Malware no Note

Então, não consigo baixar o AdwCleaner, pois abre uma janela dizendo que não tenho recursos suficiente pra baixar. Podem me ajudar.

Desculpa a pergunta ... mas com esse programa consigo ver se meu note esta infectado com virus espião? Na caixa de email tenho percebido de  que os conteúdos do rascunho estão alterado.

Bom Dia! claudia cor.marks

< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >

> Poste o log do HijackThis,segundo a [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].

A+

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:56:41, on 13/10/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Users\Claudia\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Claudia\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [ConvertAd] C:\Users\Claudia\AppData\Local\ConvertAd\ConvertAd.exe
O4 - HKLM\..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [HP Deskjet 3510 series (NET)] "C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe" -deviceID "BR327FG0RY05TY:NW" -scfn "HP Deskjet 3510 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Claudia\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SISTEMA')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Startup: Dropbox.lnk = C:\Users\Claudia\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: Monitorar alertas de tinta - HP Deskjet 3510 series (Rede).lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: Capturar esta página - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Capturar favorito - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Capturar imagem - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Capturar seleção - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Capturar URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Nova nota - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra button: Enviar para Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Enviar para Dispositivo &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: McAfee Application Installer Cleanup (0075911395009248) (0075911395009248mcinstcleanup) - Unknown owner - C:\Users\Claudia\AppData\Local\Temp\007591~1.EXE (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Agendamento (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Search Protect Service (CltMngSvc) - Unknown owner - C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe (file missing)
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update surf slide - Unknown owner - C:\Program Files (x86)\surf slide\updatesurfslide.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12874 bytes

Boa Noite! claudia cor.marks

claudia cor.marks escreveu:Desculpa a pergunta ... mas com esse programa consigo ver se meu note esta infectado com virus espião? Na caixa de email tenho percebido de  que os conteúdos do rascunho estão alterado.

> Não!


> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by techsupportall.com )
> Salve-a no desktop!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Execute o arquivo Adware-Removal-Tool-v3.9.1.exe <<

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Dê início a verificação,clicando em Scan.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Ao concluir seu prescan,clique OK.
> Ps: Cada guia irá mostrar o que será removido!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Clique "Next" >> Aguarde!

< Computador >> Windows (C:) >> Program Files >> Adware-Removal-Tool >> Reports >> Repair_Logs_2014_10_dia_h_min_seg.txt <<

> Poste o relatório!

Abs!

Adware Removal Tool v3.9
Time: 2014_10_14_07_53_23
OS: Windows 7 - 64 Bit
Account Name: Claudia
U0L0S47

\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\

Deleted - File - C:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
Deleted - File - C:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.ini
Deleted - File - C:\Users\Claudia\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_mapsgalaxy.dl.tb.ask.com_0.localstorage
Deleted - File - C:\Users\Claudia\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_mapsgalaxy.dl.tb.ask.com_0.localstorage-journal
Deleted - File - C:\Users\Claudia\Appdata\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VGZBRK7R\MyPCBackupOffer[1].htm
Deleted - File - C:\Users\Claudia\Appdata\Roaming\Wondershare\Wondershare Helper Compact\Wondershare Helper Compact.exe
Deleted - Folder - C:\program files (x86)\Common Files\Wondershare
Deleted - Folder - C:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact
Deleted - Folder - C:\program files (x86)\Wondershare
Deleted - Folder - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
Deleted - Folder - C:\Users\Claudia\Appdata\Local\Wondershare
Deleted - Folder - C:\Users\Claudia\Appdata\Local\Wondershare\WSHelper
Deleted - Folder - C:\Users\Claudia\Appdata\Roaming\Wondershare
Deleted - Folder - C:\Users\Claudia\Appdata\Roaming\Wondershare\Wondershare Helper Compact
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CltMngSvc:displayname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CltMngSvc:description
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CltMngSvc:imagepath
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\windows\Currentversion\run:convertad
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:masterclsid
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}:dllname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\7983304b_0:
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\b86013a5_0:
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\windows\Currentversion\Uninstall\{67CC8351-9D8B-4EDF-AAEE-B8CB17E5F3AC}_is1:inno setup: app path
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\windows\Currentversion\Uninstall\{67CC8351-9D8B-4EDF-AAEE-B8CB17E5F3AC}_is1:installlocation
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\windows\Currentversion\Uninstall\{67CC8351-9D8B-4EDF-AAEE-B8CB17E5F3AC}_is1:inno setup: icon group
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\windows\Currentversion\Uninstall\{67CC8351-9D8B-4EDF-AAEE-B8CB17E5F3AC}_is1:displayname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\windows\Currentversion\Uninstall\{67CC8351-9D8B-4EDF-AAEE-B8CB17E5F3AC}_is1:uninstallstring
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\windows\Currentversion\Uninstall\{67CC8351-9D8B-4EDF-AAEE-B8CB17E5F3AC}_is1:uninstalldatafile
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\windows\Currentversion\Uninstall\{67CC8351-9D8B-4EDF-AAEE-B8CB17E5F3AC}_is1:quietuninstallstring
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\windows\Currentversion\Uninstall\{67CC8351-9D8B-4EDF-AAEE-B8CB17E5F3AC}_is1:publisher
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\windows\Currentversion\Uninstall\{67CC8351-9D8B-4EDF-AAEE-B8CB17E5F3AC}_is1:urlinfoabout
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\windows\Currentversion\Uninstall\{67CC8351-9D8B-4EDF-AAEE-B8CB17E5F3AC}_is1:helplink
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\windows\Currentversion\Uninstall\{67CC8351-9D8B-4EDF-AAEE-B8CB17E5F3AC}_is1:urlupdateinfo
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\windows\Currentversion\run:convertad
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE:Wondershare
Deleted - RegistryKey - HKEY_CURRENT_USER\SOFTWARE:Wondershare
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services:CltMngSvc
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2EECD738-5844-4A99-B4B6-146BF802613B}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{472734EA-242A-422B-ADF8-83D1E48CC825}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{98889811-442D-49DD-99D7-DC866BE87DBC}

\\ Finished

Bom Dia! claudia cor.marks

< [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >

> Vá à este Tutorial e baixe o MBAM.
> Execute a verificação "Personalizada".
> Configure-o a enviar suas detecções para a quarentena.
> Poste o relatório ao concluir!

A+

Olá Bom dia

Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]


Update, 16/10/2014 00:00:49, SYSTEM, CLAUDIA-PC, Scheduler, Malware Database, 2014.10.16.1, 2014.10.16.2,
Protection, 16/10/2014 00:00:50, SYSTEM, CLAUDIA-PC, Protection, Refresh, Starting,
Protection, 16/10/2014 00:00:50, SYSTEM, CLAUDIA-PC, Protection, Malicious Website Protection, Stopping,
Protection, 16/10/2014 00:00:51, SYSTEM, CLAUDIA-PC, Protection, Malicious Website Protection, Stopped,
Protection, 16/10/2014 00:01:35, SYSTEM, CLAUDIA-PC, Protection, Refresh, Success,
Protection, 16/10/2014 00:01:35, SYSTEM, CLAUDIA-PC, Protection, Malicious Website Protection, Starting,
Protection, 16/10/2014 00:01:37, SYSTEM, CLAUDIA-PC, Protection, Malicious Website Protection, Started,
Scan, 16/10/2014 00:36:02, SYSTEM, CLAUDIA-PC, Manual, Start:15/10/2014 22:18:13, Duration:2 hr 13 min 37 sec, Verificação Personalizada, Terminado, 0 Malware Detections, 26 Non-Malware Detections,
Protection, 16/10/2014 00:39:19, SYSTEM, CLAUDIA-PC, Protection, Malware Protection, Starting,
Protection, 16/10/2014 00:39:19, SYSTEM, CLAUDIA-PC, Protection, Malware Protection, Started,
Protection, 16/10/2014 00:39:19, SYSTEM, CLAUDIA-PC, Protection, Malicious Website Protection, Starting,
Protection, 16/10/2014 00:40:21, SYSTEM, CLAUDIA-PC, Protection, Malicious Website Protection, Started,

(end)

Bom Dia! claudia cor.marks

> A verificação efetuada foi incorreta!
> Faça desta forma: Verificação Personalizada <<

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Abaixo,marque as caixinhas conforme a imagem.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Ao concluir as marcações,clique "Iniciar Verificação".
> Poste o relatório! Leia: "Como acessar o Log (relatório) do Malwarebytes:

A+

Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Data da Verificação: 16/10/2014
Hora da Verificação: 20:57:59
Arquivo de Log: log1710.txt
Administrador: Sim

Versão: 2.00.3.1025
Base de Dados de Malware: v2014.10.16.08
Base de Dados de Rootkit: v2014.10.15.01
Licença: Avaliação Gratuita
Proteção de Malware: Habilitado
Proteção de Site Malicioso: Habilitado
Auto-Proteção: Desabilitado

SO: Windows 7 Service Pack 1
Processador: x64
Sistema de Arquivos: NTFS
Usuário: Claudia

Tipo da Verificação: Verificação Personalizada
Resultado: Terminado
Objetos Verificados: 470232
Tempo Decorrido: 2 hr, 14 min, 34 seg

Memória: Habilitado
Inicialização: Habilitado
Sistema de Arquivos: Habilitado
Arquivos Compactados: Habilitado
Rootkits: Desabilitado
Heurística: Habilitado
PUP: Habilitado
PUM: Habilitado

Processos: 0
(Nenhum item malicioso detectado)

Módulos: 0
(Nenhum item malicioso detectado)

Chaves de Registro: 0
(Nenhum item malicioso detectado)

Valores de Registro: 0
(Nenhum item malicioso detectado)

Dados de Registro: 0
(Nenhum item malicioso detectado)

Pastas: 0
(Nenhum item malicioso detectado)

Arquivos: 1
PUP.Optional.Conduit, C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Preferences, Bom: (), Ruim: ( "suggest_url": "http://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}",), Substituído,[066216ff8cf06dc990b3a6b01ce951af]

Setores Físicos: 0
(Nenhum item malicioso detectado)


(end)

Bom Dia! claudia cor.marks

> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >

> Salve-o no desktop!
> Desabilite seu antivírus e execute o arquivo esetsmartinstaller_enu.exe <<
> Aceite o contrato e marque: "YES, I accept the Terms of Use"
> Clique: "Start"

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]


> Em "Computer scan settings",marque:

<*> Enable detection of potentially unwanted applications

> Em "Hide advanced settings",marque:

<1> Scan archives
<2> Scan for potentially unsafe applications
<3> Enable Anti-Stealth technology
<4> Remove found threats

> Clique em "Advanced settings".
> Clique "Change" e marque a caixa "Computador".
> Clique: "Start" >> Aguarde! ( Pode durar algumas horas,esse scan... )
> Ao concluir,clique em "List of found threats".
> Clique em "Export to text file" e salve o relatório no desktop.
> Clique "Back" >> "Finish".
> Poste o relatório!


A+

Será que deu certo agora?!

C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\AdvancedSystemProtector.exe.vir a variant of MSIL/AdvancedSystemProtector.E potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\AspManager.exe.vir a variant of MSIL/AdvancedSystemProtector.F potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\ASPUninstall.exe.vir Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\filetypehelper.exe.vir a variant of MSIL/AdvancedSystemProtector.F potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\scandll.dll.vir a variant of MSIL/AdvancedSystemProtector.F potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\Troubleshooter\asp-fixer.com.vir MSIL/AdvancedSystemProtector.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\Troubleshooter\asp-fixer.exe.vir MSIL/AdvancedSystemProtector.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\Troubleshooter\asp-fixer.pif.vir MSIL/AdvancedSystemProtector.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\Troubleshooter\asp-fixer.scr.vir MSIL/AdvancedSystemProtector.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\Troubleshooter\firefox.com.vir MSIL/AdvancedSystemProtector.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\Troubleshooter\iexplore.exe.vir MSIL/AdvancedSystemProtector.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\gooternet\gooternetUninstall.exe.vir Win32/BrowseFox.C potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\PennyBee\DealplyInstallerHelper.dll.vir Win32/DealPly.T potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\PennyBee\PennyBeeW.exe.vir a variant of MSIL/Toolbar.Linkury.H potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\Loader32.exe.vir Win32/Thinknice.E potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\Loader64.exe.vir Win64/Thinknice.E potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ver3BlockAndSurf\BlockAndSurf.exe.vir a variant of Win32/AdWare.AddLyrics.BP application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ver3BlockAndSurf\l6BlockAndSurfp84.exe.vir a variant of Win32/AdWare.AddLyrics.BS application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir a variant of Win64/Systweak.A potentially unwanted application deleted - quarantined
C:\Program Files\Adware-Removal-Tool\ARTP3.exe MSIL/FakeTool.PS trojan cleaned by deleting - quarantined
C:\Program Files (x86)\Avira\AntiVir Desktop\offercast_avirav7_.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application deleted (after the next restart) - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application deleted - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application deleted - quarantined
C:\Program Files (x86)\GoHD\44a1058b-4d78-4d24-85d6-58cd715d93dd.dll a variant of Win32/Toolbar.CrossRider.BB potentially unwanted application deleted - quarantined
C:\Users\Claudia\AppData\Local\nsz6F29.tmp Win32/AnyProtect.F potentially unwanted application deleted - quarantined
C:\Users\Claudia\Downloads\avira_free_antivirus_ptbr.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application deleted - quarantined
C:\Users\Claudia\Dropbox\CLAUDIA2\eletro\Downloads\ccsetup410 (1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\Claudia\Dropbox\CLAUDIA2\eletro\Downloads\ccsetup410.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\Claudia\Dropbox\CLAUDIA2\eletro\Downloads\ccsetup411 (1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\Claudia\Dropbox\CLAUDIA2\eletro\Downloads\ccsetup411.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined

Boa Noite! claudia cor.marks

> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Oleg N. Scherbakov )
> Salve-o no desktop!
> Desabilite seu antivírus!
> Para Windows 7,clique direito em JRT.exe e execute-o ... 

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Aguarde a conclusão e poste o relatório. ( JRT.txt )

A+

Bom dia com sol e sem chuva ainda !!!



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.14.2014:1)
OS: Windows 7 Home Premium x64
Ran by Claudia on 19/10/2014 at 7:04:44,89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19/10/2014 at 7:10:20,91
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Bom Dia! claudia cor.markes

claudia cor.markes escreveu:Então, não consigo baixar o AdwCleaner, pois abre uma janela dizendo que não tenho recursos suficiente pra baixar. 

• Vamos remover as ferramentas utilizadas na desinfecção!
  
  
• Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... de Xplode )
  
  [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
  
  
• Estando na página,clique em Download Now. 
  
• Salve-a em um local conveniente! ( desktop! )
  
• Feche aplicativos que estejam abertos.
  
  [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
  
  
• Remover ferramentas de desinfecção
  
• Criar backup do registro
  
• Limpar pontos da restauração do sistema
  
  
• Com estas caixinhas marcadas,clique Executar!
  
• Reinicie o computador!
  
• Tudo Ok?
  
  
• A+
  

Boa Noite com chuva !!!

Era pra postar?!



# DelFix v10.8 - Relatório criado 19/10/2014 às 20:26:11
# Atualizado 29/07/2014 por Xplode
# Usuário : Claudia - CLAUDIA-PC
# Sistema Operacional : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removendo ferramentas de desinfecção ...

Removido : C:\AdwCleaner
Removido : C:\log1.txt
Removido : C:\Users\Claudia\Desktop\JRT.txt
Removido : C:\Users\Claudia\Desktop\log1710.txt
Removido : C:\Users\Claudia\Downloads\AdwCleaner.exe
Removido : C:\Users\Claudia\Downloads\adwcleaner_3.213.exe
Removido : C:\Users\Claudia\Downloads\adwcleaner_4.000.exe
Removido : C:\Users\Claudia\Downloads\esetsmartinstaller_enu (1).exe
Removido : C:\Users\Claudia\Downloads\esetsmartinstaller_enu.exe
Removido : C:\Users\Claudia\Downloads\JRT.exe
Removido : C:\Users\Claudia\Downloads\HijackThis (1).exe
Removido : C:\Users\Claudia\Downloads\HijackThis.exe
Removido : C:\Users\Claudia\Downloads\hijackthis.log
Removido : HKLM\SOFTWARE\AdwCleaner

~ Criando backup do registro ... OK

~ Limpando pontos da restauração do sistema ...

Removido : RP #69 [Windows Update | 10/09/2014 22:23:40]
Removido : RP #70 [Removido Live! Cam Avatar Creator | 10/12/2014 22:35:25]
Removido : RP #71 [Windows Update | 10/15/2014 06:01:30]
Removido : RP #72 [Removido Brother Software Suite | 10/19/2014 00:02:19]

Novo ponto de restauração criado !

########## - EOF - ##########

Boa Noite! claudia cor.marks

> Tudo OK?
> Seu computador ou Note,ainda acusa malwares?

A+

Olá, boa noite !

Ele esta ótimo quero muito agradecer vcs!

Super obrigada

Caso Resolvido

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.