Fórum PC Brasil
Gostaria de reagir a esta mensagem? Crie uma conta em poucos cliques ou inicie sessão para continuar.

Implementa recursos de segurança e limpeza ao computador!

Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking reddit      

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14810 usuários registrados
O último membro registrado é Josevinil

Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Últimos assuntos
» Problema no disco rígido do Windows 11
por joram Seg 01 Abr 2024, 06:35

Quem está conectado?
8 usuários online :: 0 registrados, 0 invisíveis e 8 visitantes :: 1 motor de busca

Nenhum

O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
 
 

Resultados por:
 

Rechercher Pesquisa avançada

Top dos mais postadores
Power Max
Remover QOne8? Vote_lcapRemover QOne8? Voting_barRemover QOne8? Vote_rcap 
joram
Remover QOne8? Vote_lcapRemover QOne8? Voting_barRemover QOne8? Vote_rcap 
Wings [In Memoriam]
Remover QOne8? Vote_lcapRemover QOne8? Voting_barRemover QOne8? Vote_rcap 
caedurodrigues
Remover QOne8? Vote_lcapRemover QOne8? Voting_barRemover QOne8? Vote_rcap 
Amigo Brasileiro
Remover QOne8? Vote_lcapRemover QOne8? Voting_barRemover QOne8? Vote_rcap 
luizvilarinho
Remover QOne8? Vote_lcapRemover QOne8? Voting_barRemover QOne8? Vote_rcap 
Danii
Remover QOne8? Vote_lcapRemover QOne8? Voting_barRemover QOne8? Vote_rcap 
Admin
Remover QOne8? Vote_lcapRemover QOne8? Voting_barRemover QOne8? Vote_rcap 
Danilo Marsaro
Remover QOne8? Vote_lcapRemover QOne8? Voting_barRemover QOne8? Vote_rcap 
Andreata
Remover QOne8? Vote_lcapRemover QOne8? Voting_barRemover QOne8? Vote_rcap 

abril 2024
SegTerQuaQuiSexSábDom
1234567
891011121314
15161718192021
22232425262728
2930     

Calendário Calendário

Palavras-chaves

SISPNCD  notebook  placa  windows  áudio  SOFTWARE  desinstalar  2013  pessoas  player  game  flash  excluir  teclado  video  deletar  popup  instalação  vídeos  impressora  mcafee  virus  2025  PARA  2015  adobe  


Remover QOne8?

2 participantes

Fórum PC Brasil :: Segurança da Informação :: Casos Resolvidos

Ir para baixo

Remover QOne8? Empty Remover QOne8?

Mensagem por MauricioPF Qui 26 Set 2013, 15:03

Ha dias apelei a este site para combater o famigerado "Confidence". Recebi instruções e consegui remove-lo com sucesso; agora surgiu um tal de "QOne8" (site de busca) e não consegui remove-lo de meu PC. Como proceder neste novo caso?
avatar
MauricioPF
Iniciante
Iniciante

Mensagens : 20
Reputação : 0
Data de inscrição : 14/08/2013

Ir para o topo Ir para baixo

Remover QOne8? Empty Re: Remover QOne8?

Mensagem por Amigo Brasileiro Qui 26 Set 2013, 15:08

Remover QOne8? 648673379 Olá Maurício!

Remover QOne8? 772309 Poste aqui no seu tópico um log do programa Hijackthis conforme é mostrado neste endereço:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Amigo Brasileiro
Amigo Brasileiro
Membro Pleno
Membro Pleno

Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008

Ir para o topo Ir para baixo

Remover QOne8? Empty Re: Remover QOne8?

Mensagem por MauricioPF Sex 27 Set 2013, 08:52

Segue o Log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 08:43:54, on 27/09/2013
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\USB Disk Security\USBGuard.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Users\Cliente\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_8_800_175_ActiveX.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\HijackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UsProvider Class - {539F76FD-084E-4858-86D5-62F02F54AE86} - C:\Program Files\Minibar\Minibar.dll (file missing)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: CrossriderApp0031257 - {11111111-1111-1111-1111-110311121157} - C:\Program Files\Plus-HD-1.3\Plus-HD-1.3-bho.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Wajam IE BHO - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files\Wajam\IE\priam_bho.dll (file missing)
O2 - BHO: MinibarBHO - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files\Minibar\Minibar.dll (file missing)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\Update\realsched.exe" -osboot
O4 - HKCU\..\Run: [SkyDrive] "C:\Users\Cliente\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
O4 - HKCU\..\Run: [SDP] C:\Users\Cliente\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Baixar com Mipony - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\MiPony\Browser\IEContext.htm
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Search - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - C:\Program Files\Minibar\Minibar.dll (file missing)
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - HP - C:\Windows\system32\HPSIsvc.exe
O23 - Service: mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit (mi-raysat_3dsmax2010_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: WajamUpdater - Unknown owner - C:\Program Files\Wajam\Updater\WajamUpdater.exe (file missing)
O23 - Service: Wsys Service (WsysSvc) - Unknown owner - C:\ProgramData\eSafe\eGdpSvc.exe (file missing)

--
End of file - 9764 bytes
avatar
MauricioPF
Iniciante
Iniciante

Mensagens : 20
Reputação : 0
Data de inscrição : 14/08/2013

Ir para o topo Ir para baixo

Remover QOne8? Empty Re: Remover QOne8?

Mensagem por Amigo Brasileiro Sex 27 Set 2013, 08:55

Remover QOne8? 772309 Siga, por gentileza, as dicas dos tutoriais abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste, por gentileza, o log do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt, o log do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt e um novo log do Hijackthis e nos diga como está seu PC depois destes procedimentos.

Ficamos na espera.


Última edição por Alberto Nunes em Dom 06 Out 2013, 10:01, editado 1 vez(es)
Amigo Brasileiro
Amigo Brasileiro
Membro Pleno
Membro Pleno

Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008

Ir para o topo Ir para baixo

Remover QOne8? Empty Re: Remover QOne8?

Mensagem por MauricioPF Sex 27 Set 2013, 09:12

# AdwCleaner v3.005 - Relatório criado 27/09/2013 às 09:08:55
# Atualizado 22/09/2013 por Xplode
# Sistema Operacional : Windows 7 Ultimate  (32 bits)
# Usuário : Cliente - CLIENTE-PC
# Executando de : C:\Users\Cliente\Downloads\ANTI_VIRUS\adwcleaner.exe
# Opção : Examinar

***** [ Serviços ] *****

Serviço Encontrado : WajamUpdater
Serviço Encontrado : WsysSvc

***** [ Arquivos / Pastas ] *****

Pasta Encontrado : C:\Users\Cliente\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Pasta Encontrado : C:\Users\Cliente\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Pasta Encontrado : C:\Users\Cliente\AppData\Roaming\Mozilla\Firefox\Profiles\fshvta0w.default\Extensions\{97A78363-B868-4B48-AC91-A783A31215AF}
Pasta Encontrado C:\Program Files\SafeSaver
Pasta Encontrado C:\ProgramData\StarApp
Pasta Encontrado C:\Users\Cliente\AppData\Local\Temp\eIntaller
Pasta Encontrado C:\Users\Cliente\AppData\Local\Temp\Smartbar

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Encontrada : HKCU\Software\lollipop
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311121157}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311121157}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Chave Encontrada : HKCU\Software\Minibar
Chave Encontrada : HKCU\Software\SmartbarLog
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311121157}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{539F76FD-084E-4858-86D5-62F02F54AE86}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0031257.BHO
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0031257.BHO.1
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0031257.Sandbox
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0031257.Sandbox.1
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Chave Encontrada : HKLM\SOFTWARE\Classes\speedupmypc
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{F13D3582-1359-4F8F-9A48-EF3AE9F5701C}
Chave Encontrada : HKLM\Software\delta-homesSoftware
Chave Encontrada : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Chave Encontrada : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Chave Encontrada : HKLM\SOFTWARE\Google\Chrome\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311121157}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_8e303e95
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_b0285714
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Chave Encontrada : HKLM\Software\Minibar
Chave Encontrada : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Chave Encontrada : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Dados Encontrada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command [(Default)] - "C:\Program Files\Google\Chrome\Application\chrome.exe" [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Dados Encontrada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - "C:\Program Files\Internet Explorer\iexplore.exe" [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Valor Encontrada : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{539F76FD-084E-4858-86D5-62F02F54AE86}]
Valor Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SDP]
Valor Encontrada : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
Valor Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [ Navegadores ] *****

-\\ Internet Explorer v8.0.7600.16385

Configurações Encontrado : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Configurações Encontrado : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Configurações Encontrado : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Configurações Encontrado : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Configurações Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Configurações Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Configurações Encontrado : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

-\\ Mozilla Firefox v20.0 (pt-BR)

[ Arquivo : C:\Users\Cliente\AppData\Roaming\Mozilla\Firefox\Profiles\fshvta0w.default\prefs.js ]


-\\ Google Chrome v29.0.1547.76

[ Arquivo : C:\Users\Cliente\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Encontrada : homepage

*************************

AdwCleaner[R0].txt - [10329 octets] - [27/09/2013 09:08:55]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [10390 octets] ##########
avatar
MauricioPF
Iniciante
Iniciante

Mensagens : 20
Reputação : 0
Data de inscrição : 14/08/2013

Ir para o topo Ir para baixo

Remover QOne8? Empty Re: Remover QOne8?

Mensagem por Amigo Brasileiro Sex 27 Set 2013, 09:19

Remover QOne8? 772309 Você postou o arquivo AdwCleaner[R0].txt, mas o que precisamos é deste: C:\AdwCleaner\AdwCleaner[S0].txt

Poste também um novo log do Hijackthis e o log do Junkware. Ficamos na espera.
Amigo Brasileiro
Amigo Brasileiro
Membro Pleno
Membro Pleno

Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008

Ir para o topo Ir para baixo

Remover QOne8? Empty Re: Remover QOne8?

Mensagem por MauricioPF Sex 27 Set 2013, 09:21

Apos a Limpesa do CCleaner:
# AdwCleaner v3.005 - Relatório criado 27/09/2013 às 09:15:36
# Atualizado 22/09/2013 por Xplode
# Sistema Operacional : Windows 7 Ultimate  (32 bits)
# Usuário : Cliente - CLIENTE-PC
# Executando de : C:\Users\Cliente\Downloads\ANTI_VIRUS\adwcleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

[#] Serviço Deletada : WajamUpdater
[#] Serviço Deletada : WsysSvc

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\StarApp
Pasta Deletada : C:\Program Files\SafeSaver
Pasta Deletada : C:\Users\Cliente\AppData\Local\Temp\eIntaller
Pasta Deletada : C:\Users\Cliente\AppData\Local\Temp\Smartbar
Pasta Deletada : C:\Users\Cliente\AppData\Roaming\Mozilla\Firefox\Profiles\fshvta0w.default\Extensions\{97A78363-B868-4B48-AC91-A783A31215AF}
Pasta Deletada : C:\Users\Cliente\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Pasta Deletada : C:\Users\Cliente\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo

***** [ Atalhos ] *****


***** [ Registro ] *****

Valor Deletedo : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SDP]
Chave Deletedo : HKLM\SOFTWARE\Classes\speedupmypc
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_8e303e95
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_b0285714
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0031257.BHO
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0031257.BHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0031257.Sandbox
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0031257.Sandbox.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{539F76FD-084E-4858-86D5-62F02F54AE86}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311121157}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{F13D3582-1359-4F8F-9A48-EF3AE9F5701C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311121157}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311121157}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311121157}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{539F76FD-084E-4858-86D5-62F02F54AE86}]
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Chave Deletedo : HKCU\Software\lollipop
Chave Deletedo : HKCU\Software\Minibar
Chave Deletedo : HKCU\Software\SmartbarLog
Chave Deletedo : HKLM\Software\delta-homesSoftware
Chave Deletedo : HKLM\Software\Minibar
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam

***** [ Navegadores ] *****

-\\ Internet Explorer v8.0.7600.16385

Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v20.0 (pt-BR)

[ Arquivo : C:\Users\Cliente\AppData\Roaming\Mozilla\Firefox\Profiles\fshvta0w.default\prefs.js ]


-\\ Google Chrome v29.0.1547.76

[ Arquivo : C:\Users\Cliente\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo : homepage

*************************

AdwCleaner[R0].txt - [10471 octets] - [27/09/2013 09:08:55]
AdwCleaner[S0].txt - [8628 octets] - [27/09/2013 09:15:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8688 octets] ##########
avatar
MauricioPF
Iniciante
Iniciante

Mensagens : 20
Reputação : 0
Data de inscrição : 14/08/2013

Ir para o topo Ir para baixo

Remover QOne8? Empty Re: Remover QOne8?

Mensagem por Amigo Brasileiro Sex 27 Set 2013, 09:28

Remover QOne8? 648673379 Vários problemas foram removidos pelo Adwcleaner. Falta só os outros dois logs.
Amigo Brasileiro
Amigo Brasileiro
Membro Pleno
Membro Pleno

Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008

Ir para o topo Ir para baixo

Remover QOne8? Empty (Resolvido) REMOVER QONE8

Mensagem por MauricioPF Sex 27 Set 2013, 09:39

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.3 (09.27.2013:1)
OS: Windows 7 Ultimate x86
Ran by Cliente on 27/09/2013 at  9:33:00,69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\plus-hd-1.3
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322122257}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355125557}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366126657}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440344124457}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355125557}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366126657}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440344124457}



~~~ Files

Successfully deleted: [File] "C:\Users\Cliente\appdata\locallow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com"



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files\saveshare"
Successfully deleted: [Folder] "C:\Users\Cliente\music\qtrax media library"



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Cliente\AppData\Roaming\mozilla\firefox\profiles\fshvta0w.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com
Successfully deleted: [Folder] C:\Users\Cliente\AppData\Roaming\mozilla\firefox\profiles\fshvta0w.default\extensions\staged



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Cliente\appdata\local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Successfully deleted: [Folder] C:\Users\Cliente\appdata\local\Google\Chrome\User Data\Default\Extensions\mpcknfcdcgpffjddjeceioobdelceffo



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27/09/2013 at  9:36:09,91
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
avatar
MauricioPF
Iniciante
Iniciante

Mensagens : 20
Reputação : 0
Data de inscrição : 14/08/2013

Ir para o topo Ir para baixo

Remover QOne8? Empty Re: Remover QOne8?

Mensagem por Amigo Brasileiro Sex 27 Set 2013, 09:40

isso aí! Mais problemas foram removidos pelo Junkware. Poste um novo log do Hijackthis.
Amigo Brasileiro
Amigo Brasileiro
Membro Pleno
Membro Pleno

Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008

Ir para o topo Ir para baixo

Remover QOne8? Empty (Resolvido) REMOVER QONE8

Mensagem por MauricioPF Sex 27 Set 2013, 09:44

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:41:09, on 27/09/2013
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\USB Disk Security\USBGuard.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Users\Cliente\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\explorer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Cliente\Downloads\ANTI_VIRUS\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\Update\realsched.exe" -osboot
O4 - HKCU\..\Run: [SkyDrive] "C:\Users\Cliente\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Baixar com Mipony - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\MiPony\Browser\IEContext.htm
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - HP - C:\Windows\system32\HPSIsvc.exe
O23 - Service: mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit (mi-raysat_3dsmax2010_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 7630 bytes
avatar
MauricioPF
Iniciante
Iniciante

Mensagens : 20
Reputação : 0
Data de inscrição : 14/08/2013

Ir para o topo Ir para baixo

Remover QOne8? Empty REMOVER QONE8

Mensagem por MauricioPF Sex 27 Set 2013, 09:48

Fiz os procedimentos acima, mas o QOne8 ainda continua ativo.
avatar
MauricioPF
Iniciante
Iniciante

Mensagens : 20
Reputação : 0
Data de inscrição : 14/08/2013

Ir para o topo Ir para baixo

Remover QOne8? Empty Re: Remover QOne8?

Mensagem por Amigo Brasileiro Sex 27 Set 2013, 09:52

Remover QOne8? 772309 Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Smeenk) e salve-o no Desktop (Área de Trabalho) 

*Mantenha-se conectado com a Internet 

*Clique com o botão direito do mouse no Zoek e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Cole as linhas em marrom no espaço 

autoclean; 
emptyalltemp;
emptyclsid;
hijackthis; 

*Feche o seu navegador e clique [Run Script] 

*Durante o scan a mensagem abaixo será apresentada. Aguarde o término...pode demorar! 

Zoek.exe is running now. 
Do not start any browser windows, they will be closed automatically. 
Please wait! This window will close when finished. 
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
 
*Caso a reinicialização do PC seja solicitada, clique [OK] 

*Clique [Selecionar arquivo...], localize o relatório C:\zoek-results.txt e clique [Abrir] 

* Copie e cole o log gerado pelo Zoek aqui no seu tópico.


Última edição por Alberto Nunes em Dom 06 Out 2013, 10:01, editado 1 vez(es)
Amigo Brasileiro
Amigo Brasileiro
Membro Pleno
Membro Pleno

Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008

Ir para o topo Ir para baixo

Remover QOne8? Empty Re: Remover QOne8?

Mensagem por MauricioPF Sex 27 Set 2013, 11:04

Eta!!! Vocês são Porreta!!! O famigerado já era...
Após a ultima instrução meu PC voltou ao normal. Quanto lhes devo pelo trabalho?
Vai em seguida o último Log realizado.
Abrçs
Mauricio

Zoek.exe Version 4.0.0.4 Updated 27-September-2013
Tool run by Cliente on 27/09/2013 at 10:44:12,18.
Microsoft Windows 7 Ultimate  6.1.7600  x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Cliente\Downloads\ANTI_VIRUS\zoek.exe [Script inserted]

==== System Restore Info ======================

27/09/2013 10:47:48 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2566201088-3224163121-2368585414-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} deleted successfully
HKEY_USERS\S-1-5-21-2566201088-3224163121-2368585414-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110311201102} deleted successfully
HKEY_USERS\S-1-5-21-2566201088-3224163121-2368585414-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} deleted successfully
HKEY_USERS\S-1-5-21-2566201088-3224163121-2368585414-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110311121157} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\Cliente\AppData\Roaming\Mozilla\Firefox\Profiles\fshvta0w.default

user.js not found
---- Lines browser.startup.page removed from prefs.js ----

user_pref("browser.startup.page", 3);

---- Lines browser.startup.page modified from prefs.js ----


---- FireFox user.js and prefs.js backups ----

prefs_092013_1053_.backup

==== Deleting Files \ Folders ======================

"C:\Users\Cliente\dos2usb.tmp" deleted
"C:\Users\Cliente\FINANC.BAT" deleted
"C:\Users\Cliente\MBONITA.BAT" deleted
"C:\Users\Cliente\VAI.BAT" deleted
"C:\Users\Cliente\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx" deleted
"C:\Program Files\Plus-HD-1.3" deleted
"C:\ProgramData\InstallMate" deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\Cliente\AppData\Roaming\Mozilla\Firefox\Profiles\fshvta0w.default
- avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
- seaufee Saevvee - %ProfilePath%\extensions\cin4d@gaiychnhtn.org
- FoodBuzz - %ProfilePath%\extensions\{2326C1C3-3E92-49da-A3FB-CB8AD8AD8F25}
- QuickShare Widget - %ProfilePath%\extensions\{9d1ac570-0e17-66ed-a5c3-24c083267c84}

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Cliente\AppData\Roaming\Mozilla\Firefox\Profiles\fshvta0w.default
E5AF72B7353FF8D431A7C463A4229524 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll - Shockwave Flash
CBDE2904A45444DE87A4B85D32FA8E4C - C:\Users\Cliente\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll - Módulo de Proteção - Caixa Economica Federal
101700E93EB905992B518256CB441829 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll - Google Update
7550FC1ADE982582D5920BEA6430E3D4 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
ABCB4A6EAB701C629378255ABCB308E5 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U25
D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17
570A48F975661221A126FCFE3B38B7E1 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
B1BB8EDC9D83D8096EE873F04CEE600C - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
9013599B12923A45C029C34E8D2211AC - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll - Silverlight Plug-In
BF2AD333C79072EEBE5AE0D72670E64E - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrlui.dll - Microsoft® Silverlight
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System


==== Deleting Files \ Folders ======================

"C:\Users\Cliente\AppData\Roaming\Mozilla\Firefox\Profiles\fshvta0w.default\extensions\{9d1ac570-0e17-66ed-a5c3-24c083267c84}" deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14/08/2013 15:24]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
nnjbodopomfddehlalfilheomcahbpei - C:\Users\Cliente\AppData\Local\GAS Tecnologia\GBBD\cef\sf.crx[02/09/2013 17:11]

Estad\u00E3o - Cliente - Default\Extensions\cgellgdbeldoenodfccpcnklegfclikd
EXAME.com para Chrome - Cliente - Default\Extensions\gjeomhheecfjcmhkncjhoedhchbahmpg
Open PayPal - Cliente - Default\Extensions\glghgmejmmepalcnengjekjfmfbailbl
Plus-HD-1.3 - Cliente - Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl
RealDownloader - Cliente - Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
SkyDrive - Cliente - Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk
Chrome In-App Payments service - Cliente - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
GBBD Caixa Economica Federal - Cliente - Default\Extensions\nnjbodopomfddehlalfilheomcahbpei

==== Chrome Fix ======================

C:\Users\Cliente\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage deleted successfully
C:\Users\Cliente\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage-journal deleted successfully
C:\Users\Cliente\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl deleted successfully
C:\Users\Cliente\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hhlmghjmomaoodfgjeikphfdljhpcpkl_0.localstorage deleted successfully
C:\Users\Cliente\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hhlmghjmomaoodfgjeikphfdljhpcpkl_0.localstorage-journal deleted successfully
C:\Users\Cliente\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_hhlmghjmomaoodfgjeikphfdljhpcpkl_0 deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://start.qone8.com/?type=hp&ts=1380131565&from=tugs&uid=SAMSUNGXHD322HJ_S1RLJ50S970437"
"Search Bar"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://start.qone8.com/newtab/?type=nt&ts=1380131565&from=tugs&uid=SAMSUNGXHD322HJ_S1RLJ50S970437"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="http://www.google.com"
"SearchAssistant"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com"
"SearchAssistant"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.msn.com/"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== shortcuts on Users Desktops ======================

C:\Users\Cliente\Desktop\Atube.lnk - C:\Users\Cliente\Videos
C:\Users\Cliente\Desktop\avast Free Antivirus.lnk -  
C:\Users\Cliente\Desktop\Downloads.lnk - C:\Users\Cliente\Downloads
C:\Users\Cliente\Desktop\Financ.lnk - C:\FONTES CLIPPER\FINANC DISVAL\EXECUTA.bat
C:\Users\Cliente\Desktop\SkyDrive.lnk - C:\Users\Cliente\SkyDrive
C:\Users\Cliente\Desktop\IMEDIATO\CNC_TORNO\Projeto Router\Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe
C:\Users\Cliente\Desktop\IMEDIATO\PACOTE_ELETRONICO\UTILITARIOS\INTALL_PIC_CCS\PIC C Compiler.lnk - C:\Program Files\PICC\Pcw.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\DOS2USB.lnk - C:\Program Files\DOS2USB\DOS2USB.exe
C:\Users\Public\Desktop\RealPlayer.lnk - C:\Program Files\Real\RealPlayer\realplay.exe /launch:desktop

==== shortcuts in Users Start Menu ======================

C:\Users\Cliente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\Cliente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk - C:\Users\Cliente\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Users\Cliente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\Cliente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE /tsr
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk - C:\Program Files\Microsoft SkyDrive\SkyDriveSetup.exe
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk - C:\Program Files\Microsoft SkyDrive\SkyDriveSetup.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk - C:\Program Files\Microsoft SkyDrive\SkyDriveSetup.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealDownloader.lnk - C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Converter.lnk - C:\Program Files\Real\RealPlayer\realconverter.exe /launch:start_menu
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Trimmer.lnk - C:\Program Files\Real\RealPlayer\realtrimmer.exe /launch:start_menu
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer.lnk - C:\Program Files\Real\RealPlayer\realplay.exe /launch:start_menu

==== shortcuts in Quick Launch ======================

C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk - C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8  
C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\ Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe
C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\HijackThis.lnk - C:\Program Files\HijackThis\HiJackThis.exe
C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Macromedia Dreamweaver MX.lnk - C:\Program Files\Macromedia\Dreamweaver MX\Dreamweaver.exe
C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Nero StartSmart Essentials.lnk - C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8  
C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\PIC C Compiler.lnk - C:\Program Files\PICC\Pcw.exe
C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Windows Fax and Scan.lnk - C:\Windows\system32\WFS.exe
C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\arduino.lnk - C:\arduino-1.0.5\arduino.exe
C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\aTube Catcher.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AutoCAD 2007.lnk - C:\Program Files\AutoCAD 2007\acad.exe
C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Autodesk 3ds Max 2010 32-bit.lnk - C:\Program Files\Autodesk\3ds Max 2010\3dsmax.exe
C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Calculator.lnk - C:\Windows\system32\calc.exe
C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\ISIS 7 Professional.lnk - C:\Program Files\Labcenter Electronics\Proteus 7 Professional\BIN\ISIS.EXE
C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Macromedia Dreamweaver MX.lnk - C:\Program Files\Macromedia\Dreamweaver MX\Dreamweaver.exe
C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Macromedia Fireworks MX.lnk - C:\Program Files\Macromedia\Fireworks MX\Fireworks.exe
C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Excel 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe
C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft SkyDrive.lnk - C:\Users\Cliente\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Word 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Notepad.lnk - C:\Windows\system32\notepad.exe
C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Paint.lnk - C:\Windows\system32\mspaint.exe
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

==== shortcuts After Repair ======================

C:\Users\Cliente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Cliente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\Update\realsched.exe" -osboot
O4 - HKCU\..\Run: [SkyDrive] "C:\Users\Cliente\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Baixar com Mipony - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files\MiPony\Browser\IEContext.htm
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - HP - C:\Windows\system32\HPSIsvc.exe
O23 - Service: mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit (mi-raysat_3dsmax2010_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

==== Empty IE Cache ======================

C:\Users\Cliente\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Cliente\AppData\Local\temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Cliente\AppData\Local\temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Cliente\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Cliente\AppData\Local\Mozilla\Firefox\Profiles\fshvta0w.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Cliente\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Cliente\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Cliente\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on 27/09/2013 at 10:56:16,56 ======================
avatar
MauricioPF
Iniciante
Iniciante

Mensagens : 20
Reputação : 0
Data de inscrição : 14/08/2013

Ir para o topo Ir para baixo

Remover QOne8? Empty Re: Remover QOne8?

Mensagem por Amigo Brasileiro Sex 27 Set 2013, 11:31

Smile Mais problemas foram removidos pelo Zoek.
___________________

Remover QOne8? 772309 Siga, por gentileza, as dicas deste tutorial para fazer uma limpeza de seu PC com o Malwarebytes:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Na sua próxima resposta poste este log do Malwarebytes e nos diga como está o seu PC após este procedimento.

Ficamos no aguardo.
Amigo Brasileiro
Amigo Brasileiro
Membro Pleno
Membro Pleno

Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008

Ir para o topo Ir para baixo

Remover QOne8? Empty Re: Remover QOne8?

Mensagem por MauricioPF Sex 27 Set 2013, 16:53

Malwarebytes Anti-Malware 1.75.0.1300
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Versão da Base de Dados:  v2013.09.27.06

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Cliente :: CLIENTE-PC [administrador]

27/09/2013 15:52:12
MBAM-log-2013-09-27 (16-48-47).txt

Tipo de Verificação:  Verificação Completa  (C:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos  | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados:  427138
Tempo decorrido: 53 minuto(s), 29 segundo(s)

Processos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Chaves de Registro Detectadas: 2
HKCR\CLSID\{60EACC1A-33FA-443D-9846-17B28E2C9BDB} (PUP.Optional.MiniBar.A) -> Nenhuma ação foi feita.
HKLM\SOFTWARE\Plus-HD-1.3 (PUP.Optional.PlusHD.A) -> Nenhuma ação foi feita.

Valores de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Pastas Detectadas: 0
(Não foram detectados ítens maliciosos)

Arquivos Detectados: 5
C:\Users\Cliente\Downloads\realplayer.exe (PUP.Optional.BundleInstaller.A) -> Nenhuma ação foi feita.
C:\Users\Cliente\Downloads\ANTI_VIRUS\junkware-removal-tool-602-32-bits.exe (PUP.Optional.InstallCore.A) -> Nenhuma ação foi feita.
C:\Users\Cliente\Local Settings\Application Data\Bundled software uninstaller\biclient.exe (PUP.Optional.Somoto.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Users\Cliente\AppData\Local\Temp\eIntaller\3F8C9C7A9FB14872A59BD8553608D168\eGdpSvc.exe.vir (PUP.Optional.DProtect.A) -> Nenhuma ação foi feita.
C:\AdwCleaner\Quarantine\C\Users\Cliente\AppData\Local\Temp\eIntaller\3F8C9C7A9FB14872A59BD8553608D168\eXQ.exe.vir (PUP.Optional.DProtect.A) -> Nenhuma ação foi feita.

(fim)


Meu PC está normalíssimo!!! Tudo voltou ao normal. Quanto lhes devo pelo serviço prestado?
avatar
MauricioPF
Iniciante
Iniciante

Mensagens : 20
Reputação : 0
Data de inscrição : 14/08/2013

Ir para o topo Ir para baixo

Remover QOne8? Empty Re: Remover QOne8?

Mensagem por Amigo Brasileiro Sex 27 Set 2013, 16:58

Meu PC está normalíssimo!!! Tudo voltou ao normal. Quanto lhes devo pelo serviço prestado?
isso aí! Ficamos felizes que seu PC ficou bom e não nos deve nada, é uma alegria para nós podermos ser úteis.
_____________________

Remover QOne8? 772309 Só que no log do Malwarebytes está constando que nenhuma ação foi feita. No Malwarebytes clique em Remover selecionados > Clique em OK > se ele pedir para reiniciar o PC, aceite a reinicialização. Depois poste o log que ele gerar para vermos se os problemas foram removidos. Ficamos na espera.
Amigo Brasileiro
Amigo Brasileiro
Membro Pleno
Membro Pleno

Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008

Ir para o topo Ir para baixo

Remover QOne8? Empty Re: Remover QOne8?

Mensagem por MauricioPF Sex 27 Set 2013, 21:40

Obrigado por tudo; não sei como agradecer-lhes Quanto ao Malwarebytes fiz a remoção conforme explicado.
Abrçs.
Mauricio
avatar
MauricioPF
Iniciante
Iniciante

Mensagens : 20
Reputação : 0
Data de inscrição : 14/08/2013

Ir para o topo Ir para baixo

Remover QOne8? Empty Re: Remover QOne8?

Mensagem por Amigo Brasileiro Sex 27 Set 2013, 21:55

Ok. Então está tudo certo. Só para finalizar faça o seguinte por gentileza para remover as ferramentas utilizadas na remoção dos adwares e também para criar um ponto de restauração limpo e sem problemas:

Remover QOne8? 772309 Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Xplode) e salve-o no Desktop (Área de Trabalho)

*Execute-o, selecione também a opção Purge system restore e clique [Run].

Conte sempre conosco!
Amigo Brasileiro
Amigo Brasileiro
Membro Pleno
Membro Pleno

Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008

Ir para o topo Ir para baixo

Remover QOne8? Empty Re: Remover QOne8?

Mensagem por Amigo Brasileiro Sex 27 Set 2013, 22:17

Caso Resolvido!

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Amigo Brasileiro
Amigo Brasileiro
Membro Pleno
Membro Pleno

Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008

Ir para o topo Ir para baixo

Remover QOne8? Empty Re: Remover QOne8?

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Ir para o topo Ir para baixo

Ir para o topo

- Tópicos semelhantes

Fórum PC Brasil :: Segurança da Informação :: Casos Resolvidos

 
Permissões neste sub-fórum
Não podes responder a tópicos