danilo85

Membro
  • Content count

    72
  • Joined

  • Last visited

Community Reputation

0 Neutral

About danilo85

  • Rank
    Membro

Contact Methods

  • ICQ
    0
  1. Caro joseMelo, Após o scan do Kaspersky, não houve arquivo detectados com vírus.
  2. Caro JoseMelo, segue o recomendado: All processes killed ========== OTL ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A033B659-6AFB-4D25-9E0B-E54539B5225A} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A033B659-6AFB-4D25-9E0B-E54539B5225A}\ not found. C:\autoexec.bat moved successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4b6508fe-2a4d-11e0-93f1-0025d38d275e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4b6508fe-2a4d-11e0-93f1-0025d38d275e}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4b6508fe-2a4d-11e0-93f1-0025d38d275e}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4b6508fe-2a4d-11e0-93f1-0025d38d275e}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5f3c7276-dc8f-11e0-aeed-0090f590c2e4}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5f3c7276-dc8f-11e0-aeed-0090f590c2e4}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5f3c7276-dc8f-11e0-aeed-0090f590c2e4}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5f3c7276-dc8f-11e0-aeed-0090f590c2e4}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5f3c7287-dc8f-11e0-aeed-0090f590c2e4}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5f3c7287-dc8f-11e0-aeed-0090f590c2e4}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5f3c7287-dc8f-11e0-aeed-0090f590c2e4}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5f3c7287-dc8f-11e0-aeed-0090f590c2e4}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5f3c72c0-dc8f-11e0-aeed-0090f590c2e4}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5f3c72c0-dc8f-11e0-aeed-0090f590c2e4}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5f3c72c0-dc8f-11e0-aeed-0090f590c2e4}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5f3c72c0-dc8f-11e0-aeed-0090f590c2e4}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a3e44ae8-a10f-11e0-8ad8-0090f590c2e4}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a3e44ae8-a10f-11e0-8ad8-0090f590c2e4}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a3e44ae8-a10f-11e0-8ad8-0090f590c2e4}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a3e44ae8-a10f-11e0-8ad8-0090f590c2e4}\ not found. File F:\iStudio.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b6966696-28ef-11e0-9875-0025d38d275e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b6966696-28ef-11e0-9875-0025d38d275e}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b6966696-28ef-11e0-9875-0025d38d275e}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b6966696-28ef-11e0-9875-0025d38d275e}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b69666a9-28ef-11e0-9875-0025d38d275e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b69666a9-28ef-11e0-9875-0025d38d275e}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b69666a9-28ef-11e0-9875-0025d38d275e}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b69666a9-28ef-11e0-9875-0025d38d275e}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b7b8b32c-e7d5-11e0-ae22-0090f590c2e4}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b7b8b32c-e7d5-11e0-ae22-0090f590c2e4}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b7b8b32c-e7d5-11e0-ae22-0090f590c2e4}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b7b8b32c-e7d5-11e0-ae22-0090f590c2e4}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bba80e26-8d96-11e2-9f3c-0090f590c2e4}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bba80e26-8d96-11e2-9f3c-0090f590c2e4}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bba80e26-8d96-11e2-9f3c-0090f590c2e4}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bba80e26-8d96-11e2-9f3c-0090f590c2e4}\ not found. File G:\LaunchU3.exe -a not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dea37a35-4c62-11e0-b09a-0090f590c2e4}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dea37a35-4c62-11e0-b09a-0090f590c2e4}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dea37a35-4c62-11e0-b09a-0090f590c2e4}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dea37a35-4c62-11e0-b09a-0090f590c2e4}\ not found. File F:\setup.exe -a not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e2185db2-eb8b-11e0-8ab5-0090f590c2e4}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e2185db2-eb8b-11e0-8ab5-0090f590c2e4}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e2185db2-eb8b-11e0-8ab5-0090f590c2e4}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e2185db2-eb8b-11e0-8ab5-0090f590c2e4}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found. File F:\AutoRun.exe not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpFolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MP3 Rocket (Minimized).lnk\ deleted successfully. C:\Windows\pss\MP3 Rocket (Minimized).lnk.CommonStartup moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpFolder\C:^Users^Flavia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk\ deleted successfully. C:\Windows\pss\Dropbox.lnk.Startup moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Adobe ARM\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\ares\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Facebook Update\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Google Update\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\LanguageShortcut\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\RegistryBooster\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\RemoteControl\ deleted successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\ deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\"DefaultConnectionSettings"|hex:3c,00,00,00,15,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,50,b1,0a,41,70,27,c9,01,01,00,00,00,c0,a8,83,41,00,00,00,00,00,00,00,00 /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\"SavedLegacySettings"|hex:3c,00,00,00,e6,01,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,50,b1,0a,41,70,27,c9,01,01,00,00,00,c0,a8,83,41,00,00,00,00,00,00,00,00 /E : value set successfully! ========== FILES ========== ========== COMMANDS ========== [EMPTYJAVA] User: All Users User: Convidado ->Java cache emptied: 0 bytes User: Default User: Default User User: Desktop User: Flavia ->Java cache emptied: 0 bytes User: Public User: Todos os Usuários User: Usuário Padrão Total Java Files Cleaned = 0,00 mb [EMPTYTEMP] User: All Users User: Convidado ->Temp folder emptied: 1091492433 bytes ->Temporary Internet Files folder emptied: 91214090 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 699858129 bytes ->Flash cache emptied: 71597 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 56475 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Desktop User: Flavia ->Temp folder emptied: 77137518 bytes ->Temporary Internet Files folder emptied: 10242555 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 70195464 bytes ->Google Chrome cache emptied: 33831055 bytes ->Flash cache emptied: 3184470 bytes User: Public User: Todos os Usuários User: Usuário Padrão ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 17889 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 6681 bytes RecycleBin emptied: 31745122 bytes Total Files Cleaned = 2.011,00 mb [EMPTYFLASH] User: All Users User: Convidado ->Flash cache emptied: 0 bytes User: Default ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: Desktop User: Flavia ->Flash cache emptied: 0 bytes User: Public User: Todos os Usuários User: Usuário Padrão ->Flash cache emptied: 0 bytes Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 03172014_195031 Files\Folders moved on Reboot... PendingFileRenameOperations files... Registry entries deleted on Reboot... hijackthis.log
  3. Caro JoseMelo, segue em anexo o log OLT. OTL.Txt
  4. Prezado JoseMelo, segue os logs # AdwCleaner v3.022 - Relatório criado 14/03/2014 às 16:50:52 # Atualizado 13/03/2014 por Xplode # Sistema Operacional : Windows 7 Ultimate (32 bits) # Usuário : Flavia - FLAVIA-PC # Executando de : C:\Users\Flavia\Desktop\AdwCleaner.exe # Opção : Limpar ***** [ Serviços ] ***** ***** [ Arquivos / Pastas ] ***** Pasta Deletada : C:\ProgramData\apn Pasta Deletada : C:\ProgramData\Babylon Pasta Deletada : C:\ProgramData\boost_interprocess Pasta Deletada : C:\ProgramData\Iminent Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent Pasta Deletada : C:\Program Files\Ask.com Pasta Deletada : C:\Program Files\Iminent Pasta Deletada : C:\Program Files\Optimizer Pro Pasta Deletada : C:\Users\Flavia\AppData\Local\lollipop Pasta Deletada : C:\Users\Flavia\AppData\Local\OpenCandy Pasta Deletada : C:\Users\Flavia\AppData\LocalLow\PriceGong Pasta Deletada : C:\Users\Flavia\AppData\LocalLow\Toolbar4 Pasta Deletada : C:\Users\Flavia\AppData\Roaming\Ask.com Pasta Deletada : C:\Users\Flavia\AppData\Roaming\Babylon Pasta Deletada : C:\Users\Flavia\AppData\Roaming\baidu Pasta Deletada : C:\Users\Flavia\AppData\Roaming\OpenCandy Pasta Deletada : C:\Users\Flavia\AppData\Roaming\uniblue Pasta Deletada : C:\Users\Flavia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop Pasta Deletada : C:\Users\Flavia\Documents\Optimizer Pro Pasta Deletada : C:\Users\Convidado\AppData\Local\AskToolbar Pasta Deletada : C:\Users\Convidado\AppData\Local\Temp\apn Pasta Deletada : C:\Users\Convidado\AppData\LocalLow\Conduit Pasta Deletada : C:\Users\Convidado\AppData\LocalLow\ConduitEngine Pasta Deletada : C:\Users\Convidado\AppData\LocalLow\PriceGong Pasta Deletada : C:\Users\Convidado\AppData\LocalLow\searchresultstb Arquivo Deletada : C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\zcrzgd2l.default\searchplugins\ask-search.xml Arquivo Deletada : C:\Users\Convidado\AppData\Roaming\Mozilla\Firefox\Profiles\w2ep3327.default\searchplugins\ask-search.xml Arquivo Deletada : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml Arquivo Deletada : C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\zcrzgd2l.default\searchplugins\browsemngr.xml Arquivo Deletada : C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\zcrzgd2l.default\searchplugins\SearchTheWeb.xml Arquivo Deletada : C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\zcrzgd2l.default\user.js ***** [ Atalhos ] ***** ***** [ Registro ] ***** Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph Chave Deletedo : HKCU\Software\Classes\Applications\lollipop.exe Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\Iminent.MMServer.EXE Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.DLL Chave Deletedo : HKLM\SOFTWARE\Classes\Conduit.Engine Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Business.TinyUrl.TinyfyingArgs.DownloadArgs Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Business.TinyUrl.TinyfyingArgs.LinkToPromoteArgs Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Business.TinyUrl.TinyfyingArgs.RawDataArgs Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Business.TinyUrl.TinyfyingArgs.TinyUrlArgs Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Business.TinyUrl.TinyfyingArgs.ViralLinkArgs Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Business.TinyUrl.UrlTinyfier Chave Deletedo : HKLM\SOFTWARE\Classes\IminentMMServer.ACPlayer Chave Deletedo : HKLM\SOFTWARE\Classes\IminentMMServer.ACPlayer.1 Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandle.1 Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandler Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1 Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1 Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1 Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.Web2IMBHandler Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.Web2IMBHandler.1 Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap Chave Deletedo : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IMBooster Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32 Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32 Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32 Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32 Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32 Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32 Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32 Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32 Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS Chave Deletedo : HKCU\Software\f6dcdae73ee940 Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar.CT2582599 Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_ares_RASAPI32 Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_ares_RASMANCS Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_windows-live-movie-maker[1]_RASAPI32 Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_windows-live-movie-maker[1]_RASMANCS Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11} Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{13C8734A-1AD2-4500-9F65-10D99AD80F54} Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{01BB6254-5E89-4C53-BEF1-4D1656B09B86} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{8E948448-E97B-4864-8177-546200709672} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{913FAA37-8CDB-4144-9047-E2A950CD967E} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A93B530D-2B18-48C7-9F3C-281679403372} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{913FAA37-8CDB-4144-9047-E2A950CD967E} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113} Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36} Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{425F621C-217C-40AD-B22F-4EFCFF452800} Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC} Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB} Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC} Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58124A0B-DC32-4180-9BFF-E0E21AE34026} Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84FF7BD6-B47F-46F8-9130-01B2696B36CB} Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{977AE9CC-AF83-45E8-9E03-E2798216E2D5} Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026} Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5} Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08} Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}] Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}] Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}] Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}] Chave Deletedo : HKCU\Software\BabylonToolbar Chave Deletedo : HKCU\Software\DataMngr Chave Deletedo : HKCU\Software\Iminent Chave Deletedo : HKCU\Software\InstallCore Chave Deletedo : HKCU\Software\lollipop Chave Deletedo : HKCU\Software\Softonic Chave Deletedo : HKCU\Software\YahooPartnerToolbar Chave Deletedo : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Chave Deletedo : HKCU\Software\AppDataLow\Software\PriceGong Chave Deletedo : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F} Chave Deletedo : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Chave Deletedo : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C} Chave Deletedo : HKLM\Software\Babylon Chave Deletedo : HKLM\Software\DataMngr Chave Deletedo : HKLM\Software\Iminent Chave Deletedo : HKLM\Software\Uniblue Chave Deletedo : HKLM\Software\Vittalia Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5 Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4 Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F7C80F9CE5CDF44E9AADDC99402534C Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\206AF45B775E3A445B3B2273827DA85F Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\225C3CBCEB850204D860A6C7CC7724AF Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375 Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29C79786B109AC443B0DC7BFD61B1896 Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3DA5F64B3483DE549947A9164ACBAD21 Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4FEEA83BF72B97E43A2DF0EE4BE4F261 Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\509EC7EFB89B7D942997574AB14037A4 Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60ECC80C54085B141A40437A96CA2618 Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6241FF6F317CABD4EBBEE0DE9076BD94 Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\90841B1FC98200349925C88999866F17 Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A4223BBC9438CAD49BBE10B4E344B1DD Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B752EF3300008394886C402CC27B474F Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA360F24F0B214744BE40657FDA0B727 Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5389AEEA4A1E20428D045E86BCF643B Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDA2534BD056D1F44B6EC96AAA7F1F6E Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DEF7558C7CD27EF46AF802AFBE402675 Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E05B987540A9E2849AAF9E5B06C27DA8 Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EEB44C47185BD304D80FDF5A4BBE8F54 Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F214EB834D2EC474CA76C1CDE306CF3A Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F6704141BAAF6884785EC6843143D6A7 Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7 Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A ***** [ Navegadores ] ***** -\\ Internet Explorer v0.0.0.0 Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [start Page] -\\ Mozilla Firefox v [ Arquivo : C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\zcrzgd2l.default\prefs.js ] Linha deletada : user_pref("browser.startup.homepage", "hxxp://www.search.ask.com/?tpid=ATU4-V7C&o=APN11391&pf=V7&trgb=CR&p2=%5EBAY%5EYYYYYY%5EYY%5EBR&gct=hp&apn_ptnrs=%5EBAY&apn_dtid=%5EYYYYYY%5EYY%5EBR&apn_dbr=ff_14[...] Linha deletada : user_pref("extensions.BabylonToolbar.admin", false); Linha deletada : user_pref("extensions.BabylonToolbar.aflt", "babsst"); Linha deletada : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"); Linha deletada : user_pref("extensions.BabylonToolbar.dfltLng", "en"); Linha deletada : user_pref("extensions.BabylonToolbar.excTlbr", false); Linha deletada : user_pref("extensions.BabylonToolbar.id", "d023c2510000000000000025d38d275e"); Linha deletada : user_pref("extensions.BabylonToolbar.instlDay", "15661"); Linha deletada : user_pref("extensions.BabylonToolbar.instlRef", "sst"); Linha deletada : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); Linha deletada : user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); Linha deletada : user_pref("extensions.BabylonToolbar.tlbrId", "tb9"); Linha deletada : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=d023c2510000000000000025d38d275e&q="); Linha deletada : user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8"); Linha deletada : user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8"); Linha deletada : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Linha deletada : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.815:24:38"); [ Arquivo : C:\Users\Convidado\AppData\Roaming\Mozilla\Firefox\Profiles\w2ep3327.default\prefs.js ] Linha deletada : user_pref("browser.startup.homepage", "hxxp://www.search.ask.com/?tpid=ATU4-V7C&o=APN11391&pf=V7&trgb=CR&p2=%5EBAY%5EYYYYYY%5EYY%5EBR&gct=hp&apn_ptnrs=%5EBAY&apn_dtid=%5EYYYYYY%5EYY%5EBR&apn_dbr=ff_14[...] Linha deletada : user_pref("extensions.APN_TB.first-previous-keyword-url", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=MP3R7&o=15863&locale=pt_BR&apn_uid=c8030e97-14be-4746-acea-520f66efebb6&apn_ptnrs=RV&ap[...] Linha deletada : user_pref("extensions.ATU4-V7C.previous-keyword-url", "\"hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=MP3R7&o=15863&locale=pt_BR&apn_uid=c8030e97-14be-4746-acea-520f66efebb6&apn_ptnrs=RV&apn_[...] Linha deletada : user_pref("extensions.asktb.ff-original-keyword-url", ""); -\\ Google Chrome v33.0.1750.149 [ Arquivo : C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [19566 octets] - [14/03/2014 16:44:36] AdwCleaner[s0].txt - [19033 octets] - [14/03/2014 16:50:52] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [19094 octets] ### ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.2 (02.20.2014:1) OS: Windows 7 Ultimate x86 Ran by Flavia on 14/03/2014 at 16:58:21,12 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2337375330-3064119771-3097226138-1000\Software\sweetim ~~~ Files ~~~ Folders Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Versão da Base de Dados: v2014.03.14.07 Windows 7 x86 NTFS Internet Explorer 8.0.7600.16385 Flavia :: FLAVIA-PC [administrador] 14/03/2014 17:07:37 mbam-log-2014-03-14 (17-07-37).txt Tipo de Verificação: Verificação Completa (C:\|D:\|E:\|) Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM Opções de verificação desativadas: P2P Objetos escaneados: 350502 Tempo decorrido: 1 hora(s), 36 minuto(s), 3 segundo(s) Processos de Memória Detectados: 0 (Não foram detectados ítens maliciosos) Módulos de Memória Detectados: 0 (Não foram detectados ítens maliciosos) Chaves de Registro Detectadas: 0 (Não foram detectados ítens maliciosos) Valores de Registro Detectadas: 0 (Não foram detectados ítens maliciosos) Itens de Dados no Registro Detectadas: 0 (Não foram detectados ítens maliciosos) Pastas Detectadas: 0 (Não foram detectados ítens maliciosos) Arquivos Detectados: 3 C:\AdwCleaner\Quarantine\C\Users\Flavia\AppData\Roaming\OpenCandy\OpenCandy_BCE4A20DCF0644EA98532654E46188B7\LatestDLMgr.exe.vir (PUP.Optional.OpenCandy) -> Enviado para a Quarentena e deletado com sucesso. C:\Users\Flavia\Downloads\SoftonicDownloader_para_ares.exe (PUP.Optional.Softonic) -> Enviado para a Quarentena e deletado com sucesso. C:\Users\Flavia\Downloads\aTubeCatcher.exe (PUP.Optional.Spigot.A) -> Enviado para a Quarentena e deletado com sucesso. (fim) hijackthis.log
  5. Prezado,, Por favor, acho que meu notebook está infectado, está muito lento. Gostaria que examinassem meu log. Obrigado. hijackthis.log MbrScan.log FSS.txt
  6. Prezado Josemelo, Ao seguir o passo -a passo, não foi detectado nenhum ameaça.
  7. Segue o recomendado: # AdwCleaner v3.014 - Relatório criado 07/12/2013 às 17:46:34 # Atualizado 01/12/2013 por Xplode # Sistema Operacional : Windows 7 Ultimate (32 bits) # Usuário : Win7 - WIN7-PC # Executando de : C:\Users\Win7\Desktop\adwcleaner.exe # Opção : Limpar ***** [ Serviços ] ***** ***** [ Arquivos / Pastas ] ***** Pasta Deletada : C:\ProgramData\apn Pasta Deletada : C:\ProgramData\Babylon Pasta Deletada : C:\ProgramData\boost_interprocess Pasta Deletada : C:\ProgramData\Premium Pasta Deletada : C:\ProgramData\Tarma Installer Pasta Deletada : C:\ProgramData\Bcool Pasta Deletada : C:\Program Files\baidu Pasta Deletada : C:\Users\Win7\AppData\Local\apn Pasta Deletada : C:\Users\Win7\AppData\Local\EoRezo Pasta Deletada : C:\Users\Win7\AppData\Local\Temp\apn Pasta Deletada : C:\Users\Win7\AppData\LocalLow\Bcool Pasta Deletada : C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljnflplflpgkehghaphfaagadibkpcjp Arquivo Deletada : C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\gka1xn6m.default\user.js Arquivo Deletada : C:\Windows\System32\Tasks\Dealply ***** [ Atalhos ] ***** ***** [ Registro ] ***** Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ljnflplflpgkehghaphfaagadibkpcjp [#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EAB31596-FCED-450B-9B76-B920D4A1AE41} [#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EAB31596-FCED-450B-9B76-B920D4A1AE41} Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escort.DLL Chave Deletedo : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr Chave Deletedo : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1 Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32 Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32 Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32 Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32 Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777} Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Chave Deletedo : HKCU\Software\APN PIP Chave Deletedo : HKCU\Software\InstallCore Chave Deletedo : HKCU\Software\Tutorials Chave Deletedo : HKCU\Software\TutoTag Chave Deletedo : HKCU\Software\AppDataLow\Software\findlyrics Chave Deletedo : HKLM\Software\Babylon Chave Deletedo : HKLM\Software\Tarma Installer Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4 ***** [ Navegadores ] ***** -\\ Internet Explorer v9.0.8112.16421 -\\ Mozilla Firefox v25.0.1 (pt-BR) [ Arquivo : C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\gka1xn6m.default\prefs.js ] -\\ Google Chrome v31.0.1650.63 [ Arquivo : C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [4153 octets] - [07/12/2013 17:44:16] AdwCleaner[s0].txt - [4038 octets] - [07/12/2013 17:46:34] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [4098 octets] ########## Malwarebytes Anti-Malware (Trial) 1.75.0.1300 www.malwarebytes.org Versão da Base de Dados: v2013.12.07.07 Windows 7 x86 NTFS Internet Explorer 9.0.8112.16421 Win7 :: WIN7-PC [administrador] Proteção: Permitir 07/12/2013 17:55:36 mbam-log-2013-12-07 (17-55-36).txt Tipo de Verificação: Verificação Completa (C:\|) Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM Opções de verificação desativadas: P2P Objetos escaneados: 326499 Tempo decorrido: 43 minuto(s), 9 segundo(s) Processos de Memória Detectados: 0 (Não foram detectados ítens maliciosos) Módulos de Memória Detectados: 0 (Não foram detectados ítens maliciosos) Chaves de Registro Detectadas: 0 (Não foram detectados ítens maliciosos) Valores de Registro Detectadas: 0 (Não foram detectados ítens maliciosos) Itens de Dados no Registro Detectadas: 0 (Não foram detectados ítens maliciosos) Pastas Detectadas: 0 (Não foram detectados ítens maliciosos) Arquivos Detectados: 6 C:\Users\Win7\AppData\Local\Temp\nskBA27.tmp\AskInstaller.exe (PUP.Optional.Spigot.A) -> Enviado para a Quarentena e deletado com sucesso. C:\Users\Win7\AppData\Local\Temp\nsm3585.tmp\AskInstaller.exe (PUP.Optional.Spigot.A) -> Enviado para a Quarentena e deletado com sucesso. C:\Users\Win7\AppData\Local\Temp\nsvA96C.tmp\AskInstaller.exe (PUP.Optional.Spigot.A) -> Enviado para a Quarentena e deletado com sucesso. C:\Users\Win7\Downloads\mp3rocket.exe (PUP.Optional.Spigot.A) -> Enviado para a Quarentena e deletado com sucesso. C:\$Recycle.Bin\S-1-5-21-3417436424-1718255568-72345594-1000\$R9678YT.exe (PUP.Optional.Spigot.A) -> Enviado para a Quarentena e deletado com sucesso. C:\ProgramData\OptimizerPro\updater.exe (Trojan.Dropper.H) -> Enviado para a Quarentena e deletado com sucesso. (fim) hijackthis.log
  8. Caro joseMelo, segue o log da OTL e em anexo, um novo log do hijackthis. Obrigado. All processes killed ========== OTL ========== HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tuto4pc_br_31 deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Win71 deleted successfully. File move failed. C:\Windows\System32\regsvr32.exe scheduled to be moved on reboot. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Win72 deleted successfully. File move failed. C:\Windows\System32\regsvr32.exe scheduled to be moved on reboot. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Win73 deleted successfully. File move failed. C:\Windows\System32\regsvr32.exe scheduled to be moved on reboot. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Win74 deleted successfully. File move failed. C:\Windows\System32\regsvr32.exe scheduled to be moved on reboot. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Win75 deleted successfully. File move failed. C:\Windows\System32\regsvr32.exe scheduled to be moved on reboot. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Adobe ARM\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\NeroFilterCheck\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\SunJavaUpdateSched\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\tuto4pc_br_31\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Yontoo Desktop\ deleted successfully. C:\Users\Win7\AppData\Roaming\Win72.jpg moved successfully. C:\Users\Win7\AppData\Roaming\Babylon folder moved successfully. C:\Users\Win7\AppData\Roaming\DealPly\UpdateProc folder moved successfully. C:\Users\Win7\AppData\Roaming\DealPly folder moved successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== ========== COMMANDS ========== [EMPTYJAVA] User: All Users User: Default User: Default User User: Public User: Todos os Usuários User: Usuário Padrão User: Win7 ->Java cache emptied: 1276599 bytes Total Java Files Cleaned = 1,00 mb [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: Todos os Usuários User: Usuário Padrão ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Win7 ->Temp folder emptied: 1006205593 bytes ->Temporary Internet Files folder emptied: 356571837 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 52698194 bytes ->Google Chrome cache emptied: 80921438 bytes ->Flash cache emptied: 22604 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 235233815 bytes RecycleBin emptied: 1169145 bytes Total Files Cleaned = 1.653,00 mb [EMPTYFLASH] User: All Users User: Default User: Default User User: Public User: Todos os Usuários User: Usuário Padrão User: Win7 ->Flash cache emptied: 0 bytes Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 12042013_193525 Files\Folders moved on Reboot... File move failed. C:\Windows\System32\regsvr32.exe scheduled to be moved on reboot. File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot. PendingFileRenameOperations files... Registry entries deleted on Reboot... hijackthis.log
  9. Caro JoseMelo, Segue o log recomendado. Obrigado. OTL.Txt
  10. Caro JoséMelo, Segue os logs. Obrigado. hijackthis.log MbrScan.log FSS.txt
  11. Caros Amigos, Ao iniciar o meu pc aparece a seguinte msg: Talvez o módulo C:\Users\win7\AppData\Roaming\Win72.jpg não seja compatível com a versão do windows que vocês esta´executando. Verifique se ele é compatível com uma versao x86 (32bits) ou x64 do arquivo regsvr32.exe . Também estou achando ele bastante lento. Por favor, examinem meu log em anexo. Obrigado. hijackthis.log
  12. Prezados, Tenho um Sony Xperia U e há pouco tempo apareceu uma fina linha branca acima do centro do visor e qualquer coisa que eu abro, aperce esta linha. O que poderá ser? será configuração (mas já fui em todas as configurações e não dá certo) ou problema no no aparelho? Me ajudem. Obrigado
  13. Prezados, Tô com um probleminha na minha conta do facebook. Eu fiz um conta pessoal do facebook pra divulgar e fazer propaganda da minha empresa, com uma semana de uso e já com vários contatos adicionado, bloqueou e surgiu o seguinte problema Converta essa conta pessoal em uma página. Contas pessoais são para o uso individual. Manter uma conta para algo que não seja uma pessoa é uma violação dos termos do Facebook Gostaria que me tirassem estas dúvidas. 1ª Por qual motivo o facebook bloqueou temporariamente minha conta? 2ª Ao tentar converter em página, sempre dá erro do próprio sistema do facebook. 3ª Tem como desbloquear ou outra alternativa que desbloquei a conta do facebook? Obrigado!
  14. Caro Killer, Primeiramente quero agradecê-lo por sua atenção e dedicação para a resolução do meu problema, sei o quanto este forum leva com seriedade os problemas de informática. A última dica que você me deu, não cheguei a conclui-lo, pois já estava em 54 % com 4h:30 de duração sem nenhuma ameaça detectada e cancelei em seguida. Então decidir que vou formatar o computador (Isso não queria devido a custos extras) , mas esta vai ser a solução definitivas, espero, para retornar o rendimento que era antes. Obrigado.
  15. Killer, Respondendo as perguntas. 1. aqueles pontos de interrogação apareceram todos no log. 2. ao abrir o program RootRepeal aparece a seguinte mensagem FOPS- DiviseIOControl Error! Erro code = 0x0000024 Extedend info. Quando selecionei a opçãp "file" e selecionei o drive "C" apareceu também a seguinte mensagem: Could not initialize drive!. Please Contact the author. Obrigado.