Avast detectando http://pthacker.no-ip.org:8080/is-ready

Usei meu pendrive em uma lanhause.. péssima escolha.. = /
Segue abaixo o Log do hijackthis. Desde já, agradeço a equipe de moderadores.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:54:54, on 04/03/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal

Running processes:
H:\Windows\system32\taskhost.exe
H:\Program Files\TeamViewer\Version9\TeamViewer.exe
H:\Windows\system32\Dwm.exe
H:\Windows\Explorer.EXE
H:\Windows\SOUNDMAN.EXE
H:\Program Files\Microsoft IntelliPoint\ipoint.exe
H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
H:\Program Files\AVAST Software\Avast\AvastUI.exe
H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
H:\Program Files\HP\HP Software Update\hpwuschd2.exe
H:\Program Files\Common Files\Java\Java Update\jusched.exe
H:\Windows\System32\wscript.exe
H:\Program Files\Ares\Ares.exe
H:\Program Files\Windows Sidebar\sidebar.exe
H:\Program Files\Skype\Phone\Skype.exe
H:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
H:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
H:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
H:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
H:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
H:\Program Files\Common Files\Java\Java Update\jucheck.exe
H:\Program Files\Mozilla Firefox\firefox.exe
H:\Program Files\Mozilla Firefox\plugin-container.exe
H:\Program Files\Mozilla Firefox\plugin-container.exe
H:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
H:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
H:\Users\Arllan\Downloads\HijackThis(1).exe
H:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - H:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - H:\Program Files\BabylonToolbar\BabylonToolbar\1.6.4.6\bh\BabylonToolbar.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - H:\PROGRA~1\Funmoods\1.5.23.22\bh\escort.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - H:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: DealPly Shopping - {a6c63b7f-2171-47fa-ab34-e64c4737169d} - H:\Program Files\DealPly\DealPlyIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - H:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - H:\Program Files\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarTlbr.dll
O3 - Toolbar: Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - H:\PROGRA~1\Funmoods\1.5.23.22\escorTlbr.dll (file missing)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [IntelliPoint] "h:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [Adobe ARM] "H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "H:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HP Software Update] H:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "H:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] H:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "H:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [hpqSRMon] H:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [1677400] wscript.exe //B "H:\Users\Arllan\AppData\Local\Temp\1677400.vbe"
O4 - HKCU\..\Run: [ares] "H:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Sidebar] H:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Facebook Update] "H:\Users\Arllan\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Java.exe] H:\Users\Arllan\appdata\roaming\microsoft\windows\start menu\Java.exe
O4 - HKCU\..\Run: [Skype] "H:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [1677400] wscript.exe //B "H:\Users\Arllan\AppData\Local\Temp\1677400.vbe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] H:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] H:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - Startup: 1677400.vbe
O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = H:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = H:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: @H:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - H:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - H:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: h:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: h:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - H:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - H:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - H:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - H:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - H:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - H:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - H:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - H:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - H:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - H:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe

--
End of file - 10203 bytes

  Olá.

 Siga, por gentileza, as dicas do tutorial abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste, por gentileza, o log do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

Segue, abaixo, o Log do AdwCleaner, como solicitado.




# AdwCleaner v3.020 - Relatório criado 04/03/2014 às 23:42:40
# Atualizado 27/02/2014 por Xplode
# Sistema Operacional : Windows 7 Home Premium Service Pack 1 (32 bits)
# Usuário : Arllan - ARARUAMA
# Executando de : H:\Users\Arllan\Desktop\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

Pasta Deletada : H:\ProgramData\Babylon
Pasta Deletada : H:\ProgramData\uniblue
Pasta Deletada : H:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
Pasta Deletada : H:\Program Files\BabylonToolbar
Pasta Deletada : H:\Program Files\Conduit
Pasta Deletada : H:\Program Files\DealPly
Pasta Deletada : H:\Windows\system32\Browser Manager
Pasta Deletada : H:\Users\Arllan\AppData\Local\Conduit
Pasta Deletada : H:\Users\Arllan\AppData\Local\torch
Pasta Deletada : H:\Users\Arllan\AppData\LocalLow\BabylonToolbar
Pasta Deletada : H:\Users\Arllan\AppData\LocalLow\Conduit
Pasta Deletada : H:\Users\Arllan\AppData\Roaming\BabSolution
Pasta Deletada : H:\Users\Arllan\AppData\Roaming\Babylon
Pasta Deletada : H:\Users\Arllan\AppData\Roaming\BabylonToolbar
Pasta Deletada : H:\Users\Arllan\AppData\Roaming\DealPly
Pasta Deletada : H:\Users\Arllan\AppData\Roaming\file scout
Pasta Deletada : H:\Users\Arllan\AppData\Roaming\Funmoods
Pasta Deletada : H:\Users\Arllan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Pasta Deletada : H:\Users\Arllan\AppData\Roaming\Mozilla\Firefox\Profiles\p7l5z4sd.default\ConduitCommon
Pasta Deletada : H:\Users\Arllan\AppData\Roaming\Mozilla\Firefox\Profiles\p7l5z4sd.default\Smartbar
Pasta Deletada : H:\Users\Arllan\AppData\Roaming\Mozilla\Firefox\Profiles\p7l5z4sd.default\ValueApps
Pasta Deletada : H:\Users\Arllan\AppData\Roaming\Mozilla\Firefox\Profiles\p7l5z4sd.default\CT1098640
Pasta Deletada : H:\Users\Arllan\AppData\Roaming\Mozilla\Firefox\Profiles\p7l5z4sd.default\Extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
Pasta Deletada : H:\Users\Arllan\AppData\Roaming\Mozilla\Firefox\Profiles\p7l5z4sd.default\Extensions\ffxtlbr@babylon.com
Pasta Deletada : H:\Users\Arllan\AppData\Roaming\Mozilla\Firefox\Profiles\p7l5z4sd.default\Extensions\ffxtlbr@funmoods.com
Pasta Deletada : H:\Users\Arllan\AppData\Roaming\Mozilla\Firefox\Profiles\p7l5z4sd.default\Extensions\{ecdee021-0d17-467f-a1ff-c7a115230949}
Pasta Deletada : H:\Users\Arllan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Pasta Deletada : H:\Users\Arllan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Pasta Deletada : H:\Users\Arllan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Arquivo Deletada : H:\Users\Arllan\AppData\Local\funmoods.crx
Arquivo Deletada : H:\Users\Arllan\AppData\Local\funmoods-speeddial.crx
Arquivo Deletada : H:\Users\Arllan\AppData\Roaming\BabMaint.exe
Arquivo Deletada : H:\Users\Arllan\AppData\Roaming\Mozilla\Firefox\Profiles\p7l5z4sd.default\bprotector_extensions.sqlite
Arquivo Deletada : H:\Users\Arllan\AppData\Roaming\Mozilla\Firefox\Profiles\p7l5z4sd.default\bprotector_prefs.js
Arquivo Deletada : H:\Users\Arllan\AppData\Roaming\Mozilla\Firefox\Profiles\p7l5z4sd.default\searchplugins\Babylon.xml
Arquivo Deletada : H:\Users\Arllan\AppData\Roaming\Mozilla\Firefox\Profiles\p7l5z4sd.default\searchplugins\BabylonMngr.xml
Arquivo Deletada : H:\Users\Arllan\AppData\Roaming\Mozilla\Firefox\Profiles\p7l5z4sd.default\searchplugins\search.xml
Arquivo Deletada : H:\Users\Arllan\AppData\Roaming\Mozilla\Firefox\Profiles\p7l5z4sd.default\user.js
Arquivo Deletada : H:\Users\Arllan\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Arquivo Deletada : H:\Users\Arllan\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Arquivo Deletada : H:\Users\Arllan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage
Arquivo Deletada : H:\Users\Arllan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage
Arquivo Deletada : H:\Users\Arllan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal
Arquivo Deletada : H:\Windows\System32\Tasks\Browser Manager
Arquivo Deletada : H:\Windows\System32\Tasks\DealPlyUpdate
Arquivo Deletada : H:\Windows\Tasks\Funmoods.job
Arquivo Deletada : H:\Windows\System32\Tasks\Funmoods

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4462C61E-7D63-4513-869B-5ADA0145D333}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4462C61E-7D63-4513-869B-5ADA0145D333}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{427F2037-85D5-47DF-85D7-363CF2FC923F}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{427F2037-85D5-47DF-85D7-363CF2FC923F}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0734CECB-17D6-4464-ACC3-90CAD4E8248F}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0734CECB-17D6-4464-ACC3-90CAD4E8248F}
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.old.Start Page]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Chave Deletedo : HKLM\SOFTWARE\Classes\*\shell\filescout
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\b
Chave Deletedo : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Chave Deletedo : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Chave Deletedo : HKLM\SOFTWARE\Classes\driverscanner
Chave Deletedo : HKLM\SOFTWARE\Classes\escort.escortIEPane
Chave Deletedo : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Chave Deletedo : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Chave Deletedo : HKLM\SOFTWARE\Classes\f
Chave Deletedo : HKLM\SOFTWARE\Classes\funmoods.dskBnd
Chave Deletedo : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1
Chave Deletedo : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr
Chave Deletedo : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1
Chave Deletedo : HKLM\SOFTWARE\Classes\funmoodsApp.appCore
Chave Deletedo : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Valor Deletedo : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Valor Deletedo : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Chave Deletedo : HKCU\Software\9ed98cb46fe512
Chave Deletedo : HKLM\SOFTWARE\9ed98cb46fe512
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar.CT1098640
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A6C63B7F-2171-47FA-AB34-E64C4737169D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6C63B7F-2171-47FA-AB34-E64C4737169D}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6C63B7F-2171-47FA-AB34-E64C4737169D}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}]
Chave Deletedo : HKCU\Software\BabSolution
Chave Deletedo : HKCU\Software\BabylonToolbar
Chave Deletedo : HKCU\Software\BrowserMngr
Chave Deletedo : HKCU\Software\Conduit
Chave Deletedo : HKCU\Software\DataMngr
[#] Chave Deletedo : HKCU\Software\DataMngr_Toolbar
Chave Deletedo : HKCU\Software\DealPly
Chave Deletedo : HKCU\Software\filescout
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\Microsoft\Babylon
Chave Deletedo : HKCU\Software\torch
Chave Deletedo : HKCU\Software\AppDataLow\Software\Conduit
Chave Deletedo : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Chave Deletedo : HKCU\Software\AppDataLow\Software\SmartBar
Chave Deletedo : HKLM\Software\Babylon
Chave Deletedo : HKLM\Software\BabylonToolbar
Chave Deletedo : HKLM\Software\BrowserMngr
Chave Deletedo : HKLM\Software\Conduit
Chave Deletedo : HKLM\Software\DataMngr
Chave Deletedo : HKLM\Software\DealPly
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKLM\Software\Uniblue
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193
Chave Deletedo : HKLM\Software\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
Chave Deletedo : HKLM\Software\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.16518

Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.Old.Start Page]

-\\ Mozilla Firefox v27.0.1 (pt-BR)

[ Arquivo : H:\Users\Arllan\AppData\Roaming\Mozilla\Firefox\Profiles\p7l5z4sd.default\prefs.js ]

Linha deletada : user_pref("CT1098640..clientLogIsEnabled", true);
Linha deletada : user_pref("CT1098640..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Linha deletada : user_pref("CT1098640..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Linha deletada : user_pref("CT1098640.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Linha deletada : user_pref("CT1098640.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Linha deletada : user_pref("CT1098640.AppTrackingLastCheckTime", "Mon Feb 27 2012 17:46:09 GMT-0300 (Hora oficial do Brasil)");
Linha deletada : user_pref("CT1098640.BrowserCompStateIsOpen_130040840288261367", true);
Linha deletada : user_pref("CT1098640.BrowserCompStateIsOpen_130063583522274916", true);
Linha deletada : user_pref("CT1098640.CT1098640", "CT1098640");
Linha deletada : user_pref("CT1098640.CT1098640.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT1098640&octid=CT1098640&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_I[...]
Linha deletada : user_pref("CT1098640.CommunitiesChangesLastCheckTime", "Wed Nov 13 2013 19:21:41 GMT-0200 (Hora oficial do Brasil)");
Linha deletada : user_pref("CT1098640.CommunitiesChangesLastUrl", "hxxp://grouping.services.conduit.com/GroupingRequest.ctp?type=ToolbarsInfo&ctids=CT1098640");
Linha deletada : user_pref("CT1098640.CommunityChanged", true);
Linha deletada : user_pref("CT1098640.ConfigurationLastCheckTime", "Wed Nov 13 2013 19:21:50 GMT-0200 (Hora oficial do Brasil)");
Linha deletada : user_pref("CT1098640.CurrentServerDate", "14-11-2013");
Linha deletada : user_pref("CT1098640.DSInstall", false);
Linha deletada : user_pref("CT1098640.DialogsAlignMode", "LTR");
Linha deletada : user_pref("CT1098640.DialogsGetterLastCheckTime", "Fri Nov 08 2013 10:30:46 GMT-0200 (Hora oficial do Brasil)");
Linha deletada : user_pref("CT1098640.DownloadDomainsCheckInterval", "168");
Linha deletada : user_pref("CT1098640.DownloadDomainsListLastCheckTime", "Wed Nov 13 2013 19:21:49 GMT-0200 (Hora oficial do Brasil)");
Linha deletada : user_pref("CT1098640.DownloadReferralCookieData", "");
Linha deletada : user_pref("CT1098640.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Linha deletada : user_pref("CT1098640.FeedLastCount128295885701037994", 0);
Linha deletada : user_pref("CT1098640.FeedPollDate128295885701037994", "Mon Mar 12 2012 23:26:02 GMT-0300 (Hora oficial do Brasil)");
Linha deletada : user_pref("CT1098640.FirstServerDate", "27-2-2012");
Linha deletada : user_pref("CT1098640.FirstTime", true);
Linha deletada : user_pref("CT1098640.FirstTimeFF3", true);
Linha deletada : user_pref("CT1098640.FixPageNotFoundErrors", false);
Linha deletada : user_pref("CT1098640.GroupingServerCheckInterval", 1440);
Linha deletada : user_pref("CT1098640.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Linha deletada : user_pref("CT1098640.HPInstall", false);
Linha deletada : user_pref("CT1098640.HasUserGlobalKeys", true);
Linha deletada : user_pref("CT1098640.HomePageProtectorEnabled", false);
Linha deletada : user_pref("CT1098640.HomepageBeforeUnload", "hxxp://globoesporte.globo.com/futebol/times/flamengo/");
Linha deletada : user_pref("CT1098640.Initialize", true);
Linha deletada : user_pref("CT1098640.InitializeCommonPrefs", true);
Linha deletada : user_pref("CT1098640.InstallationAndCookieDataSentCount", 3);
Linha deletada : user_pref("CT1098640.InstallationId", "ConduitStubGeneric");
Linha deletada : user_pref("CT1098640.InstallationType", "ConduitStubIntegration");
Linha deletada : user_pref("CT1098640.InstalledDate", "Mon Feb 27 2012 11:22:15 GMT-0300 (Hora oficial do Brasil)");
Linha deletada : user_pref("CT1098640.InvalidateCache", false);
Linha deletada : user_pref("CT1098640.IsAlertDBUpdated", true);
Linha deletada : user_pref("CT1098640.IsGrouping", false);
Linha deletada : user_pref("CT1098640.IsInitSetupIni", true);
Linha deletada : user_pref("CT1098640.IsMulticommunity", true);
Linha deletada : user_pref("CT1098640.IsOpenThankYouPage", true);
Linha deletada : user_pref("CT1098640.IsOpenUninstallPage", true);
Linha deletada : user_pref("CT1098640.IsProtectorsInit", true);
Linha deletada : user_pref("CT1098640.LanguagePackLastCheckTime", "Wed Nov 13 2013 19:21:50 GMT-0200 (Hora oficial do Brasil)");
Linha deletada : user_pref("CT1098640.LanguagePackReloadIntervalMM", 1440);
Linha deletada : user_pref("CT1098640.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Linha deletada : user_pref("CT1098640.LastLogin_3.10.0.1", "Mon Mar 12 2012 22:14:50 GMT-0300 (Hora oficial do Brasil)");
Linha deletada : user_pref("CT1098640.LastLogin_3.12.0.7", "Wed May 02 2012 12:47:05 GMT-0300 (Hora oficial do Brasil)");
Linha deletada : user_pref("CT1098640.LastLogin_3.12.2.3", "Fri Jun 15 2012 19:49:35 GMT-0300 (Hora oficial do Brasil)");
Linha deletada : user_pref("CT1098640.LastLogin_3.13.0.6", "Mon Jul 16 2012 22:49:33 GMT-0300 (Hora oficial do Brasil)");
Linha deletada : user_pref("CT1098640.LastLogin_3.14.1.0", "Fri Aug 31 2012 22:47:41 GMT-0300 (Hora oficial do Brasil)");
Linha deletada : user_pref("CT1098640.LastLogin_3.15.1.0", "Mon Nov 12 2012 10:33:34 GMT-0200");
Linha deletada : user_pref("CT1098640.LastLogin_3.16.0.3", "Mon Feb 18 2013 10:55:33 GMT-0300 (Hora oficial do Brasil)");
Linha deletada : user_pref("CT1098640.LastLogin_3.18.0.7", "Tue Jul 23 2013 13:31:22 GMT-0300 (Hora oficial do Brasil)");
Linha deletada : user_pref("CT1098640.LastLogin_3.19.0.3", "Wed Oct 23 2013 12:58:44 GMT-0200 (Hora oficial do Brasil)");
Linha deletada : user_pref("CT1098640.LastLogin_3.20.0.4", "Wed Nov 13 2013 19:21:48 GMT-0200 (Hora oficial do Brasil)");
Linha deletada : user_pref("CT1098640.LastLogin_3.9.0.3", "Wed Mar 07 2012 19:25:47 GMT-0300 (Hora oficial do Brasil)");
Linha deletada : user_pref("CT1098640.LatestVersion", "3.20.0.4");
Linha deletada : user_pref("CT1098640.Locale", "en-us");
Linha deletada : user_pref("CT1098640.MCDetectTooltipHeight", "83");
Linha deletada : user_pref("CT1098640.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Linha deletada : user_pref("CT1098640.MCDetectTooltipWidth", "295");
Linha deletada : user_pref("CT1098640.MyStuffEnabledAtInstallation", true);
Linha deletada : user_pref("CT1098640.OriginalFirstVersion", "3.9.0.3");
Linha deletada : user_pref("CT1098640.RadioIsPodcast", false);
Linha deletada : user_pref("CT1098640.RadioLastCheckTime", "Sun Oct 21 2012 10:27:31 GMT-0200");
Linha deletada : user_pref("CT1098640.RadioLastUpdateIPServer", "0");
Linha deletada : user_pref("CT1098640.RadioLastUpdateServer", "128929877726170000");
Linha deletada : user_pref("CT1098640.RadioMediaID", "4817804");
Linha deletada : user_pref("CT1098640.RadioMediaType", "Media Player");
Linha deletada : user_pref("CT1098640.RadioMenuSelectedID", "EBRadioMenu_CT10986404817804");
Linha deletada : user_pref("CT1098640.RadioShrinkedFromSetup", false);
Linha deletada : user_pref("CT1098640.RadioStationName", "Adult%20Alternative");
Linha deletada : user_pref("CT1098640.RadioStationURL", "hxxp://syndication.choiceradio.com/asxplay/asx-music/406.asx");
Linha deletada : user_pref("CT1098640.SearchAPILastCheckTime", "Wed Nov 13 2013 19:21:49 GMT-0200 (Hora oficial do Brasil)");
Linha deletada : user_pref("CT1098640.SearchCaption", "free-downloads.net Customized Web Search");
Linha deletada : user_pref("CT1098640.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
Linha deletada : user_pref("CT1098640.SearchFromAddressBarIsInit", true);
Linha deletada : user_pref("CT1098640.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1098640&SearchSource=2&q=");
Linha deletada : user_pref("CT1098640.SearchInNewTabEnabled", true);
Linha deletada : user_pref("CT1098640.SearchInNewTabIntervalMM", 1440);
Linha deletada : user_pref("CT1098640.SearchInNewTabLastCheckTime", "Wed Oct 23 2013 12:58:41 GMT-0200 (Hora oficial do Brasil)");
Linha deletada : user_pref("CT1098640.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
Linha deletada : user_pref("CT1098640.SearchInNewTabURLFromSearchAPI", "hxxp://search.conduit.com/?ctid=CT1098640&octid=CT1098640&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_ID");
Linha deletada : user_pref("CT1098640.SearchProtectorEnabled", false);
Linha deletada : user_pref("CT1098640.SearchProtectorToolbarDisabled", false);
Linha deletada : user_pref("CT1098640.SendProtectorDataViaLogin", true);
Linha deletada : user_pref("CT1098640.ServiceMapLastCheckTime", "Wed Nov 13 2013 19:21:50 GMT-0200 (Hora oficial do Brasil)");
Linha deletada : user_pref("CT1098640.SettingsLastCheckTime", "Wed Nov 13 2013 19:21:41 GMT-0200 (Hora oficial do Brasil)");
Linha deletada : user_pref("CT1098640.SettingsLastUpdate", "1383737452");
Linha deletada : user_pref("CT1098640.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT1098640&SearchSource=13");
Linha deletada : user_pref("CT1098640.ThirdPartyComponentsInterval", 504);
Linha deletada : user_pref("CT1098640.ThirdPartyComponentsLastCheck", "Mon Feb 27 2012 11:21:56 GMT-0300 (Hora oficial do Brasil)");
Linha deletada : user_pref("CT1098640.ThirdPartyComponentsLastUpdate", "1312887586");
Linha deletada : user_pref("CT1098640.ToolbarShrinkedFromSetup", false);
Linha deletada : user_pref("CT1098640.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Linha deletada : user_pref("CT1098640.UserID", "UN33135525399431753");
Linha deletada : user_pref("CT1098640.ValidationData_Search", 1);
Linha deletada : user_pref("CT1098640.ValidationData_Toolbar", 1);
Linha deletada : user_pref("CT1098640.addressBarTakeOverEnabledInHidden", "true");
Linha deletada : user_pref("CT1098640.alertChannelId", "5747");
Linha deletada : user_pref("CT1098640.countryCode", "BR");
Linha deletada : user_pref("CT1098640.firstTimeDialogOpened", true);
Linha deletada : user_pref("CT1098640.fixPageNotFoundErrorByUser", "false");
Linha deletada : user_pref("CT1098640.fixPageNotFoundErrorInHidden", "true");
Linha deletada : user_pref("CT1098640.fullUserID", "UN33135525399431753.UP.2109");
Linha deletada : user_pref("CT1098640.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Linha deletada : user_pref("CT1098640.globalFirstTimeInfoLastCheckTime", "Thu Mar 08 2012 11:58:46 GMT-0300 (Hora oficial do Brasil)");
Linha deletada : user_pref("CT1098640.homepageProtectorEnableByLogin", true);
Linha deletada : user_pref("CT1098640.initDone", true);
Linha deletada : user_pref("CT1098640.installId", "ConduitStubGeneric");
Linha deletada : user_pref("CT1098640.installType", "ConduitStubIntegration");
Linha deletada : user_pref("CT1098640.isAppTrackingManagerOn", true);
Linha deletada : user_pref("CT1098640.isCheckedStartAsHidden", true);
Linha deletada : user_pref("CT1098640.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Linha deletada : user_pref("CT1098640.isFirstRadioInstallation", false);
Linha deletada : user_pref("CT1098640.isFirstTimeToolbarLoading", "false");
Linha deletada : user_pref("CT1098640.isPerformedSmartBarTransition", "true");
Linha deletada : user_pref("CT1098640.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Linha deletada : user_pref("CT1098640.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT1098640&octid=CT1098640&SearchSource=15&CUI=UN33135525399431753&SSPV=&Lay=1&UM=\"}");
Linha deletada : user_pref("CT1098640.lastVersion", "10.23.0.822");
Linha deletada : user_pref("CT1098640.myStuffEnabled", true);
Linha deletada : user_pref("CT1098640.myStuffPublihserMinWidth", 400);
Linha deletada : user_pref("CT1098640.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Linha deletada : user_pref("CT1098640.myStuffServiceIntervalMM", 1440);
Linha deletada : user_pref("CT1098640.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Linha deletada : user_pref("CT1098640.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://freedownloadsnet.OurToolbar.com/\",\"E[...]
Linha deletada : user_pref("CT1098640.oldAppsList", "200,128333897468069547,128295879817444167,111,128295979035569280,128297519285300115,128295885701037994,8088913746469956535,3710229170124447004,129108004589217866,77[...]
Linha deletada : user_pref("CT1098640.originalHomepage", "hxxp://globoesporte.globo.com/futebol/times/flamengo/");
Linha deletada : user_pref("CT1098640.originalSearchAddressUrl", "");
Linha deletada : user_pref("CT1098640.originalSearchEngine", "chrome://browser-region/locale/region.properties");
Linha deletada : user_pref("CT1098640.revertSettingsEnabled", true);
Linha deletada : user_pref("CT1098640.search.searchCount", 1);
Linha deletada : user_pref("CT1098640.searchFromAddressBarEnabledByUser", "false");
Linha deletada : user_pref("CT1098640.searchInNewTabEnabledByUser", "true");
Linha deletada : user_pref("CT1098640.searchInNewTabEnabledInHidden", "true");
Linha deletada : user_pref("CT1098640.searchProtectorDialogDelayInSec", 10);
Linha deletada : user_pref("CT1098640.searchProtectorEnableByLogin", true);
Linha deletada : user_pref("CT1098640.searchSuggestEnabledByUser", "false");
Linha deletada : user_pref("CT1098640.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Linha deletada : user_pref("CT1098640.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Linha deletada : user_pref("CT1098640.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Linha deletada : user_pref("CT1098640.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT1098640\"}");
Linha deletada : user_pref("CT1098640.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://freedownloadsnet.OurToolbar.com//xpi\"}");
Linha deletada : user_pref("CT1098640.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"free-downloads.net \"}");
Linha deletada : user_pref("CT1098640.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Linha deletada : user_pref("CT1098640.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Linha deletada : user_pref("CT1098640.serviceLayer_services_Configuration_lastUpdate", "1393979993620");
Linha deletada : user_pref("CT1098640.serviceLayer_services_login_10.20.101.5_lastUpdate", "1385649986378");
Linha deletada : user_pref("CT1098640.serviceLayer_services_login_10.22.5.510_lastUpdate", "1386956739094");
Linha deletada : user_pref("CT1098640.serviceLayer_services_login_10.23.0.822_lastUpdate", "1393979997094");
Linha deletada : user_pref("CT1098640.serviceLayer_services_searchAPI_lastUpdate", "1393979992140");
Linha deletada : user_pref("CT1098640.serviceLayer_services_serviceMap_lastUpdate", "1393979991712");
Linha deletada : user_pref("CT1098640.serviceLayer_services_toolbarSettings_lastUpdate", "1393979992387");
Linha deletada : user_pref("CT1098640.serviceLayer_services_translation_lastUpdate", "1393979995634");
Linha deletada : user_pref("CT1098640.settingsINI", true);
Linha deletada : user_pref("CT1098640.showToolbarPermission", "false");
Linha deletada : user_pref("CT1098640.smartbar.CTID", "CT1098640");
Linha deletada : user_pref("CT1098640.smartbar.Uninstall", "0");
Linha deletada : user_pref("CT1098640.smartbar.toolbarName", "free-downloads.net ");
Linha deletada : user_pref("CT1098640.testingCtid", "");
Linha deletada : user_pref("CT1098640.toolbarAppMetaDataLastCheckTime", "Wed Nov 13 2013 19:21:50 GMT-0200 (Hora oficial do Brasil)");
Linha deletada : user_pref("CT1098640.toolbarBornServerTime", "27-2-2012");
Linha deletada : user_pref("CT1098640.toolbarContextMenuLastCheckTime", "Mon Mar 12 2012 13:28:41 GMT-0300 (Hora oficial do Brasil)");
Linha deletada : user_pref("CT1098640.toolbarCurrentServerTime", "5-3-2014");
Linha deletada : user_pref("CT1098640.toolbarLoginClientTime", "Mon Nov 18 2013 11:15:26 GMT-0200 (Hora oficial do Brasil)");
Linha deletada : user_pref("CT1098640.usagesFlag", 2);
Linha deletada : user_pref("CT1098640_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1393986628051,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Linha deletada : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT1098640/CT1098640", "\"13ff8cfa20c25139861cc6b2327607173\"");
Linha deletada : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/5747/5719/BR", "\"0\"");
Linha deletada : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT1098640", "\"1361884752\"");
Linha deletada : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en-us", "wVmmvqqOMqrv5xct1cJIHg==");
Linha deletada : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en-us", "B8Px/Te74hi98N2hb9yOAQ==");
Linha deletada : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en-us", "Dclc8oo4TTv7+mAkSlUSWg==");
Linha deletada : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en-us", "cTVrc75U9YwdI74PAhUYFw==");
Linha deletada : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"d229fa25f6c9cc1:0\"");
Linha deletada : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10.0.1", "\"801a319dd78ccc1:0\"");
Linha deletada : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.7", "\"4ead38b3e6bcd1:0\"");
Linha deletada : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
Linha deletada : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0d648794549cd1:14f1\"");
Linha deletada : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
Linha deletada : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:155b\"");
Linha deletada : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.3", "\"0343677cfb1cd1:15ff\"");
Linha deletada : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"23c5489aa686ce1:0\"");
Linha deletada : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.19.0.3", "\"f414eeaa6bece1:0\"");
Linha deletada : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.20.0.4", "\"f414eeaa6bece1:16f8\"");
Linha deletada : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.0.3", "\"801a319dd78ccc1:12e4\"");
Linha deletada : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT1098640", "\"52c3f1538cb4af4ada257fcbc6b15d49\"");
Linha deletada : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Poppy/equalizer_dead.gif", "\"056cca64576c91:0\"");
Linha deletada : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Poppy/minimize.gif", "\"01815d13376c91:0\"");
Linha deletada : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Poppy/play.gif", "\"0bb4f937175c91:0\"");
Linha deletada : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Poppy/stop.gif", "\"0d2aa5d7175c91:0\"");
Linha deletada : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Poppy/vol.gif", "\"0ecd0e04cc7c91:0\"");
Linha deletada : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE", "\"8e82241d7d3e07c3807a37c9d0389356\"");
Linha deletada : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"e0681bed78ad068a85c7ae4073122c0f\"");
Linha deletada : user_pref("CommunityToolbar.LatestLibsPath", "file:///H:\\Users\\Arllan\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\p7l5z4sd.default\\conduitCommon\\modules\\3.15.1.0");
Linha deletada : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.15.1.0");
Linha deletada : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Linha deletada : user_pref("CommunityToolbar.ToolbarsList", "CT1098640");
Linha deletada : user_pref("CommunityToolbar.ToolbarsList2", "CT1098640");
Linha deletada : user_pref("CommunityToolbar.ToolbarsList4", "CT1098640");
Linha deletada : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Oct 21 2012 10:27:30 GMT-0200");
Linha deletada : user_pref("CommunityToolbar.globalUserId", "1edfe29b-4dc7-4f37-ae85-69ea4e3e1ace");
Linha deletada : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Linha deletada : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Linha deletada : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Oct 21 2012 10:27:32 GMT-0200");
Linha deletada : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Linha deletada : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Oct 21 2012 10:27:40 GMT-0200");
Linha deletada : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Linha deletada : user_pref("CommunityToolbar.notifications.locale", "");
Linha deletada : user_pref("CommunityToolbar.notifications.loginIntervalMin", 0);
Linha deletada : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Oct 21 2012 10:27:32 GMT-0200");
Linha deletada : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "");
Linha deletada : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Linha deletada : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Linha deletada : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Linha deletada : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Linha deletada : user_pref("CommunityToolbar.notifications.userId", "b73df240-d423-4127-99fd-d1dd7e3b6e20");
Linha deletada : user_pref("CommunityToolbar.originalHomepage", "hxxp://globoesporte.globo.com/futebol/times/flamengo/");
Linha deletada : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties");
Linha deletada : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Linha deletada : user_pref("avg.install.userHPSettings", "hxxp://search.babylon.com/?affID=113480&tt=120812_bandext_3312_1&babsrc=HP_ss&mntrId=00000000000000000000000c76b15254");
Linha deletada : user_pref("avg.install.userSPSettings", "Search the web (Babylon)");
Linha deletada : user_pref("backup.old.browser.search.defaultenginename", "Search the web (Babylon)");
Linha deletada : user_pref("backup.old.browser.search.selectedEngine", "Search the web (Babylon)");
Linha deletada : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Linha deletada : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=113480&tt=120812_bandext_3312_1&babsrc=NT_ss&mntrId=00000000000000000000000c76b15254");
Linha deletada : user_pref("browser.search.order.1", "Search the web (Babylon)");
Linha deletada : user_pref("browser.startup.homepage", "hxxp://search.babylon.com/?affID=113480&tt=120812_bandext_3312_1&babsrc=HP_ss&mntrId=00000000000000000000000c76b15254");
Linha deletada : user_pref("extensions.BabylonToolbar.admin", false);
Linha deletada : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Linha deletada : user_pref("extensions.BabylonToolbar.babExt", "");
Linha deletada : user_pref("extensions.BabylonToolbar.babTrack", "affID=113480&tt=120812_bandext_3312_1");
Linha deletada : user_pref("extensions.BabylonToolbar.bbDpng", 14);
Linha deletada : user_pref("extensions.BabylonToolbar.cntry", "BR");
Linha deletada : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Linha deletada : user_pref("extensions.BabylonToolbar.dfltSrch", true);
Linha deletada : user_pref("extensions.BabylonToolbar.excTlbr", false);
Linha deletada : user_pref("extensions.BabylonToolbar.hdrMd5", "999A9AF2ACAE0D81B8B6AC970E810CFF");
Linha deletada : user_pref("extensions.BabylonToolbar.hmpg", true);
Linha deletada : user_pref("extensions.BabylonToolbar.id", "00000000000000000000000c76b15254");
Linha deletada : user_pref("extensions.BabylonToolbar.instlDay", "15566");
Linha deletada : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Linha deletada : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?affID=113480&tt=120812_bandext_3312_1&babsrc=KW_ss&mntrId=00000000000000000000000c76b15254&q=");
Linha deletada : user_pref("extensions.BabylonToolbar.lastDP", 14);
Linha deletada : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.6.4.615:53:29");
Linha deletada : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "12.0");
Linha deletada : user_pref("extensions.BabylonToolbar.newTab", false);
Linha deletada : user_pref("extensions.BabylonToolbar.newTabUrl", "");
Linha deletada : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
Linha deletada : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Linha deletada : user_pref("extensions.BabylonToolbar.propectorlck", 83530518);
Linha deletada : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Linha deletada : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Linha deletada : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Linha deletada : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Linha deletada : user_pref("extensions.BabylonToolbar.sg", "azb");
Linha deletada : user_pref("extensions.BabylonToolbar.smplGrp", "azb");
Linha deletada : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Linha deletada : user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
Linha deletada : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://www.google.com/search?babsrc=TB_ggl&q=");
Linha deletada : user_pref("extensions.BabylonToolbar.vrsn", "1.6.4.6");
Linha deletada : user_pref("extensions.BabylonToolbar.vrsnTs", "1.6.4.615:53:29");
Linha deletada : user_pref("extensions.BabylonToolbar.vrsni", "1.6.4.6");
Linha deletada : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Linha deletada : user_pref("extensions.BabylonToolbar_i.babExt", "");
Linha deletada : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=113480&tt=120812_bandext_3312_1");
Linha deletada : user_pref("extensions.BabylonToolbar_i.hardId", "00000000000000000000000c76b15254");
Linha deletada : user_pref("extensions.BabylonToolbar_i.id", "00000000000000000000000c76b15254");
Linha deletada : user_pref("extensions.BabylonToolbar_i.instlDay", "15451");
Linha deletada : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Linha deletada : user_pref("extensions.BabylonToolbar_i.newTab", false);
Linha deletada : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Linha deletada : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Linha deletada : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Linha deletada : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Linha deletada : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Linha deletada : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Linha deletada : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.4.615:53:29");
Linha deletada : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Linha deletada : user_pref("extensions.enabledAddons", "ffxtlbr%40babylon.com:1.2.0,%7BEB9394A3-4AD6-4918-9537-31A1FD8E8EDF%7D:2.0,%7Becdee021-0d17-467f-a1ff-c7a115230949%7D:10.23.0.822,%7B972ce4c6-7e08-4474-a285-3208[...]
Linha deletada : user_pref("extensions.funmoods.aflt", "ironpub");
Linha deletada : user_pref("extensions.funmoods.autoRvrt", false);
Linha deletada : user_pref("extensions.funmoods.cntry", "");
Linha deletada : user_pref("extensions.funmoods.cv", "cv5");
Linha deletada : user_pref("extensions.funmoods.dfltLng", "");
Linha deletada : user_pref("extensions.funmoods.dfltSrch", true);
Linha deletada : user_pref("extensions.funmoods.dnsErr", true);
Linha deletada : user_pref("extensions.funmoods.envrmnt", "production");
Linha deletada : user_pref("extensions.funmoods.excTlbr", false);
Linha deletada : user_pref("extensions.funmoods.fmupdtFirst", false);
Linha deletada : user_pref("extensions.funmoods.hdrMd5", "A89805CF9CF5BE063E2061AA76CD174A");
Linha deletada : user_pref("extensions.funmoods.hmpg", true);
Linha deletada : user_pref("extensions.funmoods.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzutDtDtD0CyByC0BtCyDtByDyEtD0Czy0CtN0D0Tzu0StBtAzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=2367843[...]
Linha deletada : user_pref("extensions.funmoods.id", "000C76B152540C9C");
Linha deletada : user_pref("extensions.funmoods.instlDay", "15579");
Linha deletada : user_pref("extensions.funmoods.instlRef", "ironpub");
Linha deletada : user_pref("extensions.funmoods.isdcmntcmplt", true);
Linha deletada : user_pref("extensions.funmoods.lastVrsnTs", "1.5.23.2223:59:47");
Linha deletada : user_pref("extensions.funmoods.mntrvrsn", "1.3.0");
Linha deletada : user_pref("extensions.funmoods.newTab", true);
Linha deletada : user_pref("extensions.funmoods.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzutDtDtD0CyByC0BtCyDtByDyEtD0Czy0CtN0D0Tzu0StBtAzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=23678[...]
Linha deletada : user_pref("extensions.funmoods.pnu_base", "{\"newVrsn\":\"199\",\"lastVrsn\":\"199\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"true\",\"msgTs\":0,\"lstMsgTs\":\"0\"}");
Linha deletada : user_pref("extensions.funmoods.prdct", "funmoods");
Linha deletada : user_pref("extensions.funmoods.prtnrId", "funmoods");
Linha deletada : user_pref("extensions.funmoods.sg", "none");
Linha deletada : user_pref("extensions.funmoods.smplGrp", "none");
Linha deletada : user_pref("extensions.funmoods.srchPrvdr", "Search");
Linha deletada : user_pref("extensions.funmoods.tlbrId", "base");
Linha deletada : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://start.funmoods.com/?f=3&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzutDtDtD0CyByC0BtCyDtByDyEtD0Czy0CtN0D0Tzu0StBtAzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=236[...]
Linha deletada : user_pref("extensions.funmoods.vrsn", "1.5.23.22");
Linha deletada : user_pref("extensions.funmoods.vrsnTs", "1.5.23.2223:59:47");
Linha deletada : user_pref("extensions.funmoods.vrsni", "1.5.23.22");
Linha deletada : user_pref("extensions.funmoods_i.newTab", true);
Linha deletada : user_pref("extensions.funmoods_i.smplGrp", "none");
Linha deletada : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2223:59:47");
Linha deletada : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
Linha deletada : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
Linha deletada : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
Linha deletada : user_pref("plugin.state.npconduitfirefoxplugin", 2);
Linha deletada : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1098640&SearchSource=2&q=");
Linha deletada : user_pref("smartbar.machineId", "1RCKHTFFTDYU9DUK1KCI/JSM0LH+XBADPZ00EEWYHNACUAUYPBD8LIOLDC21Q9MI7UKEEH3TFGVZTTORSHLMIW");
Linha deletada : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Search the web (Babylon)");
Linha deletada : user_pref("sweetim.toolbar.urls.homepage", "hxxp://search.babylon.com/?affID=113480&tt=120812_bandext_3312_1&babsrc=HP_ss&mntrId=00000000000000000000000c76b15254");
Linha deletada : user_pref("valueApps.CT1098640.mam_gk_currentVersion", "312E31332E302E3137");
Linha deletada : user_pref("valueApps.CT1098640.mam_gk_currentVersion.storedInFile", false);
Linha deletada : user_pref("valueApps.CT1098640.mam_gk_globalKeysMigratedToLocalStorage", "31");
Linha deletada : user_pref("valueApps.CT1098640.mam_gk_globalKeysMigratedToLocalStorage.storedInFile", false);
Linha deletada : user_pref("valueApps.CT1098640.mam_gk_migrated_from_ls", "31");
Linha deletada : user_pref("valueApps.CT1098640.mam_gk_migrated_from_ls.storedInFile", false);
Linha deletada : user_pref("valueApps.CT1098640.mam_gk_userBornDate", "4E2F41");
Linha deletada : user_pref("valueApps.CT1098640.mam_gk_userBornDate.storedInFile", false);

-\\ Google Chrome v

[ Arquivo : H:\Users\Arllan\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [55197 octets] - [04/03/2014 23:40:58]
AdwCleaner[S0].txt - [53582 octets] - [04/03/2014 23:42:40]

########## EOF - H:\AdwCleaner\AdwCleaner[S0].txt - [53643 octets] ##########

 Siga, por gentileza, as dicas deste tutorial para fazer uma limpeza de seu PC com o Malwarebytes:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Na sua próxima resposta poste este log do Malwarebytes.

Ficamos no aguardo.

Quando fui realizar a limpeza, fiquei com uma dúvida.
Sobre o Pendrive, conseguirei, posteriormente, limpa-lo também ?

Você já pode deixar o pendrive conectado no Pc, pois aí já limpamos o PC e pendrive juntos.

Estou encontrando dificuldade para fazer a verificação com o Malwarebytes.
logo apos 1 segundo, outrora 2, ele trava e o progama fecha. ja realizei a atualização necessaria e o erro continua

 Baixe esta versão do Malwarebytes disponível no site abaixo que é feita justamente para "enganar" estes vírus que bloqueiam o funcionamento dos antivirus:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Descompacte o conteúdo para uma pasta à sua escolha onde você se lembre depois (você também pode criar uma pasta na área de trabalho e descompactar o arquivo dentro desta pasta).

Depois disto simplesmente tente executar os arquivos clicando duas vezes sobre eles, um por um até que um deles permaneça aberto, siga as instruções na tela. Qualquer um dos arquivos são o Malwarebytes, só que cada um deles tem um nome diferente para enganar o vírus.

Depois disto poste o log (relatório) que ele deverá criar após a limpeza dos problemas.

Tem uma janela, parecida com a "cmd", realizando um download, estou esperando o mesmo terminar

Arllanrodrigues123 escreveu:Tem uma janela, parecida com a "cmd", realizando um download, estou esperando o mesmo terminar

Quando ele terminar a limpeza, poste o relatório dele aqui em seu tópico para podermos analisar.

Segue, abaixo, o log do Malwarebytes, como solicitado.
ainda continua dando o mesmo problema : /



Tipo de Verificação: Verificação Completa (H:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 389929
Tempo decorrido: 1 hora(s), 25 minuto(s), 24 segundo(s)

Processos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Chaves de Registro Detectadas: 1
HKCU\Software\funmoodsToolbar (PUP.Optional.FunMoods.A) -> Enviado para a Quarentena e deletado com sucesso.

Valores de Registro Detectadas: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|BrowserMngr Start Page (PUP.Optional.BProtector) -> Data: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> Enviado para a Quarentena e deletado com sucesso.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Java.exe (Trojan.Agent) -> Data: H:\Users\Arllan\appdata\roaming\microsoft\windows\start menu\Java.exe -> Enviado para a Quarentena e deletado com sucesso.

Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Pastas Detectadas: 3
H:\Windows\System32\config\systemprofile\AppData\Roaming\DealPly (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
H:\Windows\System32\config\systemprofile\AppData\Roaming\DealPly\UpdateProc (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
H:\Users\Arllan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh (PUP.Optional.FunMoods.A) -> Enviado para a Quarentena e deletado com sucesso.

Arquivos Detectados: 22
H:\Users\Arllan\Desktop\Pastas\Wallpapers\Adobe CS6_32Bts.rar (PUP.RiskwareTool.CK) -> Enviado para a Quarentena e deletado com sucesso.
H:\Users\Arllan\Desktop\Pastas\Wallpapers\Sony Vegas Pro 9.0 Fixed_by Nick_Boy.rar (Trojan.Agent.CK) -> Enviado para a Quarentena e deletado com sucesso.
H:\AdwCleaner\Quarantine\H\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarApp.dll.vir (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.
H:\AdwCleaner\Quarantine\H\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarEng.dll.vir (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.
H:\AdwCleaner\Quarantine\H\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarsrv.exe.vir (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.
H:\AdwCleaner\Quarantine\H\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll.vir (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.
H:\AdwCleaner\Quarantine\H\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\uninstall.exe.vir (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.
H:\AdwCleaner\Quarantine\H\Program Files\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarApp.dll.vir (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.
H:\AdwCleaner\Quarantine\H\Program Files\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarEng.dll.vir (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.
H:\AdwCleaner\Quarantine\H\Program Files\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarsrv.exe.vir (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.
H:\AdwCleaner\Quarantine\H\Program Files\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarTlbr.dll.vir (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.
H:\AdwCleaner\Quarantine\H\Program Files\BabylonToolbar\BabylonToolbar\1.6.4.6\uninstall.exe.vir (PUP.Optional.BabylonToolBar.A) -> Enviado para a Quarentena e deletado com sucesso.
H:\AdwCleaner\Quarantine\H\Program Files\Conduit\Community Alerts\Alert.dll.vir (PUP.Optional.Conduit) -> Enviado para a Quarentena e deletado com sucesso.
H:\AdwCleaner\Quarantine\H\Program Files\DealPly\DealPlyIE.dll.vir (PUP.DealPly) -> Enviado para a Quarentena e deletado com sucesso.
H:\AdwCleaner\Quarantine\H\Program Files\DealPly\DealPlyUpdate.exe.vir (PUP.Optional.Dealply) -> Enviado para a Quarentena e deletado com sucesso.
H:\AdwCleaner\Quarantine\H\Program Files\DealPly\DealPlyUpdateRun.exe.vir (PUP.Optional.Dealply) -> Enviado para a Quarentena e deletado com sucesso.
H:\AdwCleaner\Quarantine\H\Program Files\DealPly\DealPlyUpdateVer.exe.vir (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
H:\AdwCleaner\Quarantine\H\Users\Arllan\AppData\Roaming\file scout\filescout.exe.vir (PUP.Optional.FileScout.A) -> Enviado para a Quarentena e deletado com sucesso.
H:\AdwCleaner\Quarantine\H\Users\Arllan\AppData\Roaming\Mozilla\Firefox\Profiles\p7l5z4sd.default\Extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}\DealPlyTune.dll.vir (PUP.Optional.Dealply) -> Enviado para a Quarentena e deletado com sucesso.
H:\Windows.old\Windows\system32\dllcache\tintsetp.exe (Trojan.Agent.GN) -> Enviado para a Quarentena e deletado com sucesso.
H:\Windows\System32\config\systemprofile\AppData\Roaming\DealPly\UpdateProc\config.dat (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.
H:\Windows\System32\config\systemprofile\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe (PUP.Optional.DealPly.A) -> Enviado para a Quarentena e deletado com sucesso.

(fim)

 Desative temporariamente seu antivírus para evitar conflitos.

Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

Desculpe a demora, segue abaixo o log ZOEK



Zoek.exe v5.0.0.0 Updated 15-February-2014
Tool run by Arllan on 05/03/2014 at 17:16:55,03.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode No Internet Access Detected
Launched: H:\Users\Arllan\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

05/03/2014 17:20:05 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Creating Sample_032014_1741.zip ======================

Copied file H:\Users\Arllan\AppData\Local\Temp\1677400.vbe to sample\1677400.vbe
sample\1677400.vbe renamed to C53A127298CDE0539CBDF02F83F4A702

H:\Users\Public\Desktop\sample_032014_1741.zip created successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2182367511-2580237288-264747606-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1AEC9707-E0F4-4E15-9124-90AB8DF85F2C} deleted successfully
HKEY_USERS\S-1-5-21-2182367511-2580237288-264747606-1000\Software\Microsoft\Internet Explorer\SearchScopes\{46AF949D-0607-7DD5-46CF-0EF74B44978E} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from H:\Users\Arllan\AppData\Roaming\Mozilla\Firefox\Profiles\p7l5z4sd.default\prefs.js:
user_pref("backup.old.browser.startup.homepage", "");
user_pref("browser.search.defaultenginename", "Search");
user_pref("browser.search.selectedEngine", "Search");
user_pref("browser.search.useDBForOrder", true);

Added to H:\Users\Arllan\AppData\Roaming\Mozilla\Firefox\Profiles\p7l5z4sd.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: H:\Users\Arllan\AppData\Roaming\Mozilla\Firefox\Profiles\p7l5z4sd.default

user.js not found
---- Lines valueApps removed from prefs.js ----
user_pref("valueApps.storage.mam_gk_userId", "34653961356265322D656635372D346566642D613538622D663237633239353862363230");
---- FireFox user.js and prefs.js backups ----

prefs_032014_1743_.backup

==== Deleting Files \ Folders ======================

H:\Program Files\GUT972F.tmp deleted
H:\Program Files\GUM971F.tmp deleted
H:\Users\Arllan\AppData\Roaming\GetRightToGo deleted
H:\ProgramData\Datamngr deleted
H:\Users\Arllan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1677400.vbe deleted
H:\user.js deleted
H:\Windows\System32\searchplugins deleted
H:\Windows\System32\Extensions deleted
H:\Users\Arllan\AppData\Local\Temp\1677400.vbe deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="H:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [22/05/2012 14:20]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="H:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [22/05/2012 14:20]

==== Firefox Extensions ======================

AppDir: H:\Program Files\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: H:\Users\Arllan\AppData\Roaming\Mozilla\Firefox\Profiles\p7l5z4sd.default
F891089A6AB9E12FEDEBCC5EC0F40D66 - H:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll - Shockwave Flash
FF0D6F82A0EC13952E83B9439100E45D - H:\Users\Arllan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
6768C724599214E4F9ADD9F8FF5097EB - H:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U45
F1CD6E22E5AE5CEEB7712E546A5FC853 - H:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.450.18
BE501CBC29B2025A263D80D399F1797A - h:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In
04ACC61B47857E779CD92D1D88770BF1 - H:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
77B09C2C6F407531447DA75E3ACD1C5B - H:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat
C517E5EA7CEE783F3681F62D2A362E5B - H:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
B27CCB1168B1960AEC6E9D3E0E0F0D2A - h:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - H:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17/01/2012 11:45]

DealPly UK - Arllan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hggpkhijoeadmdfmlbdepfbngmhaldci
avast WebRep - Arllan\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
Skype Click to Call - Arllan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Wallet - Arllan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chrome Fix ======================

H:\Users\Arllan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_format-factory.softonic.com.br_0.localstorage-journal deleted successfully
H:\Users\Arllan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hggpkhijoeadmdfmlbdepfbngmhaldci deleted successfully
H:\Users\Arllan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hggpkhijoeadmdfmlbdepfbngmhaldci_0.localstorage deleted successfully
H:\Users\Arllan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hggpkhijoeadmdfmlbdepfbngmhaldci_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Backup.Old.Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Backup.Old.Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

H:\Users\Arllan\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
H:\Users\Arllan\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

H:\Users\Arllan\Desktop\1032014\Blog\Layout no ar\wp-content\themes\Senhas Blog.lnk - H:\Users\Arllan\Desktop\Pastas blog\Senhas Blog
H:\Users\Arllan\Desktop\Blog\Layout no ar\wp-content\themes\Senhas Blog.lnk - H:\Users\Arllan\Desktop\Pastas blog\Senhas Blog
H:\Users\Arllan\Desktop\My Shared Folder\Rede - Atalho.lnk -
H:\Users\Arllan\Desktop\Notas\Novo Treino 2.lnk - H:\Users\Arllan\Desktop\Pastas\Wallpapers\Word's\Novo Treino 2.xlsx
H:\Users\Arllan\Desktop\Pastas\Arquivos Age\Nova pasta\Age2.lnk - H:\Program Files\Age Of Empires 2 & The Conquerors Expansion - Full Game\age2_x1.exe
H:\Users\Arllan\Desktop\Pastas\Arquivos Age\Nova pasta\AOCCONFIG.lnk - H:\Program Files\Age Of Empires 2 & The Conquerors Expansion - Full Game\AOCCONFIG.exe
H:\Users\Arllan\Desktop\Pastas\Arquivos Age\Nova pasta\Empires2.lnk - H:\Program Files\Age Of Empires 2 & The Conquerors Expansion - Full Game\empires2.EXE
H:\Users\Arllan\Desktop\Pastas\Progamas\Adobe InDesign CS6.lnk - H:\Program Files\Adobe\Adobe InDesign CS6\InDesign.exe
H:\Users\Arllan\Desktop\Pastas\Progamas\Adobe Photoshop CS4.lnk - H:\Program Files\Adobe\Adobe Photoshop CS4\Photoshop.exe
H:\Users\Arllan\Desktop\Pastas\Progamas\Adobe Reader X.lnk - H:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
H:\Users\Arllan\Desktop\Pastas\Progamas\avast Free Antivirus.lnk -
H:\Users\Arllan\Desktop\Pastas\Progamas\FileZilla Client.lnk - H:\Program Files\FileZilla FTP Client\filezilla.exe
H:\Users\Arllan\Desktop\Pastas\Progamas\Mozilla Firefox.lnk - H:\Program Files\Mozilla Firefox\firefox.exe
H:\Users\Arllan\Desktop\Pastas\Progamas\Opera.lnk - H:\Program Files\Opera\opera.exe
H:\Users\Arllan\Desktop\Pastas\Progamas\PhotoScape.lnk - H:\Program Files\PhotoScape\PhotoScape.exe
H:\Users\Arllan\Desktop\Pastas\Progamas\Photoshop - Atalho.lnk - H:\Users\Arllan\Desktop\Wallpapers\Photoshop.exe
H:\Users\Arllan\Desktop\Pastas\Progamas\Vegas Pro 9.0.lnk - H:\Program Files\Sony\Vegas Pro 9.0\vegas90.exe
H:\Users\Arllan\Desktop\Pastas\Wallpapers\Ares.lnk - H:\Program Files\Ares\Ares.exe
H:\Users\Arllan\Desktop\Pastas\Wallpapers\VLC media player.lnk - H:\Program Files\VideoLAN\VLC\vlc.exe
H:\Users\Arllan\Desktop\Pastas\Wallpapers\varios\Adobe Download Assistant.lnk - H:\Program Files\Adobe Download Assistant\Adobe Download Assistant.exe
H:\Users\Arllan\Desktop\Pastas\Wallpapers\varios\Alcohol 120%.lnk - H:\Program Files\Alcohol Soft\Alcohol 120\Alcohol.exe
H:\Users\Arllan\Desktop\Pastas\Wallpapers\varios\Brasfoot 2012.lnk - H:\Users\Arllan\Desktop\Pastas\Wallpapers\varios\Brasfoot2012\bf2012.exe
H:\Users\Arllan\Desktop\Pastas\Wallpapers\varios\Google Earth.lnk - H:\Program Files\Google\Google Earth\client\googleearth.exe
H:\Users\Arllan\Desktop\Pastas\Wallpapers\VIVO\Guia Vivo Internet.lnk - H:\Program Files\Vivo 3G\Guia Vivo Internet.hta
H:\Users\Arllan\Desktop\Pastas\Wallpapers\VIVO\Kantoo English.lnk -
H:\Users\Arllan\Desktop\Pastas\Wallpapers\VIVO\Vivo 3G.lnk - H:\Program Files\Vivo 3G\Vivo 3G.exe
H:\Users\Arllan\Desktop\Pastas 01.02.2014\AutoCAD 2000.lnk - H:\Program Files\ACAD2000\acad.exe
H:\Users\Arllan\Desktop\Pastas 01.02.2014\DWG TrueView 2008.lnk - H:\Program Files\DWG TrueView 2008\DWGVIEWR.exe
H:\Users\Arllan\Desktop\Pastas 01.02.2014\Senhas Blog.lnk - H:\Users\Arllan\Desktop\Pastas\Pastas blog\Senhas Blog

==== shortcuts on All Users Desktop ======================

H:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - H:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
H:\Users\Public\Desktop\Mozilla Firefox.lnk - H:\Program Files\Mozilla Firefox\firefox.exe

==== shortcuts in All Users Start Menu ======================

H:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk - H:\Program Files\TeamViewer\Version9\TeamViewer.exe
H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - H:\Program Files\Malwarebytes' Anti-Malware\unins000.exe
H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - H:\Program Files\Malwarebytes' Anti-Malware\mbam.chm
H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - H:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - H:\Program Files\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm
H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - H:\Program Files\Skype\Phone\Skype.exe

==== shortcuts in Quick Launch ======================

H:\Users\Arllan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - H:\Program Files\Internet Explorer\iexplore.exe
H:\Users\Arllan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
H:\Users\Arllan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
H:\Users\Arllan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
H:\Users\Arllan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Ares.lnk - H:\Program Files\Ares\Ares.exe
H:\Users\Arllan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.lnk - H:\Windows\system32\mspaint.exe
H:\Users\Arllan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - H:\Program Files\Internet Explorer\iexplore.exe
H:\Users\Arllan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - H:\Program Files\Mozilla Firefox\firefox.exe
H:\Users\Arllan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Paint.lnk - H:\Windows\system32\mspaint.exe
H:\Users\Arllan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\VLC media player.lnk - H:\Program Files\VideoLAN\VLC\vlc.exe
H:\Users\Arllan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - H:\Windows\explorer.exe
H:\Users\Arllan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - H:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
H:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
H:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
H:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
H:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
H:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
H:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyOverride"="*.local"
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Age Of Empires 2 & The Conquerors Expansion - Full Game deleted successfully

==== Empty IE Cache ======================

H:\Users\Arllan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
H:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
H:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
H:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
H:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
H:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

H:\Users\Arllan\AppData\Local\Mozilla\Firefox\Profiles\p7l5z4sd.default\Cache emptied successfully

==== Empty Chrome Cache ======================

H:\Users\Arllan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== H:\zoek_backup content ======================

H:\zoek_backup (files=81 folders=8 101013159 bytes)

==== Empty Temp Folders ======================

H:\Users\Default\AppData\Local\Temp emptied successfully
H:\Users\Default User\AppData\Local\Temp emptied successfully
H:\Users\USURIO~1\AppData\Local\Temp emptied successfully
H:\Windows\system32\config\systemprofile\AppData\Local\Temp emptied successfully
H:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
H:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
H:\Users\Arllan\AppData\Local\Temp will be emptied at reboot
H:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

H:\Windows\Temp successfully emptied
H:\Users\Arllan\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

H:\$RECYCLE.BIN successfully emptied

==== EOF on 05/03/2014 at 18:19:26,82 ======================

 Siga, por gentileza, as dicas do tutorial abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste, por gentileza, o log do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

Segue, abaixo, o Log do JRT, como solicitado.


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x86
Ran by Arllan on 05/03/2014 at 19:02:38,27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2182367511-2580237288-264747606-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "H:\Users\Arllan\start menu\programs\browser manager"



~~~ FireFox

Emptied folder: H:\Users\Arllan\AppData\Roaming\mozilla\firefox\profiles\p7l5z4sd.default\minidumps [166 files]



~~~ Chrome

Successfully deleted: [Folder] H:\Users\Arllan\appdata\local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Successfully deleted: [Folder] H:\Users\Arllan\appdata\local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05/03/2014 at 19:11:40,49
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >  < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.
 
|- Execute o ícone do pergaminho. ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
 
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
 
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Vou realizar o procedimento.
Desde ontem de tarde não aparece o aviso no Avast, ao que parece esta tudo bem, mas vou continuar com o que me passa.
Apenas em relação o pendrive, que continua com os ícones em forma de atalho, teria como consertar esse erro ?

"Servidor zebulon indisponível"

Aparece esse erro ao tentar executar o pergaminho

Apenas em relação o pendrive, que continua com os ícones em forma de atalho, teria como consertar esse erro ?

 Siga, por gentileza, as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Poste o log do Usbfix que estará em C:\UsbFix.txt

Ficamos no aguardo.

Segue, abaixo, o LOG UsbFix, como solicitado.

Saiu os ícones em forma de atalho, parece que esta tudo certo!

############################## | UsbFix V 7.166 | [Supressão]

Usuário: Arllan (Administrador) # ARARUAMA
Atualizado em 26/02/2014 por El Desaparecido - Team SosVirus
Começou em 13:09:25 | 06/03/2014

Site : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Changelog : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Support : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Upload Malware : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Contato : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

PC: MICRO-STAR INC. (MS-6728)
CPU: Intel(R) Pentium(R) 4 CPU 3.20GHz
RAM -> [Total : 1016 Mo| Free : 324 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 7 Home Premium (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16518
WB: Google Chrome : 33.0.1750.117
WB: Mozilla Firefox : 27.0.1

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AS: avast! Antivirus [Enabled | Updated]
AS: Windows Defender [Enabled | Updated]
FW: Windows FireWall [Enabled]
AS: Malwarebytes' Anti-Malware : 1.75.0001

D:\ -> CD-ROM
H:\ (%systemdrive%) -> Disco fixo # 932 Gb (854 Mb livre - 92%) [] # NTFS
I:\ -> Disco removível # 29 Gb (24 Mb livre - 81%) [ARLLAN 32GB] # FAT32

################## | Processos Ativos |

H:\Windows\system32\csrss.exe (ID: 404 |ParentID: 376)
H:\Windows\system32\csrss.exe (ID: 452 |ParentID: 444)
H:\Windows\system32\wininit.exe (ID: 460 |ParentID: 376)
H:\Windows\system32\winlogon.exe (ID: 488 |ParentID: 444)
H:\Windows\system32\services.exe (ID: 552 |ParentID: 460)
H:\Windows\system32\lsass.exe (ID: 560 |ParentID: 460)
H:\Windows\system32\lsm.exe (ID: 568 |ParentID: 460)
H:\Windows\system32\svchost.exe (ID: 676 |ParentID: 552)
H:\Windows\system32\svchost.exe (ID: 760 |ParentID: 552)
H:\Windows\System32\svchost.exe (ID: 844 |ParentID: 552)
H:\Windows\System32\svchost.exe (ID: 904 |ParentID: 552)
H:\Windows\system32\svchost.exe (ID: 952 |ParentID: 552)
H:\Windows\system32\svchost.exe (ID: 1000 |ParentID: 552)
H:\Windows\system32\AUDIODG.EXE (ID: 1080 |ParentID: 844)
H:\Windows\system32\svchost.exe (ID: 1216 |ParentID: 552)
H:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1292 |ParentID: 552)
H:\Windows\System32\spoolsv.exe (ID: 1468 |ParentID: 552)
H:\Windows\system32\svchost.exe (ID: 1496 |ParentID: 552)
H:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1596 |ParentID: 552)
H:\Program Files\Bonjour\mDNSResponder.exe (ID: 1640 |ParentID: 552)
H:\Windows\system32\svchost.exe (ID: 1676 |ParentID: 552)
H:\Windows\system32\svchost.exe (ID: 1712 |ParentID: 552)
H:\Windows\System32\svchost.exe (ID: 1740 |ParentID: 552)
H:\Windows\System32\svchost.exe (ID: 1788 |ParentID: 552)
H:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (ID: 1932 |ParentID: 552)
H:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 2040 |ParentID: 552)
H:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 776 |ParentID: 2040)
H:\Windows\system32\svchost.exe (ID: 2092 |ParentID: 552)
H:\Windows\System32\WUDFHost.exe (ID: 2620 |ParentID: 904)
H:\Windows\System32\svchost.exe (ID: 3252 |ParentID: 552)
H:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 3308 |ParentID: 552)
H:\Windows\system32\SearchIndexer.exe (ID: 3416 |ParentID: 552)
H:\Windows\system32\wbem\wmiprvse.exe (ID: 3528 |ParentID: 676)
H:\Windows\system32\SearchProtocolHost.exe (ID: 3660 |ParentID: 3416)
H:\Windows\system32\SearchFilterHost.exe (ID: 3680 |ParentID: 3416)
H:\Windows\system32\taskhost.exe (ID: 3936 |ParentID: 552)
H:\Windows\system32\sppsvc.exe (ID: 4020 |ParentID: 552)
H:\Program Files\TeamViewer\Version9\TeamViewer.exe (ID: 4068 |ParentID: 1932)
H:\Program Files\TeamViewer\Version9\tv_w32.exe (ID: 2756 |ParentID: 1932)
H:\Windows\system32\Dwm.exe (ID: 2004 |ParentID: 904)
H:\Windows\Explorer.EXE (ID: 2952 |ParentID: 2728)
H:\Windows\system32\runonce.exe (ID: 2896 |ParentID: 2952)
H:\Windows\system32\wbem\wmiprvse.exe (ID: 1580 |ParentID: 676)
H:\Windows\servicing\TrustedInstaller.exe (ID: 668 |ParentID: 552)

################## | Regedit Run |

04 - HKCU\..\Run : [ares] "H:\Program Files\Ares\Ares.exe" -h
04 - HKCU\..\Run : [Sidebar] H:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKCU\..\Run : [AdobeBridge]
04 - HKCU\..\Run : [Facebook Update] "H:\Users\Arllan\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
04 - HKCU\..\Run : [Skype] "H:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKCU\..\Run : [1677400] wscript.exe //B "H:\Users\Arllan\AppData\Local\Temp\1677400.vbe"
04 - HKLM\..\Run : [SoundMan] SOUNDMAN.EXE
04 - HKLM\..\Run : [IntelliPoint] "h:\Program Files\Microsoft IntelliPoint\ipoint.exe"
04 - HKLM\..\Run : [Adobe ARM] "H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [avast] "H:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
04 - HKLM\..\Run : [GrooveMonitor] "H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
04 - HKLM\..\Run : [HP Software Update] H:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
04 - HKLM\..\Run : []
04 - HKLM\..\Run : [AdobeAAMUpdater-1.0] "H:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
04 - HKLM\..\Run : [SwitchBoard] H:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
04 - HKLM\..\Run : [AdobeCS5.5ServiceManager] "H:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
04 - HKLM\..\Run : [hpqSRMon] H:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
04 - HKLM\..\Run : [SunJavaUpdateSched] "H:\Program Files\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [1677400] wscript.exe //B "H:\Users\Arllan\AppData\Local\Temp\1677400.vbe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2182367511-2580237288-264747606-1000\..\Run : [ares] "H:\Program Files\Ares\Ares.exe" -h
04 - HKU\S-1-5-21-2182367511-2580237288-264747606-1000\..\Run : [Sidebar] H:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-2182367511-2580237288-264747606-1000\..\Run : [AdobeBridge]
04 - HKU\S-1-5-21-2182367511-2580237288-264747606-1000\..\Run : [Facebook Update] "H:\Users\Arllan\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
04 - HKU\S-1-5-21-2182367511-2580237288-264747606-1000\..\Run : [Skype] "H:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-2182367511-2580237288-264747606-1000\..\Run : [1677400] wscript.exe //B "H:\Users\Arllan\AppData\Local\Temp\1677400.vbe"
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] H:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] H:\Windows\System32\mctadmin.exe

################## | Procura genérica |

Supprimido ! I:\1677400.vbe
Supprimido ! I:\hamachi.lnk
Supprimido ! I:\enem inscrição.lnk
Supprimido ! I:\senha enem.lnk
Supprimido ! I:\primeira comunhao 014.lnk
Supprimido ! I:\BaixarTv_Marvels.lnk
Supprimido ! I:\Arllan.lnk
Supprimido ! I:\Naná.lnk
Supprimido ! I:\BaixarTv.lnk
Supprimido ! I:\Boleto.lnk
Supprimido ! I:\__ Bradesco Pessoa Física __.lnk
Supprimido ! I:\Boleto Deception point.lnk

(!) Ficheiros temporários suprimido.

################## | Registro |

Reparado ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|EnableLUA -> 1
Reparado ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -> 5
Supprimido ! HKU\S-1-5-21-2182367511-2580237288-264747606-1000\Software\Microsoft\Windows\CurrentVersion\Run|1677400
Supprimido ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run|1677400
Supprimido ! HKU\S-1-5-21-2182367511-2580237288-264747606-1000\Software\.\.\.\.\Mountpoints2\E
Supprimido ! HKU\S-1-5-21-2182367511-2580237288-264747606-1000\Software\.\.\.\.\Mountpoints2\{31a631e4-7785-11e1-948c-000c76b15254}
Supprimido ! HKU\S-1-5-21-2182367511-2580237288-264747606-1000\Software\.\.\.\.\Mountpoints2\{b48df24e-6420-11e2-802d-806e6f6e6963}

################## | Listing |

[05/03/2014 - 18:19:31 | SHD] - H:\$RECYCLE.BIN
[10/04/2013 - 01:37:49 | D] - H:\3e021c2d4bf515cdc57c819ab68ab7
[20/11/2012 - 12:26:36 | D] - H:\560b0c24d2830fcdfe724575e022f8
[11/12/2013 - 15:16:30 | D] - H:\884f21a484314bdcab
[21/09/2012 - 10:05:10 | D] - H:\8bbc40af40176563a3b8d1af
[04/03/2014 - 23:43:23 | D] - H:\AdwCleaner
[15/09/2011 - 18:25:51 | D] - H:\Arquivos de programas
[10/06/2009 - 18:42:20 | A | 0 Ko] - H:\autoexec.bat
[12/06/2013 - 15:16:55 | D] - H:\bf8195686544db187a524355bffde634
[27/09/2011 - 15:07:00 | SHD] - H:\Boot
[15/09/2011 - 14:57:01 | N | 0 Ko] - H:\Boot.BAK
[15/09/2011 - 18:42:42 | N | 0 Ko] - H:\Boot.ini.saved
[28/09/2001 - 08:00:00 | N | 5 Ko] - H:\Bootfont.bin
[20/11/2010 - 09:40:07 | RASH | 375 Ko] - H:\bootmgr
[15/09/2011 - 18:42:43 | RASH | 8 Ko] - H:\BOOTSECT.BAK
[02/03/2014 - 22:03:19 | D] - H:\Config.Msi
[10/06/2009 - 18:42:20 | N | 0 Ko] - H:\config.sys
[15/09/2011 - 15:00:13 | D] - H:\D
[21/08/2012 - 11:31:59 | D] - H:\d659b9c4cbb02189bc46c1d88b3110
[08/04/2008 - 07:46:45 | N | 55 Ko | C4B470269324517EE838789C7CF5E606] - H:\devcon.exe
[14/07/2009 - 01:53:55 | SHD] - H:\Documents and Settings
[02/05/2008 - 06:11:10 | N | 356 Ko | 60547D65D6527B082116FB88F7F8993F] - H:\DPsFnshr.exe
[07/05/2008 - 18:04:44 | N | 1 Ko] - H:\DPsFnshr.ini
[07/04/2007 - 15:52:09 | N | 0 Ko] - H:\DriverPack_CPU_wnt5_x86-32.ini
[29/12/2007 - 16:38:08 | N | 2 Ko] - H:\DriverPack_Graphics_B_wnt5_x86-32.ini
[22/04/2008 - 01:29:39 | N | 1 Ko] - H:\DriverPack_LAN_wnt5_x86-32.ini
[11/04/2008 - 01:12:09 | N | 72 Ko] - H:\DriverPack_MassStorage_wnt5_x86-32.ini
[12/04/2008 - 06:47:12 | | 3 Ko] - H:\DriverPack_Sound_B_wnt5_x86-32.ini
[02/05/2008 - 06:11:14 | N | 276 Ko | C0E8DBF2F9524B0F90EBB7B76CF598BB] - H:\DSPdsblr.exe
[06/03/2014 - 13:05:19 | ASH | 779944 Ko] - H:\hiberfil.sys
[08/04/2008 - 07:46:45 | N | 21 Ko | 749F39EC981D04E4323CBAAE5EC78A4D] - H:\makePNF.exe
[18/09/2011 - 20:20:03 | RHD] - H:\MSOCache
[08/04/2008 - 07:46:45 | N | 135 Ko | 4928FA5ED61C213B66AE8036A96037D1] - H:\mute.exe
[13/04/2008 - 08:43:04 | N | 46 Ko | B2DE3452DE03674C6CEC68B8C8CE7C78] - H:\NTDETECT.COM
[13/04/2008 - 10:31:44 | RASH | 246 Ko] - H:\ntldr
[06/03/2014 - 13:05:20 | ASH | 1048576 Ko] - H:\pagefile.sys
[13/07/2009 - 23:37:05 | D] - H:\PerfLogs
[02/05/2008 - 06:11:17 | N | 230 Ko | C1DFA73699B4A1D6323C2069EE668BD5] - H:\pmtimer.exe
[07/10/2013 - 18:46:04 | D] - H:\Pointblank
[06/03/2014 - 12:49:36 | D] - H:\Program Files
[05/03/2014 - 17:44:00 | HD] - H:\ProgramData
[15/09/2011 - 18:58:31 | SHD] - H:\Recovery
[05/03/2014 - 18:14:28 | SHD] - H:\System Volume Information
[06/03/2014 - 13:02:08 | D] - H:\UsbFix
[06/03/2014 - 13:18:17 | A | 11 Ko | E1185E93C1CEAAB3F530E04372787F9C] - H:\UsbFix [Clean 2] ARARUAMA.txt
[15/09/2011 - 18:58:39 | D] - H:\Users
[05/03/2014 - 19:02:31 | D] - H:\Windows
[15/09/2011 - 18:39:18 | D] - H:\Windows.old
[05/03/2014 - 18:19:26 | N | 18 Ko] - H:\zoek-results.log
[05/03/2014 - 17:47:07 | D] - H:\zoek_backup
[30/05/2013 - 13:35:34 | D] - I:\Blog
[30/05/2013 - 13:36:52 | D] - I:\Canal
[10/06/2013 - 19:51:48 | N | 4192 Ko] - I:\hamachi.msi
[10/06/2013 - 19:56:32 | D] - I:\age
[09/06/2013 - 15:57:56 | D] - I:\Age Of Empires 2 & The Conquerors Expansion - Full Game
[10/06/2013 - 22:19:40 | D] - I:\arquivos pai
[07/07/2013 - 18:49:30 | D] - I:\Progamas
[19/05/2013 - 17:33:26 | N | 0 Ko | 25BA56A884E7104ACF44AA3987577273] - I:\enem inscrição.txt
[29/05/2013 - 00:30:24 | N | 0 Ko | EBFB2BF2FD80F37EABF56372C3598894] - I:\senha enem.txt
[23/07/2013 - 22:46:28 | D] - I:\R4
[28/04/2013 - 23:34:32 | N | 2656 Ko] - I:\primeira comunhao 014.jpg
[15/01/2014 - 16:14:46 | D] - I:\Saves
[12/12/2013 - 10:31:22 | N | 141680 Ko] - I:\BaixarTv_Marvels.Agents.of.S.H.I.E.L.D.S01E10.mp4
[08/01/2014 - 17:25:30 | N | 148342 Ko] - I:\BaixarTv_Marvels.Agents.of.S.H.I.E.L.D.S01E11.mp4
[15/01/2014 - 20:21:08 | N | 148636 Ko] - I:\BaixarTv_Marvels.Agents.of.S.H.I.E.L.D.S01E12.mp4
[17/10/2013 - 14:57:38 | N | 34 Ko] - I:\Arllan.doc
[10/12/2013 - 20:34:40 | N | 34 Ko] - I:\Naná.doc
[20/02/2014 - 12:05:28 | N | 149198 Ko] - I:\BaixarTv.com_The.Walking.Dead.S04E09.mp4
[20/02/2014 - 16:48:18 | N | 149859 Ko] - I:\BaixarTv.com_The.Walking.Dead.S04E10.mp4
[21/02/2014 - 21:17:54 | N | 92 Ko] - I:\Boleto.pdf
[26/02/2014 - 10:07:22 | N | 196 Ko] - I:\__ Bradesco Pessoa Física __.pdf
[27/02/2014 - 20:18:20 | N | 92 Ko] - I:\Boleto Deception point.pdf
[01/03/2014 - 23:26:32 | D] - I:\Fotos

################## | Vaccin |

I:\Autorun.inf -> Vacina criada por UsbFix (El Desaparecido)

################## | E.O.F | [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] |

Faça o download do [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Dê um duplo-clique no MCShield-Setup.exe para instalar a ferramenta.

Caso surja uma mensagem de confirmação do Windows perguntando se Deseja permitir que o programa a seguir faça alterações neste computador? Clique em Sim

Clique no botão Next >

Em seguida em I Agree e novamente em Next >

Depois no botão Install

Em Language altere para Português Brasil

Clique no botão Run! e aguarde a varredura

Abra a ferramenta e na aba Escaneamentos marque também os itens "Sempre exibir itens ocultos em unidades flash" e "Modo interativo"

Clique em OK, em seguida conecte todos as unidades removíveis.

Aguarde o scan

Na aba Logs clique em Save

Será gerado um log na sua área de trabalho. Selecione, copie e cole todo o conteúdo deste log na sua próxima resposta.

Segue, abaixo, o Log Mcshield, como solicitado


>>> MCShield AllScans.txt <<<

-----------------------------




MCShield ::Anti-Malware Tool:: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

>>> v 3.0.4.27 / DB: 2014.3.4.1 / Windows 7 <<<


06/03/2014 13:54:50 > Unidade H: - escanemaneto iniciado (sem rotulo ~932 GB, NTFS HDD )...



=> A unidade está limpa.


06/03/2014 13:54:52 > Unidade I: - escanemaneto iniciado (ARLLAN 32GB ~29784 MB, FAT32 unidade flash )...



=> A unidade está limpa.

Como estão o PC e pendrive após estas limpezas?

A principio estão funcionando super bem.
Os ícones do pendrive voltaram ao normal, e o pc parou de avisar o vírus, sem falar que esta ate mais rápido que o de costume.

acho que deu tudo certo : )

  Fico feliz que o problema tenha sido resolvido.

 Só para finalizar siga estes tutoriais abaixo, por gentileza:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________

 Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].
_______________________________________________________________________________________________________________________

  Foi um prazer ajudar. Conte sempre conosco!