Flux 
Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 17 usuários online :: 0 registrados, 0 invisíveis e 17 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
| Power Max |
| |||
| joram |
| |||
| Wings [In Memoriam] |
| |||
| caedurodrigues |
| |||
| Amigo Brasileiro |
| |||
| luizvilarinho |
| |||
| Danii |
| |||
| Admin |
| |||
| Danilo Marsaro |
| |||
| Andreata |
|
Não consigo remover o LinkBucks
2 participantes
Página 1 de 2
Página 1 de 2 • 1, 2 
Não consigo remover o LinkBucks
por Marlon Muniz Qui 26 Dez 2013, 21:01
Já fiz de tudo para remover e me livrar do LinkBucks mas mesmo formatando o pc ele acaba por voltar, Já vi varios tópicos aqui relacionado mais não consigo me livrar disso 
Marlon Muniz- Iniciante
- Mensagens : 19
Reputação : 0
Data de inscrição : 26/12/2013
Idade : 32
Re: Não consigo remover o LinkBucks
por Wings [In Memoriam] Qui 26 Dez 2013, 21:03
Olá Marlon Muniz
Qual o seu provedor de internet?
Sua conexão é via cabo ou através de roteador?
Qual o seu provedor de internet?
Sua conexão é via cabo ou através de roteador?
![Wings [In Memoriam]](https://2img.net/u/1712/29/07/67/avatars/414-76.jpg)
Wings [In Memoriam]- Moderador
- Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ -
Re: Não consigo remover o LinkBucks
por Marlon Muniz Qui 26 Dez 2013, 21:12
via roteador
P.S até pra responder eu tenho que limpar isso (http://879d711f.theseblogs.com/url/) pq ele rerediciona automaticamente =/
P.S até pra responder eu tenho que limpar isso (http://879d711f.theseblogs.com/url/) pq ele rerediciona automaticamente =/
Marlon Muniz- Iniciante
- Mensagens : 19
Reputação : 0
Data de inscrição : 26/12/2013
Idade : 32
Re: Não consigo remover o LinkBucks
por Wings [In Memoriam] Qui 26 Dez 2013, 21:15
OK..
Vc sabe resetar (voltar para as configurações de fábrica) o roteador?
Vc sabe resetar (voltar para as configurações de fábrica) o roteador?
Wings [In Memoriam]- Moderador
- Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ -
Re: Não consigo remover o LinkBucks
por Marlon Muniz Qui 26 Dez 2013, 21:20
Sim
sei...Vc fala resetargeral no botão certo?
sei...Vc fala resetargeral no botão certo?
Marlon Muniz- Iniciante
- Mensagens : 19
Reputação : 0
Data de inscrição : 26/12/2013
Idade : 32
Re: Não consigo remover o LinkBucks
por Wings [In Memoriam] Qui 26 Dez 2013, 21:30
Sim...
É um botão pequeno, geralmente fica atrás do roteador. Vc aperta por uns 20 segundos para que o roteador seja resetado. Depois, vc irá acessar como se fosse a primeira vez. Dê um novo nome à sua rede, crie uma senha de acesso (WPA-PS2) bem segura, salve todas as alterações, desligue o roteador e o modem na tomada. Ligue o modem e depois o roteador.
Informe.
É um botão pequeno, geralmente fica atrás do roteador. Vc aperta por uns 20 segundos para que o roteador seja resetado. Depois, vc irá acessar como se fosse a primeira vez. Dê um novo nome à sua rede, crie uma senha de acesso (WPA-PS2) bem segura, salve todas as alterações, desligue o roteador e o modem na tomada. Ligue o modem e depois o roteador.
Informe.
Wings [In Memoriam]- Moderador
- Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ -
Re: Não consigo remover o LinkBucks
por Marlon Muniz Qui 26 Dez 2013, 21:35
ok ok
Vou fazer isso,mais antes de fazer isso podes me explicar por que todas as paginas e navegadores estão fazendo esse reredicionamentou para essa pagina, e por que ele não abre alguns links exemplo, baixeaki (para baixar uns instaladores com junkeware ou outras coisas..) ou mesmo Youtube não roda os videos..
Vou fazer isso,mais antes de fazer isso podes me explicar por que todas as paginas e navegadores estão fazendo esse reredicionamentou para essa pagina, e por que ele não abre alguns links exemplo, baixeaki (para baixar uns instaladores com junkeware ou outras coisas..) ou mesmo Youtube não roda os videos..
Marlon Muniz- Iniciante
- Mensagens : 19
Reputação : 0
Data de inscrição : 26/12/2013
Idade : 32
Re: Não consigo remover o LinkBucks
por Wings [In Memoriam] Qui 26 Dez 2013, 21:43
Deve-se a vulnerabilidade no seu roteador sequestrando suas conexões.
Após fazer o reset, verifique se há alguma atualização no firmware do mesmo.
Após fazer o reset, verifique se há alguma atualização no firmware do mesmo.
Wings [In Memoriam]- Moderador
- Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ -
Re: Não consigo remover o LinkBucks
por Marlon Muniz Qui 26 Dez 2013, 22:02
ok vou fazer isso
já volto
já volto
Marlon Muniz- Iniciante
- Mensagens : 19
Reputação : 0
Data de inscrição : 26/12/2013
Idade : 32
Re: Não consigo remover o LinkBucks
por Marlon Muniz Qui 26 Dez 2013, 22:27
Já fiz isso..porém nada mudou =/
Marlon Muniz- Iniciante
- Mensagens : 19
Reputação : 0
Data de inscrição : 26/12/2013
Idade : 32
Re: Não consigo remover o LinkBucks
por Wings [In Memoriam] Qui 26 Dez 2013, 22:30
1. Qual a versão do seu Windows ( XP, Vista, 7 ou 8 )?
2. Sua conexão é via rádio?
3. Qual o modelo do seu roteador?
2. Sua conexão é via rádio?
3. Qual o modelo do seu roteador?
Wings [In Memoriam]- Moderador
- Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ -
Re: Não consigo remover o LinkBucks
por Marlon Muniz Qui 26 Dez 2013, 22:45
Windows Ultimate 7 64 bits
core i7 2.80GHz
8gb ram
Sim via-rádio ea marca é TP-LINK o medelo eu não sei
core i7 2.80GHz
8gb ram
Sim via-rádio ea marca é TP-LINK o medelo eu não sei
Marlon Muniz- Iniciante
- Mensagens : 19
Reputação : 0
Data de inscrição : 26/12/2013
Idade : 32
Re: Não consigo remover o LinkBucks
por Wings [In Memoriam] Qui 26 Dez 2013, 22:50
Clique Iniciar > Painel de Controle > Rede e Internet > Central de Rede e Compartilhamento*Na coluna da esquerda, clique em Alterar as configurações do adptador
*Clique com o botão direito do mouse em Conexão de Rede sem fio e selecione Propriedades
*Localize e selecione Protocolo TCP/IP Versão 4 (TCP/IPv4)
*Clique [Propriedades]
*Anote em um papel as informações:
Endereço IP:
Máscara de sub-rede:
Gateway padrão:
Servidor DNS preferencial:
Servidor DNS alternativo:
Informe-os.
Wings [In Memoriam]- Moderador
- Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ -
Re: Não consigo remover o LinkBucks
por Marlon Muniz Qui 26 Dez 2013, 23:12
Fiz isso da ai, passo a passo, porém está tudo em branco
Endereço IP:
Máscara de sub-rede:
Gateway padrão:
Servidor DNS preferencial:
Servidor DNS alternativo:
Endereço IP:
Máscara de sub-rede:
Gateway padrão:
Servidor DNS preferencial:
Servidor DNS alternativo:
Marlon Muniz- Iniciante
- Mensagens : 19
Reputação : 0
Data de inscrição : 26/12/2013
Idade : 32
Re: Não consigo remover o LinkBucks
por Wings [In Memoriam] Qui 26 Dez 2013, 23:14
Refaça o procedimento e veja em Conexão local. Anote no papel o que for encontrado. Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de random/random) e salve-o no desktop (Área de Trabalho)*Clique com o botão direito do mouse no RSIT e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Clique [Continue] e aguarde o término
*Anexe os relatórios C:\rsit\log.txt e C:\rsit\info.txt
Wings [In Memoriam]- Moderador
- Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ -
Re: Não consigo remover o LinkBucks
por Marlon Muniz Qui 26 Dez 2013, 23:25
- Spoiler:
- info.txt logfile of random's system information tool 1.09 2013-12-26 23:17:41
======Uninstall list======
-->C:\Program Files (x86)\Baidu Security\PC App Store\3.14.8.3365\Uninstall.exe
Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{52E225FC-FCB4-41F7-837B-6E37FB05BD7B}
Adobe Flash Player 11 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_170_Plugin.exe -maintain plugin
Advanced SystemCare 7-->"C:\Program Files (x86)\IObit\Advanced SystemCare 7\unins000.exe"
avast! Internet Security-->C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel
Baidu Antivirus-->"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Uninstall.exe"
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CPUID HWMonitor 1.24-->"C:\Program Files\CPUID\HWMonitor\unins000.exe"
Driver Booster-->"C:\Program Files (x86)\IObit\Driver Booster\unins000.exe"
Facebook Video Calling 1.2.0.287-->MsiExec.exe /X{B92C5909-1D37-4C51-8397-A28BB28E5DC3}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Intel PROSet Wireless-->Intel PROSet Wireless
Intel(R) Network Connections Drivers-->Prounstl.exe
Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Intel(R) Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
IObit Uninstaller-->"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallDisplay.exe" uninstall_start
Malwarebytes Anti-Malware versão 1.75.0.1300-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 4 Client Profile PTB Language Pack-->MsiExec.exe /X{B7693CDE-074B-301C-9584-FC4343696C8B}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Mozilla Firefox 26.0 (x86 pt-BR)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1046 /parameterfolder ClientLP
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709
RICOH Media Driver v2.15.17.02-->"C:\Program Files (x86)\InstallShield Installation Information\{FE041B02-234C-4AAA-9511-80DF6482A458}\Setup.exe" -runfromtemp -l0x0416 anything -removeonly
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8E6848A1-B790-34FE-921A-A5319258E254} /parameterfolder Client
Software Intel(R) PROSet/Wireless WiFi-->MsiExec /I{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}
Spyware Terminator 2012-->"C:\Program Files (x86)\Spyware Terminator\unins000.exe"
Surfing Protection-->"C:\Program Files (x86)\IObit\Surfing Protection\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TOSHIBA 180 Degrees Rotation Utility-->C:\Program Files (x86)\InstallShield Installation Information\{FEDFB4DC-E149-4897-B616-4811C718E54F}\setup.exe -runfromtemp -l0x0816 -removeonly
TOSHIBA ReelTime-->"C:\Program Files (x86)\InstallShield Installation Information\{24811C12-F4A9-4D0F-8494-A7B8FE46123C}\setup.exe" -runfromtemp -l0x0816 -removeonly
TOSHIBA ReelTime-->MsiExec.exe /X{24811C12-F4A9-4D0F-8494-A7B8FE46123C}
TOSHIBA Resolution+ Plug-in for Windows Media Player-->C:\Program Files (x86)\InstallShield Installation Information\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}\setup.exe -runfromtemp -l0x0416 -removeonly
VLC media player 2.1.2-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
======Hosts File======
127.0.0.1 validation.sls.microsoft.com
======System event log======
Computer Name: NOTE-PORTEGE
Event Code: 7036
Message: O serviço Temas entrou no estado executando.
Record Number: 6160
Source Name: Service Control Manager
Time Written: 20131209153442.069209-000
Event Type: Informações
User:
Computer Name: NOTE-PORTEGE
Event Code: 7036
Message: O serviço Áudio do Windows entrou no estado executando.
Record Number: 6159
Source Name: Service Control Manager
Time Written: 20131209153442.053609-000
Event Type: Informações
User:
Computer Name: NOTE-PORTEGE
Event Code: 7036
Message: O serviço Construtor de Pontos de Extremidade de Áudio do Windows entrou no estado executando.
Record Number: 6158
Source Name: Service Control Manager
Time Written: 20131209153442.006809-000
Event Type: Informações
User:
Computer Name: NOTE-PORTEGE
Event Code: 7036
Message: O serviço Agendador de Classes de Multimídia entrou no estado executando.
Record Number: 6157
Source Name: Service Control Manager
Time Written: 20131209153441.960009-000
Event Type: Informações
User:
Computer Name: NOTE-PORTEGE
Event Code: 7036
Message: O serviço Log de Eventos do Windows entrou no estado executando.
Record Number: 6156
Source Name: Service Control Manager
Time Written: 20131209153441.928809-000
Event Type: Informações
User:
=====Application event log=====
Computer Name: 37L4247E29-32
Event Code: 1001
Message: Falha no compartilhamento de memória , tipo 0
Nome do Evento: PnPDriverNotFound
Resposta: Não disponível
Id do arquivo CAB: 0
Assinatura do problema:
P1: x64
P2: ACPI\TOS6205
P3:
P4:
P5:
P6:
P7:
P8:
P9:
P10:
Arquivos anexados:
C:\Windows\Temp\DMI8526.tmp.log.xml
Estes arquivos podem estar disponíveis em:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_13532e6308f3586e7cea6da1ef8d7bbf71c69_cab_07708545
Símbolo da análise:
Verificando novamente solução: 0
Id de relatório: b8397628-601a-11e3-b47b-debfde70e6bd
Status do relatório: 6
Record Number: 5
Source Name: Windows Error Reporting
Time Written: 20131208150923.000000-000
Event Type: Informações
User:
Computer Name: 37L4247E29-32
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20131208150904.000000-000
Event Type: Informações
User:
Computer Name: 37L4247E29-32
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20131208150904.000000-000
Event Type: Informações
User:
Computer Name: 37L4247E29-32
Event Code: 1531
Message: Serviço de Perfil de Usuário iniciado com êxito.
Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20131208150903.510422-000
Event Type: Informações
User: AUTORIDADE NT\SISTEMA
Computer Name: 37L4247E29-32
Event Code: 4625
Message: O subsistema EventSystem está suprimindo entradas de log de eventos duplicadas para uma duração de 86400 segundos. O tempo limite de supressão pode ser controlado por um valor REG_DWORD denominado SuppressDuplicateDuration sob esta chave do Registro: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20131208150903.000000-000
Event Type: Informações
User:
=====Security event log=====
Computer Name: NOTE-PORTEGE
Event Code: 4672
Message: Privilégios especiais atribuídos a um novo logon.
Requerente:
Identificação de segurança: S-1-5-18
Nome da conta: SISTEMA
Domínio da conta: AUTORIDADE NT
Identificação de logon: 0x3e7
Privilégios: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 17601
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20131216024830.949202-000
Event Type: Sucesso da Auditoria
User:
Computer Name: NOTE-PORTEGE
Event Code: 4624
Message: O logon de uma conta foi efetuado com sucesso.
Requerente:
Identificação de segurança: S-1-5-18
Nome da conta: NOTE-PORTEGE$
Domínio da conta: WORKGROUP
Identificação de logon: 0x3e7
Tipo de logon: 5
Novo logon:
Identificação de segurança: S-1-5-18
Nome da conta: SISTEMA
Domínio da conta: AUTORIDADE NT
Identificação de logon: 0x3e7
GUID de logon: {00000000-0000-0000-0000-000000000000}
Informações do processo:
Identificação do processo: 0x278
Nome do processo: C:\Windows\System32\services.exe
Informações da rede:
Nome da estação de trabalho:
Endereço da rede de origem: -
Porta de origem: -
Informações detalhadas da autenticação:
Processo de logon: Advapi
Pacote de autenticação: Negotiate
Serviços transitados: -
Nome do pacote (somente NTLM): -
Comprimento da chave: 0
Este evento é gerado quando uma sessão de logon é criada. Ele é gerado no computador acessado.
Os campos do assunto indicam a Conta Sistema Local que solicitou o logon. Comumente, isto é um serviço como o de servidor ou um processo local como Winlogon.exe ou Services.exe.
O campo tipo de logon indica o tipo de logon ocorrido. Os tipos mais comuns são 2 (interativo) e 3 (em rede).
Os campos Novo logon indicam as contas para a qual o novo logon foi criada, isto é, a conta na qual o logon foi efetuado.
Os campos de rede indicam onde a solicitação de logon remoto se originou. O nome da estação de trabalho nem sempre está disponível e pode ser deixado em branco em alguns casos.
Os campos de informações de autenticação fornecem informações detalhadas sobre esta solicitação específica de logon.
-O GUID de logon é um identificador exclusivo que pode ser usado para correlacionar este evento com um evento de KDC.
- Serviços transitados indicam qual serviço intermediário participou desta solicitação de logon.
- Nome de pacote indica qual subprotocolo foi usado, entre os protocolos NTLM.
- Comprimento da chave indica o comprimento da chave da sessão gerada. Ele será 0 se nenhuma chave de sessão foi solicitada.
Record Number: 17600
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20131216024830.949202-000
Event Type: Sucesso da Auditoria
User:
Computer Name: NOTE-PORTEGE
Event Code: 4672
Message: Privilégios especiais atribuídos a um novo logon.
Requerente:
Identificação de segurança: S-1-5-18
Nome da conta: SISTEMA
Domínio da conta: AUTORIDADE NT
Identificação de logon: 0x3e7
Privilégios: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 17599
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20131216024800.937485-000
Event Type: Sucesso da Auditoria
User:
Computer Name: NOTE-PORTEGE
Event Code: 4624
Message: O logon de uma conta foi efetuado com sucesso.
Requerente:
Identificação de segurança: S-1-5-18
Nome da conta: NOTE-PORTEGE$
Domínio da conta: WORKGROUP
Identificação de logon: 0x3e7
Tipo de logon: 5
Novo logon:
Identificação de segurança: S-1-5-18
Nome da conta: SISTEMA
Domínio da conta: AUTORIDADE NT
Identificação de logon: 0x3e7
GUID de logon: {00000000-0000-0000-0000-000000000000}
Informações do processo:
Identificação do processo: 0x278
Nome do processo: C:\Windows\System32\services.exe
Informações da rede:
Nome da estação de trabalho:
Endereço da rede de origem: -
Porta de origem: -
Informações detalhadas da autenticação:
Processo de logon: Advapi
Pacote de autenticação: Negotiate
Serviços transitados: -
Nome do pacote (somente NTLM): -
Comprimento da chave: 0
Este evento é gerado quando uma sessão de logon é criada. Ele é gerado no computador acessado.
Os campos do assunto indicam a Conta Sistema Local que solicitou o logon. Comumente, isto é um serviço como o de servidor ou um processo local como Winlogon.exe ou Services.exe.
O campo tipo de logon indica o tipo de logon ocorrido. Os tipos mais comuns são 2 (interativo) e 3 (em rede).
Os campos Novo logon indicam as contas para a qual o novo logon foi criada, isto é, a conta na qual o logon foi efetuado.
Os campos de rede indicam onde a solicitação de logon remoto se originou. O nome da estação de trabalho nem sempre está disponível e pode ser deixado em branco em alguns casos.
Os campos de informações de autenticação fornecem informações detalhadas sobre esta solicitação específica de logon.
-O GUID de logon é um identificador exclusivo que pode ser usado para correlacionar este evento com um evento de KDC.
- Serviços transitados indicam qual serviço intermediário participou desta solicitação de logon.
- Nome de pacote indica qual subprotocolo foi usado, entre os protocolos NTLM.
- Comprimento da chave indica o comprimento da chave da sessão gerada. Ele será 0 se nenhuma chave de sessão foi solicitada.
Record Number: 17598
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20131216024800.937485-000
Event Type: Sucesso da Auditoria
User:
Computer Name: NOTE-PORTEGE
Event Code: 4672
Message: Privilégios especiais atribuídos a um novo logon.
Requerente:
Identificação de segurança: S-1-5-18
Nome da conta: SISTEMA
Domínio da conta: AUTORIDADE NT
Identificação de logon: 0x3e7
Privilégios: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 17597
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20131216024730.922768-000
Event Type: Sucesso da Auditoria
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=2a07
-----------------EOF-----------------
Marlon Muniz- Iniciante
- Mensagens : 19
Reputação : 0
Data de inscrição : 26/12/2013
Idade : 32
Re: Não consigo remover o LinkBucks
por Marlon Muniz Qui 26 Dez 2013, 23:26
- Spoiler:
- Logfile of random's system information tool 1.09 (written by random/random)
Run by Marlon Muniz at 2013-12-26 23:17:29
Microsoft Windows 7 Ultimate
System drive C: has 42 GB (59%) free of 72 GB
Total RAM: 8071 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:17:39, on 26/12/2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files (x86)\Toshiba\TNROTATE\TNROTATE.exe
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Marlon Muniz.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [TNRotate] %ProgramFiles(x86)%\TOSHIBA\TNRotate\TNRotate.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Baidu PC Faster 4.0.0.0] "C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe" -auto -start
O4 - HKLM\..\Run: [Baidu Antivirus] "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe" -auto
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /auto
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Baidu Antivirus Service (BAVSvc) - Baidu, Inc. - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe
O23 - Service: Baidu Hips Service (BHipsSvc) - Baidu, Inc. - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: Baidu PC App Store Service 3.14.8.3365 (PCAppStoreSvc_{PCAppStore_3.14.8.3365}) - Baidu Inc. - C:\Program Files (x86)\Baidu Security\PC App Store\3.14.8.3365\PCAppStoreSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8345 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 35826992
\??\C:\Windows\system32\conhost.exe
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-bee439b5-2af1-4a6e-b538-50966e85c6a5 -SystemEventPortName:HostProcess-0ba97ac8-1e4f-4101-8d91-01ec4ea90f2a -IoCancelEventPortName:HostProcess-7b359f7b-a19b-484d-b165-04e5861a94c9 -NonStateChangingEventPortName:HostProcess-6d4b47e7-362d-4ddf-8548-5b619d9145d9 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b6ce9459-7a27-4227-aa0c-020d09bf1300
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe"
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bavhm.exe"
\??\C:\Windows\system32\conhost.exe
"C:\Program Files (x86)\Baidu Security\PC App Store\3.14.8.3365\PCAppStoreSvc.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-863a5ce5-64fe-4183-9dd4-d2d1befd0ff4 -SystemEventPortName:HostProcess-25d34ac6-aff2-42e9-936d-e245c426538c -IoCancelEventPortName:HostProcess-b78397a9-88e6-471d-bc93-637c7c41909a -NonStateChangingEventPortName:HostProcess-6464d2a8-00d4-424f-b6cd-27f31f5b31fc -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:46ed76b1-43ab-4f34-8af0-36da6e6a0a92
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {DBC07918-A2ED-4338-8D5B-35C95F81C905}
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" /ELEVATED
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /auto
"C:\Program Files (x86)\Toshiba\TNROTATE\TNROTATE.exe"
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe" -auto
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe" /widget_scan
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"D:\DOWNLOADS\RSITX64.EXE"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Driver Booster Update.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2261480178-3759002727-2830324764-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2261480178-3759002727-2830324764-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2261480178-3759002727-2830324764-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2261480178-3759002727-2830324764-1000UA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Marlon Muniz\AppData\Roaming\Mozilla\Firefox\Profiles\sverali5.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2013-12-20 2486592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-12-10 1567016]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-10 606544]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2013-11-25 665408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-12-10 1567016]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-10 606544]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-12-21 13662936]
"IntelWireless"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2011-01-05 1933584]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2013-10-22 2777736]
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2013-10-22 3684488]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-02-03 2679592]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-12-20 172016]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-12-20 399856]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-12-20 442352]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-13 1475072]
"Advanced SystemCare 7"=C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2013-12-09 2285344]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TNRotate"=C:\Program Files (x86)\TOSHIBA\TNRotate\TNRotate.exe [2010-11-25 607688]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-12-10 3568312]
"Baidu PC Faster 4.0.0.0"=C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe -auto -start []
"Baidu Antivirus"=C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe [2013-12-19 935784]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-12-20 442880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BavSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=189
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=189
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-12-26 23:17:29 ----D---- C:\rsit
2013-12-26 23:17:29 ----D---- C:\Program Files\trend micro
2013-12-26 22:22:20 ----D---- C:\Users\Marlon Muniz\AppData\Roaming\vlc
2013-12-26 21:57:30 ----D---- C:\Users\Marlon Muniz\AppData\Roaming\Mozilla
2013-12-26 21:57:20 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-26 21:57:16 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-12-26 21:54:14 ----D---- C:\Users\Marlon Muniz\AppData\Roaming\AVAST Software
2013-12-26 21:54:14 ----D---- C:\Users\Marlon Muniz\AppData\Roaming\Adobe
2013-12-26 21:50:08 ----D---- C:\Users\Marlon Muniz\AppData\Roaming\Apple Computer
2013-12-26 21:44:06 ----D---- C:\Users\Marlon Muniz\AppData\Roaming\Real
2013-12-26 21:44:01 ----D---- C:\Users\Marlon Muniz\AppData\Roaming\Intel
2013-12-26 21:40:02 ----D---- C:\Users\Marlon Muniz\AppData\Roaming\IObit
2013-12-26 21:37:33 ----D---- C:\Baidu Security
2013-12-26 20:32:13 ----D---- C:\Program Files (x86)\baidu
2013-12-26 18:03:01 ----A---- C:\autoexec.bat
2013-12-26 18:02:23 ----D---- C:\ProgramData\Oracle
2013-12-26 18:02:13 ----D---- C:\ProgramData\Sun
2013-12-26 18:02:03 ----D---- C:\Program Files (x86)\Java
2013-12-26 17:59:37 ----D---- C:\Program Files\Enigma Software Group
2013-12-26 17:59:10 ----D---- C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2013-12-26 01:54:50 ----A---- C:\Archive.ini
2013-12-23 19:32:30 ----D---- C:\Program Files (x86)\RealNetworks
2013-12-21 23:44:32 ----D---- C:\Program Files (x86)\Adobe
2013-12-21 03:53:22 ----A---- C:\Windows\system32\Netwrw00.dll
2013-12-21 03:53:22 ----A---- C:\Windows\system32\drivers\NETwsw00.sys
2013-12-21 03:53:21 ----A---- C:\Windows\system32\Netwcw00.dll
2013-12-21 03:52:41 ----D---- C:\Windows\system32\SRSLabs
2013-12-21 03:52:29 ----A---- C:\Windows\system32\tosade.dll
2013-12-21 03:52:29 ----A---- C:\Windows\system32\tepeqapo64.dll
2013-12-21 03:52:29 ----A---- C:\Windows\system32\tadefxapo264.dll
2013-12-21 03:52:29 ----A---- C:\Windows\system32\tadefxapo.dll
2013-12-21 03:52:28 ----A---- C:\Windows\system32\RtPgEx64.dll
2013-12-21 03:52:28 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2013-12-21 03:52:28 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2013-12-21 03:52:28 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2013-12-21 03:52:27 ----A---- C:\Windows\system32\RtkAPO64.dll
2013-12-21 03:52:27 ----A---- C:\Windows\system32\RtkApi64.dll
2013-12-21 03:52:27 ----A---- C:\Windows\system32\RtDataProc64.dll
2013-12-21 03:52:27 ----A---- C:\Windows\system32\RTCOM64.dll
2013-12-21 03:52:27 ----A---- C:\Windows\system32\RCoInstII64.dll
2013-12-21 03:52:27 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2013-12-21 03:52:24 ----A---- C:\Windows\system32\FMAPO64.dll
2013-12-21 03:52:24 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-12-21 03:52:24 ----A---- C:\Windows\system32\AERTAR64.dll
2013-12-21 03:52:24 ----A---- C:\Windows\system32\AERTAC64.dll
2013-12-21 03:52:16 ----A---- C:\Windows\system32\drivers\HECIx64.sys
2013-12-21 03:51:41 ----A---- C:\Windows\system32\NicInstC.dll
2013-12-21 03:51:41 ----A---- C:\Windows\system32\e1cmsg.dll
2013-12-21 03:51:41 ----A---- C:\Windows\system32\drivers\e1c62x64.sys
2013-12-20 23:05:49 ----D---- C:\Program Files (x86)\Mozilla Firefox.bak
2013-12-20 22:56:51 ----D---- C:\Windows\system32\appmgmt
2013-12-20 22:15:00 ----A---- C:\Windows\SYSWOW64\IntelCpHeciSvc.exe
2013-12-20 22:15:00 ----A---- C:\Windows\SYSWOW64\iglhsip32.dll
2013-12-20 22:15:00 ----A---- C:\Windows\SYSWOW64\iglhcp32.dll
2013-12-20 22:15:00 ----A---- C:\Windows\system32\iglhsip64.dll
2013-12-20 22:15:00 ----A---- C:\Windows\system32\iglhcp64.dll
2013-12-20 22:15:00 ----A---- C:\Windows\system32\igfxtray.exe
2013-12-20 22:15:00 ----A---- C:\Windows\system32\igfxTMM.dll
2013-12-20 22:15:00 ----A---- C:\Windows\system32\igfxsrvc.exe
2013-12-20 22:15:00 ----A---- C:\Windows\system32\igfxCoIn_v3223.dll
2013-12-20 22:14:59 ----A---- C:\Windows\SYSWOW64\igfxexps32.dll
2013-12-20 22:14:59 ----A---- C:\Windows\SYSWOW64\igfxdv32.dll
2013-12-20 22:14:59 ----A---- C:\Windows\SYSWOW64\igfxcmrt32.dll
2013-12-20 22:14:59 ----A---- C:\Windows\system32\igfxpers.exe
2013-12-20 22:14:59 ----A---- C:\Windows\system32\igfxext.exe
2013-12-20 22:14:59 ----A---- C:\Windows\system32\igfxexps.dll
2013-12-20 22:14:59 ----A---- C:\Windows\system32\igfxdo.dll
2013-12-20 22:14:59 ----A---- C:\Windows\system32\IGFXDEVLib.dll
2013-12-20 22:14:59 ----A---- C:\Windows\system32\igfxdev.dll
2013-12-20 22:14:59 ----A---- C:\Windows\system32\igfxcmrt64.dll
2013-12-20 22:14:59 ----A---- C:\Windows\system32\igfxcmjit64.dll
2013-12-20 22:14:58 ----A---- C:\Windows\SYSWOW64\igfxcmjit32.dll
2013-12-20 22:14:58 ----A---- C:\Windows\SYSWOW64\igfx11cmrt32.dll
2013-12-20 22:14:58 ----A---- C:\Windows\system32\igfx11cmrt64.dll
2013-12-20 22:14:58 ----A---- C:\Windows\system32\drivers\igdkmd64.sys
2013-12-20 22:14:57 ----A---- C:\Windows\SYSWOW64\igdde32.dll
2013-12-20 22:14:57 ----A---- C:\Windows\system32\igdde64.dll
2013-12-20 22:14:56 ----A---- C:\Windows\SYSWOW64\igd10umd32.dll
2013-12-20 22:14:56 ----A---- C:\Windows\SYSWOW64\ig4icd32.dll
2013-12-20 22:14:56 ----A---- C:\Windows\system32\ig4icd64.dll
2013-12-20 22:14:56 ----A---- C:\Windows\system32\hkcmd.exe
2013-12-20 22:14:56 ----A---- C:\Windows\system32\GfxUI.exe
2013-12-20 22:14:56 ----A---- C:\Windows\system32\gfxSrvc.dll
2013-12-20 22:14:56 ----A---- C:\Windows\system32\difx64.exe
2013-12-20 19:22:16 ----A---- C:\Windows\system32\RegistryDefragBootTime.exe
2013-12-20 19:16:51 ----D---- C:\ProgramData\ProductData
2013-12-20 19:16:44 ----D---- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2013-12-20 19:16:42 ----D---- C:\ProgramData\IObit
2013-12-20 19:16:34 ----D---- C:\Program Files (x86)\IObit
2013-12-19 15:24:40 ----A---- C:\Windows\SYSWOW64\config.ini
2013-12-19 15:24:39 ----A---- C:\Windows\system32\drivers\Bprotect.sys
2013-12-19 15:24:39 ----A---- C:\Windows\system32\drivers\Bfmon.sys
2013-12-19 15:24:39 ----A---- C:\Windows\system32\drivers\Bfilter.sys
2013-12-16 00:27:19 ----D---- C:\Program Files\CCleaner
2013-12-11 15:17:20 ----D---- C:\Program Files (x86)\Google
2013-12-11 14:56:46 ----D---- C:\ProgramData\Log
2013-12-11 12:10:20 ----D---- C:\Windows\Minidump
2013-12-10 00:13:37 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys
2013-12-10 00:13:37 ----A---- C:\Windows\system32\drivers\aswNdis2.sys
2013-12-10 00:13:37 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2013-12-10 00:13:37 ----A---- C:\Windows\system32\drivers\aswFW.sys
2013-12-09 18:52:59 ----D---- C:\ProgramData\Baidu
2013-12-09 12:56:17 ----D---- C:\fedbe5c655dd9936467dbd203581f6
2013-12-09 01:20:08 ----D---- C:\ProgramData\McAfee
2013-12-09 01:20:06 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-12-09 01:20:04 ----D---- C:\Windows\system32\Macromed
2013-12-09 01:10:50 ----D---- C:\ProgramData\Real
2013-12-09 01:10:50 ----D---- C:\Program Files (x86)\Real
2013-12-09 00:21:21 ----D---- C:\Program Files (x86)\Microsoft.NET
2013-12-08 19:45:29 ----D---- C:\Windows\system32\MRT
2013-12-08 19:45:26 ----A---- C:\Windows\system32\MRT.exe
2013-12-08 19:08:18 ----D---- C:\Windows\Panther
2013-12-08 17:38:34 ----D---- C:\ProgramData\Mozilla
2013-12-08 17:06:08 ----D---- C:\ProgramData\Spyware Terminator
2013-12-08 17:06:08 ----A---- C:\Windows\system32\drivers\stflt.sys
2013-12-08 17:06:06 ----D---- C:\Program Files (x86)\Spyware Terminator
2013-12-08 16:50:06 ----D---- C:\Users\Marlon Muniz\AppData\Roaming\Baidu Security
2013-12-08 16:50:05 ----A---- C:\Windows\system32\drivers\BprotectEx.sys
2013-12-08 16:48:18 ----D---- C:\ProgramData\Baidu Security
2013-12-08 16:48:18 ----D---- C:\Program Files (x86)\Baidu Security
2013-12-08 16:45:26 ----D---- C:\ProgramData\Malwarebytes
2013-12-08 16:45:26 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-12-08 16:45:25 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-08 16:43:13 ----D---- C:\Program Files\CPUID
2013-12-08 16:41:50 ----D---- C:\Program Files (x86)\VideoLAN
2013-12-08 15:20:28 ----RD---- C:\Program Files (x86)\Skype
2013-12-08 15:20:18 ----D---- C:\ProgramData\Skype
2013-12-08 15:20:10 ----N---- C:\Windows\system32\MpSigStub.exe
2013-12-08 15:16:13 ----A---- C:\Windows\system32\drivers\aswSP.sys
2013-12-08 15:16:13 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2013-12-08 15:16:12 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-12-08 15:16:12 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2013-12-08 15:16:12 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2013-12-08 15:16:12 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-12-08 15:16:12 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2013-12-08 15:16:12 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2013-12-08 15:16:12 ----A---- C:\Windows\system32\aswBoot.exe
2013-12-08 15:15:57 ----A---- C:\Windows\avastSS.scr
2013-12-08 15:15:46 ----D---- C:\Program Files\AVAST Software
2013-12-08 15:15:12 ----D---- C:\ProgramData\AVAST Software
2013-12-08 15:00:34 ----D---- C:\Windows\SYSWOW64\Macromed
2013-12-08 14:58:50 ----D---- C:\ProgramData\Adobe
2013-12-08 14:51:05 ----A---- C:\Windows\system32\wups2.dll
2013-12-08 14:51:05 ----A---- C:\Windows\system32\wucltux.dll
2013-12-08 14:51:05 ----A---- C:\Windows\system32\wuaueng.dll
2013-12-08 14:51:05 ----A---- C:\Windows\system32\wuauclt.exe
2013-12-08 14:51:04 ----A---- C:\Windows\system32\wups.dll
2013-12-08 14:51:04 ----A---- C:\Windows\system32\wudriver.dll
2013-12-08 14:51:04 ----A---- C:\Windows\system32\wuapi.dll
2013-12-08 14:51:03 ----A---- C:\Windows\system32\wuwebv.dll
2013-12-08 14:51:03 ----A---- C:\Windows\system32\wuapp.exe
2013-12-08 14:27:14 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2013-12-08 14:27:14 ----A---- C:\Windows\system32\psisdecd.dll
2013-12-08 13:51:19 ----D---- C:\Program Files (x86)\Renesas Electronics
2013-12-08 13:50:59 ----D---- C:\ProgramData\Downloaded Installations
2013-12-08 13:50:30 ----D---- C:\Program Files\Synaptics
2013-12-08 13:46:16 ----D---- C:\ProgramData\TOSHIBA
2013-12-08 13:37:48 ----A---- C:\Windows\system32\SET4F02.tmp
2013-12-08 13:37:48 ----A---- C:\Windows\system32\SET4E35.tmp
2013-12-08 13:37:48 ----A---- C:\Windows\system32\RCoRes64.dat
2013-12-08 13:35:05 ----D---- C:\Program Files (x86)\Toshiba
2013-12-08 13:34:39 ----D---- C:\Program Files (x86)\TOSHIBA Corporation
2013-12-08 13:33:40 ----D---- C:\ProgramData\Roaming
2013-12-08 13:32:47 ----D---- C:\ProgramData\Intel
2013-12-08 13:32:47 ----D---- C:\Program Files\Intel
2013-12-08 13:32:47 ----D---- C:\Program Files (x86)\Cisco
2013-12-08 13:31:50 ----A---- C:\Windows\system32\drivers\iaStor.sys
2013-12-08 13:25:01 ----SHD---- C:\Windows\Installer
2013-12-08 13:23:05 ----D---- C:\Program Files (x86)\WinRAR
2013-12-08 13:20:46 ----A---- C:\Windows\system32\PROUnstl.exe
2013-12-08 13:20:42 ----D---- C:\Program Files\TOSHIBA
2013-12-08 13:20:42 ----A---- C:\Windows\system32\NicCo36.dll
2013-12-08 13:19:44 ----D---- C:\Windows\SYSWOW64\sda
2013-12-08 13:19:44 ----D---- C:\Program Files (x86)\Ricoh
2013-12-08 13:19:44 ----A---- C:\Windows\system32\RiSDIcon.dll
2013-12-08 13:19:44 ----A---- C:\Windows\system32\RiMMCIcon.dll
2013-12-08 13:19:44 ----A---- C:\Windows\system32\drivers\risdxc64.sys
2013-12-08 13:18:33 ----D---- C:\Windows\SYSWOW64\RTCOM
2013-12-08 13:18:33 ----D---- C:\Program Files\Realtek
2013-12-08 13:18:27 ----A---- C:\Windows\system32\drivers\RTKHDRC2.dat
2013-12-08 13:18:27 ----A---- C:\Windows\system32\drivers\RTKHDRC1.dat
2013-12-08 13:18:27 ----A---- C:\Windows\system32\drivers\RTKHDRC0.dat
2013-12-08 13:18:27 ----A---- C:\Windows\system32\drivers\rtkhdaud.dat
2013-12-08 13:18:27 ----A---- C:\Windows\system32\drivers\RTEQEX2.dat
2013-12-08 13:18:27 ----A---- C:\Windows\system32\drivers\RTEQEX1.dat
2013-12-08 13:18:27 ----A---- C:\Windows\system32\drivers\RTEQEX0.dat
2013-12-08 13:18:26 ----A---- C:\Windows\SYSWOW64\SFCOM.dll
2013-12-08 13:18:26 ----A---- C:\Windows\system32\WavesGUILib.dll
2013-12-08 13:18:26 ----A---- C:\Windows\system32\SRSWOW64.dll
2013-12-08 13:18:26 ----A---- C:\Windows\system32\SRSTSX64.dll
2013-12-08 13:18:26 ----A---- C:\Windows\system32\SRSTSH64.dll
2013-12-08 13:18:26 ----A---- C:\Windows\system32\SRSHP64.dll
2013-12-08 13:18:26 ----A---- C:\Windows\system32\SFSS_APO.dll
2013-12-08 13:18:26 ----A---- C:\Windows\system32\SFNHK64.dll
2013-12-08 13:18:26 ----A---- C:\Windows\system32\SFCOM64.dll
2013-12-08 13:18:26 ----A---- C:\Windows\system32\SFAPO64.dll
2013-12-08 13:18:26 ----A---- C:\Windows\system32\RtkCfg64.dll
2013-12-08 13:18:26 ----A---- C:\Windows\system32\RTEEP64A.dll
2013-12-08 13:18:26 ----A---- C:\Windows\system32\RTEEL64A.dll
2013-12-08 13:18:26 ----A---- C:\Windows\system32\RTEEG64A.dll
2013-12-08 13:18:26 ----A---- C:\Windows\system32\RTEED64A.dll
2013-12-08 13:18:26 ----A---- C:\Windows\system32\RP3DHT64.dll
2013-12-08 13:18:26 ----A---- C:\Windows\system32\RP3DAA64.dll
2013-12-08 13:18:25 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-12-08 13:18:25 ----D---- C:\Program Files (x86)\Realtek
2013-12-08 13:18:25 ----A---- C:\Windows\system32\RCoInst64.dll
2013-12-08 13:18:25 ----A---- C:\Windows\system32\R4EEP64A.dll
2013-12-08 13:18:25 ----A---- C:\Windows\system32\R4EEL64A.dll
2013-12-08 13:18:25 ----A---- C:\Windows\system32\R4EEG64A.dll
2013-12-08 13:18:25 ----A---- C:\Windows\system32\R4EED64A.dll
2013-12-08 13:18:25 ----A---- C:\Windows\system32\R4EEA64A.dll
2013-12-08 13:18:25 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-12-08 13:18:25 ----A---- C:\Windows\system32\MaxxAudioRealtek.dll
2013-12-08 13:18:25 ----A---- C:\Windows\system32\MaxxAudioEQ.dll
2013-12-08 13:18:25 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2013-12-08 13:18:25 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2013-12-08 13:18:25 ----A---- C:\Windows\system32\DTSVoiceClarityDLL64.dll
2013-12-08 13:18:25 ----A---- C:\Windows\system32\DTSSymmetryDLL64.dll
2013-12-08 13:18:25 ----A---- C:\Windows\system32\DTSS2SpeakerDLL64.dll
2013-12-08 13:18:25 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2013-12-08 13:18:25 ----A---- C:\Windows\system32\DTSNeoPCDLL64.dll
2013-12-08 13:18:25 ----A---- C:\Windows\system32\DTSLimiterDLL64.dll
2013-12-08 13:18:25 ----A---- C:\Windows\system32\DTSLFXAPO64.dll
2013-12-08 13:18:25 ----A---- C:\Windows\system32\DTSGFXAPONS64.dll
2013-12-08 13:18:25 ----A---- C:\Windows\system32\DTSGFXAPO64.dll
2013-12-08 13:18:25 ----A---- C:\Windows\system32\DTSGainCompensatorDLL64.dll
2013-12-08 13:18:25 ----A---- C:\Windows\system32\DTSBoostDLL64.dll
2013-12-08 13:18:25 ----A---- C:\Windows\system32\DTSBassEnhancementDLL64.dll
2013-12-08 13:18:20 ----HD---- C:\Program Files (x86)\Temp
2013-12-08 13:18:20 ----A---- C:\Windows\RtlExUpd.dll
2013-12-08 13:17:14 ----D---- C:\Program Files\Common Files\Intel
2013-12-08 13:17:14 ----D---- C:\Program Files (x86)\Intel
2013-12-08 13:16:44 ----D---- C:\Intel
2013-12-08 13:14:37 ----SD---- C:\Users\Marlon Muniz\AppData\Roaming\Microsoft
2013-12-08 13:14:34 ----SHD---- C:\Recovery
2013-12-08 13:14:34 ----SHD---- C:\ProgramData\Modelos
2013-12-08 13:14:34 ----SHD---- C:\ProgramData\Menu Iniciar
2013-12-08 13:14:34 ----SHD---- C:\ProgramData\Favoritos
2013-12-08 13:14:34 ----SHD---- C:\ProgramData\Documentos
2013-12-08 13:14:34 ----SHD---- C:\ProgramData\Dados de aplicativos
2013-12-08 13:14:34 ----SHD---- C:\Program Files\Common Files\Sistema
2013-12-08 13:14:34 ----SHD---- C:\Program Files\Arquivos Comuns
2013-12-08 13:14:34 ----SHD---- C:\Arquivos de Programas
2013-12-08 13:14:32 ----D---- C:\Windows\SoftwareDistribution
2013-12-08 13:09:01 ----D---- C:\Windows\Prefetch
2013-12-08 13:08:57 ----ASH---- C:\pagefile.sys
2013-12-08 13:08:54 ----SHD---- C:\System Volume Information
2013-12-08 13:08:54 ----ASH---- C:\hiberfil.sys
======List of files/folders modified in the last 1 month======
2013-12-26 23:17:36 ----D---- C:\Windows\Temp
2013-12-26 23:17:29 ----RD---- C:\Program Files
2013-12-26 22:50:49 ----HD---- C:\ProgramData
2013-12-26 22:50:49 ----D---- C:\Windows\SysWOW64
2013-12-26 22:50:39 ----D---- C:\Program Files (x86)\Common Files
2013-12-26 22:18:47 ----D---- C:\Windows\System32
2013-12-26 22:18:47 ----D---- C:\Windows\inf
2013-12-26 22:18:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-26 22:14:19 ----D---- C:\Windows
2013-12-26 22:14:17 ----D---- C:\Windows\system32\config
2013-12-26 22:08:13 ----RD---- C:\Program Files (x86)
2013-12-26 21:57:21 ----RD---- C:\Users
2013-12-26 21:55:55 ----D---- C:\Windows\system32\catroot2
2013-12-26 21:54:12 ----D---- C:\Windows\LiveKernelReports
2013-12-26 21:48:53 ----D---- C:\Windows\system32\Tasks
2013-12-26 20:32:20 ----D---- C:\Windows\SYSWOW64\wdi
2013-12-26 19:14:38 ----D---- C:\Windows\debug
2013-12-26 18:50:23 ----D---- C:\Windows\system32\wdi
2013-12-23 02:52:18 ----SHD---- C:\$Recycle.Bin
2013-12-21 23:17:35 ----D---- C:\Windows\system32\drivers
2013-12-21 03:53:29 ----D---- C:\Windows\system32\DriverStore
2013-12-21 03:53:29 ----D---- C:\Windows\system32\catroot
2013-12-20 22:56:16 ----D---- C:\Windows\Tasks
2013-12-20 22:15:00 ----A---- C:\Windows\system32\igfxsrvc.dll
2013-12-20 22:14:59 ----A---- C:\Windows\system32\igfxress.dll
2013-12-20 22:14:59 ----A---- C:\Windows\system32\igfxpph.dll
2013-12-20 22:14:58 ----A---- C:\Windows\SYSWOW64\igdumd32.dll
2013-12-20 22:14:58 ----A---- C:\Windows\system32\igdumd64.dll
2013-12-20 22:14:57 ----A---- C:\Windows\system32\igd10umd64.dll
2013-12-20 22:14:56 ----A---- C:\Windows\system32\hccutils.dll
2013-12-19 15:24:07 ----RSD---- C:\Windows\Fonts
2013-12-17 16:37:02 ----D---- C:\Windows\system32\drivers\UMDF
2013-12-17 15:51:44 ----RSD---- C:\Windows\assembly
2013-12-10 00:32:57 ----D---- C:\Windows\winsxs
2013-12-09 19:11:20 ----D---- C:\Windows\system32\LogFiles
2013-12-09 00:22:00 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-12-09 00:22:00 ----D---- C:\Windows\system32\pt-BR
2013-12-09 00:21:31 ----D---- C:\Windows\Microsoft.NET
2013-12-09 00:21:22 ----D---- C:\Windows\SYSWOW64\en-US
2013-12-09 00:21:22 ----D---- C:\Windows\system32\en-US
2013-12-08 16:50:25 ----HD---- C:\Windows\system32\GroupPolicy
2013-12-08 16:50:25 ----D---- C:\Windows\SYSWOW64\GroupPolicy
2013-12-08 16:21:51 ----D---- C:\Windows\ehome
2013-12-08 14:19:18 ----D---- C:\Windows\system32\wbem
2013-12-08 14:18:48 ----D---- C:\Windows\SYSWOW64\wbem
2013-12-08 14:18:48 ----D---- C:\Windows\system32\wfp
2013-12-08 14:18:48 ----D---- C:\Windows\system32\drivers\etc
2013-12-08 14:18:48 ----D---- C:\Windows\PolicyDefinitions
2013-12-08 14:18:48 ----D---- C:\Program Files\Windows Mail
2013-12-08 14:18:48 ----D---- C:\Program Files\Common Files\System
2013-12-08 14:18:48 ----D---- C:\Program Files\Common Files\Services
2013-12-08 14:18:48 ----D---- C:\Program Files (x86)\Windows Mail
2013-12-08 14:18:39 ----D---- C:\Windows\system32\CodeIntegrity
2013-12-08 14:18:39 ----D---- C:\Windows\security
2013-12-08 14:18:32 ----D---- C:\Windows\registration
2013-12-08 14:17:59 ----SD---- C:\ProgramData\Microsoft
2013-12-08 14:13:41 ----D---- C:\Windows\Logs
2013-12-08 13:19:40 ----D---- C:\Windows\system32\restore
2013-12-08 13:17:14 ----D---- C:\Program Files\Common Files
2013-12-08 13:14:34 ----D---- C:\Program Files\Windows NT
2013-12-08 13:14:33 ----D---- C:\Windows\rescache
2013-12-08 13:09:59 ----D---- C:\Windows\system32\sysprep
2013-12-08 13:09:03 ----D---- C:\Windows\CSC
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-12-10 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-12-10 205320]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-01-12 439320]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-13 214096]
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\Windows\system32\DRIVERS\tos_sps64.sys [2009-06-24 482384]
R1 aswKbd;aswKbd; \??\C:\Windows\system32\drivers\aswKbd.sys [2013-12-10 28184]
R1 aswNdisFlt;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2013-12-10 447888]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-12-10 92544]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2013-12-10 1032416]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2013-12-10 409832]
R1 aswTdi;aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys [2013-12-10 65264]
R1 Bfilter;Baidu Antivirus Minifilter Driver; \??\C:\Windows\System32\drivers\Bfilter.sys [2013-12-17 52032]
R1 Bfmon;Baidu FS Monitor Driver; \??\C:\Windows\System32\drivers\Bfmon.sys [2013-12-17 34624]
R1 Bprotect;Baidu Protect; \??\C:\Windows\System32\drivers\Bprotect.sys [2013-12-18 128448]
R1 BprotectEx;Baidu ProtectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [2013-12-18 83264]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-13 514048]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-13 59904]
R2 aswFsBlk;aswFsBlk; \??\C:\Windows\system32\drivers\aswFsBlk.sys [2013-12-10 38984]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-12-10 84328]
R2 risdxc;risdxc; C:\Windows\system32\DRIVERS\risdxc64.sys [2011-05-25 101888]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2013-12-08 51496]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2013-12-21 494864]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-12-20 5361920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-12-21 3707864]
R3 IntcDAud;Áudio do vídeo Intel(R); C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-08-23 317440]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-12-21 64624]
R3 NETwNs64;___ Driver do adaptador Intel(R) Wireless WiFi Link Série 5000 para Windows 7 64 bits; C:\Windows\system32\DRIVERS\NETwsw00.sys [2013-12-21 11530992]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-02-03 1413680]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-13 38400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-13 17920]
R3 WinUsb;Driver WinUSB; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-07-13 40448]
S3 BdApiUtil;BdApiUtil; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys [2013-11-27 135904]
S3 BdCameraProtect;BdCameraProtect; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys [2013-12-17 22016]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-13 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-13 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-13 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-13 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-13 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-13 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-12-09 881440]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-10 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2013-12-10 116776]
R2 BAVSvc;Baidu Antivirus Service; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe [2013-12-19 1921328]
R2 BHipsSvc;Baidu Hips Service; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe [2013-12-19 456856]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-01-05 1515792]
R2 PCAppStoreSvc_{PCAppStore_3.14.8.3365};Baidu PC App Store Service 3.14.8.3365; C:\Program Files (x86)\Baidu Security\PC App Store\3.14.8.3365\PCAppStoreSvc.exe [2013-11-29 563744]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-01-05 836880]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-12-21 289496]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2013-10-22 1149104]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Serviço do Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-11 116648]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-26 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-13 27136]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-12-20 279024]
S3 gupdatem;Serviço do Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-11 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-05 119408]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-01-05 340240]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-13 27136]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-13 27136]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-13 27136]
-----------------EOF-----------------
Marlon Muniz- Iniciante
- Mensagens : 19
Reputação : 0
Data de inscrição : 26/12/2013
Idade : 32
Re: Não consigo remover o LinkBucks
por Wings [In Memoriam] Qui 26 Dez 2013, 23:36
Vá em Adicionar/Remover Programas e desinstale tudo referente ao Baidu (Baidu Security e Baidu Antivirus) Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Xplode) e salve-o no Desktop (Área de Trabalho)*Salve qualquer trabalho aberto e feche o seu navegador
*Execute-o, clique [Examinar] e aguarde o término
*Clique [Limpar] e aguarde o término
*Caso seja solicitada a reinicialização do PC, clique [OK] para reiniciar.
*Cole o relatório C:\AdwCleaner\AdwCleaner[S0].txt
Wings [In Memoriam]- Moderador
- Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ -
Re: Não consigo remover o LinkBucks
por Marlon Muniz Qui 26 Dez 2013, 23:48
E agora o que eu faço?
Sufixo DNS específico à conexão:
Endereço Físico: 88-53-2E-61-2D-71
DHCP Ativado: Sim
Endereço IPv4: 192.168.0.101
Máscara de Sub-rede IPv4: 255.255.255.0
Gateway Padrão IPv4: 192.168.0.1
Servidor DHCP IPv4: 192.168.0.1
Servidor DNS IPv4: 192.168.0.1
Servidor WINS IPv4:
NetBIOS sobre Tcpip Habilitado: Sim
Endereço IPv6 link-local: fe80::a4c8:8f20:25cc:ff35%12
Gateway Padrão IPv6:
Servidor DNS IPv6:
Sufixo DNS específico à conexão:
Endereço Físico: 88-53-2E-61-2D-71
DHCP Ativado: Sim
Endereço IPv4: 192.168.0.101
Máscara de Sub-rede IPv4: 255.255.255.0
Gateway Padrão IPv4: 192.168.0.1
Servidor DHCP IPv4: 192.168.0.1
Servidor DNS IPv4: 192.168.0.1
Servidor WINS IPv4:
NetBIOS sobre Tcpip Habilitado: Sim
Endereço IPv6 link-local: fe80::a4c8:8f20:25cc:ff35%12
Gateway Padrão IPv6:
Servidor DNS IPv6:
Marlon Muniz- Iniciante
- Mensagens : 19
Reputação : 0
Data de inscrição : 26/12/2013
Idade : 32
Re: Não consigo remover o LinkBucks
por Wings [In Memoriam] Qui 26 Dez 2013, 23:58
Faça os procedimentos que solicitei acima.
Wings [In Memoriam]- Moderador
- Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ -
Re: Não consigo remover o LinkBucks
por Marlon Muniz Sex 27 Dez 2013, 00:03
# AdwCleaner v3.016 - Relatório criado 26/12/2013 às 23:59:50
# Atualizado 23/12/2013 por Xplode
# Sistema Operacional : Windows 7 Ultimate (64 bits)
# Usuário : Marlon Muniz - NOTE-PORTEGE
# Executando de : D:\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
[!] Pasta Deletada : C:\ProgramData\baidu
[!] Pasta Deletada : C:\Program Files (x86)\baidu
[!] Pasta Deletada : C:\Program Files (x86)\Common Files\Spigot
[!] Pasta Deletada : C:\Users\Marlon Muniz\AppData\Roaming\baidu
Arquivo Deletada : C:\Users\Marlon Muniz\AppData\Roaming\Mozilla\Firefox\Profiles\sverali5.default\user.js
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_advanced-systemcare_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_advanced-systemcare_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\AppDataLow\Software\Search Settings
***** [ Navegadores ] *****
-\\ Internet Explorer v8.0.7600.16385
-\\ Mozilla Firefox v26.0 (pt-BR)
[ Arquivo : C:\Users\Marlon Muniz\AppData\Roaming\Mozilla\Firefox\Profiles\sverali5.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [2819 octets] - [26/12/2013 23:58:09]
AdwCleaner[S0].txt - [2660 octets] - [26/12/2013 23:59:50]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2720 octets] ##########
# Atualizado 23/12/2013 por Xplode
# Sistema Operacional : Windows 7 Ultimate (64 bits)
# Usuário : Marlon Muniz - NOTE-PORTEGE
# Executando de : D:\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
[!] Pasta Deletada : C:\ProgramData\baidu
[!] Pasta Deletada : C:\Program Files (x86)\baidu
[!] Pasta Deletada : C:\Program Files (x86)\Common Files\Spigot
[!] Pasta Deletada : C:\Users\Marlon Muniz\AppData\Roaming\baidu
Arquivo Deletada : C:\Users\Marlon Muniz\AppData\Roaming\Mozilla\Firefox\Profiles\sverali5.default\user.js
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_advanced-systemcare_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_advanced-systemcare_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\AppDataLow\Software\Search Settings
***** [ Navegadores ] *****
-\\ Internet Explorer v8.0.7600.16385
-\\ Mozilla Firefox v26.0 (pt-BR)
[ Arquivo : C:\Users\Marlon Muniz\AppData\Roaming\Mozilla\Firefox\Profiles\sverali5.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [2819 octets] - [26/12/2013 23:58:09]
AdwCleaner[S0].txt - [2660 octets] - [26/12/2013 23:59:50]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2720 octets] ##########
Marlon Muniz- Iniciante
- Mensagens : 19
Reputação : 0
Data de inscrição : 26/12/2013
Idade : 32
Re: Não consigo remover o LinkBucks
por Wings [In Memoriam] Sex 27 Dez 2013, 00:06
Abra o Firefox, clique Ajuda > Dados para suporte > [Restaurar o Firefox] > [Restaurar o Firefox]*Reinicie o Firefox e clique [Concluir]
Abra o Internet Explorer*Clique Ferramentas > Opções da Internet > Avançadas
*Clique [Redefinir...]
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Selecione Excluir configurações pessoais e clique [Redefinir]
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Reinicie o PC
Caso use o Google Chrome
Abra o Google Chrome*Copie e cole na barra de endereços: chrome://settings/resetProfileSettings
*Tecle [ENTER] e clique [Redefinir]
Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Smeenk)*Extraia o arquivo Zoek.exe para o Desktop (Área de Trabalho)
*Clique com o botão direito do mouse no Zoek e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Copie e cole as linhas em marrom no espaço do Zoek
Bfilter;s
Bfmon;s
Bprotect;s
BprotectEx;s
BdApiUtil;s
BdCameraProtect;s
BAVSvc;s
BHipsSvc;s
PCAppStoreSvc_;s
ipconfig /flushdns >> %temp%\log.txt;b
*Feche o seu navegador e clique [Run Script]
*Durante o scan a mensagem abaixo será apresentada. Aguarde o término...pode demorar!
Zoek.exe is running now.
Do not start any browser windows, they will be closed automatically.
Please wait! This window will close when finished.
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
*Caso a reinicialização do PC seja solicitada, clique [OK]
*Cole ou anexe o relatório C:\zoek-results.txt
Wings [In Memoriam]- Moderador
- Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ -
Re: Não consigo remover o LinkBucks
por Marlon Muniz Sex 27 Dez 2013, 00:33
Desculpa a demora mais isso é complicado, e obrigado pela paciência
Zoek.exe v5.0.0.0 Updated 23-December-2013
Tool run by Marlon Muniz on 27/12/2013 at 0:28:36,70.
Microsoft Windows 7 Ultimate 6.1.7600 x64
Running in: Normal Mode Internet Access Detected
Launched: D:\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
27/12/2013 00:30:02 Zoek.exe System Restore Point Created Succesfully.
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BprotectEx deleted successfully
==== Batch Command(s) Run By Tool======================
Configura‡Æo de IP do Windows
Libera‡Æo do Cache do DNS Resolver bem-sucedida.
==== C:\zoek_backup content ======================
C:\zoek_backup (files=0 folders=0 0 bytes)
==== EOF on 27/12/2013 at 0:30:28,49 ======================
Zoek.exe v5.0.0.0 Updated 23-December-2013
Tool run by Marlon Muniz on 27/12/2013 at 0:28:36,70.
Microsoft Windows 7 Ultimate 6.1.7600 x64
Running in: Normal Mode Internet Access Detected
Launched: D:\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
27/12/2013 00:30:02 Zoek.exe System Restore Point Created Succesfully.
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BprotectEx deleted successfully
==== Batch Command(s) Run By Tool======================
Configura‡Æo de IP do Windows
Libera‡Æo do Cache do DNS Resolver bem-sucedida.
==== C:\zoek_backup content ======================
C:\zoek_backup (files=0 folders=0 0 bytes)
==== EOF on 27/12/2013 at 0:30:28,49 ======================
Marlon Muniz- Iniciante
- Mensagens : 19
Reputação : 0
Data de inscrição : 26/12/2013
Idade : 32
Re: Não consigo remover o LinkBucks
por Wings [In Memoriam] Sex 27 Dez 2013, 00:43
Baixe o programa do link:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Extraia o seu conteúdo, execute-o e clique [Open DNS Family]
*Não feche o programa!
*Feche o seu navegador e abra-o novamente.
Informe se ainda há redirecionamento
Wings [In Memoriam]- Moderador
- Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ -
Re: Não consigo remover o LinkBucks
por Marlon Muniz Sex 27 Dez 2013, 00:55
ainda continua a mesma coisa exemplo
Sempre que eu vou lhe responder clico em "Responder" ai abre assim no navegador
"http://879d711f.theseblogs.com/url/http://www.forumpcbrasil.com/post?t=1290&mode=reply"
ai pra mim poder liberar eu tenho que tirar "http://879d711f.theseblogs.com/url/"
pra ficar assim "http://www.forumpcbrasil.com/post?t=1290&mode=reply" para poder liberar a pagina e por ai vai
Sempre que eu vou lhe responder clico em "Responder" ai abre assim no navegador
"http://879d711f.theseblogs.com/url/http://www.forumpcbrasil.com/post?t=1290&mode=reply"
ai pra mim poder liberar eu tenho que tirar "http://879d711f.theseblogs.com/url/"
pra ficar assim "http://www.forumpcbrasil.com/post?t=1290&mode=reply" para poder liberar a pagina e por ai vai
Marlon Muniz- Iniciante
- Mensagens : 19
Reputação : 0
Data de inscrição : 26/12/2013
Idade : 32
Página 1 de 2 • 1, 2
Tópicos semelhantes» Remover Linkbucks
» Como remover LinkBucks?
» Como remover o Linkbucks?
» Como remover Linkbucks
» Como remover LinkBucks?
» Como remover LinkBucks?
» Como remover o Linkbucks?
» Como remover Linkbucks
» Como remover LinkBucks?
Página 1 de 2
Permissões neste sub-fórum
Não podes responder a tópicos|
|
|