Como remover relopix

Desejo ajuda para remover o RelopiX do meu computador, fui infectada a cerca de 02 dias e não consigo retirá-lo de forma alguma. Sou novata... OBRIGADA...

Vanessa Dian

 Oi Vanessa! Ficamos muito felizes com sua presença aqui no Fórum.

Faça o download do [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].

*Execute-o e clique no botão Main Menu.

* Na próxima tela que surgirá clique em [Do a system scan and save a logfile].

*Um relatório será apresentado.

*Selecione todo o conteúdo deste relatório e copie (Ctrl+c).

Depois disso é só voltar aqui no fórum e postar este log do Hijackthis para que ele possa ser analisado.

Ficamos no aguardo de sua resposta.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:28:08, on 12/01/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe
C:\Program Files (x86)\Ares\Ares.exe
C:\Users\Vane\AppData\Roaming\Yontoo\YontooDesktop.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe
C:\Users\Vane\AppData\Local\FilesFrog Update Checker\update_checker.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Vane\Downloads\HijackThis (2).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Speed Analysis 2 - {18DBB6CE-3148-4FEC-B481-103CB3290427} - C:\Program Files (x86)\Speed Analysis 2\ScriptHost.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Auxiliar de Conexão de Conta da Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: specialsavings - {938958E8-355C-49FF-92B0-53C1B87ACEA9} - C:\Program Files (x86)\specialsavings\ScriptHost.dll
O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll
O2 - BHO: Samsung BHO Helper - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Sidebar] "C:\Program Files (x86)\Windows Sidebar\sidebar.exe" /autoRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Vane\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Yontoo Desktop] "C:\Users\Vane\AppData\Roaming\Yontoo\YontooDesktop.exe"
O4 - HKCU\..\Run: [LiveSupport] "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [NextLive] C:\windows\SysWOW64\rundll32.exe "C:\Users\Vane\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs:
O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O20 - Winlogon Notify: GbPluginUni - C:\Program Files (x86)\GbPlugin\gbiehUni.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Service - Unknown owner - C:\windows\System32\SUPDSvc.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13150 bytes

Siga, por gentileza, as dicas do tutorial abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste, por gentileza, o log do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt.

Ficamos na espera.

# AdwCleaner v3.016 - Relatório criado 12/01/2014 às 13:34:01
# Atualizado 23/12/2013 por Xplode
# Sistema Operacional : Windows 7 Home Basic Service Pack 1 (64 bits)
# Usuário : Vane - VANESSADIAN
# Executando de : C:\Users\Vane\Downloads\adwcleaner.exe
# Opção : Examinar

***** [ Serviços ] *****

Serviço Encontrado : Yontoo Desktop Updater

***** [ Arquivos / Pastas ] *****

Arquivo Encontrado : C:\Program Files (x86)\Mozilla Firefox\user.js
Arquivo Encontrado : C:\Users\Gildete\AppData\Local\funmoods.crx
Arquivo Encontrado : C:\Users\Gildete\AppData\Local\funmoods-speeddial.crx
Arquivo Encontrado : C:\Users\Gildete\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage
Arquivo Encontrado : C:\Users\Gildete\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage
Arquivo Encontrado : C:\Users\Vane\AppData\Local\funmoods.crx
Arquivo Encontrado : C:\Users\Vane\AppData\Local\funmoods-speeddial.crx
Arquivo Encontrado : C:\Users\Vane\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Arquivo Encontrado : C:\Users\Vane\AppData\Roaming\speedanalysis.ico
Arquivo Encontrado : C:\windows\Downloaded Program Files\popcaploader.inf
Arquivo Encontrado : C:\windows\System32\roboot64.exe
Arquivo Encontrado : C:\windows\System32\Tasks\DealPlyUpdate
Arquivo Encontrado : C:\windows\System32\Tasks\Funmoods
Arquivo Encontrado : C:\windows\System32\Tasks\RunAsStdUser
Arquivo Encontrado : C:\windows\System32\Tasks\SpyHunter4Startup
Pasta Encontrado : C:\Users\Gildete\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Pasta Encontrado : C:\Users\Gildete\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Pasta Encontrado : C:\Users\Gildete\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Pasta Encontrado : C:\Users\Gildete\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Pasta Encontrado C:\Program Files (x86)\AVG Secure Search
Pasta Encontrado C:\Program Files (x86)\Common Files\337
Pasta Encontrado C:\Program Files (x86)\DealPly
Pasta Encontrado C:\Program Files (x86)\Desk 365
Pasta Encontrado C:\Program Files (x86)\Iminent
Pasta Encontrado C:\Program Files (x86)\Mobogenie
Pasta Encontrado C:\Program Files (x86)\PriceGong
Pasta Encontrado C:\Program Files (x86)\SpecialSavings
Pasta Encontrado C:\Program Files (x86)\Speed Analysis 2
Pasta Encontrado C:\Program Files (x86)\Yontoo
Pasta Encontrado C:\ProgramData\apn
Pasta Encontrado C:\ProgramData\Ask
Pasta Encontrado C:\ProgramData\boost_interprocess
Pasta Encontrado C:\ProgramData\IBUpdaterService
Pasta Encontrado C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
Pasta Encontrado C:\ProgramData\Tarma Installer
Pasta Encontrado C:\ProgramData\Trymedia
Pasta Encontrado C:\Users\Gildete\AppData\Local\Babylon
Pasta Encontrado C:\Users\Gildete\AppData\Local\Temp\apn
Pasta Encontrado C:\Users\Gildete\AppData\Local\Temp\Babylon
Pasta Encontrado C:\Users\Gildete\AppData\LocalLow\AskToolbar
Pasta Encontrado C:\Users\Gildete\AppData\Roaming\Babylon
Pasta Encontrado C:\Users\Gildete\Funmoods
Pasta Encontrado C:\Users\Vane\AppData\Local\FilesFrog Update Checker
Pasta Encontrado C:\Users\Vane\AppData\Local\Mobogenie
Pasta Encontrado C:\Users\Vane\AppData\Local\Zoom_Downloader
Pasta Encontrado C:\Users\Vane\AppData\Roaming\baidu
Pasta Encontrado C:\Users\Vane\AppData\Roaming\DealPly
Pasta Encontrado C:\Users\Vane\AppData\Roaming\Desk 365
Pasta Encontrado C:\Users\Vane\AppData\Roaming\Funmoods
Pasta Encontrado C:\Users\Vane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Pasta Encontrado C:\Users\Vane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Pasta Encontrado C:\Users\Vane\AppData\Roaming\PerformerSoft
Pasta Encontrado C:\Users\Vane\AppData\Roaming\pluswinks
Pasta Encontrado C:\Users\Vane\AppData\Roaming\SpecialSavings
Pasta Encontrado C:\Users\Vane\AppData\Roaming\SpeedAnalysis2
Pasta Encontrado C:\Users\Vane\AppData\Roaming\Yontoo
Pasta Encontrado C:\Users\Vane\Documents\Mobogenie
Pasta Encontrado C:\Users\Vane\Documents\optimizer pro
Pasta Encontrado C:\Users\Vane\Funmoods
Pasta Encontrado C:\Users\Visita\AppData\Local\Temp\apn
Pasta Encontrado C:\Users\Visita\AppData\LocalLow\AskToolbar
Pasta Encontrado C:\Users\Visita\AppData\Roaming\Babylon
Pasta Encontrado C:\Users\Visita\AppData\Roaming\Iminent

***** [ Atalhos ] *****

Atalho Encontrado : C:\Users\Vane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )
Atalho Encontrado : C:\Users\Vane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\22find.lnk ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )
Atalho Encontrado : C:\Users\Vane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )

***** [ Registro ] *****

Chave Encontrada : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Encontrada : HKCU\Software\AppDataLow\Software\findlyrics
Chave Encontrada : HKCU\Software\AppDataLow\Software\PriceGong
Chave Encontrada : HKCU\Software\BI
Chave Encontrada : HKCU\Software\DealPly
Chave Encontrada : HKCU\Software\Funmoods
Chave Encontrada : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Chave Encontrada : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Chave Encontrada : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Chave Encontrada : HKCU\Software\IGearSettings
Chave Encontrada : HKCU\Software\Iminent
Chave Encontrada : HKCU\Software\InstallCore
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A5B9C0F5-5616-47CD-A95F-E43B488FACCF}
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{938958E8-355C-49FF-92B0-53C1B87ACEA9}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{04D2B915-19FF-41E9-994D-95DC898BEA43}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{938958E8-355C-49FF-92B0-53C1B87ACEA9}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DEDAF650-12B8-48F5-A843-BBA100716106}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Chave Encontrada : HKCU\Software\Softonic
Chave Encontrada : HKCU\Software\Somoto
Chave Encontrada : [x64] HKCU\Software\BI
Chave Encontrada : [x64] HKCU\Software\DealPly
Chave Encontrada : [x64] HKCU\Software\Funmoods
Chave Encontrada : [x64] HKCU\Software\IGearSettings
Chave Encontrada : [x64] HKCU\Software\Iminent
Chave Encontrada : [x64] HKCU\Software\InstallCore
Chave Encontrada : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A5B9C0F5-5616-47CD-A95F-E43B488FACCF}
Chave Encontrada : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
Chave Encontrada : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Chave Encontrada : [x64] HKCU\Software\Softonic
Chave Encontrada : [x64] HKCU\Software\Somoto
Chave Encontrada : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Encontrada : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Chave Encontrada : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL

Olá VSD

Darei continuidade no seu caso até o retorno do Marcos Felipe...  

Salve qualquer trabalho aberto e feche o seu navegador

*Execute o AdwCleaner, clique [Examinar] e aguarde o término

*Clique [Limpar] e aguarde o término

*Caso seja solicitada a reinicialização do PC, clique [OK] para reiniciar.

*Cole o relatório C:\AdwCleaner\AdwCleaner[S0].txt

# AdwCleaner v3.016 - Relatório criado 12/01/2014 às 13:46:23
# Atualizado 23/12/2013 por Xplode
# Sistema Operacional : Windows 7 Home Basic Service Pack 1 (64 bits)
# Usuário : Vane - VANESSADIAN
# Executando de : C:\Users\Vane\Downloads\adwcleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

[#] Serviço Deletada : Yontoo Desktop Updater

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\Ask
Pasta Deletada : C:\ProgramData\boost_interprocess
Pasta Deletada : C:\ProgramData\IBUpdaterService
Pasta Deletada : C:\ProgramData\Tarma Installer
Pasta Deletada : C:\ProgramData\Trymedia
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
Pasta Deletada : C:\Program Files (x86)\AVG Secure Search
Pasta Deletada : C:\Program Files (x86)\DealPly
Pasta Deletada : C:\Program Files (x86)\Desk 365
Pasta Deletada : C:\Program Files (x86)\Iminent
Pasta Deletada : C:\Program Files (x86)\Mobogenie
Pasta Deletada : C:\Program Files (x86)\PriceGong
Pasta Deletada : C:\Program Files (x86)\SpecialSavings
Pasta Deletada : C:\Program Files (x86)\Speed Analysis 2
Pasta Deletada : C:\Program Files (x86)\Yontoo
Pasta Deletada : C:\Program Files (x86)\Common Files\337
Pasta Deletada : C:\Users\Vane\Funmoods
Pasta Deletada : C:\Users\Vane\AppData\Local\FilesFrog Update Checker
Pasta Deletada : C:\Users\Vane\AppData\Local\Mobogenie
Pasta Deletada : C:\Users\Vane\AppData\Local\Zoom_Downloader
Pasta Deletada : C:\Users\Vane\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Vane\AppData\Roaming\DealPly
Pasta Deletada : C:\Users\Vane\AppData\Roaming\Desk 365
Pasta Deletada : C:\Users\Vane\AppData\Roaming\Funmoods
Pasta Deletada : C:\Users\Vane\AppData\Roaming\PerformerSoft
Pasta Deletada : C:\Users\Vane\AppData\Roaming\pluswinks
Pasta Deletada : C:\Users\Vane\AppData\Roaming\SpecialSavings
Pasta Deletada : C:\Users\Vane\AppData\Roaming\SpeedAnalysis2
Pasta Deletada : C:\Users\Vane\AppData\Roaming\Yontoo
Pasta Deletada : C:\Users\Vane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Pasta Deletada : C:\Users\Vane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Pasta Deletada : C:\Users\Vane\Documents\Mobogenie
Pasta Deletada : C:\Users\Vane\Documents\optimizer pro
Pasta Deletada : C:\Users\Gildete\Funmoods
Pasta Deletada : C:\Users\Gildete\AppData\Local\Babylon
Pasta Deletada : C:\Users\Gildete\AppData\Local\Temp\apn
Pasta Deletada : C:\Users\Gildete\AppData\Local\Temp\Babylon
Pasta Deletada : C:\Users\Gildete\AppData\LocalLow\AskToolbar
Pasta Deletada : C:\Users\Gildete\AppData\Roaming\Babylon
Pasta Deletada : C:\Users\Visita\AppData\Local\Temp\apn
Pasta Deletada : C:\Users\Visita\AppData\LocalLow\AskToolbar
Pasta Deletada : C:\Users\Visita\AppData\Roaming\Babylon
Pasta Deletada : C:\Users\Visita\AppData\Roaming\Iminent
Pasta Deletada : C:\Users\Gildete\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Pasta Deletada : C:\Users\Gildete\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Pasta Deletada : C:\Users\Gildete\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Pasta Deletada : C:\Users\Gildete\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Arquivo Deletada : C:\windows\Downloaded Program Files\popcaploader.inf
Arquivo Deletada : C:\windows\System32\roboot64.exe
Arquivo Deletada : C:\Users\Vane\AppData\Local\funmoods.crx
Arquivo Deletada : C:\Users\Vane\AppData\Local\funmoods-speeddial.crx
Arquivo Deletada : C:\Users\Vane\AppData\Roaming\speedanalysis.ico
Arquivo Deletada : C:\Users\Gildete\AppData\Local\funmoods.crx
Arquivo Deletada : C:\Users\Gildete\AppData\Local\funmoods-speeddial.crx
Arquivo Deletada : C:\Program Files (x86)\Mozilla Firefox\user.js
Arquivo Deletada : C:\Users\Gildete\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage
Arquivo Deletada : C:\Users\Gildete\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage
Arquivo Deletada : C:\Users\Vane\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Arquivo Deletada : C:\windows\System32\Tasks\DealPlyUpdate
Arquivo Deletada : C:\windows\System32\Tasks\Funmoods
Arquivo Deletada : C:\windows\System32\Tasks\RunAsStdUser
Arquivo Deletada : C:\windows\System32\Tasks\SpyHunter4Startup

***** [ Atalhos ] *****

Atalho Desinfectada : C:\Users\Vane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Atalho Desinfectada : C:\Users\Vane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\22find.lnk
Atalho Desinfectada : C:\Users\Vane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registro ] *****

Valor Deletedo : HKCU\Software\Mozilla\Firefox\Extensions [{8A9386B4-E958-4C4C-ADF4-8F26DB3E4829}]
Valor Deletedo : HKCU\Software\Mozilla\Firefox\Extensions [pluswinks@PlusWinks]
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [pluswinks@PlusWinks]
Valor Deletedo : HKCU\Software\Mozilla\Firefox\Extensions [speedanalysis02@SpeedAnalysis.com]
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [speedanalysis02@SpeedAnalysis.com]
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Chave Deletedo : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Chave Deletedo : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\mocblcnaofikinigmceddfghppkkjbog
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.old.Start Page]
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Yontoo Desktop]
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL
Chave Deletedo : HKLM\Software\Classes\popcaploader.popcaploaderctrl2
Chave Deletedo : HKLM\Software\Classes\popcaploader.popcaploaderctrl2.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Classes\Speed Analysis 2.BackgroundHostObject
Chave Deletedo : HKLM\SOFTWARE\Classes\Speed Analysis 2.BackgroundHostObject.1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASMANCS

 Vários problemas foram removidos.
_____________________________________

Siga, por gentileza, as dicas do tutorial abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste, por gentileza, o log do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt .

Ficamos na espera.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Basic x64
Ran by Vane on 12/01/2014 at 14:03:04,68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\livesupport
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4047717540-2445718405-2362667198-1000\Software\babylon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4047717540-2445718405-2362667198-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\DragonSetupAsk_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\DragonSetupAsk_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\DragonSetupAsk_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\DragonSetupAsk_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8CED8F3B-9ED6-4BD0-9D8C-F4C9C60304B8}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Vane\AppData\Roaming\getrighttogo"
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{01BD0DA3-8D88-4B42-81D7-A281D21CF389}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{07261F53-0A91-4654-94EC-ABAC4F41FE79}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{09E4C83F-35FF-4DC2-820A-840341E203AE}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{0A7FD01E-BB39-4925-99D4-20824F2A08F7}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{0F12CD78-C98C-4E23-AEDC-A07424C237FB}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{10BFC87B-5F64-4B2E-91A8-AA31466F2512}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{11579B0E-54FA-4B15-819F-795F52E3EC7E}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{115BCE48-5C3F-461D-9F74-C51F08EAFF7C}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{14446AEB-138A-47F3-B713-9DEFFBFA9D83}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{14DE6225-ED20-4F99-B15C-19FF57B5F1D2}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{1522B3B9-877A-431B-8939-F1A39D9FA291}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{155A4D0C-BACE-46D4-BD78-DAF745DDB447}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{15A58FDA-6230-4CD2-9E8B-30BF78A1201A}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{15D82D0E-3FFE-4A84-9432-46CDE9F45451}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{190445AD-57D1-4751-8116-DC67BCFD6A68}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{1A8D0C54-32D1-4712-93FB-5E4C2552FE1C}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{1D55EF8D-E16A-400E-9337-D4C48450C998}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{1DBF7F9F-5D06-4324-A386-893C90E885A3}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{1E0919D5-ED0C-4FDA-9BB0-4FA4802A4FBE}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{1E55F8B3-9DBD-413D-9824-EE1D1311B29F}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{23F6ED78-376E-4172-8602-88852F98B6FC}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{25294944-9314-476A-B308-6FBAE0EBCBFB}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{2953BA79-9E68-4518-95F2-612077134F08}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{2C8A69F9-78D1-484F-AD4F-0CAA16C9A826}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{3030E3FA-D54C-41BE-AC1D-C531A4E1CEAF}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{30C83F0F-2A14-4E2C-8EBE-111C3D65AB78}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{33F0944C-27C1-449E-B4F6-3740C41BFFFA}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{346613D6-E1CE-46E1-92A0-96B026B8036B}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{3704690B-924B-41E7-8051-AEBB4E4CF530}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{383DD5FD-7224-47C2-A6FB-ED2DC8A56E0A}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{3C91C227-2C90-4B89-82D7-A3DA8F65052A}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{3E680F28-DE8E-4DC4-97DA-64380EFB551A}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{3EB08309-B74B-43D9-AF98-FE689D82CB94}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{3F25F3A6-8116-4BC1-A17F-13DC9313CAF9}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{43DE4825-D4A6-4AD5-9B0D-DC42877CE3F6}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{46D89B60-1910-4224-8AD4-505238A1A2DA}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{4A5B36EE-AFF6-4AC9-BB9B-04BF4E4E4E9E}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{4C988076-D57B-4ED3-8F9D-439ACBD31D8B}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{4FAAA5B3-9B91-404C-9871-04520F1BB0C9}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{51D900A9-C56F-4323-BFE9-5F1279F5A220}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{57ADDD90-09B7-441E-AA15-5541B1319421}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{5E0FB061-8CF1-4E20-A6C2-CC8DC31808DB}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{6035FDE5-E658-4D48-9DF2-606A50DAFCC9}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{6C088421-2247-443B-9EA9-25D1A881D8FB}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{6C925CC7-4C24-40AC-81D9-2957AAA93A5D}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{6D006290-82E5-4D58-BE83-F4F188790091}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{6D1F9901-987F-40D8-BF0E-A7FD86B4444F}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{6D43BB90-4287-491B-8166-A636A3118718}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{6E86A246-0776-49A5-B836-B9A8E577D77C}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{72023143-2409-4572-A6D4-17D9F89D7979}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{7AFDBBF8-3027-4AE2-9E12-405E12407683}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{7FFA4D45-4D2E-45FE-8822-397A6D5AF5D4}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{82006B44-F861-4140-A9CC-3A6D372D37B9}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{8472B10B-0D65-43FD-8925-796705C355BD}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{8E1C0041-199F-4846-AB78-964AEA67CFD9}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{8F55112C-B6B4-4157-A7E7-7B62E1A503DE}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{8F723714-BB81-4D31-81EB-823EEF4CE8F3}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{90EDDA58-5682-4B2D-83B4-664B1D9EE0F3}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{97397672-27C6-41CC-903A-BE8255561D9C}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{987C1D81-8547-4F34-9E54-35133CB0762D}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{99E16C39-BBFF-43F3-B341-BDE6D0AF5030}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{9F250DDF-CC9D-46BA-B140-ECDA56BC7477}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{A008A0D7-9A63-4F51-B33C-AE22FEEC2C30}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{A02318B9-AC79-4C8A-B250-D2E03F86B881}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{A224A20D-C663-492D-BAF0-BC5391725584}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{A2895AB5-52C9-40E2-BBF1-189F4A278197}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{A3F16739-2A6A-4D72-9D50-526C71FDFF61}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{A46FEF0A-5081-4641-A313-B2E773530533}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{A6E1E3E5-33DE-4CE3-8985-B352AFD0EFAC}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{B77844F5-FF25-45F1-A1C5-61F26BB83D28}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{B86D9DB4-C22F-459C-892F-94B64C1F2E79}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{BE325887-B1F9-4BEC-83A6-4C3734E68583}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{BEF36815-15F1-40B8-8A8D-C83E60545357}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{C43E3DAB-969C-428F-A99F-96E8A312DD3A}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{C455416E-A9EB-486F-BDB9-E753B3CDFD9A}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{C53BBE4B-0A30-4218-A82D-A56FFAD85443}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{C8917ED2-5B36-46B4-B5FF-F5C061C04474}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{CA1E80B0-37A7-498A-BBC8-E0A1CEFB1DBA}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{CD2EAB0D-E143-42E5-B281-A259EC8754D0}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{CEDCB38E-28DA-4A27-ADFC-1D11635B1E8B}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{D28C6324-CDE0-4BAC-91EF-B09EBEF83602}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{D44FDE37-FF42-40DD-8E5F-55A30D7C4FFD}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{D46DDA07-CC6D-40A4-88F7-E191D8ED4C11}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{D825933A-FD24-4FD5-BBD6-4F318287EF85}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{D8F1C212-BB76-4F64-93CA-9614ABACB372}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{DB9E7399-21C4-4898-BC70-9EBC1EC392F9}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{DC126A22-9274-4780-996E-6FF7332148CE}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{DCB5A71C-5E4D-4B39-8C2A-92FF1A319EEC}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{DDCF0EA6-1EEA-4C5E-82B0-912460B7B56A}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{DE611990-61E4-4ED4-BF44-1B513E489858}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{E0C7C8D4-0F29-495C-8A4B-3A42B908365D}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{E2A6E118-B6E1-4FEE-BAF0-131C8BFE6D5E}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{E5F17EAF-785C-4B50-8BD1-B5F2968E5C5B}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{E6D3AF77-A0EB-432A-A26C-2FDC636F564F}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{F1BA31E6-C075-4839-885A-0C116811B8D2}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{F2081C1C-1577-49DC-8952-549B39F56910}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{F32F4A10-C565-47FC-8B58-2D188922D6A7}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{F6300B87-A0FA-4955-A837-7D39B81A9B7B}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{F6D2F217-7F52-4C88-B912-EF0C0F4B2E0A}
Successfully deleted: [Empty Folder] C:\Users\Vane\appdata\local\{F7D318E2-FC0F-41C1-A342-6CE38F722907}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12/01/2014 at 14:13:45,40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 Vários outros problemas foram removidos pelo Junkware Removal Tool.
___________________________________________________________________

Siga, por gentileza, as dicas deste tutorial para fazer uma limpeza de seu PC com o Malwarebytes:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Na sua próxima resposta poste este log do Malwarebytes para que possamos analisá-lo.

Ficamos no aguardo.

Nossa, isso realmente é demorado... rsrs

VSD escreveu:Nossa, isso realmente é demorado... rsrs

Ele demora dependendo da quantidade de arquivos que você tenha no PC. Mas normalmente o tempo para o escaneamento completo é de aproximadamente 1 hora e meia.

Oi Marcos,

acabou o Malwarebytes Anti-Malware...

log 1

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Versão da Base de Dados: v2014.01.12.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Vane :: VANESSADIAN [administrador]

Proteção: Permitir

12/01/2014 17:34:36
mbam-log-2014-01-12 (17-34-36).txt

Tipo de Verificação: Verificação Completa (C:\|D:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 537679
Tempo decorrido: 2 hora(s), 27 minuto(s), 32 segundo(s)

Processos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Chaves de Registro Detectadas: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0A4D512D-697E-4AD5-872D-5A9941AF6EBB} (PUP.Optional.MyScrapNook.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\MyScrapNook_12 (PUP.Optional.MyScrapNook.A) -> Enviado para a Quarentena e deletado com sucesso.

Valores de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Itens de Dados no Registro Detectadas: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL (PUP.Optional.FindWide) -> Ruim: (http://search.findwide.com/?guid={562C7606-D386-40EA-8BFA-7533386B2FC5}&serpv=22) Bom: (http://www.google.com) -> Enviado para a Quarentena e reparado com sucesso.

Pastas Detectadas: 3
C:\Users\Vane\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Vane\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\WebexpEnhancedV1 (PUP.Optional.Webexp) -> Enviado para a Quarentena e deletado com sucesso.

Arquivos Detectados: 26
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPlyIE.dll.vir (PUP.DealPly) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPlyUpdate.exe.vir (PUP.Optional.Dealply) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPlyUpdateRun.exe.vir (PUP.Optional.Dealply) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Speed Analysis 2\uninst.exe.vir (PUP.Optional.7Go.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Gildete\Funmoods\1.5.23.22\escortApp.dll.vir (PUP.FunMoods) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Gildete\Funmoods\1.5.23.22\escortEng.dll.vir (PUP.FunMoods) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Gildete\Funmoods\1.5.23.22\escorTlbr.dll.vir (PUP.FunMoods) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Gildete\Funmoods\1.5.23.22\funmoodssrv.exe.vir (PUP.FunMoods) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Gildete\Funmoods\1.5.23.22\uninstall.exe.vir (PUP.FunMoods) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Gildete\Funmoods\1.5.23.22\bh\escort.dll.vir (PUP.Funmoods) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Vane\AppData\Local\FilesFrog Update Checker\uninstall.exe.vir (PUP.Optional.Somoto) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Vane\AppData\Roaming\Desk 365\components\component_libcef_1.963.439.exe.vir (PUP.Optional.Desk365.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\windows\System32\roboot64.exe.vir (PUP.Optional.PCPerformer.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Vane\AppData\LocalLow\MyScrapNook_12EI\Installr\Cache\009D34D8.exe (PUP.Optional.MyScrapNook.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Vane\Desktop\SFInstaller_ASG_aresgalaxy_8896843_.exe (PUP.Optional.Spigot.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Vane\Downloads\alanis_morissette_havoc_and_bright_lights_2012_320kbps_mp3_id2976220id.exe (PUP.Adware.MediaGet) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Vane\Downloads\PDFReaderSetup.exe (Adware.Agent) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Vane\Downloads\Setup.exe (PUP.Optional.BundleInstaller.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Vane\Downloads\uplayermediaplayer-setup (1).exe (PUP.Optional.FullSpectrumAdmin) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Vane\Downloads\uplayermediaplayer-setup.exe (PUP.Optional.FullSpectrumAdmin) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Vane\Downloads\ZipExtractorSetup.exe (PUP.Optional.JumpyApps.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Vane\Local Settings\Application Data\Bundled software uninstaller\bi_client.exe (PUP.Optional.Somoto.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Visita\AppData\Local\Temp\is701137889\MyBabylonTB.exe (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Vane\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Vane\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Vane\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Enviado para a Quarentena e deletado com sucesso.

(fim)




log 2

2014/01/12 17:30:08 -0200 VANESSADIAN Vane MESSAGE Executing scheduled update: Daily
2014/01/12 17:30:15 -0200 VANESSADIAN Vane MESSAGE Starting protection
2014/01/12 17:30:15 -0200 VANESSADIAN Vane MESSAGE Protection started successfully
2014/01/12 17:30:15 -0200 VANESSADIAN Vane MESSAGE Starting IP protection
2014/01/12 17:30:52 -0200 VANESSADIAN Vane MESSAGE IP Protection started successfully
2014/01/12 17:31:53 -0200 VANESSADIAN Vane MESSAGE Starting database refresh
2014/01/12 17:31:53 -0200 VANESSADIAN Vane MESSAGE Stopping IP protection
2014/01/12 17:32:01 -0200 VANESSADIAN Vane MESSAGE IP Protection stopped successfully
2014/01/12 17:32:01 -0200 VANESSADIAN Vane MESSAGE Scheduled update executed successfully: database updated from version v2013.04.04.07 to version v2014.01.12.05
2014/01/12 17:32:08 -0200 VANESSADIAN Vane MESSAGE Database refreshed successfully
2014/01/12 17:32:08 -0200 VANESSADIAN Vane MESSAGE Starting IP protection
2014/01/12 17:32:14 -0200 VANESSADIAN Vane MESSAGE IP Protection started successfully
2014/01/12 18:39:32 -0200 VANESSADIAN Vane IP-BLOCK 77.78.219.155 (Type: outgoing, Port: 18353, Process: ares.exe)
2014/01/12 19:14:32 -0200 VANESSADIAN Vane IP-BLOCK 64.150.230.124 (Type: outgoing, Port: 18353, Process: ares.exe)
2014/01/12 20:07:02 -0200 VANESSADIAN (null) MESSAGE Starting protection
2014/01/12 20:07:03 -0200 VANESSADIAN (null) MESSAGE Protection started successfully
2014/01/12 20:07:03 -0200 VANESSADIAN (null) MESSAGE Starting IP protection
2014/01/12 20:07:05 -0200 VANESSADIAN (null) MESSAGE IP Protection started successfully

Caramba Marcos, quantos itens foram para a quarentena...

 Mais problemas foram removidos.
______________________________________________

Siga também esta dica, por gentileza (pode ficar tranquila, pois este é mais rápido que o Malwarebytes):

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Depois disto é só você postar o relatório do Zoek que estará em C:\zoek-results aqui em seu tópico.

Ficamos no aguardo.

Tantantantan...


Zoek.exe v5.0.0.0 Updated 09-Januari-2014
Tool run by Vane on 12/01/2014 at 20:30:18,53.
Microsoft Windows 7 Home Basic 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Vane\AppData\Local\Temp\Rar$EXa0.693\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

12/01/2014 20:34:53 Zoek.exe System Restore Point Created Succesfully.

Só tem este log? o log dele costuma ser bem maior. Veja aí se há outro relatório dele por gentileza.

Marcos...

revi e refiz todos os passos conforme tutorial... não modificou...

acho que sou eu...


Zoek.exe v5.0.0.0 Updated 12-Januari-2014
Tool run by Vane on 12/01/2014 at 21:00:21,62.
Microsoft Windows 7 Home Basic 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Vane\AppData\Local\Temp\Rar$EXa0.513\zoek.exe [Scan all users] [Script inserted]

===== Runcheck 21:03:22,23 =====

--- Create Environment Variables 21:03:23,66
--- Create System Restore Point 21:04:00,40
--- Checking Input 21:04:39,37
--- AU AppData Check 21:04:49,29
--- Remove From Windows Installer 21:04:58,32
--- IE Startpage Check 21:10:45,02

Outra coisa... a janela do zoek não fecha...

Marcos Felipe escreveu:Só tem este log? o log dele costuma ser bem maior. Veja aí se há outro relatório dele por gentileza.

Com licença Marcos!!

VSD você não está postando o relatório do Zoek por completo, está na metade!

Faça o seguinte;

1) Copie a linha em Azul abaixo:
C:\zoek-results.txt


2) Pressione o botão [Windows] de seu Teclado --> [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]e tecla a letra [R].
*Abrira uma janela, cole a linha em Azul e clique em (OK). Abrirá o relatório em um bloco de notas, copie ele todo e cole aqui.


Aguardamos!!

Acho que agora está funcionando... ainda não acabou...



Zoek.exe v5.0.0.0 Updated 12-Januari-2014
Tool run by Vane on 12/01/2014 at 21:00:21,62.
Microsoft Windows 7 Home Basic 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Vane\AppData\Local\Temp\Rar$EXa0.513\zoek.exe [Scan all users] [Script inserted]

===== Runcheck 21:03:22,23 =====

--- Create Environment Variables 21:03:23,66
--- Create System Restore Point 21:04:00,40
--- Checking Input 21:04:39,37
--- AU AppData Check 21:04:49,29
--- Remove From Windows Installer 21:04:58,32
--- IE Startpage Check 21:10:45,02
--- Program Files DB Check 21:12:26,74
--- C:\Users\Convidado\AppData\Roaming DB Check 21:14:52,68
--- C:\Users\Default\AppData\Roaming DB Check 21:14:52,68
--- C:\Users\Default User\AppData\Roaming DB Check 21:14:52,68
--- C:\Users\Gildete\AppData\Roaming DB Check 21:14:52,68
--- C:\Users\Vane\AppData\Roaming DB Check 21:14:52,68
--- C:\Users\Visita\AppData\Roaming DB Check 21:14:52,68
--- C:\windows\SysNative\config\systemprofile\AppData\Roaming DB Check 21:14:52,68
--- C:\windows\sysWoW64\config\systemprofile\AppData\Roaming DB Check 21:14:52,68
--- C:\windows\serviceprofiles\networkservice\AppData\Roaming DB Check 21:14:52,68
--- C:\windows\serviceprofiles\Localservice\AppData\Roaming DB Check 21:14:52,68
--- C:\Users\Vane DB Check 21:21:03,62
--- C:\ProgramData DB Check 21:21:42,53
--- C:\Users\Convidado\AppData\Local DB Check 21:21:44,66
--- C:\Users\Default\AppData\Local DB Check 21:21:44,66
--- C:\Users\Default User\AppData\Local DB Check 21:21:44,66
--- C:\Users\Gildete\AppData\Local DB Check 21:21:44,66
--- C:\Users\Vane\AppData\Local DB Check 21:21:44,66
--- C:\Users\Visita\AppData\Local DB Check 21:21:44,66
--- C:\windows\SysNative\config\systemprofile\AppData\Local DB Check 21:21:44,66

Se eu tivesse que sobreviver disso morreria de fome... prefiro os virus vivos, vivos atenuados como sarampo, rubéola, caxumba, coqueluxe... hpv, poliomielite...

Aguardamos pelo Relatório correto!!

Você ainda não está postando o relatório correto de Zoek!!

Gente... será que agora foi... ?????

Zoek.exe v5.0.0.0 Updated 12-Januari-2014
Tool run by Vane on 12/01/2014 at 21:00:21,62.
Microsoft Windows 7 Home Basic  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Vane\AppData\Local\Temp\Rar$EXa0.513\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

12/01/2014 21:04:35 Zoek.exe System Restore Point Created Succesfully.

==== Creating Sample_012014_2133.zip ======================

Copied file C:\Users\Vane\AppData\Roaming\unins000.exe to sample\unins000.exe
sample\unins000.exe renamed to AD6E810B9CE3D8C0C1FF0203C68C6FA6

C:\Users\Public\Desktop\sample_012014_2133.zip created successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-4047717540-2445718405-2362667198-1000\Software\Microsoft\Internet Explorer\SearchScopes\{414DF73B-9EC9-49DD-831F-B611877AD24E} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-4047717540-2445718405-2362667198-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{18DBB6CE-3148-4FEC-B481-103CB3290427} deleted successfully
HKEY_USERS\S-1-5-21-4047717540-2445718405-2362667198-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{016468cf-98e0-4000-a074-911df217b9f3} deleted successfully
HKEY_USERS\S-1-5-21-4047717540-2445718405-2362667198-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{7731d4a6-c00c-49b5-84f2-4607207e732c} deleted successfully
HKEY_USERS\S-1-5-21-4047717540-2445718405-2362667198-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully
HKEY_USERS\S-1-5-21-4047717540-2445718405-2362667198-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\S-1-5-21-4047717540-2445718405-2362667198-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{062F1A93-08B9-469B-A7B0-51B5B91844EF} deleted successfully

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\Vane\AppData\Local\genienext deleted
C:\Users\Vane\daemonprocess.txt deleted
C:\Users\Vane\.android deleted
C:\PROGRA~2\VideoPlayerV3 deleted
C:\PROGRA~2\MyScrapNook_12EI deleted
C:\extensions.sqlite deleted
C:\extensions.ini deleted
C:\Users\Gildete\AppData\Roaming\GetRightToGo deleted
C:\Users\Vane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\22find.lnk deleted
C:\Users\Vane\AppData\Local\cache deleted
C:\Users\Vane\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted
C:\windows\SysNative\Tasks\SomotoUpdateCheckerAutoStart deleted
C:\user.js deleted
C:\windows\Syswow64\InstallUtil.InstallLog deleted
C:\windows\Syswow64\SET6831.tmp deleted
C:\windows\Syswow64\SET6E5B.tmp deleted
C:\Users\Vane\AppData\Roaming\unins000.exe deleted
C:\Users\Vane\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks deleted
C:\Users\Vane\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com deleted

==== Chrome Look ======================

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
pgacfjdigcddmmncljpflgcfpfahebkh - C:\Users\Vane\AppData\Local\GAS Tecnologia\GBBD\bb\sf.crx[17/10/2013 19:54]

Webexp Enhanced - Gildete\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbifnaalidicnibemhnogofehclfnenn
Video Player - Gildete\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnjinoooamigmmcaednonbfojdkjafnp
GBBD Banco do Brasil - Vane\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgacfjdigcddmmncljpflgcfpfahebkh
Ask Toolbar - Vane\AppData\Local\COMODO\Dragon\User Data\Default\Extensions\aaaalipaokhkccgmgkdglfinfnfhflko
Comodo Web Inspector - Vane\AppData\Local\COMODO\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn

==== Chrome Fix ======================

C:\Users\Vane\AppData\Local\COMODO\Dragon\User Data\Default\Extensions\aaaalipaokhkccgmgkdglfinfnfhflko deleted successfully
C:\Users\Vane\AppData\Local\COMODO\Dragon\User Data\Default\Local Storage\chrome-extension_aaaalipaokhkccgmgkdglfinfnfhflko_0.localstorage deleted successfully

Agora é o relatório correto!!

Aguarde pelo Marcos Felipe!!

Obrigado Brando