[Arquivado] tudo preto

[alyneweb 0]

Precisando de ajuda...

Já passei antivírus, baixei vários programas e nada funciona.

Quando abro o mozilla, o skype e várias outras janelas, aparece tudo preto, não consigo fazer nada, nem baixar arquivos, utilizar programas, etc...
O que fazer????

[DigRam 144]

Bom Dia! alyneweb



|- Leia a http://forum.imasters.com.br/topic/165906-regra-n-02-utilizando-o-hijackthis/'>Regra N° 02 e poste o log do HijackThis,conforme está ali orientado.

A+

[alyneweb 0]

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 17:37:52, on 19/07/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16496)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe

C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe

C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe

C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Users\Alyne\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Alyne\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Alyne\AppData\Local\Google\Chrome\Application\chrome.exe

C:\HijackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/5

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.delta-search.com/?babsrc=HP_ss&mntrId=12C19439E5F25372&affID=119357&tsp=4945

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll

O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"

O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"

O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup

O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot

O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Alyne\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [Google Update] "C:\Users\Alyne\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart

O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Free YouTube Download - C:\Users\Alyne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll

O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/mjss/MJSS.cab109791.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab

O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe

O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe

O23 - Service: Firewall do AVG (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

O23 - Service: Watchdog do AVG (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit (mi-raysat_3dsmax2010_32) - Unknown owner - C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe

O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10102 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: TabletServicePen - Unknown owner - C:\Windows\system32\Pen_Tablet.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: WTouch Service (WTouchService) - Wacom Technology, Corp. - C:\Program Files\WTouch\WTouchService.exe

--

End of file - 15714 bytes

[DigRam 144]

Bom Dia! alyneweb

|- Baixe: < > ( ... par Xplode )

|- Ao acessar,clique na imagem: < >

|- Ps: Se utilizar o navegador IE9,desabilite o filtro "SmartScreen".

|- Salve-o no desktop!

|- Clique direito em adwcleaner.exe,e escolha sua execução como

|- Ps: Dê início ao scan,clicando em "Remover". < >

|- Ao concluir,poste o relatório: C:\AdwCleaner[S1].txt

-/-

|- Baixe: < zoek > ( ... by Smeenk )

|- Ou aqui! < zoek.exe >

|- Salve-o no desktop!

|- Desabilite seu antivírus!

|- Para Windows 7,execute zoek.exe como administrador.

startupall;

autoclean;

filesrcm;

emptyalltemp;

|- Copie e cole estas informações,em vermelho,no campo da ferramenta.

|- Clique "Run Script".

 

Zoek.exe is running now.

Do not start any browser windows, they will be closed automatically.

Please wait! This window will close when finished.

A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log

|- Surgirão estas informações,pedindo-lhe que aguarde o relatório.

|- Aceite e/ou confirme o reboot!

 

zoek.hta failed by unknown error.

 

Restart computer, and try again.

|- Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.

|- Poste o relatório,que estará em C:\zoek-results.txt <<

A+

[alyneweb 0]

# AdwCleaner v2.306 - Relatório criado em 20/07/2013 às 14:06:40

# Atualizado em 19/07/2013 por Xplode

# Sistema Operacional : Windows 7 Home Basic Service Pack 1 (64 bits)

# Usuário : Alyne - ALYNE-PC

# Modo de Boot : Normal

# Executado de : C:\Users\Alyne\Desktop\adwcleaner.exe

# Opção [Remover]

***** [serviços] *****

***** [Arquivos/Pastas] *****

Arquivo Removido : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml

Arquivo Removido : C:\user.js

Arquivo Removido : C:\Users\Alyne\AppData\Roaming\Mozilla\Firefox\Profiles\7qwj73ob.default\searchplugins\Askcom.xml

Arquivo Removido : C:\Users\Alyne\AppData\Roaming\Mozilla\Firefox\Profiles\7qwj73ob.default\searchplugins\Babylon.xml

Arquivo Removido : C:\Users\Alyne\AppData\Roaming\Mozilla\Firefox\Profiles\7qwj73ob.default\searchplugins\delta.xml

Arquivo Removido : C:\Windows\Tasks\DSite.job

Pasta Removido : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB

Pasta Removido : C:\Program Files (x86)\DealPly

Pasta Removido : C:\Program Files (x86)\DealPlyLive

Pasta Removido : C:\Program Files (x86)\Perion

Pasta Removido : C:\ProgramData\Ask

Pasta Removido : C:\ProgramData\AVG Secure Search

Pasta Removido : C:\ProgramData\Babylon

Pasta Removido : C:\ProgramData\boost_interprocess

Pasta Removido : C:\ProgramData\DealPlyLive

Pasta Removido : C:\ProgramData\Tarma Installer

Pasta Removido : C:\Users\Alyne\AppData\Local\DealPlyLive

Pasta Removido : C:\Users\Alyne\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh

Pasta Removido : C:\Users\Alyne\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg

Pasta Removido : C:\Users\Alyne\AppData\Local\lollipop

Pasta Removido : C:\Users\Alyne\AppData\Local\SwvUpdater

Pasta Removido : C:\Users\Alyne\AppData\Roaming\Babylon

Pasta Removido : C:\Users\Alyne\AppData\Roaming\DealPly

Pasta Removido : C:\Users\Alyne\AppData\Roaming\DSite

Pasta Removido : C:\Users\Alyne\AppData\Roaming\dvdvideosoftiehelpers

Pasta Removido : C:\Users\Alyne\AppData\Roaming\Mozilla\Firefox\Profiles\7qwj73ob.default\extensions\ffxtlbr@babylon.com

Pasta Removido : C:\Users\Alyne\AppData\Roaming\yourfiledownloader

***** [Registro] *****

Chave Removida : HKCU\Software\BabSolution

Chave Removida : HKCU\Software\DataMngr

Chave Removida : HKCU\Software\IM

Chave Removida : HKCU\Software\ImInstaller

Chave Removida : HKCU\Software\InstallCore

Chave Removida : HKCU\Software\lollipop

Chave Removida : HKCU\Software\Softonic

Chave Removida : HKCU\Software\YourFileDownloader

Chave Removida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Chave Removida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}

Chave Removida : HKLM\Software\Babylon

Chave Removida : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}

Chave Removida : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Chave Removida : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Chave Removida : HKLM\SOFTWARE\Classes\Prod.cap

Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}

Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Chave Removida : HKLM\Software\DataMngr

Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32

Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS

Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32

Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS

Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32

Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS

Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32

Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS

Chave Removida : HKLM\Software\Web Assistant

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg

Chave Removida : HKLM\Software\YourFileDownloader

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Chave Removida : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd

Chave Removida : HKLM\SOFTWARE\Tarma Installer

Chave Removida : HKLM\SOFTWARE\Web Assistant

Valor Removida : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

***** [Navegadores] *****

-\\ Internet Explorer v9.0.8112.16496

Substituído : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=12C19439E5F25372&affID=119357&tsp=4945 --> hxxp://www.google.com

-\\ Mozilla Firefox v22.0 (pt-BR)

Arquivo : C:\Users\Alyne\AppData\Roaming\Mozilla\Firefox\Profiles\7qwj73ob.default\prefs.js

C:\Users\Alyne\AppData\Roaming\Mozilla\Firefox\Profiles\7qwj73ob.default\user.js ... Removido !

Removida : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");

Removida : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");

Removida : user_pref("extensions.BabylonToolbar_i.babExt", "");

Removida : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112555&tt=220512_53ctrl");

Removida : user_pref("extensions.BabylonToolbar_i.hardId", "12c14d800000000000009439e5f25372");

Removida : user_pref("extensions.BabylonToolbar_i.id", "12c14d800000000000009439e5f25372");

Removida : user_pref("extensions.BabylonToolbar_i.instlDay", "15496");

Removida : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");

Removida : user_pref("extensions.BabylonToolbar_i.newTab", true);

Removida : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=112555&tt=22051[...]

Removida : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");

Removida : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");

Removida : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

Removida : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");

Removida : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");

Removida : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");

Removida : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.172:25:21");

Removida : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");

Removida : user_pref("extensions.delta.admin", false);

Removida : user_pref("extensions.delta.aflt", "babsst");

Removida : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");

Removida : user_pref("extensions.delta.autoRvrt", "false");

Removida : user_pref("extensions.delta.dfltLng", "pt");

Removida : user_pref("extensions.delta.excTlbr", false);

Removida : user_pref("extensions.delta.ffxUnstlRst", true);

Removida : user_pref("extensions.delta.id", "12c14d800000000000009439e5f25372");

Removida : user_pref("extensions.delta.instlDay", "15900");

Removida : user_pref("extensions.delta.instlRef", "sst");

Removida : user_pref("extensions.delta.newTab", false);

Removida : user_pref("extensions.delta.prdct", "delta");

Removida : user_pref("extensions.delta.prtnrId", "delta");

Removida : user_pref("extensions.delta.rvrt", "false");

Removida : user_pref("extensions.delta.smplGrp", "none");

Removida : user_pref("extensions.delta.tlbrId", "base");

Removida : user_pref("extensions.delta.tlbrSrchUrl", "");

Removida : user_pref("extensions.delta.vrsn", "1.8.21.5");

Removida : user_pref("extensions.delta.vrsnTs", "1.8.21.522:53:55");

Removida : user_pref("extensions.delta.vrsni", "1.8.21.5");

Removida : user_pref("extensions.delta_i.babExt", "");

Removida : user_pref("extensions.delta_i.babTrack", "affID=119357&tsp=4943");

Removida : user_pref("extensions.delta_i.srcExt", "ss");

Removida : user_pref("extensions.incredibar.actvtyRptTime", "1343143533552");

Removida : user_pref("extensions.incredibar.admin", false);

Removida : user_pref("extensions.incredibar.aflt", "orgnl");

Removida : user_pref("extensions.incredibar.afterInstallRpt", "sent");

Removida : user_pref("extensions.incredibar.cntry", "BR");

Removida : user_pref("extensions.incredibar.dfltLng", "EN");

Removida : user_pref("extensions.incredibar.dfltSrch", false);

Removida : user_pref("extensions.incredibar.dfltlng", "EN");

Removida : user_pref("extensions.incredibar.dfltsrch", "false");

Removida : user_pref("extensions.incredibar.did", "10671");

Removida : user_pref("extensions.incredibar.envrmnt", "production");

Removida : user_pref("extensions.incredibar.excTlbr", false);

Removida : user_pref("extensions.incredibar.hdrMd5", "B855EDACB064CEAF4243299307F3E68A");

Removida : user_pref("extensions.incredibar.hmpg", false);

Removida : user_pref("extensions.incredibar.hrdid", "0");

Removida : user_pref("extensions.incredibar.id", "12c14d800000000000009439e5f25372");

Removida : user_pref("extensions.incredibar.installerproductid", "26");

Removida : user_pref("extensions.incredibar.instlDay", "15543");

Removida : user_pref("extensions.incredibar.instlRef", "");

Removida : user_pref("extensions.incredibar.instlday", "15543");

Removida : user_pref("extensions.incredibar.instlref", "");

Removida : user_pref("extensions.incredibar.isDcmntCmplt", true);

Removida : user_pref("extensions.incredibar.isdcmntcmplt", "false");

Removida : user_pref("extensions.incredibar.keywordurl", "");

Removida : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1416:19:59");

Removida : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");

Removida : user_pref("extensions.incredibar.newTab", false);

Removida : user_pref("extensions.incredibar.newtab", "false");

Removida : user_pref("extensions.incredibar.newtaburl", "");

Removida : user_pref("extensions.incredibar.noFFXTlbr", false);

Removida : user_pref("extensions.incredibar.ppd", "7777732");

Removida : user_pref("extensions.incredibar.prdct", "incredibar");

Removida : user_pref("extensions.incredibar.productid", "26");

Removida : user_pref("extensions.incredibar.prtnrId", "Incredibar");

Removida : user_pref("extensions.incredibar.prtnrid", "Incredibar");

Removida : user_pref("extensions.incredibar.sg", "none");

Removida : user_pref("extensions.incredibar.smplGrp", "none");

Removida : user_pref("extensions.incredibar.smplgrp", "none");

Removida : user_pref("extensions.incredibar.srch", "");

Removida : user_pref("extensions.incredibar.srchprvdr", "");

Removida : user_pref("extensions.incredibar.tlbrId", "base");

Removida : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6OyIJVq0S6&loc=IB_T[...]

Removida : user_pref("extensions.incredibar.tlbrid", "base");

Removida : user_pref("extensions.incredibar.tlbrsrchurl", "hxxp://mystart.Incredibar.com/?a=6OyIJVq0S6&loc=IB_T[...]

Removida : user_pref("extensions.incredibar.upn2", "6OyIJVq0S6");

Removida : user_pref("extensions.incredibar.upn2n", "92261800738231354");

Removida : user_pref("extensions.incredibar.vrsn", "1.5.11.14");

Removida : user_pref("extensions.incredibar.vrsnTs", "1.5.11.1416:19:59");

Removida : user_pref("extensions.incredibar.vrsni", "1.5.11.14");

Removida : user_pref("extensions.incredibar.vrsnts", "1.5.11.1416:19:59");

Removida : user_pref("extensions.incredibar_i.aflt", "orgnl");

Removida : user_pref("extensions.incredibar_i.dfltLng", "");

Removida : user_pref("extensions.incredibar_i.did", "10671");

Removida : user_pref("extensions.incredibar_i.excTlbr", false);

Removida : user_pref("extensions.incredibar_i.id", "12c14d800000000000009439e5f25372");

Removida : user_pref("extensions.incredibar_i.installerproductid", "26");

Removida : user_pref("extensions.incredibar_i.instlDay", "15543");

Removida : user_pref("extensions.incredibar_i.instlRef", "");

Removida : user_pref("extensions.incredibar_i.ms_url_id", "");

Removida : user_pref("extensions.incredibar_i.newTab", false);

Removida : user_pref("extensions.incredibar_i.ppd", "7777732");

Removida : user_pref("extensions.incredibar_i.prdct", "incredibar");

Removida : user_pref("extensions.incredibar_i.productid", "26");

Removida : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");

Removida : user_pref("extensions.incredibar_i.smplGrp", "none");

Removida : user_pref("extensions.incredibar_i.tlbrId", "base");

Removida : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6OyIJVq0S6&loc=IB[...]

Removida : user_pref("extensions.incredibar_i.upn2", "6OyIJVq0S6");

Removida : user_pref("extensions.incredibar_i.upn2n", "92261800738231354");

Removida : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");

Removida : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1416:19:59");

Removida : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");

Removida : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_temp_referer", "hxxp://isearch.avg.[...]

Removida : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

-\\ Google Chrome v28.0.1500.72

Arquivo : C:\Users\Alyne\AppData\Local\Google\Chrome\User Data\Default\Preferences

Removida [l.2292] : homepage = "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=12C19439E5F25372&affID=119357&tsp=[...]

*************************

AdwCleaner[s1].txt - [14006 octets] - [20/07/2013 14:06:40]

########## EOF - C:\AdwCleaner[s1].txt - [14067 octets] ##########

Não consigo usar o zoek, a janela abre toda preta.... :(

[DigRam 144]

Olá! alyneweb

 

Não consigo usar o zoek, a janela abre toda preta....

|- Mesmo em Modo de Segurança,isso ocorre?

A+

[alyneweb 0]

Sim, mesmo em modo de segurança

[DigRam 144]

Boa Tarde! alyneweb

< http://h10025.www1.hp.com/ewfrf/wc/document?cc=br&lc=pt&dlc=pt&docname=c01910826'>Restaurar o Windows a um ponto anterior >

|- Veja se consegue restaurar o Windows 7 a um ponto anterior.

-/-

|- Baixe: < http://www.archive-host.com/link/7113172b46967f621016830bdfd969e912fd1426.exe'> > ( ... de Pierre13 )

|- Salve-o no desktop!

|- Execute-o como administrador,caso seja usuário de Windows Vista ou 7.

|- Clique direito em Liste_Point_Restau.exe e escolha executá-lo como administrador.

|- Poste o relatório! ( Rapport_Point_restau.txt )

A+

[Mário Monteiro 179]

Tópico Arquivado

 

Como o autor não respondeu por mais de 10 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.