Mathss

Novato
  • Total de itens

    20
  • Registro em

  • Última visita

Reputação

0 Neutral

Sobre Mathss

  • Rank
    Novato

Profile Information

  • Sexo
    Masculino
  1. Alguém sabe me responder??????
  2. A um tempo atrás fiquei sabendo da falha no uTorrent e não baixei no novo computador e quis excluir do antigo (só não fiz pq meu irmão não quis abrir mão) Quero saber se o uTorrent ainda apresenta a falha de segurança, ou se já pode ser usado normalmente. A versão atual é µtorrent(3.5.0 build 43916), ela tem a falha de segurança ou não?
  3. Fiz mais ou menos os procedimentos do ActiveX qe você falou já que em parte é parecido. Só não sei se depois de tudo deletou ou não... logeset.txt
  4. E então eu executo?
  5. Vou mandar dois prints aqui sem ser anexados. Este mostra meus plugins, eu não manjo muito, mas parece que tenho outro no lugar deste ai que você falou. ===== Este mostra o que ia ser instalado no i explorer no lugar do ActiveX. ===== Como foi diferente, preferi não arriscar fazer por conta própria e lhe consultar...
  6. O navegador é o Firefox, o que uso, quem usa o Chrome é meu irmão. Sobre a parte de downloades bloquear, foi só uma vez, mas o flash foi mais, aparece tipo uma peça de lego vermelha com um x no centro. O log do Malware eu coloquei como mbam.txt... AdwCleanerS0.txt mbam.txt JRT.txt
  7. Veio dois arquivos de texto, não sei o que é o outro, mas como veio junto estou anexando também por via das dúvidas. OTL.Txt Extras.Txt
  8. One Piece e Fullmetal Alchemist
  9. Este PC, que pertence a meu irmão ta meio doido. Ta bloqueando os plugins do adobe flash em todos os sites a menos que ue autorize e ta blqueando alguns downloades a menos que eu desbloqueie. Hoje eu baixei emulador de Super Nitendo e Room de Chrono Tigger, mas não acho que tenha sido isto não. Já to cuidando dos logs que o site pede pra antecipar um pouco. Desculpe o incomodo, e agradeço deste já a ajuda. MbrScan.log ZA-Scan.txt FSS.txt
  10. Estou aqui no PC de um amigo meu, tentando ajudar ele a remover vírus. Na verdade, tem uma cacetada. Ta até difícil de acessar a internet e os navegadores por aqui. Como não é minha primeira vez aqui, já me antecipei em por os logs aqui. FSS.txt MbrScan.log hijackthis.log
  11. Caaaaaaaarnee!

  12. Não detectou nada! xD Fiz o teste 2 vezes(pois eu não tinha lido direito o que tu disse, kkk)
  13. Aqui esta o bagulho: Malwarebytes Anti-Malware (Trial) 1.75.0.1300 www.malwarebytes.org Versão da Base de Dados: v2013.10.07.12 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Matheus :: XP-BC605F3E9662 [administrador] Proteção: Permitir 07/10/2013 19:45:39 mbam-log-2013-10-07 (19-45-39).txt Tipo de Verificação: Verificação Completa (C:\|D:\|) Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM Opções de verificação desativadas: P2P Objetos escaneados: 234686 Tempo decorrido: 34 minuto(s), 8 segundo(s) Processos de Memória Detectados: 0 (Não foram detectados ítens maliciosos) Módulos de Memória Detectados: 0 (Não foram detectados ítens maliciosos) Chaves de Registro Detectadas: 1 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso. Valores de Registro Detectadas: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Data: 1 -> Enviado para a Quarentena e deletado com sucesso. Itens de Dados no Registro Detectadas: 5 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowHelp (PUM.Hijack.StartMenu) -> Ruim: (0) Bom: (1) -> Enviado para a Quarentena e reparado com sucesso. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoSMHelp (PUM.Hijack.Help) -> Ruim: (1) Bom: (0) -> Enviado para a Quarentena e reparado com sucesso. HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Ruim: (1) Bom: (0) -> Enviado para a Quarentena e reparado com sucesso. HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Ruim: (1) Bom: (0) -> Enviado para a Quarentena e reparado com sucesso. HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Ruim: (1) Bom: (0) -> Enviado para a Quarentena e reparado com sucesso. Pastas Detectadas: 0 (Não foram detectados ítens maliciosos) Arquivos Detectados: 24 C:\AdwCleaner\Quarantine\C\Temp\eIntaller\0F6AF95E195541de91F10F8988F06279\eXQ.exe.vir (PUP.Optional.Elex) -> Enviado para a Quarentena e deletado com sucesso. C:\AdwCleaner\Quarantine\C\Temp\eIntaller\7F9DE688B71D47d88F435886CDEEC1D8\eXQ.exe.vir (PUP.Optional.Elex) -> Enviado para a Quarentena e deletado com sucesso. C:\AdwCleaner\Quarantine\C\Temp\eIntaller\AB03430966C6461282A6D81EDC7035AC\eXQ.exe.vir (PUP.Optional.Elex) -> Enviado para a Quarentena e deletado com sucesso. C:\AdwCleaner\Quarantine\C\Temp\eIntaller\AFDDF3AE39A843e89D1DFF2E65345742\eXQ.exe.vir (PUP.Optional.Elex) -> Enviado para a Quarentena e deletado com sucesso. C:\AdwCleaner\Quarantine\C\Temp\eIntaller\F4C337C2E587421796F1E4A1D0C2108D\eXQ.exe.vir (PUP.Optional.Elex) -> Enviado para a Quarentena e deletado com sucesso. C:\AdwCleaner\Quarantine\C\Temp\eIntaller\FCD4082971924691B0EFDE5136860134\eXQ.exe.vir (PUP.Optional.Elex) -> Enviado para a Quarentena e deletado com sucesso. C:\Documents and Settings\Matheus\Configurações locais\Temporary Internet Files\Content.IE5\NHYEWN4T\wajam_install[1].exe (PUP.Optional.Wajam.A) -> Enviado para a Quarentena e deletado com sucesso. C:\Documents and Settings\Matheus\Configurações locais\Temporary Internet Files\Content.IE5\XFT1NW5X\pack[1].7z (PUP.Optional.BrowserProtect.A) -> Enviado para a Quarentena e deletado com sucesso. C:\Temp\373D292D-BAB0-7891-9787-A093CB18214F\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso. C:\Temp\373D292D-BAB0-7891-9787-A093CB18214F\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso. C:\Temp\373D292D-BAB0-7891-9787-A093CB18214F\Latest\BUSolution.dll (PUP.Optional.BabSolution.A) -> Enviado para a Quarentena e deletado com sucesso. C:\Temp\373D292D-BAB0-7891-9787-A093CB18214F\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso. C:\Temp\373D292D-BAB0-7891-9787-A093CB18214F\Latest\DSearchLink.exe (PUP.Optional.Delta.A) -> Enviado para a Quarentena e deletado com sucesso. C:\Temp\373D292D-BAB0-7891-9787-A093CB18214F\Latest\enhancedNT.dll (PUP.Optional.Delta.A) -> Enviado para a Quarentena e deletado com sucesso. C:\Temp\373D292D-BAB0-7891-9787-A093CB18214F\Latest\MntrDLLInstall.dll (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso. C:\Temp\373D292D-BAB0-7891-9787-A093CB18214F\Latest\MyDeltaTB.exe (PUP.Optional.Delta) -> Enviado para a Quarentena e deletado com sucesso. C:\Temp\373D292D-BAB0-7891-9787-A093CB18214F\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso. C:\Temp\is1275519350\1287064_Setup.EXE (PUP.Optional.LyricsAd) -> Enviado para a Quarentena e deletado com sucesso. C:\Temp\is1275519350\cor_ar_201372917277_portaldosites.exe (PUP.Optional.Elex) -> Enviado para a Quarentena e deletado com sucesso. C:\Temp\is1275519350\DeltaTB.exe (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso. C:\Temp\is1275519350\wajam_download.exe (PUP.Optional.Wajam) -> Enviado para a Quarentena e deletado com sucesso. C:\Temp\is1275519350\wajam_validate.exe (PUP.Optional.Wajam) -> Enviado para a Quarentena e deletado com sucesso. C:\Temp\is701137889\dp.exe (PUP.Optional.Dealply) -> Enviado para a Quarentena e deletado com sucesso. C:\Temp\is701137889\MyBabylonTB.exe (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso. (fim) O Malwarebytes Anti-Malwatr toda hora bloqueava o forum tibia br a menos que eu desabilitasse isto. Tem algum problema lá ou não? -- Quais programas/arquivos eu posso excluir? O Hijack vou anexar em baixo, como cabei fazendo o Scan 2 vezes sem querer, vou passar os 2, o que termina com 2 é o mais recente. Man, obrigado mesmo pela ajuda, estou sem saber como agradecer. valeu Edição: Parece que tudo foi resolvido, quando eu abro abas, não aparece mais "Delta-Home", mas sim uma aba em branco... Já posso entrar no face normalmente né? hijackthis.log hijackthis2.log
  14. Bem, aqui esta: # AdwCleaner v3.006 - Relatório criado 06/10/2013 às 17:39:34 # Atualizado 01/10/2013 por Xplode # Sistema Operacional : Microsoft Windows XP Service Pack 3 (32 bits) # Usuário : Matheus - XP-BC605F3E9662 # Executando de : C:\Documents and Settings\Matheus\Desktop\adwcleaner.exe # Opção : Limpar ***** [ Serviços ] ***** [#] Serviço Deletada : SProtection Serviço Deletada : WsysSvc ***** [ Arquivos / Pastas ] ***** Pasta Deletada : C:\Documents and Settings\All Users\Dados de aplicativos\Babylon Pasta Deletada : C:\Documents and Settings\All Users\Dados de aplicativos\eSafe Pasta Deletada : C:\Documents and Settings\All Users\Dados de aplicativos\Iminent Pasta Deletada : C:\Temp\eIntaller Pasta Deletada : C:\Temp\Iminent Pasta Deletada : C:\Documents and Settings\Matheus\Dados de aplicativos\Babylon Pasta Deletada : C:\Documents and Settings\Matheus\Dados de aplicativos\Iminent Arquivo Deletada : C:\WINDOWS\system32\roboot.exe Arquivo Deletada : C:\Temp\Uninstall.exe Arquivo Deletada : C:\Documents and Settings\Matheus\Dados de aplicativos\Mozilla\Firefox\Profiles\8m3g6blq.default-1364515124250\\invalidprefs.js Arquivo Deletada : C:\Documents and Settings\Matheus\Dados de aplicativos\Mozilla\Firefox\Profiles\8m3g6blq.default-1364515124250\user.js Arquivo Deletada : C:\Documents and Settings\Matheus\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage ***** [ Atalhos ] ***** Atalho Desinfectada : C:\Documents and Settings\All Users\Menu Iniciar\Programas\Mozilla Firefox.lnk Atalho Desinfectada : C:\Documents and Settings\All Users\Menu Iniciar\Programas\Google Chrome\Google Chrome.lnk Atalho Desinfectada : C:\Documents and Settings\Matheus\Menu Iniciar\Programas\Internet Explorer.lnk Atalho Desinfectada : C:\Documents and Settings\Matheus\Menu Iniciar\Programas\Acessórios\Ferramentas do Sistema\Internet Explorer (Sem Complementos).lnk Atalho Desinfectada : C:\Documents and Settings\Matheus\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk Atalho Desinfectada : C:\Documents and Settings\Matheus\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk ***** [ Registro ] ***** Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [webbooster@iminent.com] Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\DealPly Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Iminent Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.TestContentCommand Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandle.1 Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandler Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1 Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1 Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1 Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Iminent] Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [IminentMessenger] Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc Valor Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Arquivos de programas\Iminent\Iminent.exe] Valor Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Arquivos de programas\Iminent\Iminent.Messengers.exe] Chave Deletedo : HKLM\SOFTWARE\e55dadee76ee542 Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11} Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC} Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301} Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08} Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command Chave Deletedo : HKCU\Software\APN PIP Chave Deletedo : HKCU\Software\BabSolution Chave Deletedo : HKCU\Software\DataMngr [#] Chave Deletedo : HKCU\Software\DataMngr_Toolbar Chave Deletedo : HKCU\Software\Delta Chave Deletedo : HKCU\Software\Iminent Chave Deletedo : HKCU\Software\InstallCore Chave Deletedo : HKCU\Software\lyrixeeker Chave Deletedo : HKCU\Software\Softonic Chave Deletedo : HKLM\Software\DataMngr Chave Deletedo : HKLM\Software\Delta Chave Deletedo : HKLM\Software\delta-homesSoftware Chave Deletedo : HKLM\Software\eSafeSecControl Chave Deletedo : HKLM\Software\Iminent Chave Deletedo : HKLM\Software\portaldositesSoftware Chave Deletedo : HKLM\Software\Umbrella Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{118D6CE9-5F18-42F9-958A-14676A629FDE} Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WSysControl Produto Deletada : Iminent ***** [ Navegadores ] ***** -\\ Internet Explorer v8.0.6001.18702 Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [bProtectTabs] -\\ Mozilla Firefox v24.0 (pt-BR) [ Arquivo : C:\Documents and Settings\Matheus\Dados de aplicativos\Mozilla\Firefox\Profiles\8m3g6blq.default-1364515124250\prefs.js ] Linha deletada : user_pref("browser.newtab.url", "hxxp://www.delta-homes.com/newtab/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=nt&from=newgdp&uid=WDCXWD1600BEVT-22ZCT0_WD-WX30A697434874348&ts=1380224[...] Linha deletada : user_pref("browser.search.selectedEngine", "delta-homes"); Linha deletada : user_pref("extensions.delta.admin", false); Linha deletada : user_pref("extensions.delta.aflt", "babsst"); Linha deletada : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); Linha deletada : user_pref("extensions.delta.autoRvrt", "false"); Linha deletada : user_pref("extensions.delta.dfltLng", "pt"); Linha deletada : user_pref("extensions.delta.excTlbr", false); Linha deletada : user_pref("extensions.delta.ffxUnstlRst", true); Linha deletada : user_pref("extensions.delta.id", "ec47cb9300000000000000265e51bb8c"); Linha deletada : user_pref("extensions.delta.instlDay", "15949"); Linha deletada : user_pref("extensions.delta.instlRef", "sst"); Linha deletada : user_pref("extensions.delta.newTab", false); Linha deletada : user_pref("extensions.delta.prdct", "delta"); Linha deletada : user_pref("extensions.delta.prtnrId", "delta"); Linha deletada : user_pref("extensions.delta.rvrt", "false"); Linha deletada : user_pref("extensions.delta.smplGrp", "none"); Linha deletada : user_pref("extensions.delta.tlbrId", "base"); Linha deletada : user_pref("extensions.delta.tlbrSrchUrl", ""); Linha deletada : user_pref("extensions.delta.vrsn", "1.8.24.6"); Linha deletada : user_pref("extensions.delta.vrsnTs", "1.8.24.617:38:54"); Linha deletada : user_pref("extensions.delta.vrsni", "1.8.24.6"); Linha deletada : user_pref("extensions.delta_i.babExt", ""); Linha deletada : user_pref("extensions.delta_i.babTrack", "affID=121225&tt=280813_dt&tsp=4992"); Linha deletada : user_pref("extensions.delta_i.srcExt", "ss"); -\\ Google Chrome v30.0.1599.69 [ Arquivo : C:\Documents and Settings\Matheus\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\preferences ] Deletedo : homepage Deletedo : search_url Deletedo : keyword Deletedo : urls_to_restore_on_startup ************************* AdwCleaner[R0].txt - [26509 octets] - [06/10/2013 17:37:43] AdwCleaner[S0].txt - [23048 octets] - [06/10/2013 17:39:34] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [23109 octets] ########## E o segundo, vou anexar. EDIT: Olha só, este primeiro programa ai, deletou o aplicativo IMinent do firefox, hehe, valeu, eu só consegui neutralizar este programa chato, mas não excluir de vez, agora parece que deu tudo certo. JRT.txt