Ionara 2 Denunciar post Postado Abril 28, 2013 Boa noite, o IE está travando todo tempo, não consigo finalizar atividades, sou obrigada a finalizar... segue log Logfile of Trend Micro HijackThis v2.0.4Scan saved at 20:19:34, on 28/04/2013Platform: Windows 7 (WinNT 6.00.3504)MSIE: Internet Explorer v8.00 (8.00.7600.17267)Boot mode: Normal Running processes:C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files (x86)\4t Tray Minimizer\4t-min.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Nara\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchou.com/?affil=7&uid=331e2fbe-8e50-11e2-b0dd-c89cdc468333R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =F2 - REG:system.ini: UserInit=userinit.exe,O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLLO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLLO2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllO4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeO4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -rO4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /minO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServicesO4 - Startup: 4t Tray Minimizer.lnk = C:\Program Files (x86)\4t Tray Minimizer\4t-min.exeO4 - Startup: _uninst_.lnk = C:\Users\Nara\AppData\Local\Temp\_uninst_.batO8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO12 - Plugin for .spop: C:\Program Files (x86)\Internet Explorer\Plugins\NPDocBox.dllO15 - Trusted Zone: imagem.caixa.gov.brO15 - Trusted Zone: internetbanking.caixa.gov.brO15 - Trusted Zone: www.caixa.gov.brO16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.2.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLLO18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLO20 - Winlogon Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dllO23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: Avira Programador (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exeO23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exeO23 - Service: Serviço do Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeO23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeO23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeO23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeO23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --End of file - 10153 bytes Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Abril 28, 2013 Olá Ionara :seta: Baixe o AdwCleaner (...de Xplode) e salve-o no Desktop (Área de Trabalho)*Execute-o e clique [Remover]*Salve qualquer trabalho aberto e clique [OK]*Caso seja solicitada a reinicialização do PC, clique [OK] para reiniciar*Cole o relatório apresentado Compartilhar este post Link para o post Compartilhar em outros sites
Ionara 2 Denunciar post Postado Abril 30, 2013 Boa noite, Segue relatório, # AdwCleaner v2.300 - Relatório criado em 29/04/2013 às 21:50:57# Atualizado em 28/04/2013 por Xplode# Sistema Operacional : Windows 7 Home Premium (64 bits)# Usuário : Nara - CASA-PC# Modo de Boot : Normal# Executado de : C:\Users\Nara\Desktop\AdwCleaner.exe# Opção [Remover]***** [serviços] ********** [Arquivos/Pastas] *****Arquivo Removido : C:\Users\Nara\AppData\Local\Temp\Uninstall.exePasta Removido : C:\ProgramData\clsoft ltdPasta Removido : C:\ProgramData\InstallMate***** [Registro] *****Chave Removida : HKCU\Software\AppDataLow\SProtectorChave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}Chave Removida : HKCU\Software\SoftonicChave Removida : HKCU\Software\StartSearchChave Removida : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}Chave Removida : HKLM\Software\SP GlobalChave Removida : HKLM\Software\SProtectorChave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Chave Removida : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Chave Removida : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Valor Removida : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]***** [Navegadores] *****-\\ Internet Explorer v8.0.7600.17267[OK] Registro está limpo.-\\ Mozilla Firefox v20.0.1 (pt-BR)Arquivo : C:\Users\Nara\AppData\Roaming\Mozilla\Firefox\Profiles\4ej3vhqz.default\prefs.jsRemovida : user_pref("aol_toolbar.default.homepage.check", false);Removida : user_pref("aol_toolbar.default.search.check", false);Removida : user_pref("extensions.BabylonToolbar.prtkDS", 0);Removida : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);Removida : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");Removida : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");Removida : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");Removida : user_pref("sweetim.toolbar.previous.keyword.URL", "");Removida : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");Removida : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");Removida : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");Removida : user_pref("sweetim.toolbar.searchguard.enable", "");-\\ Google Chrome v26.0.1410.64Arquivo : C:\Users\casa\AppData\Local\Google\Chrome\User Data\Default\Preferences[OK] Arquivo está limpo.Arquivo : C:\Users\Nara\AppData\Local\Google\Chrome\User Data\Default\Preferences[OK] Arquivo está limpo.*************************AdwCleaner[s1].txt - [321 octets] - [29/04/2013 21:50:12]AdwCleaner[s2].txt - [3359 octets] - [29/04/2013 21:50:57]########## EOF - C:\AdwCleaner[s2].txt - [3419 octets] ########## Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Abril 30, 2013 Boa noite.. :seta: Execute o AdwCleaner, clique [Desinstalar] > [sim] :seta: Baixe o OTL (...de OldTimer) e salve-o no Desktop (Área de Trabalho)*Execute-o e selecione:Verificar All UsersIgnorar Arquivos MicrosoftVerificar LopVerificar Purity*Clique [Verificar]*Ao término, os relatórios OTL.txt e Extras.txt serão criados no Desktop (Área de Trabalho):veja: Acesse este link*Clique [selecionar arquivo...]*Localize o relatório OTL.txt, no Desktop, e clique [Abrir]*Selecione 4 jours*Clique [Créer le lien Cjoint]*Cole o link criado ao lado de Le lien a été créé:*Repita o procedimento para o relatório Extras.txt e cole o link Compartilhar este post Link para o post Compartilhar em outros sites
Ionara 2 Denunciar post Postado Maio 2, 2013 Boa noite, segue link OLT http://cjoint.com/confirm.php?cjoint=3Edb0Cn0QpR e Extras http://cjoint.com/confirm.php?cjoint=3Edb2fnOW3z Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Maio 6, 2013 Boa noite... :seta: Baixe o Junkware Removal Tool (...de Oleg N. Scherbakov) e salve-o no Desktop (Área de Trabalho)*Não esqueça!!! -> Feche o seu navegador (Firefox, IE, Google Chrome)*Execute-o e tecle [ENTER]*Será feito um backup do registro e, em seguida, o programa será executado automaticamente*Aguarde...pode demorar.*Cole o relatório apresentado :seta: Desinstale Java 6 Update 31:seta: Instale a última versão do Java :seta: Execute o OTL*Clique [Limpeza] > [OK]*O PC será reiniciado :seta: Informe como está o PC. Compartilhar este post Link para o post Compartilhar em outros sites
Ionara 2 Denunciar post Postado Maio 7, 2013 Segue relatório JRT logo abaixo, o IE não está mais travando... resolveu, obrigada, ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 4.9.4 (05.06.2013:1)OS: Windows 7 Home Premium x64Ran by Nara on 06/05/2013 at 20:28:32,89~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Services~~~ Registry ValuesSuccessfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start PageSuccessfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayNameSuccessfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL~~~ Registry Keys~~~ Files~~~ Folders~~~ FireFoxSuccessfully deleted: [File] C:\Users\Nara\AppData\Roaming\mozilla\firefox\profiles\4ej3vhqz.default\user.jsSuccessfully deleted the following from C:\Users\Nara\AppData\Roaming\mozilla\firefox\profiles\4ej3vhqz.default\prefs.jsuser_pref("browser.search.defaultengine", "Privitize VPN");user_pref("browser.search.defaultenginename", "Privitize VPN");user_pref("browser.search.order.1", "Privitize VPN");user_pref("keyword.URL", "hxxp://searchou.com/?affil=7&uid=331e2fbe-8e50-11e2-b0dd-c89cdc468333&q=");Emptied folder: C:\Users\Nara\AppData\Roaming\mozilla\firefox\profiles\4ej3vhqz.default\minidumps [80 files]~~~ Event Viewer Logs were cleared~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on 06/05/2013 at 20:31:03,22End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Maio 7, 2013 PROBLEMA RESOLVIDO Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico. Compartilhar este post Link para o post Compartilhar em outros sites
