Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

Eliza Mizziara

[Resolvido] &nbspNão é um aplicativo win32 válido

Recommended Posts

Olá Eliza Mizziara

 

 

:seta: Baixe o OTL (...de Old_Timer) e salve-o no Desktop (Área de Trabalho)

*Execute-o. Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar Executar como administrador

*Selecione:

Verificar All Users
Ignorar Arquivos Microsoft
Verificar Lop
Verificar Purity



adzi0S6A.jpg

*Clique [Verificar]

acsbhsEE.jpg

*Ao término, os relatórios OTL.txt e Extras.txt serão criados no Desktop (Área de Trabalho)

 

 

:seta: Acesse http://mydoc.tk/'>este link

*Clique [selecionar arquivo]

*Localize o arquivo OTL.txt no Desktop (Área de Trabalho)

*Clique [Abrir] > [Envoyer le fichier]

*Cole o endereço criado abaixo de Fichier envoyé avec succés! Copiez votre lien :

*Repita o procedimento para o relatório Extras.txt e cole o link

Compartilhar este post


Link para o post
Compartilhar em outros sites

:seta: Você informou ter desinstalado o Norton. Porém, segundo seus relatórios, o Norton Internet Security ainda encontra-se instalado no seu PC. Para desinstalar, siga os passos abaixo:

 

*Baixe o Norton Removal Tool e salve-o no Desktop (Área de Trabalho)

 

*Execute-o. Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no ícone e selecionar Executar como administrador

 

*Siga as orientações e ao término da desinstalação, reinicie o PC

 

 

:seta: Baixe o http://download.bleepingcomputer.com/Xplode/AdwCleaner.exe'>AdwCleaner (...de Xplode) e salve-o no Desktop (Área de Trabalho)

*Execute-o. Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar Executar como administrador

http://imgbox.com/abvqYOFP'>abvqYOFP.jpg

 

*Clique [Delete]. Em alguns casos, o PC será reiniciado para a completa remoção. Clique [OK] para reiniciar.

*Cole o relatório apresentado

 

 

:seta: Instale o http://www.malwarebytes.org/mbam-download-exe.php'>MalwareBytes

*Aguarde a atualização e o programa será aberto automaticamente

*Selecione [Verificação Rápida]

http://imgbox.com/abjPf7xq'>abjPf7xq.jpg

*Clique [Verificar]

*Ao término, clique [OK] > [Ver Resultados] > [Remover Selecionados]

*Cole o relatório apresentado

Compartilhar este post


Link para o post
Compartilhar em outros sites

E o malwarebytes tb nao encontrou nada, eu to usando o MSE como antivírus agora, ele encontrou um vírus e mandou pra quarentena

 

 

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org
Versão da Base de Dados: v2013.01.21.05
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Heisa :: ELIZA-WIN [administrador]
Proteção: Permitir
21/01/2013 13:25:29
mbam-log-2013-01-21 (13-25-29).txt
Tipo de Verificação: Verificação Rápida
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 257063
Tempo decorrido: 24 minuto(s), 41 segundo(s)
Processos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)
Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)
Chaves de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
Valores de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
Pastas Detectadas: 0
(Não foram detectados ítens maliciosos)
Arquivos Detectados: 0
(Não foram detectados ítens maliciosos)
(fim)
------------------------------------------------------------------------------------------------------------
# AdwCleaner v2.106 - Logfile created 01/21/2013 at 13:14:53
# Updated 17/01/2013 by Xplode
# Operating system : Windows 7 Starter Service Pack 1 (32 bits)
# User : Heisa - ELIZA-WIN
# Boot Mode : Normal
# Running from : C:\Users\eliza\Desktop\AdwCleaner.exe
# Option [Delete]
***** [services] *****
Stopped & Deleted : IB Updater
Stopped & Deleted : IBUpdaterService
***** [Files / Folders] *****
File Deleted : \user.js
File Deleted : C:\Users\Admin\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Admin\Desktop\Check for Updates.lnk
File Deleted : C:\Windows\system32\dmwu.exe
File Deleted : C:\Windows\system32\ImhxxpComm.dll
Folder Deleted : C:\Program Files\Common Files\Umbrella
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\FilesFrog Update Checker
Folder Deleted : C:\Program Files\IB Updater
Folder Deleted : C:\Program Files\Iminent
Folder Deleted : C:\Program Files\uTorrentBar_PT
Folder Deleted : C:\Program Files\Yontoo
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\Zoomex
Folder Deleted : C:\Users\Admin\AppData\Local\Conduit
Folder Deleted : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdebcffgnijbblbinknkbefciofebcda
Folder Deleted : C:\Users\Admin\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Admin\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Admin\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Admin\AppData\LocalLow\uTorrentBar_PT
Folder Deleted : C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Folder Deleted : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar
Folder Deleted : C:\Windows\system32\WNLT
***** [Registry] *****
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentBar_PT
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Complitly
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Google\Chrome\Extensions\mdebcffgnijbblbinknkbefciofebcda
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E0301295-AB3E-4AF3-979F-3D453C5F9F48}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E0301295-AB3E-4AF3-979F-3D453C5F9F48}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Somoto
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{075FB993-E0E5-42BC-9558-BE07965E184A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0301295-AB3E-4AF3-979F-3D453C5F9F48}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2851643
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mdebcffgnijbblbinknkbefciofebcda
Key Deleted : HKLM\Software\IB Updater
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{650B204E-0C93-4096-92C2-BBE354F7FC26}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DEB75227-7765-4A4C-9E7A-826FF185A22F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0301295-AB3E-4AF3-979F-3D453C5F9F48}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{075FB993-E0E5-42BC-9558-BE07965E184A}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\5a7584a730a2d892214c3d12382ecbf4
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuickStores-Toolbar_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_PT Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Key Deleted : HKLM\Software\uTorrentBar_PT
Key Deleted : HKLM\Software\WNLT
Key Deleted : HKU\S-1-5-21-2732444099-401526107-414559420-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKU\S-1-5-21-2732444099-401526107-414559420-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKU\S-1-5-21-2732444099-401526107-414559420-1000\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E0301295-AB3E-4AF3-979F-3D453C5F9F48}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{E0301295-AB3E-4AF3-979F-3D453C5F9F48}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{E0301295-AB3E-4AF3-979F-3D453C5F9F48}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{E0301295-AB3E-4AF3-979F-3D453C5F9F48}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
***** [internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16457
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://mystart.incredibar.com/mb201?a=6PQVIoUWmY&i=26 --> hxxp://www.google.com
-\\ Google Chrome v [unable to get version]
File : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
File : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
File : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
File : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[s1].txt - [14115 octets] - [21/01/2013 13:14:53]
########## EOF - \AdwCleaner[s1].txt - [14176 octets] ##########

Compartilhar este post


Link para o post
Compartilhar em outros sites

:seta: Execute o AdwCleaner, clique [uninstall] > [sim]

adhhz9KZ.jpg

 

 

*Desative temporariamente seu antivírus

:seta: Baixe o ComboFix (...de sUBs) e salve-o no Desktop (Área de Trabalho)

*Execute-o. Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar Executar como administrador

*Aceite o contrato

aag8OIvd.jpg

*Aguarde a extração dos arquivos

aatrYiR0.jpg

*Aguarde a conclusão das etapas...pode demorar!

aadiHyHA.jpg

*Evite usar o mouse e o teclado. Não use nenhum outro programa até que o ComboFix termine![/b]

*Aguarde o término e cole o relatório apresentado

Compartilhar este post


Link para o post
Compartilhar em outros sites
ComboFix 13-01-21.01 - Heisa 21/01/2013 14:56:11.1.2 - x86

Microsoft Windows 7 Starter 6.1.7601.1.1252.55.1046.18.2013.951 [GMT -2:00]

Executando de: c:\users\eliza\Desktop\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}

SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\Install.exe

C:\prefs.js

.

.

(((((((((((((((( Arquivos/Ficheiros criados de 2012-12-21 to 2013-01-21 ))))))))))))))))))))))))))))

.

.

2013-01-21 15:30 . 2013-01-21 15:30 -------- d-----w- c:\program files\Electronic Arts

2013-01-21 15:24 . 2013-01-21 15:24 -------- d-----w- c:\users\eliza\AppData\Roaming\Malwarebytes

2013-01-21 15:24 . 2013-01-21 15:24 -------- d-----w- c:\users\Admin\AppData\Roaming\Malwarebytes

2013-01-21 15:24 . 2013-01-21 15:24 -------- d-----w- c:\programdata\Malwarebytes

2013-01-21 15:24 . 2013-01-21 15:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-01-21 15:24 . 2012-12-14 18:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-01-21 15:23 . 2013-01-21 15:23 -------- d-----w- c:\users\Admin\AppData\Local\Programs

2013-01-21 15:21 . 2013-01-21 15:21 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A6E6D56F-CDF7-4129-BA12-E579E709CBA3}\MpKslb5e44c7d.sys

2013-01-20 18:41 . 2013-01-07 22:57 6991832 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A6E6D56F-CDF7-4129-BA12-E579E709CBA3}\mpengine.dll

2013-01-19 17:07 . 2013-01-07 22:57 6991832 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-01-19 17:07 . 2012-01-31 12:44 237072 ------w- c:\windows\system32\MpSigStub.exe

2013-01-19 17:05 . 2012-10-23 08:04 740840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EA621C84-A520-40F6-A033-F9189E11D60C}\gapaengine.dll

2013-01-19 16:46 . 2013-01-19 16:47 -------- d-----w- c:\program files\Microsoft Security Client

2013-01-19 15:03 . 2013-01-19 15:03 -------- d-----w- c:\programdata\EA Core

2013-01-16 19:44 . 2013-01-16 19:45 -------- d-----w- c:\users\eliza\AppData\Roaming\SPORE

2013-01-16 19:37 . 2013-01-16 19:37 -------- d--h--r- c:\users\eliza\AppData\Roaming\SecuROM

2013-01-16 15:07 . 2013-01-16 15:07 -------- d-----w- c:\users\Admin\AppData\Local\Adobe

2013-01-15 17:57 . 2013-01-15 17:57 -------- d-----w- c:\users\eliza\AppData\Local\Macromedia

2013-01-15 17:54 . 2013-01-15 17:57 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-01-15 17:54 . 2013-01-15 17:57 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-01-13 21:37 . 2013-01-13 21:37 -------- d-----w- c:\program files\Unlockroot

2013-01-13 21:34 . 2011-05-13 23:17 632656 ----a-w- c:\windows\system32\msvcr80.dll

2013-01-13 21:34 . 2011-05-13 23:17 479232 ----a-w- c:\windows\system32\msvcm80.dll

2013-01-13 21:34 . 2011-05-13 23:17 554832 ----a-w- c:\windows\system32\msvcp80.dll

2013-01-13 21:34 . 2013-01-19 13:58 -------- d-----w- c:\windows\system32\ARFC

2013-01-13 21:13 . 2013-01-13 21:13 -------- d-----w- c:\program files\RocketDock

2013-01-09 13:37 . 2012-11-22 04:45 626688 ----a-w- c:\windows\system32\usp10.dll

2013-01-09 13:37 . 2012-11-23 02:56 2345984 ----a-w- c:\windows\system32\win32k.sys

2013-01-09 13:37 . 2012-11-09 04:43 492032 ----a-w- c:\windows\system32\win32spl.dll

2013-01-09 13:34 . 2012-12-07 10:46 43520 ----a-w- c:\windows\system32\csrr.rs

2013-01-05 02:46 . 2013-01-05 02:46 0 ----a-w- c:\windows\system32\sho34D4.tmp

2013-01-01 18:21 . 2013-01-01 18:21 -------- d-----w- c:\users\Admin\AppData\Roaming\WinAVI

2013-01-01 18:21 . 2013-01-01 18:21 -------- d-----w- c:\users\Admin\AppData\Local\WinAVI

2013-01-01 18:21 . 2013-01-01 18:27 -------- d-----w- c:\program files\WinAVI

2012-12-31 01:09 . 2012-12-31 01:10 -------- d-----w- c:\users\Admin\AppData\Roaming\PhotoScape

.

.

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-12-16 14:13 . 2012-12-21 11:14 295424 ----a-w- c:\windows\system32\atmfd.dll

2012-12-16 14:13 . 2012-12-21 11:14 34304 ----a-w- c:\windows\system32\atmlib.dll

2012-12-12 23:32 . 2012-12-12 23:32 0 ----a-w- c:\windows\system32\shoCD5C.tmp

2012-12-04 18:12 . 2012-12-04 18:12 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys

2012-11-14 02:09 . 2012-12-13 00:11 1800704 ----a-w- c:\windows\system32\jscript9.dll

2012-11-14 01:58 . 2012-12-13 00:11 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2012-11-14 01:57 . 2012-12-13 00:11 1129472 ----a-w- c:\windows\system32\wininet.dll

2012-11-14 01:49 . 2012-12-13 00:11 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2012-11-14 01:48 . 2012-12-13 00:11 420864 ----a-w- c:\windows\system32\vbscript.dll

2012-11-14 01:44 . 2012-12-13 00:11 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-11-09 04:42 . 2012-12-12 23:41 2048 ----a-w- c:\windows\system32\tzres.dll

2012-11-08 13:29 . 2012-11-08 13:29 1402312 ----a-w- c:\windows\system32\msxml4.dll

2012-11-02 05:11 . 2012-12-12 23:44 376832 ----a-w- c:\windows\system32\dpnet.dll

2012-02-16 15:14 . 2012-02-24 14:20 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por padrão não são apresentadas.

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]

"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2012-12-11 969104]

"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]

"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [bU]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

"RestartNeroSetup"="c:\users\eliza\AppData\Local\Temp\NERO14416\Setupx.exe" [bU]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-09-10 421776]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]

"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"ROC_roc_ssl_v12"="c:\program files\AVG Secure Search\ROC_roc_ssl_v12.exe" [bU]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"unlockrootwqme"="" [bU]

"*Restore"="c:\windows\System32\rstrui.exe" [2010-11-20 262656]

"Malwarebytes Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-12-14 512360]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2012-09-23 280576]

.

c:\users\eliza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

VDownloader.lnk - c:\program files\VDownloader\VDownloader.exe [N/A]

.

c:\users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Gerenciador do HotSync.lnk - c:\program files\palmOne\HOTSYNC.EXE [2004-4-12 299008]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

DataViz Inc Messenger.lnk - c:\program files\Common Files\DataViz\DvzIncMsgr.exe [2012-5-17 24576]

i-PowerXross.lnk - c:\windows\Installer\{F1E25CFC-1243-4210-81B6-0C3D104D7083}\_A694171C7DF4BA79244426.exe [2010-7-23 4286]

OSD.lnk - c:\windows\Installer\{4C2AF428-6E7F-443E-B147-3A8327C2053F}\_B4D89B0D4457FAF2EF30C9.exe [2010-7-23 4286]

Post-it® Software Notes Lite.lnk - c:\program files\3M\PSNLite\PsnLite.exe [2004-10-15 2080768]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"mixer"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]

R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]

R3 fspad_win732;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_win732;c:\windows\system32\DRIVERS\fspad_win732.sys [x]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]

R3 NisSrv;Inspeção de Rede da Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [x]

R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]

R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]

S1 MpKslb5e44c7d;MpKslb5e44c7d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A6E6D56F-CDF7-4129-BA12-E579E709CBA3}\MpKslb5e44c7d.sys [x]

S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]

S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]

S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]

S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [x]

S2 SoilIO;SoilIO; [x]

S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]

S3 JME;JMicron Ethernet Adapter NDIS6 Driver;c:\windows\system32\DRIVERS\JME.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]

S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]

S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]

S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]

S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [x]

S3 soilkbc;soilkbc; [x]

S3 SoilMC;SoilMC; [x]

.

.

--- =Outros Serviços/Drivers Na Memória ---

.

*NewlyCreated* - MBAMPROTECTOR

*NewlyCreated* - MPKSLB5E44C7D

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

.

Conteúdo da pasta 'Tarefas Agendadas'

.

2013-01-21 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-15 17:57]

.

2013-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-22 12:49]

.

2013-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-22 12:49]

.

2013-01-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2732444099-401526107-414559420-1000Core.job

- c:\users\eliza\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-18 14:24]

.

2013-01-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2732444099-401526107-414559420-1000UA.job

- c:\users\eliza\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-18 14:24]

.

.

------- Scan Suplementar -------

.

uStart Page = hxxp://www.google.com

mStart Page = hxxp://search.privitize.com/?aff=7

IE: E&xportar para o Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 189.124.128.33 189.124.128.32

FF - ProfilePath -

.

- - - - ORFÃOS REMOVIDOS - - - -

.

Toolbar-Locked - (no file)

HKCU-Run-SDP - c:\program files\FilesFrog Update Checker\update_checker.exe

HKLM-RunOnce-SPUpdSentinel - c:\program files\Common Files\Umbrella\Umbrella_bkp.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

.

[HKEY_USERS\S-1-5-21-2732444099-401526107-414559420-1000\Software\SecuROM\License information*]

"datasecu"=hex:ff,a0,3d,61,bc,98,59,30,6f,b5,9b,df,ca,1d,66,a2,87,97,5a,80,8c,

dd,cd,9d,44,69,15,4a,9b,4d,2d,fa,b1,90,53,6b,62,f7,98,19,f0,e7,93,81,9c,b2,\

"rkeysecu"=hex:91,b0,40,3d,eb,e0,39,f6,17,98,97,87,9f,90,41,0e

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Tempo para conclusão: 2013-01-21 15:08:36

ComboFix-quarantined-files.txt 2013-01-21 17:08

ComboFix2.txt 2013-01-19 13:09

.

Pré-execução: 218.055.925.760 bytes disponíveis

Pós execução: 218.529.218.560 bytes disponíveis

.

- - End Of File - - 56A271E6025E4A79720B8106680D695E

Compartilhar este post


Link para o post
Compartilhar em outros sites

:seta: Baixe o http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/9-delfix'>DelFix (...de Xplode) e salve-o no Desktop (Área de Trabalho)

*Execute-o. Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar Executar como administrador

http://imgbox.com/aceszP5f'>aceszP5f.jpg

*Clique [Run]

*Cole o relatório apresentado

 

 

:seta: Baixe e instale o Avast

 

 

:seta: Delete o DelFix

 

 

Informe se obteve sucesso.

Compartilhar este post


Link para o post
Compartilhar em outros sites

:seta: Execute o OTL. Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar Executar como administrador

*Clique [Limpeza] > [OK]

*O PC será reiniciado

 

 

:seta: Instale o Avast e informe

Compartilhar este post


Link para o post
Compartilhar em outros sites

Desculpa perguntar mas o que é OTS?

 

É outro programa. Digitei por engano. Já fiz a correçao.

Compartilhar este post


Link para o post
Compartilhar em outros sites

:seta: Ao fazer o procedimento do OTL, tanto o combofix como o OTL serão desinstalados.

 

 

:seta: O Malwarebytes pode manter. É freeware e um excelente programa.

 

 

:seta: Tanto o Avast como o Avira são excelentes. A escolha é sua. Embora possa manter o MSE, recomendo que instale um antivírus.

Compartilhar este post


Link para o post
Compartilhar em outros sites

PROBLEMA RESOLVIDO

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.