(RESOLVIDO) Não consigo remover qone8 do meu computador. 5 5 1

(RESOLVIDO) Não consigo remover qone8 do meu computador.

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

(RESOLVIDO) Não consigo remover qone8 do meu computador.

Mensagem  Dadys em Ter Out 01, 2013 8:53 pm

Segue o Log do Hijackthis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:51:19, on 01/10/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Usuario\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Usuario\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: DealPly Shopping - {9cf699ca-2174-4ed8-bec1-ba82095edce0} - C:\Program Files (x86)\DealPly\DealPlyIE.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
O4 - HKLM\..\Run: [YouCam Mirror Tray icon] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Usuario\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Você precisa estar registrado e conectado para ver este link.]
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
O15 - Trusted Zone: imagem.caixa.gov.br
O15 - Trusted Zone: internetbanking.caixa.gov.br
O15 - Trusted Zone: internetbankingpf.caixa.gov.br
O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify:  GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O20 - Winlogon Notify:  GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Serviço do DealPly Live (dealplylive) (dealplylive) - DealPly Technologies Ltd - C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe
O23 - Service: Serviço do DealPly Live (dealplylivem) (dealplylivem) - DealPly Technologies Ltd - C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: lxcz_device -   - C:\Windows\system32\lxczcoms.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9535 bytes

Dadys



Mensagens: 6
Data de inscrição: 01/10/2013

Ver perfil do usuário

Voltar ao Topo Ir em baixo

Re: (RESOLVIDO) Não consigo remover qone8 do meu computador.

Mensagem  Wings (in memoriam) em Ter Out 01, 2013 9:02 pm

Olá Dadys


Execute o HijackThis, clique [Do a system scan only], selecione as entradas abaixo e clique [Fix checked]

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]


*Feche o Hijack


Baixe o [Você precisa estar registrado e conectado para ver este link.] (...de Xplode) e salve-o no Desktop (Área de Trabalho)

*Salve qualquer trabalho aberto e feche o seu navegador

*Execute-o, clique [Examinar] e aguarde o término

*Clique [Limpar] e aguarde o término

*Caso seja solicitada a reinicialização do PC, clique [OK] para reiniciar.

*Cole o relatório C:\AdwCleaner\AdwCleaner[S0].txt

Wings (in memoriam)



Mensagens: 1081
Data de inscrição: 19/08/2013
Localização: Rio de Janeiro - RJ

Ver perfil do usuário http://www.hardware.com.br

Voltar ao Topo Ir em baixo

Re: (RESOLVIDO) Não consigo remover qone8 do meu computador.

Mensagem  Dadys em Ter Out 01, 2013 11:00 pm

Ok, feito como você falou!
PS: Obrigada pelo retorno tão rápido Smile

# AdwCleaner v3.006 - Relatório criado 01/10/2013 às 22:52:58
# Atualizado 01/10/2013 por Xplode
# Sistema Operacional : Windows 7 Home Premium Service Pack 1 (64 bits)
# Usuário : Usuario - USUARIO-PC
# Executando de : C:\Users\Usuario\Desktop\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

[#] Serviço Deletada : dealplylive
[#] Serviço Deletada : dealplylivem

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\Ask
Pasta Deletada : C:\ProgramData\Babylon
Pasta Deletada : C:\ProgramData\boost_interprocess
Pasta Deletada : C:\ProgramData\DealPlyLive
Pasta Deletada : C:\ProgramData\eSafe
Pasta Deletada : C:\ProgramData\IBUpdaterService
Pasta Deletada : C:\ProgramData\Tarma Installer
Pasta Deletada : C:\Program Files (x86)\DealPly
Pasta Deletada : C:\Program Files (x86)\DealPlyLive
Pasta Deletada : C:\Program Files (x86)\Movdap
Pasta Deletada : C:\Program Files (x86)\Video Performer
Pasta Deletada : C:\Users\Usuario\AppData\Local\DealPlyLive
Pasta Deletada : C:\Users\Usuario\AppData\Local\lollipop
Pasta Deletada : C:\Users\Usuario\AppData\Local\Temp\apn
Pasta Deletada : C:\Users\Usuario\AppData\Local\Temp\eIntaller
Pasta Deletada : C:\Users\Usuario\AppData\Roaming\Babylon
Pasta Deletada : C:\Users\Usuario\AppData\Roaming\DealPly
Pasta Deletada : C:\Users\Usuario\AppData\Roaming\file scout
Pasta Deletada : C:\Users\Usuario\AppData\Roaming\Movdap
Pasta Deletada : C:\Users\Usuario\AppData\Roaming\SeeSimilar02
Pasta Deletada : C:\Users\Usuario\AppData\Roaming\SpeedAnalysis2
Arquivo Deletada : C:\Users\Usuario\AppData\Roaming\speedanalysis.ico
Arquivo Deletada : C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
Arquivo Deletada : C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineCore
Arquivo Deletada : C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
Arquivo Deletada : C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA
Arquivo Deletada : C:\Windows\System32\Tasks\DealPlyUpdate

***** [ Atalhos ] *****


***** [ Registro ] *****

Valor Deletedo : HKCU\Software\Mozilla\Firefox\Extensions [seesimilar02@SeeSimilar.com]
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [seesimilar02@SeeSimilar.com]
Valor Deletedo : HKCU\Software\Mozilla\Firefox\Extensions [speedanalysis02@SpeedAnalysis.com]
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [speedanalysis02@SpeedAnalysis.com]
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\dealplylive.exe
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickCtrl.9
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLive.Update3WebControl.3
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.coreclass
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachine
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclasssvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Chave Deletedo : HKLM\SOFTWARE\5e6dddfe035eb41
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3A4DBD3A-98CC-41CE-AD21-352D42B6F754}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9CF699CA-2174-4ED8-BEC1-BA82095EDCE0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C536F080-57B7-46D6-8894-C647553F2889}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CF699CA-2174-4ED8-BEC1-BA82095EDCE0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{93488930-185C-4CED-AFEB-0FD4930F8423}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CF699CA-2174-4ED8-BEC1-BA82095EDCE0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{93488930-185C-4CED-AFEB-0FD4930F8423}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CF699CA-2174-4ED8-BEC1-BA82095EDCE0}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Chave Deletedo : HKCU\Software\BabSolution
Chave Deletedo : HKCU\Software\DataMngr
[#] Chave Deletedo : HKCU\Software\DataMngr_Toolbar
Chave Deletedo : HKCU\Software\DealPly
Chave Deletedo : HKCU\Software\dealplylive
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\lollipop
Chave Deletedo : HKCU\Software\performersoft llc
Chave Deletedo : HKLM\Software\DataMngr
Chave Deletedo : HKLM\Software\DealPly
Chave Deletedo : HKLM\Software\dealplylive
Chave Deletedo : HKLM\Software\qone8Software
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Navegadores ] *****

-\\ Internet Explorer v8.0.7601.17514

Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v29.0.1547.76

[ Arquivo : C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [14416 octets] - [01/10/2013 22:51:58]
AdwCleaner[S0].txt - [12836 octets] - [01/10/2013 22:52:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12897 octets] ##########

Dadys



Mensagens: 6
Data de inscrição: 01/10/2013

Ver perfil do usuário

Voltar ao Topo Ir em baixo

Re: (RESOLVIDO) Não consigo remover qone8 do meu computador.

Mensagem  Wings (in memoriam) em Ter Out 01, 2013 11:42 pm


Execute o AdwCleaner, clique [Desinstalar] > [Sim]


Instale o [Você precisa estar registrado e conectado para ver este link.] (...de RubbeR DuckY)

*Antes de concluir a instalação, desmarque a opção Ativar trial gratuito do Malwarebytes Anti-Malware PRO

[Você precisa estar registrado e conectado para ver este link.]

*Aguarde o término da atualização, selecione [Verificação Rápida], clique [Verificar]

*Ao término, clique [OK] > [Ver Resultados]

*Selecione todos os resultados e clique [Remover Selecionados]

*Cole o relatório apresentado

Wings (in memoriam)



Mensagens: 1081
Data de inscrição: 19/08/2013
Localização: Rio de Janeiro - RJ

Ver perfil do usuário http://www.hardware.com.br

Voltar ao Topo Ir em baixo

Re: (RESOLVIDO) Não consigo remover qone8 do meu computador.

Mensagem  Dadys em Qua Out 02, 2013 1:10 pm

Malwarebytes Anti-Malware 1.75.0.1300
[Você precisa estar registrado e conectado para ver este link.]

Versão da Base de Dados: v2013.10.02.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Usuario :: USUARIO-PC [administrador]

02/10/2013 12:50:49
mbam-log-2013-10-02 (12-50-49).txt

Tipo de Verificação: Verificação Rápida
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 202248
Tempo decorrido: 4 minuto(s), 19 segundo(s)

Processos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Chaves de Registro Detectadas: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0} (PUP.Optional.ZuluGames) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0} (PUP.Optional.ZuluGames) -> Enviado para a Quarentena e deletado com sucesso.

Valores de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Pastas Detectadas: 0
(Não foram detectados ítens maliciosos)

Arquivos Detectados: 9
C:\Users\Usuario\Desktop\atube-catcher-381501-32-bits.exe (PUP.Optional.InstallCore) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Usuario\AppData\Local\Temp\4F0A8C54-BAB0-7891-9590-CED824C09ADA\Setup.exe (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Usuario\AppData\Local\Temp\4F0A8C54-BAB0-7891-9590-CED824C09ADA\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Usuario\AppData\Local\Temp\4F0A8C54-BAB0-7891-9590-CED824C09ADA\Latest\MntrDLLInstall.dll (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Usuario\AppData\Local\Temp\4F0A8C54-BAB0-7891-9590-CED824C09ADA\Latest\MyBabylonTB.exe (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Usuario\AppData\Local\Temp\4F0A8C54-BAB0-7891-9590-CED824C09ADA\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Usuario\AppData\Local\Temp\is701137889\2191059_Setup.EXE (PUP.Optional.BundledToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Usuario\AppData\Local\Temp\nsu7BC6.tmp-2\APN_ATU3_.exe (PUP.Optional.BundledToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Usuario\Downloads\75-aTubeCatcher.exe (PUP.Optional.BundledToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.

(fim)

Dadys



Mensagens: 6
Data de inscrição: 01/10/2013

Ver perfil do usuário

Voltar ao Topo Ir em baixo

Re: (RESOLVIDO) Não consigo remover qone8 do meu computador.

Mensagem  Wings (in memoriam) em Qua Out 02, 2013 1:13 pm

Baixe o [Você precisa estar registrado e conectado para ver este link.] (...de Smeenk) e salve-o no Desktop (Área de Trabalho)

*Clique com o botão direito do mouse no Zoek e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

*Cole as linhas em marrom no espaço

autoclean;
emptyalltemp;

*Feche o seu navegador e clique [Run Script]

*Durante o scan a mensagem abaixo será apresentada. Aguarde o término...pode demorar!

Zoek.exe is running now.
Do not start any browser windows, they will be closed automatically.
Please wait! This window will close when finished.
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
*Caso a reinicialização do PC seja solicitada, clique [OK]


Acesse [Você precisa estar registrado e conectado para ver este link.]

*Clique [Selecionar arquivo...], localize o relatório C:\zoek-results.txt e clique [Abrir]

*Selecione 4 jours e clique [Créer le lien Cjoint]

[Você precisa estar registrado e conectado para ver este link.]

*Cole o link criado ao lado de Le lien a été créé:

[Você precisa estar registrado e conectado para ver este link.]

Wings (in memoriam)



Mensagens: 1081
Data de inscrição: 19/08/2013
Localização: Rio de Janeiro - RJ

Ver perfil do usuário http://www.hardware.com.br

Voltar ao Topo Ir em baixo

Re: (RESOLVIDO) Não consigo remover qone8 do meu computador.

Mensagem  Dadys em Qua Out 02, 2013 2:25 pm

O zoe-results ficou com a extensão "log" ao invés de "txt". Mesmo assim dei continuidade ao processo

Este é o link criado

[Você precisa estar registrado e conectado para ver este link.]

Dadys



Mensagens: 6
Data de inscrição: 01/10/2013

Ver perfil do usuário

Voltar ao Topo Ir em baixo

Re: (RESOLVIDO) Não consigo remover qone8 do meu computador.

Mensagem  Wings (in memoriam) em Qua Out 02, 2013 2:55 pm

Clique com o botão direito do mouse no Zoek e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

*Cole a linha em marrom no espaço



*Feche o seu navegador e clique [Run Script]

*Cole o relatório apresentado


Baixe o [Você precisa estar registrado e conectado para ver este link.] (...de Xplode) e salve-o no Desktop (Área de Trabalho)

*Execute-o, clique [Run] e cole o relatório apresentado


Última edição por wings em Qua Out 02, 2013 3:37 pm, editado 1 vez(es)

Wings (in memoriam)



Mensagens: 1081
Data de inscrição: 19/08/2013
Localização: Rio de Janeiro - RJ

Ver perfil do usuário http://www.hardware.com.br

Voltar ao Topo Ir em baixo

Re: (RESOLVIDO) Não consigo remover qone8 do meu computador.

Mensagem  Dadys em Qua Out 02, 2013 3:34 pm

Observação: a página inicial não abre mais com o qone8 e sim com o google! Missão cumprida???

Zoek.exe Version 4.0.0.4 Updated 27-September-2013
Tool run by Usuario on 02/10/2013 at 13:48:36,25.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Usuario\Desktop\zoek.exe [Script inserted]

==== Older Logs ======================

C:\zoek-results2013-10-02-163858.log 17703 bytes

==== Creating Sample_102013_1356.zip ======================

Copied file C:\Users\Usuario\AppData\Roaming\unins000.exe to sample\unins000.exe
Copied file C:\Users\Usuario\AppData\Roaming\unins001.exe to sample\unins001.exe
Copied file C:\Users\Usuario\chromeinstall-7u10.exe to sample\chromeinstall-7u10.exe
sample\chromeinstall-7u10.exe renamed to 105DE32BB543BCA78D72818B4EFF6178
sample\unins000.exe renamed to DEBA5093D7DE0313E6BD3BE6C3E496E2
sample\unins001.exe renamed to AD6E810B9CE3D8C0C1FF0203C68C6FA6

C:\Users\Public\Desktop\sample_102013_1356.zip created successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

"C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx" deleted
"C:\Users\Usuario\AppData\Roaming\unins000.exe" deleted
"C:\Users\Usuario\AppData\Roaming\unins001.exe" deleted
"C:\Users\Usuario\chromeinstall-7u10.exe" deleted
"C:\Windows\SysWow64\searchplugins" deleted
"C:\Windows\SysWow64\Extensions" deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gflandjopdloblmlcoiidmncpinmmacn - C:\Users\Usuario\AppData\Roaming\zulagames\zulagames.crx[01/07/2013 10:58]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
nnjbodopomfddehlalfilheomcahbpei - C:\Users\Usuario\AppData\Local\GAS Tecnologia\GBBD\cef\sf.crx[17/08/2013 12:27]
pgacfjdigcddmmncljpflgcfpfahebkh - C:\Users\Usuario\AppData\Local\GAS Tecnologia\GBBD\bb\sf.crx[03/09/2013 20:03]

Chrome In-App Payments service - Usuario - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
GBBD Caixa Economica Federal - Usuario - Default\Extensions\nnjbodopomfddehlalfilheomcahbpei
GBBD Banco do Brasil - Usuario - Default\Extensions\pgacfjdigcddmmncljpflgcfpfahebkh

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com.br/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com.br/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== shortcuts on Users Desktops ======================

C:\Users\Default\Desktop\CyberLink YouCam.lnk - C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe
C:\Users\Default User\Desktop\CyberLink YouCam.lnk - C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe
C:\Users\Usuario\Desktop\CyberLink YouCam.lnk - C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe
C:\Users\Usuario\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Você precisa estar registrado e conectado para ver este link.]
C:\Users\Usuario\Desktop\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\USURIO~1\Desktop\CyberLink YouCam.lnk - C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\avast Free Antivirus.lnk -
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Program Files\Internet Explorer\iexplore.exe [Você precisa estar registrado e conectado para ver este link.]
C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe [Você precisa estar registrado e conectado para ver este link.]
C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe [Você precisa estar registrado e conectado para ver este link.]

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1046-7B44-AA1000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Você precisa estar registrado e conectado para ver este link.]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Usuario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe [Você precisa estar registrado e conectado para ver este link.]
C:\Users\Usuario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Usuario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Usuario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Você precisa estar registrado e conectado para ver este link.]
C:\Users\Usuario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== shortcuts After Repair ======================

C:\Users\Usuario\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Usuario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Usuario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Usuario\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Usuario\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on 02/10/2013 at 14:01:12,35 ======================

# DelFix v10.4 - Logfile created 02/10/2013 at 15:30:15
# Updated 19/07/2013 by Xplode
# Username : Usuario - USUARIO-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\Program Files (x86)\Hijackthis
Deleted : C:\zoek-results.log
Deleted : C:\zoek-results2013-10-02-163858.log
Deleted : C:\zoek-results2013-10-02-170112.log
Deleted : C:\Users\Usuario\Desktop\HijackThis.exe
Deleted : C:\Users\Usuario\Desktop\hijackthis.log
Deleted : C:\Users\Usuario\Desktop\zoek-results.log
Deleted : C:\Users\Usuario\Desktop\zoek.com
Deleted : C:\Users\Usuario\Desktop\zoek.exe
Deleted : C:\Users\Usuario\Desktop\zoek.zip
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

########## - EOF - ##########

Dadys



Mensagens: 6
Data de inscrição: 01/10/2013

Ver perfil do usuário

Voltar ao Topo Ir em baixo

Re: (RESOLVIDO) Não consigo remover qone8 do meu computador.

Mensagem  Wings (in memoriam) em Qua Out 02, 2013 3:38 pm

Delete o arquivo sample_102013_1356.zip localizado no Desktop


O PC está limpo.


Um abraço....

Wings (in memoriam)



Mensagens: 1081
Data de inscrição: 19/08/2013
Localização: Rio de Janeiro - RJ

Ver perfil do usuário http://www.hardware.com.br

Voltar ao Topo Ir em baixo

Re: (RESOLVIDO) Não consigo remover qone8 do meu computador.

Mensagem  Dadys em Qua Out 02, 2013 3:40 pm

Muito obrigada! Que alívio!! 

Dadys



Mensagens: 6
Data de inscrição: 01/10/2013

Ver perfil do usuário

Voltar ao Topo Ir em baixo

Re: (RESOLVIDO) Não consigo remover qone8 do meu computador.

Mensagem  Wings (in memoriam) em Qua Out 02, 2013 3:48 pm

CASO RESOLVIDO

Caso o(a) autor(a) do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Você precisa estar registrado e conectado para ver este link.] solicitando o desbloqueio.

Wings (in memoriam)



Mensagens: 1081
Data de inscrição: 19/08/2013
Localização: Rio de Janeiro - RJ

Ver perfil do usuário http://www.hardware.com.br

Voltar ao Topo Ir em baixo

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


Permissão deste fórum:
Você não pode responder aos tópicos neste fórum