[Resolvido] &nbspPC muito lento e travando

[altasena 0]

Olá este pc era muito bom,tem travado muito e está muito lento!!!Desde já obrigado!!

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 20:30:44, on 05/11/2011

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.19154)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\RtHDVCpl.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\AVG\AVG2012\avgtray.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\QuickTime\QTTask.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Ahead\Nero PhotoShow\data\Xtras\mssysmgr.exe

C:\Program Files\Ares\Ares.exe

C:\Users\RIAN\AppData\Local\sswat_hwrc_win_live\mattelhwrc_launcher.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Windows\system32\conime.exe

C:\Windows\system32\wuauclt.exe

C:\Users\RIAN\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\RIAN\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\RIAN\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\RIAN\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\RIAN\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\RIAN\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\RIAN\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\RIAN\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\rundll32.exe

C:\Users\RIAN\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\HiJackThis (2).exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.globo.com.br/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll

R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI9130~1\Datamngr\ToolBar\searchqudtx.dll (file missing)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\PROGRA~1\GbPlugin\gbiehAbn.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: kikin Plugin - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files\kikin\ie_kikin.dll

O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI9130~1\Datamngr\ToolBar\searchqudtx.dll (file missing)

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [skytel] Skytel.exe

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"

O4 - HKLM\..\Run: [RestartNeroSetup] "C:\Users\RIAN\AppData\Local\Temp\Nero Web\SetupXu.exe" MODE="update" STARTMODE="2" USERSEL="3" FAMILYNAME="Nero 7" RUNSETUPXU="1" UPGRADE="1"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart

O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe

O4 - HKCU\..\Run: [Google Update] "C:\Users\RIAN\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h

O4 - HKCU\..\Run: [Mattel HWRC Launcher] C:\Users\RIAN\AppData\Local\sswat_hwrc_win_live\mattelhwrc_launcher.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [Akamai NetSession Interface] C:\Users\RIAN\AppData\Local\Akamai\netsession_win.exe

O4 - HKUS\S-1-5-18\..\RunOnce: [AutoLaunch] C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe monthly (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [AutoLaunch] C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe monthly (User 'Default user')

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll

O9 - Extra 'Tools' menuitem: My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll

O20 - Winlogon Notify: GbPluginAbn - C:\PROGRA~1\GbPlugin\gbiehAbn.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

O23 - Service: Watchdog do AVG (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe

O23 - Service: Bandoo Coordinator - Bandoo Media Inc. - C:\Program Files\Bandoo\Bandoo.exe

O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe

O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~1\GbPlugin\GbpSv.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe

O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe

 

--

End of file - 10549 bytes

[wings 22]

Olá altasena

 

 

1.

*Baixe o ERUNT e salve-o no desktop

*Crie uma pasta em C:\ chamada ERUNT e extraia para ela

*Execute o arquivo C:\ERUNT\ERUNT.exe

*Clique [OK] > [OK] > [sim] > [OK]

 

2.

*Baixe o AD-Remover e salve-o no desktop

*Clique com o botão direito do mouse no AD-R e selecione "Executar como administrador", clique [Clean] > [sim] > [OK] > [sim]. O PC poderá ser reiniciado para a completa limpeza.

*Cole o relatório C:\Ad-Report-CLEAN[1].txt

 

3.

*Baixe o DDS e salve-o no desktop

*Execute-o e salve os relatórios no desktop (DDS.txt e Attach.txt)

*Cole apenas o relatório DDS.txt

[altasena 0]

Bom dia amigo, fiz os procedimentos, log postado!! Grato

 

======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======

 

Updated by TeamXscript on 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

website: http://www.teamxscript.org

 

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Launched at 10:35:17 on 07/11/2011, Normal boot

 

Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86)

RIAN@RIAN-PC (Gigabyte Technology Co., Ltd. 945GCM-S2C)

 

============== SEARCH ==============

 

Service: "Bandoo Coordinator" Service found

 

File found: C:\Windows\system32\Tasks\Scheduled Update for Ask Toolbar

Folder found: C:\Users\RIAN\AppData\Roaming\Mozilla\FireFox\Profiles\c46lnu1g.default\extensions\toolbar@ask.com

File found: C:\Users\RIAN\AppData\Roaming\Mozilla\FireFox\Profiles\c46lnu1g.default\searchplugins\askcom.xml

Folder found: C:\Users\RIAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ask Search Assistant

Folder found: C:\Program Files\Ask Search Assistant

Folder found: C:\Program Files\Ask.com

Folder found: C:\Users\RIAN\AppData\LocalLow\AskToolbar

Folder found: C:\Users\RIAN\AppData\Roaming\Bandoo

Folder found: C:\ProgramData\Bandoo

Folder found: C:\Users\RIAN\AppData\LocalLow\Bandoo

Folder found: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandoo

Folder found: C:\Program Files\Bandoo

Folder found: C:\Users\RIAN\AppData\LocalLow\Toolbar4

File found: C:\Users\RIAN\Downloads\BandooV7.exe

 

Key found: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key found: HKLM\Software\Classes\CLSID\{074E4EFE-81BB-4EA4-866E-082CB0E01070}

Key found: HKLM\Software\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}

Key found: HKLM\Software\Classes\CLSID\{0CE5B352-9D9C-41E1-9551-FCCD92820217}

Key found: HKLM\Software\Classes\CLSID\{167B2B5F-2757-434A-BBDA-2FDB2003F14F}

Key found: HKLM\Software\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}

Key found: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}

Key found: HKLM\Software\Classes\CLSID\{2E9A60EA-5554-49C3-BC9D-D0404DBACC62}

Key found: HKLM\Software\Classes\CLSID\{3E63C9BC-DD51-4E83-ABA6-B350EAD28531}

Key found: HKLM\Software\Classes\CLSID\{44CFFEF4-E7E1-44BD-B1F5-29F828ADA1B8}

Key found: HKLM\Software\Classes\CLSID\{872F3C0B-4462-424c-BB9F-74C6899B9F92}

Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424c-BB9F-74C6899B9F92}

Key found: HKLM\Software\Classes\AppID\{9C123289-82E1-4da7-A3C2-B8D28AAD114B}

Key found: HKLM\Software\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}

Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}

Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7}

Key found: HKLM\Software\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}

Key found: HKLM\Software\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}

Key found: HKLM\Software\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}

Key found: HKLM\Software\Classes\CLSID\{CE1CB632-6817-47b3-8587-D05AF75D6D5A}

Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47b3-8587-D05AF75D6D5A}

Key found: HKLM\Software\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}

Key found: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key found: HKLM\Software\Classes\CLSID\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}

Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}

Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}

Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}

Key found: HKLM\Software\Classes\CLSID\{EF2B6317-C367-401B-83B8-80302D6588A7}

Key found: HKLM\Software\Classes\CLSID\{F5379B4B-24D8-432A-9A96-BE75EE5117DB}

Key found: HKLM\Software\Classes\CLSID\{F7FB2BC4-6C27-4EAC-B5E2-037B71FDE101}

Key found: HKLM\Software\Classes\CLSID\{FD53FE35-4368-4B71-89D6-F29F3DB29DF1}

Key found: HKLM\Software\Classes\Interface\{115CCBAE-27B0-47C3-BA42-BAB708424393}

Key found: HKLM\Software\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}

Key found: HKLM\Software\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}

Key found: HKLM\Software\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}

Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}

Key found: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

Key found: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

Key found: HKLM\Software\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}

Key found: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

Key found: HKLM\Software\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}

Key found: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}

Key found: HKLM\Software\Classes\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690}

Key found: HKLM\Software\Classes\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA}

Key found: HKLM\Software\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}

Key found: HKLM\Software\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}

Key found: HKLM\Software\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2}

Key found: HKLM\Software\Classes\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}

Key found: HKLM\Software\Classes\BandooCoordinator.BandooCoordinator

Key found: HKLM\Software\Classes\BandooCoordinator.BandooCoordinator.1

Key found: HKLM\Software\Classes\BandooCoordinator.CoordinatorUI

Key found: HKLM\Software\Classes\BandooCoordinator.CoordinatorUI.1

Key found: HKLM\Software\Classes\BandooCoordinator.HTTPAsyncResult

Key found: HKLM\Software\Classes\BandooCoordinator.HTTPAsyncResult.1

Key found: HKLM\Software\Classes\BandooCoordinator.PlugInNotifier

Key found: HKLM\Software\Classes\BandooCoordinator.PlugInNotifier.1

Key found: HKLM\Software\Classes\BandooCore.BandooCore

Key found: HKLM\Software\Classes\BandooCore.BandooCore.1

Key found: HKLM\Software\Classes\BandooCore.ResourcesMngr

Key found: HKLM\Software\Classes\BandooCore.ResourcesMngr.1

Key found: HKLM\Software\Classes\BandooCore.SettingsMngr

Key found: HKLM\Software\Classes\BandooCore.SettingsMngr.1

Key found: HKLM\Software\Classes\BandooCore.StatisticMngr

Key found: HKLM\Software\Classes\BandooCore.StatisticMngr.1

Key found: HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin

Key found: HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin.1

Key found: HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl

Key found: HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl.1

Key found: HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl

Key found: HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl.1

Key found: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd

Key found: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1

Key found: HKLM\Software\Classes\AppID\BandooCoordinator.EXE

Key found: HKLM\Software\Classes\AppID\BandooCore.EXE

Key found: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL

Key found: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}

Key found: HKLM\Software\bandoo

Key found: HKCU\Software\Ask.com

Key found: HKCU\Software\AskSearchAsst

Key found: HKCU\Software\DataMngr

Key found: HKCU\Software\AppDataLow\AskToolbarInfo

Key found: HKCU\Software\AppDataLow\Software\AskToolbar

Key found: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}

Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2}

Key found: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}

Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}

Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}

Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}

Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}

Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask.com Search Assistant

Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}

Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ask.com Search Assistant

Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Bandoo

Key found: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar

 

Value found: HKCU\Software\Mozilla\Firefox\Extensions|ffox@bandoo.com

Value found: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC}

Value found: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}

Value found: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}

 

 

============== ADDITIONNAL SCAN ==============

 

**** Mozilla Firefox Version [7.0.1 (pt-BR)] ****

 

Plugins\npganymedenet.dll ( )

HKCU_MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0 (x)

HKCU_MozillaPlugins\mattelinc.com/HotWheelsLoader (x)

Searchplugins\avg_igeared.xml (hxxp://search.avg.com/route/?d=4af21366&v=7.008.031.001&i=23&tp=chrome&q={searchTerms}&lng=pt-BR&iy=&ychte=us/)

Searchplugins\buscape.xml (hxxp://busca.buscape.com.br/cprocura)

Searchplugins\mercadolivre.xml (hxxp://pmstrk.mercadolivre.com.br/jm/PmsTrk)

Searchplugins\SearchResults.xml ( hxxp://dts.search-results.com/sr?src=ffb&appid=120&systemid=101&q={searchTerms}/)

Searchplugins\wikipedia-br.xml (hxxp://pt.wikipedia.org/wiki/Especial:Busca)

Searchplugins\yahoo-br.xml (hxxp://br.search.yahoo.com/search)

Components\browsercomps.dll (Mozilla Foundation)

HKLM_Extensions|{1E73965B-8B48-48be-9C8D-68B920ABC1C4} - C:\Program Files\AVG\AVG2012\Firefox4\

HKCU_Extensions|ffox@bandoo.com - C:\Users\RIAN\AppData\Roaming\Mozilla\Firefox\Profiles\on68i9jd.default\extensions\ffox@bandoo.com

 

-- C:\Users\RIAN\AppData\Roaming\Mozilla\FireFox\Profiles\c46lnu1g.default --

Extensions\toolbar@ask.com (VDownloader Toolbar)

Searchplugins\askcom.xml (?)

 

========================================

 

**** Google Chrome Version [15.0.874.106] ****

 

Extension\dloejdefkancmfajekobpfoacecnhpgp (C:\Program Files\Bandoo\ChromePackage.crx) (?)

Extension\jmfkcklnlgedgbglfkkgedjfmejoahla (C:\Program Files\AVG\AVG2012\Chrome\safesearch.crx) (?)

Extension\lpkbfdhlbdkjohbhnhabfecpmcdlcmff (C:\Users\RIAN\AppData\Roaming\kikin\kikin_installer_1.23.14_counterstrike2d_win.crx) (?)

 

-- C:\Users\RIAN\AppData\Local\Google\Chrome\User Data\Default --

Preferences - default_search_provider: "Google" (Enabled: true) (?)

Preferences - homepage: hxxp://google/

Preferences - homepage_is_newtabpage: true

Plugin - Remoting Viewer (Enabled: true) (internal-remoting-viewer) (x)

Plugin - Native Client (Enabled: true) (C:\Users\RIAN\AppData\Local\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll)

Plugin - AVG Internet Security (Enabled: true) (C:\Users\RIAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll) (x)

Plugin - Windows Live\u0099 Photo Gallery (Enabled: true) (C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll)

Plugin - Unity Player (Enabled: true) (C:\Users\RIAN\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll)

Plugin - HotWheels Loader (Enabled: true) (C:\Users\RIAN\AppData\Local\sswat_hwrc_win_live\npHotWheelsLoader.dll)

Plugin - "Java" (Enabled: true)

Plugin - "Silverlight" (Enabled: true)

Plugin - "Remoting Viewer" (Enabled: true)

Plugin - "Native Client" (Enabled: true)

Plugin - "AVG Internet Security" (Enabled: true)

Plugin - "GanymedeNet.Detector" (Enabled: true)

Plugin - "Windows Live\u0099 Photo Gallery" (Enabled: true)

Plugin - "Unity Player" (Enabled: true)

Plugin - "HotWheels Loader" (Enabled: true)

 

========================================

 

**** Internet Explorer Version [8.0.6001.19154] ****

 

HKCU_Main|Start Page - hxxp://www.globo.com.br/

HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157

HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKCU_URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC} - "UrlSearchHook Class" (C:\Program Files\Ask.com\GenericAskToolbar.dll)

HKCU_URLSearchHooks|*{CFBFAE00-17A6-11D0-99CB-00C04FD64497} (x)

HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "Ask Search" (hxxp://websearch.ask.com/redirect?client=ie&tb=VD&o=14782&src=crm&q={searchTerms...)

HKCU_SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2} - "Ask" (hxxp://www.plusnetwork.com/s/?q={searchTerms}&iesrc={referrer:source?})

HKCU_SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e} - "Search" (hxxp://www.bigseekpro.com/search/browser/aresdestiny/{2D1B45AE-DD6F-4047-BB1D-66...)

HKCU_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2101} - "?" (?)

HKCU_SearchScopes\{AC129BF9-68BF-4bc4-A1DC-ECB62712FF99} - "kikin Search" (hxxp://search.kikin.com/search/?q={searchTerms})

HKCU_SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - "AVG Secure Search" (hxxp://search.avg.com/route/?d=4af21366&v=6.10.6.4&i=23&tp=chrome&q={searchTerms...)

HKLM_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2101} - "Search Results" (hxxp://dts.search-results.com/sr?src=ieb&appid=120&systemid=101&q={searchTerms})

HKCU_Toolbar\WebBrowser|{C55BBCD6-41AD-48AD-9953-3609C48EACC7} (x)

HKCU_Toolbar\WebBrowser|{CCC7A320-B3CA-4199-B1A6-9F516DD69829} (x)

HKCU_Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} (C:\Program Files\Ask.com\GenericAskToolbar.dll)

HKLM_Toolbar|{CCC7A320-B3CA-4199-B1A6-9F516DD69829} (x)

HKLM_Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440} (C:\Program Files\Ask.com\GenericAskToolbar.dll)

HKLM_Toolbar|{99079a25-328f-4bd4-be04-00955acaa0a7} (C:\PROGRA~1\WI9130~1\Datamngr\ToolBar\searchqudtx.dll) (x)

HKCU_ElevationPolicy\{8F8BAD52-D4D2-4669-9E8E-A7AAE8393056} - C:\Program Files\kikin\KikinBroker.exe (kikin)

HKCU_ElevationPolicy\{96EC0988-6545-4017-9D2A-01312FA6571F} - C:\Program Files\QuickTime\qttask.exe (Apple Inc.)

HKCU_ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} - C:\Program Files\Ask.com\SaUpdate.exe (?)

HKCU_ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} - C:\Users\RIAN\AppData\Local\Google\Chrome\Application\14.0.835.202\chrome_launcher.exe (x)

HKLM_ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC} - C:\Program Files\Bandoo\BndCore.exe (Bandoo Media Inc.)

HKLM_ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2} - C:\Program Files\Orbitdownloader\orbitdm.exe (x)

HKLM_ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} - C:\Program Files\FileBulldog Toolbar\TbHelper2.exe (x)

HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)

HKLM_ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12} - C:\Program Files\Bandoo\ExtensionsManager.exe (Bandoo Media Inc.)

HKLM_ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A} - C:\Program Files\Bandoo\Bandoo.exe (Bandoo Media Inc.)

HKLM_ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} - C:\Program Files\Ask.com\SaUpdate.exe (?)

HKLM_ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080} - C:\Program Files\Bandoo\BandooUI.exe (Bandoo Media Inc.)

HKLM_Extensions\{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - "?" (?)

BHO\{99079a25-328f-4bd4-be04-00955acaa0a7} - "Searchqu Toolbar" (C:\PROGRA~1\WI9130~1\Datamngr\ToolBar\searchqudtx.dll) (x)

BHO\{C41A1C0E-EA6C-11D4-B1B8-444553540007} - "GbIehObj Class" (C:\PROGRA~1\GbPlugin\gbiehAbn.dll)

BHO\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - "Google Dictionary Compression sdch" (C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll)

BHO\{D4027C7F-154A-4066-A1AD-4243D8127440} - "?" (C:\Program Files\Ask.com\GenericAskToolbar.dll)

BHO\{E601996F-E400-41CA-804B-CD6373A7EEE2} - "kikin Plugin" (C:\Program Files\kikin\ie_kikin.dll)

BHO\{EB5CEE80-030A-4ED8-8E20-454E9C68380F} - "BandooIEPlugin Class" (C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll)

 

========================================

 

C:\Program Files\Ad-Remover\Quarantine: 0 File(s)

C:\Program Files\Ad-Remover\Backup: 0 File(s)

 

C:\Ad-Report-SCAN[1].txt - 07/11/2011 10:35:26 (17951 Byte(s))

 

End at: 10:36:16, 07/11/2011

 

============== E.O.F ==============

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.19154 BrowserJavaVersion: 1.6.0_22

Run by RIAN at 0:42:58 on 2011-11-07

Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.55.1046.18.2047.1080 [GMT -2:00]

.

AV: Lavasoft Ad-Watch Live! Anti-vírus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}

.

============== Running Processes ===============

.

C:\PROGRA~1\AVG\AVG2012\avgrsx.exe

C:\Program Files\AVG\AVG2012\avgcsrvx.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\PROGRA~1\GbPlugin\GbpSv.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\RtHDVCpl.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\AVG\AVG2012\avgtray.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\QuickTime\QTTask.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Ahead\Nero PhotoShow\data\Xtras\mssysmgr.exe

C:\Program Files\Ares\Ares.exe

C:\Users\RIAN\AppData\Local\sswat_hwrc_win_live\mattelhwrc_launcher.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\System32\svchost.exe -k Akamai

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\AVG\AVG2012\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\FsUsbExService.Exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Bandoo\Bandoo.exe

C:\Program Files\AVG\AVG2012\avgnsx.exe

C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Bandoo\BndCore.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\conime.exe

.

============== Pseudo HJT Report ===============

.

uSearch Page =

uStart Page = hxxp://www.globo.com.br/

uSearch Bar =

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll

uURLSearchHooks: H - No File

mURLSearchHooks: H - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi9130~1\datamngr\toolbar\searchqudtx.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll

BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540007} - c:\progra~1\gbplugin\gbiehAbn.dll

BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll

BHO: : {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: kikin Plugin: {e601996f-e400-41ca-804b-cd6373a7eee2} - c:\program files\kikin\ie_kikin.dll

BHO: BandooIEPlugin Class: {eb5cee80-030a-4ed8-8e20-454e9c68380f} - c:\program files\bandoo\plugins\ie\ieplugin.dll

TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: N/A: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll

TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi9130~1\datamngr\toolbar\searchqudtx.dll

TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File

TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

uRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\MMonitor.exe" -NoStart

uRun: [PhotoShow Deluxe Media Manager] c:\progra~1\ahead\neroph~1\data\xtras\mssysmgr.exe

uRun: [Google Update] "c:\users\rian\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [ares] "c:\program files\ares\Ares.exe" -h

uRun: [Mattel HWRC Launcher] c:\users\rian\appdata\local\sswat_hwrc_win_live\mattelhwrc_launcher.exe

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

uRun: [Akamai NetSession Interface] c:\users\rian\appdata\local\akamai\netsession_win.exe

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [skytel] Skytel.exe

mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"

mRun: [NPSStartup]

mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"

mRun: [RestartNeroSetup] "c:\users\rian\appdata\local\temp\nero web\SetupXu.exe" MODE="update" STARTMODE="2" USERSEL="3" FAMILYNAME="Nero 7" RUNSETUPXU="1" UPGRADE="1"

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [NWEReboot]

mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

mRunOnce: [*WerKernelReporting] %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq

mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

dRunOnce: [AutoLaunch] c:\program files\lavasoft\ad-aware\AutoLaunch.exe monthly

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xportar para o Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files\kikin\ie_kikin.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

TCP: DhcpNameServer = 200.222.122.132 192.168.0.1

TCP: Interfaces\{EE8527B7-7F4B-4A6A-8133-2F6CA50E5D32} : DhcpNameServer = 200.222.122.132 192.168.0.1

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

Notify: GbPluginAbn - c:\progra~1\gbplugin\gbiehAbn.dll

AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll

SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399007} - c:\progra~1\gbplugin\gbiehAbn.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\rian\appdata\roaming\mozilla\firefox\profiles\on68i9jd.default\

FF - prefs.js: browser.search.selectedEngine - AVG Secure Search

FF - prefs.js: browser.startup.homepage - about:home

FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4af21366&v=7.008.031.001&i=23&tp=ab&iy=&ychte=us&lng=pt-BR&q=

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npganymedenet.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\programdata\zylom\zylomgamesplayer\npzylomgamesplayer.dll

FF - plugin: c:\users\rian\appdata\local\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\users\rian\appdata\local\sswat_hwrc_win_live\npHotWheelsLoader.dll

FF - plugin: c:\users\rian\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll

FF - plugin: c:\users\rian\appdata\roaming\mozilla\plugins\npgoogletalk.dll

FF - plugin: c:\users\rian\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592]

R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\GbpKm.sys [2009-10-14 31080]

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2011-8-11 64512]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608]

R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]

R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2009-12-11 21504]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]

R2 avgwd;Watchdog do AVG;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]

R2 FontCache;Serviço de Cache de Fontes do Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2009-12-11 21504]

R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-5-11 233472]

R2 GbpSv;Gbp Service;c:\progra~1\gbplugin\GbpSv.exe [2009-11-19 54376]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-12-3 2152152]

R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-6-25 35088]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134736]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720]

R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-5-11 36608]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\lavalys\everest ultimate edition\kerneld.wnt [2009-6-28 26224]

S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2010-12-3 15232]

S3 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2010-5-4 503080]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2011-11-07 02:42:35 -------- d-----w- c:\users\rian\appdata\local\{754B7438-F654-41AA-AB87-8A8CD62CEE98}

2011-11-07 02:42:19 -------- d-----w- c:\program files\Ad-Remover

2011-11-07 02:42:11 -------- d-----w- c:\users\rian\appdata\local\{3D9EC1CB-D94F-4709-B85C-A0C5D7E36F1C}

2011-11-07 02:33:08 -------- d-----w- C:\erunt

2011-11-07 01:10:13 -------- d-----w- c:\users\rian\appdata\local\{66C511EB-D1AB-4276-B9BF-ADE2657B1149}

2011-11-07 01:09:52 -------- d-----w- c:\users\rian\appdata\local\{94D3DDAD-F6A9-4107-A6EA-99D0B8BFC8ED}

2011-11-06 00:20:07 -------- d-----w- c:\users\rian\appdata\local\{B8611157-348A-4295-A4DA-133D4D31814C}

2011-11-06 00:19:56 -------- d-----w- c:\users\rian\appdata\local\{B9F27BAD-5FB6-434E-A335-4BE5B92B4698}

2011-11-05 22:56:27 -------- d-----w- c:\users\rian\appdata\roaming\Malwarebytes

2011-11-05 22:56:19 -------- d-----w- c:\programdata\Malwarebytes

2011-11-05 22:56:16 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-11-05 22:56:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-11-05 20:10:15 -------- d-----w- c:\users\rian\appdata\local\{D179B705-DE67-4673-BF85-3C7CEEAF209E}

2011-11-05 00:28:31 -------- d-----w- c:\users\rian\appdata\local\{DA12FA44-30AE-42A9-A40E-595F7E46185B}

2011-11-05 00:28:00 -------- d-----w- c:\users\rian\appdata\local\{DF29EBB7-0A21-4119-8124-B3EB0986DD8D}

2011-11-04 01:02:00 -------- d-----w- c:\users\rian\appdata\local\{B1047CB4-10E9-4041-86BF-A3DE453F2CAD}

2011-11-04 01:01:36 -------- d-----w- c:\users\rian\appdata\local\{AED9CB92-3152-4609-9318-E9275DB9971D}

2011-11-02 18:42:28 -------- d-----w- c:\program files\common files\Akamai

2011-11-02 18:07:35 -------- d-----w- c:\users\rian\appdata\local\{293ED0DC-89E3-445D-BF33-36209DC9B450}

2011-11-02 18:07:11 -------- d-----w- c:\users\rian\appdata\local\{D7B58CC5-369C-4364-8126-FAF9E737F011}

2011-11-01 16:15:25 -------- d-----w- c:\users\rian\appdata\roaming\AVG2012

2011-11-01 16:14:48 -------- d-----w- c:\programdata\AVG2012

2011-11-01 14:37:08 -------- d-----w- c:\users\rian\appdata\local\{5B214084-F767-44A0-9E03-C1221A571A5B}

2011-11-01 14:36:46 -------- d-----w- c:\users\rian\appdata\local\{70B984CA-E69D-4B35-B75E-0FDD49DE7597}

2011-10-31 15:07:23 -------- d-----w- c:\users\rian\appdata\local\{B2C462F0-C707-413F-9A0E-311EABF30C48}

2011-10-29 22:21:53 -------- d-----w- c:\users\rian\appdata\local\{32D8A3CD-E9EF-4EF6-9D56-179B2FA65222}

2011-10-29 22:21:22 -------- d-----w- c:\users\rian\appdata\local\{77D970C3-7211-4388-B160-55FC0B3076A9}

2011-10-28 12:11:06 6144 ----a-w- c:\program files\internet explorer\iecompat.dll

2011-10-28 11:57:31 -------- d-----w- c:\users\rian\appdata\local\{7FB52253-DA6B-4CBF-BDDE-B4317ADA398C}

2011-10-28 11:57:13 -------- d-----w- c:\users\rian\appdata\local\{24BCA4B3-ECCF-438B-B78E-C4A8843D1E12}

2011-10-26 22:53:56 -------- d-----w- c:\users\rian\appdata\local\{BA6AD9E7-4841-4444-835D-E8EAC786CDD3}

2011-10-26 22:53:35 -------- d-----w- c:\users\rian\appdata\local\{09377925-1584-4E64-AF1A-25411A1B90EF}

2011-10-25 01:46:44 -------- d-----w- c:\users\rian\appdata\local\{79A02548-930B-4AF8-B979-D18486AEE448}

2011-10-25 01:46:21 -------- d-----w- c:\users\rian\appdata\local\{8C186507-8949-40AC-941D-2C8FA7FFF422}

2011-10-23 20:25:48 -------- d-----w- c:\users\rian\appdata\local\{581C6359-AE9E-4ECA-B84B-D9FC89DBF3EE}

2011-10-23 20:25:28 -------- d-----w- c:\users\rian\appdata\local\{1F25E8CE-038D-43C8-B8A3-C4568BE32AF8}

2011-10-21 23:09:28 -------- d-----w- c:\users\rian\appdata\local\{20019D68-8ADF-4373-9A6A-DE895BB68325}

2011-10-21 23:09:13 -------- d-----w- c:\users\rian\appdata\local\{489771E7-3E4E-4ED1-8BA7-9FBF8591DB09}

2011-10-20 15:48:23 -------- d-----w- c:\users\rian\appdata\local\{230F890A-92C5-47DE-AFB3-152E84D17702}

2011-10-20 15:47:58 -------- d-----w- c:\users\rian\appdata\local\{6AA23029-4679-4C9A-91C6-BF8277876396}

2011-10-18 16:32:44 -------- d-----w- c:\users\rian\appdata\local\{CAA01C1F-5C2B-42A1-82CB-8F4A292531FF}

2011-10-18 16:32:17 -------- d-----w- c:\users\rian\appdata\local\{6FC04C1A-FBBE-4FA1-ADDA-2CF88C946030}

2011-10-17 13:01:01 -------- d-----w- c:\users\rian\appdata\local\{C9256A80-421B-4681-975E-BA6E8BFF5273}

2011-10-17 13:00:46 -------- d-----w- c:\users\rian\appdata\local\{491D29B9-7FFC-469C-B5C7-17CF67D8E322}

2011-10-17 00:44:15 -------- d-----w- c:\users\rian\appdata\local\{D6A067D7-8FFE-4F1C-A5E3-71A13E2FAC11}

2011-10-17 00:43:59 -------- d-----w- c:\users\rian\appdata\local\{8DBABE9A-54D9-43E4-A10A-CDF4D20ED996}

2011-10-14 19:49:46 238080 ----a-w- c:\windows\system32\oleacc.dll

2011-10-14 19:49:45 563712 ----a-w- c:\windows\system32\oleaut32.dll

2011-10-14 19:49:45 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll

2011-10-14 19:49:45 4096 ----a-w- c:\windows\system32\oleaccrc.dll

2011-10-14 18:39:31 -------- d-----w- c:\users\rian\appdata\local\{046F9F87-5A16-4D1E-8AF9-7547EE4D0218}

2011-10-14 18:39:18 -------- d-----w- c:\users\rian\appdata\local\{967C899C-4C26-4BFC-983C-FA3A55A7A58E}

2011-10-14 01:55:04 -------- d-----w- C:\9a337c7ee329ee53eaada9

2011-10-14 01:53:53 293376 ----a-w- c:\windows\system32\psisdecd.dll

2011-10-14 01:53:52 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax

2011-10-14 01:53:52 217088 ----a-w- c:\windows\system32\psisrndr.ax

2011-10-14 01:53:51 57856 ----a-w- c:\windows\system32\MSDvbNP.ax

2011-10-14 01:53:42 2043392 ----a-w- c:\windows\system32\win32k.sys

2011-10-14 01:53:34 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat

2011-10-14 01:51:59 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2011-10-14 01:44:58 -------- d-----w- c:\users\rian\appdata\local\{78312E1C-D0E0-47C2-83D5-48825620600F}

2011-10-14 01:44:39 -------- d-----w- c:\users\rian\appdata\local\{4ED70625-F3EB-4313-BFEF-AE04E16F223A}

2011-10-12 16:47:21 -------- d-----w- c:\users\rian\appdata\local\{1EF483A8-137D-4FB4-BF23-93EA25BDD7CB}

2011-10-12 16:47:05 -------- d-----w- c:\users\rian\appdata\local\{C7397A57-0B3C-4FF2-B63A-A535E01AC42A}

2011-10-11 14:43:37 -------- d-----w- c:\users\rian\appdata\local\{5105E559-EBDF-4C60-9FED-4F795B2DF4E2}

2011-10-11 14:39:57 -------- d-----w- c:\users\rian\appdata\local\{05102829-09CB-4C61-A9B4-6DF29FF52B5C}

2011-10-10 16:28:05 -------- d-----w- c:\users\rian\appdata\local\{E9DEDB25-FB92-4DD9-83FE-58E5FD86BB1E}

2011-10-10 16:27:40 -------- d-----w- c:\users\rian\appdata\local\{697537BE-BE2F-47CF-B694-C371AA39CAC2}

2011-10-09 16:43:28 -------- d-----w- c:\users\rian\appdata\local\{3CB04C2B-76DA-4614-A26C-12F608A6CBE0}

2011-10-09 16:43:09 -------- d-----w- c:\users\rian\appdata\local\{BC84FD5B-3F6B-4298-B416-07749A2D2B52}

2011-10-08 19:45:25 -------- d-----w- c:\users\rian\appdata\local\{38CB8F78-9B58-41F6-94D7-9679701E23E5}

2011-10-08 19:45:00 -------- d-----w- c:\users\rian\appdata\local\{8F25F06B-3530-47F1-9566-F89512B52CBE}

.

==================== Find3M ====================

.

2011-10-07 08:23:48 230608 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2011-10-04 08:21:16 16720 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys

2011-10-02 23:52:10 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-09-30 23:06:24 916480 ----a-w- c:\windows\system32\wininet.dll

2011-09-30 23:02:06 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-09-30 23:01:34 71680 ----a-w- c:\windows\system32\iesetup.dll

2011-09-30 23:01:34 109056 ----a-w- c:\windows\system32\iesysprep.dll

2011-09-30 22:07:25 385024 ----a-w- c:\windows\system32\html.iec

2011-09-30 21:29:54 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2011-09-30 21:28:36 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-09-13 08:30:10 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys

2011-08-11 23:41:55 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

2011-08-11 23:41:46 16432 ----a-w- c:\windows\system32\lsdelete.exe

2011-08-11 23:40:54 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys

2011-08-11 13:50:56 178597 ----a-w- C:\51942_bankerfix_30.exe

2010-02-10 19:18:42 2131336 ----a-w- c:\program files\common files\AskToolbarInstaller.exe

.

============= FINISH: 0:46:02,15 ===============

 

 

 

Olá altasena

 

 

1.

*Baixe o ERUNT e salve-o no desktop

*Crie uma pasta em C:\ chamada ERUNT e extraia para ela

*Execute o arquivo C:\ERUNT\ERUNT.exe

*Clique [OK] > [OK] > [sim] > [OK]

 

2.

*Baixe o AD-Remover e salve-o no desktop

*Clique com o botão direito do mouse no AD-R e selecione "Executar como administrador", clique [Clean] > [sim] > [OK] > [sim]. O PC poderá ser reiniciado para a completa limpeza.

*Cole o relatório C:\Ad-Report-CLEAN[1].txt

 

3.

*Baixe o DDS e salve-o no desktop

*Execute-o e salve os relatórios no desktop (DDS.txt e Attach.txt)

*Cole apenas o relatório DDS.txt

[wings 22]

Bom dia altasena

 

No programa AD-Remover, você clicou em [scan]...observe que solicitei para clicar em [Clean].

 

Por favor, execute novamente o AD-Remover e clique em [Clean] e cole o relatório conforme descrevi.

[altasena 0]

Bom dia altasena

 

No programa AD-Remover, você clicou em [scan]...observe que solicitei para clicar em [Clean].

 

Por favor, execute novamente o AD-Remover e clique em [Clean] e cole o relatório conforme descrevi.

 

 

Boa noite, desculpe-me!! Postado o novo log! Obrigado!! Abraços.

======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======

 

Updated by TeamXscript on 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

website: http://www.teamxscript.org

 

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 20:04:38 on 07/11/2011, Normal boot

 

Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86)

RIAN@RIAN-PC (Gigabyte Technology Co., Ltd. 945GCM-S2C)

 

============== ACTION(S) ==============

 

Service: "Bandoo Coordinator" Service stopped and deleted

 

File deleted: C:\Windows\system32\Tasks\Scheduled Update for Ask Toolbar

Folder deleted: C:\Users\RIAN\AppData\Roaming\Mozilla\FireFox\Profiles\c46lnu1g.default\extensions\toolbar@ask.com

File deleted: C:\Users\RIAN\AppData\Roaming\Mozilla\FireFox\Profiles\c46lnu1g.default\searchplugins\askcom.xml

Folder deleted: C:\Users\RIAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ask Search Assistant

Folder deleted: C:\Program Files\Ask Search Assistant

Folder deleted: C:\Program Files\Ask.com

Folder deleted: C:\Users\RIAN\AppData\LocalLow\AskToolbar

Folder deleted: C:\Users\RIAN\AppData\Roaming\Bandoo

Folder deleted: C:\ProgramData\Bandoo

 

Boa noite, desculpe-me!! Postado o novo log! Obrigado!! Abraços.

======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======

 

Updated by TeamXscript on 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

website: http://www.teamxscript.org

 

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 20:04:38 on 07/11/2011, Normal boot

 

Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86)

RIAN@RIAN-PC (Gigabyte Technology Co., Ltd. 945GCM-S2C)

 

============== ACTION(S) ==============

 

Service: "Bandoo Coordinator" Service stopped and deleted

 

File deleted: C:\Windows\system32\Tasks\Scheduled Update for Ask Toolbar

Folder deleted: C:\Users\RIAN\AppData\Roaming\Mozilla\FireFox\Profiles\c46lnu1g.default\extensions\toolbar@ask.com

File deleted: C:\Users\RIAN\AppData\Roaming\Mozilla\FireFox\Profiles\c46lnu1g.default\searchplugins\askcom.xml

Folder deleted: C:\Users\RIAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ask Search Assistant

Folder deleted: C:\Program Files\Ask Search Assistant

Folder deleted: C:\Program Files\Ask.com

Folder deleted: C:\Users\RIAN\AppData\LocalLow\AskToolbar

Folder deleted: C:\Users\RIAN\AppData\Roaming\Bandoo

Folder deleted: C:\ProgramData\Bandoo

Olá resolvi fazer novamente achei o log acima pequeno, talvez porque travou várias vezes. Fiz novamente LOg abaixo!! Grato!

======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======

 

Updated by TeamXscript on 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

website: http://www.teamxscript.org

 

C:\Program Files\Ad-Remover\main.exe (CLEAN [3]) -> Launched at 20:09:25 on 07/11/2011, Normal boot

 

Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86)

RIAN@RIAN-PC (Gigabyte Technology Co., Ltd. 945GCM-S2C)

 

============== ACTION(S) ==============

 

 

Folder deleted: C:\Users\RIAN\AppData\LocalLow\Toolbar4

File deleted: C:\Users\RIAN\Downloads\BandooV7.exe

 

(!) -- Temporary files deleted.

 

 

Key deleted: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key deleted: HKLM\Software\Classes\CLSID\{074E4EFE-81BB-4EA4-866E-082CB0E01070}

Key deleted: HKLM\Software\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}

Key deleted: HKLM\Software\Classes\CLSID\{0CE5B352-9D9C-41E1-9551-FCCD92820217}

Key deleted: HKLM\Software\Classes\CLSID\{167B2B5F-2757-434A-BBDA-2FDB2003F14F}

Key deleted: HKLM\Software\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}

Key deleted: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}

Key deleted: HKLM\Software\Classes\CLSID\{2E9A60EA-5554-49C3-BC9D-D0404DBACC62}

Key deleted: HKLM\Software\Classes\CLSID\{3E63C9BC-DD51-4E83-ABA6-B350EAD28531}

Key deleted: HKLM\Software\Classes\CLSID\{44CFFEF4-E7E1-44BD-B1F5-29F828ADA1B8}

Key deleted: HKLM\Software\Classes\CLSID\{872F3C0B-4462-424c-BB9F-74C6899B9F92}

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424c-BB9F-74C6899B9F92}

Key deleted: HKLM\Software\Classes\AppID\{9C123289-82E1-4da7-A3C2-B8D28AAD114B}

Key deleted: HKLM\Software\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}

Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7}

Key deleted: HKLM\Software\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}

Key deleted: HKLM\Software\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}

Key deleted: HKLM\Software\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}

Key deleted: HKLM\Software\Classes\CLSID\{CE1CB632-6817-47b3-8587-D05AF75D6D5A}

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47b3-8587-D05AF75D6D5A}

Key deleted: HKLM\Software\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}

Key deleted: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key deleted: HKLM\Software\Classes\CLSID\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}

Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}

Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}

Key deleted: HKLM\Software\Classes\CLSID\{EF2B6317-C367-401B-83B8-80302D6588A7}

Key deleted: HKLM\Software\Classes\CLSID\{F5379B4B-24D8-432A-9A96-BE75EE5117DB}

Key deleted: HKLM\Software\Classes\CLSID\{F7FB2BC4-6C27-4EAC-B5E2-037B71FDE101}

Key deleted: HKLM\Software\Classes\CLSID\{FD53FE35-4368-4B71-89D6-F29F3DB29DF1}

Key deleted: HKLM\Software\Classes\Interface\{115CCBAE-27B0-47C3-BA42-BAB708424393}

Key deleted: HKLM\Software\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}

Key deleted: HKLM\Software\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}

Key deleted: HKLM\Software\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}

Key deleted: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

Key deleted: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

Key deleted: HKLM\Software\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}

Key deleted: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

Key deleted: HKLM\Software\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}

Key deleted: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}

Key deleted: HKLM\Software\Classes\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690}

Key deleted: HKLM\Software\Classes\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA}

Key deleted: HKLM\Software\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}

Key deleted: HKLM\Software\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}

Key deleted: HKLM\Software\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2}

Key deleted: HKLM\Software\Classes\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}

Key deleted: HKLM\Software\Classes\BandooCoordinator.BandooCoordinator

Key deleted: HKLM\Software\Classes\BandooCoordinator.BandooCoordinator.1

Key deleted: HKLM\Software\Classes\BandooCoordinator.CoordinatorUI

Key deleted: HKLM\Software\Classes\BandooCoordinator.CoordinatorUI.1

Key deleted: HKLM\Software\Classes\BandooCoordinator.HTTPAsyncResult

Key deleted: HKLM\Software\Classes\BandooCoordinator.HTTPAsyncResult.1

Key deleted: HKLM\Software\Classes\BandooCoordinator.PlugInNotifier

Key deleted: HKLM\Software\Classes\BandooCoordinator.PlugInNotifier.1

Key deleted: HKLM\Software\Classes\BandooCore.BandooCore

Key deleted: HKLM\Software\Classes\BandooCore.BandooCore.1

Key deleted: HKLM\Software\Classes\BandooCore.ResourcesMngr

Key deleted: HKLM\Software\Classes\BandooCore.ResourcesMngr.1

Key deleted: HKLM\Software\Classes\BandooCore.SettingsMngr

Key deleted: HKLM\Software\Classes\BandooCore.SettingsMngr.1

Key deleted: HKLM\Software\Classes\BandooCore.StatisticMngr

Key deleted: HKLM\Software\Classes\BandooCore.StatisticMngr.1

Key deleted: HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin

Key deleted: HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin.1

Key deleted: HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl

Key deleted: HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl.1

Key deleted: HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl

Key deleted: HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl.1

Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd

Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1

Key deleted: HKLM\Software\Classes\AppID\BandooCoordinator.EXE

Key deleted: HKLM\Software\Classes\AppID\BandooCore.EXE

Key deleted: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL

Key deleted: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}

Key deleted: HKLM\Software\bandoo

Key deleted: HKCU\Software\Ask.com

Key deleted: HKCU\Software\AskSearchAsst

Key deleted: HKCU\Software\DataMngr

Key deleted: HKCU\Software\AppDataLow\AskToolbarInfo

Key deleted: HKCU\Software\AppDataLow\Software\AskToolbar

Key deleted: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}

Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2}

Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}

Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}

Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}

Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}

Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}

Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask.com Search Assistant

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ask.com Search Assistant

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Bandoo

Key deleting error: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar

 

Value deleted: HKCU\Software\Mozilla\Firefox\Extensions|ffox@bandoo.com

Value deleted: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC}

Value deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}

Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}

 

 

============== ADDITIONNAL SCAN ==============

 

**** Mozilla Firefox Version [7.0.1 (pt-BR)] ****

 

Plugins\npganymedenet.dll ( )

HKCU_MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0 (x)

HKCU_MozillaPlugins\mattelinc.com/HotWheelsLoader (x)

Searchplugins\avg_igeared.xml (hxxp://search.avg.com/route/?d=4af21366&v=7.008.031.001&i=23&tp=chrome&q={searchTerms}&lng=pt-BR&iy=&ychte=us/)

Searchplugins\buscape.xml (hxxp://busca.buscape.com.br/cprocura)

Searchplugins\mercadolivre.xml (hxxp://pmstrk.mercadolivre.com.br/jm/PmsTrk)

Searchplugins\SearchResults.xml ( hxxp://dts.search-results.com/sr?src=ffb&appid=120&systemid=101&q={searchTerms}/)

Searchplugins\wikipedia-br.xml (hxxp://pt.wikipedia.org/wiki/Especial:Busca)

Searchplugins\yahoo-br.xml (hxxp://br.search.yahoo.com/search)

Components\browsercomps.dll (Mozilla Foundation)

HKLM_Extensions|{1E73965B-8B48-48be-9C8D-68B920ABC1C4} - C:\Program Files\AVG\AVG2012\Firefox4\

 

-- C:\Users\RIAN\AppData\Roaming\Mozilla\FireFox\Profiles\c46lnu1g.default --

 

========================================

 

**** Google Chrome Version [15.0.874.106] ****

 

Extension\dloejdefkancmfajekobpfoacecnhpgp (C:\Program Files\Bandoo\ChromePackage.crx) (x)

Extension\jmfkcklnlgedgbglfkkgedjfmejoahla (C:\Program Files\AVG\AVG2012\Chrome\safesearch.crx) (?)

Extension\lpkbfdhlbdkjohbhnhabfecpmcdlcmff (C:\Users\RIAN\AppData\Roaming\kikin\kikin_installer_1.23.14_counterstrike2d_win.crx) (?)

 

-- C:\Users\RIAN\AppData\Local\Google\Chrome\User Data\Default --

Preferences - default_search_provider: "Google" (Enabled: true) (?)

Preferences - homepage: hxxp://google/

Preferences - homepage_is_newtabpage: true

Plugin - Remoting Viewer (Enabled: true) (internal-remoting-viewer) (x)

Plugin - Native Client (Enabled: true) (C:\Users\RIAN\AppData\Local\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll)

Plugin - AVG Internet Security (Enabled: true) (C:\Users\RIAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll) (x)

Plugin - Windows Live\u0099 Photo Gallery (Enabled: true) (C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll)

Plugin - Unity Player (Enabled: true) (C:\Users\RIAN\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll)

Plugin - HotWheels Loader (Enabled: true) (C:\Users\RIAN\AppData\Local\sswat_hwrc_win_live\npHotWheelsLoader.dll)

Plugin - "Java" (Enabled: true)

Plugin - "Silverlight" (Enabled: true)

Plugin - "Remoting Viewer" (Enabled: true)

Plugin - "Native Client" (Enabled: true)

Plugin - "AVG Internet Security" (Enabled: true)

Plugin - "GanymedeNet.Detector" (Enabled: true)

Plugin - "Windows Live\u0099 Photo Gallery" (Enabled: true)

Plugin - "Unity Player" (Enabled: true)

Plugin - "HotWheels Loader" (Enabled: true)

 

========================================

 

**** Internet Explorer Version [8.0.6001.19154] ****

 

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896

HKCU_Main|Start Page - hxxp://fr.msn.com/

HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm

HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Start Page - hxxp://fr.msn.com/

HKCU_URLSearchHooks|*{CFBFAE00-17A6-11D0-99CB-00C04FD64497} (x)

HKCU_SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e} - "Search" (hxxp://www.bigseekpro.com/search/browser/aresdestiny/{2D1B45AE-DD6F-4047-BB1D-66...)

HKCU_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2101} - "?" (?)

HKCU_SearchScopes\{AC129BF9-68BF-4bc4-A1DC-ECB62712FF99} - "kikin Search" (hxxp://search.kikin.com/search/?q={searchTerms})

HKCU_SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - "AVG Secure Search" (hxxp://search.avg.com/route/?d=4af21366&v=6.10.6.4&i=23&tp=chrome&q={searchTerms...)

HKLM_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2101} - "Search Results" (hxxp://dts.search-results.com/sr?src=ieb&appid=120&systemid=101&q={searchTerms})

HKCU_Toolbar\WebBrowser|{C55BBCD6-41AD-48AD-9953-3609C48EACC7} (x)

HKCU_Toolbar\WebBrowser|{CCC7A320-B3CA-4199-B1A6-9F516DD69829} (x)

HKLM_Toolbar|{CCC7A320-B3CA-4199-B1A6-9F516DD69829} (x)

HKLM_Toolbar|{99079a25-328f-4bd4-be04-00955acaa0a7} (x)

HKCU_ElevationPolicy\{8F8BAD52-D4D2-4669-9E8E-A7AAE8393056} - C:\Program Files\kikin\KikinBroker.exe (kikin)

HKCU_ElevationPolicy\{96EC0988-6545-4017-9D2A-01312FA6571F} - C:\Program Files\QuickTime\qttask.exe (Apple Inc.)

HKCU_ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} - C:\Users\RIAN\AppData\Local\Google\Chrome\Application\14.0.835.202\chrome_launcher.exe (x)

HKLM_ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2} - C:\Program Files\Orbitdownloader\orbitdm.exe (x)

HKLM_ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} - C:\Program Files\FileBulldog Toolbar\TbHelper2.exe (x)

HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)

HKLM_Extensions\{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - "?" (?)

BHO\{C41A1C0E-EA6C-11D4-B1B8-444553540007} - "GbIehObj Class" (C:\PROGRA~1\GbPlugin\gbiehAbn.dll)

BHO\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - "Google Dictionary Compression sdch" (C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll)

BHO\{E601996F-E400-41CA-804B-CD6373A7EEE2} - "kikin Plugin" (C:\Program Files\kikin\ie_kikin.dll)

 

========================================

 

C:\Program Files\Ad-Remover\Quarantine: 284 File(s)

C:\Program Files\Ad-Remover\Backup: 17 File(s)

 

C:\Ad-Report-CLEAN[1].txt - 07/11/2011 20:04:46 (1179 Byte(s))

C:\Ad-Report-CLEAN[2].txt - 07/11/2011 20:07:40 (635 Byte(s))

C:\Ad-Report-CLEAN[3].txt - 07/11/2011 20:09:29 (15926 Byte(s))

C:\Ad-Report-SCAN[1].txt - 07/11/2011 10:35:26 (18090 Byte(s))

 

End at: 20:10:36, 07/11/2011

 

============== E.O.F ==============

[wings 22]

1.

*Execute o AD-Remover e clique [uninstall] > [Não] > [Close]

*Delete a pasta C:\Arquivos de programas\Ad-Remover

*Delete o arquivo C:\Ad-Report-CLEAN[1].txt

 

2.

*Delete o DDS e seus rtelatórios

 

3.

*Baixe o ATF Cleaner

*Execute-o e selecione: Select All

*Clique [Empty Selected]

*Feche o programa

 

4.

*Baixe o PureRa

*Extraia para uma pasta

*Execute-o, clique [Next], selecione a opção [X]Check All e clique [Clean]

*Ao finalizar, clique [Exit]

 

Informe como está o PC.

[altasena 0]

1.

*Execute o AD-Remover e clique [uninstall] > [Não] > [Close]

*Delete a pasta C:\Arquivos de programas\Ad-Remover

*Delete o arquivo C:\Ad-Report-CLEAN[1].txt

 

2.

*Delete o DDS e seus rtelatórios

 

3.

*Baixe o ATF Cleaner

*Execute-o e selecione: Select All

*Clique [Empty Selected]

*Feche o programa

 

4.

*Baixe o PureRa

*Extraia para uma pasta

*Execute-o, clique [Next], selecione a opção [X]Check All e clique [Clean]

*Ao finalizar, clique [Exit]

 

Informe como está o PC.

Boa noite, muito obrigado pela atenção!! Sinto lhe informar que continua lento , demorando quando liga , quando reinicia também, e acontece muito de dar este programa não esta respondendo. Grato.Um abraço

[wings 22]

1.

*Delete o arquivo C:\PureRa.txt

 

2.

*Baixe e instale o MalwareBytes

*Aguarde a atualização e o programa será aberto automaticamente

*Na aba [Verificação], selecione [Verificação completa]

*Clique [Verificar] e selecione a partição onde o Windows está instalado

*Ao finalizar o scan, clique [sIM] > [OK] > [Ver Resultados] > [Remover Selecionados]

*Cole o relatório apresentado

 

Caso já tenhas o Malwarebytes instalado....

 

*Execute-o, clique [Atualização] > [baixar Atualizações]

*Na aba [Verificação], selecione Verificação completa

*Clique [Verificar] e selecione a partição onde o Windows está instalado

*Ao término, clique [sIM] > [OK] > [Ver Resultados] > [Remover Selecionados]

*Cole o relatório apresentado

[altasena 0]

1.

*Delete o arquivo C:\PureRa.txt

 

2.

*Baixe e instale o MalwareBytes

*Aguarde a atualização e o programa será aberto automaticamente

*Na aba [Verificação], selecione [Verificação completa]

*Clique [Verificar] e selecione a partição onde o Windows está instalado

*Ao finalizar o scan, clique [sIM] > [OK] > [Ver Resultados] > [Remover Selecionados]

*Cole o relatório apresentado

 

Caso já tenhas o Malwarebytes instalado....

 

*Execute-o, clique [Atualização] > [baixar Atualizações]

*Na aba [Verificação], selecione Verificação completa

*Clique [Verificar] e selecione a partição onde o Windows está instalado

*Ao término, clique [sIM] > [OK] > [Ver Resultados] > [Remover Selecionados]

*Cole o relatório apresentado

Boa noite , desculpe não ter respondido antes! Fiz e relatório abaixo!Grato pela atenção! Abraço!

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

 

Versão da Base de Dados: 8132

 

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.19154

 

10/11/2011 16:12:54

mbam-log-2011-11-10 (16-12-54).txt

 

Tipo de Verificação: Verificação Completa (C:\|)

Objetos escaneados: 351877

Tempo decorrido: 1 hora(s), 44 minuto(s), 6 segundo(s)

 

Processos de Memória Infectados: 0

Módulos de Memória Infectados: 0

Chaves de Registro Infectadas: 0

Valores de Registro Infectados: 0

Itens de Dados no Registro Infectados: 0

Pastas Infectadas: 0

Arquivos Infectados: 0

 

Processos de Memória Infectados:

(Não foram detectados ítens maliciosos)

 

Módulos de Memória Infectados:

(Não foram detectados ítens maliciosos)

 

Chaves de Registro Infectadas:

(Não foram detectados ítens maliciosos)

 

Valores de Registro Infectados:

(Não foram detectados ítens maliciosos)

 

Itens de Dados no Registro Infectados:

(Não foram detectados ítens maliciosos)

 

Pastas Infectadas:

(Não foram detectados ítens maliciosos)

 

Arquivos Infectados:

(Não foram detectados ítens maliciosos)

[wings 22]

1.

*Baixe o AdwCleaner e salve-o no desktop

 

Obs. Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar:

 

*Execute-o e clique [supression]

*Cole o relatório apresentado

 

2.

*Baixe o Kaspersky Virus Removal Tool Versão 11 e salve-o no desktop

 

*Execute-o e clique no botão

 

*Selecione: Meu computador

 

*Clique

 

*Clique [start scanning]

 

*Durante o scan, janelas surgirão. Nas janelas como a abaixo, não faça nada.

 

 

*Caso encontre algo, selecione Apply to all objects e clique [skip]

 

 

 

 

 

*Ao término, clique

 

 

*Clique Detected threats > [save] e salve no desktop como log.txt

 

*Cole o relatório log.txt salvo no desktop

 

3.

*Dê uma lida nestes links:

 

http://www.travou.com.br/site/2008/04/windows-vista-lento-como-deixa-lo-mais-rapido/

http://windows.microsoft.com/pt-BR/windows-vista/Optimize-Windows-Vista-for-better-performance

http://www.superdicas.net/windows-vista/17-dicas-para-deixar-o-windows-vista-mais-rapido.html

[altasena 0]

1.

*Baixe o AdwCleaner e salve-o no desktop

 

Obs. Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar:

 

*Execute-o e clique [supression]

*Cole o relatório apresentado

 

2.

*Baixe o Kaspersky Virus Removal Tool Versão 11 e salve-o no desktop

 

*Execute-o e clique no botão

 

*Selecione: Meu computador

 

*Clique

 

*Clique [start scanning]

 

*Durante o scan, janelas surgirão. Nas janelas como a abaixo, não faça nada.

 

 

*Caso encontre algo, selecione Apply to all objects e clique [skip]

 

 

 

 

 

*Ao término, clique

 

 

*Clique Detected threats > [save] e salve no desktop como log.txt

 

*Cole o relatório log.txt salvo no desktop

 

3.

*Dê uma lida nestes links:

 

http://www.travou.com.br/site/2008/04/windows-vista-lento-como-deixa-lo-mais-rapido/

http://windows.microsoft.com/pt-BR/windows-vista/Optimize-Windows-Vista-for-better-performance

http://www.superdicas.net/windows-vista/17-dicas-para-deixar-o-windows-vista-mais-rapido.html

Olá boa noite, não foi possivel fz o Adwcleaner pois dá erro line 4544 mesmo como administrador. Fiz o outro , log abaixo,dei uma lida nos links , a maioria dos itens já conhecia e já fiz, muito obrigado pelas dicas!! Grato!

Status: Deleted (events: 1)

11/11/2011 16:40:44 Deleted Trojan program Trojan-Downloader.WMA.FakeDRM.bb C:\Documents and Settings\RIAN\Desktop\My Shared Folder\chora me liga emplora pelo meu amor (good).wma High

[wings 22]

Realmente, não há relação com malwares.

 

Informe se o PC melhorou. Caso contrário, estas lentidões costumam ser comuns no Vista.

 

1.

*Execute o AdwCleaner e clique [Désinstallation] > [sim]

 

2.

*Delete o arquivo setup do Kaspersky e o relatório salvo no desktop

[altasena 0]

Boa noite,o pc melhorou sim, retirei alguns programas , li alguns arquivos sobre o vista e acho que agora ele está normal!!! Gostaria de agradecer muito a sua ajuda e sua dedicação!! Um bom final de semana p/ ti!! Abraços! :joia:

[wings 22]

PROBLEMA RESOLVIDO

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.