Publicidade

Entre para seguir isso  
Seguidores 0
altasena

[Resolvido] &nbspPC muito lento e travando

Olá este pc era muito bom,tem travado muito e está muito lento!!!Desde já obrigado!!

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 20:30:44, on 05/11/2011

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.19154)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\RtHDVCpl.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\AVG\AVG2012\avgtray.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\QuickTime\QTTask.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Ahead\Nero PhotoShow\data\Xtras\mssysmgr.exe

C:\Program Files\Ares\Ares.exe

C:\Users\RIAN\AppData\Local\sswat_hwrc_win_live\mattelhwrc_launcher.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Windows\system32\conime.exe

C:\Windows\system32\wuauclt.exe

C:\Users\RIAN\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\RIAN\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\RIAN\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\RIAN\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\RIAN\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\RIAN\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\RIAN\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\RIAN\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\rundll32.exe

C:\Users\RIAN\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\HiJackThis (2).exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.globo.com.br/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll

R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI9130~1\Datamngr\ToolBar\searchqudtx.dll (file missing)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\PROGRA~1\GbPlugin\gbiehAbn.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: kikin Plugin - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files\kikin\ie_kikin.dll

O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI9130~1\Datamngr\ToolBar\searchqudtx.dll (file missing)

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [skytel] Skytel.exe

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"

O4 - HKLM\..\Run: [RestartNeroSetup] "C:\Users\RIAN\AppData\Local\Temp\Nero Web\SetupXu.exe" MODE="update" STARTMODE="2" USERSEL="3" FAMILYNAME="Nero 7" RUNSETUPXU="1" UPGRADE="1"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart

O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe

O4 - HKCU\..\Run: [Google Update] "C:\Users\RIAN\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h

O4 - HKCU\..\Run: [Mattel HWRC Launcher] C:\Users\RIAN\AppData\Local\sswat_hwrc_win_live\mattelhwrc_launcher.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [Akamai NetSession Interface] C:\Users\RIAN\AppData\Local\Akamai\netsession_win.exe

O4 - HKUS\S-1-5-18\..\RunOnce: [AutoLaunch] C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe monthly (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [AutoLaunch] C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe monthly (User 'Default user')

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll

O9 - Extra 'Tools' menuitem: My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll

O20 - Winlogon Notify: GbPluginAbn - C:\PROGRA~1\GbPlugin\gbiehAbn.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

O23 - Service: Watchdog do AVG (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe

O23 - Service: Bandoo Coordinator - Bandoo Media Inc. - C:\Program Files\Bandoo\Bandoo.exe

O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe

O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~1\GbPlugin\GbpSv.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe

O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe

 

--

End of file - 10549 bytes

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá altasena

 

 

1.

*Baixe o ERUNT e salve-o no desktop

*Crie uma pasta em C:\ chamada ERUNT e extraia para ela

*Execute o arquivo C:\ERUNT\ERUNT.exe

*Clique [OK] > [OK] > [sim] > [OK]

 

2.

*Baixe o AD-Remover e salve-o no desktop

*Clique com o botão direito do mouse no AD-R e selecione "Executar como administrador", clique [Clean] > [sim] > [OK] > [sim]. O PC poderá ser reiniciado para a completa limpeza.

*Cole o relatório C:\Ad-Report-CLEAN[1].txt

 

3.

*Baixe o DDS e salve-o no desktop

*Execute-o e salve os relatórios no desktop (DDS.txt e Attach.txt)

*Cole apenas o relatório DDS.txt

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia amigo, fiz os procedimentos, log postado!! Grato

 

======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======

 

Updated by TeamXscript on 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

website: http://www.teamxscript.org

 

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Launched at 10:35:17 on 07/11/2011, Normal boot

 

Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86)

RIAN@RIAN-PC (Gigabyte Technology Co., Ltd. 945GCM-S2C)

 

============== SEARCH ==============

 

Service: "Bandoo Coordinator" Service found

 

File found: C:\Windows\system32\Tasks\Scheduled Update for Ask Toolbar

Folder found: C:\Users\RIAN\AppData\Roaming\Mozilla\FireFox\Profiles\c46lnu1g.default\extensions\toolbar@ask.com

File found: C:\Users\RIAN\AppData\Roaming\Mozilla\FireFox\Profiles\c46lnu1g.default\searchplugins\askcom.xml

Folder found: C:\Users\RIAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ask Search Assistant

Folder found: C:\Program Files\Ask Search Assistant

Folder found: C:\Program Files\Ask.com

Folder found: C:\Users\RIAN\AppData\LocalLow\AskToolbar

Folder found: C:\Users\RIAN\AppData\Roaming\Bandoo

Folder found: C:\ProgramData\Bandoo

Folder found: C:\Users\RIAN\AppData\LocalLow\Bandoo

Folder found: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandoo

Folder found: C:\Program Files\Bandoo

Folder found: C:\Users\RIAN\AppData\LocalLow\Toolbar4

File found: C:\Users\RIAN\Downloads\BandooV7.exe

 

Key found: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key found: HKLM\Software\Classes\CLSID\{074E4EFE-81BB-4EA4-866E-082CB0E01070}

Key found: HKLM\Software\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}

Key found: HKLM\Software\Classes\CLSID\{0CE5B352-9D9C-41E1-9551-FCCD92820217}

Key found: HKLM\Software\Classes\CLSID\{167B2B5F-2757-434A-BBDA-2FDB2003F14F}

Key found: HKLM\Software\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}

Key found: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}

Key found: HKLM\Software\Classes\CLSID\{2E9A60EA-5554-49C3-BC9D-D0404DBACC62}

Key found: HKLM\Software\Classes\CLSID\{3E63C9BC-DD51-4E83-ABA6-B350EAD28531}

Key found: HKLM\Software\Classes\CLSID\{44CFFEF4-E7E1-44BD-B1F5-29F828ADA1B8}

Key found: HKLM\Software\Classes\CLSID\{872F3C0B-4462-424c-BB9F-74C6899B9F92}

Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424c-BB9F-74C6899B9F92}

Key found: HKLM\Software\Classes\AppID\{9C123289-82E1-4da7-A3C2-B8D28AAD114B}

Key found: HKLM\Software\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}

Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}

Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7}

Key found: HKLM\Software\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}

Key found: HKLM\Software\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}

Key found: HKLM\Software\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}

Key found: HKLM\Software\Classes\CLSID\{CE1CB632-6817-47b3-8587-D05AF75D6D5A}

Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47b3-8587-D05AF75D6D5A}

Key found: HKLM\Software\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}

Key found: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key found: HKLM\Software\Classes\CLSID\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}

Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}

Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}

Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}

Key found: HKLM\Software\Classes\CLSID\{EF2B6317-C367-401B-83B8-80302D6588A7}

Key found: HKLM\Software\Classes\CLSID\{F5379B4B-24D8-432A-9A96-BE75EE5117DB}

Key found: HKLM\Software\Classes\CLSID\{F7FB2BC4-6C27-4EAC-B5E2-037B71FDE101}

Key found: HKLM\Software\Classes\CLSID\{FD53FE35-4368-4B71-89D6-F29F3DB29DF1}

Key found: HKLM\Software\Classes\Interface\{115CCBAE-27B0-47C3-BA42-BAB708424393}

Key found: HKLM\Software\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}

Key found: HKLM\Software\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}

Key found: HKLM\Software\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}

Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}

Key found: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

Key found: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

Key found: HKLM\Software\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}

Key found: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

Key found: HKLM\Software\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}

Key found: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}

Key found: HKLM\Software\Classes\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690}

Key found: HKLM\Software\Classes\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA}

Key found: HKLM\Software\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}

Key found: HKLM\Software\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}

Key found: HKLM\Software\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2}

Key found: HKLM\Software\Classes\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}

Key found: HKLM\Software\Classes\BandooCoordinator.BandooCoordinator

Key found: HKLM\Software\Classes\BandooCoordinator.BandooCoordinator.1

Key found: HKLM\Software\Classes\BandooCoordinator.CoordinatorUI

Key found: HKLM\Software\Classes\BandooCoordinator.CoordinatorUI.1

Key found: HKLM\Software\Classes\BandooCoordinator.HTTPAsyncResult

Key found: HKLM\Software\Classes\BandooCoordinator.HTTPAsyncResult.1

Key found: HKLM\Software\Classes\BandooCoordinator.PlugInNotifier

Key found: HKLM\Software\Classes\BandooCoordinator.PlugInNotifier.1

Key found: HKLM\Software\Classes\BandooCore.BandooCore

Key found: HKLM\Software\Classes\BandooCore.BandooCore.1

Key found: HKLM\Software\Classes\BandooCore.ResourcesMngr

Key found: HKLM\Software\Classes\BandooCore.ResourcesMngr.1

Key found: HKLM\Software\Classes\BandooCore.SettingsMngr

Key found: HKLM\Software\Classes\BandooCore.SettingsMngr.1

Key found: HKLM\Software\Classes\BandooCore.StatisticMngr

Key found: HKLM\Software\Classes\BandooCore.StatisticMngr.1

Key found: HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin

Key found: HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin.1

Key found: HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl

Key found: HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl.1

Key found: HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl

Key found: HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl.1

Key found: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd

Key found: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1

Key found: HKLM\Software\Classes\AppID\BandooCoordinator.EXE

Key found: HKLM\Software\Classes\AppID\BandooCore.EXE

Key found: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL

Key found: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}

Key found: HKLM\Software\bandoo

Key found: HKCU\Software\Ask.com

Key found: HKCU\Software\AskSearchAsst

Key found: HKCU\Software\DataMngr

Key found: HKCU\Software\AppDataLow\AskToolbarInfo

Key found: HKCU\Software\AppDataLow\Software\AskToolbar

Key found: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}

Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2}

Key found: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}

Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}

Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}

Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}

Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}

Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask.com Search Assistant

Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}

Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ask.com Search Assistant

Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Bandoo

Key found: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar

 

Value found: HKCU\Software\Mozilla\Firefox\Extensions|ffox@bandoo.com

Value found: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC}

Value found: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}

Value found: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}

 

 

============== ADDITIONNAL SCAN ==============

 

**** Mozilla Firefox Version [7.0.1 (pt-BR)] ****

 

Plugins\npganymedenet.dll ( )

HKCU_MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0 (x)

HKCU_MozillaPlugins\mattelinc.com/HotWheelsLoader (x)

Searchplugins\avg_igeared.xml (hxxp://search.avg.com/route/?d=4af21366&v=7.008.031.001&i=23&tp=chrome&q={searchTerms}&lng=pt-BR&iy=&ychte=us/)

Searchplugins\buscape.xml (hxxp://busca.buscape.com.br/cprocura)

Searchplugins\mercadolivre.xml (hxxp://pmstrk.mercadolivre.com.br/jm/PmsTrk)

Searchplugins\SearchResults.xml ( hxxp://dts.search-results.com/sr?src=ffb&appid=120&systemid=101&q={searchTerms}/)

Searchplugins\wikipedia-br.xml (hxxp://pt.wikipedia.org/wiki/Especial:Busca)

Searchplugins\yahoo-br.xml (hxxp://br.search.yahoo.com/search)

Components\browsercomps.dll (Mozilla Foundation)

HKLM_Extensions|{1E73965B-8B48-48be-9C8D-68B920ABC1C4} - C:\Program Files\AVG\AVG2012\Firefox4\

HKCU_Extensions|ffox@bandoo.com - C:\Users\RIAN\AppData\Roaming\Mozilla\Firefox\Profiles\on68i9jd.default\extensions\ffox@bandoo.com

 

-- C:\Users\RIAN\AppData\Roaming\Mozilla\FireFox\Profiles\c46lnu1g.default --

Extensions\toolbar@ask.com (VDownloader Toolbar)

Searchplugins\askcom.xml (?)

 

========================================

 

**** Google Chrome Version [15.0.874.106] ****

 

Extension\dloejdefkancmfajekobpfoacecnhpgp (C:\Program Files\Bandoo\ChromePackage.crx) (?)

Extension\jmfkcklnlgedgbglfkkgedjfmejoahla (C:\Program Files\AVG\AVG2012\Chrome\safesearch.crx) (?)

Extension\lpkbfdhlbdkjohbhnhabfecpmcdlcmff (C:\Users\RIAN\AppData\Roaming\kikin\kikin_installer_1.23.14_counterstrike2d_win.crx) (?)

 

-- C:\Users\RIAN\AppData\Local\Google\Chrome\User Data\Default --

Preferences - default_search_provider: "Google" (Enabled: true) (?)

Preferences - homepage: hxxp://google/

Preferences - homepage_is_newtabpage: true

Plugin - Remoting Viewer (Enabled: true) (internal-remoting-viewer) (x)

Plugin - Native Client (Enabled: true) (C:\Users\RIAN\AppData\Local\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll)

Plugin - AVG Internet Security (Enabled: true) (C:\Users\RIAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll) (x)

Plugin - Windows Live\u0099 Photo Gallery (Enabled: true) (C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll)

Plugin - Unity Player (Enabled: true) (C:\Users\RIAN\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll)

Plugin - HotWheels Loader (Enabled: true) (C:\Users\RIAN\AppData\Local\sswat_hwrc_win_live\npHotWheelsLoader.dll)

Plugin - "Java" (Enabled: true)

Plugin - "Silverlight" (Enabled: true)

Plugin - "Remoting Viewer" (Enabled: true)

Plugin - "Native Client" (Enabled: true)

Plugin - "AVG Internet Security" (Enabled: true)

Plugin - "GanymedeNet.Detector" (Enabled: true)

Plugin - "Windows Live\u0099 Photo Gallery" (Enabled: true)

Plugin - "Unity Player" (Enabled: true)

Plugin - "HotWheels Loader" (Enabled: true)

 

========================================

 

**** Internet Explorer Version [8.0.6001.19154] ****

 

HKCU_Main|Start Page - hxxp://www.globo.com.br/

HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157

HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKCU_URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC} - "UrlSearchHook Class" (C:\Program Files\Ask.com\GenericAskToolbar.dll)

HKCU_URLSearchHooks|*{CFBFAE00-17A6-11D0-99CB-00C04FD64497} (x)

HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "Ask Search" (hxxp://websearch.ask.com/redirect?client=ie&tb=VD&o=14782&src=crm&q={searchTerms...)

HKCU_SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2} - "Ask" (hxxp://www.plusnetwork.com/s/?q={searchTerms}&iesrc={referrer:source?})

HKCU_SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e} - "Search" (hxxp://www.bigseekpro.com/search/browser/aresdestiny/{2D1B45AE-DD6F-4047-BB1D-66...)

HKCU_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2101} - "?" (?)

HKCU_SearchScopes\{AC129BF9-68BF-4bc4-A1DC-ECB62712FF99} - "kikin Search" (hxxp://search.kikin.com/search/?q={searchTerms})

HKCU_SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - "AVG Secure Search" (hxxp://search.avg.com/route/?d=4af21366&v=6.10.6.4&i=23&tp=chrome&q={searchTerms...)

HKLM_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2101} - "Search Results" (hxxp://dts.search-results.com/sr?src=ieb&appid=120&systemid=101&q={searchTerms})

HKCU_Toolbar\WebBrowser|{C55BBCD6-41AD-48AD-9953-3609C48EACC7} (x)

HKCU_Toolbar\WebBrowser|{CCC7A320-B3CA-4199-B1A6-9F516DD69829} (x)

HKCU_Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} (C:\Program Files\Ask.com\GenericAskToolbar.dll)

HKLM_Toolbar|{CCC7A320-B3CA-4199-B1A6-9F516DD69829} (x)

HKLM_Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440} (C:\Program Files\Ask.com\GenericAskToolbar.dll)

HKLM_Toolbar|{99079a25-328f-4bd4-be04-00955acaa0a7} (C:\PROGRA~1\WI9130~1\Datamngr\ToolBar\searchqudtx.dll) (x)

HKCU_ElevationPolicy\{8F8BAD52-D4D2-4669-9E8E-A7AAE8393056} - C:\Program Files\kikin\KikinBroker.exe (kikin)

HKCU_ElevationPolicy\{96EC0988-6545-4017-9D2A-01312FA6571F} - C:\Program Files\QuickTime\qttask.exe (Apple Inc.)

HKCU_ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} - C:\Program Files\Ask.com\SaUpdate.exe (?)

HKCU_ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} - C:\Users\RIAN\AppData\Local\Google\Chrome\Application\14.0.835.202\chrome_launcher.exe (x)

HKLM_ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC} - C:\Program Files\Bandoo\BndCore.exe (Bandoo Media Inc.)

HKLM_ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2} - C:\Program Files\Orbitdownloader\orbitdm.exe (x)

HKLM_ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} - C:\Program Files\FileBulldog Toolbar\TbHelper2.exe (x)

HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)

HKLM_ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12} - C:\Program Files\Bandoo\ExtensionsManager.exe (Bandoo Media Inc.)

HKLM_ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A} - C:\Program Files\Bandoo\Bandoo.exe (Bandoo Media Inc.)

HKLM_ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} - C:\Program Files\Ask.com\SaUpdate.exe (?)

HKLM_ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080} - C:\Program Files\Bandoo\BandooUI.exe (Bandoo Media Inc.)

HKLM_Extensions\{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - "?" (?)

BHO\{99079a25-328f-4bd4-be04-00955acaa0a7} - "Searchqu Toolbar" (C:\PROGRA~1\WI9130~1\Datamngr\ToolBar\searchqudtx.dll) (x)

BHO\{C41A1C0E-EA6C-11D4-B1B8-444553540007} - "GbIehObj Class" (C:\PROGRA~1\GbPlugin\gbiehAbn.dll)

BHO\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - "Google Dictionary Compression sdch" (C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll)

BHO\{D4027C7F-154A-4066-A1AD-4243D8127440} - "?" (C:\Program Files\Ask.com\GenericAskToolbar.dll)

BHO\{E601996F-E400-41CA-804B-CD6373A7EEE2} - "kikin Plugin" (C:\Program Files\kikin\ie_kikin.dll)

BHO\{EB5CEE80-030A-4ED8-8E20-454E9C68380F} - "BandooIEPlugin Class" (C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll)

 

========================================

 

C:\Program Files\Ad-Remover\Quarantine: 0 File(s)

C:\Program Files\Ad-Remover\Backup: 0 File(s)

 

C:\Ad-Report-SCAN[1].txt - 07/11/2011 10:35:26 (17951 Byte(s))

 

End at: 10:36:16, 07/11/2011

 

============== E.O.F ==============

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.19154 BrowserJavaVersion: 1.6.0_22

Run by RIAN at 0:42:58 on 2011-11-07

Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.55.1046.18.2047.1080 [GMT -2:00]

.

AV: Lavasoft Ad-Watch Live! Anti-vírus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}

.

============== Running Processes ===============

.

C:\PROGRA~1\AVG\AVG2012\avgrsx.exe

C:\Program Files\AVG\AVG2012\avgcsrvx.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\PROGRA~1\GbPlugin\GbpSv.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\RtHDVCpl.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\AVG\AVG2012\avgtray.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\QuickTime\QTTask.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Ahead\Nero PhotoShow\data\Xtras\mssysmgr.exe

C:\Program Files\Ares\Ares.exe

C:\Users\RIAN\AppData\Local\sswat_hwrc_win_live\mattelhwrc_launcher.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\System32\svchost.exe -k Akamai

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\AVG\AVG2012\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\FsUsbExService.Exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Bandoo\Bandoo.exe

C:\Program Files\AVG\AVG2012\avgnsx.exe

C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Bandoo\BndCore.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\conime.exe

.

============== Pseudo HJT Report ===============

.

uSearch Page =

uStart Page = hxxp://www.globo.com.br/

uSearch Bar =

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll

uURLSearchHooks: H - No File

mURLSearchHooks: H - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi9130~1\datamngr\toolbar\searchqudtx.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll

BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540007} - c:\progra~1\gbplugin\gbiehAbn.dll

BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll

BHO: : {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: kikin Plugin: {e601996f-e400-41ca-804b-cd6373a7eee2} - c:\program files\kikin\ie_kikin.dll

BHO: BandooIEPlugin Class: {eb5cee80-030a-4ed8-8e20-454e9c68380f} - c:\program files\bandoo\plugins\ie\ieplugin.dll

TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: N/A: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll

TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi9130~1\datamngr\toolbar\searchqudtx.dll

TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File

TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

uRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\MMonitor.exe" -NoStart

uRun: [PhotoShow Deluxe Media Manager] c:\progra~1\ahead\neroph~1\data\xtras\mssysmgr.exe

uRun: [Google Update] "c:\users\rian\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [ares] "c:\program files\ares\Ares.exe" -h

uRun: [Mattel HWRC Launcher] c:\users\rian\appdata\local\sswat_hwrc_win_live\mattelhwrc_launcher.exe

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

uRun: [Akamai NetSession Interface] c:\users\rian\appdata\local\akamai\netsession_win.exe

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [skytel] Skytel.exe

mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"

mRun: [NPSStartup]

mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"

mRun: [RestartNeroSetup] "c:\users\rian\appdata\local\temp\nero web\SetupXu.exe" MODE="update" STARTMODE="2" USERSEL="3" FAMILYNAME="Nero 7" RUNSETUPXU="1" UPGRADE="1"

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [NWEReboot]

mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

mRunOnce: [*WerKernelReporting] %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq

mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

dRunOnce: [AutoLaunch] c:\program files\lavasoft\ad-aware\AutoLaunch.exe monthly

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xportar para o Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files\kikin\ie_kikin.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

TCP: DhcpNameServer = 200.222.122.132 192.168.0.1

TCP: Interfaces\{EE8527B7-7F4B-4A6A-8133-2F6CA50E5D32} : DhcpNameServer = 200.222.122.132 192.168.0.1

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

Notify: GbPluginAbn - c:\progra~1\gbplugin\gbiehAbn.dll

AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll

SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399007} - c:\progra~1\gbplugin\gbiehAbn.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\rian\appdata\roaming\mozilla\firefox\profiles\on68i9jd.default\

FF - prefs.js: browser.search.selectedEngine - AVG Secure Search

FF - prefs.js: browser.startup.homepage - about:home

FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4af21366&v=7.008.031.001&i=23&tp=ab&iy=&ychte=us&lng=pt-BR&q=

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npganymedenet.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\programdata\zylom\zylomgamesplayer\npzylomgamesplayer.dll

FF - plugin: c:\users\rian\appdata\local\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\users\rian\appdata\local\sswat_hwrc_win_live\npHotWheelsLoader.dll

FF - plugin: c:\users\rian\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll

FF - plugin: c:\users\rian\appdata\roaming\mozilla\plugins\npgoogletalk.dll

FF - plugin: c:\users\rian\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592]

R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\GbpKm.sys [2009-10-14 31080]

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2011-8-11 64512]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608]

R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]

R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2009-12-11 21504]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]

R2 avgwd;Watchdog do AVG;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]

R2 FontCache;Serviço de Cache de Fontes do Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2009-12-11 21504]

R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-5-11 233472]

R2 GbpSv;Gbp Service;c:\progra~1\gbplugin\GbpSv.exe [2009-11-19 54376]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-12-3 2152152]

R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-6-25 35088]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134736]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720]

R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-5-11 36608]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\lavalys\everest ultimate edition\kerneld.wnt [2009-6-28 26224]

S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2010-12-3 15232]

S3 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2010-5-4 503080]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2011-11-07 02:42:35 -------- d-----w- c:\users\rian\appdata\local\{754B7438-F654-41AA-AB87-8A8CD62CEE98}

2011-11-07 02:42:19 -------- d-----w- c:\program files\Ad-Remover

2011-11-07 02:42:11 -------- d-----w- c:\users\rian\appdata\local\{3D9EC1CB-D94F-4709-B85C-A0C5D7E36F1C}

2011-11-07 02:33:08 -------- d-----w- C:\erunt

2011-11-07 01:10:13 -------- d-----w- c:\users\rian\appdata\local\{66C511EB-D1AB-4276-B9BF-ADE2657B1149}

2011-11-07 01:09:52 -------- d-----w- c:\users\rian\appdata\local\{94D3DDAD-F6A9-4107-A6EA-99D0B8BFC8ED}

2011-11-06 00:20:07 -------- d-----w- c:\users\rian\appdata\local\{B8611157-348A-4295-A4DA-133D4D31814C}

2011-11-06 00:19:56 -------- d-----w- c:\users\rian\appdata\local\{B9F27BAD-5FB6-434E-A335-4BE5B92B4698}

2011-11-05 22:56:27 -------- d-----w- c:\users\rian\appdata\roaming\Malwarebytes

2011-11-05 22:56:19 -------- d-----w- c:\programdata\Malwarebytes

2011-11-05 22:56:16 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-11-05 22:56:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-11-05 20:10:15 -------- d-----w- c:\users\rian\appdata\local\{D179B705-DE67-4673-BF85-3C7CEEAF209E}

2011-11-05 00:28:31 -------- d-----w- c:\users\rian\appdata\local\{DA12FA44-30AE-42A9-A40E-595F7E46185B}

2011-11-05 00:28:00 -------- d-----w- c:\users\rian\appdata\local\{DF29EBB7-0A21-4119-8124-B3EB0986DD8D}

2011-11-04 01:02:00 -------- d-----w- c:\users\rian\appdata\local\{B1047CB4-10E9-4041-86BF-A3DE453F2CAD}

2011-11-04 01:01:36 -------- d-----w- c:\users\rian\appdata\local\{AED9CB92-3152-4609-9318-E9275DB9971D}

2011-11-02 18:42:28 -------- d-----w- c:\program files\common files\Akamai

2011-11-02 18:07:35 -------- d-----w- c:\users\rian\appdata\local\{293ED0DC-89E3-445D-BF33-36209DC9B450}

2011-11-02 18:07:11 -------- d-----w- c:\users\rian\appdata\local\{D7B58CC5-369C-4364-8126-FAF9E737F011}

2011-11-01 16:15:25 -------- d-----w- c:\users\rian\appdata\roaming\AVG2012

2011-11-01 16:14:48 -------- d-----w- c:\programdata\AVG2012

2011-11-01 14:37:08 -------- d-----w- c:\users\rian\appdata\local\{5B214084-F767-44A0-9E03-C1221A571A5B}

2011-11-01 14:36:46 -------- d-----w- c:\users\rian\appdata\local\{70B984CA-E69D-4B35-B75E-0FDD49DE7597}

2011-10-31 15:07:23 -------- d-----w- c:\users\rian\appdata\local\{B2C462F0-C707-413F-9A0E-311EABF30C48}

2011-10-29 22:21:53 -------- d-----w- c:\users\rian\appdata\local\{32D8A3CD-E9EF-4EF6-9D56-179B2FA65222}

2011-10-29 22:21:22 -------- d-----w- c:\users\rian\appdata\local\{77D970C3-7211-4388-B160-55FC0B3076A9}

2011-10-28 12:11:06 6144 ----a-w- c:\program files\internet explorer\iecompat.dll

2011-10-28 11:57:31 -------- d-----w- c:\users\rian\appdata\local\{7FB52253-DA6B-4CBF-BDDE-B4317ADA398C}

2011-10-28 11:57:13 -------- d-----w- c:\users\rian\appdata\local\{24BCA4B3-ECCF-438B-B78E-C4A8843D1E12}

2011-10-26 22:53:56 -------- d-----w- c:\users\rian\appdata\local\{BA6AD9E7-4841-4444-835D-E8EAC786CDD3}

2011-10-26 22:53:35 -------- d-----w- c:\users\rian\appdata\local\{09377925-1584-4E64-AF1A-25411A1B90EF}

2011-10-25 01:46:44 -------- d-----w- c:\users\rian\appdata\local\{79A02548-930B-4AF8-B979-D18486AEE448}

2011-10-25 01:46:21 -------- d-----w- c:\users\rian\appdata\local\{8C186507-8949-40AC-941D-2C8FA7FFF422}

2011-10-23 20:25:48 -------- d-----w- c:\users\rian\appdata\local\{581C6359-AE9E-4ECA-B84B-D9FC89DBF3EE}

2011-10-23 20:25:28 -------- d-----w- c:\users\rian\appdata\local\{1F25E8CE-038D-43C8-B8A3-C4568BE32AF8}

2011-10-21 23:09:28 -------- d-----w- c:\users\rian\appdata\local\{20019D68-8ADF-4373-9A6A-DE895BB68325}

2011-10-21 23:09:13 -------- d-----w- c:\users\rian\appdata\local\{489771E7-3E4E-4ED1-8BA7-9FBF8591DB09}

2011-10-20 15:48:23 -------- d-----w- c:\users\rian\appdata\local\{230F890A-92C5-47DE-AFB3-152E84D17702}

2011-10-20 15:47:58 -------- d-----w- c:\users\rian\appdata\local\{6AA23029-4679-4C9A-91C6-BF8277876396}

2011-10-18 16:32:44 -------- d-----w- c:\users\rian\appdata\local\{CAA01C1F-5C2B-42A1-82CB-8F4A292531FF}

2011-10-18 16:32:17 -------- d-----w- c:\users\rian\appdata\local\{6FC04C1A-FBBE-4FA1-ADDA-2CF88C946030}

2011-10-17 13:01:01 -------- d-----w- c:\users\rian\appdata\local\{C9256A80-421B-4681-975E-BA6E8BFF5273}

2011-10-17 13:00:46 -------- d-----w- c:\users\rian\appdata\local\{491D29B9-7FFC-469C-B5C7-17CF67D8E322}

2011-10-17 00:44:15 -------- d-----w- c:\users\rian\appdata\local\{D6A067D7-8FFE-4F1C-A5E3-71A13E2FAC11}

2011-10-17 00:43:59 -------- d-----w- c:\users\rian\appdata\local\{8DBABE9A-54D9-43E4-A10A-CDF4D20ED996}

2011-10-14 19:49:46 238080 ----a-w- c:\windows\system32\oleacc.dll

2011-10-14 19:49:45 563712 ----a-w- c:\windows\system32\oleaut32.dll

2011-10-14 19:49:45 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll

2011-10-14 19:49:45 4096 ----a-w- c:\windows\system32\oleaccrc.dll

2011-10-14 18:39:31 -------- d-----w- c:\users\rian\appdata\local\{046F9F87-5A16-4D1E-8AF9-7547EE4D0218}

2011-10-14 18:39:18 -------- d-----w- c:\users\rian\appdata\local\{967C899C-4C26-4BFC-983C-FA3A55A7A58E}

2011-10-14 01:55:04 -------- d-----w- C:\9a337c7ee329ee53eaada9

2011-10-14 01:53:53 293376 ----a-w- c:\windows\system32\psisdecd.dll

2011-10-14 01:53:52 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax

2011-10-14 01:53:52 217088 ----a-w- c:\windows\system32\psisrndr.ax

2011-10-14 01:53:51 57856 ----a-w- c:\windows\system32\MSDvbNP.ax

2011-10-14 01:53:42 2043392 ----a-w- c:\windows\system32\win32k.sys

2011-10-14 01:53:34 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat

2011-10-14 01:51:59 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2011-10-14 01:44:58 -------- d-----w- c:\users\rian\appdata\local\{78312E1C-D0E0-47C2-83D5-48825620600F}

2011-10-14 01:44:39 -------- d-----w- c:\users\rian\appdata\local\{4ED70625-F3EB-4313-BFEF-AE04E16F223A}

2011-10-12 16:47:21 -------- d-----w- c:\users\rian\appdata\local\{1EF483A8-137D-4FB4-BF23-93EA25BDD7CB}

2011-10-12 16:47:05 -------- d-----w- c:\users\rian\appdata\local\{C7397A57-0B3C-4FF2-B63A-A535E01AC42A}

2011-10-11 14:43:37 -------- d-----w- c:\users\rian\appdata\local\{5105E559-EBDF-4C60-9FED-4F795B2DF4E2}

2011-10-11 14:39:57 -------- d-----w- c:\users\rian\appdata\local\{05102829-09CB-4C61-A9B4-6DF29FF52B5C}

2011-10-10 16:28:05 -------- d-----w- c:\users\rian\appdata\local\{E9DEDB25-FB92-4DD9-83FE-58E5FD86BB1E}

2011-10-10 16:27:40 -------- d-----w- c:\users\rian\appdata\local\{697537BE-BE2F-47CF-B694-C371AA39CAC2}

2011-10-09 16:43:28 -------- d-----w- c:\users\rian\appdata\local\{3CB04C2B-76DA-4614-A26C-12F608A6CBE0}

2011-10-09 16:43:09 -------- d-----w- c:\users\rian\appdata\local\{BC84FD5B-3F6B-4298-B416-07749A2D2B52}

2011-10-08 19:45:25 -------- d-----w- c:\users\rian\appdata\local\{38CB8F78-9B58-41F6-94D7-9679701E23E5}

2011-10-08 19:45:00 -------- d-----w- c:\users\rian\appdata\local\{8F25F06B-3530-47F1-9566-F89512B52CBE}

.

==================== Find3M ====================

.

2011-10-07 08:23:48 230608 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2011-10-04 08:21:16 16720 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys

2011-10-02 23:52:10 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-09-30 23:06:24 916480 ----a-w- c:\windows\system32\wininet.dll

2011-09-30 23:02:06 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-09-30 23:01:34 71680 ----a-w- c:\windows\system32\iesetup.dll

2011-09-30 23:01:34 109056 ----a-w- c:\windows\system32\iesysprep.dll

2011-09-30 22:07:25 385024 ----a-w- c:\windows\system32\html.iec

2011-09-30 21:29:54 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2011-09-30 21:28:36 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-09-13 08:30:10 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys

2011-08-11 23:41:55 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

2011-08-11 23:41:46 16432 ----a-w- c:\windows\system32\lsdelete.exe

2011-08-11 23:40:54 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys

2011-08-11 13:50:56 178597 ----a-w- C:\51942_bankerfix_30.exe

2010-02-10 19:18:42 2131336 ----a-w- c:\program files\common files\AskToolbarInstaller.exe

.

============= FINISH: 0:46:02,15 ===============

 

 

 

Olá altasena

 

 

1.

*Baixe o ERUNT e salve-o no desktop

*Crie uma pasta em C:\ chamada ERUNT e extraia para ela

*Execute o arquivo C:\ERUNT\ERUNT.exe

*Clique [OK] > [OK] > [sim] > [OK]

 

2.

*Baixe o AD-Remover e salve-o no desktop

*Clique com o botão direito do mouse no AD-R e selecione "Executar como administrador", clique [Clean] > [sim] > [OK] > [sim]. O PC poderá ser reiniciado para a completa limpeza.

*Cole o relatório C:\Ad-Report-CLEAN[1].txt

 

3.

*Baixe o DDS e salve-o no desktop

*Execute-o e salve os relatórios no desktop (DDS.txt e Attach.txt)

*Cole apenas o relatório DDS.txt

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia altasena

 

No programa AD-Remover, você clicou em [scan]...observe que solicitei para clicar em [Clean].

 

Por favor, execute novamente o AD-Remover e clique em [Clean] e cole o relatório conforme descrevi.

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia altasena

 

No programa AD-Remover, você clicou em [scan]...observe que solicitei para clicar em [Clean].

 

Por favor, execute novamente o AD-Remover e clique em [Clean] e cole o relatório conforme descrevi.

 

 

Boa noite, desculpe-me!! Postado o novo log! Obrigado!! Abraços.

======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======

 

Updated by TeamXscript on 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

website: http://www.teamxscript.org

 

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 20:04:38 on 07/11/2011, Normal boot

 

Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86)

RIAN@RIAN-PC (Gigabyte Technology Co., Ltd. 945GCM-S2C)

 

============== ACTION(S) ==============

 

Service: "Bandoo Coordinator" Service stopped and deleted

 

File deleted: C:\Windows\system32\Tasks\Scheduled Update for Ask Toolbar

Folder deleted: C:\Users\RIAN\AppData\Roaming\Mozilla\FireFox\Profiles\c46lnu1g.default\extensions\toolbar@ask.com

File deleted: C:\Users\RIAN\AppData\Roaming\Mozilla\FireFox\Profiles\c46lnu1g.default\searchplugins\askcom.xml

Folder deleted: C:\Users\RIAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ask Search Assistant

Folder deleted: C:\Program Files\Ask Search Assistant

Folder deleted: C:\Program Files\Ask.com

Folder deleted: C:\Users\RIAN\AppData\LocalLow\AskToolbar

Folder deleted: C:\Users\RIAN\AppData\Roaming\Bandoo

Folder deleted: C:\ProgramData\Bandoo

 

Boa noite, desculpe-me!! Postado o novo log! Obrigado!! Abraços.

======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======

 

Updated by TeamXscript on 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

website: http://www.teamxscript.org

 

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 20:04:38 on 07/11/2011, Normal boot

 

Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86)

RIAN@RIAN-PC (Gigabyte Technology Co., Ltd. 945GCM-S2C)

 

============== ACTION(S) ==============

 

Service: "Bandoo Coordinator" Service stopped and deleted

 

File deleted: C:\Windows\system32\Tasks\Scheduled Update for Ask Toolbar

Folder deleted: C:\Users\RIAN\AppData\Roaming\Mozilla\FireFox\Profiles\c46lnu1g.default\extensions\toolbar@ask.com

File deleted: C:\Users\RIAN\AppData\Roaming\Mozilla\FireFox\Profiles\c46lnu1g.default\searchplugins\askcom.xml

Folder deleted: C:\Users\RIAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ask Search Assistant

Folder deleted: C:\Program Files\Ask Search Assistant

Folder deleted: C:\Program Files\Ask.com

Folder deleted: C:\Users\RIAN\AppData\LocalLow\AskToolbar

Folder deleted: C:\Users\RIAN\AppData\Roaming\Bandoo

Folder deleted: C:\ProgramData\Bandoo

Olá resolvi fazer novamente achei o log acima pequeno, talvez porque travou várias vezes. Fiz novamente LOg abaixo!! Grato!

======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======

 

Updated by TeamXscript on 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

website: http://www.teamxscript.org

 

C:\Program Files\Ad-Remover\main.exe (CLEAN [3]) -> Launched at 20:09:25 on 07/11/2011, Normal boot

 

Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86)

RIAN@RIAN-PC (Gigabyte Technology Co., Ltd. 945GCM-S2C)

 

============== ACTION(S) ==============

 

 

Folder deleted: C:\Users\RIAN\AppData\LocalLow\Toolbar4

File deleted: C:\Users\RIAN\Downloads\BandooV7.exe

 

(!) -- Temporary files deleted.

 

 

Key deleted: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key deleted: HKLM\Software\Classes\CLSID\{074E4EFE-81BB-4EA4-866E-082CB0E01070}

Key deleted: HKLM\Software\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}

Key deleted: HKLM\Software\Classes\CLSID\{0CE5B352-9D9C-41E1-9551-FCCD92820217}

Key deleted: HKLM\Software\Classes\CLSID\{167B2B5F-2757-434A-BBDA-2FDB2003F14F}

Key deleted: HKLM\Software\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}

Key deleted: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}

Key deleted: HKLM\Software\Classes\CLSID\{2E9A60EA-5554-49C3-BC9D-D0404DBACC62}

Key deleted: HKLM\Software\Classes\CLSID\{3E63C9BC-DD51-4E83-ABA6-B350EAD28531}

Key deleted: HKLM\Software\Classes\CLSID\{44CFFEF4-E7E1-44BD-B1F5-29F828ADA1B8}

Key deleted: HKLM\Software\Classes\CLSID\{872F3C0B-4462-424c-BB9F-74C6899B9F92}

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424c-BB9F-74C6899B9F92}

Key deleted: HKLM\Software\Classes\AppID\{9C123289-82E1-4da7-A3C2-B8D28AAD114B}

Key deleted: HKLM\Software\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}

Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7}

Key deleted: HKLM\Software\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}

Key deleted: HKLM\Software\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}

Key deleted: HKLM\Software\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}

Key deleted: HKLM\Software\Classes\CLSID\{CE1CB632-6817-47b3-8587-D05AF75D6D5A}

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47b3-8587-D05AF75D6D5A}

Key deleted: HKLM\Software\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}

Key deleted: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key deleted: HKLM\Software\Classes\CLSID\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}

Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}

Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}

Key deleted: HKLM\Software\Classes\CLSID\{EF2B6317-C367-401B-83B8-80302D6588A7}

Key deleted: HKLM\Software\Classes\CLSID\{F5379B4B-24D8-432A-9A96-BE75EE5117DB}

Key deleted: HKLM\Software\Classes\CLSID\{F7FB2BC4-6C27-4EAC-B5E2-037B71FDE101}

Key deleted: HKLM\Software\Classes\CLSID\{FD53FE35-4368-4B71-89D6-F29F3DB29DF1}

Key deleted: HKLM\Software\Classes\Interface\{115CCBAE-27B0-47C3-BA42-BAB708424393}

Key deleted: HKLM\Software\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}

Key deleted: HKLM\Software\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}

Key deleted: HKLM\Software\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}

Key deleted: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

Key deleted: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

Key deleted: HKLM\Software\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}

Key deleted: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

Key deleted: HKLM\Software\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}

Key deleted: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}

Key deleted: HKLM\Software\Classes\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690}

Key deleted: HKLM\Software\Classes\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA}

Key deleted: HKLM\Software\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}

Key deleted: HKLM\Software\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}

Key deleted: HKLM\Software\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2}

Key deleted: HKLM\Software\Classes\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}

Key deleted: HKLM\Software\Classes\BandooCoordinator.BandooCoordinator

Key deleted: HKLM\Software\Classes\BandooCoordinator.BandooCoordinator.1

Key deleted: HKLM\Software\Classes\BandooCoordinator.CoordinatorUI

Key deleted: HKLM\Software\Classes\BandooCoordinator.CoordinatorUI.1

Key deleted: HKLM\Software\Classes\BandooCoordinator.HTTPAsyncResult

Key deleted: HKLM\Software\Classes\BandooCoordinator.HTTPAsyncResult.1

Key deleted: HKLM\Software\Classes\BandooCoordinator.PlugInNotifier

Key deleted: HKLM\Software\Classes\BandooCoordinator.PlugInNotifier.1

Key deleted: HKLM\Software\Classes\BandooCore.BandooCore

Key deleted: HKLM\Software\Classes\BandooCore.BandooCore.1

Key deleted: HKLM\Software\Classes\BandooCore.ResourcesMngr

Key deleted: HKLM\Software\Classes\BandooCore.ResourcesMngr.1

Key deleted: HKLM\Software\Classes\BandooCore.SettingsMngr

Key deleted: HKLM\Software\Classes\BandooCore.SettingsMngr.1

Key deleted: HKLM\Software\Classes\BandooCore.StatisticMngr

Key deleted: HKLM\Software\Classes\BandooCore.StatisticMngr.1

Key deleted: HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin

Key deleted: HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin.1

Key deleted: HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl

Key deleted: HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl.1

Key deleted: HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl

Key deleted: HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl.1

Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd

Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1

Key deleted: HKLM\Software\Classes\AppID\BandooCoordinator.EXE

Key deleted: HKLM\Software\Classes\AppID\BandooCore.EXE

Key deleted: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL

Key deleted: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}

Key deleted: HKLM\Software\bandoo

Key deleted: HKCU\Software\Ask.com

Key deleted: HKCU\Software\AskSearchAsst

Key deleted: HKCU\Software\DataMngr

Key deleted: HKCU\Software\AppDataLow\AskToolbarInfo

Key deleted: HKCU\Software\AppDataLow\Software\AskToolbar

Key deleted: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}

Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2}

Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}

Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}

Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}

Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}

Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}

Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask.com Search Assistant

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ask.com Search Assistant

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Bandoo

Key deleting error: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar

 

Value deleted: HKCU\Software\Mozilla\Firefox\Extensions|ffox@bandoo.com

Value deleted: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC}

Value deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}

Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}

 

 

============== ADDITIONNAL SCAN ==============

 

**** Mozilla Firefox Version [7.0.1 (pt-BR)] ****

 

Plugins\npganymedenet.dll ( )

HKCU_MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0 (x)

HKCU_MozillaPlugins\mattelinc.com/HotWheelsLoader (x)

Searchplugins\avg_igeared.xml (hxxp://search.avg.com/route/?d=4af21366&v=7.008.031.001&i=23&tp=chrome&q={searchTerms}&lng=pt-BR&iy=&ychte=us/)

Searchplugins\buscape.xml (hxxp://busca.buscape.com.br/cprocura)

Searchplugins\mercadolivre.xml (hxxp://pmstrk.mercadolivre.com.br/jm/PmsTrk)

Searchplugins\SearchResults.xml ( hxxp://dts.search-results.com/sr?src=ffb&appid=120&systemid=101&q={searchTerms}/)

Searchplugins\wikipedia-br.xml (hxxp://pt.wikipedia.org/wiki/Especial:Busca)

Searchplugins\yahoo-br.xml (hxxp://br.search.yahoo.com/search)

Components\browsercomps.dll (Mozilla Foundation)

HKLM_Extensions|{1E73965B-8B48-48be-9C8D-68B920ABC1C4} - C:\Program Files\AVG\AVG2012\Firefox4\

 

-- C:\Users\RIAN\AppData\Roaming\Mozilla\FireFox\Profiles\c46lnu1g.default --

 

========================================

 

**** Google Chrome Version [15.0.874.106] ****

 

Extension\dloejdefkancmfajekobpfoacecnhpgp (C:\Program Files\Bandoo\ChromePackage.crx) (x)

Extension\jmfkcklnlgedgbglfkkgedjfmejoahla (C:\Program Files\AVG\AVG2012\Chrome\safesearch.crx) (?)

Extension\lpkbfdhlbdkjohbhnhabfecpmcdlcmff (C:\Users\RIAN\AppData\Roaming\kikin\kikin_installer_1.23.14_counterstrike2d_win.crx) (?)

 

-- C:\Users\RIAN\AppData\Local\Google\Chrome\User Data\Default --

Preferences - default_search_provider: "Google" (Enabled: true) (?)

Preferences - homepage: hxxp://google/

Preferences - homepage_is_newtabpage: true

Plugin - Remoting Viewer (Enabled: true) (internal-remoting-viewer) (x)

Plugin - Native Client (Enabled: true) (C:\Users\RIAN\AppData\Local\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll)

Plugin - AVG Internet Security (Enabled: true) (C:\Users\RIAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll) (x)

Plugin - Windows Live\u0099 Photo Gallery (Enabled: true) (C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll)

Plugin - Unity Player (Enabled: true) (C:\Users\RIAN\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll)

Plugin - HotWheels Loader (Enabled: true) (C:\Users\RIAN\AppData\Local\sswat_hwrc_win_live\npHotWheelsLoader.dll)

Plugin - "Java" (Enabled: true)

Plugin - "Silverlight" (Enabled: true)

Plugin - "Remoting Viewer" (Enabled: true)

Plugin - "Native Client" (Enabled: true)

Plugin - "AVG Internet Security" (Enabled: true)

Plugin - "GanymedeNet.Detector" (Enabled: true)

Plugin - "Windows Live\u0099 Photo Gallery" (Enabled: true)

Plugin - "Unity Player" (Enabled: true)

Plugin - "HotWheels Loader" (Enabled: true)

 

========================================

 

**** Internet Explorer Version [8.0.6001.19154] ****

 

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896

HKCU_Main|Start Page - hxxp://fr.msn.com/

HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm

HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Start Page - hxxp://fr.msn.com/

HKCU_URLSearchHooks|*{CFBFAE00-17A6-11D0-99CB-00C04FD64497} (x)

HKCU_SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e} - "Search" (hxxp://www.bigseekpro.com/search/browser/aresdestiny/{2D1B45AE-DD6F-4047-BB1D-66...)

HKCU_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2101} - "?" (?)

HKCU_SearchScopes\{AC129BF9-68BF-4bc4-A1DC-ECB62712FF99} - "kikin Search" (hxxp://search.kikin.com/search/?q={searchTerms})

HKCU_SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - "AVG Secure Search" (hxxp://search.avg.com/route/?d=4af21366&v=6.10.6.4&i=23&tp=chrome&q={searchTerms...)

HKLM_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2101} - "Search Results" (hxxp://dts.search-results.com/sr?src=ieb&appid=120&systemid=101&q={searchTerms})

HKCU_Toolbar\WebBrowser|{C55BBCD6-41AD-48AD-9953-3609C48EACC7} (x)

HKCU_Toolbar\WebBrowser|{CCC7A320-B3CA-4199-B1A6-9F516DD69829} (x)

HKLM_Toolbar|{CCC7A320-B3CA-4199-B1A6-9F516DD69829} (x)

HKLM_Toolbar|{99079a25-328f-4bd4-be04-00955acaa0a7} (x)

HKCU_ElevationPolicy\{8F8BAD52-D4D2-4669-9E8E-A7AAE8393056} - C:\Program Files\kikin\KikinBroker.exe (kikin)

HKCU_ElevationPolicy\{96EC0988-6545-4017-9D2A-01312FA6571F} - C:\Program Files\QuickTime\qttask.exe (Apple Inc.)

HKCU_ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} - C:\Users\RIAN\AppData\Local\Google\Chrome\Application\14.0.835.202\chrome_launcher.exe (x)

HKLM_ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2} - C:\Program Files\Orbitdownloader\orbitdm.exe (x)

HKLM_ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} - C:\Program Files\FileBulldog Toolbar\TbHelper2.exe (x)

HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)

HKLM_Extensions\{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - "?" (?)

BHO\{C41A1C0E-EA6C-11D4-B1B8-444553540007} - "GbIehObj Class" (C:\PROGRA~1\GbPlugin\gbiehAbn.dll)

BHO\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - "Google Dictionary Compression sdch" (C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll)

BHO\{E601996F-E400-41CA-804B-CD6373A7EEE2} - "kikin Plugin" (C:\Program Files\kikin\ie_kikin.dll)

 

========================================

 

C:\Program Files\Ad-Remover\Quarantine: 284 File(s)

C:\Program Files\Ad-Remover\Backup: 17 File(s)

 

C:\Ad-Report-CLEAN[1].txt - 07/11/2011 20:04:46 (1179 Byte(s))

C:\Ad-Report-CLEAN[2].txt - 07/11/2011 20:07:40 (635 Byte(s))

C:\Ad-Report-CLEAN[3].txt - 07/11/2011 20:09:29 (15926 Byte(s))

C:\Ad-Report-SCAN[1].txt - 07/11/2011 10:35:26 (18090 Byte(s))

 

End at: 20:10:36, 07/11/2011

 

============== E.O.F ==============

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

1.

*Execute o AD-Remover e clique [uninstall] > [Não] > [Close]

*Delete a pasta C:\Arquivos de programas\Ad-Remover

*Delete o arquivo C:\Ad-Report-CLEAN[1].txt

 

2.

*Delete o DDS e seus rtelatórios

 

3.

*Baixe o ATF Cleaner

*Execute-o e selecione: Select All

*Clique [Empty Selected]

*Feche o programa

 

4.

*Baixe o PureRa

*Extraia para uma pasta

*Execute-o, clique [Next], selecione a opção [X]Check All e clique [Clean]

*Ao finalizar, clique [Exit]

 

Informe como está o PC.

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

1.

*Execute o AD-Remover e clique [uninstall] > [Não] > [Close]

*Delete a pasta C:\Arquivos de programas\Ad-Remover

*Delete o arquivo C:\Ad-Report-CLEAN[1].txt

 

2.

*Delete o DDS e seus rtelatórios

 

3.

*Baixe o ATF Cleaner

*Execute-o e selecione: Select All

*Clique [Empty Selected]

*Feche o programa

 

4.

*Baixe o PureRa

*Extraia para uma pasta

*Execute-o, clique [Next], selecione a opção [X]Check All e clique [Clean]

*Ao finalizar, clique [Exit]

 

Informe como está o PC.

Boa noite, muito obrigado pela atenção!! Sinto lhe informar que continua lento , demorando quando liga , quando reinicia também, e acontece muito de dar este programa não esta respondendo. Grato.Um abraço

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

1.

*Delete o arquivo C:\PureRa.txt

 

2.

*Baixe e instale o MalwareBytes

*Aguarde a atualização e o programa será aberto automaticamente

*Na aba [Verificação], selecione [Verificação completa]

*Clique [Verificar] e selecione a partição onde o Windows está instalado

*Ao finalizar o scan, clique [sIM] > [OK] > [Ver Resultados] > [Remover Selecionados]

*Cole o relatório apresentado

 

Caso já tenhas o Malwarebytes instalado....

 

*Execute-o, clique [Atualização] > [baixar Atualizações]

*Na aba [Verificação], selecione Verificação completa

*Clique [Verificar] e selecione a partição onde o Windows está instalado

*Ao término, clique [sIM] > [OK] > [Ver Resultados] > [Remover Selecionados]

*Cole o relatório apresentado

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

1.

*Delete o arquivo C:\PureRa.txt

 

2.

*Baixe e instale o MalwareBytes

*Aguarde a atualização e o programa será aberto automaticamente

*Na aba [Verificação], selecione [Verificação completa]

*Clique [Verificar] e selecione a partição onde o Windows está instalado

*Ao finalizar o scan, clique [sIM] > [OK] > [Ver Resultados] > [Remover Selecionados]

*Cole o relatório apresentado

 

Caso já tenhas o Malwarebytes instalado....

 

*Execute-o, clique [Atualização] > [baixar Atualizações]

*Na aba [Verificação], selecione Verificação completa

*Clique [Verificar] e selecione a partição onde o Windows está instalado

*Ao término, clique [sIM] > [OK] > [Ver Resultados] > [Remover Selecionados]

*Cole o relatório apresentado

Boa noite , desculpe não ter respondido antes! Fiz e relatório abaixo!Grato pela atenção! Abraço!

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

 

Versão da Base de Dados: 8132

 

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.19154

 

10/11/2011 16:12:54

mbam-log-2011-11-10 (16-12-54).txt

 

Tipo de Verificação: Verificação Completa (C:\|)

Objetos escaneados: 351877

Tempo decorrido: 1 hora(s), 44 minuto(s), 6 segundo(s)

 

Processos de Memória Infectados: 0

Módulos de Memória Infectados: 0

Chaves de Registro Infectadas: 0

Valores de Registro Infectados: 0

Itens de Dados no Registro Infectados: 0

Pastas Infectadas: 0

Arquivos Infectados: 0

 

Processos de Memória Infectados:

(Não foram detectados ítens maliciosos)

 

Módulos de Memória Infectados:

(Não foram detectados ítens maliciosos)

 

Chaves de Registro Infectadas:

(Não foram detectados ítens maliciosos)

 

Valores de Registro Infectados:

(Não foram detectados ítens maliciosos)

 

Itens de Dados no Registro Infectados:

(Não foram detectados ítens maliciosos)

 

Pastas Infectadas:

(Não foram detectados ítens maliciosos)

 

Arquivos Infectados:

(Não foram detectados ítens maliciosos)

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

1.

*Baixe o AdwCleaner e salve-o no desktop

 

Obs. Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar: adminexec.png

 

*Execute-o e clique [supression]

*Cole o relatório apresentado

 

2.

*Baixe o Kaspersky Virus Removal Tool Versão 11 e salve-o no desktop

 

*Execute-o e clique no botão kvrt111.png

 

*Selecione: Meu computador

 

*Clique kvrt112.png

 

*Clique [start scanning]

 

*Durante o scan, janelas surgirão. Nas janelas como a abaixo, não faça nada.

 

kvrt3.png

 

*Caso encontre algo, selecione Apply to all objects e clique [skip]

 

 

kvrt1.png

 

kvrt2.png

 

 

*Ao término, clique kvrt113.png

 

 

*Clique Detected threats > [save] e salve no desktop como log.txt

 

*Cole o relatório log.txt salvo no desktop

 

3.

*Dê uma lida nestes links:

 

http://www.travou.com.br/site/2008/04/windows-vista-lento-como-deixa-lo-mais-rapido/

http://windows.microsoft.com/pt-BR/windows-vista/Optimize-Windows-Vista-for-better-performance

http://www.superdicas.net/windows-vista/17-dicas-para-deixar-o-windows-vista-mais-rapido.html

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

1.

*Baixe o AdwCleaner e salve-o no desktop

 

Obs. Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar: adminexec.png

 

*Execute-o e clique [supression]

*Cole o relatório apresentado

 

2.

*Baixe o Kaspersky Virus Removal Tool Versão 11 e salve-o no desktop

 

*Execute-o e clique no botão kvrt111.png

 

*Selecione: Meu computador

 

*Clique kvrt112.png

 

*Clique [start scanning]

 

*Durante o scan, janelas surgirão. Nas janelas como a abaixo, não faça nada.

 

kvrt3.png

 

*Caso encontre algo, selecione Apply to all objects e clique [skip]

 

 

kvrt1.png

 

kvrt2.png

 

 

*Ao término, clique kvrt113.png

 

 

*Clique Detected threats > [save] e salve no desktop como log.txt

 

*Cole o relatório log.txt salvo no desktop

 

3.

*Dê uma lida nestes links:

 

http://www.travou.com.br/site/2008/04/windows-vista-lento-como-deixa-lo-mais-rapido/

http://windows.microsoft.com/pt-BR/windows-vista/Optimize-Windows-Vista-for-better-performance

http://www.superdicas.net/windows-vista/17-dicas-para-deixar-o-windows-vista-mais-rapido.html

Olá boa noite, não foi possivel fz o Adwcleaner pois dá erro line 4544 mesmo como administrador. Fiz o outro , log abaixo,dei uma lida nos links , a maioria dos itens já conhecia e já fiz, muito obrigado pelas dicas!! Grato!

Status: Deleted (events: 1)

11/11/2011 16:40:44 Deleted Trojan program Trojan-Downloader.WMA.FakeDRM.bb C:\Documents and Settings\RIAN\Desktop\My Shared Folder\chora me liga emplora pelo meu amor (good).wma High

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Realmente, não há relação com malwares.

 

Informe se o PC melhorou. Caso contrário, estas lentidões costumam ser comuns no Vista.

 

1.

*Execute o AdwCleaner e clique [Désinstallation] > [sim]

 

2.

*Delete o arquivo setup do Kaspersky e o relatório salvo no desktop

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite,o pc melhorou sim, retirei alguns programas , li alguns arquivos sobre o vista e acho que agora ele está normal!!! Gostaria de agradecer muito a sua ajuda e sua dedicação!! Um bom final de semana p/ ti!! Abraços! :joia:

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

PROBLEMA RESOLVIDO

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Crie uma conta ou entre para comentar

Você precisar ser um membro para fazer um comentário

Criar uma conta

Crie uma nova conta em nossa comunidade. É fácil!


Crie uma nova conta

Entrar

Já tem uma conta? Faça o login.


Entrar Agora
Entre para seguir isso  
Seguidores 0

  • Próximos Eventos