Muitos virus no PC

por alexgatti Sex 10 Jan 2014, 11:05

Queria ver se vcs poderiam me ajudar a limpar todo meu PC é q ta com muitos vírus.. Só que eu não queria formatar.. Porque to meio sem grana agora... Ele chega de abrir um monte de pagina da web quando eu abro 1.. Se vcs puderem me ajudar fico agradecido..Ta atrapalhando até a Net por causa de vírus ta lenta prakas... Obrigado pela atenção..

por **Power Max** Sex 10 Jan 2014, 11:18

Olá alexgatti

virus - Muitos virus no PC 772309

Faça o download do [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].

*Execute-o e clique no botão Main Menu.

* Na próxima tela que surgirá clique em [Do a system scan and save a logfile].

*Um relatório será apresentado.

*Selecione todo o conteúdo deste relatório e copie (Ctrl+c).

Depois disso é só voltar aqui no fórum e postar este log do Hijackthis para que ele possa ser analisado.

Ficamos no aguardo de sua resposta.

por alexgatti Sex 10 Jan 2014, 11:37

Obrigado por responder tão rápido.. Esta ai o anexo.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:30:57, on 10/01/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Program Files (x86)\DU Meter\DUMeter.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\win7\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: CrossriderApp0049010 - {11111111-1111-1111-1111-110411901110} - C:\Program Files (x86)\Feven 2.1\Feven 2.1-bho.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: kasimos - {5ac27450-e081-486f-b70c-e7b630d449d0} - C:\Program Files (x86)\kasimos\kasimosbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\win7\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Intel AppUp(R) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [Intel AppUp(R) center Systray] "C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.exe" --domain F0399437-FD0C-4A48-B101-F0314A6172E4 --openmode trayicon
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\win7\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DU Meter] C:\Program Files (x86)\DU Meter\DUMeter.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm
O8 - Extra context menu item: &Enviar para o OneNote - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: &Verify with DAP - C:\Program Files (x86)\DAP\dapverify.htm
O8 - Extra context menu item: Baixar com Mipony - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files (x86)\MiPony\Browser\IEContext.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm
O8 - Extra context menu item: Download all links by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm
O8 - Extra context menu item: Download all videos by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetallflvurl.htm
O8 - Extra context menu item: Download by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgeturl.htm
O8 - Extra context menu item: Download current video by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetflvurl.htm
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: Fazer o download de todos os links usando o IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Fazer o download usando o IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone
O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd - C:\Program Files (x86)\DU Meter\DUMeterSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SpeedBit Update (SBUpd) - Speedbit Ltd. - C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10102 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update kasimos - Unknown owner - C:\Program Files (x86)\kasimos\updatekasimos.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wpm Service (Wpm) - Cherished Technololgy LIMITED - C:\ProgramData\WPM\wprotectmanager.exe

--
End of file - 15861 bytes

por **Power Max** Sex 10 Jan 2014, 11:47

Siga, por gentileza, as dicas dos tutoriais abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste, por gentileza, o log do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt e o log do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt.

Ficamos na espera.

por alexgatti Sex 10 Jan 2014, 12:26

Desculpa a demora.. É que demorou para terminar o procedimento.. Não coube O log.. estou mandando o anexo.. Se tiver problema é só dar um toque...

por **Admin** Sex 10 Jan 2014, 12:29

Vários problemas foram removidos.

virus - Muitos virus no PC 772309

Siga também esta dica, por gentileza:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Depois disto é só você postar o relatório do Zoek que estará em C:\zoek-results aqui em seu tópico.

Ficamos no aguardo.

por alexgatti Sex 10 Jan 2014, 13:03

Desculpa a demora novamente, mas está aí o relatório:

Zoek.exe v5.0.0.0 Updated 09-Januari-2014
Tool run by win7 on 10/01/2014 at 12:34:06,17.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\win7\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

10/01/2014 12:37:11 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2269665829-4121650117-2178698581-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully
HKEY_USERS\S-1-5-21-2269665829-4121650117-2178698581-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully
HKEY_USERS\S-1-5-21-2269665829-4121650117-2178698581-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AC27450-E081-486F-B70C-E7B630D449D0} deleted successfully
HKEY_USERS\S-1-5-21-2269665829-4121650117-2178698581-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5AC27450-E081-486F-B70C-E7B630D449D0} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110411111133} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411111133} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311961176} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311961176} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

ProfilePath: C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\d6lmg84l.default-1388631553074

user.js not found
---- Lines speedbit modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Program Files\\\\AVAST So
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 3);
---- FireFox user.js and prefs.js backups ----

prefs_012014_1250_.backup

ProfilePath: C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_012014_1250_.backup

==== Deleting Files \ Folders ======================

C:\Users\win7\AppData\Local\genienext deleted
C:\Users\win7\daemonprocess.txt deleted
C:\Users\win7\.android deleted
C:\Program Files\Uninstaller deleted
C:\Program Files\Common Files\SpeedBit deleted
C:\Users\win7\AppData\Roaming\newnext.me deleted
C:\Users\win7\AppData\Roaming\Unitech LLC deleted
C:\ProgramData\SpeedBit deleted
C:\Users\wangjihua\AppData\Local\Mobogenie deleted
C:\Users\win7\AppData\Local\cache deleted
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager deleted
C:\windows\SysNative\Tasks\SomotoUpdateCheckerAutoStart deleted
C:\Users\win7\Downloads\ilivid-4002466-32-bits.exe deleted
C:\Users\win7\Downloads\rcpsetupst_RC1_BR_F_1.exe deleted
C:\Users\win7\AppData\LocalLow\Unitech LLC deleted
C:\windows\SysNative\tasks\Baidu PC Faster Update deleted
C:\Users\wangjihua deleted
C:\Windows\Syswow64\InstallUtil.InstallLog deleted
C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\firefox@kasimos.net.xpi deleted
C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\staged deleted
"C:\PROGRA~2\Internet Download Manager\IDMNetMon64.dll" deleted
"C:\PROGRA~2\Internet Download Manager\IDMShellExt64.dll" deleted
"C:\PROGRA~2\Internet Download Manager" not deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"daplinkchecker@speedbit.com"="C:\Program Files (x86)\DAP\daplinkchecker" [26/11/2013 01:30]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"mozilla_cc@internetdownloadmanager.com"="C:\Users\win7\AppData\Roaming\IDM\idmmzcc5" [05/12/2013 02:00]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\d6lmg84l.default-1388631553074
F891089A6AB9E12FEDEBCC5EC0F40D66 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll - Shockwave Flash
0C0C5C207121C7A78414A8250E8E099A - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll - Shockwave for Director / Shockwave for Director
C899B98999270821EDFFA56044DE2377 - C:\Users\win7\AppData\Roaming\raidcall\plugins\nprcplugin.dll - Raidcall plugin
99F97C9FE748C37528C338A423577FCB - C:\Users\win7\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
jeaohhlajejodfjadcponpnjgkiikocn - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx[]
kbhplonhjleiopohgmppianogioknked - C:\Program Files\Common Files\SpeedBit\SBUpdate\NewTabLaunch.crx[]

Google Docs - win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Search - win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
avast WebRep - win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
SaveSense - win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk
Chrome In-App Payments service - win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.bing.com"
"Default_Page_URL"="http://www.google.com"
"Search Bar"="http://www.bing.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.bing.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2269665829-4121650117-2178698581-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_USERS\S-1-5-21-2269665829-4121650117-2178698581-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully

==== Deleting CLSID Registry Values ======================

==== shortcuts on Users Desktops ======================

C:\Users\win7\Desktop\DllSuite.lnk - C:\Program Files (x86)\DLLSuite\2013\DLLSuite.exe
C:\Users\win7\Desktop\Download Accelerator Plus (DAP).lnk - C:\Program Files (x86)\DAP\DAP.exe
C:\Users\win7\Desktop\DVD Flick.lnk - C:\Program Files (x86)\DVD Flick\dvdflick.exe
C:\Users\win7\Desktop\Format Factory.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
C:\Users\win7\Desktop\Free Video Converter.lnk - C:\Program Files (x86)\Free Video Converter\FreeVideoConverter.exe
C:\Users\win7\Desktop\IE Accelerator 3.02.lnk - C:\Program Files (x86)\IE Accelerator\UNWISE.EXE /W3 "C:\Program Files (x86)\IE Accelerator\INSTALL.LOG"
C:\Users\win7\Desktop\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\win7\Desktop\mbam-setup-1.75.0.1300 - Atalho.lnk - C:\Users\win7\Downloads\mbam-setup-1.75.0.1300.exe
C:\Users\win7\Desktop\Mega Filmes.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Filmes
C:\Users\win7\Desktop\My DAP Downloads.lnk - C:\Users\win7\Desktop
C:\Users\win7\Desktop\PointBlank.lnk - C:\ongame\Pointblank\PBLauncher.exe
C:\Users\win7\Desktop\Puxa Rápido.lnk - C:\Program Files (x86)\Puxa Rápido\PuxaRapido.exe
C:\Users\win7\Desktop\RaidCall.lnk - C:\Program Files (x86)\RaidCall\raidcall.exe
C:\Users\win7\Desktop\µTorrent.lnk - C:\Users\win7\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\win7\Desktop\Nova pasta (2)\Continue FlashGet Installation.lnk - C:\Users\win7\AppData\Local\Temp\ICReinstall_flashget-3701220-32-bits.exe /RR
C:\Users\win7\Desktop\Nova pasta (2)\FixMyRegistry.lnk - C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe
C:\Users\win7\Desktop\Nova pasta (2)\FlashGet3.lnk - C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe -shortcut -desktop
C:\Users\win7\Desktop\Nova pasta (2)\Internet Download Manager.lnk - C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Users\win7\Desktop\Nova pasta (2)\JDownloader 2.lnk - C:\Users\win7\AppData\Local\JDownloader v2.0\JDownloader2.exe
C:\Users\win7\Desktop\Nova pasta (2)\Orbit.lnk - C:\Program Files (x86)\Orbitdownloader\orbitdm.exe
C:\Users\win7\Desktop\Nova pasta (2)\WebInstallerJD2(1) - Atalho.lnk - C:\Users\win7\Downloads\WebInstallerJD2(1).exe
C:\Users\win7\Desktop\Nova pasta (2)\tibia\PC Speed Maximizer.lnk - C:\Program Files (x86)\PC Speed Maximizer\PCSpeedMaximizer.exe
C:\Users\win7\Desktop\Nova pasta (2)\tibia\Tibia MULTI-IP Changer.lnk - C:\Program Files (x86)\Asprate\Tibia Multi IP Changer\Tibia MULTI-ip changer.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Access 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\Icon.F01DC21A.CCA6.4587.B378.0E0E3F3B291C.exe
C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Alcohol 120%.lnk - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Alcohol.exe
C:\Users\Public\Desktop\Apps.lnk - C:\Users\Public\Libraries\Apps.library-ms
C:\Users\Public\Desktop\avast Free Antivirus.lnk -
C:\Users\Public\Desktop\eMule.lnk - C:\Program Files (x86)\eMule\emule.exe
C:\Users\Public\Desktop\Excel 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\Icon.C2077EDF.5968.4ADE.8D74.1116F05A88CB.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Public\Desktop\ManyCam.lnk - C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe
C:\Users\Public\Desktop\Megacubo.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe
C:\Users\Public\Desktop\MiniTuner.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe -load:tuner
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8
C:\Users\Public\Desktop\PowerPoint 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\Icon.B6F4EAC5.6475.4C65.8DDF.B42A41F28D8C.exe
C:\Users\Public\Desktop\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
C:\Users\Public\Desktop\Start BlueStacks.lnk - C:\Program Files (x86)\BlueStacks\HD-StartLauncher.exe
C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk - C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
C:\Users\Public\Desktop\TeamViewer 8.lnk - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Users\Public\Desktop\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe
C:\Users\Public\Desktop\Word 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\Icon.8C38184B.0031.4B00.A097.3234E9F2D7A2.exe

==== shortcuts in Users Start Menu ======================

C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\RaidCall.lnk - C:\Program Files (x86)\RaidCall\raidcall.exe
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk - C:\Users\win7\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dll Suite 2013\DllSuite.lnk - C:\Program Files (x86)\DLLSuite\2013\DLLSuite.exe
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dll Suite 2013\Uninstall.lnk - C:\Program Files (x86)\DLLSuite\2013\unins000.exe
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dll Suite 2013\Website.lnk - C:\Program Files (x86)\DLLSuite\2013\config\website.url
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\FormatFactory.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Help.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe /help
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Uninstall.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\uninst.exe
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2 Uninstaller.lnk - C:\Users\win7\AppData\Local\JDownloader v2.0\Uninstall JDownloader.exe
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2 Update & Rescue.lnk - C:\Users\win7\AppData\Local\JDownloader v2.0\JDownloader2Update.exe
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windroy\Uninstall Windroy.lnk - C:\Windroy\unins000.exe
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windroy\Windroy.lnk - C:\Windroy\windroy_root\android.exe
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual do Console RAR.lnk - C:\Program Files (x86)\WinRAR\Rar.txt
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\O que há de novo na última versão.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DU Meter\DU Meter Help.lnk - C:\Program Files (x86)\DU Meter\DUMeter.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DU Meter\DU Meter.lnk - C:\Program Files (x86)\DU Meter\DUMeter.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Flick\DVD Flick.lnk - C:\Program Files (x86)\DVD Flick\dvdflick.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Flick\Uninstall DVD Flick.lnk - C:\Program Files (x86)\DVD Flick\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Flick\Help and Support\Changelog.lnk - C:\Program Files (x86)\DVD Flick\changelog.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Flick\Help and Support\GNU GPL License.lnk - C:\Program Files (x86)\DVD Flick\license.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Flick\Help and Support\Guide.lnk - C:\Program Files (x86)\DVD Flick\guide\index_en.html
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Flick\Help and Support\Readme.lnk - C:\Program Files (x86)\DVD Flick\readme.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PointBlank\PointBlank.lnk - C:\ongame\Pointblank\PBLauncher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PointBlank\Uninstall - PointBlank.lnk - C:\ongame\Pointblank\PBUnInst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PointBlank\Website - PointBlank.lnk - C:\ongame\Pointblank\PointBlank.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaidCall\RaidCall.lnk - C:\Program Files (x86)\RaidCall\raidcall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaidCall\Uninstall RaidCall.lnk - C:\Program Files (x86)\RaidCall\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk - C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk - C:\Program Files\TeamSpeak 3 Client\Uninstall.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\win7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FlashGet3.lnk - C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe -shortcut -quicklanuch
C:\Users\win7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free Video Converter.lnk - C:\Program Files (x86)\Free Video Converter\FreeVideoConverter.exe
C:\Users\win7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\JDownloader 2.lnk - C:\Users\win7\AppData\Local\JDownloader v2.0\JDownloader2.exe
C:\Users\win7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\win7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ManyCam.lnk - C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe
C:\Users\win7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Megacubo.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe
C:\Users\win7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Moozy.lnk - C:\Program Files (x86)\Moozy\WebAud.exe
C:\Users\win7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8
C:\Users\win7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Orbit.lnk - C:\Program Files (x86)\Orbitdownloader\orbitdm.exe
C:\Users\win7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\Users\win7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
C:\Users\win7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\win7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\win7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk - C:\Users\win7\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\win7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\win7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\hao123.lnk - C:\Users\win7\AppData\Roaming\baidu\hao123-br\hao123.1.0.0.1106.exe
C:\Users\win7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\win7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\win7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Megacubo.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe
C:\Users\win7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\win7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\RaidCall.lnk - C:\Program Files (x86)\RaidCall\raidcall.exe
C:\Users\win7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\win7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jeaohhlajejodfjadcponpnjgkiikocn deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kbhplonhjleiopohgmppianogioknked deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DMUninstaller deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MyStart Anti-phishing Domain Advisor deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Internet Download Manager deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WPM deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbarhaIE deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PC Speed Maximizer_is1 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixMyRegistry deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mobilegeni daemon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyStart Anti-phishing Domain Advisor deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyComputer deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VideoDownloadConverter Home Page Guard 64 bit deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\win7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\win7\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\win7\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\win7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\win7\AppData\Local\Mozilla\Firefox\Profiles\d6lmg84l.default-1388631553074\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=567 folders=94 38120218 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Public\AppData\Local\Temp emptied successfully
C:\Users\Usuário Padrão\AppData\Local\Temp emptied successfully
C:\Users\wangjihua\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\win7\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\win7\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\win7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\PROGRA~2\Internet Download Manager" not found
"C:\Users\win7\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QW2GGTT6\static.issuu.com" not found

==== EOF on 10/01/2014 at 12:58:28,24 ======================

por **Power Max** Sex 10 Jan 2014, 15:22

vários problemas foram removidos pelo Zoek.
___________________________

virus - Muitos virus no PC 772309

Vi que você tem o Malwarebytes em seu PC. Faça um update nele (atualize-o) > Faça uma Verificação Completa com ele e remova os problemas que ele encontrar > Depois disto poste o seu log aqui no seu tópico, por gentileza.

Ficamos na espera.

por alexgatti Sex 10 Jan 2014, 17:03

Esta aqui o log do Malwarebytes:

Malwarebytes Anti-Malware 1.75.0.1300
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Versão da Base de Dados: v2014.01.10.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
win7 :: WIN7-PC [administrador]

10/01/2014 15:42:03
mbam-log-2014-01-10 (15-42-03).txt

Tipo de Verificação: Verificação Completa (C:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 344790
Tempo decorrido: 1 hora(s), 11 minuto(s), 20 segundo(s)

Processos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Chaves de Registro Detectadas: 13
HKCR\AppID\{9A246976-806F-4B2E-B3B9-A9A58F5685AA} (PUP.Optional.Ominent.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\AppID\{A2D3FB7A-6873-45E8-AF96-57092D721828} (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828} (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCB24E92-62C4-4C53-95D2-65F9EED476BC} (PUP.Optional.VMNToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\ividi.ividiappCore (PUP.Optional.Ividi.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\ividi.ividiappCore.1 (PUP.Optional.Ividi.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\weDownload Ltd (PUP.Optional.weDownload.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\Unitech LLC\ividi (PUP.Optional.Ividi.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\Software\iVIDI Plugin (PUP.Optional.Ividi.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\Software\iVIDI.org (PUP.Optional.Ividi.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\weDownload Ltd (PUP.Optional.weDownload.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\Unitech LLC\ividi (PUP.Optional.Ividi.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\MYSTARTTB (PUP.Optional.MyStartTB.A) -> Enviado para a Quarentena e deletado com sucesso.

Valores de Registro Detectadas: 1
HKLM\Software\mystarttb|MachineID (PUP.Optional.MyStartTB.A) -> Data: 2E6C6EBB734CA4EA00BD79528E86F1BE -> Enviado para a Quarentena e deletado com sucesso.

Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Pastas Detectadas: 0
(Não foram detectados ítens maliciosos)

Arquivos Detectados: 83
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 2.1\Feven 2.1-bg.exe.vir (PUP.Optional.Feven.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 2.1\Feven 2.1-bho.dll.vir (PUP.Optional.Feven.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 2.1\Feven 2.1-bho64.dll.vir (PUP.Optional.Feven.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 2.1\Feven 2.1-buttonutil.exe.vir (PUP.Optional.Feven.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 2.1\Feven 2.1-buttonutil64.exe.vir (PUP.Optional.Feven.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 2.1\Feven 2.1-chromeinstaller.exe.vir (PUP.Optional.Feven.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 2.1\Feven 2.1-codedownloader.exe.vir (PUP.Optional.Feven.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 2.1\Feven 2.1-enabler.exe.vir (PUP.Optional.Feven.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 2.1\Feven 2.1-firefoxinstaller.exe.vir (PUP.Optional.Feven.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 2.1\Feven 2.1-updater.exe.vir (PUP.Optional.Feven.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 2.1\utils.exe.vir (PUP.Optional.Feven.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Funmoods\1.8.20.0\funmoodssrv.exe.vir (PUP.FunMoods) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-bg.exe.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-bho.dll.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-bho64.dll.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-buttonutil.exe.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-buttonutil64.exe.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-chromeinstaller.exe.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-codedownloader.exe.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-enabler.exe.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-firefoxinstaller.exe.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-updater.exe.vir (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\utils.exe.vir (PUP.Optional.PlusHD.A.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\ProgramData\WPM\wprotectmanager.exe.vir (PUP.Optional.WpManager.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst-saudi-forf.exe (PUP.Optional.Hao123.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\Funmoods\1.8.20.0\funmoodssrv.exe (PUP.FunMoods) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\lucky leap\luckyleapBHO.dll (PUP.Optional.LuckyLeap.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-bg.exe (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-bho.dll (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-buttonutil.exe (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-buttonutil64.exe (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-chromeinstaller.exe (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-codedownloader.exe (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-enabler.exe (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-firefoxinstaller.exe (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-updater.exe (PUP.Optional.PlusHD.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\AppData\Local\Temp\231013_d.exe (PUP.Optional.Unizeto) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\AppData\Local\Temp\231013_y.exe (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\AppData\Local\Temp\crp903F.exe (PUP.Optional.Hao123.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\AppData\Local\Temp\ICReinstall_kingo-android-root-1111764-32-bits.exe (PUP.Optional.InstallCore) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\AppData\Local\Temp\ICReinstall_msn-messenger-2011-1543555308-32-bits.exe (PUP.Optional.InstallCore) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\AppData\Local\Temp\IminentSetup-1-.exe (PUP.Optional.Iminent.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\AppData\Local\Temp\Installer.exe (PUP.Optional.Linkury.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\AppData\Local\Temp\mgsqlite3.dll (PUP.Optional.SweetIM) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\AppData\Local\Temp\ct3306061\ctbe.exe (PUP.Optional.Conduit.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\AppData\Local\Temp\ct3306061\ieLogic.exe (PUP.Optional.Conduit.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\AppData\Local\Temp\ct3306061\statisticsStub.exe (PUP.Optional.Conduit.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\AppData\Local\Temp\ct3306061\stub.exe (PUP.Optional.Conduit.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\AppData\Local\Temp\dlmB3AB.tmp\LuckyLeap0816.exe (PUP.Optional.LuckyLeap.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\AppData\Local\Temp\dlmB3AB.tmp\mconduitinstaller.exe (PUP.Optional.Conduit.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\AppData\Local\Temp\eIntaller\1FC818B603CC48cb9993D0014DF22120\eGdpSvc.exe (PUP.Optional.Wsys.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\AppData\Local\Temp\eIntaller\FD10F383E3F94e10B625F4C3DE51427B\eGdpSvc.exe (PUP.Optional.Wsys.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\AppData\Local\Temp\is701137889\1173277_stp\bd.exe (PUP.Optional.BonanzaDeals.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\AppData\Local\Temp\is701137889\2103193_stp\rcpsetup_adppi5_adppi5.exe (PUP.Optional.RegCleanerPro) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\AppData\Local\Temp\smartbar\Installer.msi (PUP.Optional.SmartBar.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\Desktop\ColeÃ§Ã£o maquina mortifera ( lethal weapon collection dvdrip avi dublado 1987, 1989, 1992, 1998 ).exe (PUP.Optional.PCMega.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\Desktop\filme dose dupla dublado.exe (PUP.Optional.PCMega.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\Desktop\Mipony-Installer.exe (PUP.Optional.IsFreemium) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\Desktop\Red 2 – aposentados e ainda mais perigosos dublado rmvb + avi dual aúdio r5.exe (PUP.Optional.PCMega.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\Desktop\Setup.exe (PUP.Optional.BundleInstaller.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\Downloads\ filme inferno no faroeste – dublado.exe (PUP.Optional.PCMega.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\Downloads\Arquivo.exe (PUP.Optional.PCMega.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\Downloads\Download doom 1 e 2 [pc] portatil (1).exe (PUP.Optional.PCMega.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\Downloads\Download doom 1 e 2 [pc] portatil (2).exe (PUP.Optional.PCMega.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\Downloads\Download doom 1 e 2 [pc] portatil.exe (PUP.Optional.PCMega.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\Downloads\Download.exe (PUP.Optional.PCMega.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\Downloads\intel-appup--32-bits.exe (PUP.Optional.InstallCore) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\Downloads\Multi-ip Changer 8.60.exe (PUP.Optional.4Shared) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\Downloads\R i p d _ agentes do além – dublado.exe (PUP.Optional.PCMega.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\Downloads\R.i.p.d. agentes do alem (dublado) r5 rmvb.exe (PUP.Optional.PCMega.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\Downloads\setup.exe (PUP.Optional.InstallCore.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\Downloads\SoftonicDownloader_para_bluestacks-app-player (1).exe (PUP.Optional.Softonic.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\Downloads\SoftonicDownloader_para_bluestacks-app-player.exe (PUP.Optional.Softonic.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\Downloads\tibia multi ip changer setup.exe (PUP.Soft32Downloader) -> Enviado para a Quarentena e deletado com sucesso.
C:\System Volume Information\SystemRestore\FRStaging\Users\win7\Downloads\VideoDownloadConvert.exe (PUP.Optional.FunWebProducts.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\win7\Desktop\speedupmypc.exe (PUP.Optional.SpeedUpMyPC) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\win7\Downloads\755-ManyCam.exe (PUP.Optional.MyStartTB.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\win7\Downloads\Alcohol120_trial_2.0.2.5830.exe (PUP.Optional.InstallCore) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\win7\Downloads\Java.exe (PUP.Optional.BundleInstaller.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\win7\Downloads\TorrentDownload.exe (PUP.Optional.InstalleRex) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\win7\Downloads\Programs\Jogos vorazes- em chamas dublado.exe (PUP.Optional.Pcmega) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\win7\Local Settings\Application Data\Bundled software uninstaller\bi_client.exe (PUP.Optional.Somoto.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\zoek_backup\C_Users_win7_Downloads_rcpsetupst_RC1_BR_F_1.exe.vir (PUP.Optional.RegCleanerPro) -> Enviado para a Quarentena e deletado com sucesso.

(fim)

por **Power Max** Sex 10 Jan 2014, 17:06

Mais problemas foram removidos.
_________________________________

virus - Muitos virus no PC 772309

Siga, por gentileza, as dicas deste tutorial para fazer um escaneamento de seu PC pelo Nod32 Online:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Após o término do escaneamento será gerado um relatório (log) que estará no seguinte local do seu computador:
C:\Arquivos de programas\Eset\Eset Online Scanner\log.txt

Na sua próxima resposta poste este log do Nod32 Online. Ficamos no aguardo de sua resposta.

por alexgatti Sex 10 Jan 2014, 21:06

Demorou 3 horas.. foi mal pela demora..

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=4e07f8372cf8044f987a58ebc396ec2f
# engine=16607
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-01-10 10:58:14
# local_time=2014-01-10 08:58:14 (-0300, Horário brasileiro de verão)
# country="Brazil"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 85 83 3427103 165190166 0 0
# compatibility_mode=5893 16776573 100 94 98140841 140941744 0 0
# scanned=135563
# found=65
# cleaned=62
# scan_time=12928
sh=278EE35195AE43C347F49D0CA496433998E23DD4 ft=1 fh=212c5df74415422e vn="a variant of Win32/Toolbar.Visicom.C application" ac=I fn="C:\Users\All Users\EmailNotifier\dtuser\dtUser.exe"
sh=278EE35195AE43C347F49D0CA496433998E23DD4 ft=1 fh=212c5df74415422e vn="a variant of Win32/Toolbar.Visicom.C application" ac=I fn="C:\Users\Todos os Usuários\EmailNotifier\dtuser\dtUser.exe"
sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D application" ac=I fn="C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe"
sh=4A3D9F290B5A06DC148DC23F672D26CB3148D222 ft=1 fh=c71c00113096d58d vn="probably a variant of Win64/Toolbar.Crossrider.B application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 2.1\Feven 2.1-buttonutil64.dll.vir"
sh=CD849858F8AEF3A9E7C8548E9D626DF7298CB745 ft=1 fh=8f1341148bfda831 vn="probably a variant of Win64/Toolbar.Crossrider.B application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-buttonutil64.dll.vir"
sh=5EA6791E50720962DB51374A15640317C8A29555 ft=1 fh=222913f4851b1f44 vn="multiple threats (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Wifi Protector BI\utils.exe.vir"
sh=46A4F1F6C2FBC5E4F3AC51929A8AB6387FC59A76 ft=1 fh=ee77f5103a1afa45 vn="a variant of Win64/Toolbar.Crossrider.B application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Wifi Protector BI\Wifi Protector BI-bho64.dll.vir"
sh=D277F0F0C66FFBEFDC1469021FABD4FD4A068235 ft=1 fh=c71c0011de82f189 vn="probably a variant of Win64/Toolbar.Crossrider.B application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Wifi Protector BI\Wifi Protector BI-buttonutil64.dll.vir"
sh=831902C086E5D0E99C1CB8F9E33137FE90FDCB82 ft=1 fh=3d74ec29260bd79a vn="a variant of Win64/Toolbar.Crossrider.B application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Wifi Protector BI\Wifi Protector BI-buttonutil64.exe.vir"
sh=96C383FA62BDCCC2B457D8FEC74F1B596E77AC28 ft=1 fh=24b344ad614e0ab4 vn="a variant of Win32/Kryptik.BEQH trojan (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\win7\AppData\Local\lollipop\Lollipop.exe.vir"
sh=6459CDCB6EDA56C5D02D2B5A69F3C2EC6C9D7BC0 ft=1 fh=3d44c1cd1ea9287c vn="a variant of Win32/DealPly.K application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\win7\AppData\Roaming\Funmoods\UpdateProc\UpdateTask.exe.vir"
sh=CC94D8860DE0C9C6E7A39445AD279A0672150F54 ft=1 fh=39217eb4ed428f92 vn="Win32/AdWare.PCMega.O.Gen application (cleaned by deleting - quarantined)" ac=C fn="C:\downloads\Kick-ass 2 dublado avi bdrip.exe"
sh=2B9F0A40A9F7540FDF07BA88BDAEB13364950BF1 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen virus (deleted - quarantined)" ac=C fn="C:\downloads\kick-ass-2-dublado-avi-bdrip.htm"
sh=C74AE0D588D90D0436442A18C68A2DDE1D0DF4F5 ft=0 fh=0000000000000000 vn="HTML/Iframe.B.Gen virus (deleted - quarantined)" ac=C fn="C:\downloads\[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
sh=7DE60A3AEAC96F7FA559D468D852FBDDA731391F ft=1 fh=3d20769bd48072ca vn="a variant of Win32/Bundled.Toolbar.Ask application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\ApnIC.dll"
sh=DBA4D7540C69C6492D48E688A00B51387685F8A6 ft=1 fh=fb092140bceb8039 vn="a variant of Win32/Bundled.Toolbar.Ask application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\ApnStub.exe"
sh=140308EF85F243BA4D2AAC012B1017B47E52B89E ft=1 fh=ffd7fdcd47cd63f7 vn="a variant of Win32/Bundled.Toolbar.Ask application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\ApnToolbarInstaller.exe"
sh=44554E882D1DD6FBF71B6550B0687E3D9FD73711 ft=1 fh=b0638f029680e22d vn="a variant of Win32/Bundled.Toolbar.Ask.D application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\AskPIP_FF_.exe"
sh=24EACADAF8910146B00A3B6146FAD19E11BFF03B ft=1 fh=5e1dc8d93e2d8e01 vn="a variant of Win32/Hao123.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst-egypt.exe"
sh=34D77A23AA7C7648948E4BFAB31F33F517A785DC ft=1 fh=11cdaad78b073df2 vn="a variant of Win32/Hao123.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst-japan.exe"
sh=E5A3C100D2D0FD94482783AF2B2FF94CDFC9923F ft=1 fh=a0ddd0619a504a2e vn="a variant of Win32/Hao123.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe"
sh=278EE35195AE43C347F49D0CA496433998E23DD4 ft=1 fh=212c5df74415422e vn="a variant of Win32/Toolbar.Visicom.C application (cleaned by deleting - quarantined)" ac=C fn="C:\ProgramData\EmailNotifier\dtuser\dtUser.exe"
sh=BAEFCB03679575349E01668C4F0938643BAAA022 ft=1 fh=45ba6b521529362d vn="a variant of Win32/Toolbar.MyWebSearch.A application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zdatact.dll"
sh=92AC05FFF3AD68271062A3DCB87E12EE6B816DDB ft=1 fh=acec1e59f99ab2fd vn="probably a variant of Win32/Toolbar.MyWebSearch.P application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zieovr.dll"
sh=857980A7B7AB77FF8E34A090CCD76B8BA628E7E4 ft=1 fh=6c9ac10ea3ee1cdd vn="a variant of Win32/Toolbar.MyWebSearch.P application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zskin.dll"
sh=F5946D49A70A64072739370E7BAD592FE4799EA1 ft=1 fh=5bc3efb780caf8fa vn="Win32/Toolbar.MyWebSearch.W application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zskplay.exe"
sh=8A638F9D9D32E5C3EF02897E330B377186623C91 ft=1 fh=da28b519f7f0073f vn="a variant of Win32/InstallCore.CF application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\SystemRestore\FRStaging\Users\win7\AppData\Local\Temp\ICReinstall_JDownloaderSetup_jdownloader.org.exe"
sh=50CA73A33C052AB48AADB5E5B173855BFBFA55FD ft=1 fh=86f8bf7aa6236540 vn="a variant of Win32/Hao123.A application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\SystemRestore\FRStaging\Users\win7\AppData\Local\Temp\tn-sft_sc_hao123_br_hao123inst-brazil.exe"
sh=CCAF26A3C517A27676931CEFC3017DFD6B067E14 ft=1 fh=43572411ffc742c7 vn="Win32/Somoto.E application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\SystemRestore\FRStaging\Users\win7\AppData\Local\Temp\is701137889\3867924_stp.EXE"
sh=8BA5FD50D99774D6155390EA60830A0386076D9B ft=1 fh=2e9c09fd8ec36d6c vn="multiple threats (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\SystemRestore\FRStaging\Users\win7\AppData\Local\Temp\Stub\-884777950\sbw.exe"
sh=8BA5FD50D99774D6155390EA60830A0386076D9B ft=1 fh=2e9c09fd8ec36d6c vn="multiple threats (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\SystemRestore\FRStaging\Users\win7\AppData\Local\Temp\Stub\1514807209\sbw.exe"
sh=D2F33BACDD147180E14F1F1ADB174DADF196B070 ft=1 fh=2317b236603b251f vn="a variant of Win32/Hao123.A application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\SystemRestore\FRStaging\Users\win7\AppData\Roaming\baidu\hao123-br\hao123.1.0.0.1099.exe"
sh=8E4FCB8F52FD50930670DB0C3DE2ED31045A4ABC ft=1 fh=ec2d86deffd4159d vn="multiple threats (cleaned by deleting - quarantined)" ac=C fn="C:\Users\win7\Desktop\FFSetup3.2.0.1.exe"
sh=97F7AFA22BF959825247D67262A5441D946C9E6D ft=1 fh=43572411c93cfcfd vn="Win32/Somoto.E application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\win7\Desktop\Megacubo_10.6.0b.exe"
sh=B85B70B4ED1E6B6D538E77C468C95836CA7E7D31 ft=1 fh=c71c00115d7d3f22 vn="a variant of Win32/InstallCore.ES application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\win7\Documents\My DAP Downloads\formatfactory-3201-32-bits.exe.dap"
sh=CCAF26A3C517A27676931CEFC3017DFD6B067E14 ft=1 fh=43572411ffc742c7 vn="Win32/Somoto.E application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\win7\Downloads\654-Megacubo_10.4.0.exe"
sh=C0711A767AE3977C8BF8654021282A46820C6B53 ft=1 fh=1089ef6982674af1 vn="Win32/DownWare.L application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\win7\Downloads\BitTorrentTurboAccelerator_installer.exe"
sh=C5A07C6647A4228B39A382EE5246235CFDD94A82 ft=1 fh=1901ca3fd08316cd vn="a variant of Win32/CNETInstaller.B application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\win7\Downloads\cbsidlm-cbsi134-BlueStacks_App_Player-ORG-75593133.exe"
sh=C5A07C6647A4228B39A382EE5246235CFDD94A82 ft=1 fh=1901ca3fd08316cd vn="a variant of Win32/CNETInstaller.B application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\win7\Downloads\cbsidlm-cbsi134-Doom-ORG-10000739.exe"
sh=29662DF0F5458E44E57AA87EE3592E87B46F3A11 ft=1 fh=c71c0011a304728b vn="a variant of Win32/InstallCore.ES application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\win7\Downloads\flashget-3701220-32-bits.exe"
sh=78A5B3F23CB8B6C063E0AD990E03B776D761A2DC ft=1 fh=ccfcdebd40b735f3 vn="a variant of Win32/TopMedia.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\win7\Downloads\iVIDIPlugin"
sh=A15D2C9F5883295EF50024B83388B71EE501DD62 ft=1 fh=c71c0011a304728b vn="a variant of Win32/InstallCore.ES application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\win7\Downloads\manycam-virtual-webcam-3162-32-bits.exe"
sh=1A4ABB1CFB51839E3477DE45BF384CA5A8FA6495 ft=1 fh=472ae0c80a153a66 vn="probably a variant of Win32/Downloader.Agent.J application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\win7\Downloads\nacao-vampira-vampyre-nation-torrent-2.html"
sh=1B9B1145335C36E3771B813C65EDACF7B0B45CCA ft=1 fh=69faa1891e30b55b vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\win7\Downloads\OrbitDownloaderSetup.exe"
sh=557F78FF451A22ED1C980E0FA8207B49469A37B5 ft=1 fh=9aa5633cddf18564 vn="probably a variant of Win32/Downloader.Agent.J application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\win7\Downloads\panico-na-floresta-5-wrong-turn-5-bloodlines-torrent-a-dual-audio-2013.exe"
sh=CC94D8860DE0C9C6E7A39445AD279A0672150F54 ft=1 fh=39217eb4ed428f92 vn="Win32/AdWare.PCMega.O.Gen application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\win7\Downloads\Pesca Em Alto Mar [pesca Mar Aberto] [espanhol] Pc.exe"
sh=CC94D8860DE0C9C6E7A39445AD279A0672150F54 ft=1 fh=39217eb4ed428f92 vn="Win32/AdWare.PCMega.O.Gen application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\win7\Downloads\Player-para-assistir-o-video-em-hd.zip.exe"
sh=A5F13A76D2AB05D9DFDE7658412AF1643DD0E4DF ft=1 fh=07ee01a8f06090fd vn="Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\win7\Downloads\Setup_FreeVideoConverter.exe"
sh=492DF0F4AFE81E83EDA26D4ABBF44B658AB9BEA9 ft=1 fh=eea6cb120a1910d1 vn="probably a variant of Win32/Downloader.Agent.J application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\win7\Downloads\sexy-eliana-amaral-janeiro-2014-torrent.exe"
sh=1FF79EE8CF53B62A81AD3801F1ECF5F3D519E20A ft=1 fh=896587c3a3d228da vn="probably a variant of Win32/Downloader.Agent.J application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\win7\Downloads\sharknado-torrent-a-bluray-rip-720p--1080p-dual-audio-2013.exe"
sh=5BE0CF014485D8101FD5872969852801A309EFF4 ft=1 fh=c71c0011a304728b vn="a variant of Win32/InstallCore.ES application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\win7\Downloads\windows-repair-175-32-bits.exe"
sh=99363532FF02457E114C683826363EDD45DC8D1B ft=1 fh=08f27257ecd2f52e vn="Win32/DownWare.L application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\win7\Downloads\wirebooster-setup.exe"
sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D application (cleaned by deleting - quarantined)" ac=C fn="C:\Windows\System32\Adobe\Shockwave 12\gt.exe"
sh=70C1C83E64135601CD28F972086DFEDD24730B85 ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Users_win7_AppData_Roaming_Mozilla_Firefox_Profiles_extensions_extensions_firefox@kasimos.net.xpi.vir"
sh=C6DF8336AADD51E738DEC76B5441AB2F34F51875 ft=1 fh=c71c0011a304728b vn="a variant of Win32/InstallCore.ES application (cleaned by deleting - quarantined)" ac=C fn="C:\zoek_backup\C_Users_win7_Downloads_ilivid-4002466-32-bits.exe.vir"
sh=42347EA30878C95383DAA6E1ADE0B704384351A8 ft=1 fh=a614cf016f410226 vn="a variant of Win32/SBWatchman.A application (cleaned by deleting - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_Common Files_SpeedBit\SBUpdate\sbci32.dll"
sh=0D83C30D1D68ACA3189411125A7549D9E5FCE08D ft=1 fh=97476c5e6b6d3f33 vn="a variant of MSIL/SBWatchman.A application (cleaned by deleting - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_Common Files_SpeedBit\SBUpdate\sbci64.dll"
sh=ECF2846154E07D82232F2E162D9F7ED3546E367E ft=1 fh=1ed80447f1ba7383 vn="probably a variant of Win32/SBWatchman.A application (cleaned by deleting - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_Common Files_SpeedBit\SBUpdate\sbei32.dll"
sh=88E6216BE6BD0E74C610239412BF858EC2618BB4 ft=1 fh=28df96ea400cd45c vn="a variant of MSIL/SBWatchman.A application (cleaned by deleting - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_Common Files_SpeedBit\SBUpdate\sbei64.dll"
sh=B56EF017650300E02F89D801A1E9C734D962BB00 ft=1 fh=e5eb3984fc4fd37a vn="a variant of Win32/SBWatchman.A application (cleaned by deleting - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_Common Files_SpeedBit\SBUpdate\sbfi32.dll"
sh=BBC9230FC673D2D76D88812D4C690FAF1E639B60 ft=1 fh=b9bd93bda05d5da1 vn="a variant of MSIL/SBWatchman.A application (cleaned by deleting - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_Common Files_SpeedBit\SBUpdate\sbfi64.dll"
sh=CFDC3DD0CE2C752F77017255A6E0F92DBEC2F9B2 ft=1 fh=9989894b7a99dfa2 vn="a variant of Win32/SBWatchman.A application (cleaned by deleting - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_Common Files_SpeedBit\SBUpdate\sbi32.exe"
sh=B233C1E481E10F7CA2E1C1505F1EE3410934E857 ft=1 fh=6d53921a272a065c vn="a variant of MSIL/SBWatchman.A application (cleaned by deleting - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_Common Files_SpeedBit\SBUpdate\sbi64.exe"
sh=21359D26400D805E1165A767780220B82709C758 ft=1 fh=a24583377e28883f vn="a variant of MSIL/SBWatchman.A application (cleaned by deleting - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_Common Files_SpeedBit\SBUpdate\sbu.exe"
sh=741518CA17409E0C108EA202464829E6C664ED1E ft=1 fh=52477f93f91d8732 vn="a variant of MSIL/DomaIQ.A application (cleaned by deleting - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_Uninstaller\Uninstall.exe"

por **Power Max** Sex 10 Jan 2014, 21:23

Mais problemas foram removidos pelo Nod32 Online.
_____________________________

virus - Muitos virus no PC 772309

Qual versão do Avast você está usando? A versão mais nova dele é a 2014 (9.0.2011). Se a versão do seu estiver mais antiga, atualize ele para esta nova versão.

Faça também um update nele atualizando suas definições de vírus.

Depois disto faça uma verificação completa com ele > Ao detectar algum vírus ou outros arquivos perigosos escolha primeiramente a opção de Reparar o arquivo (que é o mesmo que desinfectá-lo) > quando não for possível a opção de Reparar, escolha a opção de enviar o arquivo contaminado para a Quarentena.

Depois disto nos diga, por gentileza, se algum vírus foi removido pelo Avast e como está seu PC depois disto.

Ficamos no aguardo.

por alexgatti Sex 10 Jan 2014, 23:35

O Avast não encontrou nem 1 vírus.. O PC agora está perfeito, sem comparação..
Muito obrigado por ter ajudado..
Abraço..
E continuem assim..
VLW... virus - Muitos virus no PC 404338

por **Power Max** Sex 10 Jan 2014, 23:44

Fico feliz que os problemas foram resolvidos.

virus - Muitos virus no PC 772309

Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Xplode) e salve no Desktop (Área de Trabalho)

*Depois disto é só executá-lo, deixar selecionadas as opções Remove disinfection tools e Purge system restore

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Clique em [Run]

virus - Muitos virus no PC 772309

Depois de executar o Delfix conforme descrito acima, é só deletar o DelFix e o arquivo C:\DelFix.txt

virus - Muitos virus no PC 960671

Um abraço!

por **Admin** Sáb 11 Jan 2014, 00:02

CASO RESOLVIDO

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.

por Conteúdo patrocinado

Muitos virus no PC

Muitos virus no PC

Re: Muitos virus no PC

Re: Muitos virus no PC

Re: Muitos virus no PC

Re: Muitos virus no PC

Re: Muitos virus no PC

Re: Muitos virus no PC

Re: Muitos virus no PC

Re: Muitos virus no PC

Re: Muitos virus no PC

Re: Muitos virus no PC

Re: Muitos virus no PC

Re: Muitos virus no PC

Re: Muitos virus no PC

Re: Muitos virus no PC

Re: Muitos virus no PC

Seg	Ter	Qua	Qui	Sex	Sáb	Dom
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31