
Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Rose at 11/08/2014 05:12:01
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit (Build 9200)
Reciclagem vazia (00mn 06s)
Prefetcher vazio
========== Processo memória ==========
ELIMINA REINICIAR: Memory Process: C:\Users\Rose\AppData\Roaming\uTorrent\uTorrent.exe
ELIMINÉ: Memory Process: C:\Windows\Prefetch\UTORRENT.EXE-BB3A126A.pf
========== Chaves do Registo ==========
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Pando Networks
ELIMINÉ: HKCU\Software\BitTorrent
ELIMINÉ: HKCU\Software\Pando Networks
ELIMINÉ:³ HKCR\CLSID\{33BCC8EC-0D01-4E10-AD3D-4DAF749873ED}
ELIMINÉ:* HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
ELIMINÉ:³ HKCR\CLSID\{ADBE6DEC-9B04-4A3D-A09C-4BB38EF1351C}
ELIMINÉ:³ HKCR\CLSID\{E569BDE7-A8DC-47F3-893F-FD2B31B3EEFD}
========== Valores do Registo ==========
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :
ELIMINÉ [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ Temporários windows (0) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
ELIMINÉ: C:\Users\Rose\Desktop\µTorrent.lnk
ELIMINÉ: C:\Users\Public\Desktop\Netflix.lnk
========== Recapitulativo ==========
2 : Processo memória
7 : Chaves do Registo
3 : Valores do Registo
1 : Pastas
4 : Ficheiros
End of clean in 00mn 26s
========== Caminho do ficheiro do relatório ==========
C:\Users\Rose\AppData\Roaming\ZHP\ZHPFix[R1].txt - 05/08/2014 08:15:23 [4685]
C:\Users\Rose\AppData\Roaming\ZHP\ZHPFix[R2].txt - 11/08/2014 05:12:09 [1680]
=====
Amigo, nunca ouvi falar desse navegador.
O que ele tem de "interessante" que os outros não tem?
Bom Dia! sr.silva
>
Amigo, nunca ouvi falar desse navegador.
O que ele tem de "interessante" que os outros não tem?
< Quais as funcionalidades do Torch Browser > << Link!
|- As análises e comentários realizados no Baixaki,são ótimas para quem quer conhecer o Torch. Eu instalei em meu PC e estou muito satisfeito com seu desempenho.
|- Recomendo apenas que,durante a instalação,desmarque as caixinhas que instalam a Ask Toolbar.
|- Ps: O uTorrent foi desinstalado,já que fazia parte do script automático de NCDiag e que apresentou processos na memória.
|- Posteriormente,podes reinstalar o uTorrent (Bit Torrent) mas na observação dos sintomas que podem gerar ao causar alguma lentidão.
(|- Devemos ressaltar,também,a instalação de programas afiliados que o mesmo costuma realizar,mesmo desmarcando suas caixinhas.
-/-
|- Como está o computador? Ainda predominam os sintomas que o incomodam?
|- Caso queira,pode executar essa verificação,online,em Eset.
-/-
|- Execute escaneamento online em Eset. << Link!
|- Utilize o navegador "Internet Explorer 64 bits",para essa tarefa!
|- Tecle Windows+R e na caixa Executar,copie e cole: C:\Program Files\Internet Explorer\iexplore.exe
|- Dê o OK.
|- Com isso,o IE 64 bits irá rodar.
|- Siga,conforme a imagem,essa verificação ou scan.
|- Ao concluir,teremos em "Resultados do rastreamento" a opção "Exportar para arquivo de texto...".
|- Marque a caixa "Delete Quarantined files" >> Clique em FINISH.
|- Escolha o desktop e nomeie o relatório como Eset_log.
|- Poste esse relatório!
|- Ps: Caso nada seja detectado,não teremos relatório ou lista presente.
Abs!
Amigo..
Scan em andamento..
A princípio não tinha conseguido, mas agora foi!
Depois de 4horas de Scan...
C:\Users\Rose\Downloads\DTLite4471-0333.exe Win32/OpenCandy potentially unsafe application
C:\Users\Rose\Downloads\Pconverter (1).exe Win32/OpenCandy potentially unsafe application
C:\Users\Rose\Downloads\Pconverter.exe Win32/OpenCandy potentially unsafe application
C:\Users\Rose\Downloads\UnlockRoot v2.3.1.exe multiple threats
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-ORJ-V7C[1].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-ORJ-V7C[2].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-ORJ-V7C[3].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-ORJ-V7C[1].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-ORJ-V7C[2].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-ORJ-V7C[3].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultstb.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\APNSetup.exe a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application deleted - quarantined
C:\Users\Rose\AppData\Local\Temp\APNSetup.exe a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application deleted - quarantined
C:\Users\Rose\Downloads\bsplayer265.1074.exe Win32/OpenCandy potentially unsafe application deleted - quarantined
C:\Users\Rose\Downloads\Download.By.Tutoriaisid.blogspot.com.br.rar a variant of MSIL/HackKMS.A potentially unsafe application deleted - quarantined
C:\Users\Rose\Downloads\DTLite4471-0333 (1).exe Win32/OpenCandy potentially unsafe application deleted - quarantined
Boa Tarde! sr.silva
|- Como está o PC? Ainda persistem os problemas?
-/-
|- Baixe: |DelFix| ( ... de Xplode )
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/My%2520Tools%25204/DelFix_Download_zpsb5d944c7.jpg&key=c11cd63c68a67a8bcd0443a3fe0e716fc51d8e7a80122a3b6bf3a92bc1cfea40" alt="DelFix_Download_zpsb5d944c7.jpg" />
|- Estando na página,clique Download Now.
|- Salve-a em um local conveniente! ( desktop! )
|- Feche aplicativos que estejam abertos.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/DelFix_Executar_zpsd62f8dcc.jpg&key=4e3fab5cf4fd1cbba0579b41be8aa1dabd91688a01b249157a5a9fb44cd0f181" alt="DelFix_Executar_zpsd62f8dcc.jpg" />
|- Com as caixinhas marcadas!
|- Clique Executar!
|- Clique "Run".
-/-
|- Baixe: < JetClean 1.5.0 > ( ... by BlueSprig.com )
< Maiores informações! > << Leia aqui!
|- Salve-o em Arquivos de programas. ( jetclean-setup.exe )
|- Instale o software,tendo cuidado de desmarcar a instalação de programas afiliados.
|- Estando na Guia "1-Click",preferencialmente,vá em "Scan Now".
|- Escolha: Shut down PC after Repair
|- Ou escolhendo a opção "Scan & Repair",sem o reboot do PC.
|- Aguarde a conclusão,que mostrará um painel com indicações ou correções em verde.
|- Informe!
Abs!
DigRam..
Meu computador está "ok" amigo.
Não consegui visualizar as correções em verde pois deixei executando e sai da frente do pc.
No mais, só quero agradecer pela atenção e ajuda prestada.
Obrigado!!! :coolio: :coolio: :coolio:
E até o próximo problema!!! :assobiando:
PROBLEMA RESOLVIDO
Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.
Boa Noite! sr.silva
|- Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/AdwCleaner_Logo2_zps580bcd78.jpg&key=71530441ef1621c6398a69f0f5fae6f7f5c87897579baf8487ec306c4e109626" alt="AdwCleaner_Logo2_zps580bcd78.jpg" /> > ( ... par Xplode )
|- Ao acessar,clique na imagem: < /applications/core/interface/imageproxy/imageproxy.php?img=http://general-changelog-team.fr/images/jdownloads/downloadimages/download-button-jdownloads.png&key=9a9f05ae173fb128f50e3977e0cb0c22b495f779b30cd81b8441f6b06a451417" alt="download-button-jdownloads.png" /> >
|- Salve-o no desktop!
|- Clique direito em adwcleaner.exe,e escolha sua execução como /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Executar_Administrador.jpg&key=29bbf2d3836c6859afe3923102565f782321b5a7a2787d5bb24cc9918d13e9bd" alt="Executar_Administrador.jpg" />
/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/advz4z8Y.jpg&key=d014b7c10974863cb53eb98c621165d7bed35f01f9fe6800257605fc7dc58eba" alt="advz4z8Y.jpg" />
|- Ps: Dê início ao scan,clicando em "Examinar".
|- Ao concluir,clique "Limpar" >> Ok >> Ok >> Ok.
|- Copie o log ou clique "Relatório".
|- Poste: < C:\AdwCleaner\AdwCleaner[s0].txt >
Abs!