Fórum PC Brasil
Gostaria de reagir a esta mensagem? Crie uma conta em poucos cliques ou inicie sessão para continuar.

Implementa recursos de segurança e limpeza ao computador!

Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking reddit      

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14810 usuários registrados
O último membro registrado é Josevinil

Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Últimos assuntos
» Problema no disco rígido do Windows 11
por joram Seg 01 Abr 2024, 06:35

Quem está conectado?
10 usuários online :: 0 registrados, 0 invisíveis e 10 visitantes

Nenhum

O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
 
 

Resultados por:
 

Rechercher Pesquisa avançada

Top dos mais postadores
Power Max
Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Vote_lcapPrograma no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Voting_barPrograma no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Vote_rcap 
joram
Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Vote_lcapPrograma no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Voting_barPrograma no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Vote_rcap 
Wings [In Memoriam]
Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Vote_lcapPrograma no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Voting_barPrograma no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Vote_rcap 
caedurodrigues
Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Vote_lcapPrograma no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Voting_barPrograma no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Vote_rcap 
Amigo Brasileiro
Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Vote_lcapPrograma no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Voting_barPrograma no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Vote_rcap 
luizvilarinho
Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Vote_lcapPrograma no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Voting_barPrograma no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Vote_rcap 
Danii
Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Vote_lcapPrograma no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Voting_barPrograma no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Vote_rcap 
Admin
Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Vote_lcapPrograma no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Voting_barPrograma no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Vote_rcap 
Danilo Marsaro
Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Vote_lcapPrograma no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Voting_barPrograma no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Vote_rcap 
Andreata
Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Vote_lcapPrograma no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Voting_barPrograma no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Vote_rcap 

maio 2024
SegTerQuaQuiSexSábDom
  12345
6789101112
13141516171819
20212223242526
2728293031  

Calendário Calendário

Palavras-chaves

desinstalar  excluir  video  áudio  SOFTWARE  adobe  game  2025  windows  remoção  2015  player  mcafee  deletar  2013  PARA  flash  virus  popup  placa  impressora  SISPNCD  teclado  instalação  notebook  vídeos  


Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las

3 participantes

Fórum PC Brasil :: Segurança da Informação :: Tópicos Arquivados

Ir para baixo

Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Empty Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las

Mensagem por Giuliano T. Gonzales Sáb 14 Dez 2013, 20:46

percebi um ícone que é impossível remove-lo do meu computador que apareceu a alguns dias, o nome dele é websteroids.
depois que ele apareceu começou a aparecer pastas do sistema em meus documentos e em meu desktop seu eu fazer nada e alem disso está como administrador e eu não consigo fazer nada com elas, nem mesmo excluir.
me ajudem por favor. já tentei de todos programas para excluir e atualizar meu pc, mas fica pedindo administrador, sendo que eu nunca criei.
alem disso fica aparecendo alguns problemas na tela, logo quando inicio o computador e em tudo que eu clico fica aparecendo esta pagina: static.icmapp.com.
já não sei mais o que fazer.


Última edição por Giuliano T. Gonzales em Sáb 14 Dez 2013, 21:04, editado 1 vez(es)
Giuliano T. Gonzales
Giuliano T. Gonzales
Iniciante
Iniciante

Mensagens : 8
Reputação : 0
Data de inscrição : 14/12/2013

Ir para o topo Ir para baixo

Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Empty Re: Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las

Mensagem por Power Max Sáb 14 Dez 2013, 20:52

Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las 648673379 Oi Giuliano. Seja bem vindo ao Fórum PC Brasil.

Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las 772309 Faça o download do [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].

*Execute-o e clique no botão Main Menu.

* Na próxima tela que surgirá clique em [Do a system scan and save a logfile].

*Um relatório será apresentado.

*Selecione todo o conteúdo deste relatório, copie (Ctrl+c), volte ao seu tópico e cole (Ctrl+v).

*Finalmente, clique no botão [Enviar].
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Empty Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las

Mensagem por Giuliano T. Gonzales Sáb 14 Dez 2013, 21:12

Marcos Felipe escreveu: Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las 648673379 Oi Giuliano. Seja bem vindo ao Fórum PC Brasil.

Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las 772309 Faça o download do [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].

*Execute-o e clique no botão Main Menu.

* Na próxima tela que surgirá clique em [Do a system scan and save a logfile].

*Um relatório será apresentado.

*Selecione todo o conteúdo deste relatório, copie (Ctrl+c), volte ao seu tópico e cole (Ctrl+v).

*Finalmente, clique no botão [Enviar].

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:02:30, on 14/12/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe
C:\Program Files\Baidu Security\PC Faster\3.7.0.0\PCFaster.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\PixArt\Pac7302\Monitor.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Users\User\AppData\Local\Smartbar\Application\Smartbar.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\TeamViewer\Version8\TeamViewer.exe
C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe
C:\ProgramData\RHelpers\FireFoxHelper\FireFoxHelper.exe
C:\ProgramData\RHelpers\IEHelper\IeHelper.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\ProgramData\Updater\updater.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\User\Desktop\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\8.4\iobitappsToolbarIE.dll
O2 - BHO: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\8.4\iobitappsToolbarIE.dll
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O2 - BHO: CrossriderApp0032000 - {11111111-1111-1111-1111-110311201100} - C:\Program Files\Plus-HD-1.5\Plus-HD-1.5-bho.dll
O2 - BHO: Messenger Plus! Community SmartbarEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing)
O2 - BHO: BHO - {47B614AF-B4CC-485B-B331-BE26F02ED4CC} - C:\Program Files\Internet Explorer\IEAddon.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files\GbPlugin\gbieh.dll
O2 - BHO: KMP Media Toolbar - {daf5b34c-1aa3-4c33-ae24-766a370635d2} - C:\Program Files\kmpmediatoolbar\kmpmediatoolbarX.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Shopping Suggestion. - {e7e8ed77-2fba-4ec6-bc07-65de4de6709f} - mscoree.dll (file missing)
O2 - BHO: PricePeep - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files\PricePeep\pricepeep.dll
O3 - Toolbar: KMP Media Toolbar - {daf5b34c-1aa3-4c33-ae24-766a370635d2} - C:\Program Files\kmpmediatoolbar\kmpmediatoolbarX.dll
O3 - Toolbar: Messenger Plus! Community Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)
O3 - Toolbar: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\8.4\iobitappsToolbarIE.dll
O4 - HKLM\..\Run: [Baidu PC Faster 3.7.0.0] "C:\Program Files\Baidu Security\PC Faster\3.7.0.0\PCFaster.exe" -auto -start
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [BCSSync] "c:\program files\microsoft office\office14\bcssync.exe" /delayservices
O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [GPULoader] "C:\Program Files\VLC Player GPU+\GPULog.exe"
O4 - HKLM\..\Run: [Updater] C:\ProgramData\Updater\Updater.exe
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /auto
O4 - HKCU\..\Run: [Browser Infrastructure Helper] c:\users\user\appdata\local\smartbar\application\smartbar.exe startup
O4 - HKCU\..\Run: [CCleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [Updater] C:\ProgramData\Updater\updater.exe
O4 - HKCU\..\Run: [NextLive] C:\Windows\system32\rundll32.exe "C:\Users\User\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O8 - Extra context menu item: &Enviar para o OneNote - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O17 - HKLM\System\CCS\Services\Tcpip\..\{10753604-0B87-42C8-ADB0-9DC4D6448C32}: NameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CS1\Services\Tcpip\..\{10753604-0B87-42C8-ADB0-9DC4D6448C32}: NameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CS2\Services\Tcpip\..\{10753604-0B87-42C8-ADB0-9DC4D6448C32}: NameServer = 200.204.0.10 200.204.0.138
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:  
O20 - Winlogon Notify:  GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Aplicação do Cash 'n Back (CashNBack Application) - Unknown owner - C:\Program Files\RBM\CashNBack\CashNBack.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Internet Updater (InternetUpdater) - Unknown owner - C:\ProgramData\InternetUpdater\InternetUpdaterService.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Messenger Plus! Service (MsgPlusService) - Yuna Software - C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Baidu PC Faster Service 3.7.0.0 (PCFasterSvc_{PCFaster_3.7.0.0}) - Baidu Inc. - C:\Program Files\Baidu Security\PC Faster\3.7.0.0\PCFasterSvc.exe
O23 - Service: Reimage Real Time Protection (ReimageRealTimeProtection) - Reimage®️ - C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe
O23 - Service: SpeedBit Update (SBUpd) - Speedbit Ltd. - C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Protect your browser's extensions (srvPlgProtect) - Unknown owner - C:\Users\User\AppData\Roaming\okitspace\protect\PluginProtect.exe
O23 - Service: Software Updater (SrvUpdater) - Unknown owner - C:\Program Files\SoftwareUpdater\UpdaterService.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

--
End of file - 14831 bytes
Giuliano T. Gonzales
Giuliano T. Gonzales
Iniciante
Iniciante

Mensagens : 8
Reputação : 0
Data de inscrição : 14/12/2013

Ir para o topo Ir para baixo

Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Empty Re: Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las

Mensagem por Power Max Sáb 14 Dez 2013, 21:22


Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las 772309 Siga, por gentileza, as dicas do tutorial abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste, por gentileza, o log do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt juntamente com um novo log do Hijackthis.

Ficamos na espera.
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Empty Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las

Mensagem por Giuliano T. Gonzales Sáb 14 Dez 2013, 23:07

# AdwCleaner v3.015 - Relatório criado 14/12/2013 às 22:28:39
# Atualizado 10/12/2013 por Xplode
# Sistema Operacional : Windows 7 Ultimate Service Pack 1 (32 bits)
# Usuário : User - GIULIANOTGONZAL
# Executando de : C:\Users\User\Desktop\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

[#] Serviço Deletada : Application Updater
[#] Serviço Deletada : srvPlgProtect
[#] Serviço Deletada : SrvUpdater

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\Ask
Pasta Deletada : C:\ProgramData\Babylon
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\boost_interprocess
Pasta Deletada : C:\ProgramData\Browse2Save
Pasta Deletada : C:\ProgramData\eSafe
Pasta Deletada : C:\ProgramData\SoftSafe
Pasta Deletada : C:\ProgramData\StarApp
Pasta Deletada : C:\ProgramData\Tarma Installer
Pasta Deletada : C:\ProgramData\BRoawsoe2save
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DownTango
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search
Pasta Deletada : C:\Program Files\Application Updater
Pasta Deletada : C:\Program Files\baidu
Pasta Deletada : C:\Program Files\Browser Helper Object
Pasta Deletada : C:\Program Files\DealPly
Pasta Deletada : C:\Program Files\Desk 365
Pasta Deletada : C:\Program Files\EasyLife
Pasta Deletada : C:\Program Files\FindLyrics
Pasta Deletada : C:\Program Files\Gophoto.it
Pasta Deletada : C:\Program Files\GreenTree Applications
Pasta Deletada : C:\Program Files\Iminent
Pasta Deletada : C:\Program Files\IObit Apps Toolbar
Pasta Deletada : C:\Program Files\Mail.Ru
Pasta Deletada : C:\Program Files\MyPC Backup
Pasta Deletada : C:\Program Files\Plus-HD-1.5
Pasta Deletada : C:\Program Files\Protected Search
Pasta Deletada : C:\Program Files\Red Sky
Pasta Deletada : C:\Program Files\SoftwareUpdater
Pasta Deletada : C:\Program Files\TornTV.com
Pasta Deletada : C:\Program Files\WebSearch
Pasta Deletada : C:\Program Files\WinZipper
Pasta Deletada : C:\Program Files\Common Files\337
Pasta Deletada : C:\Program Files\Common Files\DVDVideoSoft\TB
Pasta Deletada : C:\Program Files\Common Files\Spigot
Pasta Deletada : C:\Users\User\AppData\Local\DownTango
Pasta Deletada : C:\Users\User\AppData\Local\iLivid
Pasta Deletada : C:\Users\User\AppData\Local\lollipop
Pasta Deletada : C:\Users\User\AppData\Local\Smartbar
Pasta Deletada : C:\Users\User\AppData\Local\SwvUpdater
Pasta Deletada : C:\Users\User\AppData\Local\thinstall
Pasta Deletada : C:\Users\User\AppData\Local\Temp\Smartbar
Pasta Deletada : C:\Users\User\AppData\LocalLow\Conduit
Pasta Deletada : C:\Users\User\AppData\LocalLow\Funmoods
Pasta Deletada : C:\Users\User\AppData\LocalLow\Mail.Ru
Pasta Deletada : C:\Users\User\AppData\LocalLow\Search Settings
Pasta Deletada : C:\Users\User\AppData\LocalLow\searchresultstb
Pasta Deletada : C:\Users\User\AppData\LocalLow\SimplyTech
Pasta Deletada : C:\Users\User\AppData\LocalLow\Smartbar
Pasta Deletada : C:\Users\User\AppData\Roaming\337
Pasta Deletada : C:\Users\User\AppData\Roaming\Babylon
Pasta Deletada : C:\Users\User\AppData\Roaming\baidu
Pasta Deletada : C:\Users\User\AppData\Roaming\DealPly
Pasta Deletada : C:\Users\User\AppData\Roaming\Desk 365
Pasta Deletada : C:\Users\User\AppData\Roaming\eIntaller
Pasta Deletada : C:\Users\User\AppData\Roaming\eType
Pasta Deletada : C:\Users\User\AppData\Roaming\file scout
Pasta Deletada : C:\Users\User\AppData\Roaming\Funmoods
Pasta Deletada : C:\Users\User\AppData\Roaming\goforfiles
Pasta Deletada : C:\Users\User\AppData\Roaming\NCdownloader
Pasta Deletada : C:\Users\User\AppData\Roaming\okitspace
Pasta Deletada : C:\Users\User\AppData\Roaming\PerformerSoft
Pasta Deletada : C:\Users\User\AppData\Roaming\searchresultstb
Pasta Deletada : C:\Users\User\AppData\Roaming\thinstall
Pasta Deletada : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Pasta Deletada : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Pasta Deletada : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}
Pasta Deletada : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\adsremoval@adsremoval.net
Pasta Deletada : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\oh805wiy.default\Extensions\adsremoval@adsremoval.net
Pasta Deletada : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\ascsurfingprotection@iobit.com
Pasta Deletada : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\staged
Pasta Deletada : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\oh805wiy.default\Extensions\toolbarbutton@browseradditions.com
Pasta Deletada : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\amcnaamhfnpmekghmhckingkdiingmjm
Pasta Deletada : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi
Pasta Deletada : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff
[!] Pasta Deletada : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\amcnaamhfnpmekghmhckingkdiingmjm
Arquivo Deletada : C:\END
Arquivo Deletada : C:\Windows\system32\roboot.exe
Arquivo Deletada : C:\Users\User\AppData\Local\funmoods.crx
Arquivo Deletada : C:\Users\User\AppData\Local\funmoods-speeddial_sf.crx
Arquivo Deletada : C:\Users\User\AppData\Local\mysearchdial_speedial_v9.0.2.crx
Arquivo Deletada : C:\Users\User\AppData\Roaming\speedanalysis.ico
Arquivo Deletada : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
Arquivo Deletada : C:\Users\User\Desktop\iLivid.lnk
Arquivo Deletada : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins\Mysearchdial.xml
Arquivo Deletada : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
Arquivo Deletada : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\oh805wiy.default\user.js
Arquivo Deletada : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Arquivo Deletada : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Arquivo Deletada : C:\Windows\Tasks\AmiUpdXp.job
Arquivo Deletada : C:\Windows\System32\Tasks\AmiUpdXp
Arquivo Deletada : C:\Windows\System32\Tasks\BrowserDefendert
Arquivo Deletada : C:\Windows\System32\Tasks\Dealply
Arquivo Deletada : C:\Windows\System32\Tasks\DealPlyUpdate
Arquivo Deletada : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser
Arquivo Deletada : C:\Windows\Tasks\Funmoods.job
Arquivo Deletada : C:\Windows\System32\Tasks\Funmoods
Arquivo Deletada : C:\Windows\System32\Tasks\GoforFilesUpdate
Arquivo Deletada : C:\Windows\System32\Tasks\Omiga Plus RunAsStdUser
Arquivo Deletada : C:\Windows\System32\Tasks\ProtectedSearch
Arquivo Deletada : C:\Windows\Tasks\Plus-HD-1.5-chromeinstaller.job
Arquivo Deletada : C:\Windows\System32\Tasks\Plus-HD-1.5-chromeinstaller
Arquivo Deletada : C:\Windows\Tasks\Plus-HD-1.5-codedownloader.job
Arquivo Deletada : C:\Windows\System32\Tasks\Plus-HD-1.5-codedownloader
Arquivo Deletada : C:\Windows\Tasks\Plus-HD-1.5-enabler.job
Arquivo Deletada : C:\Windows\System32\Tasks\Plus-HD-1.5-enabler
Arquivo Deletada : C:\Windows\Tasks\Plus-HD-1.5-updater.job
Arquivo Deletada : C:\Windows\System32\Tasks\Plus-HD-1.5-updater

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\jmhhdaimhfblnamlcdijbaakkifakade
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{257F859B-78B2-4EF1-AA58-5D4C98185497}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{257F859B-78B2-4EF1-AA58-5D4C98185497}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0B070C55-C884-4AF8-AE31-1D45BAC877A1}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B070C55-C884-4AF8-AE31-1D45BAC877A1}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{00A484CD-46D9-4648-BE84-C3000B30CFBC}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00A484CD-46D9-4648-BE84-C3000B30CFBC}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23440644-7646-4167-B5FD-28830D900568}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{23440644-7646-4167-B5FD-28830D900568}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B8CBDBB5-9945-432C-B527-30B65114E920}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8CBDBB5-9945-432C-B527-30B65114E920}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4B17C441-98C0-4C66-B6EC-05D925CBD972}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B17C441-98C0-4C66-B6EC-05D925CBD972}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1C70539F-11E8-4AD3-B3F8-B5F6DD3538B8}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C70539F-11E8-4AD3-B3F8-B5F6DD3538B8}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4C1A7D11-C275-4425-8498-5B114A0E936A}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C1A7D11-C275-4425-8498-5B114A0E936A}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5C7A232-EF87-431F-A7DB-3E94DE5A8636}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{637E86C0-6BEB-4035-8D3B-2216A61112C3}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{637E86C0-6BEB-4035-8D3B-2216A61112C3}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C0232C24-9143-496D-BF6D-2BE2D57F452C}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0232C24-9143-496D-BF6D-2BE2D57F452C}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F2B9D6B4-1D6D-4955-86B9-05BB50F10346}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F2B9D6B4-1D6D-4955-86B9-05BB50F10346}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2820860E-ADC2-47EE-9716-B0444F0A44D3}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2820860E-ADC2-47EE-9716-B0444F0A44D3}
Chave Deletedo : HKCU\Software\Classes\Applications\lollipop.exe
Chave Deletedo : HKCU\Software\Classes\iLivid.torrent
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Chave Deletedo : HKLM\SOFTWARE\Classes\*\shell\filescout
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.bho
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Chave Deletedo : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_b0285714
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0032000.BHO
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0032000.BHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0032000.Sandbox
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0032000.Sandbox.1
Chave Deletedo : HKCU\Software\80d9d1b13dba10
Chave Deletedo : HKLM\SOFTWARE\80d9d1b13dba10
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_aviaddxsubs_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_aviaddxsubs_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_instant-buttons_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_instant-buttons_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_msn-2012_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_msn-2012_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_songr_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_songr_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_utorrent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_utorrent_RASMANCS
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Updater]
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311201100}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322202200}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355205500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366206600}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344204400}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311201100}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311201100}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311201100}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9a7f56e2-80ee-4db2-93ed-4db7758e7b1d}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9c5cccf0-e9b8-49d9-96c8-32b5dd81c55f}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c29d2fe9-0a6f-47f7-b226-97d50a2cad7d}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{de8d1fd0-2052-4d38-b839-71cef754bc6a}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5356043-2f53-4632-bc86-f99a3af01798}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{01BD49D7-C76B-4310-8BEB-14D7E5F322C6}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458E-AE16-1C1D8255C28A}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{01BD49D7-C76B-4310-8BEB-14D7E5F322C6}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458E-AE16-1C1D8255C28A}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Chave Deletedo : HKCU\Software\1ClickDownload
Chave Deletedo : HKCU\Software\APN DTX
Chave Deletedo : HKCU\Software\APN PIP
Chave Deletedo : HKCU\Software\BabSolution
Chave Deletedo : HKCU\Software\BI
Chave Deletedo : HKCU\Software\Conduit
Chave Deletedo : HKCU\Software\DataMngr
Chave Deletedo : HKCU\Software\DealPly
Chave Deletedo : HKCU\Software\DownTango
Chave Deletedo : HKCU\Software\filescout
Chave Deletedo : HKCU\Software\Funmoods
Chave Deletedo : HKCU\Software\GoforFiles
Chave Deletedo : HKCU\Software\Headlight
Chave Deletedo : HKCU\Software\ilivid
Chave Deletedo : HKCU\Software\Iminent
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\installedbrowserextensions
Chave Deletedo : HKCU\Software\lollipop
Chave Deletedo : HKCU\Software\mysearchdial
Chave Deletedo : HKCU\Software\powerpack
Chave Deletedo : HKCU\Software\ProtectedSearch
Chave Deletedo : HKCU\Software\Search Settings
Chave Deletedo : HKCU\Software\SmartBar
Chave Deletedo : HKCU\Software\smartbarbackup
Chave Deletedo : HKCU\Software\smartbarlog
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\StartSearch
Chave Deletedo : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Deletedo : HKCU\Software\AppDataLow\SProtector
Chave Deletedo : HKCU\Software\AppDataLow\Software\Conduit
Chave Deletedo : HKCU\Software\AppDataLow\Software\Crossrider
Chave Deletedo : HKCU\Software\AppDataLow\Software\DynConIE
Chave Deletedo : HKCU\Software\AppDataLow\Software\findlyrics
Chave Deletedo : HKCU\Software\AppDataLow\Software\Plus-HD-1.5
Chave Deletedo : HKCU\Software\AppDataLow\Software\Search Settings
Chave Deletedo : HKCU\Software\AppDataLow\Software\simplytech
Chave Deletedo : HKCU\Software\AppDataLow\Software\SmartBar
Chave Deletedo : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Chave Deletedo : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Chave Deletedo : HKLM\Software\Application Updater
Chave Deletedo : HKLM\Software\Babylon
Chave Deletedo : HKLM\Software\Conduit
Chave Deletedo : HKLM\Software\DataMngr
Chave Deletedo : HKLM\Software\DealPly
Chave Deletedo : HKLM\Software\Desksvc
Chave Deletedo : HKLM\Software\DownTango
Chave Deletedo : HKLM\Software\Funmoods
Chave Deletedo : HKLM\Software\GoforFiles
Chave Deletedo : HKLM\Software\hdcode
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKLM\Software\omigaplusSvc
Chave Deletedo : HKLM\Software\PIP
Chave Deletedo : HKLM\Software\Plus-HD-1.5
Chave Deletedo : HKLM\Software\qvo6Software
Chave Deletedo : HKLM\Software\Search Settings
Chave Deletedo : HKLM\Software\SoftwareUpdater
Chave Deletedo : HKLM\Software\SP Global
Chave Deletedo : HKLM\Software\SProtector
Chave Deletedo : HKLM\Software\Tarma Installer
Chave Deletedo : HKLM\Software\Vittalia
Chave Deletedo : HKLM\Software\winzipersvc
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browser Helper Object1.4
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DownTango
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\findlyrics@findlyrics.co
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-1.5
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.16428

Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]

-\\ Mozilla Firefox v26.0 (pt-BR)

[ Arquivo : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]


[ Arquivo : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\oh805wiy.default\prefs.js ]

Linha deletada : user_pref("extensions.funmoods.aflt", "radiofm");
Linha deletada : user_pref("extensions.funmoods.appId", "{EA28B360-05E0-4F93-8150-02891F1D8D3C}");
Linha deletada : user_pref("extensions.funmoods.cd", "2XzuyEtN2Y1L1QzutDtD0F0F0ByC0EyDzzyCzy0AyDtC0F0AtN0D0Tzu0CyBtDyDtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1C1T1Q1L1F1O1H");
Linha deletada : user_pref("extensions.funmoods.cntry", "BR");
Linha deletada : user_pref("extensions.funmoods.cr", "1991458301");
Linha deletada : user_pref("extensions.funmoods.cv", "cv5");
Linha deletada : user_pref("extensions.funmoods.dfltLng", "");
Linha deletada : user_pref("extensions.funmoods.dfltSrch", true);
Linha deletada : user_pref("extensions.funmoods.dnsErr", true);
Linha deletada : user_pref("extensions.funmoods.excTlbr", false);
Linha deletada : user_pref("extensions.funmoods.hdrMd5", "5B2A0E6E0504707679EF7C97EE4C8483");
Linha deletada : user_pref("extensions.funmoods.hmpg", true);
Linha deletada : user_pref("extensions.funmoods.hmpgUrl", "hxxp://searchfunmoods.com/?f=1&a=radiofm&cd=2XzuyEtN2Y1L1QzutDtD0F0F0ByC0EyDzzyCzy0AyDtC0F0AtN0D0Tzu0CyBtDyDtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1C1T1Q1L1F1O1H[...]
Linha deletada : user_pref("extensions.funmoods.id", "00FFB6E5869A51FA");
Linha deletada : user_pref("extensions.funmoods.instlDay", "16045");
Linha deletada : user_pref("extensions.funmoods.instlRef", "");
Linha deletada : user_pref("extensions.funmoods.newTabUrl", "hxxp://searchfunmoods.com/?f=2&a=radiofm&cd=2XzuyEtN2Y1L1QzutDtD0F0F0ByC0EyDzzyCzy0AyDtC0F0AtN0D0Tzu0CyBtDyDtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1C1T1Q1L1F1O[...]
Linha deletada : user_pref("extensions.funmoods.prdct", "funmoods");
Linha deletada : user_pref("extensions.funmoods.prtnrId", "funmoods");
Linha deletada : user_pref("extensions.funmoods.sg", "none");
Linha deletada : user_pref("extensions.funmoods.srchPrvdr", "Funmoods");
Linha deletada : user_pref("extensions.funmoods.tlbrId", "base");
Linha deletada : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://searchfunmoods.com/?f=3&a=radiofm&cd=2XzuyEtN2Y1L1QzutDtD0F0F0ByC0EyDzzyCzy0AyDtC0F0AtN0D0Tzu0CyBtDyDtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1C1T1Q1L1F[...]
Linha deletada : user_pref("extensions.funmoods.vrsn", "1.8.20.0");
Linha deletada : user_pref("extensions.funmoods.vrsni", "1.8.20.0");
Linha deletada : user_pref("extensions.funmoods_i.hmpg", true);
Linha deletada : user_pref("extensions.funmoods_i.newTab", false);
Linha deletada : user_pref("extensions.funmoods_i.smplGrp", "none");
Linha deletada : user_pref("extensions.funmoods_i.vrsnTs", "1.8.20.07:11:9");

-\\ Google Chrome v31.0.1650.63

[ Arquivo : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [41388 octets] - [14/12/2013 22:27:29]
AdwCleaner[S0].txt - [36184 octets] - [14/12/2013 22:28:39]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [36245 octets] ##########

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:05:48, on 14/12/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
C:\PROGRA~1\GbPlugin\GbpSv.exe
C:\Windows\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\ProgramData\InternetUpdater\InternetUpdaterService.exe
C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
C:\Program Files\Baidu Security\PC Faster\3.7.0.0\PCFasterSvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe
C:\Windows\system32\svchost.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Baidu Security\PC Faster\3.7.0.0\PCFaster.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\TeamViewer\Version8\TeamViewer.exe
C:\Windows\PixArt\Pac7302\Monitor.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\TeamViewer\Version8\tv_w32.exe
C:\ProgramData\Updater\updater.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe
C:\ProgramData\RHelpers\FireFoxHelper\FireFoxHelper.exe
C:\ProgramData\RHelpers\IEHelper\IeHelper.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\Zune\ZuneNss.exe
C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\UI0Detect.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\User\Desktop\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\svchost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files\GbPlugin\gbieh.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Shopping Suggestion. - {e7e8ed77-2fba-4ec6-bc07-65de4de6709f} - mscoree.dll (file missing)
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Baidu PC Faster 3.7.0.0] "C:\Program Files\Baidu Security\PC Faster\3.7.0.0\PCFaster.exe" -auto -start
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [BCSSync] "c:\program files\microsoft office\office14\bcssync.exe" /delayservices
O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [GPULoader] "C:\Program Files\VLC Player GPU+\GPULog.exe"
O4 - HKLM\..\Run: [Updater] C:\ProgramData\Updater\Updater.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /auto
O4 - HKCU\..\Run: [Updater] C:\ProgramData\Updater\updater.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O8 - Extra context menu item: &Enviar para o OneNote - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O17 - HKLM\System\CCS\Services\Tcpip\..\{10753604-0B87-42C8-ADB0-9DC4D6448C32}: NameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CS1\Services\Tcpip\..\{10753604-0B87-42C8-ADB0-9DC4D6448C32}: NameServer = 200.204.0.10 200.204.0.138
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify:  GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Aplicação do Cash 'n Back (CashNBack Application) - Unknown owner - C:\Program Files\RBM\CashNBack\CashNBack.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Internet Updater (InternetUpdater) - Unknown owner - C:\ProgramData\InternetUpdater\InternetUpdaterService.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Messenger Plus! Service (MsgPlusService) - Yuna Software - C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Baidu PC Faster Service 3.7.0.0 (PCFasterSvc_{PCFaster_3.7.0.0}) - Baidu Inc. - C:\Program Files\Baidu Security\PC Faster\3.7.0.0\PCFasterSvc.exe
O23 - Service: Reimage Real Time Protection (ReimageRealTimeProtection) - Reimage® - C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe
O23 - Service: SpeedBit Update (SBUpd) - Speedbit Ltd. - C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

--
End of file - 12798 bytes
Giuliano T. Gonzales
Giuliano T. Gonzales
Iniciante
Iniciante

Mensagens : 8
Reputação : 0
Data de inscrição : 14/12/2013

Ir para o topo Ir para baixo

Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Empty Re: Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las

Mensagem por Power Max Sáb 14 Dez 2013, 23:11

Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las 648673379 Vários problemas foram removidos pelo AdwCleaner.
_________________________

Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las 772309 Siga, por gentileza, as dicas do tutorial abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste, por gentileza, o log do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt junto com novo log do Hijackthis.

Ficamos na espera.
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Empty Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las

Mensagem por Giuliano T. Gonzales Sáb 14 Dez 2013, 23:37

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Ultimate x86
Ran by User on 14/12/2013 at 23:25:31,84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{37211D63-CCE9-4780-B182-96538CFC6FED}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{8B9C4F32-044E-491C-893E-362CB8A679D5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CBC3E05C-F841-452A-A600-E8D8BBEA63D9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CBC3E05D-F841-452A-A600-E8D8BBEA63DA}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CF2BF214-9D1E-4803-9AEB-38552615FD40}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yuna software
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\dynconie
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3354406408-1631293350-4288256396-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\yuna software
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\msgplusforskype.animationpackage
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\msgplusforskype.skinpack
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etype_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etype_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypesetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypesetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeuninstall_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeuninstall_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeupdate_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeupdate_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\messenger plus! for skype_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\messenger plus! for skype_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\plusskypeservice_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\plusskypeservice_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\messenger plus! for skype
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricepeep_1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricepeep_1_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0EFEC3AA-4982-4D1C-ACF4-3DFB884231A0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{1A38B34E-9C07-5F14-1B34-685A36F3D379}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{1A38B34E-9C07-5F14-1B34-685A36F3D379}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\messenger plus! for skype"
Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\kmpmediatoolbar"
Successfully deleted: [Folder] "C:\Users\User\appdata\local\cre"
Failed to delete: [Folder] "C:\Program Files\yuna software"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{095C7A0B-F019-4F03-8EAA-524660BFDF56}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1B5A7B00-392A-4E6B-92BF-8883E5BADE0B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3314BF52-613A-4F89-A3F4-91D26CFF3DA1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{39156E7B-74E4-4151-A299-89A4550DBC62}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4059AAE5-A380-4BDF-A844-B9DFCE85DBB9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6788E9D4-BE11-442B-966E-E1EA82BD0EF0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6F756B89-137C-43A0-B805-52A46383B247}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A69BE870-D170-4C4A-AECB-A95DE1513FAD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BB34BAEB-65A0-41BE-8FB1-22751F433969}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D6405150-7B6E-450A-B15B-29482D356DCD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DE08BBFD-39BA-4427-AC46-AEA9303A8484}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FC3E1D12-8C80-46E6-82EA-EB78A28C8386}



~~~ FireFox

Emptied folder: C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\oh805wiy.default\minidumps [17 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14/12/2013 at 23:28:41,58
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:33:20, on 14/12/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
C:\PROGRA~1\GbPlugin\GbpSv.exe
C:\Windows\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\ProgramData\InternetUpdater\InternetUpdaterService.exe
C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
C:\Program Files\Baidu Security\PC Faster\3.7.0.0\PCFasterSvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe
C:\Windows\system32\svchost.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Baidu Security\PC Faster\3.7.0.0\PCFaster.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\TeamViewer\Version8\TeamViewer.exe
C:\Windows\PixArt\Pac7302\Monitor.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\TeamViewer\Version8\tv_w32.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe
C:\ProgramData\RHelpers\FireFoxHelper\FireFoxHelper.exe
C:\ProgramData\RHelpers\IEHelper\IeHelper.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\Zune\ZuneNss.exe
C:\Windows\system32\UI0Detect.exe
C:\Windows\explorer.exe
C:\ProgramData\Updater\updater.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\User\Desktop\HijackThis.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files\GbPlugin\gbieh.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Shopping Suggestion. - {e7e8ed77-2fba-4ec6-bc07-65de4de6709f} - mscoree.dll (file missing)
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Baidu PC Faster 3.7.0.0] "C:\Program Files\Baidu Security\PC Faster\3.7.0.0\PCFaster.exe" -auto -start
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [BCSSync] "c:\program files\microsoft office\office14\bcssync.exe" /delayservices
O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [GPULoader] "C:\Program Files\VLC Player GPU+\GPULog.exe"
O4 - HKLM\..\Run: [Updater] C:\ProgramData\Updater\Updater.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /auto
O4 - HKCU\..\Run: [Updater] C:\ProgramData\Updater\updater.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O8 - Extra context menu item: &Enviar para o OneNote - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O17 - HKLM\System\CCS\Services\Tcpip\..\{10753604-0B87-42C8-ADB0-9DC4D6448C32}: NameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CS1\Services\Tcpip\..\{10753604-0B87-42C8-ADB0-9DC4D6448C32}: NameServer = 200.204.0.10 200.204.0.138
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify:  GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Aplicação do Cash 'n Back (CashNBack Application) - Unknown owner - C:\Program Files\RBM\CashNBack\CashNBack.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Internet Updater (InternetUpdater) - Unknown owner - C:\ProgramData\InternetUpdater\InternetUpdaterService.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Messenger Plus! Service (MsgPlusService) - Unknown owner - C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Baidu PC Faster Service 3.7.0.0 (PCFasterSvc_{PCFaster_3.7.0.0}) - Baidu Inc. - C:\Program Files\Baidu Security\PC Faster\3.7.0.0\PCFasterSvc.exe
O23 - Service: Reimage Real Time Protection (ReimageRealTimeProtection) - Reimage® - C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe
O23 - Service: SpeedBit Update (SBUpd) - Speedbit Ltd. - C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

--
End of file - 12617 bytes
Giuliano T. Gonzales
Giuliano T. Gonzales
Iniciante
Iniciante

Mensagens : 8
Reputação : 0
Data de inscrição : 14/12/2013

Ir para o topo Ir para baixo

Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Empty Re: Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las

Mensagem por Power Max Sáb 14 Dez 2013, 23:59


Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las 772309 Siga também as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_________________________
 
Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las 772309 Após o procedimento acima poste o log do Zoek que estará em C:\zoek-results
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Empty Re: Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las

Mensagem por Power Max Dom 15 Dez 2013, 00:32

Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las 772309 Depois de ter executado o Zoek conforme lhe disse na resposta acima, siga também, por gentileza, as dicas deste tutorial para fazer uma Verificação Completa de seu PC com o Malwarebytes:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Na sua próxima resposta poste este log do Malwarebytes juntamente com o log do Zoek e um novo log do Hijackthis e nos diga como está o seu PC após este procedimento.

Ficamos no aguardo.
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Empty Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las

Mensagem por Giuliano T. Gonzales Dom 15 Dez 2013, 00:42

ESTA APARECENDO TAMBÉM DOIS LINKS NO MEU DESKTOP QUANDO INICIO MEU WINDOWS FALANDO DESTES PROBLEMAS: MICROSOFT.NET FRAMEWORK E SYSTEM.BOOLEAN E SYSTEM.STRING.

MICROSOFT.NET FRAMEWORK:ERRO:

Consulte o final desta mensagem para obter detalhes sobre como chamar a
depuração just-in-time (JIT) em vez desta caixa de diálogo.

************** Texto de Exceção **************
System.NullReferenceException: Referência de objeto não definida para uma instância de um objeto.
  em BHOUpdater.MainForm.MainForm_Load(Object sender, EventArgs e)
  em System.Windows.Forms.Form.OnLoad(EventArgs e)
  em System.Windows.Forms.Form.OnCreateControl()
  em System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)
  em System.Windows.Forms.Control.CreateControl()
  em System.Windows.Forms.Control.WmShowWindow(Message& m)
  em System.Windows.Forms.Control.WndProc(Message& m)
  em System.Windows.Forms.ScrollableControl.WndProc(Message& m)
  em System.Windows.Forms.ContainerControl.WndProc(Message& m)
  em System.Windows.Forms.Form.WmShowWindow(Message& m)
  em System.Windows.Forms.Form.WndProc(Message& m)
  em System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)
  em System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
  em System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)


************** Conjuntos de Módulos (Assemblies) Carregados **************
mscorlib
   Versão do Conjunto de Módulos (Assembly): 2.0.0.0
   Versão do Win32: 2.0.50727.5472 (Win7SP1GDR.050727-5400)
   Base de Código: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
----------------------------------------
Updater
   Versão do Conjunto de Módulos (Assembly): 1.0.0.0
   Versão do Win32: 1.0.0.0
   Base de Código: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
----------------------------------------
System.Windows.Forms
   Versão do Conjunto de Módulos (Assembly): 2.0.0.0
   Versão do Win32: 2.0.50727.5468 (Win7SP1GDR.050727-5400)
   Base de Código: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
----------------------------------------
System
   Versão do Conjunto de Módulos (Assembly): 2.0.0.0
   Versão do Win32: 2.0.50727.5467 (Win7SP1GDR.050727-5400)
   Base de Código: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
----------------------------------------
System.Drawing
   Versão do Conjunto de Módulos (Assembly): 2.0.0.0
   Versão do Win32: 2.0.50727.5467 (Win7SP1GDR.050727-5400)
   Base de Código: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
----------------------------------------
mscorlib.resources
   Versão do Conjunto de Módulos (Assembly): 2.0.0.0
   Versão do Win32: 2.0.50727.5472 (Win7SP1GDR.050727-5400)
   Base de Código: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
----------------------------------------
System.Windows.Forms.resources
   Versão do Conjunto de Módulos (Assembly): 2.0.0.0
   Versão do Win32: 2.0.50727.5420 (Win7SP1.050727-5400)
   Base de Código: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
----------------------------------------

************** Depuração JIT **************
Para habilitar a depuração just-in-time (JIT), o arquivo .config deste
aplicativo ou computador (machine.config) deve ter o valor
jitDebugging definido na seção system.windows.forms.
O aplicativo também deve ser compilado com a depuração
habilitada.

Por exemplo:


   


Quando a depuração JIT está habilitada, qualquer exceção não tratada
será enviada ao depurador JIT registrado no computador,
em vez de ser tratada nesta caixa de diálogo.
Giuliano T. Gonzales
Giuliano T. Gonzales
Iniciante
Iniciante

Mensagens : 8
Reputação : 0
Data de inscrição : 14/12/2013

Ir para o topo Ir para baixo

Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Empty Re: Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las

Mensagem por Power Max Dom 15 Dez 2013, 00:44

Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las 772309 Onde está o log do Zoek que foi pedido?
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Empty Re: Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las

Mensagem por Giuliano T. Gonzales Dom 15 Dez 2013, 01:52


Zoek.exe Version 4.0.0.5 Updated 14-December-2013
Tool run by User on 15/12/2013 at 1:11:34,08.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\User\Desktop\zoek.scr [Script inserted]

==== Older Logs ======================

C:\zoek-results2013-12-15-022956.log 31823 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

"C:\Windows\Installer\14eaa9.msi" not found

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [14/12/2013 21:26]

==== Firefox Extensions ======================

ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\oh805wiy.default
- avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
- Skymonk - %ProfilePath%\extensions\{4F58EBC7-EB40-40B1-80FF-B3B5218E66C3}.xpi

ExtDir: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- Torntv 3 - %ExtDir%\trtv3@trtv.com.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\oh805wiy.default
F891089A6AB9E12FEDEBCC5EC0F40D66 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll - Shockwave Flash
C36444D7301A8C881FC7296B092609C7 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll - Google Update
6768C724599214E4F9ADD9F8FF5097EB - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U45
F1CD6E22E5AE5CEEB7712E546A5FC853 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.450.18
BE501CBC29B2025A263D80D399F1797A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In
7F83E9B61DCC1B2436C3D6AA935710DA - C:\Users\User\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll - Módulo de Proteção - Banco do Brasil
AA8E61FD350671CF70D3435996E4F7E3 - C:\Users\User\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll - Módulo de Proteção - Caixa Economica Federal
87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies
0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
B27CCB1168B1960AEC6E9D3E0E0F0D2A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight


==== Deleted Firefox Extensions ======================

C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\trtv3@trtv.com.xpi deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[14/12/2013 21:26]
kandcdjfgpbomcbfjjjpkcknccamfehe - C:\Users\User\AppData\Roaming\1.crx[08/03/2013 01:35]
nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx[12/10/2013 13:04]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
nnjbodopomfddehlalfilheomcahbpei - C:\Users\User\AppData\Local\GAS Tecnologia\GBBD\cef\sf.crx[01/03/2013 17:06]
pgacfjdigcddmmncljpflgcfpfahebkh - C:\Users\User\AppData\Local\GAS Tecnologia\GBBD\bb\sf.crx[03/09/2013 21:03]

Google Translate - User - Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb
Bumblebee Transformers - User - Default\Extensions\ablploimnfndjhngijoeekcoillceikj
The Godfather: Five Families - User - Default\Extensions\edfkoljdeffeedleidebkmmamepgbnbl
Stupeflix Video Maker - User - Default\Extensions\fkdmcfnoimoilncpjchamnenebopocem
Transformer Games - User - Default\Extensions\gfbkcngonnicnenkbmgdnaokfieefkce
avast Online Security - User - Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
TweetDeck by Twitter - User - Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl
Rapportive - User - Default\Extensions\hihakjfhbmlmjdnnhegiciffjplmdhin
Desprotetor de Links BETA - User - Default\Extensions\imcbnnnoghiihopefblgehihofbfbmei
Facebook Service Pack - User - Default\Extensions\kandcdjfgpbomcbfjjjpkcknccamfehe
Yoono WebApp - User - Default\Extensions\mjkbgbnoikoflalnbnofkfegidffigke
Tabela Brasileirao - User - Default\Extensions\nbpbpbfmaoegeicpcddkbalibbcjfllk
Advanced SystemCare Surfing Protection - User - Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
GBBD Caixa Economica Federal - User - Default\Extensions\nnjbodopomfddehlalfilheomcahbpei
Picky Wallpapers - User - Default\Extensions\odklcfojpedohplkimfdpcamkjnhanaj
GBBD Banco do Brasil - User - Default\Extensions\pgacfjdigcddmmncljpflgcfpfahebkh
Windows Live Messenger for Chrome - User - Default\Extensions\phianocfbbhoobabhjihfoalgnadopoj

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Search Bar"="http://www.bing.com"
"Start Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{E88E0043-C9D4-4e33-8555-FEE4F5B63060} mail.ru: ????? ? ????????? Url="http://go.mail.ru/search?q={searchTerms}&utf8in=1&fr=ietb"

==== shortcuts on Users Desktops ======================

C:\Users\Mcx1-GIULIANOTGONZAL\Desktop\Download Accelerator Plus (DAP).lnk - C:\Program Files\DAP\DAP.exe
C:\Users\Mcx1-GIULIANOTGONZAL\Desktop\My DAP Downloads.lnk - C:\Users\User\Documents\My DAP Downloads
C:\Users\Mcx1-GIULIANOTGONZAL\Desktop\SpeedBit Video Accelerator.lnk - C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe /OPEN
C:\Users\Mcx1-GIULIANOTGONZAL\Desktop\TraductorLIVE.lnk - C:\Program Files\TraductorLIVE\TraductorLIVE.exe
C:\Users\User\Desktop\Baidu PC Faster.lnk - C:\Program Files\Baidu Security\PC Faster\3.7.0.0\PCFaster.exe -shortcut
C:\Users\User\Desktop\Baixo Cidade.lnk - C:\Program Files\Baixo Cidade\Baixo Cidade VWW Client\UtherversePatcher.exe /brand {ae4facb3-7485-4c9b-afc8-8a52155c6e2a}
C:\Users\User\Desktop\Computador..lnk -
C:\Users\User\Desktop\Conexão de Banda Larga..lnk -
C:\Users\User\Desktop\ConvertXtoDVD 4.lnk - C:\Program Files\VSO\ConvertX\4\ConvertXtoDvd.exe
C:\Users\User\Desktop\ePSXe - Atalho.lnk - C:\Users\User\Documents\A-Giuliano\Meus Jogos\ePSXe_1.8.0_with_BIOS_and_plugins\ePSXe.exe
C:\Users\User\Desktop\Format Factory.lnk - C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe
C:\Users\User\Desktop\Free WebM Video Converter.lnk - C:\Program Files\DVDVideoSoft\Free WebM Video Converter\FreeWebMVideoConverter.exe
C:\Users\User\Desktop\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\User\Desktop\Meus Documentos.lnk - C:\Users\User\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms
C:\Users\User\Desktop\Microsoft SkyDrive.lnk - C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Users\User\Desktop\Microsoft Word 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\avast Free Antivirus.lnk -
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Markets.com MetaTrader.lnk - C:\Program Files\Markets.com MetaTrader\terminal.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Need For Speed World.lnk - C:\Program Files\Electronic Arts\Need For Speed World\GameLauncher.exe
C:\Users\Public\Desktop\Nero StartSmart.lnk - C:\Program Files\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe -ScParameter=30003
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
C:\Users\Public\Desktop\videopower.lnk - C:\Program Files\iCam\videopower.exe
C:\Users\Public\Desktop\µTorrent.lnk -

==== shortcuts in Users Start Menu ======================

C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk - C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BackUpDutyLite\Uninstall.lnk - C:\Program Files\BackUpDutyLite\uninst.exe
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Baidu PC Faster.lnk - C:\Program Files\Baidu Security\PC Faster\3.7.0.0\PCFaster.exe -startmenu
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Feedback.lnk - C:\Program Files\Baidu Security\PC Faster\3.7.0.0\PCFasterFeedback.exe
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Uninstall.lnk - C:\Program Files\Baidu Security\PC Faster\3.7.0.0\UninstCaller.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk - C:\Program Files\TeamViewer\Version8\TeamViewer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk - C:\Windows\system32\mstsc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7\Advanced SystemCare 7.lnk - C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe /manual
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7\Desinstalar Advanced SystemCare.lnk - C:\Program Files\IObit\Advanced SystemCare 7\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7\Toolbox.lnk - C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe /toolbox
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7\Turbo Boost.lnk - C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe /turboboost
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast Free Antivirus.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Baidu PC Faster.lnk - C:\Program Files\Baidu Security\PC Faster\3.7.0.0\PCFaster.exe -startmenu
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Feedback.lnk - C:\Program Files\Baidu Security\PC Faster\3.7.0.0\PCFasterFeedback.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Uninstall.lnk - C:\Program Files\Baidu Security\PC Faster\3.7.0.0\UninstCaller.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster\Desinstalar Driver Booster.lnk - C:\Program Files\IObit\Driver Booster\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster\Driver Booster.lnk - C:\Program Files\IObit\Driver Booster\DriverBooster.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Need For Speed™ World.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter\Desinstalar IObit Malware Fighter.lnk - C:\Program Files\IObit\IObit Malware Fighter\unins001.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter\IObit Malware Fighter.lnk - C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller\Help.lnk - C:\Program Files\IObit\IObit Uninstaller\help.html
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller\IObit Uninstaller.lnk - C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller\Uninstall IObit Uninstaller.lnk - C:\Program Files\IObit\IObit Uninstaller\UninstallDisplay.exe uninstall_start
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair\Reimage Repair.lnk - C:\Program Files\Reimage\Reimage Repair\ReimageRepair.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair\Run in safe mode.lnk - C:\Program Files\Reimage\Reimage Repair\ReimageSafeMode.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair\Website.lnk - C:\Program Files\Reimage\Reimage Repair\Reimage Repair.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2\Desinstalar Smart Defrag 2.lnk - C:\Program Files\IObit\Smart Defrag 2\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2\Smart Defrag 2.lnk - C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Mcx1-GIULIANOTGONZAL\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Mcx1-GIULIANOTGONZAL\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Club Cooee.lnk - C:\Users\User\AppData\Local\ClubCooee\Program\cooee.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\IObit Uninstaller.lnk - C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Advanced SystemCare 7.lnk - C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe /manual
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\463F6F7A6FB17B74493A0A6EC53EAA8D deleted successfully
HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A7F6F364-1BF6-47B7-94A3-A0E65CE3AAD8} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\463F6F7A6FB17B74493A0A6EC53EAA8D deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare Ultimate deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlusForSkypeService deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mobilegeni daemon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlusService deleted successfully

==== Empty IE Cache ======================

C:\Users\Mcx1-GIULIANOTGONZAL\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\User\AppData\Local\Mozilla\Firefox\Profiles\oh805wiy.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Mcx1-GIULIANOTGONZAL\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\User\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\User\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnjdjcnifgdeehmhbclmhpfgpjoapici" deleted

==== EOF on 15/12/2013 at 1:41:01,08 ======================
Giuliano T. Gonzales
Giuliano T. Gonzales
Iniciante
Iniciante

Mensagens : 8
Reputação : 0
Data de inscrição : 14/12/2013

Ir para o topo Ir para baixo

Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Empty Re: Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las

Mensagem por Power Max Dom 15 Dez 2013, 02:00


Clique com o botão direito do mouse no Zoek e selecione [img=https://2img.net/h/oi39.tinypic.com/8vq7ma.jpg]
 
*Copie e cole as linhas em marrom no espaço do Zoek

autoclean;
chrdefaults;
chromelook;
ffdefaults;
firefoxlook;
iedefaults;
resetieproxy;
resethosts;
hijackthis;

*Feche o seu navegador e clique [Run Script]
 
*Durante o scan a mensagem abaixo será apresentada. Aguarde o término...pode demorar!

Zoek.exe is running now.
Do not start any browser windows, they will be closed automatically.
Please wait! This window will close when finished.
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
 
*Caso a reinicialização do PC seja solicitada, clique [OK]
 
*Poste o relatório que estará em C:\zoek-results.txt
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Empty Re: Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las

Mensagem por Giuliano T. Gonzales Dom 15 Dez 2013, 02:01


Zoek.exe Version 4.0.0.5 Updated 14-December-2013
Tool run by User on 15/12/2013 at 1:54:05,87.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\User\Desktop\zoek.scr [Script inserted]

==== Older Logs ======================

C:\zoek-results2013-12-15-022956.log 31823 bytes
C:\zoek-results2013-12-15-034101.log 21133 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== FireFox Fix ======================

Deleted from C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.search.defaultenginename", "Google");

Added to C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\oh805wiy.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.facebook.com/?stype=lo&jlou=AfcY0WMac01YZlO86nmr2X4gPeg7PVwsv1G3eU7cJjQ81ojLGu0QVaY2SXNyQs5MeXpi10RqW922q5UdBht71JqCstNocn-YAWwhZHBvB23iPA&smuh=37506&lh=Ac9NCFVXZ-r1OIDU&aik=584bz9aBPHDXPkjyVuySBQ");
user_pref("browser.newtab.url", "http://www.google.com/firefox");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("browser.search.useDBForOrder", "false");

Added to C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\oh805wiy.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [14/12/2013 21:26]

==== Firefox Extensions ======================

ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\oh805wiy.default
- avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
- Websteroids - %ProfilePath%\extensions\support@websteroidsapp.com
- Skymonk - %ProfilePath%\extensions\{4F58EBC7-EB40-40B1-80FF-B3B5218E66C3}.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\oh805wiy.default
F891089A6AB9E12FEDEBCC5EC0F40D66 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll - Shockwave Flash
C36444D7301A8C881FC7296B092609C7 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll - Google Update
6768C724599214E4F9ADD9F8FF5097EB - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U45
F1CD6E22E5AE5CEEB7712E546A5FC853 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.450.18
BE501CBC29B2025A263D80D399F1797A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In
7F83E9B61DCC1B2436C3D6AA935710DA - C:\Users\User\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll - Módulo de Proteção - Banco do Brasil
AA8E61FD350671CF70D3435996E4F7E3 - C:\Users\User\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll - Módulo de Proteção - Caixa Economica Federal
87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies
0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
B27CCB1168B1960AEC6E9D3E0E0F0D2A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[14/12/2013 21:26]
igjjkeeamkpihpncmmbgdkhdnjpcfmfb - C:\ProgramData\Websteroids\Chrome\common.crx[15/12/2013 01:54]
kandcdjfgpbomcbfjjjpkcknccamfehe - C:\Users\User\AppData\Roaming\1.crx[08/03/2013 01:35]
nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx[12/10/2013 13:04]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
nnjbodopomfddehlalfilheomcahbpei - C:\Users\User\AppData\Local\GAS Tecnologia\GBBD\cef\sf.crx[01/03/2013 17:06]
pgacfjdigcddmmncljpflgcfpfahebkh - C:\Users\User\AppData\Local\GAS Tecnologia\GBBD\bb\sf.crx[03/09/2013 21:03]

Google Translate - User - Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb
Bumblebee Transformers - User - Default\Extensions\ablploimnfndjhngijoeekcoillceikj
Google Docs - User - Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - User - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - User - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - User - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
The Godfather: Five Families - User - Default\Extensions\edfkoljdeffeedleidebkmmamepgbnbl
Weather - User - Default\Extensions\fapbbpdnlcmiolkdfjnnjhabmcndadad
Stupeflix Video Maker - User - Default\Extensions\fkdmcfnoimoilncpjchamnenebopocem
Transformer Games - User - Default\Extensions\gfbkcngonnicnenkbmgdnaokfieefkce
Badoo Notifications Extension - User - Default\Extensions\gngmhdpofjbdiecihebaaooakicnjjmc
avast Online Security - User - Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
TweetDeck by Twitter - User - Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl
SearchPreview - User - Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo
Rapportive - User - Default\Extensions\hihakjfhbmlmjdnnhegiciffjplmdhin
Websteroids - User - Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb
Desprotetor de Links - User - Default\Extensions\imcbnnnoghiihopefblgehihofbfbmei
Facebook Service Pack - User - Default\Extensions\kandcdjfgpbomcbfjjjpkcknccamfehe
Yoono WebApp - User - Default\Extensions\mjkbgbnoikoflalnbnofkfegidffigke
Tabela Brasileirao - User - Default\Extensions\nbpbpbfmaoegeicpcddkbalibbcjfllk
Advanced SystemCare Surfing Protection - User - Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
Google Wallet - User - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
GBBD Caixa Economica Federal - User - Default\Extensions\nnjbodopomfddehlalfilheomcahbpei
Google Chrome to Phone Extension - User - Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco
Picky Wallpapers - User - Default\Extensions\odklcfojpedohplkimfdpcamkjnhanaj
Picasa - User - Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb
GBBD Banco do Brasil - User - Default\Extensions\pgacfjdigcddmmncljpflgcfpfahebkh
Windows Live Messenger for Chrome - User - Default\Extensions\phianocfbbhoobabhjihfoalgnadopoj
Gmail - User - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{E88E0043-C9D4-4e33-8555-FEE4F5B63060} mail.ru: ????? ? ????????? Url="http://go.mail.ru/search?q={searchTerms}&utf8in=1&fr=ietb"

==== Reset Google Chrome ======================

C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files\GbPlugin\gbieh.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Shopping Suggestion. - {e7e8ed77-2fba-4ec6-bc07-65de4de6709f} - mscoree.dll (file missing)
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Baidu PC Faster 3.7.0.0] "C:\Program Files\Baidu Security\PC Faster\3.7.0.0\PCFaster.exe" -auto -start
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [BCSSync] "c:\program files\microsoft office\office14\bcssync.exe" /delayservices
O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [GPULoader] "C:\Program Files\VLC Player GPU+\GPULog.exe"
O4 - HKLM\..\Run: [Updater] C:\ProgramData\Updater\Updater.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /auto
O4 - HKCU\..\Run: [Updater] C:\ProgramData\Updater\updater.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O8 - Extra context menu item: &Enviar para o OneNote - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O17 - HKLM\System\CCS\Services\Tcpip\..\{10753604-0B87-42C8-ADB0-9DC4D6448C32}: NameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CS1\Services\Tcpip\..\{10753604-0B87-42C8-ADB0-9DC4D6448C32}: NameServer = 200.204.0.10 200.204.0.138
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Aplicação do Cash 'n Back (CashNBack Application) - Unknown owner - C:\Program Files\RBM\CashNBack\CashNBack.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Internet Updater (InternetUpdater) - Unknown owner - C:\ProgramData\InternetUpdater\InternetUpdaterService.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Messenger Plus! Service (MsgPlusService) - Unknown owner - C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Baidu PC Faster Service 3.7.0.0 (PCFasterSvc_{PCFaster_3.7.0.0}) - Baidu Inc. - C:\Program Files\Baidu Security\PC Faster\3.7.0.0\PCFasterSvc.exe
O23 - Service: Reimage Real Time Protection (ReimageRealTimeProtection) - Reimage® - C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe
O23 - Service: SpeedBit Update (SBUpd) - Unknown owner - C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

==== EOF on 15/12/2013 at 1:57:31,49 ======================
Giuliano T. Gonzales
Giuliano T. Gonzales
Iniciante
Iniciante

Mensagens : 8
Reputação : 0
Data de inscrição : 14/12/2013

Ir para o topo Ir para baixo

Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Empty Re: Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las

Mensagem por Power Max Dom 15 Dez 2013, 02:07

Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las 648673379 Vários problemas foram removidos pelo Zoek.

Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las 772309 Faltou você postar o log do Malwarebytes.
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Empty Re: Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las

Mensagem por Giuliano T. Gonzales Dom 15 Dez 2013, 02:21

Malwarebytes Anti-Malware 1.75.0.1300
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Versão da Base de Dados: v2013.12.15.01

Windows 7 x86 NTFS
Internet Explorer 11.0.9600.16428
User :: GIULIANOTGONZAL [administrador]

15/12/2013 02:08:03
mbam-log-2013-12-15 (02-08-03).txt

Tipo de Verificação: Verificação Rápida
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 228306
Tempo decorrido: 8 minuto(s), 39 segundo(s)

Processos de Memória Detectados: 5
C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe (PUP.Optional.SearchDonkey.A) -> 5656 -> Será deletado na próxima inicialização.
C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe (PUP.Optional.SearchDonkey.A) -> 5732 -> Será deletado na próxima inicialização.
C:\ProgramData\RHelpers\IeHelper\IeHelper.exe (PUP.Optional.SearchDonkey.A) -> 5808 -> Será deletado na próxima inicialização.
C:\ProgramData\Updater\updater.exe (Trojan.Agent) -> 4844 -> Será deletado na próxima inicialização.
C:\Program Files\RBM\CashNBack\CashNBack.exe (PUP.Optional.CashnBack.A) -> 1564 -> Será deletado na próxima inicialização.

Módulos de Memória Detectados: 4
C:\Program Files\RBM\CashNBack\libeay32.dll (PUP.Optional.CashnBack.A) -> Será deletado na próxima inicialização.
C:\Program Files\RBM\CashNBack\nfapi.dll (PUP.Optional.CashnBack.A) -> Será deletado na próxima inicialização.
C:\Program Files\RBM\CashNBack\ProtocolFilters.dll (PUP.Optional.CashnBack.A) -> Será deletado na próxima inicialização.
C:\Program Files\RBM\CashNBack\ssleay32.dll (PUP.Optional.CashnBack.A) -> Será deletado na próxima inicialização.

Chaves de Registro Detectadas: 11
HKCU\Software\funmoodsToolbar (PUP.Optional.FunMoods.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\Cash 'n Back (PUP.Optional.CashnBack.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\Google\Chrome\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb (PUP.Optional.MultiIE) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SYSTEM\CurrentControlSet\Services\CashNBack Application (PUP.Optional.CashnBack.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SYSTEM\CurrentControlSet\Services\cashnbackdrv (PUP.Optional.CashnBack.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Cash 'n Back (PUP.Optional.CashnBack.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e7e8ed77-2fba-4ec6-bc07-65de4de6709f} (PUP.Optional.ShoppingSuggestion.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\CLSID\{e7e8ed77-2fba-4ec6-bc07-65de4de6709f} (PUP.Optional.ShoppingSuggestion.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\ScriptInjector.AddOnIE (PUP.Optional.ShoppingSuggestion.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{E7E8ED77-2FBA-4EC6-BC07-65DE4DE6709F} (PUP.Optional.ShoppingSuggestion.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E7E8ED77-2FBA-4EC6-BC07-65DE4DE6709F} (PUP.Optional.ShoppingSuggestion.A) -> Enviado para a Quarentena e deletado com sucesso.

Valores de Registro Detectadas: 2
HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Updater (Trojan.Agent) -> Data: C:\ProgramData\Updater\updater.exe -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Updater (Trojan.Agent) -> Data: C:\ProgramData\Updater\Updater.exe -> Enviado para a Quarentena e deletado com sucesso.

Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Pastas Detectadas: 6
C:\ProgramData\RHelpers\ChromeHelper (PUP.Optional.Searchagent) -> Será deletado na próxima inicialização.
C:\ProgramData\RHelpers\FirefoxHelper (PUP.Optional.Searchagent) -> Será deletado na próxima inicialização.
C:\ProgramData\RHelpers\IeHelper (PUP.Optional.Searchagent) -> Será deletado na próxima inicialização.
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb (PUP.Optional.MultiIE) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.48_0 (PUP.Optional.MultiIE) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files\RBM\CashNBack (PUP.Optional.CashnBack.A) -> Será deletado na próxima inicialização.

Arquivos Detectados: 29
C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe (PUP.Optional.SearchDonkey.A) -> Será deletado na próxima inicialização.
C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe (PUP.Optional.SearchDonkey.A) -> Será deletado na próxima inicialização.
C:\ProgramData\RHelpers\IeHelper\IeHelper.exe (PUP.Optional.SearchDonkey.A) -> Será deletado na próxima inicialização.
C:\Users\User\Documents\installer_skymonk_2_12_Portuguese.exe (PUP.Optional.VIT) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\User\Documents\ccleaner-4064324-gerenciador-32-bits.exe (PUP.Optional.InstallCore.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\User\Documents\Mozilla-Firefox_2501.exe (PUP.Optional.UltraDownloads) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\User\Downloads\1830.tmp (PUP.Optional.IBryte.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Windows\Installer\142c922.msi (PUP.Optional.SmartBar.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\ProgramData\Updater\updater.exe (Trojan.Agent) -> Será deletado na próxima inicialização.
C:\Program Files\RBM\CashNBack\CashNBack.exe (PUP.Optional.CashnBack.A) -> Será deletado na próxima inicialização.
C:\Windows\System32\drivers\cashnbackdrv.sys (PUP.Optional.CashnBack.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.48_0\announce.js (PUP.Optional.MultiIE) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.48_0\background.html (PUP.Optional.MultiIE) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.48_0\common.js (PUP.Optional.MultiIE) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.48_0\contentscript.js (PUP.Optional.MultiIE) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.48_0\icon128.png (PUP.Optional.MultiIE) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.48_0\icon16.png (PUP.Optional.MultiIE) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.48_0\icon48.png (PUP.Optional.MultiIE) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.48_0\iframecontentscript.js (PUP.Optional.MultiIE) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.48_0\manifest.json (PUP.Optional.MultiIE) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files\RBM\CashNBack\icon.ico (PUP.Optional.CashnBack.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files\RBM\CashNBack\libeay32.dll (PUP.Optional.CashnBack.A) -> Será deletado na próxima inicialização.
C:\Program Files\RBM\CashNBack\msvcp110.dll (PUP.Optional.CashnBack.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files\RBM\CashNBack\msvcr110.dll (PUP.Optional.CashnBack.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files\RBM\CashNBack\nfapi.dll (PUP.Optional.CashnBack.A) -> Será deletado na próxima inicialização.
C:\Program Files\RBM\CashNBack\nfregdrv.exe (PUP.Optional.CashnBack.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files\RBM\CashNBack\ProtocolFilters.dll (PUP.Optional.CashnBack.A) -> Será deletado na próxima inicialização.
C:\Program Files\RBM\CashNBack\rmv.exe (PUP.Optional.CashnBack.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files\RBM\CashNBack\ssleay32.dll (PUP.Optional.CashnBack.A) -> Será deletado na próxima inicialização.

(fim)
Giuliano T. Gonzales
Giuliano T. Gonzales
Iniciante
Iniciante

Mensagens : 8
Reputação : 0
Data de inscrição : 14/12/2013

Ir para o topo Ir para baixo

Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Empty Re: Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las

Mensagem por Power Max Dom 15 Dez 2013, 10:20

Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las 772309 Faça, por gentileza, uma Verificação Completa com o Malwarebytes e poste o relatório desta verificação aqui no seu tópico. Ficamos na espera.
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Empty Re: Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las

Mensagem por Admin Ter 07 Jan 2014, 23:13

TÓPICO ARQUIVADO

Como o(a) autor(a) não respondeu por mais de 15 dias, o tópico foi arquivado. Caso necessite a sua reabertura, deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] via MP.
Admin
Admin
Administrador Fundador
Administrador Fundador

Mensagens : 515
Reputação : 49
Data de inscrição : 26/05/2008
Idade : 46
Localização : Brasil

https://forumpcbrasil.forumeiros.com

Ir para o topo Ir para baixo

Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las Empty Re: Programa no PC sem eu instalar e milhares de pastas do sistema surgem sem criá-las

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Ir para o topo Ir para baixo

Ir para o topo

- Tópicos semelhantes

Fórum PC Brasil :: Segurança da Informação :: Tópicos Arquivados

 
Permissões neste sub-fórum
Não podes responder a tópicos