Fórum PC Brasil
Gostaria de reagir a esta mensagem? Crie uma conta em poucos cliques ou inicie sessão para continuar.
Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking reddit      

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14806 usuários registrados
O último membro registrado é King empero

Os nossos membros postaram um total de 36043 mensagens em 3684 assuntos
Últimos assuntos
» Possíveis vírus
por joram Sex 15 Mar 2024, 19:05

Quem está conectado?
21 usuários online :: 0 registrados, 0 invisíveis e 21 visitantes

Nenhum

O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
 
 

Resultados por:
 


Rechercher Pesquisa avançada

março 2024
SegTerQuaQuiSexSábDom
    123
45678910
11121314151617
18192021222324
25262728293031

Calendário Calendário


ajuda remover 123rede com adwcleaner

2 participantes

Ir para baixo

ajuda remover 123rede com adwcleaner Empty ajuda remover 123rede com adwcleaner

Mensagem por raphaelmonteirodell Qui 24 Set 2015, 16:25

utilizei o programa adwcleaner para retirar o 123rede e apareceu essas informações no bloco de notas . no site caixa de dicas orientaram postar esse log do adwcleaner num forum especializado . vou postar abaixo

agradeço a atenção .

Raphael

# AdwCleaner v5.008 - Relatório criado 24/09/2015 às 16:01:03
# Atualizado 18/09/2015 por Xplode
# Banco de dados : 2015-09-23.1 [Servidor]
# Sistema operacional : Windows 8.1 Single Language (x64)
# Usuário : jerson - VIDA
# Executando de : C:\Users\jerson\Downloads\AdwCleaner.exe
# Opção : Limpar
# Apoio : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

***** [ Serviços ] *****

[-] Serviço Excluído : innfd_1_10_0_14

***** [ Pastas ] *****

[-] Pasta Excluído : C:\Program Files (x86)\globalUpdate
[-] Pasta Excluído : C:\Program Files (x86)\predm
[-] Pasta Excluído : C:\Program Files (x86)\GUPlayer
[-] Pasta Excluído : C:\Program Files (x86)\version42BlockAndSurf
[!] Pasta Não Excluído : C:\Program Files (x86)\version42BlockAndSurf
[-] Pasta Excluído : C:\ProgramData\{8AF32939-989B-460A-8726-CA2C776032A1}
[-] Pasta Excluído : C:\Users\jerson\SupTab
[-] Pasta Excluído : C:\Users\jerson\AppData\Local\Gameo
[-] Pasta Excluído : C:\Users\jerson\AppData\Local\globalUpdate
[-] Pasta Excluído : C:\Users\jerson\AppData\Local\Max_Computer_Cleaner
[-] Pasta Excluído : C:\Users\jerson\AppData\Local\4C4C4544-1430087543-3010-8031-B4C04F303132
[-] Pasta Excluído : C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfecnpmgnlnbmipaogfhoacoioifjgko
[-] Pasta Excluído : C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk
[-] Pasta Excluído : C:\Users\jerson\AppData\Roaming\WebExtend
[-] Pasta Excluído : C:\Users\jerson\Documents\MaxComputerCleaner

***** [ Arquivos ] *****

[-] Arquivo Excluído : C:\END
[-] Arquivo Excluído : C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jcgcoifbkbphhjnekfkmohklfaimhikk_0.localstorage
[-] Arquivo Excluído : C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jcgcoifbkbphhjnekfkmohklfaimhikk_0.localstorage-journal
[-] Arquivo Excluído : C:\Users\jerson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
[-] Arquivo Excluído : C:\Users\jerson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk

***** [ Atalhos ] *****

[-] Atalho Desinfectado : C:\Users\jerson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk

***** [ Tarefas agendadas ] *****

[-] Tarefa Excluída : APSnotifierPP1
[-] Tarefa Excluída : APSnotifierPP2
[-] Tarefa Excluída : gameo_update
[-] Tarefa Excluída : SmartWeb Upgrade Trigger Task
[-] Tarefa Excluída : MaxComputerCleaner_Start
[-] Tarefa Excluída : LaunchPreSignup

***** [ Registro ] *****

[-] Chave Excluída : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
[-] Valor Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SmartWeb]
[-] Valor Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [gmsd_br_426]
[-] Valor Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [gmsd_br_451]
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{DC727A8C-7582-483C-A1C2-2B885F099BB5}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\TypeLib\{2D64773F-8D12-4BF2-A7F5-F53ABB01A16E}
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DC727A8C-7582-483C-A1C2-2B885F099BB5}
[-] Chave Excluída : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DC727A8C-7582-483C-A1C2-2B885F099BB5}
[-] Chave Excluída : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DC727A8C-7582-483C-A1C2-2B885F099BB5}
[-] Valor Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Chave Excluída : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
[-] Chave Excluída : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}
[-] Chave Excluída : HKCU\Software\APN PIP
[-] Chave Excluída : HKCU\Software\GlobalUpdate
[-] Chave Excluída : HKCU\Software\HomeTab
[-] Chave Excluída : HKCU\Software\simplytech
[-] Chave Excluída : HKCU\Software\gameo
[-] Chave Excluída : HKCU\Software\TNT2
[-] Chave Excluída : HKCU\Software\WajIntEnhance
[-] Chave Excluída : HKCU\Software\SearchProtectWS
[-] Chave Excluída : HKCU\Software\YorkNewCin
[-] Chave Excluída : HKCU\Software\HighDefAction
[-] Chave Excluída : HKCU\Software\ArenaHD
[-] Chave Excluída : HKCU\Software\MaxComputerCleanerLanguage
[-] Chave Excluída : HKCU\Software\PRODUCTSETUP
[-] Chave Excluída : HKCU\Software\Kromtech
[-] Chave Excluída : HKCU\Software\AppDataLow\Software\Crossrider
[-] Chave Excluída : HKCU\Software\AppDataLow\Software\DynConIE
[-] Chave Excluída : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Chave Excluída : HKLM\SOFTWARE\AskPartnerNetwork
[-] Chave Excluída : HKLM\SOFTWARE\Conduit
[-] Chave Excluída : HKLM\SOFTWARE\GlobalUpdate
[-] Chave Excluída : HKLM\SOFTWARE\Iminent
[-] Chave Excluída : HKLM\SOFTWARE\SearchProtect
[-] Chave Excluída : HKLM\SOFTWARE\SmdmF
[-] Chave Excluída : HKLM\SOFTWARE\mystartsearchSoftware
[-] Chave Excluída : HKLM\SOFTWARE\WajIntEnhance
[-] Chave Excluída : HKLM\SOFTWARE\Crossbrowse
[-] Chave Excluída : HKLM\SOFTWARE\SpeedBit
[-] Chave Excluída : HKLM\SOFTWARE\luckysearchesSoftware
[-] Chave Excluída : HKLM\SOFTWARE\AIM Toolbar
[-] Chave Excluída : HKLM\SOFTWARE\YorkNewCin
[-] Chave Excluída : HKLM\SOFTWARE\HighDefAction
[-] Chave Excluída : HKLM\SOFTWARE\ArenaHD
[-] Chave Excluída : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
[-] Chave Excluída : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
[-] Chave Excluída : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
[-] Chave Excluída : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
[-] Chave Excluída : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
[-] Chave Excluída : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SU
[!] Chave Não Excluída : [x64] HKCU\Software\APN PIP
[!] Chave Não Excluída : [x64] HKCU\Software\GlobalUpdate
[!] Chave Não Excluída : [x64] HKCU\Software\HomeTab
[!] Chave Não Excluída : [x64] HKCU\Software\simplytech
[!] Chave Não Excluída : [x64] HKCU\Software\gameo
[!] Chave Não Excluída : [x64] HKCU\Software\TNT2
[!] Chave Não Excluída : [x64] HKCU\Software\WajIntEnhance
[!] Chave Não Excluída : [x64] HKCU\Software\SearchProtectWS
[!] Chave Não Excluída : [x64] HKCU\Software\YorkNewCin
[!] Chave Não Excluída : [x64] HKCU\Software\HighDefAction
[!] Chave Não Excluída : [x64] HKCU\Software\ArenaHD
[!] Chave Não Excluída : [x64] HKCU\Software\MaxComputerCleanerLanguage
[!] Chave Não Excluída : [x64] HKCU\Software\PRODUCTSETUP
[!] Chave Não Excluída : [x64] HKCU\Software\Kromtech
[-] Chave Excluída : [x64] HKLM\SOFTWARE\YorkNewCin
[-] Chave Excluída : [x64] HKLM\SOFTWARE\HighDefAction
[-] Chave Excluída : [x64] HKLM\SOFTWARE\WebProtectorPlus
[-] Chave Excluída : [x64] HKLM\SOFTWARE\ArenaHD
[!] Chave Não Excluída : HKU\S-1-5-21-1119460738-191548075-3182123001-1001\Software\AppDataLow\Software\Crossrider
[!] Chave Não Excluída : HKU\S-1-5-21-1119460738-191548075-3182123001-1001\Software\AppDataLow\Software\DynConIE
[-] Dados Restaurar : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Dados Restaurar : HKU\S-1-5-21-1119460738-191548075-3182123001-1001\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}
[!] Chave Não Excluída : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}
[-] Dados Restaurar : HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command []

***** [ Navegadores ] *****

[-] [C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Excluído : jcgcoifbkbphhjnekfkmohklfaimhikk
[-] [C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Excluído : kfecnpmgnlnbmipaogfhoacoioifjgko

*************************

:: Configurações Winsock restauradas

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [9381 bytes] ##########





raphaelmonteirodell
raphaelmonteirodell
Iniciante
Iniciante

Mensagens : 10
Reputação : 2
Data de inscrição : 24/09/2015

Ir para o topo Ir para baixo

ajuda remover 123rede com adwcleaner Empty Re: ajuda remover 123rede com adwcleaner

Mensagem por joram Qui 24 Set 2015, 17:14

/!\ Boa Tarde! raphaelmonteirodell /!\

> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Farbar )

> No banner àcima,é para sistemas 32bits!

< [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

> No link àcima,é para sistemas 64bits!
> Salve-o no desktop! (Área de trabalho ...)
> Execute a ferramenta! Clique "Yes" >> "Scan".

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Antes de clicar "Scan",verifique se as caixinhas em "Whitelist" estão assinaladas.
> Em "Optional Scan",deixe marcada a checkbox "Addition.txt".
> Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na 1ª execução da ferramenta.
> Poste os relatórios! (FRST.txt + Addition.txt)

> Como o log será extenso,envie-o à [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Clique no botão Parcourir... 
> Busque o relatório e clique no botão Abrir.
> Clique no botão "Créer le lien Cjoint".
> Copie o link que está ao lado de "Le lien a été créé" e poste-o em sua resposta.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> O link ao relatório,que é este assinalado,deverá ser colado em sua resposta.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Ou clique "Copier le lien (*)" e cole o link ao seu Post.

A+

_________________
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> O que há de melhor,para desinfectar seu computador!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Não deixem de conhecer!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Tradição em informática!
joram
joram
Administrador
Administrador

Mensagens : 4160
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

ajuda remover 123rede com adwcleaner Empty Re: ajuda remover 123rede com adwcleaner

Mensagem por raphaelmonteirodell Sex 25 Set 2015, 11:35

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
raphaelmonteirodell
raphaelmonteirodell
Iniciante
Iniciante

Mensagens : 10
Reputação : 2
Data de inscrição : 24/09/2015

Ir para o topo Ir para baixo

ajuda remover 123rede com adwcleaner Empty Re: ajuda remover 123rede com adwcleaner

Mensagem por joram Sex 25 Set 2015, 19:54

/!\ Boa Noite! raphaelmonteirodell /!\

> Acesse este site: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> Faça a análise destes 2 arquivos

> C:\Users\jerson\AppData\Local\Crsoft\crsvc.exe <<
> C:\Users\jerson\AppData\Roaming\DNSHelper\DNSSVC.exe <<

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

> Se já ocorreu,anteriormente,uma análise das amostras,clique em: "Reanalyse file now"
> Faça a análise de "um por vez".

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] 

> Ao concluir,poste os links aos relatórios.
>
> Copie estas informações que estão em vermelho,para o Bloco de Notas.
> Salve-as com o nome fixlist. << Texto!
> Salve-as na pasta Downloads! -/- C:\Users\jerson\Downloads <<

start
CloseProcesses:
(QNT) C:\Users\jerson\AppData\Roaming\NetService\netservice.exe
Winlogon\Notify\igfxcui: igfxdev.dll [X]
GroupPolicy: Restriction - Chrome <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1119460738-191548075-3182123001-1001 -> {5E05225F-3794-4201-A4F4-7D7F38F7F63C} URL = 
R2 NetTcpHandler; C:\Users\jerson\AppData\Roaming\NetService\netservice.exe [211824 2015-03-20] (QNT)
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
U2 McMPFSvc; no ImagePath
2015-09-24 15:56 - 2015-09-24 16:01 - 00000000 ____D C:\AdwCleaner
2015-09-24 15:55 - 2015-09-24 15:55 - 00001201 _____ C:\Users\jerson\Desktop\AdwCleaner.exe - Atalho.lnk
2015-09-24 15:52 - 2015-09-24 15:52 - 01662976 _____ C:\Users\jerson\Downloads\AdwCleaner.exe
2015-09-24 14:08 - 2015-09-24 14:08 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
2015-09-24 14:07 - 2015-09-24 15:39 - 00000000 ____D C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2015-09-24 13:47 - 2015-09-24 13:47 - 57042590 _____ C:\Users\jerson\Downloads\SpyHunter.4.17.6.4336.baixedetudo.net.rar
2015-09-24 13:12 - 2015-09-24 13:12 - 00611230 _____ C:\Users\jerson\Downloads\SpyHunter 4 Crack e Serial__15460_i1672692476_il1551093.rar
2014-09-10 01:43 - 2014-09-10 01:44 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2014-09-10 01:39 - 2014-09-10 01:40 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2014-09-10 01:40 - 2014-09-10 01:41 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2014-09-10 01:41 - 2014-09-10 01:43 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2014-09-10 01:39 - 2014-09-10 01:39 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
C:\Users\jerson\AppData\Local\Temp\2503.exe
C:\Users\jerson\AppData\Local\Temp\6074.exe
C:\Users\jerson\AppData\Local\Temp\8FFD427E-F52C-37D3-608D-352F36983F31.dll
C:\Users\jerson\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\jerson\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\jerson\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\jerson\AppData\Local\Temp\jue1FD6.exe
C:\Users\jerson\AppData\Local\Temp\jue345A.exe
C:\Users\jerson\AppData\Local\Temp\jue8691.exe
C:\Users\jerson\AppData\Local\Temp\jue87E9.exe
C:\Users\jerson\AppData\Local\Temp\jueDEB5.exe
C:\Users\jerson\AppData\Local\Temp\jueE7A8.exe
C:\Users\jerson\AppData\Local\Temp\OfficeSetup.exe
C:\Users\jerson\AppData\Local\Temp\setup32.exe
C:\Users\jerson\AppData\Local\Temp\SetupHomeStudentRetail.x86.pt-BR_HomeStudentRetail_T6DVH-NMKV4-Q8DWF-HHGGP-27GKR_act_1_.exe
C:\Users\jerson\AppData\Local\Temp\UninstallModule.exe
CreateRestorePoint:
RemoveProxy:
EmptyTemp:
Reboot:
Hosts:
end


> Execute FRST/FRST64 >> Clique "Fix" << Aguarde!
> Na mensagem,clique Executar
> Poste o relatório! (Fixlog.txt)

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos aos mesmos! >

A+

_________________
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> O que há de melhor,para desinfectar seu computador!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Não deixem de conhecer!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Tradição em informática!
joram
joram
Administrador
Administrador

Mensagens : 4160
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

ajuda remover 123rede com adwcleaner Empty Re: ajuda remover 123rede com adwcleaner

Mensagem por raphaelmonteirodell Sex 25 Set 2015, 23:59

num sei se fiz certo....pois não apareceu link para o relatório . Salvei no bloco de notas Analysis , File detail e additional information , tanto do crsvc quanto dnssvc .
Salvei o fixlist.
Não consegui executar FRST/FRST64 , fui na tecla windows +R . Aparece "o windows não pode encontrar" .
raphaelmonteirodell
raphaelmonteirodell
Iniciante
Iniciante

Mensagens : 10
Reputação : 2
Data de inscrição : 24/09/2015

Ir para o topo Ir para baixo

ajuda remover 123rede com adwcleaner Empty Re: ajuda remover 123rede com adwcleaner

Mensagem por joram Sáb 26 Set 2015, 02:18

/!\ Bom Dia! raphaelmonteirodell /!\
raphaelmonteirodell escreveu:num sei se fiz certo....pois não apareceu link para o relatório . 
> O link ao relatório encontra-se na barra de endereços do Windows. Não é algo que venha destacado,como pode supor
Ps: Repita o exame e poste estes links.
raphaelmonteirodell escreveu:Não consegui executar FRST/FRST64 , fui na tecla windows +R . Aparece "o windows não pode encontrar" .
> Isto lhe ocorreu porque vc não baixou FRST.exe ao desktop,como lhe pedi. Daí, fui obrigado a encaminhar a fixlist ao mesmo diretório onde localiza-se a FRST. ( ...pasta Download )
> Ps: Observei que seu navegador Chrome está configurado,ao baixar algum programa,encaminhá-lo à pasta Download.
> Resumindo,ambos os ítens ( FRST.exe + fixlist ),tem que estar no mesmo diretório e não aceita-se atalhos,nesta tarefa. 

A+

_________________
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> O que há de melhor,para desinfectar seu computador!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Não deixem de conhecer!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Tradição em informática!
joram
joram
Administrador
Administrador

Mensagens : 4160
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

ajuda remover 123rede com adwcleaner Empty Re: ajuda remover 123rede com adwcleaner

Mensagem por raphaelmonteirodell Sáb 26 Set 2015, 13:37

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
raphaelmonteirodell
raphaelmonteirodell
Iniciante
Iniciante

Mensagens : 10
Reputação : 2
Data de inscrição : 24/09/2015

Ir para o topo Ir para baixo

ajuda remover 123rede com adwcleaner Empty Re: ajuda remover 123rede com adwcleaner

Mensagem por joram Sáb 26 Set 2015, 15:16

/!\ Boa Tarde! raphaelmonteirodell /!\

> As análises tiveram,somente,1 indicação cada,onde costuma-se adotar (> 3) ou (=3),ações mais efetivas nesta indicação.
> Restou postar o relatório Fixlog.txt <<

Abs!

_________________
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> O que há de melhor,para desinfectar seu computador!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Não deixem de conhecer!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Tradição em informática!
joram
joram
Administrador
Administrador

Mensagens : 4160
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

ajuda remover 123rede com adwcleaner Empty Re: ajuda remover 123rede com adwcleaner

Mensagem por raphaelmonteirodell Seg 28 Set 2015, 12:34

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
Ran by jerson (administrator) on VIDA (26-09-2015 13:38:39)
Running from C:\Users\jerson\Downloads
Loaded Profiles: jerson (Available Profiles: jerson)
Platform: Windows 8.1 Single Language (X64) Language: Português (Brasil)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Users\jerson\AppData\Local\Crsoft\crsvc.exe
() C:\Users\jerson\AppData\Roaming\DNSHelper\DNSSVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(QNT) C:\Users\jerson\AppData\Roaming\NetService\netservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.6.1008.0\McCSPServiceHost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Atheros Communications) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAH\FAHWindow64.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRSync.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510232 2014-01-17] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [285272 2013-12-31] (Waves Audio Ltd.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3777696 2014-01-16] (Dell Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-08-19] (Banco do Brasil)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [133760 2014-01-08] (Atheros Communications)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1119460738-191548075-3182123001-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1896320 2015-08-19] (Banco do Brasil)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconBackuped.dll [2014-12-30] (Softthinks SAS)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconNotBackuped.dll [2014-12-30] (Softthinks SAS)
ShellIconOverlayIdentifiers: [DBRShellOverlayBackupFile] -> {831CEBDD-6BAF-4432-BE76-9E0989C14AEF} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconBackuped.dll [2014-12-30] (Softthinks SAS)
ShellIconOverlayIdentifiers: [DBRShellOverlayModifiedBackupFile] -> {275E4FD7-21EF-45CF-A836-832E5D2CC1B3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconNotBackuped.dll [2014-12-30] (Softthinks SAS)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-09-24]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAH\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-09-24]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\Users\jerson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar para o OneNote.lnk [2015-08-27]
ShortcutTarget: Enviar para o OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
GroupPolicy: Restriction - Chrome <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2F1D105C-50AE-411D-95B5-983C64BF88D6}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1119460738-191548075-3182123001-1001 -> {5E05225F-3794-4201-A4F4-7D7F38F7F63C} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-01] (Oracle Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-08-19] (Banco do Brasil)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-01] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-05-18] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-08-21] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-08-21] (McAfee, Inc.)

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-08-21] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-01] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-08-21] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-05-18] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1119460738-191548075-3182123001-1001: gastecnologia.com.br/sf/bb -> C:\Users\jerson\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll [2015-01-13] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-1119460738-191548075-3182123001-1001: gastecnologia.com.br/sf/bb64 -> C:\Users\jerson\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll [2015-01-13] (GAS Tecnologia)

Chrome:
=======
CHR Profile: C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-11]
CHR Extension: (Google Docs) - C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-11]
CHR Extension: (Google Drive) - C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-11]
CHR Extension: (YouTube) - C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-11]
CHR Extension: (Google Search) - C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-11]
CHR Extension: (Planilhas do Google) - C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-11]
CHR Extension: (Documentos Google off-line) - C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-01]
CHR Extension: (EasyCalendar) - C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk [2015-09-24]
CHR Extension: (Protector Web – Confiável proteção contra phishing) - C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfecnpmgnlnbmipaogfhoacoioifjgko [2015-09-24]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-24]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-11]
CHR Extension: (Gmail) - C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-11]
CHR Profile: C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Apresentações) - C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-06]
CHR Extension: (Google Docs) - C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-06]
CHR Extension: (Google Drive) - C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-06]
CHR Extension: (YouTube) - C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-06]
CHR Extension: (Google Search) - C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-06]
CHR Extension: (Planilhas do Google) - C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-06]
CHR Extension: (Protector Web – Confiável proteção contra phishing) - C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kfecnpmgnlnbmipaogfhoacoioifjgko [2015-08-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-06]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-06]
CHR Extension: (Gmail) - C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-06]
CHR HKU\S-1-5-21-1119460738-191548075-3182123001-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR HKLM-x32\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [318592 2014-01-08] (Windows (R) Win 7 DDK provider) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation)
R2 Crashhd; C:\Users\jerson\AppData\Local\Crsoft\crsvc.exe [185800 2015-09-24] ()
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2573520 2015-05-22] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-05-22] (Dell Inc.)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Aviata, Inc.)
R2 DNSSVC; C:\Users\jerson\AppData\Roaming\DNSHelper\DNSSVC.exe [142792 2015-09-07] ()
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [587576 2015-08-12] (GAS Tecnologia)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [782608 2015-08-21] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-24] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe [1694152 2015-07-23] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [639456 2015-07-17] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-15] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.)
S2 My Dell Client Framework; C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe [168960 2014-01-10] (Dell Inc.) [File not signed]
R2 NetTcpHandler; C:\Users\jerson\AppData\Roaming\NetService\netservice.exe [211824 2015-03-20] (QNT)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2005392 2015-02-12] (SoftThinks SAS)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [20648 2015-06-11] (Dell Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3881472 2013-12-12] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-01-08] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-08-26] (GAS Tecnologia)
S3 GENERICDRV; C:\Users\jerson\AppData\Roaming\PCDr\Downloads\amifldrv64.sys [15400 2015-07-03] ()
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [529080 2015-06-28] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109728 2015-06-28] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-28] (NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-01-15] (Synaptics Incorporated)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2014-10-31] (GAS Tecnologia LTDA)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
U2 McMPFSvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-26 13:31 - 2015-09-26 13:31 - 02192384 _____ (Farbar) C:\Users\jerson\Downloads\FRST64 (1).exe
2015-09-26 13:29 - 2015-09-26 13:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-09-26 13:28 - 2015-09-26 13:28 - 00000000 ___RD C:\Users\jerson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-09-25 23:48 - 2015-09-25 23:48 - 00003141 _____ C:\Users\jerson\Downloads\analisednssvc.txt
2015-09-25 23:41 - 2015-09-25 23:49 - 00003059 _____ C:\Users\jerson\Downloads\analisecrsvc.txt
2015-09-25 23:39 - 2015-09-25 23:39 - 00003387 _____ C:\Users\jerson\Downloads\fixlist.txt
2015-09-25 11:33 - 2015-09-25 11:33 - 00073893 _____ C:\Users\jerson\Downloads\scan.txt
2015-09-25 11:26 - 2015-09-25 11:26 - 00027615 _____ C:\Users\jerson\Downloads\Addition.txt
2015-09-25 11:24 - 2015-09-26 13:38 - 00024964 _____ C:\Users\jerson\Downloads\FRST.txt
2015-09-25 11:23 - 2015-09-26 13:38 - 00000000 ____D C:\FRST
2015-09-25 11:22 - 2015-09-25 11:22 - 02192384 _____ (Farbar) C:\Users\jerson\Downloads\FRST64.exe
2015-09-25 11:22 - 2015-09-25 11:22 - 01695744 _____ (Farbar) C:\Users\jerson\Downloads\FRST.exe
2015-09-24 16:03 - 2015-09-24 16:03 - 00000118 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-09-24 15:56 - 2015-09-24 16:01 - 00000000 ____D C:\AdwCleaner
2015-09-24 15:55 - 2015-09-24 15:55 - 00001201 _____ C:\Users\jerson\Desktop\AdwCleaner.exe - Atalho.lnk
2015-09-24 15:52 - 2015-09-24 15:52 - 01662976 _____ C:\Users\jerson\Downloads\AdwCleaner.exe
2015-09-24 15:46 - 2015-09-24 15:46 - 00000401 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-09-24 14:37 - 2015-09-24 14:37 - 00000000 ____D C:\Users\jerson\AppData\Local\Crsoft
2015-09-24 14:35 - 2015-09-24 14:36 - 00000000 ____D C:\Windows\LastGood.Tmp
2015-09-24 14:22 - 2015-09-24 14:22 - 00000000 ____D C:\Users\jerson\Documents\patch-SND
2015-09-24 14:08 - 2015-09-24 14:08 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
2015-09-24 14:07 - 2015-09-24 15:39 - 00000000 ____D C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2015-09-24 13:55 - 2015-09-24 19:32 - 00000000 ____D C:\Users\jerson\Documents\Add-in Express
2015-09-24 13:55 - 2015-09-24 14:06 - 00000000 ____D C:\Users\Todos os Usuários\WinZip
2015-09-24 13:55 - 2015-09-24 14:06 - 00000000 ____D C:\Users\jerson\AppData\Local\WinZip
2015-09-24 13:55 - 2015-09-24 14:06 - 00000000 ____D C:\ProgramData\WinZip
2015-09-24 13:55 - 2015-09-24 13:55 - 00002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2015-09-24 13:55 - 2015-09-24 13:55 - 00002307 _____ C:\Users\Public\Desktop\WinZip.lnk
2015-09-24 13:55 - 2015-09-24 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2015-09-24 13:55 - 2015-09-24 13:55 - 00000000 ____D C:\Program Files\WinZip
2015-09-24 13:53 - 2015-09-24 13:53 - 00714376 _____ (WinZip Computing, S.L.) C:\Users\jerson\Downloads\winzip19-pp.exe
2015-09-24 13:53 - 2015-09-24 13:53 - 00000000 ____D C:\Users\Todos os Usuários\UniqueId
2015-09-24 13:53 - 2015-09-24 13:53 - 00000000 ____D C:\ProgramData\UniqueId
2015-09-24 13:47 - 2015-09-24 13:47 - 57042590 _____ C:\Users\jerson\Downloads\SpyHunter.4.17.6.4336.baixedetudo.net.rar
2015-09-24 13:19 - 2015-09-24 13:22 - 00000000 ____D C:\Users\jerson\OneDrive
2015-09-24 13:12 - 2015-09-24 13:12 - 00611230 _____ C:\Users\jerson\Downloads\SpyHunter 4 Crack e Serial__15460_i1672692476_il1551093.rar
2015-09-19 21:43 - 2015-09-19 21:43 - 00000000 ____D C:\Users\jerson\AppData\Roaming\shortCutStore
2015-09-19 21:43 - 2015-09-19 21:43 - 00000000 _____ C:\autoexec.bat
2015-09-16 16:46 - 2015-09-16 16:47 - 02443776 _____ (Flash BOX) C:\Users\jerson\Downloads\Adobe_Flash_Player 2015.exe
2015-09-16 14:24 - 2015-09-16 14:24 - 02818560 _____ (Flash tolls) C:\Users\jerson\Downloads\Adobe Flash Player 2015 .exe
2015-09-16 14:24 - 2015-09-16 14:24 - 02818560 _____ (Flash tolls) C:\Users\jerson\Downloads\Adobe Flash Player 2015 (1).exe
2015-09-10 20:09 - 2015-09-10 20:09 - 00686858 _____ C:\Users\jerson\Downloads\Adobe_Flash_Player 2015_.exe
2015-09-08 21:06 - 2015-09-02 23:18 - 02531400 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-08 21:06 - 2015-09-02 23:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-08 21:06 - 2015-09-02 15:48 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-08 21:06 - 2015-09-02 14:09 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-08 21:06 - 2015-07-22 11:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-08 21:06 - 2015-07-22 10:52 - 01633792 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-08 21:06 - 2015-07-17 11:15 - 00951296 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-08 21:06 - 2015-07-17 11:10 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-08 21:06 - 2015-07-03 18:51 - 01380056 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-09-08 21:06 - 2015-07-03 11:00 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-09-08 21:06 - 2015-06-27 08:47 - 00118616 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-08 21:05 - 2015-07-13 16:10 - 00411455 _____ C:\Windows\system32\ApnDatabase.xml
2015-09-08 21:05 - 2015-07-10 16:06 - 00118272 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2015-09-08 21:05 - 2015-07-09 13:14 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-09-08 21:05 - 2015-06-19 14:07 - 02819072 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-09-08 20:54 - 2015-09-08 20:54 - 00000000 ____D C:\Users\jerson\AppData\Roaming\DNSHelper
2015-09-08 18:10 - 2015-08-26 23:48 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-08 18:10 - 2015-08-26 15:00 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-08 18:10 - 2015-08-26 15:00 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-08 18:10 - 2015-08-26 15:00 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-08 18:10 - 2015-08-26 15:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-08 18:10 - 2015-08-26 11:46 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-08 18:10 - 2015-08-26 11:29 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-08 18:10 - 2015-08-26 11:27 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-08 18:10 - 2015-08-26 11:27 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-09-08 18:10 - 2015-08-26 11:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-08 18:10 - 2015-08-26 11:26 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-08 18:10 - 2015-08-26 11:26 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-08 18:10 - 2015-08-22 15:19 - 25188352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-08 18:10 - 2015-08-22 14:35 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-08 18:10 - 2015-08-22 14:22 - 19856384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-08 18:10 - 2015-08-22 14:20 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-08 18:10 - 2015-08-22 13:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-08 18:10 - 2015-08-22 13:41 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-08 18:10 - 2015-08-22 13:28 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-08 18:10 - 2015-08-22 13:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-08 18:10 - 2015-08-22 13:22 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-08 18:10 - 2015-08-22 13:00 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-08 18:10 - 2015-07-30 14:18 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-08 18:10 - 2015-07-30 13:22 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-08 18:09 - 2015-09-01 23:56 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-08 18:09 - 2015-09-01 23:55 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-08 18:09 - 2015-09-01 23:50 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-08 18:09 - 2015-09-01 23:17 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-08 18:09 - 2015-09-01 23:13 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-08 18:09 - 2015-08-22 14:34 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-08 18:09 - 2015-08-22 14:21 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-08 18:09 - 2015-08-22 13:55 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-08 18:09 - 2015-08-22 13:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-09-08 18:09 - 2015-08-22 13:45 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-08 18:09 - 2015-08-22 13:44 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-09-08 18:09 - 2015-08-22 13:41 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-08 18:09 - 2015-08-22 13:41 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-08 18:09 - 2015-08-22 13:41 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-08 18:09 - 2015-08-22 13:39 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-08 18:09 - 2015-08-22 13:23 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-09-08 18:09 - 2015-08-22 13:20 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-09-08 18:09 - 2015-08-22 13:18 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-08 18:09 - 2015-08-22 13:18 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-08 18:09 - 2015-08-22 13:18 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-08 18:09 - 2015-08-22 13:14 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-08 18:09 - 2015-08-22 13:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-08 18:09 - 2015-08-22 12:56 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-08 18:09 - 2015-08-22 12:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-08 18:09 - 2015-08-03 18:15 - 00074928 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-08 18:09 - 2015-08-03 18:15 - 00065600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-08 18:09 - 2015-08-01 11:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-08 18:09 - 2015-08-01 00:47 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2015-09-08 18:09 - 2015-08-01 00:45 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2015-09-08 18:09 - 2015-08-01 00:38 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-08 18:09 - 2015-08-01 00:37 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2015-09-08 18:09 - 2015-08-01 00:37 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2015-09-08 18:09 - 2015-07-22 11:34 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-08 18:09 - 2015-07-22 11:33 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-08 18:09 - 2015-07-22 11:25 - 02461184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-08 18:09 - 2015-07-22 11:25 - 01546752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-09-08 18:09 - 2015-07-18 15:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2015-09-08 18:09 - 2015-07-18 15:29 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-09-08 18:09 - 2015-07-18 15:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2015-09-08 18:09 - 2015-07-18 15:27 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-09-08 18:09 - 2015-07-14 00:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tzsync.exe
2015-09-01 17:18 - 2015-09-01 17:18 - 00529002 _____ C:\Users\jerson\Downloads\Apresentação AEEL_ Equacionamento do déficit de 2013_v25-08-2015.pptx
2015-09-01 00:04 - 2015-09-01 00:04 - 00000000 ____D C:\Users\jerson\AppData\Roaming\Sun
2015-09-01 00:04 - 2015-09-01 00:04 - 00000000 ____D C:\Users\jerson\.oracle_jre_usage
2015-08-31 22:29 - 2015-09-18 12:58 - 00000136 _____ C:\Windows\ODBC.INI
2015-08-27 10:20 - 2015-08-27 10:20 - 00000000 ____D C:\Users\jerson\Documents\Blocos de Anotações do OneNote

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-26 13:39 - 2015-06-11 18:06 - 00001086 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-26 13:33 - 2014-09-10 01:59 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2015-09-26 13:32 - 2014-10-07 14:36 - 00000000 ____D C:\Users\jerson\AppData\Local\CrashDumps
2015-09-26 13:32 - 2014-10-02 17:50 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1119460738-191548075-3182123001-1001
2015-09-26 13:30 - 2015-08-06 11:07 - 00088064 ___SH C:\Users\jerson\Downloads\Thumbs.db
2015-09-26 13:30 - 2014-03-18 07:07 - 01797166 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-26 13:30 - 2014-03-18 06:29 - 00774900 _____ C:\Windows\system32\prfh0416.dat
2015-09-26 13:30 - 2014-03-18 06:29 - 00158494 _____ C:\Windows\system32\prfc0416.dat
2015-09-26 13:29 - 2014-10-02 17:56 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{493CFB94-3AAD-4238-AD3C-6B8C2D7EE423}
2015-09-26 13:27 - 2015-06-11 18:06 - 00001082 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-26 13:26 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\system32\sru
2015-09-26 03:16 - 2014-09-10 01:29 - 01801765 _____ C:\Windows\WindowsUpdate.log
2015-09-25 14:42 - 2014-10-02 17:44 - 00000000 ____D C:\Users\jerson
2015-09-25 14:41 - 2015-06-11 18:09 - 00002367 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-24 19:55 - 2014-10-02 17:44 - 00000000 ____D C:\Users\jerson\AppData\Local\Packages
2015-09-24 16:03 - 2014-10-02 18:13 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2015-09-24 16:02 - 2013-08-22 11:46 - 00062916 _____ C:\Windows\setupact.log
2015-09-24 16:02 - 2013-08-22 11:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-24 16:01 - 2013-08-22 10:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-09-24 14:37 - 2015-04-26 22:24 - 00000000 ____D C:\Users\jerson\AppData\Roaming\RunDir
2015-09-24 14:36 - 2014-09-10 01:44 - 00000000 ____D C:\Program Files (x86)\Intel
2015-09-24 14:27 - 2014-03-18 02:55 - 00102360 _____ C:\Windows\PFRO.log
2015-09-24 13:28 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\AppReadiness
2015-09-24 13:19 - 2015-04-15 21:04 - 00000000 ___RD C:\Users\jerson\OneDrive.old
2015-09-23 14:17 - 2015-04-15 20:59 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-23 08:49 - 2013-08-22 10:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-09-22 00:30 - 2013-08-22 12:20 - 00000000 ____D C:\Windows\CbsTemp
2015-09-19 21:54 - 2015-08-07 13:46 - 00001493 _____ C:\Users\jerson\Desktop\Pessoa 1 - Chrome.lnk
2015-09-19 19:06 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\system32\NDF
2015-09-17 21:34 - 2015-06-11 18:06 - 00004058 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-17 21:34 - 2015-06-11 18:06 - 00003822 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-16 12:29 - 2015-07-25 13:14 - 00037888 ___SH C:\Users\jerson\Desktop\Thumbs.db
2015-09-14 22:18 - 2015-07-17 10:57 - 00812008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-14 22:18 - 2015-07-17 10:57 - 00178152 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-13 14:12 - 2014-10-02 20:34 - 00000000 ____D C:\Users\jerson\AppData\Local\Google
2015-09-12 07:45 - 2015-04-15 21:04 - 00003090 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1119460738-191548075-3182123001-1001
2015-09-11 14:00 - 2014-10-06 21:16 - 00000000 ____D C:\Windows\system32\MRT
2015-09-08 21:41 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\rescache
2015-09-08 20:43 - 2013-08-22 11:44 - 00382968 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-08 20:40 - 2014-03-18 06:44 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-08 20:40 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-03 19:35 - 2014-09-10 01:57 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-09-01 00:05 - 2015-01-13 11:46 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2015-09-01 00:05 - 2015-01-13 11:46 - 00000000 ____D C:\ProgramData\Oracle
2015-09-01 00:04 - 2015-01-13 11:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-01 00:04 - 2015-01-13 11:46 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-01 00:03 - 2015-01-13 11:46 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-08-30 18:31 - 2015-04-27 00:07 - 00000286 __RSH C:\Users\Todos os Usuários\ntuser.pol
2015-08-30 18:31 - 2015-04-27 00:07 - 00000286 __RSH C:\ProgramData\ntuser.pol
2015-08-30 18:20 - 2014-10-02 18:13 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2015-08-30 18:20 - 2014-10-02 18:13 - 00000000 ____D C:\ProgramData\GbPlugin

==================== Files in the root of some directories =======

2015-02-24 15:13 - 2015-02-24 15:13 - 0016730 _____ () C:\Users\jerson\AppData\Roaming\unins000.dat
2015-02-24 15:13 - 2015-02-24 15:13 - 0815826 _____ () C:\Users\jerson\AppData\Roaming\unins000.exe
2014-09-10 01:21 - 2014-09-10 01:21 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-09-10 01:43 - 2014-09-10 01:44 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2014-09-10 01:39 - 2014-09-10 01:40 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2014-09-10 01:40 - 2014-09-10 01:41 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2014-09-10 01:41 - 2014-09-10 01:43 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2014-09-10 01:39 - 2014-09-10 01:39 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Some files in TEMP:
====================
C:\Users\jerson\AppData\Local\Temp\2503.exe
C:\Users\jerson\AppData\Local\Temp\6074.exe
C:\Users\jerson\AppData\Local\Temp\8FFD427E-F52C-37D3-608D-352F36983F31.dll
C:\Users\jerson\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\jerson\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\jerson\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\jerson\AppData\Local\Temp\jue1FD6.exe
C:\Users\jerson\AppData\Local\Temp\jue345A.exe
C:\Users\jerson\AppData\Local\Temp\jue8691.exe
C:\Users\jerson\AppData\Local\Temp\jue87E9.exe
C:\Users\jerson\AppData\Local\Temp\jueDEB5.exe
C:\Users\jerson\AppData\Local\Temp\jueE7A8.exe
C:\Users\jerson\AppData\Local\Temp\OfficeSetup.exe
C:\Users\jerson\AppData\Local\Temp\setup32.exe
C:\Users\jerson\AppData\Local\Temp\SetupHomeStudentRetail.x86.pt-BR_HomeStudentRetail_T6DVH-NMKV4-Q8DWF-HHGGP-27GKR_act_1_.exe
C:\Users\jerson\AppData\Local\Temp\UninstallModule.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-09-15 04:51

==================== End of FRST.txt ============================
raphaelmonteirodell
raphaelmonteirodell
Iniciante
Iniciante

Mensagens : 10
Reputação : 2
Data de inscrição : 24/09/2015

Ir para o topo Ir para baixo

ajuda remover 123rede com adwcleaner Empty Re: ajuda remover 123rede com adwcleaner

Mensagem por joram Seg 28 Set 2015, 18:46

/!\ Boa Noite! raphaelmonteirodell /!\

> O relatório veio errado,onde o pedido foi o Fixlog.txt e nãoFRST.txt.
> Corrija isto!

Abs!

_________________
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> O que há de melhor,para desinfectar seu computador!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Não deixem de conhecer!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Tradição em informática!
joram
joram
Administrador
Administrador

Mensagens : 4160
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

ajuda remover 123rede com adwcleaner Empty Re: ajuda remover 123rede com adwcleaner

Mensagem por raphaelmonteirodell Ter 29 Set 2015, 20:08

desculpe a ignorância mas num entendi o que seria o Fixlog.txt , é o mesmo que o fixlist do crsvc e dnssvc ?
raphaelmonteirodell
raphaelmonteirodell
Iniciante
Iniciante

Mensagens : 10
Reputação : 2
Data de inscrição : 24/09/2015

Ir para o topo Ir para baixo

ajuda remover 123rede com adwcleaner Empty Re: ajuda remover 123rede com adwcleaner

Mensagem por joram Ter 29 Set 2015, 20:28

/!\ Boa Noite! raphaelmonteirodell /!\

> O Fixlog é gerado tão logo a ferramenta FRST é aberta e o clique em "Fix",efetuado à seguir. Sendo que o fixlist.txt tem que estar no mesmo diretório da FRST.exe
> Ps: Fique atento,pois a FRST.exe sendo atalho,não roda o script.

A+

_________________
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> O que há de melhor,para desinfectar seu computador!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Não deixem de conhecer!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Tradição em informática!
joram
joram
Administrador
Administrador

Mensagens : 4160
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

ajuda remover 123rede com adwcleaner Empty Re: ajuda remover 123rede com adwcleaner

Mensagem por raphaelmonteirodell Qua 30 Set 2015, 21:10

Fix result of Farbar Recovery Scan Tool (x64) Version:23-09-2015
Ran by jerson (2015-09-30 20:58:19) Run:1
Running from C:\Users\jerson\Downloads
Loaded Profiles: jerson (Available Profiles: jerson)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CloseProcesses:
(QNT) C:\Users\jerson\AppData\Roaming\NetService\netservice.exe
Winlogon\Notify\igfxcui: igfxdev.dll [X]
GroupPolicy: Restriction - Chrome <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1119460738-191548075-3182123001-1001 -> {5E05225F-3794-4201-A4F4-7D7F38F7F63C} URL =
R2 NetTcpHandler; C:\Users\jerson\AppData\Roaming\NetService\netservice.exe [211824 2015-03-20] (QNT)
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
U2 McMPFSvc; no ImagePath
2015-09-24 15:56 - 2015-09-24 16:01 - 00000000 ____D C:\AdwCleaner
2015-09-24 15:55 - 2015-09-24 15:55 - 00001201 _____ C:\Users\jerson\Desktop\AdwCleaner.exe - Atalho.lnk
2015-09-24 15:52 - 2015-09-24 15:52 - 01662976 _____ C:\Users\jerson\Downloads\AdwCleaner.exe
2015-09-24 14:08 - 2015-09-24 14:08 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
2015-09-24 14:07 - 2015-09-24 15:39 - 00000000 ____D C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2015-09-24 13:47 - 2015-09-24 13:47 - 57042590 _____ C:\Users\jerson\Downloads\SpyHunter.4.17.6.4336.baixedetudo.net.rar
2015-09-24 13:12 - 2015-09-24 13:12 - 00611230 _____ C:\Users\jerson\Downloads\SpyHunter 4 Crack e Serial__15460_i1672692476_il1551093.rar
2014-09-10 01:43 - 2014-09-10 01:44 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2014-09-10 01:39 - 2014-09-10 01:40 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2014-09-10 01:40 - 2014-09-10 01:41 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2014-09-10 01:41 - 2014-09-10 01:43 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2014-09-10 01:39 - 2014-09-10 01:39 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
C:\Users\jerson\AppData\Local\Temp\2503.exe
C:\Users\jerson\AppData\Local\Temp\6074.exe
C:\Users\jerson\AppData\Local\Temp\8FFD427E-F52C-37D3-608D-352F36983F31.dll
C:\Users\jerson\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\jerson\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\jerson\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\jerson\AppData\Local\Temp\jue1FD6.exe
C:\Users\jerson\AppData\Local\Temp\jue345A.exe
C:\Users\jerson\AppData\Local\Temp\jue8691.exe
C:\Users\jerson\AppData\Local\Temp\jue87E9.exe
C:\Users\jerson\AppData\Local\Temp\jueDEB5.exe
C:\Users\jerson\AppData\Local\Temp\jueE7A8.exe
C:\Users\jerson\AppData\Local\Temp\OfficeSetup.exe
C:\Users\jerson\AppData\Local\Temp\setup32.exe
C:\Users\jerson\AppData\Local\Temp\SetupHomeStudentRetail.x86.pt-BR_HomeStudentRetail_T6DVH-NMKV4-Q8DWF-HHGGP-27GKR_act_1_.exe
C:\Users\jerson\AppData\Local\Temp\UninstallModule.exe
CreateRestorePoint:
RemoveProxy:
EmptyTemp:
Reboot:
Hosts:
end
*****************

Processes closed successfully.
C:\Users\jerson\AppData\Roaming\NetService\netservice.exe => No running process found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui" => key removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKU\S-1-5-21-1119460738-191548075-3182123001-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5E05225F-3794-4201-A4F4-7D7F38F7F63C}" => key removed successfully
HKCR\CLSID\{5E05225F-3794-4201-A4F4-7D7F38F7F63C} => key not found.
NetTcpHandler => Service stopped successfully.
NetTcpHandler => service removed successfully
gbpddfac => service removed successfully
McMPFSvc => service could not remove
C:\AdwCleaner => moved successfully
C:\Users\jerson\Desktop\AdwCleaner.exe - Atalho.lnk => moved successfully
C:\Users\jerson\Downloads\AdwCleaner.exe => moved successfully
C:\Program Files (x86)\Enigma Software Group => moved successfully
C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP => moved successfully
C:\Users\jerson\Downloads\SpyHunter.4.17.6.4336.baixedetudo.net.rar => moved successfully
C:\Users\jerson\Downloads\SpyHunter 4 Crack e Serial__15460_i1672692476_il1551093.rar => moved successfully
C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log => moved successfully
C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log => moved successfully
C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log => moved successfully
C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log => moved successfully
C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log => moved successfully
C:\Users\jerson\AppData\Local\Temp\2503.exe => moved successfully
C:\Users\jerson\AppData\Local\Temp\6074.exe => moved successfully
C:\Users\jerson\AppData\Local\Temp\8FFD427E-F52C-37D3-608D-352F36983F31.dll => moved successfully
C:\Users\jerson\AppData\Local\Temp\jre-8u45-windows-au.exe => moved successfully
C:\Users\jerson\AppData\Local\Temp\jre-8u51-windows-au.exe => moved successfully
C:\Users\jerson\AppData\Local\Temp\jre-8u60-windows-au.exe => moved successfully
C:\Users\jerson\AppData\Local\Temp\jue1FD6.exe => moved successfully
C:\Users\jerson\AppData\Local\Temp\jue345A.exe => moved successfully
C:\Users\jerson\AppData\Local\Temp\jue8691.exe => moved successfully
C:\Users\jerson\AppData\Local\Temp\jue87E9.exe => moved successfully
C:\Users\jerson\AppData\Local\Temp\jueDEB5.exe => moved successfully
C:\Users\jerson\AppData\Local\Temp\jueE7A8.exe => moved successfully
C:\Users\jerson\AppData\Local\Temp\OfficeSetup.exe => moved successfully
C:\Users\jerson\AppData\Local\Temp\setup32.exe => moved successfully
C:\Users\jerson\AppData\Local\Temp\SetupHomeStudentRetail.x86.pt-BR_HomeStudentRetail_T6DVH-NMKV4-Q8DWF-HHGGP-27GKR_act_1_.exe => moved successfully
C:\Users\jerson\AppData\Local\Temp\UninstallModule.exe => moved successfully
Restore point was successfully created.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-1119460738-191548075-3182123001-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-1119460738-191548075-3182123001-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 4.9 GB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 21:04:08 ====
raphaelmonteirodell
raphaelmonteirodell
Iniciante
Iniciante

Mensagens : 10
Reputação : 2
Data de inscrição : 24/09/2015

Ir para o topo Ir para baixo

ajuda remover 123rede com adwcleaner Empty Re: ajuda remover 123rede com adwcleaner

Mensagem por joram Qua 30 Set 2015, 23:14

/!\ Boa Noite! raphaelmonteirodell /!\

> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Smeenk )

< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >

> Salve-o ao desktop!
> Desabilite seu antivírus!
> Feche seu navegador!
> Para Windows 7,execute Zoek.exe como administrador.

reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /f /v "AutoConfigURL";b
Set Search Settings;chromelook;
emptyfolderscheck;delete

shortcutfix;
quickscan;
emptytemp;
123rede;a
123rede;z


> Copie e cole estas informações,que estão em vermelho,no campo da ferramenta.
> Clique "Run Script". 

Zoek.exe is running now. 
Do not start any browser windows, they will be closed automatically. 
Please wait! This window will close when finished. 
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
> Surgirão informações,pedindo-lhe que aguarde o surgimento do relatório.
> Ps: Essas informações,podem permanecer estáticas na tela por 30 minutos ou mais.
> Confirme o reboot!

zoek.hta failed by unknown error.
Restart computer, and try again.
> Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
> Poste o relatório,que estará em C:\zoek-results.txt << 

A+

_________________
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> O que há de melhor,para desinfectar seu computador!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Não deixem de conhecer!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Tradição em informática!
joram
joram
Administrador
Administrador

Mensagens : 4160
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

ajuda remover 123rede com adwcleaner Empty Re: ajuda remover 123rede com adwcleaner

Mensagem por raphaelmonteirodell Qui 01 Out 2015, 13:23


Zoek.exe v5.0.0.1 Updated 30-09-2015
Tool run by jerson on 01/10/2015 at 12:23:10,20.
Microsoft Windows 8.1 Single Language 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\jerson\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

01/10/2015 12:25:03 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~3\boost_interprocess deleted successfully
C:\Users\jerson\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\jerson\AppData\Local\EmieSiteList deleted successfully
C:\Users\jerson\AppData\Local\EmieUserList deleted successfully
C:\Users\jerson\AppData\Local\softthinks deleted successfully

==== Batch Command(s) Run By Tool======================


==== Folders Found ======================


==== Files Found ======================


--- C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.123rede.com_0.localstorage ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3072
Created time: 2015-10-01 00:08:45
Modified time: 2015-10-01 00:08:46
MD5: 9BB64DFADFE965087AC0B72ABD857361
SHA1: F75A03C40ACBFDCACE062A3E231A10626F7C94FA


--- C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.123rede.com_0.localstorage-journal ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 0
Created time: 2015-10-01 00:08:45
Modified time: 2015-10-01 00:08:47
MD5: D41D8CD98F00B204E9800998ECF8427E
SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709


==== Registry Search Results for "123rede" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\NetTcpHandler]
"hp"="[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

[HKEY_USERS\S-1-5-21-1119460738-191548075-3182123001-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\TypedPaths]
"url2"="http://123rede/"

[HKEY_USERS\S-1-5-21-1119460738-191548075-3182123001-1001\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\{8AB71AC2-7FE8-4381-AB79-9E5529650871}Machine\Software\Policies\Google\Chrome]
"HomepageLocation"="[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

[HKEY_USERS\S-1-5-21-1119460738-191548075-3182123001-1001\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\{8AB71AC2-7FE8-4381-AB79-9E5529650871}Machine\Software\Policies\Google\Chrome\RestoreOnStartupURLs]
"1"="[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\jerson\AppData\Local\Temp ====
2015-10-01 00:04:55 69E645CFFE1815991B813CBE706A039C 162120 ----a-w- C:\Users\jerson\AppData\Local\Temp\mccspuninstall.exe
2015-10-01 00:02:55 F9726373B1AE2E8E2BCEB7CC34E2E751 882000 ----a-w- C:\Users\jerson\AppData\Local\Temp\0139461443657775mcinst.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-09-27 21:22:43 8ACEDE6BC414884D53BD7B948E703E94 409256 ----a-w- C:\Windows\SysWOW64\SynCom.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-10-01 00:19:17 DF7C79C1FFFBBE3D4BEC2BA7FF8A8AB1 300704 ------w- C:\Windows\Sysnative\MpSigStub.exe
2015-09-27 21:22:43 9A5404FFEEF51497CB1B6C983669C3DC 212136 ----a-w- C:\Windows\Sysnative\SynTPCo20.dll
2015-09-27 21:22:43 5C7BD553136045E3725BAF37EC31102E 753320 ----a-w- C:\Windows\Sysnative\SynCOM.dll
2015-09-27 21:22:43 32090D64ACA57B132CECC1A4C076D5C6 256168 ----a-w- C:\Windows\Sysnative\SynTPAPI.dll
2015-09-24 19:03:40 8A63A03AE53A58DCD77C31B5DD1D591A 118 ----a-w- C:\Windows\Sysnative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-09-24 18:46:57 0055B62657CE7561F68136FB1E54AFAC 401 ----a-w- C:\Windows\Sysnative\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
====== C:\Windows\Sysnative\drivers =====
2015-09-27 21:22:42 4CBB67D9067EB3DD54ADBDFA03866C59 42664 ----a-w- C:\Windows\Sysnative\drivers\SynRMIHID.sys
2015-09-27 21:22:42 08F6BE0C19F0C2824878AAF9294891F5 580776 ----a-w- C:\Windows\Sysnative\drivers\SynTP.sys
2015-09-09 00:05:58 FEA8FC81431AD93F44D5FBFBBF096AA7 118272 -c--a-w- C:\Windows\Sysnative\drivers\bthpan.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-09-24 16:55:09 -------- d-----w- C:\Program Files\WinZip
======= C:\PROGRA~2 =====
2015-09-24 17:07:46 -------- d-----w- C:\PROGRA~2\COMMON~1\Wise Installation Wizard
======= C: =====
2015-09-20 00:43:37 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat
====== C:\Users\jerson\AppData\Roaming ======
2015-10-01 15:08:06 -------- d-----r- C:\Users\jerson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-10-01 00:07:57 -------- d-----w- C:\Users\jerson\AppData\Roaming\NetTemp
2015-09-24 17:37:58 -------- d-----w- C:\Users\jerson\AppData\Local\Crsoft
2015-09-24 16:55:20 -------- d-----w- C:\Users\jerson\AppData\Local\WinZip
2015-09-12 10:37:17 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\CrashDumps
2015-09-08 23:54:21 -------- d-----w- C:\Users\jerson\AppData\Roaming\DNSHelper
====== C:\Users\jerson ======
2015-10-01 02:28:20 2BF7BD3F5178BAB89AACA4080DF012C7 384000 ----a-w- C:\Users\jerson\Downloads\adobe_flash_player .exe
2015-09-26 16:31:44 E0F80113E97C5E9C8530D28ED24FC042 2192384 ----a-w- C:\Users\jerson\Downloads\FRST64 (1).exe
2015-09-25 17:42:53 -------- d-sh--w- C:\Users\jerson\IntelGraphicsProfiles
2015-09-25 14:22:49 E0F80113E97C5E9C8530D28ED24FC042 2192384 ----a-w- C:\Users\jerson\Downloads\FRST64.exe
2015-09-25 14:22:07 7FE4B75C0CF7E40006DEF1E477D64739 1695744 ----a-w- C:\Users\jerson\Downloads\FRST.exe
2015-09-24 18:45:39 -------- d-----w- C:\Windows\serviceprofiles\Localservice\winhttp
2015-09-24 16:55:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2015-09-24 16:55:20 -------- d-----w- C:\Users\TODOSO~1\WinZip
2015-09-24 16:55:20 -------- d-----w- C:\ProgramData\WinZip
2015-09-24 16:53:42 -------- d-----w- C:\Users\TODOSO~1\UniqueId
2015-09-24 16:53:42 -------- d-----w- C:\ProgramData\UniqueId
2015-09-24 16:53:29 DFEB7A73A5160149B6FFE0638D765C82 714376 ----a-w- C:\Users\jerson\Downloads\winzip19-pp.exe
2015-09-24 16:19:49 -------- d---a-w- C:\Users\jerson\OneDrive
2015-09-20 00:43:11 -------- d-----w- C:\Users\jerson\Start Menu

====== C: exe-files ==
2015-10-01 02:28:20 2BF7BD3F5178BAB89AACA4080DF012C7 384000 ----a-w- C:\Users\jerson\Downloads\adobe_flash_player .exe
2015-10-01 00:19:17 DF7C79C1FFFBBE3D4BEC2BA7FF8A8AB1 300704 ------w- C:\Windows\System32\MpSigStub.exe
2015-10-01 00:08:01 0F86442B238F1C9CA69CB8D662DEB05B 185800 ----a-w- C:\Users\jerson\AppData\Roaming\NetTemp\SysDnsSvc.exe
2015-10-01 00:07:59 0F86442B238F1C9CA69CB8D662DEB05B 185800 ----a-w- C:\Users\jerson\AppData\Roaming\DNSHelper\temp\ipvbx.exe
2015-10-01 00:04:55 69E645CFFE1815991B813CBE706A039C 162120 ----a-w- C:\Users\jerson\AppData\Local\Temp\mccspuninstall.exe
2015-10-01 00:02:55 F9726373B1AE2E8E2BCEB7CC34E2E751 882000 ----a-w- C:\Users\jerson\AppData\Local\Temp\0139461443657775mcinst.exe
2015-09-30 23:50:25 45F31CE1EB83980A59AFE5117E41F4DF 528280 ----a-w- C:\Users\jerson\AppData\Local\NVIDIA\NvBackend\Packages\00007f61\CoProc update.20011425.exe
2015-09-30 23:47:47 07D733DAB53FD7E2E7C8442216073379 873800 ----a-w- C:\Users\jerson\AppData\Local\Google\Chrome\User Data\SwReporter\4.30.2\software_reporter_tool.exe
2015-09-30 17:58:46 B786A5777AD4963003839256CA7CA395 6369152 ----a-w- C:\Users\jerson\AppData\Local\NVIDIA\NvBackend\Packages\00007f51\DAO.20007618.exe
2015-09-29 13:36:30 7C3C29391EB1508B166620E2BA36554B 630200 ----a-w- C:\Users\jerson\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
2015-09-29 13:36:26 5E5D0D316EE0CC3BEE84E03302105868 172984 ----a-w- C:\Users\jerson\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe
2015-09-27 21:22:43 FA0A1EF0CC652E0D8F4F4C6F7EEE9D10 285352 ----a-w- C:\Program Files\Synaptics\SynTP\InstNT.exe
2015-09-27 21:22:43 F98B3FA79BFED8A7A8D73183C63A5460 1902248 ----a-w- C:\Program Files\Synaptics\SynTP\SynMood.exe
2015-09-27 21:22:43 ED0E7EF09EE79258E36CA79C62D6ADC4 1296040 ----a-w- C:\Program Files\Synaptics\SynTP\SynReflash.exe
2015-09-27 21:22:43 E20AF672C8871F4A75D4FE536EBB6DB5 5652648 ----a-w- C:\Program Files\Synaptics\SynTP\DellTouchpad35.exe
2015-09-27 21:22:43 D0CE8FBB6A69AA9C10F17E80D1F8674C 2857128 ----a-w- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
2015-09-27 21:22:43 B97B640DA15BAD9843521C4CFEE8130F 1879208 ----a-w- C:\Program Files\Synaptics\SynTP\SynZMetr.exe
2015-09-27 21:22:43 7F91E265FA5E86A01B286A49B79F24E2 22971048 ----a-w- C:\Program Files\Synaptics\SynTP\DellTpad.exe
2015-09-27 21:22:43 53E1689E6381414DF17BEC0FCF22546A 200872 ----a-w- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
2015-09-27 21:22:43 491D467ED6FE415A2013939B1E82F10B 1890472 ----a-w- C:\Program Files\Synaptics\SynTP\Tutorial.exe
2015-09-27 21:22:43 1E226DB6CA15A6438D785377407B186C 5652648 ----a-w- C:\Program Files\Synaptics\SynTP\DellTouchpad.exe
2015-09-27 21:22:43 195C2911F74C4961320E0F3D697F0DFE 220840 ----a-w- C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
2015-09-27 04:29:00 257C7075A77AD546C5B46311A060370C 93696 ----a-w- C:\Users\jerson\AppData\Local\Packages\62307pauljohn.RARFileOpener_7sv5v3m8wq0b2\AC\Microsoft\CLR_v4.0_32\NativeImages\OpenFiles.Windows\5f7ca1ca3260995fbdefa94ced462821\OpenFiles.Windows.ni.exe
2015-09-26 16:31:44 E0F80113E97C5E9C8530D28ED24FC042 2192384 ----a-w- C:\Users\jerson\Downloads\FRST64 (1).exe
2015-09-25 17:40:30 4719799B56E0B4BEE6C62552FC7FC7E0 936016 ----a-w- C:\Program Files (x86)\Google\Update\Install\{C3748DCB-8B1A-409F-A98C-F78E46A8F9CD}\45.0.2454.101_45.0.2454.99_chrome_updater.exe
2015-09-25 17:40:30 4719799B56E0B4BEE6C62552FC7FC7E0 936016 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\45.0.2454.101\45.0.2454.101_45.0.2454.99_chrome_updater.exe
2015-09-25 14:22:49 E0F80113E97C5E9C8530D28ED24FC042 2192384 ----a-w- C:\Users\jerson\Downloads\FRST64.exe
2015-09-25 14:22:07 7FE4B75C0CF7E40006DEF1E477D64739 1695744 ----a-w- C:\Users\jerson\Downloads\FRST.exe
2015-09-24 18:39:32 6B110E925294547A7D288F26DA19D199 179687 ----a-w- C:\FRST\Quarantine\C\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP\WiseCustomCalla18.exe
2015-09-24 17:37:58 0F86442B238F1C9CA69CB8D662DEB05B 185800 ----a-w- C:\Users\jerson\AppData\Local\Crsoft\crsvc.exe
2015-09-24 17:37:52 0F86442B238F1C9CA69CB8D662DEB05B 185800 ----a-w- C:\Users\jerson\AppData\Roaming\RunDir\ud4.exe
2015-09-24 17:37:44 0F86442B238F1C9CA69CB8D662DEB05B 185800 ----a-w- C:\Users\jerson\AppData\Roaming\RunDir\temp\ud4.exe
2015-09-24 17:36:37 525FEACA67C73AC39A548F9DA71F1BD3 167328 ----a-w- C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\uninstall\x64\Drv64.exe
2015-09-24 17:36:36 6C7CB9CAC642BE4886C9FF00FFAFFA16 1007024 ----a-w- C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\uninstall\Setup.exe
2015-09-24 17:07:47 2349274E327CAC32501C93AE37E16B48 180934 ----a-w- C:\FRST\Quarantine\C\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP\WiseCustomCalla21.exe
2015-09-24 16:53:29 DFEB7A73A5160149B6FFE0638D765C82 714376 ----a-w- C:\Users\jerson\Downloads\winzip19-pp.exe
2015-09-24 16:09:16 DB7485CD81CB08868788A07AA0AD8BEC 526424 ----a-w- C:\Users\jerson\AppData\Local\NVIDIA\NvBackend\Packages\00007f2c\CoProc update.19993666.exe
2015-09-24 16:08:50 02DC064227A69E74EBF84A9F7E9830EA 6369136 ----a-w- C:\Users\jerson\AppData\Local\NVIDIA\NvBackend\Packages\00007f2a\DAO.19993499.exe
=== C: other files ==
2015-09-27 21:22:42 4CBB67D9067EB3DD54ADBDFA03866C59 42664 ----a-w- C:\Windows\System32\drivers\SynRMIHID.sys
2015-09-27 21:22:42 08F6BE0C19F0C2824878AAF9294891F5 580776 ----a-w- C:\Windows\System32\drivers\SynTP.sys
2015-09-24 19:03:40 8A63A03AE53A58DCD77C31B5DD1D591A 118 ----a-w- C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-09-24 18:46:57 0055B62657CE7561F68136FB1E54AFAC 401 ----a-w- C:\Windows\System32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-1119460738-191548075-3182123001-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"="C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX5REC"
"WavesSvc"="C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe"
"QuickSet"="c:\Program Files\Dell\QuickSet\QuickSet.exe"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"="C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"

==== Startup Folders ======================

2015-08-27 13:20:27 1129 ----a-w- C:\Users\jerson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar para o OneNote.lnk
2015-09-24 16:55:34 2073 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk
2015-09-24 16:55:34 1978 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/06/2015 18:06]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/06/2015 18:06]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\CLMLSvc_P2G8" [C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe]
"C:\Windows\SysNative\tasks\CLVDLauncher" [C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe]
"C:\Windows\SysNative\tasks\Dell SupportAssistAgent AutoUpdate" [C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\PCDEventLauncherTask" ["C:\Program Files\Dell\SupportAssist\sessionchecker.exe"]
"C:\Windows\SysNative\tasks\PCDoctorBackgroundMonitorTask" ["C:\Program Files\Dell\SupportAssist\uaclauncher.exe"]
"C:\Windows\SysNative\tasks\SystemToolsDailyTest" ["uaclauncher.exe"]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{493CFB94-3AAD-4238-AD3C-6B8C2D7EE423}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\Dell\Dell Product Registration" [C:\Program Files (x86)\Dell Product Registration\prodreg.exe]
"C:\Windows\SysNative\tasks\Dell\Dell Product Registration Update" [C:\Program Files (x86)\Dell Product Registration\prodreg.exe]

==== Chromium Look ======================

Google Chrome Version: 45.0.2454.101

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
kfecnpmgnlnbmipaogfhoacoioifjgko - No path found[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
kfecnpmgnlnbmipaogfhoacoioifjgko - No path found[]

Google Slides - jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Docs Offline - jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Web Protector - Reliable Phishing Protection - jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfecnpmgnlnbmipaogfhoacoioifjgko
Chrome Hotword Shared Module - jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Chrome Web Store Payments - jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Slides - jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Web Protector - Reliable Phishing Protection - jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kfecnpmgnlnbmipaogfhoacoioifjgko
Chrome Hotword Shared Module - jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Chrome Web Store Payments - jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Fix ======================

C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\pafkbggdmjlpgkdkcbjmhmfcdpncadgh deleted successfully

==== shortcuts on Users Desktops ======================

C:\Users\jerson\Desktop\IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk -
C:\Users\jerson\Desktop\IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk -
C:\Users\jerson\Desktop\Pessoa 1 - Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\Public\Desktop\Receitanet 1.04 .lnk - C:\Program Files (x86)\Programas RFB\Receitanet\Windows\Receitanet.exe

==== shortcuts in Users Start Menu ======================

C:\Users\jerson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar para o OneNote.lnk - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE /tsr

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk - C:\Program Files (x86)\WinZip\WINZIP64.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configurar Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_60\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Obter Ajuda.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Sobre o Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_60\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Verificar Atualizações.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visite Java.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\FAH.lnk - C:\Program Files (x86)\WinZip\FAH\FAHConsole.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\WinZip Preloader.lnk - C:\Program Files (x86)\WinZip\WzPreloader.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip\WinZip 19.5.lnk - C:\Program Files (x86)\WinZip\WINZIP64.EXE

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\jerson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\jerson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\jerson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\jerson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\jerson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\jerson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome (2).lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\jerson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\jerson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== shortcuts After Repair ======================

C:\Users\jerson\Desktop\Pessoa 1 - Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\jerson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\jerson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\jerson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome (2).lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\jerson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==== C:\zoek_backup content ======================

C:\zoek_backup (files=9 folders=1 78527 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\jerson\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\jerson\AppData\Local\Temp successfully emptied

==== EOF on 01/10/2015 at 13:20:00,11 ======================
raphaelmonteirodell
raphaelmonteirodell
Iniciante
Iniciante

Mensagens : 10
Reputação : 2
Data de inscrição : 24/09/2015

Ir para o topo Ir para baixo

ajuda remover 123rede com adwcleaner Empty Re: ajuda remover 123rede com adwcleaner

Mensagem por joram Qui 01 Out 2015, 15:48

/!\ Boa Tarde! raphaelmonteirodell /!\

---
C:\Users>jerson>AppData>Local>Google>Chrome>User Data>Default>Local Storagehttp_www.123rede.com_0.localstorage-journal << Link!
---
> Indo pelo caminho àcima,delete o link em destaque.
>
> Abra a ferramenta Zoek.
> Feche o navegador!

chromelook;
iedefaults;
[-HKEY_LOCAL_MACHINE\SOFTWARE\NetTcpHandler];r
[HKEY_USERS\S-1-5-21-1119460738-191548075-3182123001-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\TypedPaths];r
"url2"=-;r
[HKEY_USERS\S-1-5-21-1119460738-191548075-3182123001-1001\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\{8AB71AC2-7FE8-4381-AB79-9E5529650871}Machine\Software\Policies\Google\Chrome];r
"HomepageLocation"=-;r
[HKEY_USERS\S-1-5-21-1119460738-191548075-3182123001-1001\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\{8AB71AC2-7FE8-4381-AB79-9E5529650871}Machine\Software\Policies\Google\Chrome\RestoreOnStartupURLs];r
"1"=-;r
 

> Copie e cole estas informações,que estão em vermelho,no campo da ferramenta.
> Clique "Run Script". 

Zoek.exe is running now. 
Do not start any browser windows, they will be closed automatically. 
Please wait! This window will close when finished. 
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
> Surgirão informações,pedindo-lhe que aguarde o surgimento do relatório.
> Ps: Essas informações,podem permanecer estáticas na tela por 20 minutos ou mais.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Confirme o reboot!

zoek.hta failed by unknown error.
Restart computer, and try again.
> Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
> Poste o relatório,que estará em C:\zoek-results.txt << 

A+

_________________
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> O que há de melhor,para desinfectar seu computador!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Não deixem de conhecer!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Tradição em informática!
joram
joram
Administrador
Administrador

Mensagens : 4160
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

ajuda remover 123rede com adwcleaner Empty Re: ajuda remover 123rede com adwcleaner

Mensagem por raphaelmonteirodell Qui 01 Out 2015, 17:06


Zoek.exe v5.0.0.1 Updated 30-09-2015
Tool run by jerson on 01/10/2015 at 16:58:54,27.
Microsoft Windows 8.1 Single Language 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\jerson\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2015-10-01-162000.log 25755 bytes

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\NetTcpHandler]
[HKEY_USERS\S-1-5-21-1119460738-191548075-3182123001-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\TypedPaths]
"url2"=-
[HKEY_USERS\S-1-5-21-1119460738-191548075-3182123001-1001\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\{8AB71AC2-7FE8-4381-AB79-9E5529650871}Machine\Software\Policies\Google\Chrome]
"HomepageLocation"=-
[HKEY_USERS\S-1-5-21-1119460738-191548075-3182123001-1001\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\{8AB71AC2-7FE8-4381-AB79-9E5529650871}Machine\Software\Policies\Google\Chrome\RestoreOnStartupURLs]
"1"=-

==== Chromium Look ======================

Google Chrome Version: 45.0.2454.101

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
kfecnpmgnlnbmipaogfhoacoioifjgko - No path found[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
kfecnpmgnlnbmipaogfhoacoioifjgko - No path found[]

Google Slides - jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Docs Offline - jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Web Protector - Reliable Phishing Protection - jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfecnpmgnlnbmipaogfhoacoioifjgko
Chrome Hotword Shared Module - jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Chrome Web Store Payments - jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - jerson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Slides - jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Web Protector - Reliable Phishing Protection - jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kfecnpmgnlnbmipaogfhoacoioifjgko
Chrome Hotword Shared Module - jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Chrome Web Store Payments - jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - jerson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=9 folders=1 78527 bytes)

==== EOF on 01/10/2015 at 17:04:24,30 ======================
raphaelmonteirodell
raphaelmonteirodell
Iniciante
Iniciante

Mensagens : 10
Reputação : 2
Data de inscrição : 24/09/2015

Ir para o topo Ir para baixo

ajuda remover 123rede com adwcleaner Empty Re: ajuda remover 123rede com adwcleaner

Mensagem por joram Qui 01 Out 2015, 17:43

/!\ Boa Tarde! raphaelmonteirodell /!\

> Bom trabalho!   ajuda remover 123rede com adwcleaner 648673379
> Os logs não mostram mais a presença do hijacker. ( 123rede.com )
>
> Vá em "Personalizar e controlar o Google Chrome" >> Configurações.
> Estando em Configurações,acesse "Pesquisar".
> Clique: "Gerenciar mecanismos de pesquisa..."
> Indo em "Configurações padrão de pesquisa",exclua algum mecanismo que seja malicioso.
> Torne Padrão àquele que lhe agradar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> O banner mostra a Ask,mas no seu caso é o 123rede.com.
> Verifique se não existe algum mecanismo malicioso,à ser removido,indo em "Outros mecanismos de pesquisa".
> Clique Concluido ao terminar!
> Informe!

A+

_________________
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> O que há de melhor,para desinfectar seu computador!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Não deixem de conhecer!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Tradição em informática!
joram
joram
Administrador
Administrador

Mensagens : 4160
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

ajuda remover 123rede com adwcleaner Empty Re: ajuda remover 123rede com adwcleaner

Mensagem por raphaelmonteirodell Qui 01 Out 2015, 18:47

valeu pela atenção.
abs
raphaelmonteirodell
raphaelmonteirodell
Iniciante
Iniciante

Mensagens : 10
Reputação : 2
Data de inscrição : 24/09/2015

Ir para o topo Ir para baixo

ajuda remover 123rede com adwcleaner Empty Re: ajuda remover 123rede com adwcleaner

Mensagem por joram Qui 01 Out 2015, 19:59

resol

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

< [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > << Link!

> Leiam as várias dicas que estão contidas na Cartilha de Segurança e fiquem livres de infecções!

< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > << Link!

> Instalem este complemento ao [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] ou [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e naveguem tranquilamente!

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

> Para bloquear conteúdos de propagandas no YouTube,utilizem o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].

< [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > << Link!

> Instalem este complemento ao [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e naveguem tranquilamente!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Para bloqueios pontuais,onde uma lista negra pode ser construída,utilizem o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].

unchecky

> Previnam-se da instalação de PUPs com o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]. << Link!

> Utilizem o SpywareBlaster para proteger o Internet Explorer de [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e scripts maliciosos.
> Podem reparar,que proteções adicionais são oferecidas ao Mozilla Firefox e Google Chrome.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> Salve-o em Arquivos de programas.
> Após instalar o SB,vá em "Protection Status" >> Clique em "Enable All Protection"
> Atualize o SB,clicando em "Updates" >> "Check for Updates" >> Aguarde!
> Terminando,clique novamente em "Enable All Protection".
> Ps: À cada 10 dias,busque atualizar seu banco de definições.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Outra boa solução para exploits,seria a instalação do  [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] << Cuidado! Pode conflitar com plugins bancários!

> Mantenham o Hosts e Internet Explorer protegidos,com o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> O WinPatrol ao detectar solicitações de mudanças ao Hosts,lhes darão as opções de aceitarem ou rejeitarem as alterações.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Para o download,cliquem: "Download WinPatrolToGo 2014"

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Bloqueiem conteúdos adulto,com o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] que irá alternar seus DNS.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Desinfecte seus pendrives,com o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].
> Ao executar,cliquem OK na e mensagem!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Mantenham o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e [Tens de ter uma conta e sessão iniciada para poderes visualizar este link],atualizados!
> Para o Java,executem sua instalação off-line. ( Windows Off-line )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Ps: Durante sua instalação,desmarquem as caixas de instalação da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] 

> Mantenham seus computadores atualizados,visitando regularmente o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].

resol

> Necessitando nova verificação para este computador,basta abrir "Novo Tópico" e relatar o problema.

resol

_________________
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> O que há de melhor,para desinfectar seu computador!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Não deixem de conhecer!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Tradição em informática!
joram
joram
Administrador
Administrador

Mensagens : 4160
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

ajuda remover 123rede com adwcleaner Empty Re: ajuda remover 123rede com adwcleaner

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Ir para o topo Ir para baixo

Ir para o topo


 
Permissões neste sub-fórum
Não podes responder a tópicos