Ir para conteúdo

Foto

Muitas propagandas no browser e pc muito lento


Este tópico foi arquivado. Isto significa que você não pode mais responder ao tópico.
21 respostas neste tópico

#1
k1d0t4

k1d0t4

    Membro

  • Membro
  • PipPip
  • 51 posts

Boa noite,

 

O meu browser está travando toda hora e está aparecendo muitas propagandas também. Meu computador também está muito lento. Eu fui inventar de excluir uns programas que estavam na minha máquina, achando que era algum tipo de malware, mas eu acho que apaguei alguma coisa que não devia, pois depois da exclusão em questão, o computador ficou mais lento ainda... T_T

 

Segue em anexo os logs solicitados.

 

 

 

Arquivo(s) anexado(s)



#2
JoseMelo

JoseMelo

    Assistente Profissional

  • Assistente Profissional
  • 125.270 posts
Faça o download do AdwCleaner e salve no desktop.
 
Clique no ícone 1IXHd.png para baixar o arquivo.
 
Execute o adwcleaner
 
OBS: Usuários do Windows Vista, 7 e 8 clique com o botão direito do mouse sobre o arquivo adwcleaner, depois clique em AgZ3P.png
 
OBS: Para usuários do Windows 8, caso haja bloqueio pelo Smart Screen, clique em Mais Opções e em Executar assim mesmo.
 
Clique em Examinar e quando terminar, clique em Limpar e nas próximas janelas, clique em Ok. 
 
Quando o computador for reiniciado será aberto o bloco de notas com o resultado. Selecione, copie e cole o seu conteúdo na próxima resposta.
 

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.
 
Faça o download do Junkware Removal Tool:
 
Dê um duplo-clique para executar o Junkware Removal Tool (JRT).
 
* No Windows Vista, Windows 7 e Windows 8:
 
Clique com o botão direito do mouse sobre o JRT.exe e selecione run_as_adm1.png
 
A ferramenta comecará o exame do seu sistema. Tenha paciência pois pode demorar um pouco dependendo da quantidades de ítens a examinar.
 
Ao final, um log se abrirá. É salvo no desktop com o nome de JRT.txt.
 
Selecione, copie e cole o conteúdo deste log na sua próxima resposta.

 



#3
k1d0t4

k1d0t4

    Membro

  • Membro
  • PipPip
  • 51 posts

Segue abaixo os logs desejados

 

JRT

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.4 (10.06.2013:1)
OS: Windows 8 Single Language x64
Ran by k1d0t4 on 12/10/2013 at 11:45:22,28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3014345703-1038563964-361023504-1001\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Bar
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\Default_Search_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\searchURL\\Default
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\searchURL\\Default
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ECFCEA8D-502E-40E5-988C-010D4E465D67}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{ECFCEA8D-502E-40E5-988C-010D4E465D67}



~~~ Files

Failed to delete: [File] C:\windows\Tasks\Plus-HD-4.1-chromeinstaller.job
Failed to delete: [File] C:\windows\Tasks\Plus-HD-4.1-codedownloader.job
Failed to delete: [File] C:\windows\Tasks\Plus-HD-4.1-enabler.job
Failed to delete: [File] C:\windows\Tasks\Plus-HD-4.1-firefoxinstaller.job
Failed to delete: [File] C:\windows\Tasks\Plus-HD-4.1-updater.job



~~~ Folders

Failed to delete: [Folder] "C:\Program Files (x86)\linkswift"



~~~ FireFox

Successfully deleted: [Folder] C:\Users\k1d0t4\AppData\Roaming\mozilla\firefox\profiles\3qqvg45p.default\extensions\1c4760d9-6efb-48d1-b650-e82623c8612e@982da7d4-d829-4a76-8b83-32a7fa75255f.com
Successfully deleted the following from C:\Users\k1d0t4\AppData\Roaming\mozilla\firefox\profiles\3qqvg45p.default\prefs.js

user_pref("extensions.a1c4760d96efb48d1b650e82623c8612e982da7d4d8294a768b8332a7fa75255fcom39200.39200.internaldb.cache/530e52021dc20843b1aa62957edeb9f8.value", "%22var%20adsDe
Emptied folder: C:\Users\k1d0t4\AppData\Roaming\mozilla\firefox\profiles\3qqvg45p.default\minidumps [7 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12/10/2013 at 11:54:46,85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 

 

adwcleaner

 

 

# AdwCleaner v3.007 - Relatório criado 12/10/2013 às 11:36:34
# Atualizado 09/10/2013 por Xplode
# Sistema Operacional : Windows 8 Single Language  (64 bits)
# Usuário : k1d0t4 - FRED
# Executando de : C:\Users\k1d0t4\Desktop\adwcleaner\adwcleaner.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\Ask
Pasta Deletada : C:\ProgramData\IBUpdaterService
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
Pasta Deletada : C:\Program Files (x86)\DealPly
Pasta Deletada : C:\Program Files (x86)\Iminent
Pasta Deletada : C:\Program Files (x86)\Plus-HD-2.3
Pasta Deletada : C:\Program Files (x86)\SimilarSites
Pasta Deletada : C:\Program Files (x86)\Softonic
Pasta Deletada : C:\Users\k1d0t4\AppData\Local\DProtect
Pasta Deletada : C:\Users\k1d0t4\AppData\Local\Temp\DProtect
Pasta Deletada : C:\Users\k1d0t4\AppData\Local\Temp\eIntaller
Pasta Deletada : C:\Users\k1d0t4\AppData\LocalLow\Softonic
Pasta Deletada : C:\Users\k1d0t4\AppData\Roaming\baidu
Pasta Deletada : C:\Users\k1d0t4\AppData\Roaming\DealPly
Pasta Deletada : C:\Users\k1d0t4\AppData\Roaming\SimilarSites
Pasta Deletada : C:\Users\k1d0t4\AppData\Roaming\Softonic
Pasta Deletada : C:\Users\k1d0t4\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf
Pasta Deletada : C:\Users\k1d0t4\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Pasta Deletada : C:\Users\k1d0t4\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec
Arquivo Deletada : C:\Users\k1d0t4\AppData\Roaming\speedanalysis.ico
Arquivo Deletada : C:\Users\k1d0t4\Desktop\SpeedAnalysis.lnk
Arquivo Deletada : C:\Users\k1d0t4\AppData\Roaming\Mozilla\Firefox\Profiles\3qqvg45p.default\searchplugins\Web Search.xml
Arquivo Deletada : C:\Users\k1d0t4\AppData\Roaming\Mozilla\Firefox\Profiles\3qqvg45p.default\user.js
Arquivo Deletada : C:\windows\System32\Tasks\Dealply
Arquivo Deletada : C:\windows\System32\Tasks\DealPlyUpdate
Arquivo Deletada : C:\windows\Tasks\Plus-HD-2.3-chromeinstaller.job
Arquivo Deletada : C:\windows\System32\Tasks\Plus-HD-2.3-chromeinstaller
Arquivo Deletada : C:\windows\Tasks\Plus-HD-2.3-codedownloader.job
Arquivo Deletada : C:\windows\System32\Tasks\Plus-HD-2.3-codedownloader
Arquivo Deletada : C:\windows\Tasks\Plus-HD-2.3-enabler.job
Arquivo Deletada : C:\windows\System32\Tasks\Plus-HD-2.3-enabler
Arquivo Deletada : C:\windows\Tasks\Plus-HD-2.3-updater.job
Arquivo Deletada : C:\windows\System32\Tasks\Plus-HD-2.3-updater

***** [ Atalhos ] *****

Atalho Desinfectada : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Atalho Desinfectada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Atalho Desinfectada : C:\Users\k1d0t4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Atalho Desinfectada : C:\Users\k1d0t4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Atalho Desinfectada : C:\Users\k1d0t4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
Atalho Desinfectada : C:\Users\k1d0t4\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Atalho Desinfectada : C:\Users\k1d0t4\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\elchiiiejkobdbblfejjkbphbddgmljf
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\escort.escortIEPane
Chave Deletedo : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Chave Deletedo : HKLM\SOFTWARE\Classes\S
Chave Deletedo : HKLM\SOFTWARE\Classes\Softonic.dskBnd
Chave Deletedo : HKLM\SOFTWARE\Classes\Softonic.dskBnd.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr
Chave Deletedo : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr.1
Chave Deletedo : HKLM\SOFTWARE\Classes\SoftonicApp.appCore
Chave Deletedo : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1
Chave Deletedo : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc
Chave Deletedo : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0033426.BHO
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0033426.BHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0033426.Sandbox
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0033426.Sandbox.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0039200.BHO
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0039200.BHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0039200.Sandbox
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0039200.Sandbox.1
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311341126}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322342226}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311921100}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322922200}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355345526}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366346626}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355925500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366926600}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344344426}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344924400}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341126}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311921100}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311341126}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311921100}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5018CFD2-804D-4C99-9F81-25EAEA2769DE}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311921100}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322922200}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355345526}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366346626}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355925500}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366926600}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311921100}
Valor Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Chave Deletedo : HKCU\Software\APN PIP
Chave Deletedo : HKCU\Software\DealPly
Chave Deletedo : HKCU\Software\Iminent
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\installedbrowserextensions
Chave Deletedo : HKCU\Software\smartbar
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\AppDataLow\Software\Crossrider
Chave Deletedo : HKCU\Software\AppDataLow\Software\Plus-HD-2.3
Chave Deletedo : HKLM\Software\DealPly
Chave Deletedo : HKLM\Software\DProtect
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKLM\Software\PIP
Chave Deletedo : HKLM\Software\Plus-HD-2.3
Chave Deletedo : HKLM\Software\portaldositesSoftware
Chave Deletedo : HKLM\Software\Softonic
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DProtect
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-2.3
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic

***** [ Navegadores ] *****

-\\ Internet Explorer v10.0.9200.16537

Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v24.0 (pt-BR)

[ Arquivo : C:\Users\k1d0t4\AppData\Roaming\Mozilla\Firefox\Profiles\3qqvg45p.default\prefs.js ]

Linha deletada : user_pref("browser.search.order.1", "portaldosites");
Linha deletada : user_pref("extensions.Softonic.admin", false);
Linha deletada : user_pref("extensions.Softonic.aflt", "SD");
Linha deletada : user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
Linha deletada : user_pref("extensions.Softonic.autoRvrt", "false");
Linha deletada : user_pref("extensions.Softonic.dfltLng", "br");
Linha deletada : user_pref("extensions.Softonic.dfltSrch", true);
Linha deletada : user_pref("extensions.Softonic.dnsErr", true);
Linha deletada : user_pref("extensions.Softonic.excTlbr", false);
Linha deletada : user_pref("extensions.Softonic.ffxUnstlRst", false);
Linha deletada : user_pref("extensions.Softonic.hmpg", true);
Linha deletada : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00015/tb_v1?SearchSource=13&cc=&mi=3050e7b70000000000009c2a7088d352");
Linha deletada : user_pref("extensions.Softonic.hpOld0", "");
Linha deletada : user_pref("extensions.Softonic.id", "3050e7b70000000000009c2a7088d352");
Linha deletada : user_pref("extensions.Softonic.instlDay", "15872");
Linha deletada : user_pref("extensions.Softonic.instlRef", "MOY00015");
Linha deletada : user_pref("extensions.Softonic.kw_url", "hxxp://search.softonic.com/MOY00015/tb_v1?SearchSource=2&cc=&mi=3050e7b70000000000009c2a7088d352&q=");
Linha deletada : user_pref("extensions.Softonic.newTab", true);
Linha deletada : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00015/tb_v1/?SearchSource=15&cc=&mi=3050e7b70000000000009c2a7088d352");
Linha deletada : user_pref("extensions.Softonic.prdct", "Softonic");
Linha deletada : user_pref("extensions.Softonic.prtnrId", "softonic");
Linha deletada : user_pref("extensions.Softonic.rvrt", "false");
Linha deletada : user_pref("extensions.Softonic.smplGrp", "none");
Linha deletada : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Linha deletada : user_pref("extensions.Softonic.tlbrId", "BASEirobinhoodActive");
Linha deletada : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00015/tb_v1?SearchSource=1&cc=&mi=3050e7b70000000000009c2a7088d352&q=");
Linha deletada : user_pref("extensions.Softonic.vrsn", "1.8.19.3");
Linha deletada : user_pref("extensions.Softonic.vrsnTs", "1.8.19.315:28:41");
Linha deletada : user_pref("extensions.Softonic.vrsni", "1.8.19.3");
Linha deletada : user_pref("extensions.a1c4760d96efb48d1b650e82623c8612e982da7d4d8294a768b8332a7fa75255fcom39200.39200.internaldb.cache/1bb25568f8455e74906142466f792c87_BR.value", "%22var%20cat_1bb25568f8455e749061424[...]
Linha deletada : user_pref("extensions.a1c4760d96efb48d1b650e82623c8612e982da7d4d8294a768b8332a7fa75255fcom39200.39200.internaldb.cache/286965653b415f505622ea74d2bd3bbe_BR.value", "%22var%20cat_286965653b415f505622ea7[...]
Linha deletada : user_pref("extensions.a1c4760d96efb48d1b650e82623c8612e982da7d4d8294a768b8332a7fa75255fcom39200.39200.internaldb.cache/2a71b3b28494cf1854d333288ccc18ba_BR.value", "%22var%20cat_2a71b3b28494cf1854d3332[...]
Linha deletada : user_pref("extensions.a1c4760d96efb48d1b650e82623c8612e982da7d4d8294a768b8332a7fa75255fcom39200.39200.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9.value", "%22function%20tcmMarkWindow%28a%29%7Bva[...]
Linha deletada : user_pref("extensions.a1c4760d96efb48d1b650e82623c8612e982da7d4d8294a768b8332a7fa75255fcom39200.39200.internaldb.cache/62cce7d26ab5636bceb113b988d56c59_BR.value", "%22var%20cat_62cce7d26ab5636bceb113b[...]
Linha deletada : user_pref("extensions.a1c4760d96efb48d1b650e82623c8612e982da7d4d8294a768b8332a7fa75255fcom39200.39200.internaldb.cache/bdfc9dffb595bf8997540ad068713129_BR.value", "%22var%20cat_bdfc9dffb595bf8997540ad[...]
Linha deletada : user_pref("extensions.a1c4760d96efb48d1b650e82623c8612e982da7d4d8294a768b8332a7fa75255fcom39200.39200.internaldb.cache/d965aead622233a60676ef2349956f38_BR.value", "%22var%20cat_d965aead622233a60676ef2[...]
Linha deletada : user_pref("extensions.a1c4760d96efb48d1b650e82623c8612e982da7d4d8294a768b8332a7fa75255fcom39200.39200.internaldb.cache/d9fe5d2850f1ed167451b193e8bd0e0c_BR.value", "%22var%20cat_d9fe5d2850f1ed167451b19[...]
Linha deletada : user_pref("extensions.crossrider.bic", "14129d713d6dfedef52d3c991038cc29");
Linha deletada : user_pref("extensions.helperbar.DockingPositionDown", true);
Linha deletada : user_pref("extensions.helperbar.LastHiddenTime", 22988323);
Linha deletada : user_pref("extensions.helperbar.SmartbarDisabled", false);
Linha deletada : user_pref("extensions.helperbar.SmartbarStateMinimaized", true);
Linha deletada : user_pref("extensions.helperbar.Visibility", true);
Linha deletada : user_pref("extensions.helperbar.countryiso", "tj");
Linha deletada : user_pref("extensions.helperbar.downloadprovider", "tightropeyb");
Linha deletada : user_pref("extensions.helperbar.installationid", "677dcbed-c1a6-74b4-0b68-ea8298d19404");
Linha deletada : user_pref("extensions.helperbar.installdate", "15/09/2013");
Linha deletada : user_pref("extensions.helperbar.publisher", "tightropeyb");

-\\ Google Chrome v

[ Arquivo : C:\Users\k1d0t4\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [36270 octets] - [12/10/2013 11:29:43]
AdwCleaner[S0].txt - [32211 octets] - [12/10/2013 11:36:34]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [32272 octets] ##########
 



#4
JoseMelo

JoseMelo

    Assistente Profissional

  • Assistente Profissional
  • 125.270 posts
- Faça o download do Malwarebytes Anti-Malware
  • Desative o antivírus;
  • Faça a instalação dando um duplo clique em "mbam-setup.exe";
  • Marque "Atualizar Malwarebytes Anti-Malware" e "Executar Malwarebytes Anti-Malware", e clique em concluir;
  • Marque "Verificação Completa" e depois clique em Verificar;
  • Quando o scan terminar, clique em Ok e em "Mostrar Resultados" para ver o log;
  • Se algo for detectado, veja se tudo está marcado e clique em "Remover";
  • O log é automaticamente gravado e pode ser consultado clicando em "Logs" do menu principal;
  • Copie e cole o conteúdo desse log na sua próxima resposta.
  • - Poste novo log do HijackThis.


    #5
    k1d0t4

    k1d0t4

      Membro

    • Membro
    • PipPip
    • 51 posts

    Segue abaixo os logs solicitados:

     

    mbam

     

    Malwarebytes Anti-Malware (Trial) 1.75.0.1300
    www.malwarebytes.org

    Versão da Base de Dados:  v2013.10.13.04

    Windows 8 x64 NTFS
    Internet Explorer 10.0.9200.16721
    k1d0t4 :: FRED [administrador]

    Proteção: Permitir

    13/10/2013 13:57:49
    mbam-log-2013-10-13 (13-57-49).txt

    Tipo de Verificação:  Verificação Completa  (C:\|)
    Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos  | Heurística/Extra | Heurística/Shuriken | PUP | PUM
    Opções de verificação desativadas: P2P
    Objetos escaneados:  415895
    Tempo decorrido: 1 hora(s), 40 minuto(s), 22 segundo(s)

    Processos de Memória Detectados: 0
    (Não foram detectados ítens maliciosos)

    Módulos de Memória Detectados: 0
    (Não foram detectados ítens maliciosos)

    Chaves de Registro Detectadas: 16
    HKCR\CLSID\{ECFCEA8D-502E-40E5-988C-010D4E465D67} (PUP.Optional.BestToolbars) -> Enviado para a Quarentena e deletado com sucesso.
    HKCR\CLSID\{7F5A6891-3C17-45A7-83B8-00B498A40A10} (PUP.Optional.BestToolbars) -> Enviado para a Quarentena e deletado com sucesso.
    HKCR\TypeLib\{399EE564-AFA7-4BF7-8B67-311CF9E6D415} (PUP.Optional.BestToolbars) -> Enviado para a Quarentena e deletado com sucesso.
    HKCR\Speed Analysis 4.Tool.1 (PUP.Optional.BestToolbars) -> Enviado para a Quarentena e deletado com sucesso.
    HKCR\Speed Analysis 4.Tool (PUP.Optional.BestToolbars) -> Enviado para a Quarentena e deletado com sucesso.
    HKCR\Speed Analysis 4.ScriptHostObject.1 (PUP.Optional.BestToolbars) -> Enviado para a Quarentena e deletado com sucesso.
    HKCR\Speed Analysis 4.ScriptHostObject (PUP.Optional.BestToolbars) -> Enviado para a Quarentena e deletado com sucesso.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ECFCEA8D-502E-40E5-988C-010D4E465D67} (PUP.Optional.BestToolbars) -> Enviado para a Quarentena e deletado com sucesso.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{ECFCEA8D-502E-40E5-988C-010D4E465D67} (PUP.Optional.BestToolbars) -> Enviado para a Quarentena e deletado com sucesso.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ECFCEA8D-502E-40E5-988C-010D4E465D67} (PUP.Optional.BestToolbars) -> Enviado para a Quarentena e deletado com sucesso.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{323420B6-65E5-4657-8106-A27392D4D4AA} (PUP.Optional.LinkSwift.A) -> Enviado para a Quarentena e deletado com sucesso.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{323420B6-65E5-4657-8106-A27392D4D4AA} (PUP.Optional.LinkSwift.A) -> Enviado para a Quarentena e deletado com sucesso.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Speed Analysis 4 (PUP.Optional.7Go.A) -> Enviado para a Quarentena e deletado com sucesso.
    HKLM\SOFTWARE\Plus-HD-4.1 (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    HKLM\SOFTWARE\Google\Chrome\Extensions\mbmpjbkgemhgalmeiigcdljkccfcafoj (PUP.Optional.SpeedAnalysis3.A) -> Enviado para a Quarentena e deletado com sucesso.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-4.1 (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.

    Valores de Registro Detectadas: 0
    (Não foram detectados ítens maliciosos)

    Itens de Dados no Registro Detectadas: 0
    (Não foram detectados ítens maliciosos)

    Pastas Detectadas: 3
    C:\Windows\System32\config\systemprofile\AppData\Roaming\DealPly (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Windows\System32\config\systemprofile\AppData\Roaming\DealPly\UpdateProc (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Program Files (x86)\Plus-HD-4.1 (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.

    Arquivos Detectados: 62
    C:\Program Files (x86)\Speed Analysis 4\ScriptHost.dll (PUP.Optional.BestToolbars) -> Enviado para a Quarentena e deletado com sucesso.
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPlyIE.dll.vir (PUP.DealPly) -> Enviado para a Quarentena e deletado com sucesso.
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPlyUpdate.exe.vir (PUP.Optional.Dealply) -> Enviado para a Quarentena e deletado com sucesso.
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPlyUpdateRun.exe.vir (PUP.Optional.Dealply) -> Enviado para a Quarentena e deletado com sucesso.
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-bg.exe.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-bho.dll.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-buttonutil.exe.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-buttonutil64.exe.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-chromeinstaller.exe.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-codedownloader.exe.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-enabler.exe.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-updater.exe.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.3\Uninstall.exe.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\AdwCleaner\Quarantine\C\Users\k1d0t4\AppData\Local\DProtect\eBP.dll.vir (Trojan.Staser) -> Enviado para a Quarentena e deletado com sucesso.
    C:\AdwCleaner\Quarantine\C\Users\k1d0t4\AppData\Local\DProtect\eBPSD.dll.vir (Trojan.Staser) -> Enviado para a Quarentena e deletado com sucesso.
    C:\AdwCleaner\Quarantine\C\Users\k1d0t4\AppData\Local\Temp\eIntaller\9E7446BEB572422a9B0E5E30E7428F2A\eXQ.exe.vir (PUP.Optional.DProtect.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Program Files (x86)\Plus-HD-4.1\Plus-HD-4.1-bg.exe (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Program Files (x86)\Plus-HD-4.1\Plus-HD-4.1-bho.dll (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Program Files (x86)\Plus-HD-4.1\Plus-HD-4.1-bho64.dll (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Program Files (x86)\Plus-HD-4.1\Plus-HD-4.1-buttonutil.dll (PUP.Optional.Crossrider) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Program Files (x86)\Plus-HD-4.1\Plus-HD-4.1-buttonutil.exe (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Program Files (x86)\Plus-HD-4.1\Plus-HD-4.1-buttonutil64.exe (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Program Files (x86)\Plus-HD-4.1\Plus-HD-4.1-chromeinstaller.exe (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Program Files (x86)\Plus-HD-4.1\Plus-HD-4.1-codedownloader.exe (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Program Files (x86)\Plus-HD-4.1\Plus-HD-4.1-enabler.exe (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Program Files (x86)\Plus-HD-4.1\Plus-HD-4.1-firefoxinstaller.exe (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Program Files (x86)\Plus-HD-4.1\Plus-HD-4.1-updater.exe (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Program Files (x86)\Plus-HD-4.1\utils.exe (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Program Files (x86)\Speed Analysis 4\uninst.exe (PUP.Optional.7Go.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Users\k1d0t4\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\80YN0ELG\Setup[1].exe (PUP.Optional.LinkSwift.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Users\k1d0t4\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PZUFEHX3\bi_downloader[1].exe (PUP.Optional.Somoto.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Users\k1d0t4\AppData\Local\Temp\+nk9Xzsd.exe.part (PUP.Optional.Installex) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Users\k1d0t4\AppData\Local\Temp\ICReinstall_mozilla-firefox-210-baixaki-32-bits.exe (PUP.Optional.InstallCore) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Users\k1d0t4\AppData\Local\Temp\KMP_3.6.0.87.exe (PUP.Optional.Softonic) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Users\k1d0t4\AppData\Local\Temp\nsrCA.tmp (PUP.Optional.Somoto.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Users\k1d0t4\AppData\Local\Temp\tBnOORTo.exe.part (PUP.Optional.InstallCore) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Users\k1d0t4\AppData\Local\Temp\is1275519350\PlusHd_BR.exe (PUP.Optional.CrossRider) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Users\k1d0t4\AppData\Local\Temp\is701137889\dp.exe (PUP.DealPly) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Users\k1d0t4\AppData\Local\Temp\_ir_sf_temp_0\flvinstaller.exe (PUP.DownloadAdmin) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Users\k1d0t4\AppData\Roaming\uTorrent\ism.exe (PUP.Optional.Conduit.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Users\k1d0t4\Downloads\AdCleaner_121.exe (PUP.Optional.UltraDownloads.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Users\k1d0t4\Downloads\DTLite4461-0328.exe (PUP.Optional.OpenCandy) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Users\k1d0t4\Downloads\flv-player-&-downloader-2025-32-bits.exe (PUP.Optional.InstallCore) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Users\k1d0t4\Downloads\mozilla-firefox-210-baixaki-32-bits.exe (PUP.Optional.InstallCore) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Users\k1d0t4\Downloads\SoftonicDownloader_para_flv-player.exe (PUP.Optional.Softonic.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Users\k1d0t4\Downloads\SoftonicDownloader_para_mozilla-firefox.exe (PUP.Optional.Softonic) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Windows\Tasks\Plus-HD-4.1-chromeinstaller.job (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Windows\Tasks\Plus-HD-4.1-codedownloader.job (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Windows\Tasks\Plus-HD-4.1-enabler.job (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Windows\Tasks\Plus-HD-4.1-firefoxinstaller.job (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Windows\Tasks\Plus-HD-4.1-updater.job (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\User Data\Default\Extensions\newtab.crx (PUP.Optional.Elex.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Windows\System32\config\systemprofile\AppData\Roaming\DealPly\UpdateProc\config.dat (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Windows\System32\config\systemprofile\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Program Files (x86)\Plus-HD-4.1\39200.crx (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Program Files (x86)\Plus-HD-4.1\39200.xpi (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Program Files (x86)\Plus-HD-4.1\background.html (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Program Files (x86)\Plus-HD-4.1\Installer.log (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Program Files (x86)\Plus-HD-4.1\Plus-HD-4.1-buttonutil64.dll (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Program Files (x86)\Plus-HD-4.1\Plus-HD-4.1-helper.exe (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Program Files (x86)\Plus-HD-4.1\Plus-HD-4.1.ico (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Program Files (x86)\Plus-HD-4.1\Uninstall.exe (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.

    (fim)
     

     

    segundo log do mbam:

     

     

    2013/10/13 13:55:02 -0300    FRED    k1d0t4    MESSAGE    Executing scheduled update:  Daily
    2013/10/13 13:55:04 -0300    FRED    k1d0t4    MESSAGE    Starting protection
    2013/10/13 13:55:04 -0300    FRED    k1d0t4    MESSAGE    Protection started successfully
    2013/10/13 13:55:04 -0300    FRED    k1d0t4    MESSAGE    Starting IP protection
    2013/10/13 13:55:14 -0300    FRED    k1d0t4    MESSAGE    IP Protection started successfully
    2013/10/13 13:55:46 -0300    FRED    k1d0t4    MESSAGE    Starting database refresh
    2013/10/13 13:55:46 -0300    FRED    k1d0t4    MESSAGE    Stopping IP protection
    2013/10/13 13:55:46 -0300    FRED    k1d0t4    MESSAGE    Scheduled update executed successfully:  database updated from version v2013.04.04.07 to version v2013.10.13.04
    2013/10/13 13:55:47 -0300    FRED    k1d0t4    MESSAGE    IP Protection stopped successfully
    2013/10/13 13:55:49 -0300    FRED    k1d0t4    MESSAGE    Database refreshed successfully
    2013/10/13 13:55:49 -0300    FRED    k1d0t4    MESSAGE    Starting IP protection
    2013/10/13 13:55:51 -0300    FRED    k1d0t4    MESSAGE    IP Protection started successfully
    2013/10/13 13:56:05 -0300    FRED    k1d0t4    IP-BLOCK    218.8.126.63 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 13:56:50 -0300    FRED    k1d0t4    MESSAGE    Starting database refresh
    2013/10/13 13:56:50 -0300    FRED    k1d0t4    MESSAGE    Stopping IP protection
    2013/10/13 13:56:50 -0300    FRED    k1d0t4    MESSAGE    IP Protection stopped successfully
    2013/10/13 13:56:53 -0300    FRED    k1d0t4    MESSAGE    Database refreshed successfully
    2013/10/13 13:56:53 -0300    FRED    k1d0t4    MESSAGE    Starting IP protection
    2013/10/13 13:56:56 -0300    FRED    k1d0t4    MESSAGE    IP Protection started successfully
    2013/10/13 13:58:29 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 13:58:45 -0300    FRED    k1d0t4    IP-BLOCK    194.165.0.6 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 13:58:45 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 13:59:17 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:02:29 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:02:45 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:03:17 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:03:41 -0300    FRED    k1d0t4    IP-BLOCK    89.28.51.209 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:04:30 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:04:30 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:04:46 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:05:18 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:06:54 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:06:54 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:07:10 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:07:42 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:08:38 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:08:38 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:08:54 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:09:10 -0300    FRED    k1d0t4    IP-BLOCK    218.8.153.114 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:09:10 -0300    FRED    k1d0t4    IP-BLOCK    218.8.153.114 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:09:26 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:10:30 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:10:30 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:10:46 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:11:18 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:12:54 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:12:54 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:13:02 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:13:34 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:14:14 -0300    FRED    k1d0t4    IP-BLOCK    89.28.124.200 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:14:14 -0300    FRED    k1d0t4    IP-BLOCK    89.28.124.200 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:14:14 -0300    FRED    k1d0t4    IP-BLOCK    77.78.229.152 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:14:14 -0300    FRED    k1d0t4    IP-BLOCK    77.78.229.152 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:16:54 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:16:54 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:17:02 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:17:34 -0300    FRED    k1d0t4    IP-BLOCK    218.8.126.63 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:17:34 -0300    FRED    k1d0t4    IP-BLOCK    218.8.126.63 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:17:34 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:18:38 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:18:38 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:18:54 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:19:26 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:21:03 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:21:03 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:21:19 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:21:51 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:26:23 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:26:55 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:28:23 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:28:23 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:28:39 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:29:03 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:36:31 -0300    FRED    k1d0t4    IP-BLOCK    89.28.124.200 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:36:31 -0300    FRED    k1d0t4    IP-BLOCK    89.28.124.200 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:37:27 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:37:27 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:37:43 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:38:15 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:39:19 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:39:19 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:39:27 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:39:59 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:40:07 -0300    FRED    k1d0t4    IP-BLOCK    218.8.126.63 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:40:07 -0300    FRED    k1d0t4    IP-BLOCK    218.8.126.63 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:40:39 -0300    FRED    k1d0t4    IP-BLOCK    91.188.52.200 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:40:39 -0300    FRED    k1d0t4    IP-BLOCK    91.188.52.200 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:41:59 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:42:00 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:42:16 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:42:48 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:44:00 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:44:00 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:44:40 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:47:36 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:47:36 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:47:52 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:50:08 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:50:08 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:50:24 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:50:56 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:52:16 -0300    FRED    k1d0t4    IP-BLOCK    89.28.85.2 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:52:16 -0300    FRED    k1d0t4    IP-BLOCK    89.28.85.2 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:52:16 -0300    FRED    k1d0t4    IP-BLOCK    58.240.138.33 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:52:16 -0300    FRED    k1d0t4    IP-BLOCK    58.240.138.33 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:55:04 -0300    FRED    k1d0t4    IP-BLOCK    222.170.120.41 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:55:04 -0300    FRED    k1d0t4    IP-BLOCK    222.170.120.41 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:58:01 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:58:01 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 14:58:17 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:00:41 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:00:41 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:00:57 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:01:29 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:02:33 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:02:33 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:03:13 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:03:21 -0300    FRED    k1d0t4    IP-BLOCK    91.188.52.200 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:03:21 -0300    FRED    k1d0t4    IP-BLOCK    91.188.52.200 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:06:58 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:06:58 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:07:14 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:07:46 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:08:02 -0300    FRED    k1d0t4    IP-BLOCK    218.8.153.114 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:08:02 -0300    FRED    k1d0t4    IP-BLOCK    218.8.153.114 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:08:58 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:08:58 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:09:14 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:09:38 -0300    FRED    k1d0t4    IP-BLOCK    91.188.48.112 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:09:38 -0300    FRED    k1d0t4    IP-BLOCK    91.188.48.112 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:09:46 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:11:22 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:11:22 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:11:38 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:12:10 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:14:50 -0300    FRED    k1d0t4    IP-BLOCK    89.28.124.200 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:14:50 -0300    FRED    k1d0t4    IP-BLOCK    89.28.124.200 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:15:22 -0300    FRED    k1d0t4    IP-BLOCK    77.78.253.215 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:15:22 -0300    FRED    k1d0t4    IP-BLOCK    77.78.253.215 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:18:42 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:18:42 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:18:58 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:19:30 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:21:22 -0300    FRED    k1d0t4    IP-BLOCK    89.28.102.19 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:21:22 -0300    FRED    k1d0t4    IP-BLOCK    89.28.102.19 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:21:46 -0300    FRED    k1d0t4    IP-BLOCK    89.28.124.200 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:21:46 -0300    FRED    k1d0t4    IP-BLOCK    89.28.124.200 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:21:54 -0300    FRED    k1d0t4    IP-BLOCK    218.8.153.114 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:21:54 -0300    FRED    k1d0t4    IP-BLOCK    218.8.153.114 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:22:42 -0300    FRED    k1d0t4    IP-BLOCK    31.133.44.88 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:22:42 -0300    FRED    k1d0t4    IP-BLOCK    31.133.44.88 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:28:27 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:28:27 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:28:43 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:29:15 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:31:07 -0300    FRED    k1d0t4    IP-BLOCK    218.8.126.63 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:31:07 -0300    FRED    k1d0t4    IP-BLOCK    218.8.126.63 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:32:03 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:32:03 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:32:43 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:38:03 -0300    FRED    k1d0t4    IP-BLOCK    89.28.124.200 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:38:03 -0300    FRED    k1d0t4    IP-BLOCK    89.28.124.200 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:39:39 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:40:03 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:44:04 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:44:04 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:44:20 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:44:52 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:47:40 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:47:40 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:47:56 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:48:28 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:50:12 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:50:12 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:50:28 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:50:44 -0300    FRED    k1d0t4    IP-BLOCK    218.8.153.114 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:50:44 -0300    FRED    k1d0t4    IP-BLOCK    218.8.153.114 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:51:00 -0300    FRED    k1d0t4    IP-BLOCK    77.78.244.54 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:51:00 -0300    FRED    k1d0t4    IP-BLOCK    77.78.244.54 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:51:00 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:57:00 -0300    FRED    k1d0t4    IP-BLOCK    218.8.126.63 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:57:00 -0300    FRED    k1d0t4    IP-BLOCK    218.8.126.63 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:57:40 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:57:40 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:57:56 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:58:28 -0300    FRED    k1d0t4    IP-BLOCK    94.228.222.192 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 15:59:19 -0300    FRED    (null)    MESSAGE    Starting protection
    2013/10/13 15:59:19 -0300    FRED    (null)    MESSAGE    Protection started successfully
    2013/10/13 15:59:19 -0300    FRED    (null)    MESSAGE    Starting IP protection
    2013/10/13 15:59:22 -0300    FRED    (null)    MESSAGE    IP Protection started successfully
    2013/10/13 16:02:07 -0300    FRED    k1d0t4    IP-BLOCK    89.28.16.194 (Type: outgoing, Port: 55962, Process: utorrent.exe)
    2013/10/13 16:02:07 -0300    FRED    k1d0t4    IP-BLOCK    89.28.16.194 (Type: outgoing, Port: 55962, Process: utorrent.exe)
     

     

     

     

    hijackthis

     

     

    Logfile of HijackThis v1.99.1
    Scan saved at 16:04:11, on 13/10/2013
    Platform: Unknown Windows (WinNT 6.02.1008)
    MSIE: Internet Explorer v10.0 (10.00.9200.16537)

    Running processes:
    C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Users\k1d0t4\Downloads\uTorrent.exe
    C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
    C:\Users\k1d0t4\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
    C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
    C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
    C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
    C:\windows\SysWOW64\NOTEPAD.EXE
    C:\Users\k1d0t4\Desktop\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
    O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
    O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
    O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
    O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    O4 - HKCU\..\Run: [uTorrent] "C:\Users\k1d0t4\Downloads\uTorrent.exe"  /MINIMIZED
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
    O4 - Startup: Dropbox.lnk = C:\Users\k1d0t4\AppData\Roaming\Dropbox\bin\Dropbox.exe
    O4 - Startup: Microsoft Office Groove.lnk = C:\Program Files (x86)\Microsoft Office\Office12\GROOVE.EXE
    O4 - Startup: Monitor da tecnologia Intel® Turbo Boost 2.6.lnk = C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
    O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
    O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O11 - Options group: [INTERNATIONAL] International
    O13 - Gopher Prefix:
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20 - AppInit_DLLs: C:\Users\k1d0t4\AppData\Local\DProtect\eBP.dll,C:\Users\k1d0t4\AppData\Local\DProtect\eBPSD.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
    O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
    O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
    O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
    O23 - Service: McAfee Home Network (HomeNetSvc) - Unknown owner - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc (file missing)
    O23 - Service: Tecnologia de armazenamento Intel® Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
    O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
    O23 - Service: Intel® Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\Windows\SysWOW64\irstrtsv.exe
    O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
    O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe
    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
    O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - Unknown owner - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc (file missing)
    O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - Unknown owner - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc (file missing)
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
    O23 - Service: McAfee Platform Services (mcpltsvc) - Unknown owner - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc (file missing)
    O23 - Service: McAfee Proxy Service (McProxy) - Unknown owner - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc (file missing)
    O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
    O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - Unknown owner - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
    O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10102 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
    O23 - Service: Intel® Turbo Boost Technology Monitor 2.6 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - %ProgramFiles%\Windows Defender\MsMpEng.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
     



    #6
    JoseMelo

    JoseMelo

      Assistente Profissional

    • Assistente Profissional
    • 125.270 posts
    Faça o download do Kaspersky Virus Removal Tool:
     
    Salve-o em sua área de trabalho.
     
    - Duplo clique no arquivo "setup" e aguarde a instalação;
    - Na próxima tela marque I accept the licence agreement e clique em Start
    - Clique no botão f4uZX.png e marque:
    • Meu computador
  • Disco local (C:) (a letra do disco local pode variar)
  • - Clique em Actions e desmarque os dois quadros:
    Zqewdl.jpg
    - Clique na aba Automatic Scan e aguarde o término da verificação.
     
    - Clique  no botão zNEXl.jpg, em Detected threats e no botão "Save".
    - Copie o conteúdo do arquivo salvo (se houver algo detectado) e poste na sua próxima resposta.


    #7
    k1d0t4

    k1d0t4

      Membro

    • Membro
    • PipPip
    • 51 posts

    Segue abaixo o log, conforme solicitado:

     

    Status: Detected   (events: 1)    
    15/10/2013 09:51:22    Detected    Trojan program Trojan.Win32.Staser.fv    C:\AdwCleaner\Quarantine\C\Users\k1d0t4\AppData\Local\Temp\eIntaller\9E7446BEB572422a9B0E5E30E7428F2A\DProtect.exe.vir    High    
     



    #8
    JoseMelo

    JoseMelo

      Assistente Profissional

    • Assistente Profissional
    • 125.270 posts

    A detecção já foi excluída pelo AdwCleaner.

     

    - Logs limpos :)

     

    - Faça o download do CCleaner:
    • Clique em Salvar e quando terminado o download, faça a instalação;
  • Abra o programa e clique em Executar Limpeza;
  • Após isto, clique em Registro > Procurar erros > Corrigir erros selecionados
  • - Desative e ative novamente a Restauração do Sistema
     
    - Leia o artigo Proteja seu PC para maiores informações sobre como evitar infecções;
     
    - Se não tiver mais problema, clique no botão LuQlZ.png e diga que o seu caso foi resolvido.


    #9
    k1d0t4

    k1d0t4

      Membro

    • Membro
    • PipPip
    • 51 posts

    JoseMelo,

     

    O problema ainda persiste. O meu PC ainda está muito lento e ainda continua aparecendo um monte de propagandas e pop-ups em qualquer site que eu entre. Será que não tem como verificar com outro programa não?



    #10
    JoseMelo

    JoseMelo

      Assistente Profissional

    • Assistente Profissional
    • 125.270 posts
    - Faça o download do OTL de OldTimer e salve-o no desktop:
  • Feche todas as janelas e execute a ferramenta.
  • Marque as opções Verificar Lop e Verificar Purity
  • - Selecione estas linhas abaixo, clique com o direito sobre a seleção, e escolha a opção copiar:
    netsvcs
    msconfig
    drivers32
    %systemroot%\system32\drivers\*.* /90
    %userprofile%\*.*
    %SYSTEMDRIVE%\*.*
    %PROGRAMFILES%\*.*
    %ALLUSERSPROFILE%\*.*
    %APPDATA%\Microsoft\*.*
    %PROGRAMFILES%\*.*
    %PROGRAMFILES%\Internet Explorer\*.*
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
    
    - Volte ao programa, clique com o botão direito do mouse em qualquer parte branca da sessão Exames Personalizados/Correções e escolha colar;
    - Clique no botão Verificar;
    - Anexe o log do OTL.


    #11
    k1d0t4

    k1d0t4

      Membro

    • Membro
    • PipPip
    • 51 posts

    Segue em anexo os logs, conforme solicitado.

    Arquivo(s) anexado(s)



    #12
    JoseMelo

    JoseMelo

      Assistente Profissional

    • Assistente Profissional
    • 125.270 posts
    - Execute o OTL (clique com o botão direito do mouse sobre o executável > Executar como admnistrador), copie o texto abaixo, dentro do "code" e cole no campo nH1CH.png
     
    :OTL
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=CT3310393&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPD3E21734-4FC2-44DD-BC5A-308A10D3B6B5
    IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.conduit.com/Results.aspx?ctid=CT3310393&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPD3E21734-4FC2-44DD-BC5A-308A10D3B6B5&q={searchTerms}
    FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT3310393&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPD3E21734-4FC2-44DD-BC5A-308A10D3B6B5"
    CHR - homepage: http://br.hao123.com/?tn=ultra_pay_hp_02_hao123_br
    CHR - Extension: No name found = C:\Users\k1d0t4\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbmpjbkgemhgalmeiigcdljkccfcafoj\1.0.0.3\
    O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
     
    
     
    :Services
     
    :Reg
     
    :Files
     
    :Commands
    [emptyjava]
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [Reboot]
     
    - Clique no botão Consertar
    - Quando terminado, clique em Ok para reiniciar o computador.
    - Na janela que aparecer, clique em "Executar", copie o conteúdo do log que for aberto e cole na sua próxima resposta, juntamente com um novo log do HijackThis.


    #13
    k1d0t4

    k1d0t4

      Membro

    • Membro
    • PipPip
    • 51 posts

    Segue os logs conforme solicitado:

     

    OTL

     

    All processes killed
    ========== OTL ==========
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}\ not found.
    Prefs.js: "http://search.condui...5A-308A10D3B6B5" removed from browser.startup.homepage
    Use Chrome's Settings page to change the HomePage.
    C:\Users\k1d0t4\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbmpjbkgemhgalmeiigcdljkccfcafoj\1.0.0.3\mz folder moved successfully.
    C:\Users\k1d0t4\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbmpjbkgemhgalmeiigcdljkccfcafoj\1.0.0.3 folder moved successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
    ========== SERVICES/DRIVERS ==========
    ========== REGISTRY ==========
    ========== FILES ==========
    ========== COMMANDS ==========
     
    [EMPTYJAVA]
     
    User: All Users
     
    User: Default
     
    User: Default User
     
    User: k1d0t4
    ->Java cache emptied: 92537 bytes
     
    User: Public
     
    User: Todos os Usuários
     
    User: Usuário Padrão
     
    Total Java Files Cleaned = 0,00 mb
     
     
    [EMPTYTEMP]
     
    User: All Users
     
    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
     
    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
     
    User: k1d0t4
    ->Temp folder emptied: 424570713 bytes
    ->Temporary Internet Files folder emptied: 7413260 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 244329598 bytes
    ->Google Chrome cache emptied: 0 bytes
    ->Flash cache emptied: 3698 bytes
     
    User: Public
     
    User: Todos os Usuários
     
    User: Usuário Padrão
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
     
    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 29008 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
    RecycleBin emptied: 0 bytes
     
    Total Files Cleaned = 645,00 mb
     
     
    [EMPTYFLASH]
     
    User: All Users
     
    User: Default
     
    User: Default User
     
    User: k1d0t4
    ->Flash cache emptied: 0 bytes
     
    User: Public
     
    User: Todos os Usuários
     
    User: Usuário Padrão
     
    Total Flash Files Cleaned = 0,00 mb
     
     
    OTL by OldTimer - Version 3.2.69.0 log created on 10172013_175450

    Files\Folders moved on Reboot...
    C:\Users\k1d0t4\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
    C:\Users\k1d0t4\AppData\Local\Mozilla\Firefox\Profiles\3qqvg45p.default\Cache\_CACHE_001_ moved successfully.
    C:\Users\k1d0t4\AppData\Local\Mozilla\Firefox\Profiles\3qqvg45p.default\Cache\_CACHE_002_ moved successfully.
    C:\Users\k1d0t4\AppData\Local\Mozilla\Firefox\Profiles\3qqvg45p.default\Cache\_CACHE_003_ moved successfully.
    C:\Users\k1d0t4\AppData\Local\Mozilla\Firefox\Profiles\3qqvg45p.default\Cache\_CACHE_MAP_ moved successfully.
    C:\Users\k1d0t4\AppData\Local\Mozilla\Firefox\Profiles\3qqvg45p.default\_CACHE_CLEAN_ moved successfully.
    C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...
     

     

     

    hijackthis

     

     

     

    Logfile of HijackThis v1.99.1
    Scan saved at 18:01:34, on 17/10/2013
    Platform: Unknown Windows (WinNT 6.02.1008)
    MSIE: Internet Explorer v10.0 (10.00.9200.16537)

    Running processes:
    C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
    C:\Users\k1d0t4\Downloads\uTorrent.exe
    C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    C:\Users\k1d0t4\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
    C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
    C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
    C:\Users\k1d0t4\Desktop\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
    O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
    O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
    O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
    O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    O4 - HKCU\..\Run: [uTorrent] "C:\Users\k1d0t4\Downloads\uTorrent.exe"  /MINIMIZED
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
    O4 - Startup: Dropbox.lnk = C:\Users\k1d0t4\AppData\Roaming\Dropbox\bin\Dropbox.exe
    O4 - Startup: Microsoft Office Groove.lnk = C:\Program Files (x86)\Microsoft Office\Office12\GROOVE.EXE
    O4 - Startup: Monitor da tecnologia Intel® Turbo Boost 2.6.lnk = C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
    O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
    O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O11 - Options group: [INTERNATIONAL] International
    O13 - Gopher Prefix:
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20 - AppInit_DLLs: C:\Users\k1d0t4\AppData\Local\DProtect\eBP.dll,C:\Users\k1d0t4\AppData\Local\DProtect\eBPSD.dll
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - Unknown owner - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc (file missing)
    O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
    O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - %ProgramFiles%\Windows Defender\MsMpEng.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)
     



    #14
    JoseMelo

    JoseMelo

      Assistente Profissional

    • Assistente Profissional
    • 125.270 posts

    O problema ainda ocorre?



    #15
    k1d0t4

    k1d0t4

      Membro

    • Membro
    • PipPip
    • 51 posts

    Cara, ta sim. Do mesmo jeito.

     

    Eu to mandando em anexo dois exemplos de como esses malditos adwares estão no meu browser ainda. Repara que, no print2, aqueles links que eu destaquei, na verdade não existe. Se você passar o mouse em cima deles, fica aparecendo umas propagandas. Sem contar que eu não estou mais conseguindo nem ver nenhum tipo vídeo, de tanto que fica travando. O computador como um todo está muito lento.

    Arquivo(s) anexado(s)


    Editado por k1d0t4, 18 outubro 2013 - 18:20.


    #16
    JoseMelo

    JoseMelo

      Assistente Profissional

    • Assistente Profissional
    • 125.270 posts
    Faça o download do RogueKiller e salve no desktop.
     
    Dê um duplo-clique sobre o RogueKiller.exe.
     
    - No Windows Vista e Windows 7 clique com o direito sobre o RogueKiller.exe e selecione run_as_adm1.png
     
    Clique no botão Scan. Aguarde o exame finalizar.
     
    Clique no botão Report. Abrirá um bloco de notas com informações. 
     
    O log será salvo no desktop com o nome  de RKreport[1].txt.
     
    Selecione, copie e cole o conteúdo do log na sua próxima resposta.


    #17
    k1d0t4

    k1d0t4

      Membro

    • Membro
    • PipPip
    • 51 posts

    Segue abaixo o log solicitado.

     

    RogueKiller V8.7.4 [Oct 16 2013] Por Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : http://www.adlice.com/forum/
    Site : http://www.adlice.co...es/roguekiller/
    Blog : http://tigzyrk.blogspot.com/

    Sistema Operacional : Windows 8 (6.2.9200 ) 64 bits version
    Iniciado em : Modo Normal
    Usuario : k1d0t4 [Privilegios de Admnistrador]
    Modo : Verificar -- Data : 10/20/2013 22:50:51
    | ARK || FAK || MBR |

    ¤¤¤ Entradas ruins : 0 ¤¤¤

    ¤¤¤ Entradas do Registro : 6 ¤¤¤
    [HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> ENCONTRADO
    [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> ENCONTRADO
    [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableTaskMgr (0) -> ENCONTRADO
    [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> ENCONTRADO
    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> ENCONTRADO
    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> ENCONTRADO

    ¤¤¤ As tarefas agendadas : 0 ¤¤¤

    ¤¤¤ entradas de inicialização : 0 ¤¤¤

    ¤¤¤ Os navegadores da Web : 0 ¤¤¤

    ¤¤¤ Arquivos / Pastas Pessoais: ¤¤¤

    ¤¤¤ Driver : [Não Carregado 0x0] ¤¤¤

    ¤¤¤ Hives externas: ¤¤¤

    ¤¤¤ Infecção :  ¤¤¤

    ¤¤¤ Arquivo de Hosts: ¤¤¤
    --> %SystemRoot%\System32\drivers\etc\hosts




    ¤¤¤ Verificaçao do MBR: ¤¤¤

    +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) (Unidades de disco padrão) -  WDC WD5000LPVT- +++++
    --- User ---
    [MBR] 38cc227e7495915ce1282270dbcb1622
    [BSP] e71e3875203e5e3abc30cedc6cf41873 : Empty MBR Code
    Partition table:
    0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097151 Mo
    User = LL1 ... OK!
    Error reading LL2 MBR!

    +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ SCSI) (Unidades de disco padrão) -  LITEONIT LMT-32 +++++
    --- User ---
    [MBR] b3d791cae6e3668068135d389512d859
    [BSP] 053d2be006cc09846790c00128e40945 : Empty MBR Code
    Partition table:
    0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097151 Mo
    User = LL1 ... OK!
    Error reading LL2 MBR!

    Concluido : << RKreport[0]_S_10202013_225051.txt >>



     



    #18
    JoseMelo

    JoseMelo

      Assistente Profissional

    • Assistente Profissional
    • 125.270 posts

    Rode novamente o RogueKiller, deixe marcado os itens "FOUND" e clique em "Delete". Clique em "Report", veja se o problema ainda ocorre e poste o log aqui.



    #19
    k1d0t4

    k1d0t4

      Membro

    • Membro
    • PipPip
    • 51 posts

    Segue abaixo o log solicitado. O problema ainda está ocorrendo.

     

     

    RogueKiller V8.7.4 [Oct 16 2013] Por Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : http://www.adlice.com/forum/
    Site : http://www.adlice.co...es/roguekiller/
    Blog : http://tigzyrk.blogspot.com/

    Sistema Operacional : Windows 8 (6.2.9200 ) 64 bits version
    Iniciado em : Modo Normal
    Usuario : k1d0t4 [Privilegios de Admnistrador]
    Modo : Remover -- Data : 10/21/2013 18:17:54
    | ARK || FAK || MBR |

    ¤¤¤ Entradas ruins : 0 ¤¤¤

    ¤¤¤ Entradas do Registro : 6 ¤¤¤
    [HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> DELETADO
    [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> DELETADO
    [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableTaskMgr (0) -> [0x2] O sistema não pode encontrar o arquivo especificado.
    [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> [0x2] O sistema não pode encontrar o arquivo especificado.
    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> SUBSTITUIDO (0)
    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> SUBSTITUIDO (0)

    ¤¤¤ As tarefas agendadas : 0 ¤¤¤

    ¤¤¤ entradas de inicialização : 0 ¤¤¤

    ¤¤¤ Os navegadores da Web : 0 ¤¤¤

    ¤¤¤ Arquivos / Pastas Pessoais: ¤¤¤

    ¤¤¤ Driver : [Não Carregado 0x0] ¤¤¤

    ¤¤¤ Hives externas: ¤¤¤

    ¤¤¤ Infecção :  ¤¤¤

    ¤¤¤ Arquivo de Hosts: ¤¤¤
    --> %SystemRoot%\System32\drivers\etc\hosts




    ¤¤¤ Verificaçao do MBR: ¤¤¤

    +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) (Unidades de disco padrão) -  WDC WD5000LPVT- +++++
    --- User ---
    [MBR] 38cc227e7495915ce1282270dbcb1622
    [BSP] e71e3875203e5e3abc30cedc6cf41873 : Empty MBR Code
    Partition table:
    0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097151 Mo
    User = LL1 ... OK!
    Error reading LL2 MBR!

    +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ SCSI) (Unidades de disco padrão) -  LITEONIT LMT-32 +++++
    --- User ---
    [MBR] b3d791cae6e3668068135d389512d859
    [BSP] 053d2be006cc09846790c00128e40945 : Empty MBR Code
    Partition table:
    0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097151 Mo
    User = LL1 ... OK!
    Error reading LL2 MBR!

    Concluido : << RKreport[0]_D_10212013_181754.txt >>
    RKreport[0]_S_10202013_225051.txt;RKreport[0]_S_10212013_181320.txt


     



    #20
    JoseMelo

    JoseMelo

      Assistente Profissional

    • Assistente Profissional
    • 125.270 posts

    Instale a extensão Adblock Plus no Firefox e veja se ainda ocorre.