Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

1sefirot1

[Arquivado] Vários indícios nos navegadores q o PC está com Malwa

Recommended Posts

Meu pc a um bom tempo esta apresentando esses problemas, e como ja formatei algumas vezes e sempre o problema volta, decidi vir aqui.

O problema esta nos navegadores do pc.. firefox, ie ou chrome, nao importa. Constantemente abrem abas de anuncio sozinho, popups, banners, e propagandas fora do contexto do site (em sites q eu sei q nao tem publicidade..) dentre outros. Gostaria da analise do log por gentileza.
Desde ja agradeço!
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:52:59, on 09/12/2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal
Running processes:
C:\Users\Gustavo\Downloads\BitTorrent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\hijackthis\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lyrics Seeker - {56a6fc3d-3f1f-4fd3-a5fe-16bbc81ba751} - C:\Program Files (x86)\LyricsSeeker\133.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [bitTorrent] "C:\Users\Gustavo\Downloads\BitTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Gustavo\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\daemon\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_47C5E710ECE926F3AE2B611C0D7C5655] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - Startup: GameRanger.lnk = Gustavo\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: www.bancobrasil.com.br
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: www.bb.com.br
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Serviço do BonanzaDealsLive (bonanzadealslive) (bonanzadealslive) - BonanzaDeals - C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
O23 - Service: Serviço do BonanzaDealsLive (bonanzadealslivem) (bonanzadealslivem) - BonanzaDeals - C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8647 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

:) Olá!

 

Siga, por gentileza, as dicas dos tutoriais abaixo:

 

Remova adwares e toolbars maliciosas com o Adwcleaner

 

Tutorial do Junkware Removal Tool

 

* Na sua próxima resposta poste, por gentileza, o log do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[s0].txt e o log do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt e nos diga como está seu PC depois destes procedimentos. Ficamos na espera.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia!!

 

# AdwCleaner v3.014 - Relatório criado 10/12/2013 às 12:29:31
# Atualizado 01/12/2013 por Xplode
# Sistema Operacional : Windows 8  (64 bits)
# Usuário : Gustavo - GUSTAVO-NOTE2
# Executando de : C:\Users\Gustavo\Desktop\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

[#] Serviço Deletada : bonanzadealslive
[#] Serviço Deletada : bonanzadealslivem

***** [ Arquivos / Pastas ] *****

[!] Pasta Deletada : C:\ProgramData\BonanzaDealsLive
Pasta Deletada : C:\ProgramData\boost_interprocess
Pasta Deletada : C:\ProgramData\Tarma Installer
Pasta Deletada : C:\Program Files (x86)\BonanzaDeals
[!] Pasta Deletada : C:\Program Files (x86)\BonanzaDealsLive
Pasta Deletada : C:\Program Files (x86)\LyriXeeker
Pasta Deletada : C:\Users\Gustavo\AppData\Local\BonanzaDealsLive
Pasta Deletada : C:\Users\Gustavo\AppData\Roaming\B1Toolbar
Pasta Deletada : C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals
Pasta Deletada : C:\Users\Gustavo\AppData\Roaming\Mozilla\Firefox\Profiles\pvngbors.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}
Pasta Deletada : C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj
Arquivo Deletada : C:\Users\Gustavo\AppData\Roaming\Mozilla\Firefox\Profiles\pvngbors.default\user.js
Arquivo Deletada : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
Arquivo Deletada : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
Arquivo Deletada : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
Arquivo Deletada : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
Arquivo Deletada : C:\Windows\System32\Tasks\BonanzaDealsUpdate

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ieadcoanfjloocmfafkebdnfefmohngj
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\BonanzaDealsLive.exe
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickCtrl.9
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLive.Update3WebControl.3
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{118E1BF6-6279-432F-A285-373A77B90C7A}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{14CEEA2F-3D21-46ED-A7D2-89056C520E5E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1CC8D970-F626-4F19-815F-890032BB6606}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5B5E5D0E-7C83-4A32-ADD2-E5F488DD6783}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6802463D-636F-41FE-9924-4CAD56906590}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{806785D0-375F-4C2C-92E3-B8EE65D28E83}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{944661E7-67B9-4DF7-BFF2-05388C166D34}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A7CF66EF-4F0D-46B1-AF71-A500378D6C34}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B71934E5-6B93-448D-9D32-CBAA5150C5D8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E970727E-0508-4BEB-8B72-BBA9D0D047C7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{EBF1F869-D2F0-4D31-A877-386C853A9C3D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F3CF4912-CF0A-451B-AF3B-C4F216C715E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F904AC50-215C-42AB-A532-77E9FDBA9B19}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Chave Deletedo : HKCU\Software\BI
Chave Deletedo : HKCU\Software\BonanzaDealsLive
Chave Deletedo : HKCU\Software\Conduit
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\AppDataLow\Software\lyrixeeker
Chave Deletedo : HKCU\Software\AppDataLow\Software\SmartBar
Chave Deletedo : HKLM\Software\BonanzaDealsLive
Chave Deletedo : HKLM\Software\Conduit
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bonanza Deals
Chave Deletedo : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Navegadores ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v25.0 (pt-BR)

[ Arquivo : C:\Users\Gustavo\AppData\Roaming\Mozilla\Firefox\Profiles\pvngbors.default\prefs.js ]


-\\ Google Chrome v31.0.1650.63

[ Arquivo : C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [9053 octets] - [10/12/2013 12:28:22]
AdwCleaner[S0].txt - [8289 octets] - [10/12/2013 12:29:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8349 octets] ##########

...

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 8 x64
Ran by Gustavo on 10/12/2013 at 12:33:37,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bonanzadeals
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\bonanzadeals
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\bonanzadealslive



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Gustavo\AppData\Roaming\mozilla\firefox\profiles\pvngbors.default\minidumps [9 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10/12/2013 at 12:44:56,55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Os anuncios sumiram =)))))))))))

Compartilhar este post


Link para o post
Compartilhar em outros sites

Tópico Arquivado

 

Como o autor não respondeu por mais de 10 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.