Manoela 0 Denunciar post Postado Agosto 28, 2013 Olá amigos do fórum, a 1 semana eu fiz download de um programa sem querer, cliquei no botão errado, rs, e desde então tem aparecido paginas no meu navegador, como: Quando abro o navegador chrome, a página inicial é sempre o www.portaldossites.com já mudei em opções do chrome para ser o google, e continua ser essa. Se eu estou numa pagina qquer do nada começa a baixar uma pop up em branco, e lá em cima tem o x pra fechar, mas sempre acontece isso. Se eu estou no facebook por ex, e clico com o lado direito do mouse p/ abriri em outra aba, primeiro aparece uma propaganda qquer (tipo, tem uma msg pra vc) e lá embaixo tem escrito skipp e a seta p/ daí abrir o que eu quero. Tbm tem acontecido na pagina do FB na lateral, sempre aparece uma abinha com propaganda de coisas a venda, q eu tenho q clicar o x pra fechar... sem contar q as vezes meu laptop dá uma travada e tenho que esperar um tempo pra ele processar e continuar a usar ele (isso memso sem estar na internet, para abrir arquivos dentro do lap...) Já passei o MVreglean, cccleaner e uma verificação rápida do malwarebytes anti-malware e mesmo assim continua tudo isso. Me ajudem por favor! abraços, Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:29:18, on 28/08/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16660) Boot mode: Normal Running processes: C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Users\Manoela Maia\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manoela Maia\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manoela Maia\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manoela Maia\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manoela Maia\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manoela Maia\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manoela Maia\AppData\Local\Google\Chrome\Application\chrome.exe C:\Hijack this\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.portaldosites.com/?utm_source=b&utm_medium=tugs&from=tugs&uid=ST9500325AS_5VEE7TK4XXXX5VEE7TK4&ts=1376770506 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.portaldosites.com/?utm_source=b&utm_medium=tugs&from=tugs&uid=ST9500325AS_5VEE7TK4XXXX5VEE7TK4&ts=1376770506 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.portaldosites.com/?utm_source=b&utm_medium=tugs&from=tugs&uid=ST9500325AS_5VEE7TK4XXXX5VEE7TK4&ts=1376770506 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.portaldosites.com/?utm_source=b&utm_medium=tugs&from=tugs&uid=ST9500325AS_5VEE7TK4XXXX5VEE7TK4&ts=1376770506 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Manoela Maia\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Manoela Maia\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE') O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user') O8 - Extra context menu item: Enviar imagem para Dispositivo &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Enviar página para Dispositivo &Bluetooth ... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Enviar para Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Enviar para Dispositivo &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.bancobrasil.com.br O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: www.bb.com.br O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - (no file) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\STacSV64.exe O23 - Service: TurboBoost - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: DW WLAN Tray Service (wltrysvc) - Dell Inc. - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: WMPNetworkSvc - Unknown owner - (no file) -- End of file - 13034 bytes Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Agosto 28, 2013 :) Olá Manoela! * Siga, por gentileza, as dicas dos tutoriais abaixo: Remova adwares e toolbars maliciosas com o Adwcleaner Tutorial do Junkware Removal Tool Guia completo de uso do Avast Browser Cleanup * Na sua próxima resposta poste, por gentileza, o log do Adwcleaner que estará em C:\AdwCleaner[s1].txt e o log do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt e nos diga como está seu PC depois destes procedimentos. Ficamos na espera. _____________________ * Na sua próxima resposta poste, por gentileza, o log do Adwcleaner que estará em C:\AdwCleaner[s1].txt e o log do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt e nos diga como está seu PC depois destes procedimentos. Ficamos na espera. Compartilhar este post Link para o post Compartilhar em outros sites
Manoela 0 Denunciar post Postado Agosto 30, 2013 Olá Antonio, Segue o log do adwcleaner e do JRT: Adwcleaner: # AdwCleaner v3.001 - Report created 30/08/2013 at 12:30:35 # Updated 24/08/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Manoela Maia - MANOELAMAIA-PC # Running from : C:\Users\Manoela Maia\Downloads\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\boost_interprocess Folder Deleted : C:\ProgramData\eSafe Folder Deleted : C:\Program Files (x86)\MyPC Backup Folder Deleted : C:\Program Files (x86)\tuguu sl Folder Deleted : C:\Users\MANOEL~1\AppData\Local\Temp\eIntaller File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins \portaldosites.xml ***** [ Shortcuts ] ***** Shortcut Disinfected : C:\Users\Manoela Maia\Desktop\Google Chrome.lnk Shortcut Disinfected : C:\Users\Manoela Maia\Desktop\Mozilla Firefox.lnk Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu \Programs\Mozilla Firefox.lnk Shortcut Disinfected : C:\Users\Manoela Maia\AppData\Roaming\Microsoft \Windows\Start Menu\Programs\Internet Explorer.lnk Shortcut Disinfected : C:\Users\Manoela Maia\AppData\Roaming\Microsoft \Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk Shortcut Disinfected : C:\Users\Manoela Maia\AppData\Roaming\Microsoft \Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk Shortcut Disinfected : C:\Users\Manoela Maia\AppData\Roaming\Microsoft \Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk Shortcut Disinfected : C:\Users\Manoela Maia\AppData\Roaming\Microsoft \Internet Explorer\Quick Launch\Mozilla Firefox.lnk ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing \askpartnercobrandingtool_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\tracing \askpartnercobrandingtool_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog \Application\WsysSvc Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0031257.BHO Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0031257.Sandbox Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0031257.Sandbox.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing \SoftonicDownloader_para_atube-catcher_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing \SoftonicDownloader_para_atube-catcher_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing \SoftonicDownloader_para_coreldraw_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing \SoftonicDownloader_para_coreldraw_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing \SoftonicDownloader_para_media-player-classic (1)_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing \SoftonicDownloader_para_media-player-classic (1)_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing \SoftonicDownloader_para_media-player-classic_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing \SoftonicDownloader_para_media-player-classic_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing \SoftonicDownloader_para_media-player-codec-pack_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing \SoftonicDownloader_para_media-player-codec-pack_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing \SoftonicDownloader_para_nero-10-gratis_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing \SoftonicDownloader_para_nero-10-gratis_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935- AEC46303B9E5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B- F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats \{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats \{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions \{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes \{33BB0A4E-99AF-4226-BDF6-49120163DE86} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer \SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\InstalledBrowserExtensions Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider Key Deleted : HKLM\Software\eSafeSecControl Key Deleted : HKLM\Software\portaldositesSoftware ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16660 Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start Page] Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page] -\\ Mozilla Firefox v22.0 (pt-BR) [ File : C:\Users\Manoela Maia\AppData\Roaming\Mozilla\Firefox\Profiles \z1tlmjde.default\prefs.js ] Line Deleted : user_pref("browser.search.defaultenginename", "portaldosites"); Line Deleted : user_pref("browser.search.order.1", "portaldosites"); Line Deleted : user_pref("browser.search.selectedEngine", "portaldosites"); Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.portaldosites.com/? utm_source=b&utm_medium=tugs&from=tugs&uid=ST9500325AS_5VEE7TK4XXXX5VEE7T K4&ts=1376770506"); Line Deleted : user_pref ("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021e e138ccom31257.31257.backgroundjs", "\n \n/********************************************************************** *******[...] Line Deleted : user_pref ("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021e e138ccom31257.31257.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9.val ue", "%22function%20tcmMarkWindow%28a%29%7Bva[...] Line Deleted : user_pref ("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021e e138ccom31257.31257.internaldb.cache/62cce7d26ab5636bceb113b988d56c59_BR. value", "%22var%20cat_62cce7d26ab5636bceb113b[...] Line Deleted : user_pref ("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021e e138ccom31257.31257.internaldb.cache/d965aead622233a60676ef2349956f38_BR. value", "%22var%20cat_d965aead622233a60676ef2[...] Line Deleted : user_pref ("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021e e138ccom31257.31257.js", "\n\n /************************************************************************ ************\[...] Line Deleted : user_pref ("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021e e138ccom31257.31257.plugins.plugin_1.code", "appAPI._cr_config= {appID:function(){var a=appAPI.appInfo;if(a){return app[...] Line Deleted : user_pref ("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021e e138ccom31257.31257.plugins.plugin_102.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...] Line Deleted : user_pref ("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021e e138ccom31257.31257.plugins.plugin_104.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...] Line Deleted : user_pref ("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021e e138ccom31257.31257.plugins.plugin_119.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...] Line Deleted : user_pref ("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021e e138ccom31257.31257.plugins.plugin_120.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...] Line Deleted : user_pref ("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021e e138ccom31257.31257.plugins.plugin_123.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...] Line Deleted : user_pref ("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021e e138ccom31257.31257.plugins.plugin_13.name", "CrossriderAppUtils"); Line Deleted : user_pref ("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021e e138ccom31257.31257.plugins.plugin_138.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...] Line Deleted : user_pref ("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021e e138ccom31257.31257.plugins.plugin_14.name", "CrossriderUtils"); Line Deleted : user_pref ("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021e e138ccom31257.31257.plugins.plugin_155.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...] Line Deleted : user_pref ("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021e e138ccom31257.31257.plugins.plugin_16.code", "if((typeof isBackground=== \"undefined\"||isBackground!==true)&&(typeof _[...] Line Deleted : user_pref ("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021e e138ccom31257.31257.plugins.plugin_17.code", "if(typeof window!== \"undefined\"){\n/*!\n * jQuery JavaScript Library v1[...] Line Deleted : user_pref ("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021e e138ccom31257.31257.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.a[...] Line Deleted : user_pref ("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021e e138ccom31257.31257.plugins.plugin_22.code", "(function(a) {appAPI.queueManager={queue:[],register:function( B){this.que[...] Line Deleted : user_pref ("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021e e138ccom31257.31257.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_con[...] Line Deleted : user_pref ("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021e e138ccom31257.31257.plugins.plugin_47.code", "(function() {appAPI.ready=function(a){appAPI.resources.isReady(a);};}());[...] Line Deleted : user_pref ("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021e e138ccom31257.31257.plugins.plugin_78.name", "CrossriderInfo"); Line Deleted : user_pref ("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021e e138ccom31257.31257.plugins.plugin_87.code", "var CROSSRIDER_PLATFORM=true;var JQ=bbrsJQ=$jquery;if(appAPI.platform==\[...] Line Deleted : user_pref ("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021e e138ccom31257.31257.plugins.plugin_91.code", "(function(h){var p= (function(){var R=0;var Z=\"\";function Q(ac){return [...] Line Deleted : user_pref ("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021e e138ccom31257.31257.plugins.plugin_92.code", "if(typeof appAPI.internal.monetization===\"undefined\"){appAPI.internal.[...] Line Deleted : user_pref("extensions.crossrider.bic", "140a2a3050bab9dd64e208e88e432236"); -\\ Google Chrome v [ File : C:\Users\Manoela Maia\AppData\Local\Google\Chrome\User Data \Default\preferences ] ************************* AdwCleaner[R0].txt - [13751 octets] - [30/08/2013 12:28:28] AdwCleaner[s0].txt - [11405 octets] - [30/08/2013 12:30:35] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [11466 octets] ########## JRT: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 5.5.5 (08.28.2013:1) OS: Windows 7 Home Premium x64 Ran by Manoela Maia on 30/08/2013 at 12:52:20,99 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\plus-hd-1.3 Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322122257} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366126657} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220322122257} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660366126657} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366126657} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660366126657} ~~~ Files Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.3-chromeinstaller.job Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.3-codedownloader.job Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.3-enabler.job Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.3-firefoxinstaller.job Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.3-updater.job ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess" Successfully deleted: [Folder] "C:\Users\Manoela Maia\AppData\Roaming\goforfiles" Successfully deleted: [Empty Folder] C:\Users\Manoela Maia\appdata\local\{69C120A4-0EAC-422E-A41C-6400955247D7} Successfully deleted: [Empty Folder] C:\Users\Manoela Maia\appdata\local\{B4430174-A5FD-49A1-859D-C72841C8631F} Successfully deleted: [Empty Folder] C:\Users\Manoela Maia\appdata\local\{F72E4177-6A5A-4A82-A65B-3F2C96A14E4F} ~~~ FireFox Emptied folder: C:\Users\Manoela Maia\AppData\Roaming\mozilla\firefox\profiles\z1tlmjde.default\minidumps [1 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 30/08/2013 at 12:57:30,83 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Melhorou bastante pq não aparece o portaldossites.com, porém, quando fui abrir aqui para responder o tópico, abriu primeiro a mensagem que sempre abre e dps que terminou de carregar a página. Escrito " tem uma mensagem para vc, com o desenho do envelope e embaixo tem skip e setinha p/ pular dessa página...isso continua. comofaz? não sei como anexar aqui a foto pra vc visualizar... agradeço demais a ajuda! Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Agosto 30, 2013 :) Vários problemas foram removidos de seu PC. _______________________ Melhorou bastante pq não aparece o portaldossites.com, porém, quando fui abrir aqui para responder o tópico, abriu primeiro a mensagem que sempre abre e dps que terminou de carregar a página. Escrito " tem uma mensagem para você, com o desenho do envelope e embaixo tem skip e setinha p/ pular dessa página...isso continua :seta: Você usou o Avast Browser Cleanup conforme lhe indiquei? Caso não tenha usado, use ele por gentileza seguindo as dicas daquele tutorial. __________________________ :seta: Siga, por gentileza, as dicas deste tutorial para fazer uma limpeza de seu PC com o Malwarebytes: Para instalá-lo e utilizá-lo corretamente siga as dicas deste tutorial: Tutorial do Malwarebytes Anti-Malware Na sua próxima resposta poste este log do Malwarebytes juntamente com um novo log do Hijackthis e nos diga como está o seu PC após estes procedimentos. Ficamos no aguardo. Compartilhar este post Link para o post Compartilhar em outros sites
Manoela 0 Denunciar post Postado Agosto 30, 2013 ah, e ainda aparece na página do facebook a barra lateral de propagandas de vendas de coisas... Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Agosto 30, 2013 ah, e ainda aparece na página do facebook a barra lateral de propagandas de vendas de coisas... sim, mas você usou o Avast Browser Cleanup conforme tinha lhe passado? e use também o malwarebytes em uma verificação completa conforme lhe passei na resposta anterior e poste os logs pedidos, por gentileza. Ficamos na espera. Compartilhar este post Link para o post Compartilhar em outros sites
Manoela 0 Denunciar post Postado Agosto 30, 2013 ah perdão, eu não tinha visto sua resposta anterior. Eu não sei se ele faz essa varredura no pc todo, pq qndo eu abro o programa, ele indica somente os adicionais de bancos que eu uso nos navegadores. Só! não tem nenhum botão de varredura ou algo do tipo....é isso mesmo? Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Agosto 30, 2013 ah perdão, eu não tinha visto sua resposta anterior. Eu não sei se ele faz essa varredura no pc todo, pq qndo eu abro o programa, ele indica somente os adicionais de bancos que eu uso nos navegadores. Só! não tem nenhum botão de varredura ou algo do tipo....é isso mesmo? é mais ou menos assim mesmo, mas você olhou em todos os navegadores por ele? Para ver quais itens estejam instalados em cada um dos navegadores acima, basta clicar na aba à esquerda correspondente a ele. Assim você verá os complementos e toolbars instalados e poderá habilitar ou desabilitar estes itens de acordo com a sua escolha. Outra opção que é dada a você é a de clicar no botão Restaurar configurações padrão do navegador, a qual faz com ele volte para o seu padrão de fábrica, desinstalando todos os complementos e alterações encontrados neste navegador. Aí caso opte por usar esta restauração para os padrões do navegador, você precisará depois reinstalar os plugins dos bancos, sites favoritos, etc. _____________________ * Faça também o escaneamento com o Malwarebytes e poste os logs pedidos. Compartilhar este post Link para o post Compartilhar em outros sites
Manoela 0 Denunciar post Postado Agosto 30, 2013 Oi! então, eu vi em todos os navegadores sim, só estão instalados os adicionais de banco, nenhum outro. na verificação completa do malwerebytes ele verificou alguns PUP só q nao foi selecionado para deletar...ele só selecionou um adwere lá... log do malwerebytes: Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Versão da Base de Dados: v2013.08.30.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16660 Manoela Maia :: MANOELAMAIA-PC [administrador] 30/08/2013 14:56:24 mbam-log-2013-08-30 (14-56-24).txt Tipo de Verificação: Verificação Completa (C:\|) Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM Opções de verificação desativadas: P2P Objetos escaneados: 435664 Tempo decorrido: 1 hora(s), 57 minuto(s), 28 segundo(s) Processos de Memória Detectados: 0 (Não foram detectados ítens maliciosos) Módulos de Memória Detectados: 0 (Não foram detectados ítens maliciosos) Chaves de Registro Detectadas: 1 HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> Nenhuma ação foi feita. Valores de Registro Detectadas: 0 (Não foram detectados ítens maliciosos) Itens de Dados no Registro Detectadas: 0 (Não foram detectados ítens maliciosos) Pastas Detectadas: 0 (Não foram detectados ítens maliciosos) Arquivos Detectados: 5 C:\Users\Manoela Maia\AppData\Local\Temp\DM\Player_Setup.exe\a896107152fe41c096cc6b72a98f0d89\software\OptimizerPro.exe (PUP.Optional.OptimizePro.A) -> Nenhuma ação foi feita. C:\Users\Manoela Maia\AppData\Local\Temp\DM\Player_Setup.exe\a896107152fe41c096cc6b72a98f0d89\software\Player_Setup.exe (PUP.Optional.Tugluu.A) -> Nenhuma ação foi feita. C:\Users\Manoela Maia\AppData\Local\Temp\DM\Player_Setup.exe\a896107152fe41c096cc6b72a98f0d89\software\Portaldosites.exe (PUP.Optional.Elex) -> Nenhuma ação foi feita. C:\Users\Manoela Maia\Documents\INSTALERS\aTube_Catcher_Setup.exe (PUP.Optional.OpenCandy) -> Nenhuma ação foi feita. C:\Users\Manoela Maia\AppData\Local\Temp\DM\Player_Setup.exe\a896107152fe41c096cc6b72a98f0d89\software\plus-hd-1-3.exe (Adware.Packed.Ranver) -> Enviado para a Quarentena e deletado com sucesso. (fim) Log Hijackthis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:42:29, on 30/08/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16660) Boot mode: Normal Running processes: C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Users\Manoela Maia\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manoela Maia\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manoela Maia\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manoela Maia\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manoela Maia\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manoela Maia\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manoela Maia\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manoela Maia\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manoela Maia\AppData\Local\Google\Chrome\Application\chrome.exe C:\Hijack this\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Manoela Maia\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Manoela Maia\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE') O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user') O8 - Extra context menu item: Enviar imagem para Dispositivo &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Enviar página para Dispositivo &Bluetooth ... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Enviar para Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Enviar para Dispositivo &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.bancobrasil.com.br O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: www.bb.com.br O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - (no file) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\STacSV64.exe O23 - Service: TurboBoost - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: DW WLAN Tray Service (wltrysvc) - Dell Inc. - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: WMPNetworkSvc - Unknown owner - (no file) -- End of file - 12018 bytes Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Agosto 31, 2013 :seta: Baixe o Zoek (...de Smeenk) e salve-o no Desktop (Área de Trabalho) *Mantenha-se conectado com a Internet *Clique com o botão direito do mouse no Zoek e selecione *Cole as linhas em marrom no espaço autoclean; emptyalltemp; *Feche o seu navegador e clique [Run Script] *Durante o scan a mensagem abaixo será apresentada. Aguarde o término...pode demorar! Zoek.exe is running now. Do not start any browser windows, they will be closed automatically. Please wait! This window will close when finished. A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log *Caso a reinicialização do PC seja solicitada, clique [OK] Acesse este link *Clique [selecionar arquivo...], localize o relatório C:\zoek-results.txt e clique [Abrir] *Selecione 4 jours e clique [Créer le lien Cjoint] *Cole o link criado ao lado de Le lien a été créé: __________________ Compartilhar este post Link para o post Compartilhar em outros sites
Manoela 0 Denunciar post Postado Agosto 31, 2013 Oi! segue o link: http://cjoint.com/?3HFrNEeTrhq e agora? :) Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Agosto 31, 2013 :seta: Clique com o botão direito do mouse no Zoek e selecione *Cole as linhas em marrom no espaço 509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com;ffuninstall-list;*Clique [Run Script] e cole o relatório Compartilhar este post Link para o post Compartilhar em outros sites
Manoela 0 Denunciar post Postado Setembro 1, 2013 Oie! Segue o relatório: Zoek.exe Version 4.0.0.4 Updated 31-08-2013 Tool run by Manoela Maia on 01/09/2013 at 11:40:42,23. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Manoela Maia\Desktop\zoek.exe [script inserted] ==== FireFox Fix ====================== ProfilePath: C:\Users\Manoela Maia\AppData\Roaming\Mozilla\Firefox\Profiles\z1tlmjde.default user.js not found ---- Lines 509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com removed from prefs.js ---- ---- Lines 509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_082013_1224_.backup prefs_092013_1251_.backup ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Manoela Maia\AppData\Roaming\Mozilla\Firefox\Profiles\z1tlmjde.default 02266A21529DA473F2ADEA228E54D8C6 - C:\Users\Manoela Maia\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll - Módulo de Proteção - Banco do Brasil D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17 101700E93EB905992B518256CB441829 - C:\Users\Manoela Maia\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll - Google Update 63BF4171F8EF7AA2C9D20EFB5B336B63 - C:\Users\Manoela Maia\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll - Módulo de Proteção - Banco Santander (Brasil) S.A. 0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\Manoela Maia\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 6AD7B1D887D26F06033280F4B5C2034B - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll - Shockwave Flash 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Uninstall List x64 ====================== æTorrent [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] Adobe Flash Player 10 ActiveX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX] Adobe Flash Player 11 Plugin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin] Adobe Photoshop Lightroom 3.2 64-bit [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A94AABAE-52F0-48C4-9F94-A4CA4B423576}] Adobe Reader X (10.1.7) - Portuguˆs [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1046-7B44-AA1000000001}] Advanced Audio FX Engine [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Advanced Audio FX Engine] AP Tuner 3.08 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AP Tuner 3.08] Apple Mobile Device Support [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2F72F540-1F60-4266-9506-952B21D6640D}] Apple Software Update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}] Ashampoo Burning Studio 2010 Advanced 9.25 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Ashampoo Burning Studio 2010 Advanced_is1] aTube Catcher [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\aTube Catcher] Avira Free Antivirus [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Avira AntiVir Desktop] Bonjour [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}] BS.Player FREE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BSPlayerf] CCleaner [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner] Cisco EAP-FAST Module [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}] Cisco LEAP Module [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{51C7AD07-C3F6-4635-8E8A-231306D810FE}] Cisco PEAP Module [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}] D3DX10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E09C4DB7-630C-4F06-A631-8EA7239923AF}] Dell DataSafe Local Backup [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}] Dell DataSafe Online [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}] Dell Dock [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C73A3942-84C8-4597-9F9B-EE227DCBA758}] Dell Dock [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Dell Dock] Dell Driver Download Manager [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\f031ef6ac137efc5] Dell Edoc Viewer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}] Dell Getting Started Guide [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}] Dell Support Center (Software de Suporte) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}] Dell Webcam Central [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Dell Webcam Central] DVD Shrink 3.2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DVD Shrink_is1] DVDFab 8.0.2.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DVDFab_is1] DW WLAN Card Utility [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\DW WLAN Card Utility] Facebook Video Calling 1.2.0.287 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}] Google Chrome [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome] Google Earth [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}] Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] GoToAssist 8.0.0.514 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\GoToAssist] iCloud [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{704C0303-D20C-45AF-BD2B-556EAF31BE09}] Intel® Graphics Media Accelerator Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}] Intel® Management Engine Components [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}] IRPF2012 - Declara‡Æo de Ajuste Anual, Final de Esp¢lio e Sa¡da Definitiva do Pa¡s [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IRPF2012] IRPF2013 - Declara‡Æo de Ajuste Anual, Final de Esp¢lio e Sa¡da Definitiva do Pa¡s [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IRPF2013] iTunes [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{427174C0-096E-40D9-9684-9C109BEE2CBF}] Java 7 Update 25 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217025FF}] Java Auto Updater [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] Java 6 Update 20 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F86416020FF}] JavaFX 2.1.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1111706F-666A-4037-7777-211328764D10}] Junk Mail filter update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}] Live Cam Avatar Creator [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}] Maia Mechanics Imaging [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B3C4A6E7-AAAA-4B37-A412-B6AB947829EA}] Malwarebytes Anti-Malware versÆo 1.75.0.1300 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1] Microsoft .NET Framework 1.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}] Microsoft .NET Framework 4 Client Profile [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}] Microsoft .NET Framework 4 Extended [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}] Microsoft Office com Clique para Executar 2010 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Office14.Click2Run] Microsoft Search Enhancement Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}] Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}] Microsoft SQL Server 2005 Compact Edition [ENU] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}] Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{770657D0-A123-3C07-8E44-1C83EC895118}] Microsoft Visual C++ 2005 Redistributable - KB2467175 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}] Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}] Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{071c9b48-7c32-4621-a0ac-3f809523288f}] Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}] Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}] Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8220EEFE-38CD-377E-8595-13398D740ACE}] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{820B6609-4C97-3A2B-B644-573B06A0F0CC}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}] Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}] M¢dulo de Prote‡Æo Santander 3.2.0.2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83033d93-48d0-48fc-9c5b-82e57e7e0dd6}_is1] M¢dulo de Seguran‡a - Banco do Brasil [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1] Monitor da tecnologia Intel© Turbo Boost [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}] Mozilla Firefox 22.0 (x86 pt-BR) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 22.0 (x86 pt-BR)] Mozilla Maintenance Service [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService] MPC-HC 1.6.5.6366 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1] MSVCRT [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}] MSVCRT_amd64 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D0B44725-3666-492D-BEF6-587A14BD9BD9}] MSXML 4.0 SP2 (KB954430) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}] MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}] MV RegClean 5.9 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MV RegClean 5.9_is1] Nero BurnLite 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}] Nero BurnLite 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}] Nero Control Center 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6DFB899F-17A2-48F0-A533-ED8D6866CF38}] Nero ControlCenter 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}] Nero Core Components 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}] Nero Update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}] Picasa 3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Picasa 3] Plus-HD-1.3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-1.3] Quickset64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{87CF757E-C1F1-4D22-865C-00C6950B5258}] QuickTime [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B67BAFBA-4C9F-48FA-9496-933E3B255044}] Receitanet [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5] Roxio Burn [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}] Roxio Burn [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}] Security Update for CAPICOM (KB931906) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}] SkypeT 5.10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}] SoftSkies [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftSkies] Software WIDCOMM Bluetooth [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}] Suporte para Aplicativos Apple [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}] Switch Sound File Converter [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Switch] Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SynTPDeinstKey] VLC media player 2.0.2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VLC media player] Windows Live Communications Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D45240D3-B6B3-4FF9-B243-54ECE3E10066}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43B43577-2514-4CE0-B14A-7E85C17C0453}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinLiveSuite] Windows Live Galeria de Fotos [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F7A46527-DF1F-4B0F-9637-98547E189442}] Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}] Windows Live Installer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B0F231F-CE6A-483D-AA23-77B364F75917}] Windows Live Language Selector [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{180C8888-50F1-426B-A9DC-AB83A1989C65}] Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9D56775A-93F3-44A3-8092-840E3826DE30}] Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9DA3F03B-2CEE-4344-838E-117861E61FAF}] Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C9E1343D-E21E-4508-A1BE-04A089EC137D}] Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E5B21F11-6933-4E0B-A25C-7963E3C07D11}] Windows Live MIME IFilter [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DA54F80E-261C-41A2-A855-549A144F2F59}] Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{92EA4134-10D1-418A-91E1-5A0453131A38}] Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}] Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}] Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B33B61FE-701F-425F-98AB-2B85725CBF68}] Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3336F667-9049-4D46-98B6-4C743EEBC5B1}] Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83C292B7-38A5-440B-A731-07070E81A64F}] Windows Live SOXE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{682B3E4F-696A-42DE-A41C-4C07EA1678B4}] Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{200FEC62-3C34-4D60-9CE8-EC372E01C08F}] Windows Live Sync [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9E2EE2F7-33BD-4D30-9E5D-8469A9F32009}] Windows Live UX Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}] Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DF71ABBB-B834-41C0-BB58-80B0545D754C}] Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A726AE06-AAA3-43D1-87E3-70F510314F04}] Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}] Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B3BE54A4-8DFE-4593-8E66-56AB7133B812}] Windows Live Writer Resources [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}] Windows Media Player Firefox Plugin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}] WinPcap 4.1.2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinPcapInst] WinRAR archiver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver] ==== EOF on 01/09/2013 at 12:51:41,74 ====================== Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Setembro 1, 2013 :) Parabéns, seu PC está limpo. :seta: Baixe o DelFix (...de Xplode) e salve-o no Desktop (Área de Trabalho) *Execute-o e clique [Run] *Cole o relatório apresentado em sua próxima resposta e nos diga como está seu PC atualmente. Ficamos na espera. Compartilhar este post Link para o post Compartilhar em outros sites
Manoela 0 Denunciar post Postado Setembro 2, 2013 Oie! segue o relatório: # DelFix v10.4 - Logfile created 02/09/2013 at 14:55:59 # Updated 19/07/2013 by Xplode # Username : Manoela Maia - MANOELAMAIA-PC # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) ~ Removing disinfection tools ... Deleted : C:\Program Files (x86)\Ad-Remover Deleted : C:\zoek-results.log Deleted : C:\Users\Manoela Maia\Desktop\adwcleaner.exe Deleted : C:\Users\Manoela Maia\Desktop\JRT.exe Deleted : C:\Users\Manoela Maia\Desktop\JRT.txt Deleted : C:\Users\Manoela Maia\Desktop\zoek.com Deleted : C:\Users\Manoela Maia\Desktop\zoek.exe Deleted : C:\Users\Manoela Maia\Desktop\zoek.scr Deleted : C:\Users\Manoela Maia\Desktop\zoek.zip Deleted : HKLM\SOFTWARE\AdwCleaner Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis ########## - EOF - ########## Agora sim meu pc está bom! :) não aparece mais as páginas e qndo abro o navegador, ele abre normalmente..está até mais agil o navegador. muito agradecida! :) Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Setembro 2, 2013 Agora sim meu pc está bom! :) não aparece mais as páginas e qndo abro o navegador, ele abre normalmente..está até mais agil o navegador. muito agradecida! :) :) Ficamos felizes que o caso foi resolvido. :seta: Para evitar que os problemas voltem novamente, desative e ative novamente a restauração do sistema no Windows 7. :thumbsup: Foi um prazer ajudar, conte sempre conosco! Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Setembro 2, 2013 PROBLEMA RESOLVIDO Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico. Compartilhar este post Link para o post Compartilhar em outros sites