jemafase

Vírus do facebook que bloqueia antivírus

31 posts neste tópico

Olá! Este é meu primeiro post, e estou recorrendo a vocês porque sinceramente já não sei mais o que fazer...

Há mais ou menos uma semana eu caí na burrada de dar OK numa solicitação no Facebook quando fui assistir ao vídeo da Amanda Todd, aquela menina que se matou nos EUA por causa de bullying no ano passado. Pois bem, depois que eu fiz isso, meu perfil no Facebook começou a enviar adware pra toda a minha lista de amigos, além de, fora do FB, ficar aparecendo umas barrinhas chatas na parte inferior do navegador (qualquer que seja, IE, Firefox ou Chrome) com "links patrocinados". Já deletei o arquivo .exe que foi baixado (alguma coisa do tipo "Fbupdate"), não tem nenhuma extensão instalada nos navegadores, e o próprio site do FB já me avisou que eu estava com malware e tentou resolver, mas não deu certo.

Tentei fazer um scan com o Avast, e ele travou. Tentei fazer um scan com o Advanced System Care, e ele travou. Tentei escanear com o Iobit Malware Fighter, e ele também travou. Tentei escanear com o Malwarebytes, e, adivinhem!, ele também travou. Quando eu digo "travou", não me refiro só aos programas, mas a todo o sistema, do tipo só conseguir desligar o note tirando a bateria (nem precisam dizer o quanto isso é desaconselhável...). Ou seja, qualquer programa que eu rode e faça um scan a procura de malwares trava o sistema...

Aguardo a ajuda de alguém... Segue abaixo o log do Hijakc This. A propósito, quando eu rodo o Hijack This, antes de terminar o scan aparece a seguinte mensagem: "For some reason your system denied write access to the Hosts file. If any hijacked domains are in this file, Hijack This may NOT be able to fix this."

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 13:00:23, on 14/04/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16476)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe

C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe

C:\Users\Jean\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: HomeTab - {88a0fea2-5b93-4a13-bd60-054d1d796545} - C:\Users\Jean\AppData\Roaming\HomeTab\HomeTab.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Samsung BHO Helper - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll

O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O3 - Toolbar: HomeTab - {88a0fea2-5b93-4a13-bd60-054d1d796545} - C:\Users\Jean\AppData\Roaming\HomeTab\HomeTab.dll

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [iObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart (User 'SISTEMA')

O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart (User 'Default user')

O8 - Extra context menu item: Enviar imagem para Dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Enviar página para Dispositivo &Bluetooth ... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll

O9 - Extra button: (no name) - {b89c9471-7756-4406-b7bb-b6915e8e55dd} - C:\Users\Jean\AppData\Roaming\HomeTab\HomeTab.dll

O9 - Extra button: Enviar para Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: Enviar para Dispositivo &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

O23 - Service: CyberLink Product - 2011/07/28 20:02:17 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: Baidu PC Faster Service 1.18.0.22 (PCFasterSvc_{PCFaster_1.18.0.22}) - Baidu Inc. - C:\Program Files (x86)\Baidu Security\PC Faster\1.18.0.22\PCFasterSvc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: Samsung UPD Service - Unknown owner - C:\windows\System32\SUPDSvc.exe (file missing)

O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)

O23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)

--

End of file - 11065 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

jemafase,

NÃO tente realizar sozinho nenhum procedimento de limpeza. Em especial, não execute por conta própria ferramentas utilizadas no fórum Remoção de Malware. O uso indevido de algumas ferramentas poderá danificar o seu computador ou, no mínimo, remover parcialmente os sinais de uma infecção que serviriam de informação ao analista. A equipe não será responsabilizada por consequências resultantes de uso indevido e/ou não-informado das ferramentas. - Regra nº8 da Remoção de Malwares

Poste um novo log do Hijackthis.

Por favor, observe o seguinte:

  • Não utilize softwares que não foram indicado.
  • Não inicie novo tópico sobre esse problema. Poste suas respostas sempre neste tópico.
  • Clique em Seguir este tópico, segutpld.png,
    para que receba notificação por e-mail quando o mesmo for respondido.
    Você também pode verificar os tópicos assinados usando a opção Conteúdo que sigo acessível através do Painel de Controle do fórum.
  • As análises podem levar algum tempo, portanto seja paciente.
  • As instruções são específicas para o seu computador, e devem ser aplicadas somente nele.
  • Se algo der errado, não importa. Sempre acompanhe seu tópico, informando-me dos resultados, até que seu computador esteja limpo.
  • Aviso: Evite utilizar as tags <QUOTE> ou <CODE> nos logs, isso prejudica a leitura na hora da analise.
  • Por favor, não abandone seu tópico. Para nós é importante saber se a remoção foi bem sucedida.
  • Se você não receber uma resposta minha em até 5 dias. Me envie uma Mensagem Privada (MP)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Valeu, pelas instruções, Ciro!!! Como pedido, aí vai um novo log do Hijack This, com a observação de que a mensagem que eu relatei acima continua aparecendo:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 16:14:15, on 14/04/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16476)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe

C:\Program Files (x86)\Houaiss3\Houaiss3.exe

C:\Program Files (x86)\LibreOffice 3.6\program\swriter.exe

C:\Program Files (x86)\LibreOffice 3.6\program\soffice.exe

C:\Program Files (x86)\LibreOffice 3.6\program\soffice.bin

C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearch.exe

C:\PROGRA~2\COPERN~1\DESKTO~4.EXE

C:\Users\Jean\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: HomeTab - {88a0fea2-5b93-4a13-bd60-054d1d796545} - C:\Users\Jean\AppData\Roaming\HomeTab\HomeTab.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Samsung BHO Helper - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll

O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O3 - Toolbar: HomeTab - {88a0fea2-5b93-4a13-bd60-054d1d796545} - C:\Users\Jean\AppData\Roaming\HomeTab\HomeTab.dll

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [iObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart (User 'SISTEMA')

O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart (User 'Default user')

O8 - Extra context menu item: Enviar imagem para Dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Enviar página para Dispositivo &Bluetooth ... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll

O9 - Extra button: (no name) - {b89c9471-7756-4406-b7bb-b6915e8e55dd} - C:\Users\Jean\AppData\Roaming\HomeTab\HomeTab.dll

O9 - Extra button: Enviar para Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: Enviar para Dispositivo &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

O23 - Service: CyberLink Product - 2011/07/28 20:02:17 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: Baidu PC Faster Service 1.18.0.22 (PCFasterSvc_{PCFaster_1.18.0.22}) - Baidu Inc. - C:\Program Files (x86)\Baidu Security\PC Faster\1.18.0.22\PCFasterSvc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: Samsung UPD Service - Unknown owner - C:\windows\System32\SUPDSvc.exe (file missing)

O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)

O23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)

--

End of file - 11196 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

jemafase,

Vá no Facebook, botão Configurações (engrenagem) -> Configurações da Conta -> Aplicativos -> verifique se há algum aplicativo instalado, caso haja remova os desconhecidos ou remova todos.

--------

1)

Faça o download do Farbar Service Scanner, e salve na sua área de trabalho.

http://download.blee.../farbar/FSS.exe

Dê dois cliques no FSS.exe para executá-lo. Marque todas as opções e em seguida clique no botão Scan.

farbar.png

** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo FSS.exe, depois clique em execadmin.png.

Um log ficará salvo na sua área de trabalho, com o nome FSS.txt.

Copie todo o conteúdo desse log e cole na sua próxima resposta.

2)

Baixe o MbrScan.exe e salve no desktop.

http://eric71.geekst...ols/MbrScan.exe

Execute o arquivo MbrScan.exe.

Clique no botão Scan. Ao final do exame clique no botão Report. Abrirá um bloco de notas com o resultado do exame. É salvo no desktop com o nome de MbrScan.log.

*** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo MbrScan.exe, depois clique em execadmin.png.

Selecione, copie e cole o seu conteúdo na próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá, Ciro! Já tinha deletado todos os apps do facebook. O log do FSS é esse que segue:

Farbar Service Scanner Version: 03-03-2013

Ran by Jean (administrator) on 15-04-2013 at 13:10:21

Running from "C:\Users\Jean\Downloads"

Windows 7 Professional Service Pack 1 (X64)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Attempt to access Yahoo IP returned error. Yahoo IP is offline

Yahoo.com is accessible.

Windows Firewall:

=============

Firewall Disabled Policy:

==================

System Restore:

============

System Restore Disabled Policy:

========================

Action Center:

============

Windows Update:

============

Windows Autoupdate Disabled Policy:

============================

Windows Defender:

==============

Other Services:

==============

File Check:

========

C:\Windows\System32\nsisvc.dll => MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit

C:\Windows\System32\dhcpcore.dll => MD5 is legit

C:\Windows\System32\drivers\afd.sys => MD5 is legit

C:\Windows\System32\drivers\tdx.sys => MD5 is legit

C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit

C:\Windows\System32\dnsrslvr.dll => MD5 is legit

C:\Windows\System32\mpssvc.dll => MD5 is legit

C:\Windows\System32\bfe.dll => MD5 is legit

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit

C:\Windows\System32\SDRSVC.dll => MD5 is legit

C:\Windows\System32\vssvc.exe => MD5 is legit

C:\Windows\System32\wscsvc.dll => MD5 is legit

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\System32\wuaueng.dll => MD5 is legit

C:\Windows\System32\qmgr.dll => MD5 is legit

C:\Windows\System32\es.dll => MD5 is legit

C:\Windows\System32\cryptsvc.dll => MD5 is legit

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit

C:\Windows\System32\ipnathlp.dll => MD5 is legit

C:\Windows\System32\iphlpsvc.dll => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

O log do Mbr scan é esse:

MBRScan v1.1.1

OS			 : Windows 7 Service Pack 1 (64 bit)
PROCESSOR	  : Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
BOOT		   : Normal Boot
DATE		   : 2013/04/15 (ISO 8601) at 13:12:43
________________________________________________________________________________

DISK		   : Device\Harddisk0\DR0 __ST1000LM 024 HN-M101M (2AR1)
BUS_TYPE	   : (0x03)  P-ATA
USE_PIO	    : NO
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

Device\Harddisk0\DR0    931.5 Go  [Fixed] ==> Unknown MBR Code ==> PARTITION TABLE FAKED !!

MBR_MD5   : C5F0EAFEC406C7F0C82ACAB31114FAEF
MBR_SHA1  : C0D9C3E991C1ABD43FBE0F2F5BEA119904177E9A

Device\Harddisk0\Partition1    100.0 Mo      0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition2    660.0 Go      0x07 NTFS / HPFS
Device\Harddisk0\Partition3    21.84 Go      0x27 RE Hidden partition
Device\Harddisk0\Partition4    249.6 Go      0x07 NTFS / HPFS
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\windows\system32\hal.dll => Invisible on the disk
ADDRESS : 0x03602000
SIZE    : 292.0 Ko

DRIVER  : C:\windows\system32\kdcom.dll => Invisible on the disk
ADDRESS : 0x00BD0000
SIZE    : 40.0 Ko

DRIVER  : C:\windows\system32\mcupdate_GenuineIntel.dll => Invisible on the disk
ADDRESS : 0x00C10000
SIZE    : 316.0 Ko

DRIVER  : C:\windows\system32\CLFS.SYS => Invisible on the disk
ADDRESS : 0x00C73000
SIZE    : 376.0 Ko

DRIVER  : C:\windows\system32\CI.dll => Invisible on the disk
ADDRESS : 0x00CD1000
SIZE    : 768.0 Ko

DRIVER  : C:\windows\system32\drivers\Wdf01000.sys => Invisible on the disk
ADDRESS : 0x00EF8000
SIZE    : 776.0 Ko

DRIVER  : C:\windows\system32\drivers\WDFLDR.SYS => Invisible on the disk
ADDRESS : 0x00FBA000
SIZE    : 64.0 Ko

DRIVER  : C:\windows\system32\drivers\ACPI.sys => Invisible on the disk
ADDRESS : 0x00E00000
SIZE    : 348.0 Ko

DRIVER  : C:\windows\system32\drivers\WMILIB.SYS => Invisible on the disk
ADDRESS : 0x00E57000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\system32\drivers\msisadrv.sys => Invisible on the disk
ADDRESS : 0x00E60000
SIZE    : 40.0 Ko

DRIVER  : C:\windows\system32\drivers\pci.sys => Invisible on the disk
ADDRESS : 0x00E6A000
SIZE    : 204.0 Ko

DRIVER  : C:\windows\system32\drivers\vdrvroot.sys => Invisible on the disk
ADDRESS : 0x00E9D000
SIZE    : 52.0 Ko

DRIVER  : C:\windows\System32\drivers\partmgr.sys => Invisible on the disk
ADDRESS : 0x00EAA000
SIZE    : 84.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\compbatt.sys => Invisible on the disk
ADDRESS : 0x00EBF000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\BATTC.SYS => Invisible on the disk
ADDRESS : 0x00EC8000
SIZE    : 48.0 Ko

DRIVER  : C:\windows\system32\drivers\volmgr.sys => Invisible on the disk
ADDRESS : 0x00ED4000
SIZE    : 84.0 Ko

DRIVER  : C:\windows\System32\drivers\volmgrx.sys => Invisible on the disk
ADDRESS : 0x00D91000
SIZE    : 368.0 Ko

DRIVER  : C:\windows\System32\drivers\mountmgr.sys => Invisible on the disk
ADDRESS : 0x00FCA000
SIZE    : 104.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\iaStor.sys => Invisible on the disk
ADDRESS : 0x0106B000
SIZE    : 1.33 Mo

DRIVER  : C:\windows\system32\drivers\atapi.sys => Invisible on the disk
ADDRESS : 0x011BF000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\system32\drivers\ataport.SYS => Invisible on the disk
ADDRESS : 0x011C8000
SIZE    : 168.0 Ko

DRIVER  : C:\windows\system32\drivers\msahci.sys => Invisible on the disk
ADDRESS : 0x011F2000
SIZE    : 44.0 Ko

DRIVER  : C:\windows\system32\drivers\PCIIDEX.SYS => Invisible on the disk
ADDRESS : 0x01000000
SIZE    : 64.0 Ko

DRIVER  : C:\windows\system32\drivers\amdxata.sys => Invisible on the disk
ADDRESS : 0x01010000
SIZE    : 44.0 Ko

DRIVER  : C:\windows\system32\drivers\fltmgr.sys => Invisible on the disk
ADDRESS : 0x0101B000
SIZE    : 304.0 Ko

DRIVER  : C:\windows\system32\drivers\fileinfo.sys => Invisible on the disk
ADDRESS : 0x00FE4000
SIZE    : 80.0 Ko

DRIVER  : C:\windows\System32\Drivers\Ntfs.sys => Invisible on the disk
ADDRESS : 0x0123F000
SIZE    : 1.63 Mo

DRIVER  : C:\windows\System32\Drivers\msrpc.sys => Invisible on the disk
ADDRESS : 0x0142C000
SIZE    : 376.0 Ko

DRIVER  : C:\windows\System32\Drivers\ksecdd.sys => Invisible on the disk
ADDRESS : 0x0148A000
SIZE    : 108.0 Ko

DRIVER  : C:\windows\System32\Drivers\cng.sys => Invisible on the disk
ADDRESS : 0x014A5000
SIZE    : 456.0 Ko

DRIVER  : C:\windows\System32\drivers\pcw.sys => Invisible on the disk
ADDRESS : 0x01517000
SIZE    : 68.0 Ko

DRIVER  : C:\windows\System32\Drivers\Fs_Rec.sys => Invisible on the disk
ADDRESS : 0x01528000
SIZE    : 40.0 Ko

DRIVER  : C:\windows\system32\drivers\ndis.sys => Invisible on the disk
ADDRESS : 0x016E6000
SIZE    : 968.0 Ko

DRIVER  : C:\windows\system32\drivers\NETIO.SYS => Invisible on the disk
ADDRESS : 0x01600000
SIZE    : 384.0 Ko

DRIVER  : C:\windows\System32\Drivers\ksecpkg.sys => Invisible on the disk
ADDRESS : 0x01660000
SIZE    : 172.0 Ko

DRIVER  : C:\windows\System32\drivers\tcpip.sys => Invisible on the disk
ADDRESS : 0x01800000
SIZE    : 2.00 Mo

DRIVER  : C:\windows\System32\drivers\fwpkclnt.sys => Invisible on the disk
ADDRESS : 0x0168B000
SIZE    : 292.0 Ko

DRIVER  : C:\windows\system32\drivers\vmstorfl.sys => Invisible on the disk
ADDRESS : 0x016D4000
SIZE    : 64.0 Ko

DRIVER  : C:\windows\system32\drivers\volsnap.sys => Invisible on the disk
ADDRESS : 0x01532000
SIZE    : 304.0 Ko

DRIVER  : C:\windows\System32\Drivers\spldr.sys => Invisible on the disk
ADDRESS : 0x017D8000
SIZE    : 32.0 Ko

DRIVER  : C:\windows\System32\Drivers\SmartDefragDriver.sys => Invisible on the disk
ADDRESS : 0x017E0000
SIZE    : 28.0 Ko

DRIVER  : C:\windows\System32\drivers\rdyboost.sys => Invisible on the disk
ADDRESS : 0x0157E000
SIZE    : 232.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\nvpciflt.sys => Invisible on the disk
ADDRESS : 0x017E7000
SIZE    : 40.0 Ko

DRIVER  : C:\windows\System32\Drivers\mup.sys => Invisible on the disk
ADDRESS : 0x015B8000
SIZE    : 72.0 Ko

DRIVER  : C:\windows\System32\drivers\hwpolicy.sys => Invisible on the disk
ADDRESS : 0x017F1000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\System32\DRIVERS\fvevol.sys => Invisible on the disk
ADDRESS : 0x01200000
SIZE    : 232.0 Ko

DRIVER  : C:\windows\system32\drivers\disk.sys => Invisible on the disk
ADDRESS : 0x015CA000
SIZE    : 88.0 Ko

DRIVER  : C:\windows\system32\drivers\CLASSPNP.SYS => Invisible on the disk
ADDRESS : 0x01ACE000
SIZE    : 192.0 Ko

DRIVER  : C:\windows\System32\Drivers\aswRvrt.sys => Invisible on the disk
ADDRESS : 0x01AFE000
SIZE    : 76.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\cdrom.sys => Invisible on the disk
ADDRESS : 0x03FA5000
SIZE    : 168.0 Ko

DRIVER  : C:\windows\System32\Drivers\aswSnx.SYS => Invisible on the disk
ADDRESS : 0x044D0000
SIZE    : 1020.0 Ko

DRIVER  : C:\windows\System32\Drivers\Null.SYS => Invisible on the disk
ADDRESS : 0x045CF000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\System32\Drivers\Beep.SYS => Invisible on the disk
ADDRESS : 0x045D8000
SIZE    : 28.0 Ko

DRIVER  : C:\windows\System32\drivers\vga.sys => Invisible on the disk
ADDRESS : 0x045DF000
SIZE    : 56.0 Ko

DRIVER  : C:\windows\System32\drivers\VIDEOPRT.SYS => Invisible on the disk
ADDRESS : 0x04400000
SIZE    : 148.0 Ko

DRIVER  : C:\windows\System32\drivers\watchdog.sys => Invisible on the disk
ADDRESS : 0x04425000
SIZE    : 64.0 Ko

DRIVER  : C:\windows\System32\DRIVERS\RDPCDD.sys => Invisible on the disk
ADDRESS : 0x04435000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\system32\drivers\rdpencdd.sys => Invisible on the disk
ADDRESS : 0x0443E000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\system32\drivers\rdprefmp.sys => Invisible on the disk
ADDRESS : 0x04447000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\System32\Drivers\Msfs.SYS => Invisible on the disk
ADDRESS : 0x04450000
SIZE    : 44.0 Ko

DRIVER  : C:\windows\System32\Drivers\Npfs.SYS => Invisible on the disk
ADDRESS : 0x0445B000
SIZE    : 68.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\tdx.sys => Invisible on the disk
ADDRESS : 0x0446C000
SIZE    : 136.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\TDI.SYS => Invisible on the disk
ADDRESS : 0x0448E000
SIZE    : 52.0 Ko

DRIVER  : C:\windows\System32\Drivers\aswTdi.SYS => Invisible on the disk
ADDRESS : 0x0449B000
SIZE    : 80.0 Ko

DRIVER  : C:\windows\system32\drivers\afd.sys => Invisible on the disk
ADDRESS : 0x01B1F000
SIZE    : 548.0 Ko

DRIVER  : C:\windows\System32\Drivers\aswrdr2.sys => Invisible on the disk
ADDRESS : 0x044AF000
SIZE    : 80.0 Ko

DRIVER  : C:\windows\System32\DRIVERS\netbt.sys => Invisible on the disk
ADDRESS : 0x01BA8000
SIZE    : 276.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\wfplwf.sys => Invisible on the disk
ADDRESS : 0x044C3000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\pacer.sys => Invisible on the disk
ADDRESS : 0x03FCF000
SIZE    : 152.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\vwififlt.sys => Invisible on the disk
ADDRESS : 0x03E00000
SIZE    : 88.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\netbios.sys => Invisible on the disk
ADDRESS : 0x045ED000
SIZE    : 60.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\wanarp.sys => Invisible on the disk
ADDRESS : 0x03E16000
SIZE    : 108.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\termdd.sys => Invisible on the disk
ADDRESS : 0x01A00000
SIZE    : 80.0 Ko

DRIVER  : C:\windows\system32\Drivers\SABI.sys => Invisible on the disk
ADDRESS : 0x03E31000
SIZE    : 40.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\rdbss.sys => Invisible on the disk
ADDRESS : 0x01A14000
SIZE    : 324.0 Ko

DRIVER  : C:\windows\system32\drivers\nsiproxy.sys => Invisible on the disk
ADDRESS : 0x01A65000
SIZE    : 48.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\mssmbios.sys => Invisible on the disk
ADDRESS : 0x03FF5000
SIZE    : 44.0 Ko

DRIVER  : C:\windows\System32\drivers\discache.sys => Invisible on the disk
ADDRESS : 0x01A71000
SIZE    : 60.0 Ko

DRIVER  : C:\windows\system32\drivers\csc.sys => Invisible on the disk
ADDRESS : 0x04672000
SIZE    : 524.0 Ko

DRIVER  : C:\windows\System32\Drivers\dfsc.sys => Invisible on the disk
ADDRESS : 0x046F5000
SIZE    : 120.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\blbdrive.sys => Invisible on the disk
ADDRESS : 0x04713000
SIZE    : 68.0 Ko

DRIVER  : C:\windows\System32\Drivers\aswSP.SYS => Invisible on the disk
ADDRESS : 0x04724000
SIZE    : 392.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\tunnel.sys => Invisible on the disk
ADDRESS : 0x04786000
SIZE    : 152.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\nvlddmkm.sys => Invisible on the disk
ADDRESS : 0x05802000
SIZE    : 10.67 Mo

DRIVER  : C:\windows\System32\drivers\dxgkrnl.sys => Invisible on the disk
ADDRESS : 0x062AD000
SIZE    : 976.0 Ko

DRIVER  : C:\windows\System32\drivers\dxgmms1.sys => Invisible on the disk
ADDRESS : 0x063A1000
SIZE    : 280.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\igdkmd64.sys => Invisible on the disk
ADDRESS : 0x06603000
SIZE    : 11.74 Mo

DRIVER  : C:\windows\system32\DRIVERS\HECIx64.sys => Invisible on the disk
ADDRESS : 0x071C1000
SIZE    : 68.0 Ko

DRIVER  : C:\windows\system32\drivers\usbehci.sys => Invisible on the disk
ADDRESS : 0x071D2000
SIZE    : 68.0 Ko

DRIVER  : C:\windows\system32\drivers\USBPORT.SYS => Invisible on the disk
ADDRESS : 0x04600000
SIZE    : 344.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\HDAudBus.sys => Invisible on the disk
ADDRESS : 0x047AC000
SIZE    : 144.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\bcmwl664.sys => Invisible on the disk
ADDRESS : 0x04CC2000
SIZE    : 2.94 Mo

DRIVER  : C:\windows\system32\DRIVERS\vwifibus.sys => Invisible on the disk
ADDRESS : 0x04FB2000
SIZE    : 52.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\Rt64win7.sys => Invisible on the disk
ADDRESS : 0x04C00000
SIZE    : 528.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\nusb3xhc.sys => Invisible on the disk
ADDRESS : 0x04C84000
SIZE    : 196.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\USBD.SYS => Invisible on the disk
ADDRESS : 0x04CB5000
SIZE    : 8.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\i8042prt.sys => Invisible on the disk
ADDRESS : 0x04FBF000
SIZE    : 120.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\kbdclass.sys => Invisible on the disk
ADDRESS : 0x04FDD000
SIZE    : 60.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\SynTP.sys => Invisible on the disk
ADDRESS : 0x05076000
SIZE    : 1.38 Mo

DRIVER  : C:\windows\system32\DRIVERS\mouclass.sys => Invisible on the disk
ADDRESS : 0x051D8000
SIZE    : 60.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\wmiacpi.sys => Invisible on the disk
ADDRESS : 0x051E7000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\CmBatt.sys => Invisible on the disk
ADDRESS : 0x051F0000
SIZE    : 20.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\intelppm.sys => Invisible on the disk
ADDRESS : 0x05000000
SIZE    : 88.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\CompositeBus.sys => Invisible on the disk
ADDRESS : 0x05016000
SIZE    : 64.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\serscan.sys => Invisible on the disk
ADDRESS : 0x05026000
SIZE    : 32.0 Ko

DRIVER  : C:\windows\system32\drivers\ksthunk.sys => Invisible on the disk
ADDRESS : 0x0502E000
SIZE    : 24.0 Ko

DRIVER  : C:\windows\system32\drivers\ks.sys => Invisible on the disk
ADDRESS : 0x01A80000
SIZE    : 268.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\clwvd.sys => Invisible on the disk
ADDRESS : 0x05034000
SIZE    : 24.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\AgileVpn.sys => Invisible on the disk
ADDRESS : 0x0503A000
SIZE    : 88.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\rasl2tp.sys => Invisible on the disk
ADDRESS : 0x05050000
SIZE    : 144.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\ndistapi.sys => Invisible on the disk
ADDRESS : 0x04FEC000
SIZE    : 48.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\ndiswan.sys => Invisible on the disk
ADDRESS : 0x047D0000
SIZE    : 188.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\raspppoe.sys => Invisible on the disk
ADDRESS : 0x071E3000
SIZE    : 108.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\raspptp.sys => Invisible on the disk
ADDRESS : 0x01400000
SIZE    : 132.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\rassstp.sys => Invisible on the disk
ADDRESS : 0x04656000
SIZE    : 104.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\rdpbus.sys => Invisible on the disk
ADDRESS : 0x051F5000
SIZE    : 44.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\swenum.sys => Invisible on the disk
ADDRESS : 0x05074000
SIZE    : 8.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\umbus.sys => Invisible on the disk
ADDRESS : 0x063E7000
SIZE    : 72.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\usbhub.sys => Invisible on the disk
ADDRESS : 0x05470000
SIZE    : 360.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\nusb3hub.sys => Invisible on the disk
ADDRESS : 0x054CA000
SIZE    : 100.0 Ko

DRIVER  : C:\windows\System32\Drivers\NDProxy.SYS => Invisible on the disk
ADDRESS : 0x054E3000
SIZE    : 84.0 Ko

DRIVER  : C:\windows\system32\drivers\RTKVHD64.sys => Invisible on the disk
ADDRESS : 0x07A7A000
SIZE    : 2.77 Mo

DRIVER  : C:\windows\system32\drivers\portcls.sys => Invisible on the disk
ADDRESS : 0x07D3E000
SIZE    : 244.0 Ko

DRIVER  : C:\windows\system32\drivers\drmk.sys => Invisible on the disk
ADDRESS : 0x07D7B000
SIZE    : 136.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\IntcDAud.sys => Invisible on the disk
ADDRESS : 0x07D9D000
SIZE    : 332.0 Ko

DRIVER  : C:\windows\System32\win32k.sys => Invisible on the disk
ADDRESS : 0x00030000
SIZE    : 3.09 Mo

DRIVER  : C:\windows\System32\drivers\Dxapi.sys => Invisible on the disk
ADDRESS : 0x07DF0000
SIZE    : 48.0 Ko

DRIVER  : C:\windows\System32\Drivers\crashdmp.sys => Invisible on the disk
ADDRESS : 0x07A00000
SIZE    : 56.0 Ko

DRIVER  : C:\windows\System32\Drivers\dump_iaStor.sys => Invisible on the disk
ADDRESS : 0x03E3B000
SIZE    : 1.33 Mo

DRIVER  : C:\windows\System32\Drivers\dump_dumpfve.sys => Invisible on the disk
ADDRESS : 0x07A0E000
SIZE    : 76.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\usbccgp.sys => Invisible on the disk
ADDRESS : 0x07A21000
SIZE    : 116.0 Ko

DRIVER  : C:\windows\System32\Drivers\usbvideo.sys => Invisible on the disk
ADDRESS : 0x07A3E000
SIZE    : 184.0 Ko

DRIVER  : C:\windows\System32\TSDDD.dll => Invisible on the disk
ADDRESS : 0x004A0000
SIZE    : 40.0 Ko

DRIVER  : C:\windows\system32\drivers\luafv.sys => Invisible on the disk
ADDRESS : 0x054F8000
SIZE    : 140.0 Ko

DRIVER  : C:\windows\system32\drivers\aswMonFlt.sys => Invisible on the disk
ADDRESS : 0x0551B000
SIZE    : 160.0 Ko

DRIVER  : C:\windows\System32\Drivers\aswFsBlk.SYS => Invisible on the disk
ADDRESS : 0x05543000
SIZE    : 44.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\Sftvollh.sys => Invisible on the disk
ADDRESS : 0x0554E000
SIZE    : 44.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\lltdio.sys => Invisible on the disk
ADDRESS : 0x05559000
SIZE    : 84.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\nwifi.sys => Invisible on the disk
ADDRESS : 0x0556E000
SIZE    : 332.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\ndisuio.sys => Invisible on the disk
ADDRESS : 0x055C1000
SIZE    : 76.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\rspndr.sys => Invisible on the disk
ADDRESS : 0x055D4000
SIZE    : 96.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\TurboB.sys => Invisible on the disk
ADDRESS : 0x055EC000
SIZE    : 32.0 Ko

DRIVER  : C:\windows\system32\drivers\HTTP.sys => Invisible on the disk
ADDRESS : 0x06449000
SIZE    : 804.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\bowser.sys => Invisible on the disk
ADDRESS : 0x06512000
SIZE    : 120.0 Ko

DRIVER  : C:\windows\System32\drivers\mpsdrv.sys => Invisible on the disk
ADDRESS : 0x06530000
SIZE    : 96.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\mrxsmb.sys => Invisible on the disk
ADDRESS : 0x06548000
SIZE    : 180.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk
ADDRESS : 0x06575000
SIZE    : 312.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk
ADDRESS : 0x065C3000
SIZE    : 144.0 Ko

DRIVER  : C:\windows\system32\Drivers\rikvm_38F51D56.sys => Invisible on the disk
ADDRESS : 0x09E0C000
SIZE    : 1.72 Mo

DRIVER  : C:\windows\system32\drivers\peauth.sys => Invisible on the disk
ADDRESS : 0x0A0C9000
SIZE    : 664.0 Ko

DRIVER  : C:\windows\System32\Drivers\secdrv.SYS => Invisible on the disk
ADDRESS : 0x0A16F000
SIZE    : 44.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\Sftfslh.sys => Invisible on the disk
ADDRESS : 0x0A000000
SIZE    : 772.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\Sftplaylh.sys => Invisible on the disk
ADDRESS : 0x0A17A000
SIZE    : 308.0 Ko

DRIVER  : C:\windows\System32\DRIVERS\srvnet.sys => Invisible on the disk
ADDRESS : 0x0A1C7000
SIZE    : 196.0 Ko

DRIVER  : C:\windows\System32\drivers\tcpipreg.sys => Invisible on the disk
ADDRESS : 0x09FC4000
SIZE    : 72.0 Ko

DRIVER  : C:\windows\System32\DRIVERS\srv2.sys => Invisible on the disk
ADDRESS : 0x05400000
SIZE    : 420.0 Ko

DRIVER  : C:\windows\System32\DRIVERS\srv.sys => Invisible on the disk
ADDRESS : 0x0A863000
SIZE    : 608.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\Sftredirlh.sys => Invisible on the disk
ADDRESS : 0x0A8FB000
SIZE    : 44.0 Ko

DRIVER  : C:\windows\System32\cdd.dll => Invisible on the disk
ADDRESS : 0x007A0000
SIZE    : 156.0 Ko

DRIVER  : C:\windows\System32\Drivers\fastfat.SYS => Invisible on the disk
ADDRESS : 0x0A800000
SIZE    : 216.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\monitor.sys => Invisible on the disk
ADDRESS : 0x0E400000
SIZE    : 56.0 Ko

DRIVER  : C:\windows\System32\smss.exe => Invisible on the disk
ADDRESS : 0x48570000
SIZE    : 128.0 Ko

BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020)

SystemStartOptions :  MAXMEM=8589934592  NOEXECUTE=OPTIN  NUMPROC=8

________________________________________________________________________________

_____FAKED   \Device\Harddisk0\DR0  

0x00000000   50 41 53 53 00 00 00 00 00 00 00 00 00 00 00 00   PASS............
0x00000010   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000020   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000030   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000040   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000050   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000060   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000070   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000080   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000090   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000B0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000C0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000100   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000110   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000120   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000130   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000140   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000150   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000160   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000170   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000180   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001C0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................

__ORIGINAL   \Device\Harddisk0\DR0  

0x00000000   33 C0 8E D8 8E C0 8E D0 BC 00 7C 8B F4 BF 00 06   3À.Ø.À.м.|.ô¿..
0x00000010   B9 00 01 FC F3 A5 EA 1B 00 60 00 0E 1F 06 E8 95   ¹..üó¥ê..`....è.
0x00000020   00 07 80 3E 97 01 01 74 75 80 3E 97 01 02 74 00   ...>...tu.>...t.
0x00000030   C6 06 94 01 00 E8 04 01 BE BE 01 B3 04 F6 04 80   Æ....è..¾¾.³.ö..
0x00000040   75 0F 83 C6 10 FE CB 75 F4 CD 18 BE 5D 01 E8 FC   u..Æ.þËuôÍ.¾].èü
0x00000050   00 BB 00 7C 06 53 50 55 8B EC C7 46 02 00 00 5D   .».|.SPU.ìÇF...]
0x00000060   50 55 8B EC C7 46 02 00 00 5D FF 74 0A FF 74 08   PU.ìÇF...].t..t.
0x00000070   06 53 50 55 8B EC C7 46 02 01 00 5D 50 55 8B EC   .SPU.ìÇF...]PU.ì
0x00000080   C7 46 02 10 00 5D 16 1F 8B F4 B4 42 CD 13 83 C4   ÇF...]...ô´BÍ..Ä
0x00000090   10 EB 00 CB C6 06 95 01 00 E8 A0 00 EB 00 BB 00   .ë.ËÆ....è..ë.».
0x000000A0   7C 06 53 B8 01 02 B5 00 B1 05 B6 00 B2 80 CD 13   |.S¸..µ.±.¶.².Í.
0x000000B0   C6 06 94 01 01 CB B8 00 F0 8E C0 33 C0 8B F0 BB   Æ....˸.ð.À3À.ð»
0x000000C0   FF FF 26 81 3C 53 77 74 08 83 C6 01 4B 75 F3 EB   ..&.<Swt..Æ.Kuóë
0x000000D0   1A 26 81 7C 02 53 6D 74 02 EB EE 26 81 7C 04 69   .&.|.Smt.ëî&.|.i
0x000000E0   40 74 02 EB E4 83 C6 06 E8 01 00 C3 1E 57 26 8B   @t.ëä.Æ.è..Ã.W&.
0x000000F0   14 26 8A 44 03 EE 26 8B 44 07 8E D8 26 8B 44 05   .&.D.î&.D..Ø&.D.
0x00000100   8B F8 C7 05 43 58 C7 45 02 5C 00 26 8A 44 02 EE   .øÇ.CXÇE.\.&.D.î
0x00000110   B1 02 8A 65 05 80 FC FF 74 13 80 FC 80 76 0E C7   ±..e..ü.t..ü.v.Ç
0x00000120   45 02 5D 00 80 EC 80 88 65 05 EE B1 01 26 8B 14   E.]..ì..e.î±.&..
0x00000130   26 8A 44 04 EE 5F 1F 88 0E 97 01 C3 BB 00 06 B8   &.D.î_.....û..¸
0x00000140   01 03 B5 00 B1 01 B6 00 B2 80 CD 13 C3 AC 3C 00   ..µ.±.¶.².Í.ì<.
0x00000150   74 0A B4 0E B7 00 B3 07 CD 10 EB F1 C3 4D 69 73   t.´.·.³.Í.ëñÃMis
0x00000160   73 69 6E 67 20 6F 70 65 72 61 74 69 6E 67 20 73   sing operating s
0x00000170   79 73 74 65 6D 00 00 00 00 00 00 00 00 00 00 00   ystem...........
0x00000180   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000190   46 44 53 54 00 00 3E 02 00 27 00 00 BC 0A 8D 7E   FDST..>..'..¼..~
0x000001A0   67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74   g operating syst
0x000001B0   65 6D 00 00 00 63 7B 9A 7D 66 49 CD 92 23 80 20   em...c{.}fIÍ.#.
0x000001C0   21 00 07 DF 13 0C 00 08 00 00 00 20 03 00 00 DF   !..ß....... ...ß
0x000001D0   14 0C 07 FE FF FF 00 28 03 00 00 00 80 52 00 FE   ...þ...(.....R.þ
0x000001E0   FF FF 0F FE FF FF 00 28 83 52 00 60 32 1F 00 FE   ...þ...(.R.`2..þ
0x000001F0   FF FF 27 FE FF FF 00 88 B5 71 00 D8 BA 02 55 AA   ..'þ....µq.غ.Uª

Compartilhar este post


Link para o post
Compartilhar em outros sites

jemafase,

1)

Baixe o AdwCleaner e salve no desktop.

http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

Execute o arquivo adwcleaner.exe

*** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo adwcleaner.exe, depois clique em execadmin.png.

Clique em Remover.

Abrirá um bloco de notas com o resultado. Selecione, copie e cole o seu conteúdo na próxima resposta.

2)

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe 1268r49.png e salve no desktop.

Dê um duplo-clique para executar o Junkware Removal Tool (JRT).

*** Usuários do Windows Vista ou Windows 7 Clique com o direito sobre o arquivo JRT.exe, depois clique em execadmin.png.

A ferramenta comecará o exame do seu sistema. Tenha paciência pois pode demorar um pouco dependendo da quantidades de ítens a examinar.

Ao final, um log se abrirá. É salvo no desktop com o nome de JRT.txt.

Selecione, copie e cole o conteúdo deste log na sua próxima resposta.

3)

Baixe o Malwarebytes' Anti-Malware (MBAM)

http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html

Dê um duplo-clique no mbam-setup.exe, escolha a linguagem e na instalação, aceite todas as opções padrão.

  • Verifique se as caixas Atualizar Malwarebytes Anti-Malware e Executar Malwarebytes Anti-Malware estão marcadas e clique então, em Concluir.
  • Se houver atualizações a serem feitas, serão baixadas e instaladas.
  • Ao final da atualização, com o programa aberto, marque Verificação Rápida e clique no botão Verificar.
  • Começará então o exame. Aguarde, pois pode demorar.
  • Ao acabar o exame, clique em OK, depois no botão Mostrar Resultados para ver o relatório.
  • Se houver ítens encontrados, certifique-se de que, estão todos marcados e clique no botão Remover.
  • Ao final da desinfecção, abrirá o Bloco de notas com um log e poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo)
  • O log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Logs na janela principal do programa.
  • Selecione, copie e cole todo o conteúdo deste log na sua próxima resposta, juntamente com um novo log do HijackThis.

NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.

Em caso de dúvidas, leia o tutorial do programa:

http://linhadefensiva.org/forum/index.php?showtopic=75554

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ciro, fiz exatamente como você pediu, inclusive desabilitando o Avast, mas o Malware Bytes continua travando o note, do mesmo jeito que eu relatei lá em cima...

Bom, o log do AdwCleaner é esse:

# AdwCleaner v2.200 - Relatório criado em 15/04/2013 às 18:12:23

# Atualizado em 02/04/2013 por Xplode

# Sistema Operacional : Windows 7 Professional Service Pack 1 (64 bits)

# Usuário : Jean - JEAN-PC

# Modo de Boot : Normal

# Executado de : C:\Users\Jean\Desktop\adwcleaner.exe

# Opção [Remover]

***** [serviços] *****

***** [Arquivos/Pastas] *****

Pasta Removido : C:\Program Files (x86)\Protected Search

Pasta Removido : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search

Pasta Removido : C:\Users\Jean\AppData\LocalLow\simplytech

Pasta Removido : C:\Users\Jean\AppData\Roaming\simplytech

***** [Registro] *****

Chave Removida : HKCU\Software\Iminent

Chave Removida : HKCU\Software\InstallCore

Chave Removida : HKCU\Software\ProtectedSearch

Chave Removida : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}

Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}

Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}

Chave Removida : HKLM\SOFTWARE\Classes\wtb.Band

Chave Removida : HKLM\SOFTWARE\Classes\wtb.Band.1

Chave Removida : HKLM\SOFTWARE\Classes\wtb.NotificationSource

Chave Removida : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1

Chave Removida : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl

Chave Removida : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1

Chave Removida : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo

Chave Removida : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1

Chave Removida : HKLM\Software\Iminent

Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32

Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS

Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32

Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1

Chave Removida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}

Chave Removida : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}

***** [Navegadores] *****

-\\ Internet Explorer v9.0.8112.16476

[OK] Registro está limpo.

-\\ Mozilla Firefox v13.0.1 (pt-BR)

Arquivo : C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\h37hpluk.default\prefs.js

[OK] Arquivo está limpo.

*************************

AdwCleaner[s1].txt - [12406 octets] - [15/04/2013 18:12:23]

########## EOF - C:\AdwCleaner[s1].txt - [12467 octets] ##########

E o log do JRT é o seguinte:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.8.3 (04.05.2013:1)

OS: Windows 7 Professional x64

Ran by Jean on 15/04/2013 at 18:21:08,23

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\abouturls\\Tabs

~~~ Registry Keys

~~~ Files

Successfully deleted: [File] "C:\windows\tasks\driverscanner.job"

~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Jean\appdata\local\{61B67670-EFEB-4869-A18F-AC0A79A187D9}

Successfully deleted: [Empty Folder] C:\Users\Jean\appdata\local\{7228140A-3E77-4FEB-B75C-FCFAC9CCDAE2}

Successfully deleted: [Empty Folder] C:\Users\Jean\appdata\local\{80E8273A-C3F4-4772-9093-FB3B5D567BE1}

Successfully deleted: [Empty Folder] C:\Users\Jean\appdata\local\{D5DBA4C7-7707-4E33-BCAE-EBC860E65CEF}

~~~ FireFox

Emptied folder: C:\Users\Jean\AppData\Roaming\mozilla\firefox\profiles\h37hpluk.default\minidumps [33 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 15/04/2013 at 19:09:54,83

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Aí vai também um log fresquinho do Hijack This:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 20:49:01, on 15/04/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16476)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe

C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe

C:\Users\Jean\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: HomeTab - {88a0fea2-5b93-4a13-bd60-054d1d796545} - C:\Users\Jean\AppData\Roaming\HomeTab\HomeTab.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Samsung BHO Helper - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll

O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O3 - Toolbar: HomeTab - {88a0fea2-5b93-4a13-bd60-054d1d796545} - C:\Users\Jean\AppData\Roaming\HomeTab\HomeTab.dll

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [iObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart (User 'SISTEMA')

O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart (User 'Default user')

O8 - Extra context menu item: Enviar imagem para Dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Enviar página para Dispositivo &Bluetooth ... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll

O9 - Extra button: (no name) - {b89c9471-7756-4406-b7bb-b6915e8e55dd} - C:\Users\Jean\AppData\Roaming\HomeTab\HomeTab.dll

O9 - Extra button: Enviar para Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: Enviar para Dispositivo &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

O23 - Service: CyberLink Product - 2011/07/28 20:02:17 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: Baidu PC Faster Service 1.18.0.22 (PCFasterSvc_{PCFaster_1.18.0.22}) - Baidu Inc. - C:\Program Files (x86)\Baidu Security\PC Faster\1.18.0.22\PCFasterSvc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: Samsung UPD Service - Unknown owner - C:\windows\System32\SUPDSvc.exe (file missing)

O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)

O23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)

--

End of file - 11065 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

jemafase,

Tente a verificação com a MalwareBytes em Modo de Segurança.

Reinicie em Modo de Segurança (Pressione intermitentemente F8 durante a inicialização, no menu que aparecer escolha através da seta de navegação, Modo Seguro).

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ciro, consegui rodar o Malware Bytes no modo de segurança!!! Mas tentei escanear com o Avast e o Advanced System Care e os dois continuam travando, mesmo no modo de segurança... Outra coisa, tá aparecendo uma janelinha toda vez que eu inicio o note, dizendo alguma coisa tipo "há um programa que necessita de sua autorização para exibir uma mensagem"... Isso não acontecia antes. Bom, lá vai o log do Malware Bytes:

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Versão da Base de Dados: v2013.04.14.03

Windows 7 Service Pack 1 x64 NTFS (Modo Seguro)

Internet Explorer 9.0.8112.16421

Jean :: JEAN-PC [administrador]

16/04/2013 01:26:04

mbam-log-2013-04-16 (01-26-04).txt

Tipo de Verificação: Verificação Rápida

Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM

Opções de verificação desativadas: P2P

Objetos escaneados: 231334

Tempo decorrido: 31 minuto(s), 50 segundo(s)

Processos de Memória Detectados: 0

(Não foram detectados ítens maliciosos)

Módulos de Memória Detectados: 0

(Não foram detectados ítens maliciosos)

Chaves de Registro Detectadas: 0

(Não foram detectados ítens maliciosos)

Valores de Registro Detectadas: 0

(Não foram detectados ítens maliciosos)

Itens de Dados no Registro Detectadas: 0

(Não foram detectados ítens maliciosos)

Pastas Detectadas: 0

(Não foram detectados ítens maliciosos)

Arquivos Detectados: 0

(Não foram detectados ítens maliciosos)

(fim)

Compartilhar este post


Link para o post
Compartilhar em outros sites

jemafase,

Baixe OTL by OldTimer, e salve na sua área de trabalho.

Clique com o direito sobre o arquivo OTL.exe, depois clique em execadmin.png.

Onde diz Saída, marque Padrão

Marque também estas opções:

  • Data de Criação -> mude para 90 dias
  • Usar WhiteList para Nomes de Companhias.
  • Ignorar Arquivos Microsoft
  • Verificar Lop
  • Verificar Purity

Selecione estas linhas em vermelho, clique com o direito sobre a seleção, e escolha a opção copiar

CREATERESTOREPOINT

netsvcs

%systemroot%\system32\drivers\*.* /90

%systemdrive%\drivers\*.exe

%SYSTEMDRIVE%\*.*

%LOCALAPPDATA%\*.exe

%LOCALAPPDATA%\*.txt

%LOCALAPPDATA%\*.ini

%LOCALAPPDATA%\*.dll

%LOCALAPPDATA%\*.dat

%USERPROFILE%\*.exe

%USERPROFILE%\*.txt

%USERPROFILE%\*.ini

%USERPROFILE%\*.dll

%USERPROFILE%\*.dat /30

C:\windows\system32\Tasks\*.* /s

C:\windows\system32\Tasks\*.* /s /64

%windir%\tasks\*.* /s

%systemroot%\Fonts\*.dll

%systemroot%\Fonts\*.ini

%systemroot%\Fonts\*.ini2

%systemroot%\Fonts\*.com

%systemroot%\*.scr

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments

HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run /s

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMP

HKCU\Software\Microsoft\Internet Explorer\Downloads

/md5start

services.*

/md5stop

%systemdrive%\$Recycle.Bin|@;true;true;true /fp

Volte ao programa, clique com o direito em qualquer parte branca da sessão Exames Personalizados/Correções e escolha colar

Clique no botão verif.png

O OTL começará a examinar seu computador. Não interrompa o processo e nem use outras janelas até que ele termine.

Não modifique nenhuma outra configuração, a menos que tenha sido orientado (a) a fazer isso.

O exame demora um pouco, tenha paciência.

Quando terminar, dois blocos de notas serão exibidos: OTL.txt e Extras.txt

Ambos ficarão salvos dentro do mesmo diretório onde está o OTL.exe, ou seja, na sua área de trabalho.

Copie todo o conteúdo do OTL.txt e cole na sua resposta.

Anexe o arquivo Extras.txt

OBS: Caso os logs fiquem muito grandes e exceda o limite do forum, envie-os para um arquivo .zip ou .rar e anexe-os à sua resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

jemafase,

1)

Faça o download do SystemLook.exe e salve no seu desktop.

http://images.malwareremoval.com/jpshortstuff/SystemLook.exe

*** Usuários do Windows Vista ou Windows 7 Clique com o direito sobre o arquivo SystemLook.exe, depois clique em execadmin.png.

Clique duas vezes no SystemLook.exe. Selecione, copie e cole o que está dentro do Quote na caixa de texto da ferramenta.

:dir

C:\windows\SysWow64\SysInfo

Clique no botão Look e ao fim do exame um log se abrirá. Ele é salvo como SystemLook.txt no desktop.

Selecione, copie e cole o conteúdo deste log na sua próxima resposta.

2)

Selecione e copie o texto dentro do CODE, clique com o direito sobre a seleção e escolha a opção copiar:

OBS: Certifique-se de copiar começando pela letra e sinal de dois pontos ": O" de OTL.

:OTL
FF - prefs.js..extensions.enabledAddons: sqlmoz@facebook.com:3.2
[2013/04/10 13:19:32 | 000,000,000 | ---D | M] (HomeTab) -- C:\Users\Jean\AppData\Roaming\mozilla\Firefox\Profiles\h37hpluk.default\extensions\{883725bd-59a5-4533-b9c0-cee194067349}
[2013/04/14 12:49:24 | 000,045,885 | ---- | M] () (No name found) -- C:\Users\Jean\AppData\Roaming\mozilla\firefox\profiles\h37hpluk.default\extensions\sqlmoz@facebook.com.xpi
O2 - BHO: (HomeTab) - {88a0fea2-5b93-4a13-bd60-054d1d796545} - C:\Users\Jean\AppData\Roaming\HomeTab\HomeTab.dll (Simplytech Ltd.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (HomeTab) - {88a0fea2-5b93-4a13-bd60-054d1d796545} - C:\Users\Jean\AppData\Roaming\HomeTab\HomeTab.dll (Simplytech Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKCU..\Run: []  File not found
[2013/04/10 13:19:30 | 000,000,000 | ---D | C] -- C:\Users\Jean\AppData\Roaming\HomeTab
[2013/04/10 13:19:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HomeTab
[2013/04/09 17:20:15 | 000,034,174 | ---- | C] () -- C:\Users\Jean\AppData\Roaming\1.crx

:Commands
[createrestorepoint]
[purity]
[emptytemp]

Clique com o direito sobre o arquivo OTL.exe, depois clique em execadmin.png.

Clique com o direito em qualquer parte branca, da sessão Exames Personalizados/Correções e escolha a opção colar

Feche TODAS as janelas (exceto o próprio OTL).

Clique no botão fixotl.png

O programa executará o script e reiniciará o seu computador.

Quando o Windows for carregado, o OTL será executado automaticamente. Permita a sua execução.

Um bloco de notas será aberto, contendo algumas informações.

Copie TODO o conteúdo deste bloco de notas e cole na sua resposta.

Uma cópia deste log ficará armazenado na pasta C:\_OTL\MovedFiles com o nome no seguinte formato data_hora.log.

Exemplo: 03142010_145545.log

Poste também um novo log do Hijackthis.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Fala, Ciro! Segue abaixo o log do System Look. Os outros dois que você pediu estão anexos:

SystemLook 30.07.11 by jpshortstuff

Log created at 00:08 on 18/04/2013 by Jean

Administrator - Elevation successful

WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

========== dir ==========

C:\windows\SysWow64\SysInfo - Parameters: "(none)"

---Files---

SysInfo.log --a---- 410 bytes [13:34 21/01/2013] [13:34 21/01/2013]

---Folders---

None found.

-= EOF =-

04182013_001315.log

hijackthis.log

Compartilhar este post


Link para o post
Compartilhar em outros sites

jemafase,

Os problemas com o Facebook persistem?

----------

Desative temporiariamente seu AntiVirus

  • Utilize o Navegador Internet Explorer para utilizar o serviço!
  • Acesse o site AQUI
  • Faça o scan de acordo com a imagem abaixo:
    nWRSC.gif
  • Ao final da verificação clique em List of found threats, clique em Export to text file... e marque a caixa "Delete Quarantined files", clique em [FINISH]
    Será gerado um relatório, que estará em:

C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt

Poste esse log.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá, Ciro! Cara, aparentemente o facebook não está mais mandando adware... Vou ficar de olho. Tentei fazer o scan com o ESET, como você pediu, mas, dpois de uns 40 minutos escaneando travou tudo, que nem acontece com o Avast e o Advanced System Care...

Compartilhar este post


Link para o post
Compartilhar em outros sites

Fui tentar fazer uma desfragmentação do disco, e nem isso consegui... Travou também. Que saco!!! Será que isso não pe vírus, mas algum problema de configuração ou hardware???

Ah, o facebook tá limpo!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Mais uma: foi criado na minha área de trabalho um arquivo de bloco de notas desktop.ini, em que tá escrito isso aqui:

[.ShellClassInfo]

LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21769

IconResource=%SystemRoot%\system32\imageres.dll,-183

Compartilhar este post


Link para o post
Compartilhar em outros sites

jemafase,

Especifique o "travar", o PC todo congela e você precisa desligá-lo ou só o aplicativo que está em uso?

Mais uma: foi criado na minha área de trabalho um arquivo de bloco de notas desktop.ini, em que tá escrito isso aqui:

[.ShellClassInfo]

LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21769

IconResource=%SystemRoot%\system32\imageres.dll,-183

Instale isto, deverá resolver:

http://go.microsoft.com/?linkid=9767717

Compartilhar este post


Link para o post
Compartilhar em outros sites

Por "travar", entenda travar o computador todo, do tipo eu só conseguir desligá-lo tirando a bateria (é um note).

Quanto ao programa que você recomendou pra eu baixar, estou recebendo a seguinte mensagem:

"Esse fix it não se aplica ao seu sistema operacional ou à versão de seu aplicativo".

Compartilhar este post


Link para o post
Compartilhar em outros sites

jemafase,

 

Por "travar", entenda travar o computador todo, do tipo eu só conseguir desligá-lo tirando a bateria (é um note).

 

Sugiro que verifique possíveis problemas com hardware.

 

 

Quanto ao programa que você recomendou pra eu baixar, estou recebendo a seguinte mensagem:

"Esse fix it não se aplica ao seu sistema operacional ou à versão de seu aplicativo".

 

 

Siga as instruções para o Desejo corrigir sozinho - Método 1:

 

http://support.microsoft.com/kb/330132/pt-br

Compartilhar este post


Link para o post
Compartilhar em outros sites

Acabaram as possibilidades de ser malware?

Alguma sugestão do que eu possa fazer em relação ao hardware (embora eu saiba que isso extrapola o objetivo do site...)?

Compartilhar este post


Link para o post
Compartilhar em outros sites

jemafase,

 

Acabaram as possibilidades de ser malware?

 

Na verdade, de fato nunca houveram. Haviam instalados apenas Adwares, o que causa desconforto ao usar os navegadores, nada que comprometa muito o desempenho do sistema como um todo.

 

Alguma sugestão do que eu possa fazer em relação ao hardware (embora eu saiba que isso extrapola o objetivo do site...)?

 

Quando e sob qual circunstância começou este problema?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Cara, até onde eu sei o problema com os aplicativos tipo o Advanced System Care e o Avast começaram depois que houve o problema com o Facebook... Mas tenho que admitir que, fora os scans pré-agendados, já tinha algum tempo que eu nem tentava fazer um scan completo no sistema...

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.

  • Quem Está Navegando   0 membros estão online

    Nenhum usuário registrado visualizando esta página.