Remover Baidu

por Rodrig Qui 03 Abr 2014, 11:14

Não consigo remover o Baidu, mesmo lendo outras postagens. Além do mais tem um monte de propagandas que aparece em todas as partes do PC.Como resolvo,pessoal?

por **Power Max** Qui 03 Abr 2014, 11:31

Olá. Seja bem vindo ao Fórum PC Brasil.

baidu - Remover Baidu 772309

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

por Rodrig Qui 10 Abr 2014, 08:41

Uso do Adwcleaner- remoção Baidu

# Executando de : C:\Users\casal\Downloads\AdwCleaner(1).exe
# Opção : Limpar

***** [ Serviços ] *****

[#] Serviço Deletada : Update Mega Browse
[#] Serviço Deletada : Util Mega Browse

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\Ask
Pasta Deletada : C:\ProgramData\Babylon
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\SaveSenseLive
Pasta Deletada : C:\ProgramData\Trymedia
Pasta Deletada : C:\Program Files\Mega Browse
Pasta Deletada : C:\Program Files\Plus-HD-2.6
Pasta Deletada : C:\Program Files\SaveSenseLive
Pasta Deletada : C:\Users\casal\AppData\Local\SaveSenseLive
Pasta Deletada : C:\Users\casal\AppData\Roaming\awesomehp
Pasta Deletada : C:\Users\casal\AppData\Roaming\Babylon
Pasta Deletada : C:\Users\casal\AppData\Roaming\baidu
Pasta Deletada : C:\Users\casal\AppData\Roaming\Mysearchdial
Pasta Deletada : C:\Users\casal\AppData\Roaming\SaveSense
Pasta Deletada : C:\Users\casal\AppData\Roaming\Systweak
Pasta Deletada : C:\Users\casal\AppData\Roaming\Mozilla\Firefox\Profiles\p4r4c8sz.default-1394306066141\Extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com
Pasta Deletada : C:\Users\casal\AppData\Roaming\Mozilla\Firefox\Profiles\yfiiolph.default-1396892395728\Extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com
Pasta Deletada : C:\Users\casal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfeggemggokijeahnacacopejaabljl
[!] Pasta Deletada : C:\Users\casal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfeggemggokijeahnacacopejaabljl
Arquivo Deletada : C:\END
Arquivo Deletada : C:\Windows\system32\roboot.exe
Arquivo Deletada : C:\Users\casal\AppData\Local\funmoods.crx
Arquivo Deletada : C:\Users\casal\AppData\Local\funmoods-speeddial.crx
Arquivo Deletada : C:\Users\casal\AppData\Roaming\Mozilla\Firefox\Profiles\p4r4c8sz.default-1394306066141\searchplugins\Mysearchdial.xml
Arquivo Deletada : C:\Users\casal\AppData\Roaming\Mozilla\Firefox\Profiles\p4r4c8sz.default-1394306066141\user.js
Arquivo Deletada : C:\Users\casal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Arquivo Deletada : C:\Windows\Tasks\MySearchDial.job
Arquivo Deletada : C:\Windows\System32\Tasks\MySearchDial
Arquivo Deletada : C:\Windows\Tasks\SaveSense.job
Arquivo Deletada : C:\Windows\System32\Tasks\SaveSense
Arquivo Deletada : C:\Windows\Tasks\Plus-HD-2.6-chromeinstaller.job
Arquivo Deletada : C:\Windows\System32\Tasks\Plus-HD-2.6-chromeinstaller
Arquivo Deletada : C:\Windows\Tasks\Plus-HD-2.6-codedownloader.job
Arquivo Deletada : C:\Windows\System32\Tasks\Plus-HD-2.6-codedownloader
Arquivo Deletada : C:\Windows\Tasks\Plus-HD-2.6-enabler.job
Arquivo Deletada : C:\Windows\System32\Tasks\Plus-HD-2.6-enabler
Arquivo Deletada : C:\Windows\Tasks\Plus-HD-2.6-firefoxinstaller.job
Arquivo Deletada : C:\Windows\System32\Tasks\Plus-HD-2.6-firefoxinstaller
Arquivo Deletada : C:\Windows\Tasks\Plus-HD-2.6-updater.job

***** [ Atalhos ] *****

***** [ Registro ] *****

Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com]
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D134C7E6-DB8E-488B-8FAA-FB8BFEF28492}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D134C7E6-DB8E-488B-8FAA-FB8BFEF28492}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{58674F2D-1027-41E6-A4D4-0C85F38B0C7C}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58674F2D-1027-41E6-A4D4-0C85F38B0C7C}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{45F81EFF-9CBA-4319-AA28-944419F41E8D}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45F81EFF-9CBA-4319-AA28-944419F41E8D}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F8F25CEF-C951-4F56-8B9B-962DC73CBD2B}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8F25CEF-C951-4F56-8B9B-962DC73CBD2B}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CC6690D4-4579-4501-864B-8AACA26EB841}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC6690D4-4579-4501-864B-8AACA26EB841}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4E839AF7-ABC9-4439-B645-F7393FC7462A}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E839AF7-ABC9-4439-B645-F7393FC7462A}
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.old.Start Page]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc.1
Chave Deletedo : HKLM\SOFTWARE\Classes\f
Chave Deletedo : HKLM\SOFTWARE\Classes\funmoods.dskBnd
Chave Deletedo : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1
Chave Deletedo : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr
Chave Deletedo : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1
Chave Deletedo : HKLM\SOFTWARE\Classes\funmoodsApp.appCore
Chave Deletedo : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd.1
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Chave Deletedo : HKCU\Software\526d8d1b03cef49
Chave Deletedo : HKLM\SOFTWARE\526d8d1b03cef49
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{18313d6e-1c18-4717-a755-e4e29c2aef84}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6f7105ff-e412-4535-9b1e-5b80a24baa5e}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{cf71e7e1-cab5-44a3-af2a-6b78a22513b8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fea25377-1305-4d86-ae8d-2bf57dac3b9b}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Chave Deletedo : HKCU\Software\Conduit
Chave Deletedo : HKCU\Software\DataMngr
[#] Chave Deletedo : HKCU\Software\DataMngr_Toolbar
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\installedbrowserextensions
Chave Deletedo : HKCU\Software\mysearchdial
Chave Deletedo : HKCU\Software\mysearchdial.com
Chave Deletedo : HKCU\Software\SaveSenseLive
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\systweak
Chave Deletedo : HKCU\Software\AppDataLow\Software\Crossrider
Chave Deletedo : HKCU\Software\AppDataLow\Software\Plus-HD-2.6
Chave Deletedo : HKCU\Software\AppDataLow\Software\SmartBar
Chave Deletedo : HKLM\Software\Babylon
Chave Deletedo : HKLM\Software\DataMngr
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKLM\Software\InstallCore
Chave Deletedo : HKLM\Software\Plus-HD-2.6
Chave Deletedo : HKLM\Software\SaveSenseLive
Chave Deletedo : HKLM\Software\Trymedia Systems
Chave Deletedo : HKLM\Software\V9Software
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-2.6
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.16521

Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.Old.Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v28.0 (pt-BR)

[ Arquivo : C:\Users\casal\AppData\Roaming\Mozilla\Firefox\Profiles\p4r4c8sz.default-1394306066141\prefs.js ]

Linha deletada : user_pref("browser.search.selectedEngine", "Mysearchdial");
Linha deletada : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=md_14_12_ff&cd=2XzuyEtN2Y1L1QzuyByE0D0EtB0BtDzy0C0A0CzyyEtDtAzztN0D0Tzu0SzztCtCtN1L2XzutBtFtCzztFyBtFtDtN1L1CzutCyEtDtAtDyD1[...]

[ Arquivo : C:\Users\casal\AppData\Roaming\Mozilla\Firefox\Profiles\yfiiolph.default-1396892395728\prefs.js ]

Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.InstallationThankYouPage", true);
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.InstallationTime", 1397011182);
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440_dbWasSet", true);
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440_dbWasSet_FF25_FIX", true[...]
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.active", true);
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.addressbar", "NA");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.addressbarenhanced", "");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.asyncdb.was_copied", "true");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.asyncdb_dbWasSet", true);
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.asyncdb_dbWasSet_FF25_FIX", true);
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.asyncinternaldb.was_copied", "true");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.asyncinternaldb_dbWasSet", true);
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.asyncinternaldb_dbWasSet_FF25_FIX", true);
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.backgroundver", 34);
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.certdomaininstaller", "");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.changeprevious", false);
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.cookie.InstallationTime.value", "1397011182");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.description", "Turn YouTube videos to High Definition by default");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.domain", "");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.enablesearch", false);
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.homepage", "");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.iframe", false);
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%22BC9019C5ED9049A2AB356245EBCD5[...]
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22000596%22%2C%22sub_id%22%3A%220%2[...]
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A%22BC9019C5ED9049A2AB35[...]
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_appVer.value", "248");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_lastVersion.value", "39");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_meta.value", "%7B%22tmp/lightbox.css%22%3A%7B%22id%22%3A354659%2C%22ver%22%3A[...]
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_nextCheck.expiration", "Thu Apr 10 2014 04:10:36 GMT-0400");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_nextCheck.value", "true");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_queue.value", "%7B%7D");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354659.expiration", "Mon Jul 07 2014 22:39:51 GMT-0400");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354659.value", "%22.backdrop%5Cr%5Cn%5Ct%5Ct%7B%5Cr%5Cn%5Ct%5Ct%5Ctp[...]
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354660.expiration", "Mon Jul 07 2014 22:39:51 GMT-0400");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354660.value", "%22%3Cdiv%20id%3D%5C%22%3C%25%3DdialogId%25%3E_dialo[...]
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354661.expiration", "Mon Jul 07 2014 22:39:51 GMT-0400");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354661.value", "%22/*%21%20jQuery%20UI%20-%20v1.10.3%20-%202013-05-0[...]
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354662.expiration", "Mon Jul 07 2014 22:39:51 GMT-0400");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354662.value", "%22%5Cr%5Cn//%5Ctfunction%20close_box%28%29%5Cr%5Cn/[...]
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354663.expiration", "Mon Jul 07 2014 22:39:51 GMT-0400");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354663.value", "%22%3F%20Optional%20-%20add%20localization%20support[...]
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354664.expiration", "Mon Jul 07 2014 22:39:51 GMT-0400");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354664.value", "%22%5Ct%5Ct//UA-43911980-1%5Cr%5Cn%5Ct%5Ct//appAPI.a[...]
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354666.expiration", "Mon Jul 07 2014 22:39:51 GMT-0400");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354666.value", "%22%7B%5Cr%5Cn%5C%22mobile%5C%22%3A%5B%5C%22com.ea.g[...]
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354667.expiration", "Mon Jul 07 2014 22:39:51 GMT-0400");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354667.value", "%22%7B%5Cr%5Cn%5C%22youtube.com%5C%22%3A%5B%5C%22com[...]
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354668.expiration", "Mon Jul 07 2014 22:39:51 GMT-0400");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354668.value", "%22%5B%5Cr%5Cn%5Ct%5Ct%7B%5Cr%5Cn%5Ct%5Ct%5Ct%5C%22i[...]
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354671.expiration", "Mon Jul 07 2014 22:39:51 GMT-0400");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354671.value", "%22%3Cdiv%20class%3D%5C%22w2m_slider_hash2313523ff4w[...]
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354672.expiration", "Mon Jul 07 2014 22:39:51 GMT-0400");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354672.value", "%22%3Cdiv%20class%3D%5C%22w2m_slider_hash2313523ff4w[...]
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354674.expiration", "Mon Jul 07 2014 22:39:51 GMT-0400");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354674.value", "%22a%20img%2C%20%3Alink%20img%2C%20%3Avisited%20img%[...]
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354676.expiration", "Mon Jul 07 2014 22:39:51 GMT-0400");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354676.value", "%22jQuery.easing.jswing%3DjQuery.easing.swing%3B%5Cr[...]
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354678.expiration", "Mon Jul 07 2014 22:39:51 GMT-0400");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354678.value", "%22data%3Aimage/png%3Bbase64%2CiVBORw0KGgoAAAANSUhEU[...]
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354679.expiration", "Mon Jul 07 2014 22:39:51 GMT-0400");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354679.value", "%22data%3Aimage/png%3Bbase64%2CiVBORw0KGgoAAAANSUhEU[...]
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354680.expiration", "Mon Jul 07 2014 22:39:51 GMT-0400");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354680.value", "%22data%3Aimage/png%3Bbase64%2CiVBORw0KGgoAAAANSUhEU[...]
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354681.expiration", "Mon Jul 07 2014 22:39:51 GMT-0400");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354681.value", "%22data%3Aimage/png%3Bbase64%2CiVBORw0KGgoAAAANSUhEU[...]
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%22BC9019C5[...]
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.monetization_plugin_bundledUrls.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.monetization_plugin_bundledWithHash.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.monetization_plugin_bundledWithHash.value", "null");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.monetization_plugin_notBundledArr_.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.monetization_plugin_notBundledArr_.value", "%5B%5D");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.lastDailyReport", "1397095834706");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.lastUpdate", "1397095836313");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.manifesturl", "");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.name", "Plus-HD-2.6");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.newtab", "");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.opensearch", "");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.pluginsurl", "hxxp://js.clientdemocloud.com/plugin/apps/33440/plugins/094/ff/plugins.json");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.pluginsversion", 204);
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.publisher", "Plus HD");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.searchstatus", 0);
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.setnewtab", false);
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.thankyou", "");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.updateinterval", 360);
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.ver", 248);
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.FilesValidatorDueTime", "1397095876247");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.apps", "33440");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.bic", "145445af1f375df55d0e307955fe2af5");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.cid", 33440);
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.firstrun", false);
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.hadappinstalled", true);
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.installationdate", 1397011182);
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.modetype", "production");
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.reportInstall", true);
Linha deletada : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.statsDailyCounter", 2);
Linha deletada : user_pref("extensions.crossrider.bic", "145445af1f375df55d0e307955fe2af5");

-\\ Google Chrome v34.0.1847.116

[ Arquivo : C:\Users\casal\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo : homepage

*************************

AdwCleaner[R0].txt - [38577 octets] - [10/04/2014 07:19:12]
AdwCleaner[S0].txt - [37063 octets] - [10/04/2014 07:27:17]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [37124 octets] ##########

por **Power Max** Qui 10 Abr 2014, 08:58

Desative temporariamente seu antivírus para evitar conflitos.

Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

por Rodrig Qui 10 Abr 2014, 09:28

Fiz o download, aparece somente como executar e não executar como administrador e mesmo que clique em executar nada acontece. No C: do PC consta como pasta vazia.

por Rodrig Qui 10 Abr 2014, 09:37

No disco local C:aparece:

O Firefox não conseguiu localizar o arquivo /C:/Users/casal/Desktop/index.html.

Verifique se o nome do arquivo possui erros de digitação, como uma letra maiúscula em vez de minúscula.
Verifique se o arquivo foi movido, renomeado ou excluído.

por **Power Max** Qui 10 Abr 2014, 09:40

Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

por Rodrig Qui 10 Abr 2014, 10:46

Realizei o download, abortou alguns arquivos,porém não inicializou enem saiu o Baidu da área de trabalho.
Aguardo.

por **Power Max** Qui 10 Abr 2014, 10:46

poste o log (relatório) do Junkware Removal Tool que está salvo em sua área de trabalho com o nome de JRT.txt

por Rodrig Qui 10 Abr 2014, 10:55

Como ele aparece no painel de controle ao tentar desinstalar sua página fica em branco quando aberta.

por **Power Max** Qui 10 Abr 2014, 10:58

O que te pedi foi que poste o log (relatório) do Junkware Removal Tool que está salvo em sua área de trabalho com o nome de JRT.txt

por Rodrig Qui 10 Abr 2014, 11:09

Não tenho como te enviar algo que não aparece na área de trabalho.

por **Power Max** Qui 10 Abr 2014, 11:10

Então é porque você não fez o processo corretamente. Refaça como mostra o tutorial e depois poste o relatório dele, por gentileza.

por Rodrig Qui 10 Abr 2014, 11:28

Li o tutorial novamente, refiz o procedimento no entanto, mostra a tela que devo apertar qualquer tecla.Mostra que esta extraindo em torno de alguns segundos e não mostra o relatório nem reinicia o pc,muito menos o que foi extraído.

por **Power Max** Qui 10 Abr 2014, 11:30

Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.

|- Execute o ícone do pergaminho. ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

por Rodrig Qui 10 Abr 2014, 11:48

~ Relatório do ZHPDiag v2014.4.9.16 - Nicolas Coolman (09/04/2014)
~ Iniciado por casal (10/04/2014 10:38:04)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user

---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.16659
MFIE: Mozilla Firefox 28.0 (Defaut)
GCIE: Google Chrome v34.0.1847.116

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows Vista (TM) Ultimate, 32-bit Service Pack 1 (Build 6000)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK

---\\ Softwares de proteçao do sistema
avast! Internet Security v9.0.2016

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
Adobe Reader XI
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 28 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2038 MB (45% free)
System Restore: Activé (Enable)
System drive C: has 251 GB (87%) free of 288 GB

---\\ Modo de conexão ao sistema
~ Computer Name: AMORE
~ User Name: casal
~ All Users Names: Convidado, casal, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\casal\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\casal\AppData\Roaming\
~ %Desktop% : C:\Users\casal\Desktop\
~ %Favorites% : C:\Users\casal\Favorites\
~ %LocalAppData% : C:\Users\casal\AppData\Local\
~ %StartMenu% : C:\Users\casal\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 251 Go of 288 Go)
D: CD-ROM drive (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)

---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 43 Legitimates Filtered in 00mn 00s

---\\ Pesquisa particular de ficheiros genéricos
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.07/07/2011 - 10:29:24.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 21:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.AAFEAB4FC9D70253F8C7E353E879E8A2] - (.Microsoft Corporation - Internet Extensions para Win32.) (.28/02/2014 - 22:32:16.) -- C:\Windows\System32\wininet.dll [1820160]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20/11/2010 - 17:29:06.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 17:29:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/09/2013 - 20:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 21:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 19:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 17:29:03.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 17:29:07.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 17:29:03.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 19:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 19:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.07/07/2011 - 10:30:36.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 17:29:08.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 22:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 19:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 19:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 19:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 17:29:07.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 17:29:03.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s

---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes musiques (My Musics) : 1/290
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/29
~ Mes Documents (My Documents) : 7/229
~ Mon Bureau (My Desktop) : 1/2020
~ Menu demarrer (Programs) : 1/43
~ Hidden Files: Scanned in 00mn 03s

---\\ Processos lançados
[MD5.FDBAA6322B3B408CD275A14654EF3D6B] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe [495708] [PID.3404]
[MD5.25107F58D1B8F60D67D1EE95798C0DE8] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696] [PID.3412]
[MD5.68257A00D12A44A390514E668407C8FA] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [141848] [PID.3424]
[MD5.F1C66577F5BFDD08B8E21B9ED2FE1300] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [173592] [PID.3436]
[MD5.1900188CF86CB7C82CB5C51F8EACCF86] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [150552] [PID.3456]
[MD5.0260412F3ED50279F42B913A42A9C66D] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [252952] [PID.3512]
[MD5.8895BE670D1D4BD478B16DD311273F4A] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1557800] [PID.3668]
[MD5.4BFA1849DC7AA3CB99C160D9EB96C67B] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640] [PID.3764]
[MD5.DE8C5AB7EE56A7DA0166B2E2B0E496A2] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720] [PID.3840]
[MD5.75516A4D91F913A48D14A5D8C04BBD0E] - (.The Nielsen Company - NielsenOnline.) -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe [91688] [PID.3848]
[MD5.02B7AE9FBEFCF00E0DCB3390EB9EB6B5] - (.Baidu, Inc. - Baidu Antivirus Tray Application.) -- C:\Program Files\Baidu Security\Baidu Antivirus\BavTray.exe [1177960] [PID.3924]
[MD5.FC551A8B8E637B2147C003C885B6756E] - (.Positivo Informática - Recovery.) -- C:\Program Files\Positivo Informática\Recovery\Recovery2.exe [1496576] [PID.3168]
[MD5.FE7AC897D23D88EEBA687BBD61DBBDCA] - (.No owner - IPM.exe.) -- C:\Program Files\OEM\IPM 1.5\IPM.exe [1106432] [PID.3600]
[MD5.2256E495D6B2566DE6DDBC6632510477] - (.No owner - OSD.) -- C:\Program Files\OEM\OSD 1.7\SunflowerOSD.exe [548864] [PID.3812]
[MD5.EB7F5388A3B1318DFFA8EA50C71835EF] - (.Ralink Technology, Corp. - RaUI MFC Application.) -- C:\Program Files\Ralink\Common\RaUI.exe [1560576] [PID.3372]
[MD5.58FC1B36032F03342E4C02813F80DAC1] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\casal\AppData\Roaming\Dropbox\bin\Dropbox.exe [30714328] [PID.4172]
[MD5.8E556A72D54F7E3B7844AB9217F02DD7] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [275568] [PID.5812]
[MD5.111ADB8738E6A9EF7001920F108B4833] - (.Positivo Informática S.A. - Positivo Backup.) -- C:\Program Files\Positivo Informática\Positivo Experience\Positivo Backup\PositivoSmartBackup.exe [1858048] [PID.5524]
[MD5.DFC999E39D7465077B45F08C53BEE076] - (.Positivo Informática S.A. - Positivo Áudio.) -- C:\Program Files\Positivo Informática\Positivo Experience\Positivo Áudio\AudioPower.exe [1015808] [PID.5300]
[MD5.F4651164AA1330735ADEA50AD0A326F2] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8208896] [PID.4392]
[MD5.D44D3387809EEDB5564735EC27BE700E] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\STacSV.exe [237650] [PID.1092]
[MD5.BEA8D0FA8805CC2E6BB49728166699C7] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1504]
[MD5.D58C10AFF2B5C09D615623A4DAC0E330] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe [109048] [PID.1800]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.2008]
[MD5.6D3242D8E7476F6A976084611A1594C1] - (.Positivo Informática S.A - Battery Power Service.) -- C:\Program Files\Positivo Informática\Positivo Experience\Positivo Bateria\BatteryManagerService.exe [45056] [PID.2044]
[MD5.87D1AA69D3AA08EF4FEC0BFDF1352451] - (.Baidu, Inc. - Baidu Antivirus Service.) -- C:\Program Files\Baidu Security\Baidu Antivirus\BAVSvc.exe [1923376] [PID.988]
[MD5.F46F889DBBDC9F00DD1C04B475FE5BFD] - (.Baidu, Inc. - Baidu Antivirus Hips Service.) -- C:\Program Files\Baidu Security\Baidu Antivirus\BHipsSvc.exe [459416] [PID.1928]
[MD5.1A5F12AF8D00055B07DD0139A2251F03] - (.The Nielsen Company - NielsenOnline.) -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe [2838568] [PID.2064]
[MD5.FD306FBCCE7ADB1077B709742E7148E9] - (...) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096] [PID.2224]
[MD5.19D34534176E62F35DDB7DC7B7FF2A87] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [207528] [PID.2500]
[MD5.1AEBDC693C74EA55FE05D51FA6573EBC] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [523944] [PID.2624]
[MD5.FD557A50A65E44041CD2FCEF4BEB04DB] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822504] [PID.4212]
[MD5.B752FC4AB1F3D5048A17E1D993028998] - (.Positivo Informática S.A - Battery Power Main Application.) -- C:\Program Files\Positivo Informática\Positivo Experience\Positivo Bateria\BatteryPower.exe [1208320] [PID.5600]
[MD5.5BD9CC8C50D3FFF051AB6FF009BE9602] - (.Positivo Informática S.A. - WindowsService.) -- C:\Program Files\Positivo Informática\Positivo Experience\Positivo Experience\MundoPositivoService.exe [64592] [PID.2376]
[MD5.31A0E93CDF29007D6C6FFFB632F375ED] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.836]
~ Processes Running: Scanned in 00mn 23s

---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\casal\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [bbjciahceamgodcoidkjpchnokgfpphh] Funmoods v.1.0 (Désactivé) =>PUP.Funmoods
G2 - GCE: Preference [User Data\Default] [cjpglkicenollcignonpgiafdgfeehoj] SpeedDial v.4.0 (Désactivé)
G2 - GCE: Preference [User Data\Default] [gaiilaahiahdejapggenmdmafpmbipje] DealPly v.3.0.7.2 (Désactivé) =>PUP.DealPly
G2 - GCE: Preference [User Data\Default] [jgceplfonlgodadnpognljgdjlcnpjnh] Nielsen v.1.8.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [ogfjmhfnldnajmfaofeiaepghjenbgjo] Extended Protection v.3.4.2 (Désactivé) =>PUP.ExtendedProtection
G2 - GCE: Preference [User Data\Default] [pelmeidfhdlhlbjimpabfcbnnojbboma] Quick Start v.3.1.3, (Désactivé) =>PUP.QuickStart

---\\ Pasta de extensão do Google Chrome

~ Google Lines Browser: 18 Legitimates Filtered in 00mn 14s

---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\casal\AppData\Roaming\Mozilla\Firefox\Profiles\p4r4c8sz.default-1394306066141\prefs.js
C:\Users\casal\AppData\Roaming\Mozilla\Firefox\Profiles\yfiiolph.default-1396892395728\prefs.js
P2 - FPN: [HKLM] [@nielsen/FirefoxTracker] - (.Nielsen - Nielsen FirefoxTracker Plug-in.) -- C:\Program Files\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll
~ Firefox Browser: 24 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

---\\ Barras do Internet Explorer (03))
O3 - Toolbar: Bing Bar - [HKLM]{8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation. - Extensões Cliente Bing.) -- C:\Program Files\Microsoft\BingBar\BingExt.dll =>Toolbar.Bing
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Chave orfã
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Chave orfã
~ Toolbar: Scanned in 00mn 00s

---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: aTube Catcher.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Desktop [Public]: Baidu Antivirus.lnk . (.Baidu, Inc. - Bav.) -- C:\Program Files\Baidu Security\Baidu Antivirus\Bav.exe
O4 - GS\Desktop [Public]: Cadastro.lnk . (.Positivo Informática - Registro de usuários Positivo Inform.) -- C:\Program Files\Positivo Informática\SW_Cadastro\Registro.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Receitanet 1.04 .lnk . (.SERPRO - Serviço Federal de Processamento d - Receitanet.) -- C:\Program Files\Programas RFB\Receitanet\Windows\Receitanet.exe
O4 - GS\Desktop [Public]: Video Search.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Desktop [Public]: Webcam.lnk . (...) -- C:\Windows\Installer\{39B78651-6FD2-4752-BE68-C3BDB6F2D9EE}\_F4711BF7C212A03CB0C5A8.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [casal]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [casal]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [casal]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [casal]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [casal]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [casal]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [casal]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [casal]: exe-1.04.1.lnk . (...) -- C:\Program Files\exe\exe.exe
O4 - GS\Desktop [casal]: IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk . (...) -- C:\Arquivos de Programas RFB\IRPF2014\IRPF2014.exe
~ Global Startup: 70 Legitimates Filtered in 00mn 02s

---\\ Aplicações iniciadas por registo & pastas (04)
O4 - GS\Startup [Public]: Assistente para criação de disco de recuperação.lnk . (.Positivo Informática - Recovery.) -- C:\Program Files\Positivo Informática\Recovery\Recovery2.exe
O4 - GS\Startup [Public]: IPM.lnk . (...) -- C:\Windows\Installer\{AADF4228-0772-4D43-92EB-B245E3A17B00}\_4E633D72E60CDC1A05956C.exe
O4 - GS\Startup [Public]: OSD.lnk . (...) -- C:\Windows\Installer\{5A9C96FE-1376-45E1-8556-C81255F0B5A7}\_51DECE17D28CB133DD0C64.exe
O4 - GS\Startup [Public]: Ralink Wireless Utility.lnk . (.Ralink Technology, Corp. - RaUI MFC Application.) -- C:\Program Files\Ralink\Common\RaUI.exe
O4 - GS\Startup [casal]: Dropbox.lnk . (.Dropbox, Inc. - Dropbox.) -- C:\Users\casal\AppData\Roaming\Dropbox\bin\Dropbox.exe =>.Dropbox
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [StartUpManagerPositivo] . (...) -- C:\Program Files\Positivo Informática\Gerenciador de Inicialização Positivo\ManagerWindows.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RegUse] C:\Program Files\RegUse\RegUse.exe (.not file.)
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Run: [NielsenOnline] . (.The Nielsen Company - NielsenOnline.) -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe
O4 - HKLM\..\Run: [Baidu Antivirus] . (.Baidu, Inc. - Baidu Antivirus Tray Application.) -- C:\Program Files\Baidu Security\Baidu Antivirus\BavTray.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\casal\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2364669226-1398954891-4146519358-1000\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\casal\AppData\Local\Google\Update\GoogleUpdate.exe
~ Application: Scanned in 00mn 00s

---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B7F4A48C-FC31-4615-AFDB-E88BFDB109FD}: NameServer = 200.175.182.139,200.175.5.139
O17 - HKLM\System\CCS\Services\Tcpip\..\{C8F930EE-434F-4859-82A8-6A1CC10A4FC6}: NameServer = 200.175.182.139,200.175.5.139
O17 - HKLM\System\CCS\Services\Tcpip\..\{5AE40E16-3297-4BC8-B00E-C38BFD003E4B}: DhcpNameServer = 187.123.31.55 187.123.31.56 187.123.31.54
O17 - HKLM\System\CCS\Services\Tcpip\..\{C8F930EE-434F-4859-82A8-6A1CC10A4FC6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B7F4A48C-FC31-4615-AFDB-E88BFDB109FD}: NameServer = 200.175.182.139,200.175.5.139
O17 - HKLM\System\CS1\Services\Tcpip\..\{C8F930EE-434F-4859-82A8-6A1CC10A4FC6}: NameServer = 200.175.182.139,200.175.5.139
O17 - HKLM\System\CS1\Services\Tcpip\..\{5AE40E16-3297-4BC8-B00E-C38BFD003E4B}: DhcpNameServer = 187.123.31.55 187.123.31.56 187.123.31.54
O17 - HKLM\System\CS1\Services\Tcpip\..\{C8F930EE-434F-4859-82A8-6A1CC10A4FC6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{B7F4A48C-FC31-4615-AFDB-E88BFDB109FD}: NameServer = 200.175.182.139,200.175.5.139
O17 - HKLM\System\CS2\Services\Tcpip\..\{C8F930EE-434F-4859-82A8-6A1CC10A4FC6}: NameServer = 200.175.182.139,200.175.5.139
O17 - HKLM\System\CS2\Services\Tcpip\..\{5AE40E16-3297-4BC8-B00E-C38BFD003E4B}: DhcpNameServer = 187.123.31.55 187.123.31.56 187.123.31.54
O17 - HKLM\System\CS2\Services\Tcpip\..\{C8F930EE-434F-4859-82A8-6A1CC10A4FC6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 187.123.31.55 187.123.31.56 187.123.31.54
~ Domain: Scanned in 00mn 00s

---\\ Protocolo adicional (018)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s

---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Program Files\browse~1\23796~1.11\{16cdf~1\browse~1.dll (.not file.)
~ AppInit DLL: Scanned in 00mn 00s

---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Baidu Antivirus Service (BAVSvc) . (.Baidu, Inc. - Baidu Antivirus Service.) - C:\Program Files\Baidu Security\Baidu Antivirus\BAVSvc.exe
O23 - Service: Baidu Hips Service (BHipsSvc) . (.Baidu, Inc. - Baidu Antivirus Hips Service.) - C:\Program Files\Baidu Security\Baidu Antivirus\BHipsSvc.exe
O23 - Service: Nielsen Update (NielsenUpdate) . (.The Nielsen Company - NielsenOnline.) - C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe
~ Services: 12 Legitimates Filtered in 01mn 42s

---\\ Tarefas planificadas automaticamente (039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegUse.job [258]
~ Scheduled Task: 6 Legitimates Filtered in 00mn 00s

---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (Bfilter) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\Windows\system32\drivers\Bfilter.sys
O41 - Driver: (Bfmon) . (.Baidu, Inc. - Baidu FS Monitor Driver.) - C:\Windows\system32\drivers\Bfmon.sys =>Adware.BDSearch
O41 - Driver: (Bprotect) . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - C:\Windows\system32\drivers\Bprotect.sys
O41 - Driver: (nnfwdk) . (.The Nielsen Company - Nielsen Network Filter Driver.) - C:\Program Files\NetRatingsNetSight\NetSight\meter1\nnfwdk.sys
O41 - Driver: (wStLib) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\wStLib.sys =>PUP.LinkiDoo
~ Drivers: 87 Legitimates Filtered in 00mn 02s

---\\ Software instalados (042)
O42 - Logiciel: Driver 1.2 - (.OEM.) [HKLM] -- {BA56CD60-1D9F-4BE6-AC2F-B7C4A5437C35}
O42 - Logiciel: IPM 1.5 - (.OEM.) [HKLM] -- {AADF4228-0772-4D43-92EB-B245E3A17B00}
O42 - Logiciel: IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM] -- IRPF2012
O42 - Logiciel: IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM] -- IRPF2013
O42 - Logiciel: IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM] -- IRPF2014
O42 - Logiciel: Nielsen - (...) [HKLM] -- NetSight
O42 - Logiciel: OSD 1.7 - (.OEM.) [HKLM] -- {5A9C96FE-1376-45E1-8556-C81255F0B5A7}
O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5
~ Logic: 22 Legitimates Filtered in 00mn 04s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adorika]
[HKCU\Software\BackupDutyLite]
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\IBOPE]
[HKCU\Software\Mega Browse] =>PUP.MegaBrowse
[HKCU\Software\SERPRO]
[HKCU\Software\SaveSense] =>PUP.SaveSense
[HKCU\Software\SoilAP]
[HKCU\Software\SunFlowerOSD]
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Baidu_Drp_pos] =>Adware.BDSearch
[HKLM\Software\Mega Browse] =>PUP.MegaBrowse
[HKLM\Software\NSCPID]
[HKLM\Software\SoilIO]
[HKLM\Software\baidu] =>Adware.BDSearch
~ Key Software: 215 Legitimates Filtered in 00mn 04s

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 09/04/2014 - 00:15:46 - [162,307] ----D C:\Program Files\Baidu Security =>Adware.BDSearch
O43 - CFD: 20/11/2013 - 17:55:40 - [80,013] ----D C:\Program Files\exe
O43 - CFD: 07/03/2014 - 15:38:44 - [8,843] ----D C:\Program Files\Programas RFB
O43 - CFD: 08/03/2014 - 15:12:29 - [0] ----D C:\Program Files\RBM
O43 - CFD: 03/04/2014 - 06:21:18 - [0] ----D C:\Program Files\v9Soft
O43 - CFD: 01/12/2013 - 07:44:47 - [0] ----D C:\ProgramData\Audio
O43 - CFD: 01/12/2013 - 07:44:47 - [0] ----D C:\ProgramData\Audio Power
O43 - CFD: 10/04/2014 - 08:06:33 - [0] ----D C:\ProgramData\Baidu =>Adware.BDSearch
O43 - CFD: 08/03/2014 - 15:26:45 - [1,454] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 01/12/2013 - 07:44:47 - [0] ----D C:\ProgramData\NAVL
O43 - CFD: 01/12/2013 - 07:44:47 - [0,001] ----D C:\ProgramData\RegUse
O43 - CFD: 08/03/2014 - 15:27:03 - [2,821] ----D C:\Users\casal\AppData\Roaming\Baidu Security =>Adware.BDSearch
O43 - CFD: 01/08/2012 - 20:46:05 - [0,084] ----D C:\Users\casal\AppData\Roaming\br.org.cesar.ajudante.Ajudante
O43 - CFD: 10/02/2014 - 10:59:10 - [0,053] ----D C:\Users\casal\AppData\Roaming\exe
O43 - CFD: 02/08/2012 - 19:53:10 - [0,002] ----D C:\Users\casal\AppData\Roaming\Mural dos Amigos
O43 - CFD: 14/12/2013 - 16:38:35 - [0] ----D C:\Users\casal\AppData\Local\Inquisit
O43 - CFD: 29/10/2013 - 22:06:11 - [0] ----D C:\Users\casal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\exe
O43 - CFD: 12/04/2012 - 10:31:02 - [0,004] ----D C:\Users\casal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2012
O43 - CFD: 11/04/2013 - 17:27:19 - [0,004] ----D C:\Users\casal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2013
O43 - CFD: 07/03/2014 - 14:31:00 - [0,004] ----D C:\Users\casal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014
~ 727 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 929 Legitimates Filtered in 01mn 00s

---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.83E569BEC3CB8C8F269A69A97AA72BD2] - 08/04/2014 - 23:05:04 ---A- . (...) -- C:\Windows\win.ini [580]
O44 - LFC:[MD5.F06C5F0EDC2869C1C329D19F18B7E9E2] - 10/04/2014 - 09:48:34 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [16160]
O44 - LFC:[MD5.F06C5F0EDC2869C1C329D19F18B7E9E2] - 10/04/2014 - 09:48:34 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [16160]
O44 - LFC:[MD5.5811DA8CC1E6CD77967BEC1D1C7EF9A8] - 29/03/2014 - 10:06:08 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [148924]
O44 - LFC:[MD5.2669C46FE5289555BC025A49456D04B0] - 29/03/2014 - 10:06:08 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [709402]
~ Files: 33 Legitimates Filtered in 00mn 10s

---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
~ ShellExecuteHooks: Scanned in 00mn 00s

---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{0bcde4dc-a15f-11e2-982b-80ee732b127d}\AutoRun\command. (...) -- E:\LaunchU3.exe (.not file.)
~ Keys: Scanned in 00mn 00s

---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (...) -- C:\Program Files\uTorrent\uTorrent.exe (.not file.) =>P2P.µTorrent
~ SMSR Keys: 3 Legitimates Filtered in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s

---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.84B4C00AE8CDFC52CF68F322D821F34C] - 04/04/2014 - 23:18:35 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [49944]
O58 - SDL:[MD5.680448905E27BBC6587ADB28597640D6] - 04/04/2014 - 23:18:35 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [180760]
O58 - SDL:[MD5.F3628BF262DE8F349E5298F8A94FAE63] - 21/01/2014 - 10:14:38 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [43840]
O58 - SDL:[MD5.C84059943241394E90D8C30E2C573A9D] - 21/01/2014 - 10:14:48 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [27456] =>Adware.BDSearch
O58 - SDL:[MD5.36D995EE7DD05E77E50DD0DD4F953F94] - 09/01/2014 - 07:42:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Hook Base.) -- C:\Windows\System32\Drivers\Bhbase.sys [47456]
O58 - SDL:[MD5.2FBA6087B5CF341024D3606250CC5173] - 21/01/2014 - 06:01:34 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [135488]
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 13/07/2009 - 21:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 13/07/2009 - 18:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.4312D307729EBC73FEA44E32D6BB2F97] - 03/10/2011 - 14:21:54 ---A- . (...) -- C:\Windows\System32\Drivers\pad.sys [52496]
O58 - SDL:[MD5.6A06E33B9C2502D315C23731401358BF] - 04/12/2009 - 14:43:46 ---A- . (...) -- C:\Windows\System32\Drivers\SoilIO.sys [16248]
O58 - SDL:[MD5.4125AE13E301EDD3E0FFD57A7AC00258] - 04/12/2009 - 14:44:18 ---A- . (.Systems Internals - Windows NT Caps-lock Ctrl Swapper.) -- C:\Windows\System32\Drivers\Soilkbc.sys [10744]
O58 - SDL:[MD5.F0E973C24C9DFECE8853588918E62055] - 04/12/2009 - 14:44:36 ---A- . (.Systems Internals - Windows NT Caps-lock Ctrl Swapper.) -- C:\Windows\System32\Drivers\SoilMC.sys [10616]
O58 - SDL:[MD5.F92254B0BCFCD10CAAC7BCCC7CB7F467] - 12/11/2009 - 11:48:56 ---A- . (...) -- C:\Windows\System32\Drivers\StarOpen.sys [7168]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 13/07/2009 - 21:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:[MD5.BEE9AE78676412FE17000411F26847ED] - 17/06/2010 - 09:10:14 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\Drivers\stwrt.sys [431616]
O58 - SDL:[MD5.E295AE6A46D81F0A99D3F029F3A02E99] - 21/03/2014 - 20:25:20 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\wStLib.sys [52928] =>PUP.LinkiDoo
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 17:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 17:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 17:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 17:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 17:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 17:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 17:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 17:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 17:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 17:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 17:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 17:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 17:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 17:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 17:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 16 Legitimates Filtered in 00mn 04s

---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 03/01/2014 - C:\Program Files\Baidu Security\Baidu Antivirus\BdApiUtil.sys (BdApiUtil) .(.Baidu, Inc. - Baidu Antivirus BdApi Driver.) - LEGACY_BDAPIUTIL
O64 - Services: CurCS - 21/01/2014 - C:\Program Files\Baidu Security\Baidu Antivirus\BdCameraProtect.sys (BdCameraProtect) .(.Baidu, Inc. - Baidu Antivirus Camera Protector Driver.) - LEGACY_BDCAMERAPROTECT
O64 - Services: CurCS - 21/01/2014 - C:\Windows\system32\drivers\Bfilter.sys (Bfilter) .(.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - LEGACY_BFILTER
O64 - Services: CurCS - 21/01/2014 - C:\Windows\system32\drivers\Bfmon.sys (Bfmon) .(.Baidu, Inc. - Baidu FS Monitor Driver.) - LEGACY_BFMON =>Adware.BDSearch
O64 - Services: CurCS - 09/01/2014 - C:\Windows\System32\drivers\Bhbase.sys (Bhbase) .(.Baidu, Inc. - Baidu Antivirus Hook Base.) - LEGACY_BHBASE
O64 - Services: CurCS - 21/01/2014 - C:\Windows\system32\drivers\Bprotect.sys (Bprotect) .(.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - LEGACY_BPROTECT
O64 - Services: CurCS - 18/12/2013 - C:\Program Files\NetRatingsNetSight\NetSight\meter1\nnfwdk.sys (nnfwdk) .(.The Nielsen Company - Nielsen Network Filter Driver.) - LEGACY_NNFWDK
O64 - Services: CurCS - 21/03/2014 - C:\Windows\System32\drivers\wStLib.sys (wStLib) .(.StdLib - StdLib.) - LEGACY_WSTLIB =>PUP.LinkiDoo
~ Legacy: 101 Legitimates Filtered in 00mn 01s

---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Users\casal\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {5149167E-EC05-ABF1-729A-7D253194AFED} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.8DDB84FB5FD7958654F23ECE6EA14D0F] [SPRF][15/01/2014] (.Baidu, Inc. - Baidu Antivirus FileSplitUpLoad Library.) -- C:\ProgramData\FileSplitUpLoad.dll [167784]
~ Files: 1 Legitimates Filtered in 00mn 00s

---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{8DC8C9FE-FB44-4300-80D0-A1DBBA793426}" |In - None - P17 - TRUE | .(...) -- C:\Program Files\WinZip Driver Updater\winzipdu.exe (.not file.)
~ Firewall: 171 Legitimates Filtered in 00mn 03s

---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "15687B932DF62574EB863CDB6B2F9DEE" . (.Webcam 1.5.) -- C:\Windows\Installer\{39B78651-6FD2-4752-BE68-C3BDB6F2D9EE}\_6FEFF9B68218417F98F549.exe
O90 - PUC: "5509804B864D4A546AABA531D87D51CF" . (.Bing Bar.) -- C:\Windows\Installer\{B4089055-D468-45A4-A6BA-5A138DD715FC}\icon_installer_ico =>Toolbar.Bing
O90 - PUC: "8224FDAA277034D429BE2B543E1AB700" . (.IPM 1.5.) -- C:\Windows\Installer\{AADF4228-0772-4D43-92EB-B245E3A17B00}\_6FEFF9B68218417F98F549.exe
~ Update Products: 71 Legitimates Filtered in 00mn 00s

---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
~ WIS: 73 Legitimates Filtered in 00mn 17s

---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\advancedsystemprotector_RASAPI32 =>PUP.AdvancedSystemProtector
HKLM\SOFTWARE\Microsoft\Tracing\advancedsystemprotector_RASMANCS =>PUP.AdvancedSystemProtector
HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASAPI32 =>Toolbar.Bing
HKLM\SOFTWARE\Microsoft\Tracing\FindRight_RASAPI32 =>Hijacker.FindrToolbar
HKLM\SOFTWARE\Microsoft\Tracing\FindRight_RASMANCS =>Hijacker.FindrToolbar
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarInstaller_en32_signed_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarInstaller_en32_signed_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarManager_B6E98F0202354167_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarManager_B6E98F0202354167_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarNotifier_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\MegaBrowse_RASAPI32 =>PUP.MegaBrowse
HKLM\SOFTWARE\Microsoft\Tracing\MegaBrowse_RASMANCS =>PUP.MegaBrowse
HKLM\SOFTWARE\Microsoft\Tracing\updateFindRight_RASAPI32 =>Hijacker.FindrToolbar
HKLM\SOFTWARE\Microsoft\Tracing\updateFindRight_RASMANCS =>Hijacker.FindrToolbar
HKLM\SOFTWARE\Microsoft\Tracing\updateMegaBrowse_RASAPI32 =>PUP.MegaBrowse
HKLM\SOFTWARE\Microsoft\Tracing\updateMegaBrowse_RASMANCS =>PUP.MegaBrowse
HKLM\SOFTWARE\Microsoft\Tracing\utilMegaBrowse_RASAPI32 =>PUP.MegaBrowse
HKLM\SOFTWARE\Microsoft\Tracing\utilMegaBrowse_RASMANCS =>PUP.MegaBrowse
HKLM\SOFTWARE\Microsoft\Tracing\utorrent-32-build-27708-baixaki-32-bits_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\utorrent-32-build-27708-baixaki-32-bits_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\Video Download Converter_RASAPI32 =>Adware.VideoDownloadConverter
HKLM\SOFTWARE\Microsoft\Tracing\Video Download Converter_RASMANCS =>Adware.VideoDownloadConverter
~ BTK: 276 Legitimates Filtered in 00mn 01s

---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}] (baidu right click handler) =>Adware.BDSearch
[HKCR\CLSID\{89425C81-9C22-44E0-9D7C-2875C59C80DD}] (Groove WorkspaceManagerApplication) =>PUP.Manager
[HKCR\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}] (Bing Bar) =>Toolbar.Bing
[HKCR\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] (Bing Bar Helper) =>Toolbar.Bing
~ BCK: 6549 Legitimates Filtered in 00mn 42s

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 13/03/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 21/10/2011 196176 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\BBSvc.exe =>Toolbar.Bing
SS - | Auto 30/10/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 30/10/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 19/03/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 03/10/2012 64592 | (AppManagerService) . (.Positivo Informática S.A..) - C:\Program Files\Positivo Informática\Positivo Experience\Positivo Experience\MundoPositivoService.exe
SR - | Auto 04/04/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 04/04/2014 109048 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 20/03/2012 45056 | (BatteryManagerSrv) . (.Positivo Informática S.A.) - C:\Program Files\Positivo Informática\Positivo Experience\Positivo Bateria\BatteryManagerService.exe
SR - | Auto 21/01/2014 1923376 | (BAVSvc) . (.Baidu, Inc..) - C:\Program Files\Baidu Security\Baidu Antivirus\BAVSvc.exe
SR - | Auto 13/10/2011 249648 | (BBUpdate) . (.Microsoft Corporation.) - C:\Program Files\Microsoft\BingBar\SeaPort.exe =>Toolbar.Bing
SR - | Auto 21/01/2014 459416 | (BHipsSvc) . (.Baidu, Inc..) - C:\Program Files\Baidu Security\Baidu Antivirus\BHipsSvc.exe
SR - | Auto 03/03/2010 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 30/10/2013 2838568 | (NielsenUpdate) . (.The Nielsen Company.) - C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe
SR - | Auto 12/11/2009 71096 | (NMSAccessU) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 17/06/2010 237650 | (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\STacSV.exe
SR - | Auto 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 47s

---\\ Scâner Aditional (088)
Database Version : 13044 - (09/04/2014)
Clés trouvées (Keys found) : 8
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 9
Fichiers trouvés (Files found) : 13

[HKLM\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh] =>PUP.Funmoods^
[HKLM\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje] =>PUP.DealPly^
[HKLM\Software\Google\Chrome\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo] =>PUP.ExtendedProtection^
[HKLM\Software\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma] =>PUP.QuickStart^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] =>P2P.µTorrent^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B4089055-D468-45A4-A6BA-5A138DD715FC}] =>Toolbar.Agent
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{8dcb7100-df86-4384-8842-8fa844297b3f} =>Toolbar.Bing^
C:\Users\casal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh =>PUP.Funmoods^
C:\Users\casal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje =>PUP.DealPly^
C:\Users\casal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo =>PUP.ExtendedProtection^
C:\Users\casal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma =>PUP.QuickStart^
C:\Program Files\Baidu Security =>Adware.BDSearch^
C:\ProgramData\Baidu =>Adware.BDSearch^
C:\ProgramData\Baidu Security =>Adware.BDSearch^
C:\Users\casal\AppData\Roaming\Baidu Security =>Adware.BDSearch^
C:\Program Files\V9Soft =>PUP.V9Software
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKCU\Software\Mega Browse] =>PUP.MegaBrowse^
[HKCU\Software\SaveSense] =>PUP.SaveSense^
[HKLM\Software\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Baidu_Drp_pos] =>Adware.BDSearch^
[HKLM\Software\Mega Browse] =>PUP.MegaBrowse^
[HKLM\Software\baidu] =>Adware.BDSearch^
[HKCR\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}] (baidu right click handler) =>Adware.BDSearch^
[HKCR\CLSID\{89425C81-9C22-44E0-9D7C-2875C59C80DD}] (Groove WorkspaceManagerApplication) =>PUP.Manager^
[HKCR\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}] (Bing Bar) =>Toolbar.Bing^
[HKCR\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] (Bing Bar Helper) =>Toolbar.Bing^
C:\Users\casal\AppData\Local\Temp\Umbrella.exef61c7a =>Adware.IMBooster
~ Additionnel Scan: 259183 Items scanned in 02mn 39s

---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Funmoods
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.DealPly
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.ExtendedProtection
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.QuickStart
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.MegaBrowse
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SaveSense
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SweetIM
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.AdvancedSystemProtector
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.FindrToolbar
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.VideoDownloadConverter
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Manager
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.V9Software
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.IMBooster
~ MSI: 14 link(s) detected in 00mn 00s

~ 1776 Legitimates filtered by white list
End of the scan (650 lines in 08mn 16s)(0)

por **Power Max** Qui 10 Abr 2014, 12:33

Acesse o site [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e envie este arquivo abaixo para ser analisado:
C:\Program Files\exe\exe.exe

Assim que a análise for concluída, copie o link que aparecerá na barra de endereços de seu navegador e poste este link em sua próxima resposta juntamente com o relatório do ZHPFix pedido abaixo.
_______________________________________________________________________________________________________________

baidu - Remover Baidu 772309

Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

baidu - Remover Baidu 772309

Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta juntamente com o link da análise do arquivo no site Virus Total.

por Rodrig Qui 10 Abr 2014, 18:45

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Rapport de ZHPFix 2014.4.7.2 par Nicolas Coolman, Update du 07/04/2014
Fichier d'export Registre : C:\Users\casal\AppData\Roaming\ZHP\ZHPExportRegistry-10-04-2014-17-38-37.txt
Run by casal at 10/04/2014 17:38:39
High Elevated Privileges : OK
Windows 7 Starter Edition, 32-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 05s)
Reparação de atalhos do navegador

========== Estado dos serviços ==========
BDAPIUTIL Parado
BDCAMERAPROTECT Parado
BFILTER Parado
BFMON Parado
BHBASE Parado
BPROTECT Parado
WSTLIB Parado

========== Chaves do Registo ==========
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bprotect
ELIMINÉ Driver Key: wStLib

========== Valores do Registo ==========
ELIMINÉ RunValue: Baidu Antivirus
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Elementos dos dados do Registo ==========
ELIMINÉ AppInit: \Program Files\browse~1\23796~1.11\{16cdf~1\browse~1.dll

========== Pastas ==========
ELIMINÉ: C:\Users\casal\AppData\Local\{AAEF73FE-1682-4DDB-81BE-4C5FE0B369BC}
ELIMINÉ: C:\Users\casal\AppData\Local\{AB633CE3-D1ED-4066-8F27-8049FABDFBCD}
ELIMINÉ: C:\Users\casal\AppData\Local\{AB6A3F02-3521-480A-B783-C92317042C09}
ELIMINÉ: C:\Users\casal\AppData\Local\{AC3A6A31-437B-4903-8988-42573352451F}
ELIMINÉ: C:\Users\casal\AppData\Local\{AC648852-E461-471D-9766-4141F844CA3B}
ELIMINÉ: C:\Users\casal\AppData\Local\{AC6A2E43-47D2-4770-87C5-3E8949895631}
ELIMINÉ: C:\Users\casal\AppData\Local\{ACA2297A-AD5E-4FC8-AC66-839F7FDE7B5F}
ELIMINÉ: C:\Users\casal\AppData\Local\{ACB19533-0ED8-4CD8-836B-233706797FFB}
ELIMINÉ: C:\Users\casal\AppData\Local\{ACCCAA0F-8614-49B7-BDE8-AAA6774B2DCB}
ELIMINÉ: C:\Users\casal\AppData\Local\{AD16C7A7-E91D-44F1-AB89-BFA9995E35B5}
ELIMINÉ: C:\Users\casal\AppData\Local\{AD54B126-77DB-46E5-A8FA-D607B23B8279}
ELIMINÉ: C:\Users\casal\AppData\Local\{AD6D89BE-81FE-4DFB-AFB6-AC9161776DB4}
ELIMINÉ: C:\Users\casal\AppData\Local\{AE2C2FBC-09F0-4F74-B1D5-97C6492DB11C}
ELIMINÉ: C:\Users\casal\AppData\Local\{AE637E98-EB77-4F48-A540-C8301FD99017}
ELIMINÉ: C:\Users\casal\AppData\Local\{AE937826-7EBD-4693-9B0D-61E344E72139}
ELIMINÉ: C:\Users\casal\AppData\Local\{AEB38C66-8B50-40F4-855B-AB425B085C05}
ELIMINÉ: C:\Users\casal\AppData\Local\{AF22B3AF-4D65-46B0-A2D6-A15D116FB5C2}
ELIMINÉ: C:\Users\casal\AppData\Local\{AFD01F4F-11DC-4C77-BF0E-705804C32BAC}
ELIMINÉ: C:\Users\casal\AppData\Local\{AFEF4A08-FED6-4156-BD06-B06CA15ADE9C}
ELIMINÉ: C:\Users\casal\AppData\Local\{AFF58CF1-F607-4388-951C-95B7783EF13F}
ELIMINÉ: C:\Users\casal\AppData\Local\{B01F8C60-D716-4E14-9DBD-98B656934A4C}
ELIMINÉ: C:\Users\casal\AppData\Local\{B062D794-2392-48F2-AE10-CC528EE5A239}
ELIMINÉ: C:\Users\casal\AppData\Local\{B0B1E797-C638-46A4-BC0A-F57BF53EC864}
ELIMINÉ: C:\Users\casal\AppData\Local\{B1695B1A-3547-407C-892D-57B84547B14E}
ELIMINÉ: C:\Users\casal\AppData\Local\{B2A02EEB-4C0C-429D-A1DB-870ABD5F03D5}
ELIMINÉ: C:\Users\casal\AppData\Local\{B2B0BF22-ED3A-48C2-9A45-4284AB2740EF}
ELIMINÉ: C:\Users\casal\AppData\Local\{B340421A-DEC2-4C02-AAAA-921D1C77EC69}
ELIMINÉ: C:\Users\casal\AppData\Local\{B38E0D45-C9AC-4423-9637-6EAFE60C0491}
ELIMINÉ: C:\Users\casal\AppData\Local\{B40504C2-5919-416C-A4AA-20F463E63A6B}
ELIMINÉ: C:\Users\casal\AppData\Local\{B4E42308-1D22-49FA-B8AA-345DA4BC5892}
ELIMINÉ: C:\Users\casal\AppData\Local\{B4F493B9-857F-46D0-A3EE-5991AD076B69}
ELIMINÉ: C:\Users\casal\AppData\Local\{B5156583-91BB-4158-ABB9-7F007D7816BF}
ELIMINÉ: C:\Users\casal\AppData\Local\{B531DB1D-101F-4E75-AE1C-1D00B1ABC694}
ELIMINÉ: C:\Users\casal\AppData\Local\{B59B67A8-08DC-40A4-9DF2-1AE1E246BF13}
ELIMINÉ: C:\Users\casal\AppData\Local\{B6019619-F63D-4003-8F43-BF9916ABED0A}
ELIMINÉ: C:\Users\casal\AppData\Local\{B60327E5-4059-44D1-A725-5C9EAB8369EE}
ELIMINÉ: C:\Users\casal\AppData\Local\{B69B74C7-9192-4A2E-B7FB-40B4D179DC87}
ELIMINÉ: C:\Users\casal\AppData\Local\{B6BBB325-12AD-4654-9A53-FD82E4B8B161}
ELIMINÉ: C:\Users\casal\AppData\Local\{B6CF9CCA-2933-4D96-B54E-475182AC9235}
ELIMINÉ: C:\Users\casal\AppData\Local\{B711E76A-57DF-452A-841D-4CC5A68375C3}
ELIMINÉ: C:\Users\casal\AppData\Local\{B71BF45B-0333-4F17-92F7-79846453DA99}
ELIMINÉ: C:\Users\casal\AppData\Local\{B758DF61-B089-4B8F-AF95-A3AD8C82E750}
ELIMINÉ: C:\Users\casal\AppData\Local\{B7668A08-0913-43EC-9D3D-B89BE74B32FE}
ELIMINÉ: C:\Users\casal\AppData\Local\{B7835DB2-359C-4405-924D-DF6987809047}
ELIMINÉ: C:\Users\casal\AppData\Local\{B7872F67-157F-4701-AD8A-7399319A26D0}
ELIMINÉ: C:\Users\casal\AppData\Local\{B8297597-AA9B-4332-A334-BC5421C47311}
ELIMINÉ: C:\Users\casal\AppData\Local\{B831CAA3-0A1F-4393-817A-A40E70E72B9F}
ELIMINÉ: C:\Users\casal\AppData\Local\{B839DD45-8C7D-40E4-968C-2E4EAFDE29B6}
ELIMINÉ: C:\Users\casal\AppData\Local\{B91F206A-58A2-4D9A-8FB9-400E7C41CF99}
ELIMINÉ: C:\Users\casal\AppData\Local\{B9482747-04A4-4CF0-BF35-25F0F975DAA4}
ELIMINÉ: C:\Users\casal\AppData\Local\{B9AF550B-B4EB-46DC-BBFF-DA7F92EC1F2D}
ELIMINÉ: C:\Users\casal\AppData\Local\{B9CC88B1-F538-4494-B2E6-90B6E510BC41}
ELIMINÉ: C:\Users\casal\AppData\Local\{B9E4AE7E-6A21-4E9A-A8C1-5D0C9CFA155A}
ELIMINÉ: C:\Users\casal\AppData\Local\{B9EEB4FB-A64E-42CE-A7F6-6BA08C711167}
ELIMINÉ: C:\Users\casal\AppData\Local\{BA95C519-210D-4B0D-A753-D022383E1797}
ELIMINÉ: C:\Users\casal\AppData\Local\{BB9E4EF3-6A0F-4F7A-8E45-A1936C8D3F06}
ELIMINÉ: C:\Users\casal\AppData\Local\{BBFD4573-330B-4DA6-B59C-EB1A4C72C624}
ELIMINÉ: C:\Users\casal\AppData\Local\{BC2F4BB0-6949-4607-A054-FB4F5EF4FF58}
ELIMINÉ: C:\Users\casal\AppData\Local\{BCEA0FDE-65A4-4D47-A12E-DF91ADF7DEA7}
ELIMINÉ: C:\Users\casal\AppData\Local\{BCF1F45C-DF1F-4E59-A870-45F37D6E8037}
ELIMINÉ: C:\Users\casal\AppData\Local\{BD4BA62C-0630-4914-B2B0-5ED2E7200CC2}
ELIMINÉ: C:\Users\casal\AppData\Local\{BDB5DCEA-98A7-4F89-8193-CA0B66CB5F8F}
ELIMINÉ: C:\Users\casal\AppData\Local\{BE1E648B-13A6-4F4E-A940-DACA818655B3}
ELIMINÉ: C:\Users\casal\AppData\Local\{BF6CFC6D-D1B9-498E-8E4D-E9EBE1333125}
ELIMINÉ: C:\Users\casal\AppData\Local\{BFAD62D6-22BD-4815-BD14-0F0A57E543D8}
ELIMINÉ: C:\Users\casal\AppData\Local\{BFEFA94C-9440-4CEE-9C9A-FC1F8E7C51C0}
ELIMINÉ: C:\Users\casal\AppData\Local\{BFF98C5B-7B32-447D-8DB4-C771A8994314}
ELIMINÉ: C:\Users\casal\AppData\Local\{C042857E-368B-4692-8E39-F3D9E71E421E}
ELIMINÉ: C:\Users\casal\AppData\Local\{C07F66C6-6BE4-4EC2-B3FA-12F9D0484432}
ELIMINÉ: C:\Users\casal\AppData\Local\{C0B5A9F9-9AEE-4D72-A44B-9AB985343C4B}
ELIMINÉ: C:\Users\casal\AppData\Local\{C1E34F87-4B2F-4FFF-BF83-7319EA7EF404}
ELIMINÉ: C:\Users\casal\AppData\Local\{C2117EF2-C60B-4590-AC68-BAAD6A9DDF82}
ELIMINÉ: C:\Users\casal\AppData\Local\{C25BF7C3-C67E-4CA7-8AC8-FECBA7F02110}
ELIMINÉ: C:\Users\casal\AppData\Local\{C27AD390-8BDB-46E0-9EB4-25FF50372475}
ELIMINÉ: C:\Users\casal\AppData\Local\{C2939CB7-E174-4E52-80B4-ABA2BDBE5748}
ELIMINÉ: C:\Users\casal\AppData\Local\{C2C219AB-597F-40EC-8F07-E1B5CF760C0A}
ELIMINÉ: C:\Users\casal\AppData\Local\{C2E57EBD-1918-4387-8BD1-57E609680DFE}
ELIMINÉ: C:\Users\casal\AppData\Local\{C388AF4D-4720-4776-9745-4B777E09DD59}
ELIMINÉ: C:\Users\casal\AppData\Local\{C3A12D35-108C-461F-B516-AD7F735B07B9}
ELIMINÉ: C:\Users\casal\AppData\Local\{C3BCF8DD-73C0-4D64-AC27-9E0EB41F9734}
ELIMINÉ: C:\Users\casal\AppData\Local\{C41B3E84-6D86-472D-BC23-D41EB1A19964}
ELIMINÉ: C:\Users\casal\AppData\Local\{C41CE52C-611A-4356-BAD5-B1B036124D5D}
ELIMINÉ: C:\Users\casal\AppData\Local\{C44B508A-8DE3-4081-ADBC-3B042C47927C}
ELIMINÉ: C:\Users\casal\AppData\Local\{C49EBBC5-49EA-472B-A18C-911FB6758ABB}
ELIMINÉ: C:\Users\casal\AppData\Local\{C4F428E0-A53A-4237-B171-8A8BFCEA5767}
ELIMINÉ: C:\Users\casal\AppData\Local\{C55FA5B1-7C24-4F31-BF21-641B2E6041D1}
ELIMINÉ: C:\Users\casal\AppData\Local\{C585D117-8266-4F02-A98B-2F5C54F99DAF}
ELIMINÉ: C:\Users\casal\AppData\Local\{C66EDBF7-FDCE-4AAD-BCB9-9CD48A7B2CC0}
ELIMINÉ: C:\Users\casal\AppData\Local\{C68611DF-3B92-4173-B654-2EA1DFEE70AC}
ELIMINÉ: C:\Users\casal\AppData\Local\{C8056E8C-A27C-4E69-B535-D8C2F1556722}
ELIMINÉ: C:\Users\casal\AppData\Local\{C8435504-7675-41AA-AA21-56BC914D20BD}
ELIMINÉ: C:\Users\casal\AppData\Local\{C8704534-D3A2-4F48-ACF9-60ED81FEB062}
ELIMINÉ: C:\Users\casal\AppData\Local\{C890D670-8062-4FF7-9A4E-091979CA3C9E}
ELIMINÉ: C:\Users\casal\AppData\Local\{C9523F11-8565-4ABD-A91A-1B21122905BC}
ELIMINÉ: C:\Users\casal\AppData\Local\{CA66A718-BCD6-4166-83CD-1E455965C870}
ELIMINÉ: C:\Users\casal\AppData\Local\{CA77C0AB-058C-4D24-B463-485D2A664B8A}
ELIMINÉ: C:\Users\casal\AppData\Local\{CAF5C613-3643-42EA-A5AB-E275E6EFA780}
ELIMINÉ: C:\Users\casal\AppData\Local\{CB001A5B-2F4B-4B91-98E0-72DAA21519B0}
ELIMINÉ: C:\Users\casal\AppData\Local\{CB2A9BAB-51AB-4BC6-BFFB-FB63A098AE2E}
ELIMINÉ: C:\Users\casal\AppData\Local\{CB2D1B46-29D6-49AF-8BED-4F8A2015B1C6}
ELIMINÉ: C:\Users\casal\AppData\Local\{CB3721FA-3FAC-4EC2-A871-ED0BA8555F03}
ELIMINÉ: C:\Users\casal\AppData\Local\{CBD72CB1-3AC6-4E80-8BB8-0068AB55D0ED}
ELIMINÉ: C:\Users\casal\AppData\Local\{CC6A18A2-A55A-4AF0-9C3E-CE657C62282B}
ELIMINÉ: C:\Users\casal\AppData\Local\{CC94A0FA-E680-4F49-9328-12230D5D3D25}
ELIMINÉ: C:\Users\casal\AppData\Local\{CE1E310D-96A1-4164-97C9-57D2328A7E8A}
ELIMINÉ: C:\Users\casal\AppData\Local\{CE7141B6-3671-4972-835C-6C1242434752}
ELIMINÉ: C:\Users\casal\AppData\Local\{CE890278-656D-4D80-AAE8-A11EF54A4871}
ELIMINÉ: C:\Users\casal\AppData\Local\{CF9E4011-C5B2-4724-A2AD-B3DD34E4FD30}
ELIMINÉ: C:\Users\casal\AppData\Local\{D0151BEE-0551-4F7A-A990-990CADE9AE1F}
ELIMINÉ: C:\Users\casal\AppData\Local\{D09AD9CE-0947-4B8D-8187-AF90E7B0598D}
ELIMINÉ: C:\Users\casal\AppData\Local\{D0FD7B6D-98EF-4F50-A5FE-436FFC8FBE1A}
ELIMINÉ: C:\Users\casal\AppData\Local\{D144F50A-BFE3-44E0-921A-9D70023C3F62}
ELIMINÉ: C:\Users\casal\AppData\Local\{D1C0B467-3473-4A06-850E-CA1EA033419C}
ELIMINÉ: C:\Users\casal\AppData\Local\{D1C0DCA6-7A9B-458C-B287-E133853BE131}
ELIMINÉ: C:\Users\casal\AppData\Local\{D1D67609-D055-490B-80F9-EB3074E3E45D}
ELIMINÉ: C:\Users\casal\AppData\Local\{D1EE2783-D19A-4560-8720-F6967309F040}
ELIMINÉ: C:\Users\casal\AppData\Local\{D2667591-FF89-4C45-BDEC-F25BE56161DA}
ELIMINÉ: C:\Users\casal\AppData\Local\{D2B871D2-8C9B-4AFA-A7E7-C171B15CAFE0}
ELIMINÉ: C:\Users\casal\AppData\Local\{D2BBD7AC-915D-40A6-B3A3-CEDDE1CF79F9}
ELIMINÉ: C:\Users\casal\AppData\Local\{D2C7F78B-1655-4CFD-9AEC-24131A3BA942}
ELIMINÉ: C:\Users\casal\AppData\Local\{D2D4739D-F224-4105-9D34-A005A6AA0F33}
ELIMINÉ: C:\Users\casal\AppData\Local\{D2EC1830-549D-4AA2-AA3C-A3B75E80D4B2}
ELIMINÉ: C:\Users\casal\AppData\Local\{D2EF6F76-C2C3-4DFA-B000-4ABC15EE5035}
ELIMINÉ: C:\Users\casal\AppData\Local\{D31EBF70-C06B-4F2B-97F0-F7B98025052A}
ELIMINÉ: C:\Users\casal\AppData\Local\{D368294B-DF85-4376-932F-C1CBA6874E24}
ELIMINÉ: C:\Users\casal\AppData\Local\{D396F4BE-82D5-4584-AACD-21A402505D94}
ELIMINÉ: C:\Users\casal\AppData\Local\{D3EFC305-12E2-4812-BA13-8F7133108A97}
ELIMINÉ: C:\Users\casal\AppData\Local\{D3F6E03A-8E1B-4B02-A177-5EF524187B7F}
ELIMINÉ: C:\Users\casal\AppData\Local\{D449B815-4FEB-4D98-98E8-C6465640B398}
ELIMINÉ: C:\Users\casal\AppData\Local\{D44A84F3-E1E1-48F4-93B0-AE743966A259}
ELIMINÉ: C:\Users\casal\AppData\Local\{D54898B6-7135-4103-8F08-5B35A5D7A2A0}
ELIMINÉ: C:\Users\casal\AppData\Local\{D569ECA8-A672-4DDC-8FCC-AFB126FF2B86}
ELIMINÉ: C:\Users\casal\AppData\Local\{D57A3D56-4BE9-4CDE-98B7-91F0D6393FC9}
ELIMINÉ: C:\Users\casal\AppData\Local\{D5BACC12-2C11-4F76-8BAB-652B14D16448}
ELIMINÉ: C:\Users\casal\AppData\Local\{D5ECB5B6-53AF-4E5C-A13E-92C8B91A1511}
ELIMINÉ: C:\Users\casal\AppData\Local\{D659CE91-F9E8-48F4-B40B-EE2018CBF5A2}
ELIMINÉ: C:\Users\casal\AppData\Local\{D6B62526-2813-451E-BB3C-7DAA9576E751}
ELIMINÉ: C:\Users\casal\AppData\Local\{D6DA6925-80F1-4C8A-91A7-2E92697DCE58}
ELIMINÉ: C:\Users\casal\AppData\Local\{D71BC12F-3A63-4227-91A7-EA7F9DEE8E06}
ELIMINÉ: C:\Users\casal\AppData\Local\{D7437FA0-6A74-4F60-88FB-DDCE6299E008}
ELIMINÉ: C:\Users\casal\AppData\Local\{D759482C-DDA4-412B-9269-BEA80FF9DDC6}
ELIMINÉ: C:\Users\casal\AppData\Local\{D797D3E8-4865-4971-9BC3-15704AA65B72}
ELIMINÉ: C:\Users\casal\AppData\Local\{D82E536F-2910-480F-8493-951956A1562D}
ELIMINÉ: C:\Users\casal\AppData\Local\{D9565685-0402-4459-89E4-6ED9B82C7B92}
ELIMINÉ: C:\Users\casal\AppData\Local\{D9C76831-9EEA-4A08-BDE5-F63ED4DE73E1}
ELIMINÉ: C:\Users\casal\AppData\Local\{DA040F31-A56A-4E58-909E-1D568534572F}
ELIMINÉ: C:\Users\casal\AppData\Local\{DA10CC63-249F-4242-BAE5-485E06CF929B}
ELIMINÉ: C:\Users\casal\AppData\Local\{DA244D60-C9BD-4E6A-8DF0-6DA6F1C68B22}
ELIMINÉ: C:\Users\casal\AppData\Local\{DA9440B4-3C93-4AC8-8788-8552F3F2E520}
ELIMINÉ: C:\Users\casal\AppData\Local\{DB3C571A-EFA9-4356-B354-E4E8AFACC64B}
ELIMINÉ: C:\Users\casal\AppData\Local\{DB7765C5-9444-4EB9-97A8-A4943BFF9D0B}
ELIMINÉ: C:\Users\casal\AppData\Local\{DB824D92-83F6-4211-A1FD-AB28B666CDEB}
ELIMINÉ: C:\Users\casal\AppData\Local\{DC62282D-2F5F-4A6B-8DF7-2D9ED9FFCB26}
ELIMINÉ: C:\Users\casal\AppData\Local\{DC6C2595-4441-4013-BF3C-187FC8F67C71}
ELIMINÉ: C:\Users\casal\AppData\Local\{DD2CDE46-F697-45C9-9A4C-6B9845F22D65}
ELIMINÉ: C:\Users\casal\AppData\Local\{DD913B46-EFA9-4D0D-BF9F-A618024CDA6B}
ELIMINÉ: C:\Users\casal\AppData\Local\{DDA62FDF-7B58-4BA5-B98D-AE839FF5FE35}
ELIMINÉ: C:\Users\casal\AppData\Local\{DDBF7652-70F3-4E81-BA4B-A786F71601EF}
ELIMINÉ: C:\Users\casal\AppData\Local\{DE241F86-407D-4547-A176-5DA736D75215}
ELIMINÉ: C:\Users\casal\AppData\Local\{DF273C1F-CDED-4A33-B33F-A71845F8C483}
ELIMINÉ: C:\Users\casal\AppData\Local\{DF514C5C-18D5-4A54-A4AF-D9E1C9CE423C}
ELIMINÉ: C:\Users\casal\AppData\Local\{DFA6FAA8-A92D-4683-B879-B7E23813460D}
ELIMINÉ: C:\Users\casal\AppData\Local\{E0286C7F-8A8F-44E1-A9EC-3C132880398C}
ELIMINÉ: C:\Users\casal\AppData\Local\{E04A6BC6-A7CB-4686-B71D-9D5F21555AB0}
ELIMINÉ: C:\Users\casal\AppData\Local\{E0C77F68-1C42-48FE-925F-BC4CB2AFDBE3}
ELIMINÉ: C:\Users\casal\AppData\Local\{E15EE15D-20C0-4219-BA0C-6B39826BE9DE}
ELIMINÉ: C:\Users\casal\AppData\Local\{E1E92A20-40BD-4DBA-BA26-756C9A215E1A}
ELIMINÉ: C:\Users\casal\AppData\Local\{E1EA2421-14D6-4C76-B50E-2FC702DF6890}
ELIMINÉ: C:\Users\casal\AppData\Local\{E1F231B8-72BC-4851-995D-730547FB861C}
ELIMINÉ: C:\Users\casal\AppData\Local\{E2EB740B-C377-423C-87D7-F44D7388C157}
ELIMINÉ: C:\Users\casal\AppData\Local\{E39E700B-5F20-4276-B6D0-4067A5E0CC70}
ELIMINÉ: C:\Users\casal\AppData\Local\{E39FEBFF-9179-41B2-A559-8523FE5FB3EA}
ELIMINÉ: C:\Users\casal\AppData\Local\{E3AC6DA4-79ED-4871-BF3B-7DC77CFBA008}
ELIMINÉ: C:\Users\casal\AppData\Local\{E40FCE58-F203-4257-A233-EC72034DFF39}
ELIMINÉ: C:\Users\casal\AppData\Local\{E472E401-FC66-45EE-9BB5-C45321A9E5B4}
ELIMINÉ: C:\Users\casal\AppData\Local\{E50E5A0C-3AEA-4C88-AA42-B73B541B7005}
ELIMINÉ: C:\Users\casal\AppData\Local\{E546BBA8-6F43-46FB-9394-B9E934C52CBB}
ELIMINÉ: C:\Users\casal\AppData\Local\{E55E9CC9-90C2-4F6C-8BB5-675DC0E3586B}
ELIMINÉ: C:\Users\casal\AppData\Local\{E69B9D19-4DBD-4817-A290-62988442F031}
ELIMINÉ: C:\Users\casal\AppData\Local\{E6AB8C18-659D-40A3-8033-22D1E6B9D8E5}
ELIMINÉ: C:\Users\casal\AppData\Local\{E6AC7AA1-117A-449B-A476-2984829FDF66}
ELIMINÉ: C:\Users\casal\AppData\Local\{E712D19B-4B0B-45A0-95F0-2AD18F7C7F38}
ELIMINÉ: C:\Users\casal\AppData\Local\{E71642B4-F4BF-44DB-922F-FF711409A819}
ELIMINÉ: C:\Users\casal\AppData\Local\{E754AD6B-7663-427A-AEE6-29C86A2BFF38}
ELIMINÉ: C:\Users\casal\AppData\Local\{E773F1F4-56BE-457F-A1B7-AF0DF75F95A8}
ELIMINÉ: C:\Users\casal\AppData\Local\{E7962706-25CE-46EC-92D1-74FABD1A81D9}
ELIMINÉ: C:\Users\casal\AppData\Local\{E7B2D970-020D-40BF-8CBB-59245181E8FD}
ELIMINÉ: C:\Users\casal\AppData\Local\{E8B70D6A-3A10-4170-BF31-28D2A3055A06}
ELIMINÉ: C:\Users\casal\AppData\Local\{E8EEB131-CBCD-46BA-AB63-A3E2A67FBCDA}
ELIMINÉ: C:\Users\casal\AppData\Local\{E91EEBBC-AF65-47A2-8C9F-A553E1613202}
ELIMINÉ: C:\Users\casal\AppData\Local\{E96582BF-09B9-4F49-88D5-2D694E1F105D}
ELIMINÉ: C:\Users\casal\AppData\Local\{E98183DF-FDB4-4E48-B985-C1733A217B03}
ELIMINÉ: C:\Users\casal\AppData\Local\{EA29F52C-0151-4DAF-9388-D89DBDC33067}
ELIMINÉ: C:\Users\casal\AppData\Local\{EA44853F-47AA-4BF2-B984-3B47FA8F0B6A}
ELIMINÉ: C:\Users\casal\AppData\Local\{EA567FC4-DBC7-44E2-B33E-5DB7A5C30B30}
ELIMINÉ: C:\Users\casal\AppData\Local\{EA7DF046-FAC1-4554-B9CA-AEB366E6FEE3}
ELIMINÉ: C:\Users\casal\AppData\Local\{EA9A349A-A6C3-4528-8D8E-A9042D11128A}
ELIMINÉ: C:\Users\casal\AppData\Local\{EB3BA1B9-6F9F-4614-AD58-6FAF579F9CA0}
ELIMINÉ: C:\Users\casal\AppData\Local\{EB58F8EC-905F-419F-BC0B-8DFC5C0BF961}
ELIMINÉ: C:\Users\casal\AppData\Local\{ECA279F0-E991-4228-A2D2-504E61245A58}
ELIMINÉ: C:\Users\casal\AppData\Local\{ED2FD94A-99A1-4295-A847-81B7C5B728F8}
ELIMINÉ: C:\Users\casal\AppData\Local\{ED3F21F7-854F-44B2-8A18-E3C85698CB78}
ELIMINÉ: C:\Users\casal\AppData\Local\{EDB46E03-06C1-4F33-9622-03016DF47DB6}
ELIMINÉ: C:\Users\casal\AppData\Local\{EE96C8B1-6AA0-4EBB-A31D-9912C6E5F066}
ELIMINÉ: C:\Users\casal\AppData\Local\{F03AA48B-7F4A-4967-B303-4FEE6A8C3978}
ELIMINÉ: C:\Users\casal\AppData\Local\{F06F8E9F-0DC8-495D-999F-2EB528BBD188}
ELIMINÉ: C:\Users\casal\AppData\Local\{F146CDC1-A53C-4C18-8B66-BABAEC48CFFC}
ELIMINÉ: C:\Users\casal\AppData\Local\{F18CEA49-5319-4202-8FA3-B6ABC86CBF3E}
ELIMINÉ: C:\Users\casal\AppData\Local\{F22A8673-6967-4F46-8448-C5BD42546777}
ELIMINÉ: C:\Users\casal\AppData\Local\{F2C4D647-2992-4B75-B20F-80F8BEBD750A}
ELIMINÉ: C:\Users\casal\AppData\Local\{F33786D4-8DF6-42E8-939F-F1DEBE879C77}
ELIMINÉ: C:\Users\casal\AppData\Local\{F345B167-56FD-4803-A036-962D41188021}
ELIMINÉ: C:\Users\casal\AppData\Local\{F3D41C7B-374F-48F0-B4FC-ECD676FAD5EF}
ELIMINÉ: C:\Users\casal\AppData\Local\{F47E6FEF-52BB-4F0F-8083-75079FEC6B8F}
ELIMINÉ: C:\Users\casal\AppData\Local\{F52AE09D-493B-4A6A-A995-F8066313BA05}
ELIMINÉ: C:\Users\casal\AppData\Local\{F55A69F5-0307-4CCD-8517-757F2FB44B0B}
ELIMINÉ: C:\Users\casal\AppData\Local\{F58016D0-2867-44AC-90A6-002AA8045AF1}
ELIMINÉ: C:\Users\casal\AppData\Local\{F5BB012C-8B1F-4204-87A5-618CFC6019FA}
ELIMINÉ: C:\Users\casal\AppData\Local\{F60728A3-8171-491F-B629-8A1500178D49}
ELIMINÉ: C:\Users\casal\AppData\Local\{F60B0A95-A59B-4CAB-9541-25AC13EB1732}
ELIMINÉ: C:\Users\casal\AppData\Local\{F6CECDBE-EDEC-4580-833A-8DDDB2E94C50}
ELIMINÉ: C:\Users\casal\AppData\Local\{F6EB4A1F-71B9-47DC-8BCD-540139AB4637}
ELIMINÉ: C:\Users\casal\AppData\Local\{F73F8FDC-17FA-4997-A33E-3E3B8363CDDD}
ELIMINÉ: C:\Users\casal\AppData\Local\{F780686D-FBF1-4EEB-9FF4-A2059E05CE16}
ELIMINÉ: C:\Users\casal\AppData\Local\{F78FCB56-22AB-4CBE-BE87-8DBD9ACEEEC1}
ELIMINÉ: C:\Users\casal\AppData\Local\{F7CD829C-F0FE-4AFE-A69F-7C54F6792B39}
ELIMINÉ: C:\Users\casal\AppData\Local\{F7DBF0AB-027D-487A-BB70-3B597552CDE0}
ELIMINÉ: C:\Users\casal\AppData\Local\{F8B13BE7-C9A6-488F-A4B8-11CA022E32A3}
ELIMINÉ: C:\Users\casal\AppData\Local\{F8F23116-C96F-4CFA-A06B-1FF2CC566879}
ELIMINÉ: C:\Users\casal\AppData\Local\{F970464C-0712-42C5-9F76-E20295ADC51C}
ELIMINÉ: C:\Users\casal\AppData\Local\{F97B26A7-1470-4C8B-966F-CB10B524BD4E}
ELIMINÉ: C:\Users\casal\AppData\Local\{F9CCE1A8-F181-4641-BCCF-325F9804AAA2}
ELIMINÉ: C:\Users\casal\AppData\Local\{FA466480-1380-4AC6-B46D-B2F3EC235D97}
ELIMINÉ: C:\Users\casal\AppData\Local\{FAC53088-E093-4B27-95B2-AD0F4B0206DC}
ELIMINÉ: C:\Users\casal\AppData\Local\{FB5C5AFD-ACDD-4394-9CA8-B0E28662EEB1}
ELIMINÉ: C:\Users\casal\AppData\Local\{FB5D3746-60C0-4FB2-AE06-6020CF25DCB1}
ELIMINÉ: C:\Users\casal\AppData\Local\{FB79D35E-125F-4B3E-8067-5CEDA033A4BD}
ELIMINÉ: C:\Users\casal\AppData\Local\{FC2839F5-A45D-401A-BC3D-0D89F50B4796}
ELIMINÉ: C:\Users\casal\AppData\Local\{FCAD4CFB-CF7C-48E2-AA9B-2C954122799E}
ELIMINÉ: C:\Users\casal\AppData\Local\{FD1AC2CC-2398-4EB1-98B3-112B06A3CBE2}
ELIMINÉ: C:\Users\casal\AppData\Local\{FD516618-87C0-44DF-85E7-DC0A1B6D0B49}
ELIMINÉ: C:\Users\casal\AppData\Local\{FE275CFE-9443-4EF0-A0AE-E3F9CB5E1D8E}
ELIMINÉ: C:\Users\casal\AppData\Local\{FF172AC2-C8E9-41CB-9234-8FCF2DBC5CFE}
ELIMINÉ: C:\Users\casal\AppData\Local\{FF404C35-2955-4937-AA28-49DC72908544}

========== Ficheiros ==========
ELIMINA REINICIAR: c:\program files\baidu security\baidu antivirus\bavtray.exe
ELIMINA REINICIAR: c:\program files\baidu security\baidu antivirus\bhipssvc.exe
ELIMINÉ: c:\program files\microsoft\bingbar\seaport.exe
ELIMINÉ Temporários windows (3) (307.651 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Recapitulativo ==========
4 : Chaves do Registo
9 : Valores do Registo
1 : Elementos dos dados do Registo
244 : Pastas
5 : Ficheiros
7 : Estado dos serviços
1 : Restauração Sistema

End of clean in 06mn 24s

========== Caminho do ficheiro do relatório ==========
C:\Users\casal\AppData\Roaming\ZHP\ZHPFix[R1].txt - 10/04/2014 17:38:36 [20984]
C:\Users\casal\AppData\Roaming\ZHP\ZHPFix[R2].txt - 10/04/2014 17:38:45 [21060]

por Rodrig Qui 10 Abr 2014, 18:49

No aguardo.

por **Power Max** Qui 10 Abr 2014, 19:18

Abra novamente o ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

por Rodrig Qui 10 Abr 2014, 22:40

~ Relatório do ZHPDiag v2014.4.9.16 - Nicolas Coolman (09/04/2014)
~ Iniciado por casal (10/04/2014 21:32:38)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user

---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.16659
MFIE: Mozilla Firefox 28.0 (Defaut)
GCIE: Google Chrome v34.0.1847.116

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows Vista (TM) Ultimate, 32-bit Service Pack 1 (Build 6000)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK

---\\ Softwares de proteçao do sistema
avast! Internet Security v9.0.2016

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
Adobe Reader XI
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 28 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2038 MB (32% free)
System Restore: Activé (Enable)
System drive C: has 252 GB (87%) free of 288 GB

---\\ Modo de conexão ao sistema
~ Computer Name: AMORE
~ User Name: casal
~ All Users Names: Convidado, casal, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\casal\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\casal\AppData\Roaming\
~ %Desktop% : C:\Users\casal\Desktop\
~ %Favorites% : C:\Users\casal\Favorites\
~ %LocalAppData% : C:\Users\casal\AppData\Local\
~ %StartMenu% : C:\Users\casal\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 252 Go of 288 Go)
D: CD-ROM drive (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)

---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 43 Legitimates Filtered in 00mn 00s

---\\ Pesquisa particular de ficheiros genéricos
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.07/07/2011 - 10:29:24.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 21:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.AAFEAB4FC9D70253F8C7E353E879E8A2] - (.Microsoft Corporation - Internet Extensions para Win32.) (.28/02/2014 - 22:32:16.) -- C:\Windows\System32\wininet.dll [1820160]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20/11/2010 - 17:29:06.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 17:29:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/09/2013 - 20:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 21:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 19:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 17:29:03.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 17:29:07.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 17:29:03.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 19:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 19:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.07/07/2011 - 10:30:36.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 17:29:08.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 22:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 19:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 19:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 19:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 17:29:07.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 17:29:03.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 01s

---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes musiques (My Musics) : 1/290
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/29
~ Mes Documents (My Documents) : 7/229
~ Mon Bureau (My Desktop) : 1/2021
~ Menu demarrer (Programs) : 1/43
~ Hidden Files: Scanned in 00mn 06s

---\\ Processos lançados
[MD5.FDBAA6322B3B408CD275A14654EF3D6B] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe [495708] [PID.3876]
[MD5.25107F58D1B8F60D67D1EE95798C0DE8] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696] [PID.3888]
[MD5.68257A00D12A44A390514E668407C8FA] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [141848] [PID.3896]
[MD5.F1C66577F5BFDD08B8E21B9ED2FE1300] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [173592] [PID.3904]
[MD5.1900188CF86CB7C82CB5C51F8EACCF86] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [150552] [PID.3932]
[MD5.0260412F3ED50279F42B913A42A9C66D] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [252952] [PID.3956]
[MD5.8895BE670D1D4BD478B16DD311273F4A] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1557800] [PID.4064]
[MD5.4BFA1849DC7AA3CB99C160D9EB96C67B] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640] [PID.4092]
[MD5.75516A4D91F913A48D14A5D8C04BBD0E] - (.The Nielsen Company - NielsenOnline.) -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe [91688] [PID.2924]
[MD5.DE8C5AB7EE56A7DA0166B2E2B0E496A2] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720] [PID.2972]
[MD5.FC551A8B8E637B2147C003C885B6756E] - (.Positivo Informática - Recovery.) -- C:\Program Files\Positivo Informática\Recovery\Recovery2.exe [1496576] [PID.3820]
[MD5.FE7AC897D23D88EEBA687BBD61DBBDCA] - (.No owner - IPM.exe.) -- C:\Program Files\OEM\IPM 1.5\IPM.exe [1106432] [PID.1220]
[MD5.2256E495D6B2566DE6DDBC6632510477] - (.No owner - OSD.) -- C:\Program Files\OEM\OSD 1.7\SunflowerOSD.exe [548864] [PID.3612]
[MD5.EB7F5388A3B1318DFFA8EA50C71835EF] - (.Ralink Technology, Corp. - RaUI MFC Application.) -- C:\Program Files\Ralink\Common\RaUI.exe [1560576] [PID.3832]
[MD5.58FC1B36032F03342E4C02813F80DAC1] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\casal\AppData\Roaming\Dropbox\bin\Dropbox.exe [30714328] [PID.4100]
[MD5.111ADB8738E6A9EF7001920F108B4833] - (.Positivo Informática S.A. - Positivo Backup.) -- C:\Program Files\Positivo Informática\Positivo Experience\Positivo Backup\PositivoSmartBackup.exe [1858048] [PID.404]
[MD5.DFC999E39D7465077B45F08C53BEE076] - (.Positivo Informática S.A. - Positivo Áudio.) -- C:\Program Files\Positivo Informática\Positivo Experience\Positivo Áudio\AudioPower.exe [1015808] [PID.4588]
[MD5.8E556A72D54F7E3B7844AB9217F02DD7] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [275568] [PID.2056]
[MD5.CBA0013EBDE3F0B08B043F61857E9809] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [18544] [PID.1172]
[MD5.497E84A1B6767142987A17574C57C04E] - (.Adobe Systems, Inc. - Adobe Flash Player 12.0 r0.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe [1863560] [PID.2496]
[MD5.F4651164AA1330735ADEA50AD0A326F2] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8208896] [PID.1600]
[MD5.D44D3387809EEDB5564735EC27BE700E] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\STacSV.exe [237650] [PID.1072]
[MD5.BEA8D0FA8805CC2E6BB49728166699C7] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1496]
[MD5.D58C10AFF2B5C09D615623A4DAC0E330] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe [109048] [PID.1776]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1844]
[MD5.6D3242D8E7476F6A976084611A1594C1] - (.Positivo Informática S.A - Battery Power Service.) -- C:\Program Files\Positivo Informática\Positivo Experience\Positivo Bateria\BatteryManagerService.exe [45056] [PID.1904]
[MD5.1A5F12AF8D00055B07DD0139A2251F03] - (.The Nielsen Company - NielsenOnline.) -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe [2838568] [PID.684]
[MD5.FD306FBCCE7ADB1077B709742E7148E9] - (...) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096] [PID.1380]
[MD5.19D34534176E62F35DDB7DC7B7FF2A87] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [207528] [PID.2176]
[MD5.1AEBDC693C74EA55FE05D51FA6573EBC] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [523944] [PID.2296]
[MD5.FD557A50A65E44041CD2FCEF4BEB04DB] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822504] [PID.2776]
[MD5.B752FC4AB1F3D5048A17E1D993028998] - (.Positivo Informática S.A - Battery Power Main Application.) -- C:\Program Files\Positivo Informática\Positivo Experience\Positivo Bateria\BatteryPower.exe [1208320] [PID.4372]
[MD5.5BD9CC8C50D3FFF051AB6FF009BE9602] - (.Positivo Informática S.A. - WindowsService.) -- C:\Program Files\Positivo Informática\Positivo Experience\Positivo Experience\MundoPositivoService.exe [64592] [PID.5512]
[MD5.31A0E93CDF29007D6C6FFFB632F375ED] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.4236]
~ Processes Running: Scanned in 00mn 04s

---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\casal\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [bbjciahceamgodcoidkjpchnokgfpphh] Funmoods v.1.0 (Désactivé) =>PUP.Funmoods
G2 - GCE: Preference [User Data\Default] [cjpglkicenollcignonpgiafdgfeehoj] SpeedDial v.4.0 (Désactivé)
G2 - GCE: Preference [User Data\Default] [gaiilaahiahdejapggenmdmafpmbipje] DealPly v.3.0.7.2 (Désactivé) =>PUP.DealPly
G2 - GCE: Preference [User Data\Default] [jgceplfonlgodadnpognljgdjlcnpjnh] Nielsen v.1.8.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [ogfjmhfnldnajmfaofeiaepghjenbgjo] Extended Protection v.3.4.2 (Désactivé) =>PUP.ExtendedProtection
G2 - GCE: Preference [User Data\Default] [pelmeidfhdlhlbjimpabfcbnnojbboma] Quick Start v.3.1.3, (Désactivé) =>PUP.QuickStart

---\\ Pasta de extensão do Google Chrome

~ Google Lines Browser: 18 Legitimates Filtered in 00mn 12s

---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\casal\AppData\Roaming\Mozilla\Firefox\Profiles\p4r4c8sz.default-1394306066141\prefs.js
C:\Users\casal\AppData\Roaming\Mozilla\Firefox\Profiles\yfiiolph.default-1396892395728\prefs.js
P2 - FPN: [HKLM] [@nielsen/FirefoxTracker] - (.Nielsen - Nielsen FirefoxTracker Plug-in.) -- C:\Program Files\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll
~ Firefox Browser: 24 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: aTube Catcher.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Desktop [Public]: Cadastro.lnk . (.Positivo Informática - Registro de usuários Positivo Inform.) -- C:\Program Files\Positivo Informática\SW_Cadastro\Registro.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Receitanet 1.04 .lnk . (.SERPRO - Serviço Federal de Processamento d - Receitanet.) -- C:\Program Files\Programas RFB\Receitanet\Windows\Receitanet.exe
O4 - GS\Desktop [Public]: Video Search.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Desktop [Public]: Webcam.lnk . (...) -- C:\Windows\Installer\{39B78651-6FD2-4752-BE68-C3BDB6F2D9EE}\_F4711BF7C212A03CB0C5A8.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [casal]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [casal]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [casal]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [casal]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [casal]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [casal]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [casal]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [casal]: exe-1.04.1.lnk . (...) -- C:\Program Files\exe\exe.exe
O4 - GS\Desktop [casal]: IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk . (...) -- C:\Arquivos de Programas RFB\IRPF2014\IRPF2014.exe
~ Global Startup: 69 Legitimates Filtered in 00mn 04s

---\\ Aplicações iniciadas por registo & pastas (04)
O4 - GS\Startup [Public]: Assistente para criação de disco de recuperação.lnk . (.Positivo Informática - Recovery.) -- C:\Program Files\Positivo Informática\Recovery\Recovery2.exe
O4 - GS\Startup [Public]: IPM.lnk . (...) -- C:\Windows\Installer\{AADF4228-0772-4D43-92EB-B245E3A17B00}\_4E633D72E60CDC1A05956C.exe
O4 - GS\Startup [Public]: OSD.lnk . (...) -- C:\Windows\Installer\{5A9C96FE-1376-45E1-8556-C81255F0B5A7}\_51DECE17D28CB133DD0C64.exe
O4 - GS\Startup [Public]: Ralink Wireless Utility.lnk . (.Ralink Technology, Corp. - RaUI MFC Application.) -- C:\Program Files\Ralink\Common\RaUI.exe
O4 - GS\Startup [casal]: Dropbox.lnk . (.Dropbox, Inc. - Dropbox.) -- C:\Users\casal\AppData\Roaming\Dropbox\bin\Dropbox.exe =>.Dropbox
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [StartUpManagerPositivo] . (...) -- C:\Program Files\Positivo Informática\Gerenciador de Inicialização Positivo\ManagerWindows.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Run: [NielsenOnline] . (.The Nielsen Company - NielsenOnline.) -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\casal\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2364669226-1398954891-4146519358-1000\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\casal\AppData\Local\Google\Update\GoogleUpdate.exe
~ Application: Scanned in 00mn 00s

---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B7F4A48C-FC31-4615-AFDB-E88BFDB109FD}: NameServer = 200.175.182.139,200.175.5.139
O17 - HKLM\System\CCS\Services\Tcpip\..\{C8F930EE-434F-4859-82A8-6A1CC10A4FC6}: NameServer = 200.175.182.139,200.175.5.139
O17 - HKLM\System\CCS\Services\Tcpip\..\{5AE40E16-3297-4BC8-B00E-C38BFD003E4B}: DhcpNameServer = 187.123.31.55 187.123.31.56 187.123.31.54
O17 - HKLM\System\CCS\Services\Tcpip\..\{C8F930EE-434F-4859-82A8-6A1CC10A4FC6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B7F4A48C-FC31-4615-AFDB-E88BFDB109FD}: NameServer = 200.175.182.139,200.175.5.139
O17 - HKLM\System\CS1\Services\Tcpip\..\{C8F930EE-434F-4859-82A8-6A1CC10A4FC6}: NameServer = 200.175.182.139,200.175.5.139
O17 - HKLM\System\CS1\Services\Tcpip\..\{5AE40E16-3297-4BC8-B00E-C38BFD003E4B}: DhcpNameServer = 187.123.31.55 187.123.31.56 187.123.31.54
O17 - HKLM\System\CS1\Services\Tcpip\..\{C8F930EE-434F-4859-82A8-6A1CC10A4FC6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{B7F4A48C-FC31-4615-AFDB-E88BFDB109FD}: NameServer = 200.175.182.139,200.175.5.139
O17 - HKLM\System\CS2\Services\Tcpip\..\{C8F930EE-434F-4859-82A8-6A1CC10A4FC6}: NameServer = 200.175.182.139,200.175.5.139
O17 - HKLM\System\CS2\Services\Tcpip\..\{5AE40E16-3297-4BC8-B00E-C38BFD003E4B}: DhcpNameServer = 187.123.31.55 187.123.31.56 187.123.31.54
O17 - HKLM\System\CS2\Services\Tcpip\..\{C8F930EE-434F-4859-82A8-6A1CC10A4FC6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 187.123.31.55 187.123.31.56 187.123.31.54
~ Domain: Scanned in 00mn 00s

---\\ Protocolo adicional (018)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s

---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Nielsen Update (NielsenUpdate) . (.The Nielsen Company - NielsenOnline.) - C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe
~ Services: 10 Legitimates Filtered in 00mn 47s

---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (nnfwdk) . (.The Nielsen Company - Nielsen Network Filter Driver.) - C:\Program Files\NetRatingsNetSight\NetSight\meter1\nnfwdk.sys
~ Drivers: 75 Legitimates Filtered in 00mn 02s

---\\ Software instalados (042)
O42 - Logiciel: Driver 1.2 - (.OEM.) [HKLM] -- {BA56CD60-1D9F-4BE6-AC2F-B7C4A5437C35}
O42 - Logiciel: IPM 1.5 - (.OEM.) [HKLM] -- {AADF4228-0772-4D43-92EB-B245E3A17B00}
O42 - Logiciel: IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM] -- IRPF2012
O42 - Logiciel: IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM] -- IRPF2013
O42 - Logiciel: IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM] -- IRPF2014
O42 - Logiciel: Nielsen - (...) [HKLM] -- NetSight
O42 - Logiciel: OSD 1.7 - (.OEM.) [HKLM] -- {5A9C96FE-1376-45E1-8556-C81255F0B5A7}
O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5
~ Logic: 22 Legitimates Filtered in 00mn 02s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\IBOPE]
[HKCU\Software\SERPRO]
[HKCU\Software\SoilAP]
[HKCU\Software\SunFlowerOSD]
[HKLM\Software\NSCPID]
[HKLM\Software\SoilIO]
~ Key Software: 204 Legitimates Filtered in 00mn 02s

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 10/04/2014 - 17:25:13 - [5,280] ----D C:\Program Files\Baidu Security =>Adware.BDSearch
O43 - CFD: 10/04/2014 - 17:12:19 - [80,030] ----D C:\Program Files\exe
O43 - CFD: 07/03/2014 - 15:38:44 - [8,843] ----D C:\Program Files\Programas RFB
O43 - CFD: 08/03/2014 - 15:12:29 - [0] ----D C:\Program Files\RBM
O43 - CFD: 01/12/2013 - 07:44:47 - [0] ----D C:\ProgramData\Audio
O43 - CFD: 01/12/2013 - 07:44:47 - [0] ----D C:\ProgramData\Audio Power
O43 - CFD: 01/08/2012 - 20:46:05 - [0,084] ----D C:\Users\casal\AppData\Roaming\br.org.cesar.ajudante.Ajudante
O43 - CFD: 10/04/2014 - 17:12:49 - [0,059] ----D C:\Users\casal\AppData\Roaming\exe
O43 - CFD: 02/08/2012 - 19:53:10 - [0,002] ----D C:\Users\casal\AppData\Roaming\Mural dos Amigos
O43 - CFD: 14/12/2013 - 16:38:35 - [0] ----D C:\Users\casal\AppData\Local\Inquisit
O43 - CFD: 29/10/2013 - 22:06:11 - [0] ----D C:\Users\casal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\exe
O43 - CFD: 12/04/2012 - 10:31:02 - [0,004] ----D C:\Users\casal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2012
O43 - CFD: 11/04/2013 - 17:27:19 - [0,004] ----D C:\Users\casal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2013
O43 - CFD: 07/03/2014 - 14:31:00 - [0,004] ----D C:\Users\casal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014
~ Program Folder: 170 Legitimates Filtered in 00mn 44s

---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.83E569BEC3CB8C8F269A69A97AA72BD2] - 08/04/2014 - 23:05:04 ---A- . (...) -- C:\Windows\win.ini [580]
O44 - LFC:[MD5.26F9F7664FE556FC6BE7639715AFCDAB] - 10/04/2014 - 21:21:56 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [16160]
O44 - LFC:[MD5.26F9F7664FE556FC6BE7639715AFCDAB] - 10/04/2014 - 21:21:56 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [16160]
O44 - LFC:[MD5.5811DA8CC1E6CD77967BEC1D1C7EF9A8] - 29/03/2014 - 10:06:08 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [148924]
O44 - LFC:[MD5.2669C46FE5289555BC025A49456D04B0] - 29/03/2014 - 10:06:08 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [709402]
~ Files: 33 Legitimates Filtered in 00mn 12s

---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
~ ShellExecuteHooks: Scanned in 00mn 00s

---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (...) -- C:\Program Files\uTorrent\uTorrent.exe (.not file.) =>P2P.µTorrent
~ SMSR Keys: 3 Legitimates Filtered in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s

---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.84B4C00AE8CDFC52CF68F322D821F34C] - 04/04/2014 - 23:18:35 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [49944]
O58 - SDL:[MD5.680448905E27BBC6587ADB28597640D6] - 04/04/2014 - 23:18:35 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [180760]
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 13/07/2009 - 21:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 13/07/2009 - 18:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.4312D307729EBC73FEA44E32D6BB2F97] - 03/10/2011 - 14:21:54 ---A- . (...) -- C:\Windows\System32\Drivers\pad.sys [52496]
O58 - SDL:[MD5.6A06E33B9C2502D315C23731401358BF] - 04/12/2009 - 14:43:46 ---A- . (...) -- C:\Windows\System32\Drivers\SoilIO.sys [16248]
O58 - SDL:[MD5.4125AE13E301EDD3E0FFD57A7AC00258] - 04/12/2009 - 14:44:18 ---A- . (.Systems Internals - Windows NT Caps-lock Ctrl Swapper.) -- C:\Windows\System32\Drivers\Soilkbc.sys [10744]
O58 - SDL:[MD5.F0E973C24C9DFECE8853588918E62055] - 04/12/2009 - 14:44:36 ---A- . (.Systems Internals - Windows NT Caps-lock Ctrl Swapper.) -- C:\Windows\System32\Drivers\SoilMC.sys [10616]
O58 - SDL:[MD5.F92254B0BCFCD10CAAC7BCCC7CB7F467] - 12/11/2009 - 11:48:56 ---A- . (...) -- C:\Windows\System32\Drivers\StarOpen.sys [7168]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 13/07/2009 - 21:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:[MD5.BEE9AE78676412FE17000411F26847ED] - 17/06/2010 - 09:10:14 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\Drivers\stwrt.sys [431616]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 17:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 17:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 17:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 17:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 17:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 17:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 17:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 17:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 17:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 17:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 17:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 17:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 17:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 17:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 17:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 16 Legitimates Filtered in 00mn 07s

---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 18/12/2013 - C:\Program Files\NetRatingsNetSight\NetSight\meter1\nnfwdk.sys (nnfwdk) .(.The Nielsen Company - Nielsen Network Filter Driver.) - LEGACY_NNFWDK
~ Legacy: 101 Legitimates Filtered in 00mn 01s

---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Users\casal\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {5149167E-EC05-ABF1-729A-7D253194AFED} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.8DDB84FB5FD7958654F23ECE6EA14D0F] [SPRF][15/01/2014] (.Baidu, Inc. - Baidu Antivirus FileSplitUpLoad Library.) -- C:\ProgramData\FileSplitUpLoad.dll [167784]
~ Files: 1 Legitimates Filtered in 00mn 00s

---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "15687B932DF62574EB863CDB6B2F9DEE" . (.Webcam 1.5.) -- C:\Windows\Installer\{39B78651-6FD2-4752-BE68-C3BDB6F2D9EE}\_6FEFF9B68218417F98F549.exe
O90 - PUC: "8224FDAA277034D429BE2B543E1AB700" . (.IPM 1.5.) -- C:\Windows\Installer\{AADF4228-0772-4D43-92EB-B245E3A17B00}\_6FEFF9B68218417F98F549.exe
~ Update Products: 70 Legitimates Filtered in 00mn 00s

---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
~ WIS: 73 Legitimates Filtered in 00mn 09s

---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\utorrent-32-build-27708-baixaki-32-bits_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\utorrent-32-build-27708-baixaki-32-bits_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
~ BTK: 255 Legitimates Filtered in 00mn 00s

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 13/03/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 30/10/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 30/10/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 19/03/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 03/10/2012 64592 | (AppManagerService) . (.Positivo Informática S.A..) - C:\Program Files\Positivo Informática\Positivo Experience\Positivo Experience\MundoPositivoService.exe
SR - | Auto 04/04/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 04/04/2014 109048 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 20/03/2012 45056 | (BatteryManagerSrv) . (.Positivo Informática S.A.) - C:\Program Files\Positivo Informática\Positivo Experience\Positivo Bateria\BatteryManagerService.exe
SR - | Auto 03/03/2010 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 30/10/2013 2838568 | (NielsenUpdate) . (.The Nielsen Company.) - C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe
SR - | Auto 12/11/2009 71096 | (NMSAccessU) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 17/06/2010 237650 | (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\STacSV.exe
SR - | Auto 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 41s

---\\ Scâner Aditional (088)
Database Version : 13044 - (09/04/2014)
Clés trouvées (Keys found) : 5
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 5
Fichiers trouvés (Files found) : 0

[HKLM\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh] =>PUP.Funmoods^
[HKLM\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje] =>PUP.DealPly^
[HKLM\Software\Google\Chrome\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo] =>PUP.ExtendedProtection^
[HKLM\Software\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma] =>PUP.QuickStart^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] =>P2P.µTorrent^
C:\Users\casal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh =>PUP.Funmoods^
C:\Users\casal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje =>PUP.DealPly^
C:\Users\casal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo =>PUP.ExtendedProtection^
C:\Users\casal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma =>PUP.QuickStart^
C:\Program Files\Baidu Security =>Adware.BDSearch^
~ Additionnel Scan: 247055 Items scanned in 02mn 14s

---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Funmoods
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.DealPly
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.ExtendedProtection
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.QuickStart
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
~ MSI: 5 link(s) detected in 00mn 00s

~ 990 Legitimates filtered by white list
End of the scan (515 lines in 06mn 11s)(0)

por **Power Max** Qui 10 Abr 2014, 22:57

Você conhece este programa abaixo?
C:\Program Files\exe\exe.exe
____________________________________________________

baidu - Remover Baidu 772309

Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

baidu - Remover Baidu 772309

Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.

por Rodrig Qui 10 Abr 2014, 23:00

Não conheço,mas tentarei fazer o que pediu.

por Rodrig Qui 10 Abr 2014, 23:11

Rapport de ZHPFix 2014.4.7.2 par Nicolas Coolman, Update du 07/04/2014
Fichier d'export Registre :
Run by casal at 10/04/2014 22:04:33
High Elevated Privileges : OK
Windows 7 Starter Edition, 32-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 04s)
Reparação de atalhos do navegador

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ Temporários windows (5) (308.365 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Recapitulativo ==========
1 : Pastas
2 : Ficheiros
1 : Restauração Sistema

End of clean in 00mn 59s

========== Caminho do ficheiro do relatório ==========
C:\Users\casal\AppData\Roaming\ZHP\ZHPFix[R1].txt - 10/04/2014 17:38:36 [20984]
C:\Users\casal\AppData\Roaming\ZHP\ZHPFix[R2].txt - 10/04/2014 17:38:45 [21141]
C:\Users\casal\AppData\Roaming\ZHP\ZHPFix[R3].txt - 10/04/2014 22:04:37 [936]

por **Power Max** Qui 10 Abr 2014, 23:18

Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e salve-o no Desktop (Área de Trabalho)

Obs: Ao acessar o link acima, clique no botão Download Now 32-Bit Version

*Execute o FRST e aceite o contrato

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Clique [Scan]

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Ao término clique [OK] > [OK]

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Serão criados dois relatórios no Desktop: FRST.txt e Addition.txt

Poste estes dois relatórios em sua próxima resposta. (Obs: se não couber em uma só resposta, pode dividi-la em mais postagens).

por Conteúdo patrocinado

Remover Baidu

Remover Baidu

Re: Remover Baidu

Re: Remover Baidu

Re: Remover Baidu

Re: Remover Baidu

Re: Remover Baidu

Re: Remover Baidu

Re: Remover Baidu

Re: Remover Baidu

Re: Remover Baidu

Re: Remover Baidu

Re: Remover Baidu

Re: Remover Baidu

Re: Remover Baidu

Re: Remover Baidu

Re: Remover Baidu

Re: Remover Baidu

Re: Remover Baidu

Re: Remover Baidu

Re: Remover Baidu

Re: Remover Baidu

Re: Remover Baidu

Re: Remover Baidu

Re: Remover Baidu

Re: Remover Baidu

Re: Remover Baidu

Seg	Ter	Qua	Qui	Sex	Sáb	Dom
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30