Alan Klen 0 Denunciar post Postado Setembro 9, 2012 Olá sei que vcs resolveram meu problema com meu pc recentemente e agora ele ta otimo mas agora quero ajudar a resolver o pc duma amiga que anda muito lento e meio travando as vezes abaixo o log do hijackthis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:54:34, on 09/09/2012 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe C:\PROGRA~1\GbPlugin\GbpSv.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\PSafe\PSafeCategoryFinder.exe C:\Program Files\PSafe\PSafesvc.exe C:\Program Files\PSafe\PSafeWD.exe c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\PSafe\PSafeSysTray.exe C:\Windows\system32\svchost.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe C:\Program Files\PSafe\Protege\psprotege.exe C:\Program Files\PSafe\PSafeWDS.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Positivo\Deskmedia\GerenciadorLocal.exe C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Program Files\CCleaner\CCleaner.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Administrador\Downloads\HiJackThis.exe C:\Windows\system32\wbem\wmiprvse.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files\GbPlugin\gbieh.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [PSafeSysTray] "C:\Program Files\PSafe\PSafeSysTray.exe" O4 - HKLM\..\Run: [Deskmedia] C:\Positivo\Deskmedia\GerenciadorLocal.exe" O4 - HKLM\..\Run: [Deskmedia2] "C:\Positivo\Deskmedia\InstaladorLite.exe" O4 - HKLM\..\Run: [Deskmedia3] "C:\Positivo\Deskmedia\GerenciadorLocal.exe" O4 - HKLM\..\Run: [sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SISTEMA') O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user') O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O15 - Trusted Zone: www.bancobrasil.com.br O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: www.bb.com.br O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{C77AFBE9-C316-4D41-99AC-CEBB4DCDD906}: NameServer = 200.175.5.139 200.175.182.139 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GRA32A~1.DLL O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~1\GbPlugin\GbpSv.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: PSafeLockBoxSvc - PSafe - C:\Program Files\PSafe\PSafeCategoryFinder.exe O23 - Service: PSafeSVC - PSafe S/A - C:\Program Files\PSafe\PSafesvc.exe O23 - Service: PSafeWD - PSafe - C:\Program Files\PSafe\PSafeWD.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- End of file - 8447 bytes Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Setembro 9, 2012 Boa noite Alan Klen :seta: Baixe o OTL e salve-o no Desktop *Execute-o. Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar Executar como administrador *Selecione as opções: Verificar All Users Verificar Lop Verificar Purity *Cole as linhas, em marrom, no espaço abaixo de Exames Personalizados/Correções netsvcs HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes *Clique [Verificar] *Ao término, os relatórios OTL.txt e Extras.txt serão criados no Desktop (Área de Trabalho) :seta: Acesse este link *Clique [selecionar arquivo] *Localize o arquivo OTL.txt no Desktop (Área de Trabalho) e clique [Abrir] *Clique [Envoyer le fichier] *Cole o link criado abaixo de Fichier envoyé avec succés! Copiez votre lien : *Repita o procedimento para o relatório Extras.txt e cole o link Compartilhar este post Link para o post Compartilhar em outros sites
Alan Klen 0 Denunciar post Postado Setembro 10, 2012 Ola, minha amiga fez esses passos, mas deu esse erro aqui: http://imageshack.us/photo/my-images/266/tfr61c8tmp.jpg/ Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Setembro 10, 2012 :seta: Execute o OTL. Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar Executar como administrador *Clique [Limpeza] > [OK] *O PC será reiniciado :seta: Tente esta versão. Salve no Desktop (Área de Trabalho) *Caso apareça o mesmo erro faça o procedimento abaixo :seta: Baixe o DDS (...de sUBs) e salve-o no desktop (Área de Trabalho) *Execute-o. Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar Executar como administrador *Salve os relatórios DDS.txt e Attach.txt no desktop (Área de Trabalho) *Cole-os na sua próxima resposta Compartilhar este post Link para o post Compartilhar em outros sites
Alan Klen 0 Denunciar post Postado Setembro 10, 2012 Deu o mesmo erro de novo, dai teve que usar o DDS, ta ai os relatorios: DDS.txt: . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 10.5.1 Run by Administrador at 20:21:09 on 2012-09-10 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.55.1046.18.1981.940 [GMT -3:00] . SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\PROGRA~1\GbPlugin\GbpSv.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\PSafe\PSafeSysTray.exe C:\Program Files\PSafe\PSafeCategoryFinder.exe C:\Program Files\PSafe\Protege\psprotege.exe C:\Program Files\PSafe\PSafesvc.exe C:\Program Files\PSafe\PSafeWD.exe c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\PSafe\PSafeWDS.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\WUDFHost.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\conhost.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com.br/ BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office12\GR469A~1.DLL BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540000} - c:\program files\gbplugin\gbieh.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll uRun: [AdobeBridge] uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [PSafeSysTray] "c:\program files\psafe\PSafeSysTray.exe" mRun: [sidebar] "c:\program files\windows sidebar\sidebar.exe" /autoRun dRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xportar para o Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL Trusted Zone: bancobrasil.com.br\www Trusted Zone: bancobrasil.com.br\www14 Trusted Zone: bancobrasil.com.br\www2 Trusted Zone: bb.com.br\www DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: Interfaces\{4A589235-03CB-48B2-BD44-B2115A6A1DED} : DhcpNameServer = 8.8.8.8 189.40.224.80 TCP: Interfaces\{C77AFBE9-C316-4D41-99AC-CEBB4DCDD906} : NameServer = 200.175.5.139 200.175.182.139 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~3\office12\GRA32A~1.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: GbPluginBb - c:\program files\gbplugin\gbieh.dll Notify: igfxcui - igfxdev.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office12\GR469A~1.DLL SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399f83} - c:\program files\gbplugin\gbieh.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\users\administrador\appdata\roaming\mozilla\firefox\profiles\676sdmv7.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851643&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon) FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=113752&tt=060612_5_&babsrc=HP_ss&mntrId=ac067168000000000000000000000000 FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851643&SearchSource=2&q= . ---- FIREFOX POLICIES ---- FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=113752&tt=060612_5_ FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.id - ac067168000000000000000000000000 FF - user.js: extensions.BabylonToolbar_i.hardId - ac067168000000000000000000000000 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15507 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.170:47:27 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . ============= SERVICES / DRIVERS =============== . R0 360HookOem;360HookOem;c:\windows\system32\drivers\360HookOem.sys [2012-6-16 54912] R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [2011-2-17 43600] R1 360FileOem;360FileOem;c:\windows\system32\drivers\360FileOem.sys [2012-6-16 146304] R1 360RegOem;360RegOem;c:\windows\system32\drivers\360RegOem.sys [2012-6-16 23168] R1 360SpOEM;360SpOEM;c:\windows\system32\drivers\360SpOEM.sys [2012-9-8 64048] R2 GbpSv;Gbp Service;c:\progra~1\gbplugin\GbpSv.exe [2011-7-20 208264] R2 PSafeLockBoxSvc;PSafeLockBoxSvc;c:\program files\psafe\PSafeCategoryFinder.exe [2012-9-8 1051400] R2 PSafeSVC;PSafeSVC;c:\program files\psafe\PSafesvc.exe [2012-9-8 1448200] R2 PSafeWD;PSafeWD;c:\program files\psafe\PSafeWD.exe [2012-9-8 30472] R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2012-7-5 3048136] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-12-9 136176] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2009-12-18 11336] S3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [2011-10-6 498528] S3 gupdatem;Serviço do Google Update (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-12-9 136176] S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2012-3-26 18432] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?] S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096] . =============== Created Last 30 ================ . 2012-09-10 15:05:10 -------- d-----w- c:\users\administrador\appdata\local\{B6576AF6-46F7-44C9-90AD-B99FE506CDBF} 2012-09-09 15:16:01 -------- d-----w- c:\users\administrador\appdata\roaming\Positivo 2012-09-09 02:30:45 -------- d-----w- C:\Positivo 2012-09-09 02:30:35 -------- d-----w- c:\programdata\PSafe 2012-09-09 02:30:27 64048 ----a-r- c:\windows\system32\drivers\360SpOEM.sys 2012-09-09 02:29:21 -------- d-----w- c:\program files\PSafe 2012-09-09 01:58:50 -------- d-sh--w- C:\$RECYCLE.BIN 2012-09-09 01:58:47 -------- d-----w- c:\users\administrador\appdata\local\temp 2012-09-08 15:42:30 -------- d-----w- c:\users\administrador\appdata\local\{C037DD25-3AC6-43B6-9351-64B47C03D1CA} 2012-09-08 01:35:45 -------- d-----w- c:\users\administrador\appdata\local\{9FD50FD9-9153-4DCE-A132-A43AEA0ED08B} 2012-09-07 20:18:27 -------- d-----w- c:\program files\Global Games 2012-09-07 14:57:15 -------- d-----w- c:\users\administrador\appdata\local\{9929C460-59A7-48A1-8590-5773D9801713} 2012-09-06 21:42:35 -------- d-----w- c:\users\administrador\appdata\local\{DE7DF54C-0BA2-4A5C-A873-789D25EC94F1} 2012-09-06 11:26:55 -------- d-----w- c:\users\administrador\appdata\local\{30AE9011-0B06-449D-A4E7-9E8CCD92FF64} 2012-09-05 21:51:31 -------- d-----w- c:\users\administrador\appdata\local\{3617AD3E-ABF7-4B56-B1B4-131C24A27114} 2012-09-05 11:27:13 -------- d-----w- c:\users\administrador\appdata\local\{C1154454-0856-465D-8E61-583DF8D6DD00} 2012-09-04 17:41:21 -------- d-----w- c:\users\administrador\appdata\local\{795B580E-A40F-4B15-9707-632ACF8F1AAD} 2012-09-04 10:27:48 -------- d-----w- c:\users\administrador\appdata\local\{C0CE7426-5548-4B5B-B6FE-675ACF85B9F4} 2012-09-03 16:19:18 -------- d-----w- c:\users\administrador\appdata\local\{3E0C8F96-BA4A-4A4E-9BD0-7C8B921562ED} 2012-09-01 01:27:28 -------- d-----w- c:\users\administrador\appdata\local\{CE561520-2B83-4810-BD37-1C6FC2B305E6} 2012-08-31 13:26:57 -------- d-----w- c:\users\administrador\appdata\local\{118BFD5D-17DC-418F-8C85-1283CD91AED3} 2012-08-30 13:25:47 -------- d-----w- c:\users\administrador\appdata\local\{416DECD0-72D1-44C5-B708-D7CA12CE2561} 2012-08-30 01:23:16 -------- d-----w- c:\users\administrador\appdata\local\{26E7DF6B-928F-41FD-BD0F-A41C4A033AD0} 2012-08-29 11:07:01 -------- d-----w- c:\users\administrador\appdata\local\{2BB7D707-FFFA-44CD-AED2-13E393A68D9F} 2012-08-28 12:09:57 -------- d-----w- c:\users\administrador\appdata\local\{C9E1BA08-17DB-4DDD-BCC6-B05B98DC2ED0} 2012-08-27 21:41:05 -------- d-----w- c:\users\administrador\appdata\local\{1222EE78-9C55-4A49-8491-FC30BA336244} 2012-08-27 03:53:47 -------- d-----w- c:\users\administrador\appdata\local\{55D5F530-B8FF-41AD-8A57-41E5C950593A} 2012-08-26 15:25:28 -------- d-----w- c:\users\administrador\appdata\local\{7012D82A-9507-41F7-9E6E-EEA4801CD472} 2012-08-26 12:35:15 -------- d-----w- c:\users\administrador\appdata\local\{7CA74857-60E3-4913-9477-9A5F1B1B3640} 2012-08-25 13:56:58 -------- d-----w- c:\users\administrador\appdata\local\{9E9666A8-DE67-484B-97A3-89EBD947C183} 2012-08-25 10:37:41 -------- d-----w- c:\users\administrador\appdata\local\{3313A10E-B4FF-4D01-9BF1-5082F48F9E31} 2012-08-25 09:15:53 -------- d-----w- c:\users\administrador\appdata\local\{18B882B6-30FA-411C-A483-C4C4B33A4773} 2012-08-24 18:28:02 -------- d-----w- c:\users\administrador\appdata\local\{A58CE330-F804-4B95-847B-4DDD83E00DD1} 2012-08-24 11:45:45 -------- d-----w- c:\users\administrador\appdata\local\{7214A853-C3C5-401C-AA76-6F1062D24067} 2012-08-24 01:38:40 -------- d-----w- c:\users\administrador\appdata\local\{082D3C4A-C4C3-4F12-9F3F-533994A1C06E} 2012-08-23 09:43:07 -------- d-----w- c:\users\administrador\appdata\local\{2E0D059E-16D0-49F2-8905-BBE9724962EE} 2012-08-22 04:47:09 -------- d-----w- c:\users\administrador\appdata\local\{1E566DEF-96DD-45DE-81F0-3EBB3B47F690} 2012-08-21 19:20:47 -------- d-----w- c:\users\administrador\appdata\local\{AF347A86-47D3-4463-819C-641535E6019F} 2012-08-21 02:55:45 -------- d-----w- C:\SG Interactive 2012-08-21 00:39:55 -------- d-----w- c:\users\administrador\appdata\local\NCSoft 2012-08-20 23:31:13 -------- d-----w- c:\users\administrador\appdata\roaming\GetRightToGo 2012-08-20 22:43:07 -------- d-----w- c:\program files\PangYa Brasil 2012-08-20 02:12:15 -------- d-----w- c:\users\administrador\appdata\local\{51028BB6-A156-4A66-93F2-B15165014C26} 2012-08-19 14:10:19 -------- d-----w- c:\users\administrador\appdata\local\{426473DE-1010-4415-95B7-05D8F010B12E} 2012-08-19 00:38:59 -------- d-----w- c:\programdata\PWD 2012-08-18 16:22:00 -------- d-----w- C:\Level Up! Games 2012-08-18 16:15:17 -------- d-----w- c:\users\administrador\appdata\local\{80F99CC6-B5B7-46DA-9088-43694331EAB7} 2012-08-18 12:24:26 -------- d-----w- c:\users\administrador\appdata\local\{35ACCE7B-6198-4CDC-8D8D-660739AD0BE8} 2012-08-17 19:37:10 -------- d-----w- c:\users\administrador\appdata\local\{7B350A65-2F89-4B98-8DF9-455F77A8CD37} 2012-08-17 19:35:12 -------- d-----w- c:\users\administrador\appdata\local\{277CF786-D1C4-4C6E-98D2-920051EF69D4} 2012-08-17 11:18:45 -------- d-----w- c:\users\administrador\appdata\local\{E9D43643-61CE-4069-935C-D6EB7FD01D78} 2012-08-16 15:50:56 -------- d-----w- c:\users\administrador\appdata\local\{38CEC942-9C8C-4A8F-865F-0830E7413AA2} 2012-08-16 15:47:55 -------- d-----w- c:\users\administrador\appdata\local\{95E8DC4B-4320-47F0-97F5-1A2B7B72E5C8} 2012-08-16 00:24:47 -------- d-----w- c:\users\administrador\appdata\local\{9C9ED0F1-9E65-49E6-A112-0C094FB3E972} 2012-08-15 12:23:45 -------- d-----w- c:\users\administrador\appdata\local\{EDADE9B0-8824-41B2-9D65-61134BC91824} 2012-08-15 12:19:12 -------- d-----w- c:\users\administrador\appdata\local\{30D20E60-CF8A-4F50-B26C-280AEBA51777} 2012-08-14 22:26:53 -------- d-----w- c:\users\administrador\appdata\local\{31E31A7B-5114-4F7B-8F7F-F2FE18E7ECBC} 2012-08-14 22:25:07 -------- d-----w- c:\users\administrador\appdata\local\{A3D6F26C-26A9-43D7-BFA2-DCC5854AF46F} 2012-08-13 22:38:02 -------- d-----w- c:\users\administrador\appdata\local\{38D37DD9-A2DF-4C17-B7CA-33099864F013} 2012-08-13 03:25:59 -------- d-----w- c:\users\administrador\appdata\local\{C162D79A-A9AE-43A1-A383-A793A9B141BF} 2012-08-13 03:23:43 -------- d-----w- c:\users\administrador\appdata\local\{92293784-049C-4D18-889C-D6AE48D18964} . ==================== Find3M ==================== . . ============= FINISH: 20:22:21,73 =============== Attach.txt: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 09/12/2010 16:14:04 System Uptime: 10/09/2012 19:54:52 (1 hours ago) . Motherboard: INTELBRAS | | IE-G41T-M7 Processor: Pentium® Dual-Core CPU E5400 @ 2.70GHz | CPU 1 | 2693/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 298 GiB total, 189,436 GiB free. D: is CDROM () E: is Removable F: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . AAC Decoder ADL Uncompressor Adobe AIR Adobe Community Help Adobe Download Manager 2.2 (Só remoção) Adobe Dreamweaver CS5 Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Media Player Adobe Photoshop CS5 Adobe Reader 9.4.3 - Português Adobe Shockwave Player 11.5 Apple Application Support Apple Mobile Device Support Apple Software Update µTorrent Audacity 1.3.12 (Unicode) AutoUpdate Bonjour CCleaner CDBurnerXP Charecterizer 1.0 Compressor WinRAR Controle ActiveX do Windows Live Mesh para Conexões Remotas Corel Graphics - Windows Shell Extension CorelDRAW Graphics Suite X5 CorelDRAW Graphics Suite X5 - BR CorelDRAW Graphics Suite X5 - Capture CorelDRAW Graphics Suite X5 - Common CorelDRAW Graphics Suite X5 - Connect CorelDRAW Graphics Suite X5 - Custom Data CorelDRAW Graphics Suite X5 - Draw CorelDRAW Graphics Suite X5 - Filters CorelDRAW Graphics Suite X5 - FontNav CorelDRAW Graphics Suite X5 - IPM CorelDRAW Graphics Suite X5 - PHOTO-PAINT CorelDRAW Graphics Suite X5 - Photozoom Plugin CorelDRAW Graphics Suite X5 - Redist CorelDRAW Graphics Suite X5 - Setup Files CorelDRAW Graphics Suite X5 - VBA CorelDRAW Graphics Suite X5 - VideoBrowser CorelDRAW Graphics Suite X5 - VSTA CorelDRAW Graphics Suite X5 - WT CorelDRAW® Graphics Suite X5 D3DX10 DAEMON Tools Toolbar DivX Codec DivX Converter DivX Player DivX Plus DirectShow Filters DivX Plus Media Foundation Components DivX Plus Web Player DivX Version Checker Dragona Online Driver Robot EPSON Scan Forsaken 0.11.0 Garena Plus Google Chrome Google Earth Google Update Helper H.264 Decoder Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040) Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308) Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344) Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540) Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) Intel® Graphics Media Accelerator Driver iTunes Java Auto Updater Java 6 Update 29 Java 7 Update 5 JavaFX 2.1.1 JDownloader K-Lite Mega Codec Pack 8.1.0 Messenger Plus! 5 Microsoft .NET Framework 1.1 Microsoft Application Error Reporting Microsoft Office Access MUI (Portuguese (Brazil)) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Portuguese (Brazil)) 2007 Microsoft Office Groove MUI (Portuguese (Brazil)) 2007 Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007 Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007 Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (Portuguese (Brazil)) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (Portuguese (Brazil)) 2007 Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007 Microsoft Office Shared MUI (Portuguese (Brazil)) 2007 Microsoft Office Word MUI (Portuguese (Brazil)) 2007 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Visual J# .NET Redistributable Package 1.1 Microsoft Visual Studio Tools for Applications 2.0 - ENU Microsoft Visual Studio Tools for Applications 2.0 Runtime Microsoft WSE 3.0 Runtime Microsoft_VC80_ATL_x86 Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 MKV Splitter Mozilla Firefox 8.0.1 (x86 pt-BR) MSVCRT NCsoft Launcher neroxml Pando Media Booster Pangya (Ntreev USA) PANGYA BRASIL BR.S4.100.14 PDF Settings CS5 PhotoScape PSafe Real Alternative 2.0.1 Skype Click to Call Skype™ 5.10 System Requirements Lab CYRI System Requirements Lab for Intel VC80CRTRedist - 8.0.50727.4053 Visual Basic for Applications ® Core Visual Basic for Applications ® Core - English Visual Basic for Applications ® Core - Portuguese (Brazil) Warcraft III Reign of Chaos & The Frozen Throne Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live OneCare safety scanner Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack . ==== End Of File =========================== Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Setembro 11, 2012 :seta: Baixe o AdwCleaner (...de Xplode) e salve-o no desktop (Área de Trabalho) *Execute-o. Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar Executar como administrador *Clique [Delete] *Cole o relatório apresentado Compartilhar este post Link para o post Compartilhar em outros sites
Alan Klen 0 Denunciar post Postado Setembro 12, 2012 feito, aqui está: # AdwCleaner v2.001 - Logfile created 09/12/2012 at 11:18:00 # Updated 09/09/2012 by Xplode # Operating system : Windows 7 Home Premium (32 bits) # User : Administrador - MEUCOMPUTADOR # Boot Mode : Normal # Running from : C:\Users\Administrador\Downloads\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml File Deleted : C:\user.js File Deleted : C:\Users\Administrador\AppData\Roaming\Mozilla\Firefox\Profiles\676sdmv7.default\searchplugins\Conduit.xml File Deleted : C:\Users\Administrador\AppData\Roaming\Mozilla\Firefox\Profiles\676sdmv7.default\searchplugins\mywebsearch.xml Folder Deleted : C:\Program Files\Conduit Folder Deleted : C:\Program Files\DAEMON Tools Toolbar Folder Deleted : C:\ProgramData\Babylon Folder Deleted : C:\Users\Administrador\AppData\Local\Conduit Folder Deleted : C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdebcffgnijbblbinknkbefciofebcda Folder Deleted : C:\Users\Administrador\AppData\LocalLow\BabylonToolbar Folder Deleted : C:\Users\Administrador\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Administrador\AppData\LocalLow\FunWebProducts Folder Deleted : C:\Users\Administrador\AppData\LocalLow\MyWebSearch Folder Deleted : C:\Users\Administrador\AppData\Roaming\Babylon Folder Deleted : C:\Users\Administrador\AppData\Roaming\Mozilla\Firefox\Profiles\676sdmv7.default\ConduitCommon Folder Deleted : C:\Users\Administrador\AppData\Roaming\Mozilla\Firefox\Profiles\676sdmv7.default\CT2851643 Folder Deleted : C:\Users\Administrador\AppData\Roaming\Mozilla\Firefox\Profiles\676sdmv7.default\extensions\{e0301295-ab3e-4af3-979f-3d453c5f9f48} Folder Deleted : C:\Users\Administrador\AppData\Roaming\Mozilla\Firefox\Profiles\676sdmv7.default\extensions\DTToolbar@toolbarnet.com Folder Deleted : C:\Users\Administrador\AppData\Roaming\Mozilla\Firefox\Profiles\676sdmv7.default\extensions\ffxtlbr@babylon.com Folder Deleted : C:\Users\Administrador\AppData\Roaming\Mozilla\Firefox\Profiles\676sdmv7.default\extensions\staged ***** [Registry] ***** Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar Key Deleted : HKCU\Software\Babylon Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\Google\Chrome\Extensions\mdebcffgnijbblbinknkbefciofebcda Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478} Key Deleted : HKCU\Software\Softonic Key Deleted : HKLM\Software\Babylon Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2851643 Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mdebcffgnijbblbinknkbefciofebcda Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}] ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.7600.16385 Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?affID=113752&tt=060612_5_&babsrc=NT_ss&mntrId=ac067168000000000000000000000000 --> hxxp://www.google.com -\\ Mozilla Firefox v8.0.1 (pt-BR) Profile name : default File : C:\Users\Administrador\AppData\Roaming\Mozilla\Firefox\Profiles\676sdmv7.default\prefs.js C:\Users\Administrador\AppData\Roaming\Mozilla\Firefox\Profiles\676sdmv7.default\user.js ... Deleted ! Deleted : user_pref("CT2851643..clientLogIsEnabled", false); Deleted : user_pref("CT2851643..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...] Deleted : user_pref("CT2851643..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...] Deleted : user_pref("CT2851643.ALLOW_SHOWING_HIDDEN_TOOLBAR", false); Deleted : user_pref("CT2851643.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Deleted : user_pref("CT2851643.CTID", "CT2851643"); Deleted : user_pref("CT2851643.CurrentServerDate", "4-9-2012"); Deleted : user_pref("CT2851643.DSChangedManually", false); Deleted : user_pref("CT2851643.DSInstall", true); Deleted : user_pref("CT2851643.DialogsAlignMode", "LTR"); Deleted : user_pref("CT2851643.DialogsGetterLastCheckTime", "Mon Sep 03 2012 22:48:07 GMT-0300 (Hora oficial d[...] Deleted : user_pref("CT2851643.DownloadReferralCookieData", ""); Deleted : user_pref("CT2851643.EMailNotifierPollDate", "Tue Sep 04 2012 00:08:07 GMT-0300 (Hora oficial do Bra[...] Deleted : user_pref("CT2851643.FeedLastCount1733423638652034402", 407); Deleted : user_pref("CT2851643.FeedPollDate2429156812186649977", "Mon Sep 03 2012 23:48:08 GMT-0300 (Hora ofic[...] Deleted : user_pref("CT2851643.FeedPollDate2429156813040823546", "Mon Sep 03 2012 23:48:08 GMT-0300 (Hora ofic[...] Deleted : user_pref("CT2851643.FeedPollDate2429156813130095866", "Mon Sep 03 2012 23:48:07 GMT-0300 (Hora ofic[...] Deleted : user_pref("CT2851643.FeedPollDate2429156813224203613", "Mon Sep 03 2012 23:48:07 GMT-0300 (Hora ofic[...] Deleted : user_pref("CT2851643.FeedPollDate2429156813230837251", "Mon Sep 03 2012 23:48:08 GMT-0300 (Hora ofic[...] Deleted : user_pref("CT2851643.FeedPollDate2429156813454291735", "Mon Sep 03 2012 23:48:08 GMT-0300 (Hora ofic[...] Deleted : user_pref("CT2851643.FeedPollDate2429156813729834876", "Mon Sep 03 2012 23:48:07 GMT-0300 (Hora ofic[...] Deleted : user_pref("CT2851643.FeedPollDate2429156813860870021", "Mon Sep 03 2012 23:48:08 GMT-0300 (Hora ofic[...] Deleted : user_pref("CT2851643.FeedPollDate2429156814264681793", "Mon Sep 03 2012 23:48:08 GMT-0300 (Hora ofic[...] Deleted : user_pref("CT2851643.FeedPollDate2429156814863075366", "Mon Sep 03 2012 23:48:08 GMT-0300 (Hora ofic[...] Deleted : user_pref("CT2851643.FeedPollDate2429156815257761081", "Mon Sep 03 2012 23:48:07 GMT-0300 (Hora ofic[...] Deleted : user_pref("CT2851643.FeedTTL2429156813040823546", 15); Deleted : user_pref("CT2851643.FeedTTL2429156813130095866", 10); Deleted : user_pref("CT2851643.FeedTTL2429156813454291735", 5); Deleted : user_pref("CT2851643.FeedTTL2429156814264681793", 5); Deleted : user_pref("CT2851643.FirstServerDate", "18-7-2012"); Deleted : user_pref("CT2851643.FirstTime", true); Deleted : user_pref("CT2851643.FirstTimeFF3", true); Deleted : user_pref("CT2851643.FirstTimeHiddenVer", true); Deleted : user_pref("CT2851643.FixPageNotFoundErrors", true); Deleted : user_pref("CT2851643.GroupingServerCheckInterval", 1440); Deleted : user_pref("CT2851643.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Deleted : user_pref("CT2851643.HPInstall", false); Deleted : user_pref("CT2851643.HPProtectChoice", true); Deleted : user_pref("CT2851643.HPProtectCount", 1); Deleted : user_pref("CT2851643.HasUserGlobalKeys", true); Deleted : user_pref("CT2851643.HomePageProtectorEnabled", false); Deleted : user_pref("CT2851643.HomepageBeforeUnload", "hxxp://search.babylon.com/?affID=113752&tt=060612_5_&ba[...] Deleted : user_pref("CT2851643.Initialize", true); Deleted : user_pref("CT2851643.InitializeCommonPrefs", true); Deleted : user_pref("CT2851643.InstallationAndCookieDataSentCount", 3); Deleted : user_pref("CT2851643.InstallationId", "fftFA70.tmp.exe"); Deleted : user_pref("CT2851643.InstallationType", "XPE"); Deleted : user_pref("CT2851643.InstalledDate", "Wed Jul 18 2012 10:58:33 GMT-0300 (Hora oficial do Brasil)"); Deleted : user_pref("CT2851643.IsAlertDBUpdated", true); Deleted : user_pref("CT2851643.IsGrouping", false); Deleted : user_pref("CT2851643.IsInitSetupIni", true); Deleted : user_pref("CT2851643.IsMulticommunity", false); Deleted : user_pref("CT2851643.IsOpenThankYouPage", true); Deleted : user_pref("CT2851643.IsOpenUninstallPage", false); Deleted : user_pref("CT2851643.IsProtectorsInit", true); Deleted : user_pref("CT2851643.LanguagePackLastCheckTime", "Mon Sep 03 2012 22:48:07 GMT-0300 (Hora oficial do[...] Deleted : user_pref("CT2851643.LanguagePackReloadIntervalMM", 1440); Deleted : user_pref("CT2851643.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Deleted : user_pref("CT2851643.LastLogin_3.13.0.6", "Wed Jul 18 2012 10:58:37 GMT-0300 (Hora oficial do Brasil[...] Deleted : user_pref("CT2851643.LastLogin_3.14.1.0", "Mon Sep 03 2012 22:48:07 GMT-0300 (Hora oficial do Brasil[...] Deleted : user_pref("CT2851643.LatestVersion", "3.14.1.0"); Deleted : user_pref("CT2851643.Locale", "pt"); Deleted : user_pref("CT2851643.MCDetectTooltipHeight", "83"); Deleted : user_pref("CT2851643.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Deleted : user_pref("CT2851643.MCDetectTooltipWidth", "295"); Deleted : user_pref("CT2851643.MyStuffEnabledAtInstallation", true); Deleted : user_pref("CT2851643.OriginalFirstVersion", "3.13.0.6"); Deleted : user_pref("CT2851643.SearchCaption", "uTorrentBar_PT Customized Web Search"); Deleted : user_pref("CT2851643.SearchEngineBeforeUnload", "Search the web (Babylon)"); Deleted : user_pref("CT2851643.SearchFromAddressBarIsInit", true); Deleted : user_pref("CT2851643.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT285[...] Deleted : user_pref("CT2851643.SearchInNewTabEnabled", true); Deleted : user_pref("CT2851643.SearchInNewTabIntervalMM", 1440); Deleted : user_pref("CT2851643.SearchInNewTabLastCheckTime", "Mon Sep 03 2012 22:48:06 GMT-0300 (Hora oficial [...] Deleted : user_pref("CT2851643.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Deleted : user_pref("CT2851643.SearchProtectorEnabled", true); Deleted : user_pref("CT2851643.SearchProtectorToolbarDisabled", false); Deleted : user_pref("CT2851643.SendProtectorDataViaLogin", true); Deleted : user_pref("CT2851643.ServiceMapLastCheckTime", "Mon Sep 03 2012 22:48:06 GMT-0300 (Hora oficial do B[...] Deleted : user_pref("CT2851643.SettingsLastCheckTime", "Mon Sep 03 2012 22:48:05 GMT-0300 (Hora oficial do Bra[...] Deleted : user_pref("CT2851643.SettingsLastUpdate", "1346671771"); Deleted : user_pref("CT2851643.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2851643&SearchSource=13"); Deleted : user_pref("CT2851643.ThirdPartyComponentsInterval", 504); Deleted : user_pref("CT2851643.ThirdPartyComponentsLastCheck", "Mon Sep 03 2012 22:48:05 GMT-0300 (Hora oficia[...] Deleted : user_pref("CT2851643.ThirdPartyComponentsLastUpdate", "1331806008"); Deleted : user_pref("CT2851643.ToolbarShrinkedFromSetup", false); Deleted : user_pref("CT2851643.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2851643"); Deleted : user_pref("CT2851643.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...] Deleted : user_pref("CT2851643.UserID", "UN70314256599015663"); Deleted : user_pref("CT2851643.WeatherNetwork", ""); Deleted : user_pref("CT2851643.WeatherPollDate", "Mon Sep 03 2012 23:48:20 GMT-0300 (Hora oficial do Brasil)")[...] Deleted : user_pref("CT2851643.WeatherUnit", "C"); Deleted : user_pref("CT2851643.alertChannelId", "1243677"); Deleted : user_pref("CT2851643.autoDisableScopes", -1); Deleted : user_pref("CT2851643.backendstorage.cbcountry_001", "4252"); Deleted : user_pref("CT2851643.backendstorage.cbfirsttime", "576564204A756C20313820323031322031303A35383A33372[...] Deleted : user_pref("CT2851643.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...] Deleted : user_pref("CT2851643.backendstorage.url_history0001", "687474703A2F2F7777772E61706F696F6D65746F646F7[...] Deleted : user_pref("CT2851643.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...] Deleted : user_pref("CT2851643.globalFirstTimeInfoLastCheckTime", "Mon Sep 03 2012 22:48:07 GMT-0300 (Hora ofi[...] Deleted : user_pref("CT2851643.homepageProtectorEnableByLogin", true); Deleted : user_pref("CT2851643.initDone", true); Deleted : user_pref("CT2851643.isAppTrackingManagerOn", false); Deleted : user_pref("CT2851643.myStuffEnabled", true); Deleted : user_pref("CT2851643.myStuffPublihserMinWidth", 400); Deleted : user_pref("CT2851643.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Deleted : user_pref("CT2851643.myStuffServiceIntervalMM", 1440); Deleted : user_pref("CT2851643.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Deleted : user_pref("CT2851643.navigateToUrlOnSearch", false); Deleted : user_pref("CT2851643.oldAppsList", "129351530870587943,129351530870900444,1000234,129791406994403775[...] Deleted : user_pref("CT2851643.revertSettingsEnabled", true); Deleted : user_pref("CT2851643.searchProtectorDialogDelayInSec", 10); Deleted : user_pref("CT2851643.searchProtectorEnableByLogin", true); Deleted : user_pref("CT2851643.testingCtid", ""); Deleted : user_pref("CT2851643.toolbarAppMetaDataLastCheckTime", "Mon Sep 03 2012 22:48:07 GMT-0300 (Hora ofic[...] Deleted : user_pref("CT2851643.toolbarContextMenuLastCheckTime", "Mon Sep 03 2012 22:48:07 GMT-0300 (Hora ofic[...] Deleted : user_pref("CT2851643.usagesFlag", 2); Deleted : user_pref("CommunityToolbar.ConduitSearchList", "uTorrentBar_PT Customized Web Search"); Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2851643/CT2851643[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2851643", [...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2851643",[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=pt", "\"339[...] Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Administrador\\AppData\\Roaming\\Mo[...] Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.14.1.0"); Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.babylon.com/?affID=113752&[...] Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2851643"); Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2851643"); Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2851643"); Deleted : user_pref("CommunityToolbar.globalUserId", "0299722d-3333-4979-8302-0109c51a4bcc"); Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2851643"); Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Sep 03 2012 22:48:1[...] Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", false); Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com"); Deleted : user_pref("CommunityToolbar.notifications.locale", "en"); Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Sep 03 2012 22:48:09 GMT-0300 (H[...] Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611"); Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com"); Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false); Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); Deleted : user_pref("CommunityToolbar.notifications.userId", "6ba80899-5aac-4868-bcba-2df9341e316e"); Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://search.babylon.com/?affID=113752&tt=060612_5_[...] Deleted : user_pref("CommunityToolbar.originalSearchEngine", "Search the web (Babylon)"); Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com"); Deleted : user_pref("browser.search.defaultengine", "Ask.com"); Deleted : user_pref("browser.search.defaultenginename", "Search the web (Babylon)"); Deleted : user_pref("browser.search.defaultthis.engineName", "uTorrentBar_PT Customized Web Search"); Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851643&Sea[...] Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)"); Deleted : user_pref("browser.search.selectedEngine", "Search the web (Babylon)"); Deleted : user_pref("browser.startup.homepage", "hxxp://search.babylon.com/?affID=113752&tt=060612_5_&babsrc=H[...] Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst"); Deleted : user_pref("extensions.BabylonToolbar.babTrack", "affID=113752&tt=060612_5_"); Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 3); Deleted : user_pref("extensions.BabylonToolbar.cntry", "BR"); Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en"); Deleted : user_pref("extensions.BabylonToolbar.dfltSrch", true); Deleted : user_pref("extensions.BabylonToolbar.firstRun", false); Deleted : user_pref("extensions.BabylonToolbar.hdrMd5", "47796743CD021145551DD3F9A9010FCA"); Deleted : user_pref("extensions.BabylonToolbar.hmpg", true); Deleted : user_pref("extensions.BabylonToolbar.id", "ac067168000000000000000000000000"); Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15507"); Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst"); Deleted : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?affID=113752&tt=060612[...] Deleted : user_pref("extensions.BabylonToolbar.lastActv", "10"); Deleted : user_pref("extensions.BabylonToolbar.lastDP", 3); Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.170:47:27"); Deleted : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "8.0"); Deleted : user_pref("extensions.BabylonToolbar.newTab", true); Deleted : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?affID=113752&tt=060612_[...] Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); Deleted : user_pref("extensions.BabylonToolbar.propectorlck", 85288123); Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 1); Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 1); Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); Deleted : user_pref("extensions.BabylonToolbar.ptch_0717", true); Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "none"); Deleted : user_pref("extensions.BabylonToolbar.srcExt", "ss"); Deleted : user_pref("extensions.BabylonToolbar.srchPrvdr", "Search the web (Babylon)"); Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base"); Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17"); Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.170:47:27"); Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=113752&tt=060612_5_"); Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "ac067168000000000000000000000000"); Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15507"); Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.170:47:27"); Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); Deleted : user_pref("extensions.enabledAddons", "{87F8774F-B485-47E2-A755-A40A8A5E886C}:2.12.0.9.80,ffxtlbr@ba[...] Deleted : user_pref("extensions.mywebsearch.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensea[...] Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true); Deleted : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://www.bing.com/search?FORM=IEFM1&q="); Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851643&SearchSource=2&q=[...] -\\ Google Chrome v [unable to get version] File : C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Preferences Deleted [l.13] : homepage = "hxxp://search.babylon.com/?affID=113752&tt=060612_5_&babsrc=HP_ss&mntrId=ac067168000000000000000000000000", Deleted [l.53] : icon_url = "hxxp://search.conduit.com/fav.ico", Deleted [l.56] : keyword = "search.conduit.com", Deleted [l.59] : search_url = "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT2851643", Deleted [l.60] : suggest_url = "hxxp://search.conduit.com/" Deleted [l.1472] : homepage = "hxxp://search.babylon.com/?affID=113752&tt=060612_5_&babsrc=HP_ss&mntrId=ac067168000000000000000000000000", ************************* AdwCleaner[s1].txt - [24469 octets] - [12/09/2012 11:18:00] ########## EOF - C:\AdwCleaner[s1].txt - [24530 octets] ########## Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Setembro 12, 2012 :seta: Execute o AdwCleaner e clique [uninstall] :seta: Delete o DDS e seus relatórios :seta: Instale o JetClean *Clique Windows Clean e selecione: DNS Cache Old Prefetch Data *Clique Apps Clean e selecione Cookies dos seus navegadores *Clique na seta ao lado de [scan Now] e selecione Scan & Repair *Aguarde o término e feche o programa Informe se resolveu Compartilhar este post Link para o post Compartilhar em outros sites
Alan Klen 0 Denunciar post Postado Setembro 15, 2012 Ola, minha amiga fez isso, ela disse que agora até que está rapido em algumas coisas, só os videos e musicas que ficam dando umas travadinhas. Se ainda há algo mais a fazer pode dizer. Mas se nao pode-se fazer mais, ja agradeço ajudou bastante. Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Setembro 15, 2012 :seta: Execute o AdwCleaner e clique [uninstall] :seta: Baixe novamente o OTL e siga as orientações que solicitei. Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Setembro 25, 2012 Tópico Arquivado Como o autor não respondeu por mais de 10 dias, o tópico foi arquivado. Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura. Compartilhar este post Link para o post Compartilhar em outros sites
