istart webssearches abrindo no lugar da pag inicial parte 2

por Cassiano1110 Sáb 05 Abr 2014, 00:52

Pessoal, poderiam me auxiliar!

Também estou com problema nesse maldito istart webssearches abrindo no lugar da pag inicial.

Ele está em minha página inicial. já tentei de tudo e não consigo eliminar.

Obrigado

por **Power Max** Sáb 05 Abr 2014, 08:23

istart webssearches abrindo no lugar da pag inicial parte 2 648673379

Olá Cassiano. Seja bem vindo ao Fórum PC Brasil.

istart webssearches abrindo no lugar da pag inicial parte 2 772309

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

por Cassiano1110 Sáb 05 Abr 2014, 23:29

Olá Power Max, obrigado pela ajuda, segue relatório:

# AdwCleaner v3.023 - Relatório criado 05/04/2014 às 00:58:08
# Atualizado 01/04/2014 por Xplode
# Sistema Operacional : Windows 8.1 Single Language (64 bits)
# Usuário : Cassiano - ISABELA
# Executando de : C:\Users\Cassiano\Downloads\AdwCleaner.exe
# Opção : Examinar

***** [ Serviços ] *****

Serviço Encontrado : 70e6ca8c
Serviço Encontrado : BackupStack
Serviço Encontrado : IePluginService
Serviço Encontrado : NewPlayerUpdaterService
Serviço Encontrado : WajamUpdaterV3
Serviço Encontrado : Wpm

***** [ Arquivos / Pastas ] *****

Arquivo Encontrado : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
Arquivo Encontrado : C:\Users\Cassiano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
Arquivo Encontrado : C:\Users\Cassiano\Desktop\MyPC Backup.lnk
Arquivo Encontrado : C:\Users\Cassiano\Desktop\Optimizer Pro.lnk
Arquivo Encontrado : C:\Users\Public\Desktop\NewPlayer.lnk
Arquivo Encontrado : C:\WINDOWS\System32\Tasks\MySearchDial
Arquivo Encontrado : C:\WINDOWS\Tasks\MySearchDial.job
Pasta Encontrado C:\Program Files (x86)\fst_br_103
Pasta Encontrado C:\Program Files (x86)\MyPC Backup
Pasta Encontrado C:\Program Files (x86)\Mysearchdial
Pasta Encontrado C:\Program Files (x86)\NewPlayer
Pasta Encontrado C:\Program Files (x86)\Optimizer Pro
Pasta Encontrado C:\Program Files (x86)\SupTab
Pasta Encontrado C:\Program Files (x86)\Wajam
Pasta Encontrado C:\ProgramData\baidu
Pasta Encontrado C:\ProgramData\IePluginService
Pasta Encontrado C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer
Pasta Encontrado C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
Pasta Encontrado C:\ProgramData\WPM
Pasta Encontrado C:\Users\Cassiano\AppData\Local\fst_br_103
Pasta Encontrado C:\Users\Cassiano\AppData\Local\lollipop
Pasta Encontrado C:\Users\Cassiano\AppData\Local\NewPlayer
Pasta Encontrado C:\Users\Cassiano\AppData\LocalLow\Mysearchdial
Pasta Encontrado C:\Users\Cassiano\AppData\Roaming\baidu
Pasta Encontrado C:\Users\Cassiano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Pasta Encontrado C:\Users\Cassiano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
Pasta Encontrado C:\Users\Cassiano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Pasta Encontrado C:\Users\Cassiano\AppData\Roaming\Mysearchdial
Pasta Encontrado C:\Users\Cassiano\AppData\Roaming\Optimizer Pro
Pasta Encontrado C:\Users\Cassiano\AppData\Roaming\SupTab
Pasta Encontrado C:\Users\Cassiano\AppData\Roaming\VOPackage
Pasta Encontrado C:\Users\Cassiano\AppData\Roaming\webssearches
Pasta Encontrado C:\Users\Cassiano\Documents\Optimizer Pro

***** [ Atalhos ] *****

Atalho Encontrado : C:\Users\Public\Desktop\Mozilla Firefox.lnk ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )
Atalho Encontrado : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )
Atalho Encontrado : C:\Users\Cassiano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )
Atalho Encontrado : C:\Users\Cassiano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )
Atalho Encontrado : C:\Users\Cassiano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )
Atalho Encontrado : C:\Users\Cassiano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )

***** [ Registro ] *****

Chave Encontrada : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Encontrada : HKCU\Software\AppDataLow\Software\Crossrider
Chave Encontrada : HKCU\Software\InstallCore
Chave Encontrada : HKCU\Software\installedbrowserextensions
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10AD2C61-0898-4348-8600-14A342F22AC3}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10AD2C61-0898-4348-8600-14A342F22AC3}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Chave Encontrada : HKCU\Software\mysearchdial
Chave Encontrada : HKCU\Software\Optimizer Pro
Chave Encontrada : HKCU\Software\Tutorials
Chave Encontrada : HKCU\Software\TutoTag
Chave Encontrada : HKCU\Software\Wajam
Chave Encontrada : [x64] HKCU\Software\InstallCore
Chave Encontrada : [x64] HKCU\Software\installedbrowserextensions
Chave Encontrada : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Encontrada : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Chave Encontrada : [x64] HKCU\Software\mysearchdial
Chave Encontrada : [x64] HKCU\Software\Optimizer Pro
Chave Encontrada : [x64] HKCU\Software\Tutorials
Chave Encontrada : [x64] HKCU\Software\TutoTag
Chave Encontrada : [x64] HKCU\Software\Wajam
Chave Encontrada : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Encontrada : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Chave Encontrada : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Chave Encontrada : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc
Chave Encontrada : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc.1
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Chave Encontrada : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore
Chave Encontrada : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1
Chave Encontrada : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd
Chave Encontrada : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd.1
Chave Encontrada : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr
Chave Encontrada : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr.1
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Encontrada : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Chave Encontrada : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Chave Encontrada : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Chave Encontrada : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Chave Encontrada : HKLM\Software\DealPlyLive
Chave Encontrada : HKLM\Software\free_soft_to_day
Chave Encontrada : HKLM\Software\InstallCore
Chave Encontrada : HKLM\Software\installedbrowserextensions
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fst_br_103_is1
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wpm
Chave Encontrada : HKLM\Software\supTab
Chave Encontrada : HKLM\Software\supWPM
Chave Encontrada : HKLM\Software\Tutorials
Chave Encontrada : HKLM\Software\Wajam
Chave Encontrada : HKLM\Software\webssearchesSoftware
Chave Encontrada : HKLM\Software\Wpm
Chave Encontrada : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Chave Encontrada : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Chave Encontrada : [x64] HKLM\SOFTWARE\installedbrowserextensions
Chave Encontrada : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Encontrada : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Chave Encontrada : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Dados Encontrada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command [(Default)] - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Dados Encontrada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Dados Encontrada : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\OPTIMI~1\OPTPRO~3.DLL
Valor Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Valor Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]
Valor Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [fst_br_103]
Valor Encontrada : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com]

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.16384

Configurações Encontrado : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Configurações Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Configurações Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Configurações Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Configurações Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Configurações Encontrado : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Configurações Encontrado : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Configurações Encontrado : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Configurações Encontrado : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

-\\ Mozilla Firefox v28.0 (pt-BR)

[ Arquivo : C:\Users\Cassiano\AppData\Roaming\Mozilla\Firefox\Profiles\mhzxax0o.default\prefs.js ]

Linha encontrada : user_pref("extensions.crossrider.bic", "1452e1ed376ed7abcc57d4589f292b5e");

*************************

AdwCleaner[R0].txt - [15709 octets] - [05/04/2014 00:58:08]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [15770 octets] ##########

por **Power Max** Dom 06 Abr 2014, 00:57

Faltou você clicar no botão Limpar para que os problemas sejam removidos. Execute novamente o AdwCleaner > clique em Examinar > Depois que o exame terminar, clique em Limpar. Depois disto poste o novo relatório que ele irá criar.

por Cassiano1110 Seg 07 Abr 2014, 10:57

# AdwCleaner v3.023 - Relatório criado 05/04/2014 às 00:58:52
# Atualizado 01/04/2014 por Xplode
# Sistema Operacional : Windows 8.1 Single Language (64 bits)
# Usuário : Cassiano - ISABELA
# Executando de : C:\Users\Cassiano\Downloads\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

Serviço Deletada : 70e6ca8c
[#] Serviço Deletada : BackupStack
Serviço Deletada : IePluginService
Serviço Deletada : NewPlayerUpdaterService
Serviço Deletada : WajamUpdaterV3
Serviço Deletada : Wpm

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\IePluginService
Pasta Deletada : C:\ProgramData\WPM
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
Pasta Deletada : C:\Program Files (x86)\MyPC Backup
Pasta Deletada : C:\Program Files (x86)\Mysearchdial
Pasta Deletada : C:\Program Files (x86)\NewPlayer
Pasta Deletada : C:\Program Files (x86)\Optimizer Pro
Pasta Deletada : C:\Program Files (x86)\SupTab
Pasta Deletada : C:\Program Files (x86)\Wajam
Pasta Deletada : C:\Program Files (x86)\fst_br_103
Pasta Deletada : C:\Users\Cassiano\AppData\Local\lollipop
Pasta Deletada : C:\Users\Cassiano\AppData\Local\NewPlayer
Pasta Deletada : C:\Users\Cassiano\AppData\Local\fst_br_103
Pasta Deletada : C:\Users\Cassiano\AppData\LocalLow\Mysearchdial
Pasta Deletada : C:\Users\Cassiano\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Cassiano\AppData\Roaming\Mysearchdial
Pasta Deletada : C:\Users\Cassiano\AppData\Roaming\Optimizer Pro
Pasta Deletada : C:\Users\Cassiano\AppData\Roaming\SupTab
Pasta Deletada : C:\Users\Cassiano\AppData\Roaming\VOPackage
Pasta Deletada : C:\Users\Cassiano\AppData\Roaming\webssearches
Pasta Deletada : C:\Users\Cassiano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Pasta Deletada : C:\Users\Cassiano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
Pasta Deletada : C:\Users\Cassiano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Pasta Deletada : C:\Users\Cassiano\Documents\Optimizer Pro
Arquivo Deletada : C:\Users\Public\Desktop\NewPlayer.lnk
Arquivo Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
Arquivo Deletada : C:\Users\Cassiano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
Arquivo Deletada : C:\Users\Cassiano\Desktop\MyPC Backup.lnk
Arquivo Deletada : C:\Users\Cassiano\Desktop\Optimizer Pro.lnk
Arquivo Deletada : C:\WINDOWS\Tasks\MySearchDial.job
Arquivo Deletada : C:\WINDOWS\System32\Tasks\MySearchDial

***** [ Atalhos ] *****

Atalho Desinfectada : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Atalho Desinfectada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Atalho Desinfectada : C:\Users\Cassiano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Atalho Desinfectada : C:\Users\Cassiano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Atalho Desinfectada : C:\Users\Cassiano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Atalho Desinfectada : C:\Users\Cassiano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registro ] *****

Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com]
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc.1
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd.1
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr.1
Chave Deletedo : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Chave Deletedo : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Chave Deletedo : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [fst_br_103]
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10AD2C61-0898-4348-8600-14A342F22AC3}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10AD2C61-0898-4348-8600-14A342F22AC3}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\installedbrowserextensions
Chave Deletedo : HKCU\Software\mysearchdial
Chave Deletedo : HKCU\Software\Optimizer Pro
Chave Deletedo : HKCU\Software\Tutorials
Chave Deletedo : HKCU\Software\TutoTag
Chave Deletedo : HKCU\Software\Wajam
Chave Deletedo : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Deletedo : HKCU\Software\AppDataLow\Software\Crossrider
Chave Deletedo : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Deletedo : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Chave Deletedo : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Chave Deletedo : HKLM\Software\DealPlyLive
Chave Deletedo : HKLM\Software\free_soft_to_day
Chave Deletedo : HKLM\Software\InstallCore
Chave Deletedo : HKLM\Software\installedbrowserextensions
Chave Deletedo : HKLM\Software\supTab
Chave Deletedo : HKLM\Software\supWPM
Chave Deletedo : HKLM\Software\Tutorials
Chave Deletedo : HKLM\Software\Wajam
Chave Deletedo : HKLM\Software\webssearchesSoftware
Chave Deletedo : HKLM\Software\Wpm
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wpm
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fst_br_103_is1
Chave Deletedo : [x64] HKLM\SOFTWARE\installedbrowserextensions
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Dados Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\OPTIMI~1\OPTPRO~3.DLL

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.16384

Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v28.0 (pt-BR)

[ Arquivo : C:\Users\Cassiano\AppData\Roaming\Mozilla\Firefox\Profiles\mhzxax0o.default\prefs.js ]

Linha deletada : user_pref("extensions.crossrider.bic", "1452e1ed376ed7abcc57d4589f292b5e");

*************************

AdwCleaner[R0].txt - [15931 octets] - [05/04/2014 00:58:08]
AdwCleaner[S0].txt - [12940 octets] - [05/04/2014 00:58:52]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13001 octets] ##########

por Cassiano1110 Seg 07 Abr 2014, 10:59

Agora o problema está em propagandas indesejadas que aparecem nas páginas do meu navegador. Já removi mas continuam aparecendo.

Obrigado por enquanto.

por **Power Max** Seg 07 Abr 2014, 11:19

Desative temporariamente seu antivírus para evitar conflitos.

Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

por Cassiano1110 Seg 07 Abr 2014, 23:01

Depois de feito o download aparece uma mensagem dizendo:

esse programa não pode ser executado pelo seu computador, procure com o fabricante uma versão para o seu PC.

por Cassiano1110 Seg 07 Abr 2014, 23:23

Oi Max, esqueci de comentar. a Hora em que eu fiz o download, esqueci de desligar o antivírus e ele detectou um cavalo de tróia.

por Cassiano1110 Seg 07 Abr 2014, 23:45

Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by Cassiano on 07/04/2014 at 23:32:01,36.
Microsoft Windows 8.1 Single Language 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Cassiano\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

07/04/2014 23:32:35 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-4032315922-2193373217-1692392771-1001\Software\Microsoft\Internet Explorer\SearchScopes\{EE4BE2F3-3BA2-4E5A-9A3F-02149E39BBBB} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

ProfilePath: C:\Users\Cassiano\AppData\Roaming\Mozilla\Firefox\Profiles\mhzxax0o.default

user.js not found
---- Lines crossrider removed from prefs.js ----
user_pref("extensions.crossrider.bic", "145302abd4be0311554e86a0f2f9b2e0");
---- Lines aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256 removed from prefs.js ----
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.aa69a8c34f1034384bb0361e6f2997d075273998bc268422
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.aa69a8c34f1034384bb0361e6f2997d075273998bc268422
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.active", true);
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.addressbar", "NA");
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.addressbarenhanced", "");
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.asyncdb.was_copied", "true");
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.asyncdb_dbWasSet", true);
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.asyncdb_dbWasSet_FF25_FIX", true);
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.asyncinternaldb.was_copied", "true");
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.asyncinternaldb_dbWasSet", true);
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.asyncinternaldb_dbWasSet_FF25_FIX", true);
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.backgroundver", 1);
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.certdomaininstaller", "");
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.changeprevious", false);
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.cookie.InstallationTime.expiration", "Fri Feb 01
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.cookie.InstallationTime.value", "%221396637609%2
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.cookie.InstallerParams.expiration", "Fri Feb 01
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.cookie.InstallerParams.value", "%7B%22source_id%
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.cookie.jw_token.expiration", "Fri Feb 01 2030 00
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.cookie.jw_token.value", "%22cbdb3966-9641-0e96-7
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.description", "Feven Shopping Companion");
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.domain", "");
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.enablesearch", false);
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.homepage", "");
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.iframe", false);
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.InstallationThankYouPage", false);
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.InstallationTime", 1396637609);
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.__defualt_browser__.expiration", "Fri
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.__defualt_browser__.value", "%22ff%22
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.installer.expiration", "Fri Feb 01 20
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.installer.value", "%7B%22InstallerIde
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.InstallerIdentifiers.expiration", "Fr
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.InstallerIdentifiers.value", "%7B%22i
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.InstallerParams.expiration", "Fri Feb
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.InstallerParams.value", "%7B%22source
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.InstallerParamsCache.expiration", "Fr
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.InstallerParamsCache.value", "%7B%22s
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.InstallerUserIdentifiersCache.expirat
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.InstallerUserIdentifiersCache.value",
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.monetization_plugin_bundledUrls.expir
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.monetization_plugin_bundledUrls.value
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.monetization_plugin_bundledWithHash.e
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.monetization_plugin_bundledWithHash.v
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.monetization_plugin_last_executable_r
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.monetization_plugin_last_executable_r
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.monetization_plugin_notBundledArr_.ex
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.monetization_plugin_notBundledArr_.va
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.Resources_appVer.expiration", "Fri Fe
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.Resources_appVer.value", "14");
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.Resources_lastVersion.expiration", "F
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.Resources_lastVersion.value", "1");
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.Resources_meta.expiration", "Fri Feb
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.Resources_meta.value", "%7B%7D");
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.Resources_nextCheck.expiration", "Tue
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.Resources_queue.expiration", "Fri Feb
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.Resources_remote_resources.expiration
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.internaldb.Resources_remote_resources.value", "%
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.lastDailyReport", "1396923494397");
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.lastUpdate", "1396923473015");
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.manifesturl", "");
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.name", "Freeven Pro 1.4");
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.newtab", "");
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.opensearch", "");
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.pluginsurl", "http://js.clientdataservice.com/pl
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.pluginsversion", 10);
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.publisher", "Freeven");
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.searchstatus", 0);
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.setnewtab", false);
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.thankyou", "");
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.updateinterval", 360);
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.54256.ver", 14);
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.apps", "54256");
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.bic", "145302abd4be0311554e86a0f2f9b2e0");
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.cid", 54256);
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.FilesValidatorDueTime", "1396923491852");
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.firstrun", false);
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.hadappinstalled", true);
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.installationdate", 1396834110);
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.modetype", "production");
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.reportInstall", true);
user_pref("extensions.aa69a8c34f1034384bb0361e6f2997d075273998bc268422eb0ea5c8e02755d20com54256.statsDailyCounter", 4);
---- Lines aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246 removed from prefs.js ----
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.active", true);
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.addressbar", "NA");
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.addressbarenhanced", "");
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.asyncdb.was_copied", "true");
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.asyncdb_dbWasSet", true);
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.asyncdb_dbWasSet_FF25_FIX", true);
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.asyncinternaldb.was_copied", "true");
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.asyncinternaldb_dbWasSet", true);
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.asyncinternaldb_dbWasSet_FF25_FIX", true);
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.backgroundver", 1);
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.certdomaininstaller", "");
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.changeprevious", false);
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.cookie.InstallationTime.expiration", "Fri Feb 01
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.cookie.InstallationTime.value", "%221396638131%2
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.cookie.InstallerParams.expiration", "Fri Feb 01
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.cookie.InstallerParams.value", "%7B%22source_id%
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.description", "MediaPlayerEnhance Extension");
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.domain", "");
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.enablesearch", false);
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.homepage", "");
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.iframe", false);
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.InstallationThankYouPage", false);
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.InstallationTime", 1396638131);
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.__defualt_browser__.expiration", "Fri
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.__defualt_browser__.value", "%22ff%22
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.installer.expiration", "Fri Feb 01 20
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.installer.value", "%7B%22InstallerIde
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.InstallerIdentifiers.expiration", "Fr
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.InstallerIdentifiers.value", "%7B%22i
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.InstallerParams.expiration", "Fri Feb
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.InstallerParams.value", "%7B%22source
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.InstallerParamsCache.expiration", "Fr
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.InstallerParamsCache.value", "%7B%22s
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.InstallerUserIdentifiersCache.expirat
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.InstallerUserIdentifiersCache.value",
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.monetization_plugin_bundledUrls.expir
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.monetization_plugin_bundledUrls.value
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.monetization_plugin_bundledWithHash.e
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.monetization_plugin_bundledWithHash.v
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.monetization_plugin_last_executable_r
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.monetization_plugin_last_executable_r
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.monetization_plugin_notBundledArr_.ex
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.monetization_plugin_notBundledArr_.va
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.Resources_appVer.expiration", "Fri Fe
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.Resources_appVer.value", "20");
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.Resources_lastVersion.expiration", "F
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.Resources_lastVersion.value", "1");
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.Resources_meta.expiration", "Fri Feb
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.Resources_meta.value", "%7B%7D");
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.Resources_nextCheck.expiration", "Tue
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.Resources_queue.expiration", "Fri Feb
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.Resources_remote_resources.expiration
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.Resources_remote_resources.value", "%
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.lastDailyReport", "1396923492285");
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.lastUpdate", "1396923472974");
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.manifesturl", "");
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.name", "MediaPlayerplus");
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.newtab", "");
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.opensearch", "");
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.pluginsurl", "http://js.clientdataservice.com/pl
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.pluginsversion", 16);
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.publisher", "Freeven");
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.searchstatus", 0);
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.setnewtab", false);
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.thankyou", "");
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.updateinterval", 360);
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.ver", 20);
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.apps", "54246");
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.bic", "145302abd4be0311554e86a0f2f9b2e0");
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.cid", 54246);
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.FilesValidatorDueTime", "1396923490910");
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.firstrun", false);
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.hadappinstalled", true);
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.installationdate", 1396717567);
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.modetype", "production");
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.reportInstall", true);
user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.statsDailyCounter", 6);
---- FireFox user.js and prefs.js backups ----

prefs_042014_2338_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\webssearches.xml deleted
C:\PROGRA~3\FileSplitUpLoad.dll deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Cassiano\AppData\Local\nsa1D35.tmp deleted
C:\Users\Cassiano\AppData\Roaming\Mozilla\Firefox\Profiles\mhzxax0o.default\extensions\a69a8c34-f103-4384-bb03-61e6f2997d07@5273998b-c268-422e-b0ea-5c8e02755d20.com deleted
C:\Users\Cassiano\AppData\Roaming\Mozilla\Firefox\Profiles\mhzxax0o.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com deleted

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Cassiano\AppData\Roaming\Mozilla\Firefox\Profiles\mhzxax0o.default
18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013
95812430959AE88CDD0301AB3A71913B - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll - Shockwave Flash

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.com.br/"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://google.com.br/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

Nothing found to reset

==== shortcuts on Users Desktops ======================

C:\Users\Cassiano\Desktop\Continue Installation.lnk - C:\Users\Cassiano\AppData\Local\Temp\instruct.exe
C:\Users\Cassiano\Desktop\Continue Skype.lnk - C:\Users\Cassiano\Downloads\Skype.exe
C:\Users\Cassiano\Desktop\Continue VuuPC Installation.lnk - C:\Users\Cassiano\AppData\Local\Temp\ICReinstall_nsl7E98.tmp /RR
C:\Users\Cassiano\Desktop\Cyberlink Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
C:\Users\Cassiano\Desktop\Sync Folder.lnk - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe opensync
C:\Users\Default\Desktop\Cyberlink Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
C:\Users\Default User\Desktop\Cyberlink Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
C:\Users\USURIO~1\Desktop\Cyberlink Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Guia de Usuário.lnk -
C:\Users\Public\Desktop\Intel AppUp(SM) center.lnk - C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.exe --domain F0399437-FD0C-4A48-B101-F0314A6172E4
C:\Users\Public\Desktop\Lenovo PowerDVD 10.lnk - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVDLaunchPolicy.exe
C:\Users\Public\Desktop\Lenovo Solution Center.lnk - C:\Program Files (x86)\Lenovo\Lenovo Solution Center\LSC.exe
C:\Users\Public\Desktop\Lenovo YouCam.lnk - C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe
C:\Users\Public\Desktop\McAfee Internet Security.lnk - C:\Program Files (x86)\mcafee.com\agent\mcagent.exe /desktopicon /platui
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\OneKey Recovery.lnk - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\OneKey Recovery.exe
C:\Users\Public\Desktop\Skype.lnk - C:\WINDOWS\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Cassiano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Cassiano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Ajuda Online de Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Language\Ptb\Power2Go.chm
C:\Users\Cassiano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Leia-me.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Language\Ptb\Readme.htm
C:\Users\Cassiano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Power2Go Express.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2GoExpress.exe
C:\Users\Cassiano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free_soft_to_day\Freesofttoday.lnk - C:\Program Files (x86)\fst_br_103\freeSoftToday_widget.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee\McAfee Internet Security.lnk - C:\Program Files (x86)\mcafee.com\agent\mcagent.exe /desktopicon /platui
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\MSACCESS.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Enviar para o OneNote 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\EXCEL.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\ONENOTE.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\OUTLOOK.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\POWERPNT.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\MSPUB.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\WINWORD.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Office 2013 Upload Center.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\MSOUC.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Preferências de Idioma do Office 2013.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype para a área de trabalho.lnk -

==== shortcuts in Quick Launch ======================

C:\Users\Cassiano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Cassiano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Cassiano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Cassiano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\Cassiano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Cassiano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Cassiano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\UserGuide.lnk - C:\Program Files (x86)\Lenovo\UserGuide\UserGuide.exe
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DMUninstaller deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Cassiano\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Cassiano\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Cassiano\AppData\Local\Mozilla\Firefox\Profiles\mhzxax0o.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=220 folders=35 104257353 bytes)

==== Empty Temp Folders ======================

C:\Users\Cassiano\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Cassiano\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 07/04/2014 at 23:41:37,97 ======================

por **Power Max** Ter 08 Abr 2014, 00:09

Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

por Cassiano1110 Ter 08 Abr 2014, 00:56

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 Single Language x64
Ran by Cassiano on 08/04/2014 at 0:45:30,67
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4032315922-2193373217-1692392771-1001\Software\wajam
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu

~~~ Files

~~~ Folders

~~~ FireFox

Successfully deleted the following from C:\Users\Cassiano\AppData\Roaming\mozilla\firefox\profiles\mhzxax0o.default\prefs.js

user_pref("extensions.crossrider.bic", "1453f38691eb876daeec6e425e330cbc");

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08/04/2014 at 0:52:56,19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

por Cassiano1110 Ter 08 Abr 2014, 00:57

Bom dia Max, ainda aparece um monte de anúncio fake.

Me ajuda por favor, rsrsrs

por **Power Max** Ter 08 Abr 2014, 01:00

Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.

|- Execute o ícone do pergaminho. ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

por Cassiano1110 Ter 08 Abr 2014, 01:10

~ Relatório do ZHPDiag v2014.4.7.7 - Nicolas Coolman (07/04/2014)
~ Iniciado por Cassiano (08/04/2014 01:05:25)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program

---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.16521
MFIE: Mozilla Firefox 28.0 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8.1 Single Language, 64-bit (Build 9600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
McAfee Internet Security v12.8.934
Windows Defender W8

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3993 MB (45% free)
System Restore: Activé (Enable)
System drive C: has 864 GB (97%) free of 891 GB

---\\ Modo de conexão ao sistema
~ Computer Name: ISABELA
~ User Name: Cassiano
~ All Users Names: HomeGroupUser$, Convidado, Cassiano, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Cassiano\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Cassiano\AppData\Roaming\
~ %Desktop% : C:\Users\Cassiano\Desktop\
~ %Favorites% : C:\Users\Cassiano\Favorites\
~ %LocalAppData% : C:\Users\Cassiano\AppData\Local\
~ %StartMenu% : C:\Users\Cassiano\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 864 Go of 891 Go)
D: Hard drive, Flash drive, Thumb drive (Free 22 Go of 25 Go)
E: CD-ROM drive (Not Inserted)

---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s

---\\ Pesquisa particular de ficheiros genéricos
[MD5.63DC38C3E4564B2405D562855643ABA2] - (.Microsoft Corporation - Windows Explorer.) (.14/11/2013 - 04:26:30.) -- C:\Windows\Explorer.exe [2328872]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.22/08/2013 - 06:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.DF79CE9B950C62677D232154E93A81C7] - (.Microsoft Corporation - Internet Extensions para Win32.) (.01/03/2014 - 00:10:28.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.7C94FDA3809015B8F2208D2E1C221F17] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.22/08/2013 - 06:55:08.) -- C:\Windows\System32\Winlogon.exe [564736]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/12/2013 - 05:54:07.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.239268BAB58EAE9A3FF4E08334C00451] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\AFD.sys [567296]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 09:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 08:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 05:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.5DB26D7E0216D0BF364A81D3829AD7B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.22/08/2013 - 08:38:00.) -- C:\Windows\system32\Drivers\DfsC.sys [134656]
[MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.22/08/2013 - 08:38:38.) -- C:\Windows\system32\Drivers\HDAudBus.sys [78336]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Driver de porta i8042.) (.22/08/2013 - 08:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.27/11/2013 - 09:02:29.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.79B6F3DF7CDFD12159871FF71464F0CE] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.23/11/2013 - 04:08:19.) -- C:\Windows\system32\Drivers\MRxSmb.sys [403456]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 08:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.4412D565C0278C401575E11072C7DCE3] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.22/08/2013 - 10:25:41.) -- C:\Windows\system32\Drivers\ntfs.sys [2011488]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Driver de porta paralela.) (.22/08/2013 - 08:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 08:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Microsoft.) (.14/11/2013 - 04:15:38.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.C85C075DE5B6D0FE116043054DE8EE02] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.31/01/2014 - 13:15:23.) -- C:\Windows\system32\Drivers\volsnap.sys [311640]
~ Generic Processes: Scanned in 00mn 01s

---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/318
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 1/8
~ Mon Bureau (My Desktop) : 2/14
~ Menu demarrer (Programs) : 1/26
~ Hidden Files: Scanned in 00mn 00s

---\\ Processos lançados
[MD5.C2513AEB3F326B8811E2A37C9A7F930B] - (.CyberLink Corp. - CyberLink YouCam Tray.) -- C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464] [PID.4004]
[MD5.B7995C675014EEBE77A0BEB7AFCCFC08] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432] [PID.1712]
[MD5.D342CD9148D4F9BC75304C658D52C25E] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192] [PID.4092]
[MD5.8E556A72D54F7E3B7844AB9217F02DD7] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.6360]
[MD5.CBA0013EBDE3F0B08B043F61857E9809] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.528]
[MD5.7AD5A2F4C89FD26E27EA52396E770038] - (.Adobe Systems, Inc. - Adobe Flash Player 12.0 r0.) -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe [1863560] [PID.6420]
[MD5.D766050F35AACD0D41A696B5EDA38FA9] - (.Adobe Systems Inc. - Adobe AIR Installer.) -- c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe [104064] [PID.0]
[MD5.F38B1A524D978B0734C807C1831E647B] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8187392] [PID.5264]
~ Processes Running: Scanned in 00mn 00s

---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
M0 - MFSP: prefs.js [Cassiano - mhzxax0o.default] [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- C:\Program Files\mcafee\msc\npMcSnFFPl64.dll
~ Firefox Browser: 3 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ IE Browser: 16 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 19

---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Guia de Usuário.lnk . (.Lenovo - UserGuide.) -- C:\Program Files (x86)\Lenovo\UserGuide\UserGuide.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Desktop.lnk - Chave orfã
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [Cassiano]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Cassiano]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Cassiano]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar [Cassiano]: UserGuide.lnk . (.Lenovo - UserGuide.) -- C:\Program Files (x86)\Lenovo\UserGuide\UserGuide.exe
O4 - GS\Program [Cassiano]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Cassiano]: Continue Installation.lnk . (...) -- C:\Users\Cassiano\AppData\Local\Temp\instruct.exe (.not file.)
O4 - GS\Desktop [Cassiano]: Continue VuuPC Installation.lnk . (...) -- C:\Users\Cassiano\AppData\Local\Temp\ICReinstall_nsl7E98.tmp \RR (.not file.) =>PUP.VuuPC
O4 - GS\Desktop [Cassiano]: Sync Folder.lnk . (...) -- C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (.not file.) =>PUP.MyPCBackup
~ Global Startup: 46 Legitimates Filtered in 00mn 03s

---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe (.not file.)
O4 - HKLM\..\Run: [RtsFT] . (.Realtek semiconductor - RTFTrack.) -- C:\Windows\RTFTrack.exe
O4 - HKLM\..\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Run: [cAudioFilterAgent] . (.Conexant Systems, Inc. - Conexant High Definition Audio Filter Agent.) -- C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
O4 - HKLM\..\Run: [SmartAudio] . (.Conexant Systems, Inc. - SmartAudio CPL (32bit).) -- C:\Program Files\CONEXANT\SAII\SACpl.exe
O4 - HKLM\..\Run: [BTMTrayAgent] . (.Motorola Solutions, Inc. - Bluetooth Shell Extension.) -- C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll
O4 - HKLM\..\Run: [Energy Management] . (.Lenovo (Beijing) Limited - Lenovo Energy Management Software 8.0.) -- C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
O4 - HKLM\..\Run: [EnergyUtility] . (.Lenovo(beijing) Limited - Lenovo Battery Management Software Ver 8.0.) -- C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [PriceMeterW] C:\Users\Cassiano\AppData\Local\PriceMeter\pricemeterw.exe (.not file.) =>PUP.PriceMeter
O4 - HKLM\..\Wow6432Node\Run: [YouCam Tray] . (.CyberLink Corp. - CyberLink YouCam Tray.) -- C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateP2GShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Wow6432Node\Run: [Intel AppUp(SM) center] . (.Intel Corporation - Intel Services Manager.) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
O4 - HKLM\..\Wow6432Node\Run: [mcpltui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKUS\S-1-5-21-4032315922-2193373217-1692392771-1001\..\Run: [PriceMeterW] C:\Users\Cassiano\AppData\Local\PriceMeter\pricemeterw.exe (.not file.) =>PUP.PriceMeter
~ Application: Scanned in 00mn 00s

---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A04BF866-7F07-416F-B539-78A71BB0817D}: DhcpNameServer = 189.4.0.152 189.4.0.157
O17 - HKLM\System\CS1\Services\Tcpip\..\{A04BF866-7F07-416F-B539-78A71BB0817D}: DhcpNameServer = 189.4.0.152 189.4.0.157
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 189.4.0.152 189.4.0.157
~ Domain: Scanned in 00mn 00s

---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s

---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: PriceMeterLiveUpdate Service (pricemeterliveUpdate) (pricemeterliveUpdate) . (.PriceMeter - PriceMeterLiveUpdate Update.) - C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe =>PUP.PriceMeter
O23 - Service: Service Component of VO (vosr) . (...) - C:\Users\Cassiano\AppData\Roaming\VOPackage\VOsrv.exe (.not file.) =>Adware.Downware
O23 - Service: xmkysecqun64 (xmkysecqun64) . (...) - C:\Program Files\003\xmkysecqun64.exe
~ Services: 28 Legitimates Filtered in 00mn 06s

---\\ Tarefas planificadas automaticamente (039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\a4e5f75f-8407-47aa-84e9-6411e0afa4e1-1.job [1386]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\a4e5f75f-8407-47aa-84e9-6411e0afa4e1-3.job [2804]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\a4e5f75f-8407-47aa-84e9-6411e0afa4e1-4.job [2138]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-1.job [1452]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-3.job [3148]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-4.job [2212]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job [982] =>PUP.PriceMeter
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job [986] =>PUP.PriceMeter
[MD5.66B13A8391DC2664C3B3A7E685C9F4EE] [APT] [a4e5f75f-8407-47aa-84e9-6411e0afa4e1-1] (.Freeven.) -- C:\Program Files (x86)\Freeven Pro 1.4\Freeven Pro 1.4-codedownloader.exe [477696]
[MD5.9B7927E8BBBE0FA4CD99613FEBDE7F81] [APT] [a4e5f75f-8407-47aa-84e9-6411e0afa4e1-3] (.Freeven.) -- C:\Program Files (x86)\Freeven Pro 1.4\a4e5f75f-8407-47aa-84e9-6411e0afa4e1-3.exe [1861120]
[MD5.73239C390A190EFDAE42401D5FD7F18F] [APT] [a4e5f75f-8407-47aa-84e9-6411e0afa4e1-4] (.Freeven.) -- C:\Program Files (x86)\Freeven Pro 1.4\a4e5f75f-8407-47aa-84e9-6411e0afa4e1-4.exe [796672]
[MD5.35BF8DEAB77CD002F143BE617B4555C3] [APT] [b8e2dbf6-f651-4529-84b2-6113f5365cc5-1] (.Freeven.) -- C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe [477696]
[MD5.5C62D17BF8D78E06FA7C2AE921D02C5B] [APT] [b8e2dbf6-f651-4529-84b2-6113f5365cc5-3] (.Freeven.) -- C:\Program Files (x86)\MediaPlayerplus\b8e2dbf6-f651-4529-84b2-6113f5365cc5-3.exe [1861120]
[MD5.8A31B9C0B2D2D303B9D5B3AADAB85296] [APT] [b8e2dbf6-f651-4529-84b2-6113f5365cc5-4] (.Freeven.) -- C:\Program Files (x86)\MediaPlayerplus\b8e2dbf6-f651-4529-84b2-6113f5365cc5-4.exe [796672]
[MD5.00000000000000000000000000000000] [APT] [pricemeterdownloader] (...) -- C:\Users\Cassiano\AppData\Local\PriceMeter\pricemeterd.exe (.not file.) [0] =>PUP.PriceMeter
[MD5.3D8B851E7EFCDC130E4B301BDDE10099] [APT] [PriceMeterLiveUpdateUpdateTaskMachineCore] (.PriceMeter.) -- C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe [150504] =>PUP.PriceMeter
[MD5.3D8B851E7EFCDC130E4B301BDDE10099] [APT] [PriceMeterLiveUpdateUpdateTaskMachineUA] (.PriceMeter.) -- C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe [150504] =>PUP.PriceMeter
~ Scheduled Task: 31 Legitimates Filtered in 00mn 06s

---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (Bfilter) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\WINDOWS\system32\drivers\Bfilter.sys
O41 - Driver: (Bfmon) . (.Baidu, Inc. - Baidu FS Monitor Driver.) - C:\WINDOWS\system32\drivers\Bfmon.sys =>Adware.BDSearch
O41 - Driver: (Bprotect) . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - C:\WINDOWS\system32\drivers\Bprotect.sys
~ Drivers: 38 Legitimates Filtered in 00mn 00s

---\\ Software instalados (042)
O42 - Logiciel: Download & Install Packages - (...) [HKCU][64Bits] -- Download & Install Packages
O42 - Logiciel: Freeven Pro 1.4 - (.Freeven.) [HKLM][64Bits] -- Freeven Pro 1.4
O42 - Logiciel: NewPlayer - (...) [HKLM][64Bits] -- NewPlayer
~ Logic: 35 Legitimates Filtered in 00mn 00s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\AnyProtect] =>PUP.AnyProtect
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\Download4windows]
[HKLM\Software\Baidu Security] =>Adware.BDSearch
[HKLM\Software\LevelQualityWatcher] =>PUP.LevelQualityWatcher
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\SupraSavings] =>PUP.SupraSavings
[HKLM\Software\suprasavings] =>PUP.SupraSavings
~ Key Software: 197 Legitimates Filtered in 00mn 00s

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 04/04/2014 - 16:45:09 - [0] ----D C:\Program Files (x86)\Baidu Security =>Adware.BDSearch
O43 - CFD: 04/04/2014 - 15:54:16 - [6,130] ----D C:\Program Files (x86)\Freeven Pro 1.4
O43 - CFD: 04/04/2014 - 16:09:25 - [0,045] ----D C:\Program Files (x86)\Uninstaller
O43 - CFD: 03/04/2014 - 22:45:59 - [0,015] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 03/04/2014 - 22:42:32 - [1,063] ----D C:\Users\Cassiano\AppData\Roaming\0D1F2W1G1I1F1T1QyE2W1L1G1Q1F2W1B
O43 - CFD: 04/04/2014 - 16:09:05 - [0,001] ----D C:\Users\Cassiano\AppData\Local\com
~ Program Folder: 110 Legitimates Filtered in 00mn 11s

---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.C7316D0F26440BE825BDE818E58CF899] - 03/04/2014 - 09:20:05 --HA- . (...) -- C:\Windows\modules.log [112434]
O44 - LFC:[MD5.691EF5966CE866B766CE00BECFCFA589] - 03/04/2014 - 17:14:52 ---A- . (...) -- C:\Windows\System32\Drivers\mfencbdc.inf [5442]
O44 - LFC:[MD5.12F0F8D3F84FAB8F31D073286FE131CB] - 03/04/2014 - 17:14:52 ---A- . (...) -- C:\Windows\System32\Drivers\mfencrk.inf [2641]
O44 - LFC:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 03/04/2014 - 22:45:58 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032]
O44 - LFC:[MD5.DFC1681F6645CB2AEA83897588F05362] - 03/04/2014 - 22:45:59 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624] =>Adware.BDSearch
O44 - LFC:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 03/04/2014 - 22:46:00 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992]
O44 - LFC:[MD5.8FF6C498C08FFB65CA6B586C0E5DBE7F] - 04/04/2014 - 10:04:02 ---A- . (...) -- C:\Windows\CalibriL.tt2 [758196]
O44 - LFC:[MD5.3567D339A4859211316D2894F44EE97E] - 04/04/2014 - 10:04:03 ---A- . (...) -- C:\Windows\CalibriLI.tt2 [868464]
O44 - LFC:[MD5.F351D7DBE9B7E9640BC0184AA8870F66] - 04/04/2014 - 14:56:48 ---A- . (...) -- C:\Windows\WindowsUpdate (1).log [1224194]
O44 - LFC:[MD5.D045550114244A8A2EDD5897514F1C11] - 04/04/2014 - 15:15:17 ---A- . (...) -- C:\Windows\DtcInstall.log [4893]
O44 - LFC:[MD5.4C586CBFFF17C038F7CB238CBE41D794] - 04/04/2014 - 15:26:02 ---A- . (...) -- C:\Windows\System32\emptyregdb.dat [22956]
O44 - LFC:[MD5.7B1A90B69A1C8EBEC37AC3D5934BB8C9] - 04/04/2014 - 15:26:19 ---A- . (...) -- C:\Windows\comsetup.log [6578]
O44 - LFC:[MD5.81DD33EC695AB90466031CF430CFA1BD] - 04/04/2014 - 15:26:20 ---A- . (...) -- C:\Windows\diagerr.xml [20958]
O44 - LFC:[MD5.81DD33EC695AB90466031CF430CFA1BD] - 04/04/2014 - 15:26:20 ---A- . (...) -- C:\Windows\diagwrn.xml [20958]
O44 - LFC:[MD5.2100B28C34C4FCE916A4A61F58E31198] - 05/04/2014 - 19:08:32 ---A- . (...) -- C:\Windows\System32\connectedsearch-results.searchconnector-ms [9701]
O44 - LFC:[MD5.110BE5198A63D3FF3CE9C30F1DC12EC3] - 05/04/2014 - 19:10:03 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [386722]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 07/04/2014 - 23:31:51 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.0F70AC7F8C8FE7E17DC23E97DFC8FEFD] - 07/04/2014 - 23:41:37 ---A- . (...) -- C:\zoek-results.log [37746]
O44 - LFC:[MD5.D6528497A77519B74DE4C834D9213D77] - 07/04/2014 - 23:48:08 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [159030]
O44 - LFC:[MD5.B8EF9FFA42CFC6C14F69D26AD3DAE758] - 07/04/2014 - 23:48:08 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [775938]
~ Files: 183 Legitimates Filtered in 01mn 33s

---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 21 Legitimates Filtered in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s

---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.5451A638FACAA57F2F179837BC29A543] - 11/04/2013 - 01:13:20 ---A- . (.Windows (R) Win 7 DDK provider - Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapt.) -- C:\Windows\System32\Drivers\AmpPal.sys [165344]
O58 - SDL:[MD5.C1ABB0F7E3BEA48A0417BDF6FF14AB21] - 12/08/2013 - 20:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 21/01/2014 - 11:14:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032]
O58 - SDL:[MD5.DFC1681F6645CB2AEA83897588F05362] - 21/01/2014 - 11:14:50 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624] =>Adware.BDSearch
O58 - SDL:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992]
O58 - SDL:[MD5.9CBBFB1953562BCAE1B1F351F17E32D8] - 27/02/2013 - 03:44:24 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys [355664]
O58 - SDL:[MD5.366DEA74BBA65B362BCCFC6FC2ADFD8B] - 22/08/2013 - 09:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
~ Drivers: 21 Legitimates Filtered in 00mn 03s

---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s

---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "11C6590D06F0EF3499DA25E4384317BB" . (.Energy Management.) -- C:\WINDOWS\Installer\{D0956C11-0F60-43FE-99AD-524E833471BB}\ARPPRODUCTICON.exe
O90 - PUC: "421D4F645E0221D4EB25CE71A7A7B424" . (.OneKey Recovery.) -- C:\WINDOWS\Installer\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\ARPPRODUCTICON.exe
O90 - PUC: "8FC2C70F35C43CE418266A22E163BE88" . (.Guia de Usuário.) -- C:\WINDOWS\Installer\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}\ARPPRODUCTICON.exe
~ Update Products: 26 Legitimates Filtered in 00mn 00s

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 04/04/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 25/01/2014 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 26/01/2012 332080 | (McAWFwk) . (.McAfee, Inc..) - C:\Program Files\mcafee\msc\McAWFwk.exe
SS - | Demand 02/08/2013 602944 | (McODS) . (.McAfee, Inc..) - C:\Program Files\mcafee\VirusScan\mcods.exe
SS - | Auto 11/05/2012 200728 | (McOobeSv) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
SS - | Demand 15/03/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 18/04/2013 273136 | (MyWiFiDHCPDNS) . (...) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
SS - | Auto 03/04/2014 150504 | (pricemeterliveUpdate) . (.PriceMeter.) - C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe =>PUP.PriceMeter
SS - | Demand 03/04/2014 150504 | (pricemeterliveUpdatem) . (.PriceMeter.) - C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe =>PUP.PriceMeter
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Auto 10/07/1658 0 | (vosr) . (...) - C:\Users\Cassiano\AppData\Roaming\VOPackage\VOsrv.exe =>Adware.Downware

SR - | Auto 11/04/2013 772064 | (AMPPALR3) . (.Intel Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
SR - | Auto 18/03/2013 1124728 | (Bluetooth Device Monitor) . (.Motorola Solutions, Inc..) - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
SR - | Auto 18/03/2013 1161592 | (Bluetooth OBEX Service) . (.Motorola Solutions, Inc..) - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
SR - | Auto 12/09/2012 135984 | (BTHSSecurityMgr) . (.Intel(R) Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
SR - | Auto 03/12/2012 202400 | (CxAudMsg) . (.Conexant Systems Inc..) - C:\WINDOWS\system32\CxAudMsg64.exe
SR - | Auto 18/04/2013 621296 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SR - | Auto 30/07/2013 328928 | (HomeNetSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 31/01/2013 15344 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Demand 24/04/2012 169752 | (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
SR - | Auto 19/06/2012 634632 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 15/04/2013 161736 | (Intel(R) Wireless Bluetooth(R) 4.0 Radio Management) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
SR - | Auto 06/11/2012 165760 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 06/11/2012 276864 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 28/01/2014 178528 | (McAPExe) . (.McAfee, Inc..) - C:\Program Files\McAfee\MSC\McAPexe.exe
SR - | Auto 30/07/2013 328928 | (McMPFSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 328928 | (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 328928 | (mcpltsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 328928 | (McProxy) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 21/01/2014 1025712 | (mfecore) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
SR - | Auto 27/01/2014 219752 | (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
SR - | Auto 27/01/2014 185792 | (mfevtp) . (.McAfee, Inc..) - C:\WINDOWS\system32\mfevtps.exe
SR - | Auto 30/07/2013 328928 | (MSK80Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 18/04/2013 149744 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SR - | Auto 06/11/2012 364416 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Demand 10/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Demand 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 03/04/2014 706560 | (xmkysecqun64) . (...) - C:\Program Files\003\xmkysecqun64.exe
SR - | Auto 18/04/2013 3388144 | (ZeroConfigService) . (.Intel® Corporation.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

~ Services: Scanned in 00mn 07s

---\\ Scâner Aditional (088)
Database Version : 13044 - (07/04/2014)
Clés trouvées (Keys found) : 2
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 11

[HKLM\SYSTEM\CurrentControlSet\Services\pricemeterliveUpdate) (pricemeterliveUpdate] =>PUP.PriceMeter^
[HKLM\SYSTEM\CurrentControlSet\Services\vosr] =>Adware.Downware^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:PriceMeterW =>PUP.PriceMeter^
C:\Program Files (x86)\Baidu Security =>Adware.BDSearch^
C:\ProgramData\Baidu Security =>Adware.BDSearch^
C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job =>PUP.PriceMeter^
C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job =>PUP.PriceMeter^
C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe =>PUP.PriceMeter^
[HKCU\Software\AnyProtect] =>PUP.AnyProtect^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\LevelQualityWatcher] =>PUP.LevelQualityWatcher^
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\SupraSavings] =>PUP.SupraSavings^
[HKLM\Software\suprasavings] =>PUP.SupraSavings^
~ Additionnel Scan: 191762 Items scanned in 00mn 15s

---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.VuuPC
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.MyPCBackup
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.PriceMeter
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.Downware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.AnyProtect
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SupraSavings
~ MSI: 7 link(s) detected in 00mn 00s

~ 1013 Legitimates filtered by white list
End of the scan (468 lines in 02mn 51s)(0)

por Cassiano1110 Ter 08 Abr 2014, 01:15

Está aí o relatório Max...

por **Power Max** Ter 08 Abr 2014, 01:40

Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

istart webssearches abrindo no lugar da pag inicial parte 2 772309

Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.

por Cassiano1110 Ter 08 Abr 2014, 09:56

Rapport de ZHPFix 2014.4.7.2 par Nicolas Coolman, Update du 07/04/2014
Fichier d'export Registre :
Run by Cassiano at 08/04/2014 09:53:20
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit Service Pack 1 (9600)

Reciclagem vazia (00mn 04s)
Reparação de atalhos do navegador

========== Softwares ==========
AUSENTE Uninstall Process: c:\program files (x86)\freeven pro 1.4\uninstall.exe
AUSENTE Uninstall Process: c:\program files (x86)\newplayer\uninstall.exe

========== Processo memória ==========
ELIMINA REINICIAR: Memory Process: C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe

========== Chaves do Registo ==========
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Freeven Pro 1.4]
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NewPlayer]
ELIMINÉ:* CLSID Extra Buttons: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
ELIMINÉ: [HKLM\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
ELIMINÉ: Service: pricemeterliveUpdate
ELIMINÉ: Service: vosr
ELIMINÉ: Service: xmkysecqun64
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bprotect
ELIMINÉ: HKCU\Software\AnyProtect
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ:* HKLM\Software\Baidu Security
ELIMINÉ:* HKLM\Software\LevelQualityWatcher
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu_Drp_pos
ELIMINÉ: HKLM\Software\Wow6432Node\SupraSavings
ELIMINÉ:* HKLM\Software\suprasavings
ELIMINÉ: Service: pricemeterliveUpdatem

========== Valores do Registo ==========
ELIMINÉ RunValue: ETDCtrl
ELIMINÉ RunValue: PriceMeterW
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ: c:\users\cassiano\desktop\continue installation.lnk
ELIMINÉ: c:\users\cassiano\desktop\continue vuupc installation.lnk
ELIMINÉ: c:\users\cassiano\desktop\sync folder.lnk
ELIMINA REINICIAR: c:\program files (x86)\pricemeterliveupdate\update\pricemeterliveupdate.exe
ELIMINA REINICIAR: c:\program files\003\xmkysecqun64.exe
ELIMINÉ: c:\windows\tasks\a4e5f75f-8407-47aa-84e9-6411e0afa4e1-1.job
ELIMINÉ: c:\windows\tasks\a4e5f75f-8407-47aa-84e9-6411e0afa4e1-3.job
ELIMINÉ: c:\windows\tasks\a4e5f75f-8407-47aa-84e9-6411e0afa4e1-4.job
ELIMINÉ: c:\windows\tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-1.job
ELIMINÉ: c:\windows\tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-3.job
ELIMINÉ: c:\windows\tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-4.job
ELIMINÉ: c:\windows\tasks\pricemeterliveupdateupdatetaskmachinecore.job
ELIMINÉ: c:\windows\tasks\pricemeterliveupdateupdatetaskmachineua.job
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINÉ: c:\program files\003\xmkysecqun64.exe
ELIMINÉ Temporários windows (0) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: a4e5f75f-8407-47aa-84e9-6411e0afa4e1-1
ELIMINÉ: a4e5f75f-8407-47aa-84e9-6411e0afa4e1-1
ELIMINÉ: a4e5f75f-8407-47aa-84e9-6411e0afa4e1-3
ELIMINÉ: a4e5f75f-8407-47aa-84e9-6411e0afa4e1-3
ELIMINÉ: a4e5f75f-8407-47aa-84e9-6411e0afa4e1-3
ELIMINÉ: a4e5f75f-8407-47aa-84e9-6411e0afa4e1-3
ELIMINÉ: a4e5f75f-8407-47aa-84e9-6411e0afa4e1-4
ELIMINÉ: a4e5f75f-8407-47aa-84e9-6411e0afa4e1-4
ELIMINÉ: b8e2dbf6-f651-4529-84b2-6113f5365cc5-1
ELIMINÉ: b8e2dbf6-f651-4529-84b2-6113f5365cc5-1
ELIMINÉ: b8e2dbf6-f651-4529-84b2-6113f5365cc5-3
ELIMINÉ: b8e2dbf6-f651-4529-84b2-6113f5365cc5-3
ELIMINÉ: b8e2dbf6-f651-4529-84b2-6113f5365cc5-3
ELIMINÉ: b8e2dbf6-f651-4529-84b2-6113f5365cc5-3
ELIMINÉ: b8e2dbf6-f651-4529-84b2-6113f5365cc5-4
ELIMINÉ: b8e2dbf6-f651-4529-84b2-6113f5365cc5-4
ELIMINÉ: pricemeterdownloader
ELIMINÉ: PriceMeterLiveUpdateUpdateTaskMachineCore
ELIMINÉ: PriceMeterLiveUpdateUpdateTaskMachineCore
ELIMINÉ: PriceMeterLiveUpdateUpdateTaskMachineUA

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Recapitulativo ==========
1 : Processo memória
18 : Chaves do Registo
8 : Valores do Registo
1 : Pastas
19 : Ficheiros
2 : Softwares
20 : Tarefa planificada
1 : Restauração Sistema

End of clean in 00mn 20s

========== Caminho do ficheiro do relatório ==========
C:\Users\Cassiano\AppData\Roaming\ZHP\ZHPFix[R1].txt - 08/04/2014 09:53:25 [4586]

por **Power Max** Ter 08 Abr 2014, 10:08

Abra novamente o ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

por Cassiano1110 Ter 08 Abr 2014, 12:59

~ Relatório do ZHPDiag v2014.4.7.7 - Nicolas Coolman (07/04/2014)
~ Iniciado por Cassiano (08/04/2014 12:46:17)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program

---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.16521
MFIE: Mozilla Firefox 28.0 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8.1 Single Language, 64-bit (Build 9600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
McAfee Internet Security v12.8.934
Windows Defender W8

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3993 MB (39% free)
System Restore: Activé (Enable)
System drive C: has 864 GB (97%) free of 891 GB

---\\ Modo de conexão ao sistema
~ Computer Name: ISABELA
~ User Name: Cassiano
~ All Users Names: HomeGroupUser$, Convidado, Cassiano, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Cassiano\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Cassiano\AppData\Roaming\
~ %Desktop% : C:\Users\Cassiano\Desktop\
~ %Favorites% : C:\Users\Cassiano\Favorites\
~ %LocalAppData% : C:\Users\Cassiano\AppData\Local\
~ %StartMenu% : C:\Users\Cassiano\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 864 Go of 891 Go)
D: Hard drive, Flash drive, Thumb drive (Free 22 Go of 25 Go)
E: CD-ROM drive (Not Inserted)

---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s

---\\ Pesquisa particular de ficheiros genéricos
[MD5.63DC38C3E4564B2405D562855643ABA2] - (.Microsoft Corporation - Windows Explorer.) (.14/11/2013 - 04:26:30.) -- C:\Windows\Explorer.exe [2328872]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.22/08/2013 - 06:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.DF79CE9B950C62677D232154E93A81C7] - (.Microsoft Corporation - Internet Extensions para Win32.) (.01/03/2014 - 00:10:28.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.7C94FDA3809015B8F2208D2E1C221F17] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.22/08/2013 - 06:55:08.) -- C:\Windows\System32\Winlogon.exe [564736]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/12/2013 - 05:54:07.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.239268BAB58EAE9A3FF4E08334C00451] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\AFD.sys [567296]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 09:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 08:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 05:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.5DB26D7E0216D0BF364A81D3829AD7B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.22/08/2013 - 08:38:00.) -- C:\Windows\system32\Drivers\DfsC.sys [134656]
[MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.22/08/2013 - 08:38:38.) -- C:\Windows\system32\Drivers\HDAudBus.sys [78336]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Driver de porta i8042.) (.22/08/2013 - 08:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.27/11/2013 - 09:02:29.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.79B6F3DF7CDFD12159871FF71464F0CE] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.23/11/2013 - 04:08:19.) -- C:\Windows\system32\Drivers\MRxSmb.sys [403456]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 08:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.4412D565C0278C401575E11072C7DCE3] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.22/08/2013 - 10:25:41.) -- C:\Windows\system32\Drivers\ntfs.sys [2011488]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Driver de porta paralela.) (.22/08/2013 - 08:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 08:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Microsoft.) (.14/11/2013 - 04:15:38.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.C85C075DE5B6D0FE116043054DE8EE02] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.31/01/2014 - 13:15:23.) -- C:\Windows\system32\Drivers\volsnap.sys [311640]
~ Generic Processes: Scanned in 00mn 01s

---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/318
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 1/8
~ Mon Bureau (My Desktop) : 2/12
~ Menu demarrer (Programs) : 1/26
~ Hidden Files: Scanned in 00mn 00s

---\\ Processos lançados
[MD5.C2513AEB3F326B8811E2A37C9A7F930B] - (.CyberLink Corp. - CyberLink YouCam Tray.) -- C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464] [PID.5072]
[MD5.B7995C675014EEBE77A0BEB7AFCCFC08] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432] [PID.5116]
[MD5.D342CD9148D4F9BC75304C658D52C25E] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192] [PID.5576]
[MD5.8E556A72D54F7E3B7844AB9217F02DD7] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.1384]
[MD5.CBA0013EBDE3F0B08B043F61857E9809] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.6716]
[MD5.7AD5A2F4C89FD26E27EA52396E770038] - (.Adobe Systems, Inc. - Adobe Flash Player 12.0 r0.) -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe [1863560] [PID.6748]
[MD5.F38B1A524D978B0734C807C1831E647B] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8187392] [PID.4408]
~ Processes Running: Scanned in 00mn 00s

---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
M0 - MFSP: prefs.js [Cassiano - mhzxax0o.default] [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- C:\Program Files\mcafee\msc\npMcSnFFPl64.dll
~ Firefox Browser: 3 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ IE Browser: 16 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 19

---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Guia de Usuário.lnk . (.Lenovo - UserGuide.) -- C:\Program Files (x86)\Lenovo\UserGuide\UserGuide.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Desktop.lnk - Chave orfã
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [Cassiano]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Cassiano]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Cassiano]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar [Cassiano]: UserGuide.lnk . (.Lenovo - UserGuide.) -- C:\Program Files (x86)\Lenovo\UserGuide\UserGuide.exe
O4 - GS\Program [Cassiano]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Global Startup: 43 Legitimates Filtered in 00mn 01s

---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RtsFT] . (.Realtek semiconductor - RTFTrack.) -- C:\Windows\RTFTrack.exe
O4 - HKLM\..\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Run: [cAudioFilterAgent] . (.Conexant Systems, Inc. - Conexant High Definition Audio Filter Agent.) -- C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
O4 - HKLM\..\Run: [SmartAudio] . (.Conexant Systems, Inc. - SmartAudio CPL (32bit).) -- C:\Program Files\CONEXANT\SAII\SACpl.exe
O4 - HKLM\..\Run: [BTMTrayAgent] . (.Motorola Solutions, Inc. - Bluetooth Shell Extension.) -- C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll
O4 - HKLM\..\Run: [Energy Management] . (.Lenovo (Beijing) Limited - Lenovo Energy Management Software 8.0.) -- C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
O4 - HKLM\..\Run: [EnergyUtility] . (.Lenovo(beijing) Limited - Lenovo Battery Management Software Ver 8.0.) -- C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Wow6432Node\Run: [YouCam Tray] . (.CyberLink Corp. - CyberLink YouCam Tray.) -- C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateP2GShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Wow6432Node\Run: [Intel AppUp(SM) center] . (.Intel Corporation - Intel Services Manager.) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
O4 - HKLM\..\Wow6432Node\Run: [mcpltui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
~ Application: Scanned in 00mn 00s

---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{4D5A4BC4-C2A2-4029-9CEC-FD826A665607}: DhcpNameServer = 189.4.0.152 189.4.0.157
O17 - HKLM\System\CS1\Services\Tcpip\..\{4D5A4BC4-C2A2-4029-9CEC-FD826A665607}: DhcpNameServer = 189.4.0.152 189.4.0.157
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 189.4.0.152 189.4.0.157
~ Domain: Scanned in 00mn 00s

---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s

---\\ Software instalados (042)
O42 - Logiciel: Download & Install Packages - (...) [HKCU][64Bits] -- Download & Install Packages
~ Logic: 33 Legitimates Filtered in 00mn 00s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\Download4windows]
[HKLM\Software\Wow6432Node\Freeven Pro 1.4]
[HKLM\Software\Wow6432Node\NewPlayer]
~ Key Software: 185 Legitimates Filtered in 00mn 00s

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 04/04/2014 - 16:09:25 - [0,045] ----D C:\Program Files (x86)\Uninstaller
O43 - CFD: 03/04/2014 - 22:42:32 - [1,063] ----D C:\Users\Cassiano\AppData\Roaming\0D1F2W1G1I1F1T1QyE2W1L1G1Q1F2W1B
O43 - CFD: 04/04/2014 - 16:09:05 - [0,001] ----D C:\Users\Cassiano\AppData\Local\com
~ Program Folder: 107 Legitimates Filtered in 00mn 02s

---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.C7316D0F26440BE825BDE818E58CF899] - 03/04/2014 - 09:20:05 --HA- . (...) -- C:\Windows\modules.log [112434]
O44 - LFC:[MD5.691EF5966CE866B766CE00BECFCFA589] - 03/04/2014 - 17:14:52 ---A- . (...) -- C:\Windows\System32\Drivers\mfencbdc.inf [5442]
O44 - LFC:[MD5.12F0F8D3F84FAB8F31D073286FE131CB] - 03/04/2014 - 17:14:52 ---A- . (...) -- C:\Windows\System32\Drivers\mfencrk.inf [2641]
O44 - LFC:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 03/04/2014 - 22:45:58 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032]
O44 - LFC:[MD5.DFC1681F6645CB2AEA83897588F05362] - 03/04/2014 - 22:45:59 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624] =>Adware.BDSearch
O44 - LFC:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 03/04/2014 - 22:46:00 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992]
O44 - LFC:[MD5.8FF6C498C08FFB65CA6B586C0E5DBE7F] - 04/04/2014 - 10:04:02 ---A- . (...) -- C:\Windows\CalibriL.tt2 [758196]
O44 - LFC:[MD5.3567D339A4859211316D2894F44EE97E] - 04/04/2014 - 10:04:03 ---A- . (...) -- C:\Windows\CalibriLI.tt2 [868464]
O44 - LFC:[MD5.F351D7DBE9B7E9640BC0184AA8870F66] - 04/04/2014 - 14:56:48 ---A- . (...) -- C:\Windows\WindowsUpdate (1).log [1224194]
O44 - LFC:[MD5.D045550114244A8A2EDD5897514F1C11] - 04/04/2014 - 15:15:17 ---A- . (...) -- C:\Windows\DtcInstall.log [4893]
O44 - LFC:[MD5.4C586CBFFF17C038F7CB238CBE41D794] - 04/04/2014 - 15:26:02 ---A- . (...) -- C:\Windows\System32\emptyregdb.dat [22956]
O44 - LFC:[MD5.7B1A90B69A1C8EBEC37AC3D5934BB8C9] - 04/04/2014 - 15:26:19 ---A- . (...) -- C:\Windows\comsetup.log [6578]
O44 - LFC:[MD5.81DD33EC695AB90466031CF430CFA1BD] - 04/04/2014 - 15:26:20 ---A- . (...) -- C:\Windows\diagerr.xml [20958]
O44 - LFC:[MD5.81DD33EC695AB90466031CF430CFA1BD] - 04/04/2014 - 15:26:20 ---A- . (...) -- C:\Windows\diagwrn.xml [20958]
O44 - LFC:[MD5.2100B28C34C4FCE916A4A61F58E31198] - 05/04/2014 - 19:08:32 ---A- . (...) -- C:\Windows\System32\connectedsearch-results.searchconnector-ms [9701]
O44 - LFC:[MD5.110BE5198A63D3FF3CE9C30F1DC12EC3] - 05/04/2014 - 19:10:03 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [386722]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 07/04/2014 - 23:31:51 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.0F70AC7F8C8FE7E17DC23E97DFC8FEFD] - 07/04/2014 - 23:41:37 ---A- . (...) -- C:\zoek-results.log [37746]
O44 - LFC:[MD5.D6528497A77519B74DE4C834D9213D77] - 07/04/2014 - 23:48:08 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [159030]
O44 - LFC:[MD5.B8EF9FFA42CFC6C14F69D26AD3DAE758] - 07/04/2014 - 23:48:08 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [775938]
~ Files: 183 Legitimates Filtered in 00mn 29s

---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 21 Legitimates Filtered in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s

---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.5451A638FACAA57F2F179837BC29A543] - 11/04/2013 - 01:13:20 ---A- . (.Windows (R) Win 7 DDK provider - Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapt.) -- C:\Windows\System32\Drivers\AmpPal.sys [165344]
O58 - SDL:[MD5.C1ABB0F7E3BEA48A0417BDF6FF14AB21] - 12/08/2013 - 20:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 21/01/2014 - 11:14:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032]
O58 - SDL:[MD5.DFC1681F6645CB2AEA83897588F05362] - 21/01/2014 - 11:14:50 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624] =>Adware.BDSearch
O58 - SDL:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992]
O58 - SDL:[MD5.9CBBFB1953562BCAE1B1F351F17E32D8] - 27/02/2013 - 03:44:24 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys [355664]
O58 - SDL:[MD5.366DEA74BBA65B362BCCFC6FC2ADFD8B] - 22/08/2013 - 09:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
~ Drivers: 21 Legitimates Filtered in 00mn 09s

---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: prefs.js [Cassiano - mhzxax0o.default] user_pref("extensions.crossrider.bic", "1454162782e9fad1ad6b9f8b3a2257f9"); =>PUP.CrossRider
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s

---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "11C6590D06F0EF3499DA25E4384317BB" . (.Energy Management.) -- C:\WINDOWS\Installer\{D0956C11-0F60-43FE-99AD-524E833471BB}\ARPPRODUCTICON.exe
O90 - PUC: "421D4F645E0221D4EB25CE71A7A7B424" . (.OneKey Recovery.) -- C:\WINDOWS\Installer\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\ARPPRODUCTICON.exe
O90 - PUC: "8FC2C70F35C43CE418266A22E163BE88" . (.Guia de Usuário.) -- C:\WINDOWS\Installer\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}\ARPPRODUCTICON.exe
~ Update Products: 26 Legitimates Filtered in 00mn 00s

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 04/04/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 25/01/2014 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 26/01/2012 332080 | (McAWFwk) . (.McAfee, Inc..) - C:\Program Files\mcafee\msc\McAWFwk.exe
SS - | Auto 11/05/2012 200728 | (McOobeSv) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
SS - | Demand 15/03/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 18/04/2013 273136 | (MyWiFiDHCPDNS) . (...) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 11/04/2013 772064 | (AMPPALR3) . (.Intel Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
SR - | Auto 18/03/2013 1124728 | (Bluetooth Device Monitor) . (.Motorola Solutions, Inc..) - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
SR - | Auto 18/03/2013 1161592 | (Bluetooth OBEX Service) . (.Motorola Solutions, Inc..) - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
SR - | Auto 12/09/2012 135984 | (BTHSSecurityMgr) . (.Intel(R) Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
SR - | Auto 03/12/2012 202400 | (CxAudMsg) . (.Conexant Systems Inc..) - C:\WINDOWS\system32\CxAudMsg64.exe
SR - | Auto 18/04/2013 621296 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SR - | Auto 30/07/2013 328928 | (HomeNetSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 31/01/2013 15344 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Demand 24/04/2012 169752 | (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
SR - | Auto 19/06/2012 634632 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 15/04/2013 161736 | (Intel(R) Wireless Bluetooth(R) 4.0 Radio Management) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
SR - | Auto 06/11/2012 165760 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 06/11/2012 276864 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 28/01/2014 178528 | (McAPExe) . (.McAfee, Inc..) - C:\Program Files\McAfee\MSC\McAPexe.exe
SR - | Auto 30/07/2013 328928 | (McMPFSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 328928 | (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Demand 02/08/2013 602944 | (McODS) . (.McAfee, Inc..) - C:\Program Files\mcafee\VirusScan\mcods.exe
SR - | Auto 30/07/2013 328928 | (mcpltsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 328928 | (McProxy) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 21/01/2014 1025712 | (mfecore) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
SR - | Auto 27/01/2014 219752 | (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
SR - | Auto 27/01/2014 185792 | (mfevtp) . (.McAfee, Inc..) - C:\WINDOWS\system32\mfevtps.exe
SR - | Auto 30/07/2013 328928 | (MSK80Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 18/04/2013 149744 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SR - | Auto 06/11/2012 364416 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Demand 10/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 18/04/2013 3388144 | (ZeroConfigService) . (.Intel® Corporation.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

~ Services: Scanned in 00mn 09s

---\\ Scâner Aditional (088)
Database Version : 13044 - (07/04/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

~ Additionnel Scan: 191557 Items scanned in 00mn 20s

---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.CrossRider
~ MSI: 2 link(s) detected in 00mn 00s

~ 968 Legitimates filtered by white list
End of the scan (387 lines in 01mn 48s)(0)

por **Power Max** Ter 08 Abr 2014, 13:39

Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

istart webssearches abrindo no lugar da pag inicial parte 2 772309

Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.

por Cassiano1110 Ter 08 Abr 2014, 14:52

Rapport de ZHPFix 2014.4.7.2 par Nicolas Coolman, Update du 07/04/2014
Fichier d'export Registre :
Run by Cassiano at 08/04/2014 14:49:58
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit Service Pack 1 (9600)

Reciclagem vazia (00mn 03s)
Reparação de atalhos do navegador

========== Chaves do Registo ==========
ELIMINÉ: HKLM\Software\Wow6432Node\Freeven Pro 1.4
ELIMINÉ: HKLM\Software\Wow6432Node\NewPlayer

========== Valores do Registo ==========
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Preferências do navegador ==========
ELIMINÉ Mozilla Pref: user_pref("extensions.crossrider.bic", "1454162782e9fad1ad6b9f8b3a2257f9");

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINÉ Temporários windows (0) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Recapitulativo ==========
2 : Chaves do Registo
6 : Valores do Registo
1 : Pastas
5 : Ficheiros
1 : Preferências do navegador
1 : Restauração Sistema

End of clean in 00mn 06s

========== Caminho do ficheiro do relatório ==========
C:\Users\Cassiano\AppData\Roaming\ZHP\ZHPFix[R1].txt - 08/04/2014 09:53:25 [4669]
C:\Users\Cassiano\AppData\Roaming\ZHP\ZHPFix[R2].txt - 08/04/2014 14:50:02 [1637]

por **Power Max** Ter 08 Abr 2014, 15:03

Reinicie o PC e depois nos diga como ele está após estes procedimentos.

por Cassiano1110 Ter 08 Abr 2014, 15:24

Olá Max.

Ainda aparece um monte de propaganda indesejada e abrem páginas sem permissão.
Aparece embaixo das propagandas: Ads by onlinebrowser advertising ou aparece Freeven pro 1.4.

por **Power Max** Ter 08 Abr 2014, 15:29

Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e salve-o no Desktop (Área de Trabalho)

Obs: Ao acessar o link acima, clique no botão Download Now 64-Bit Version

*Execute o FRST e aceite o contrato

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Clique [Scan]

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Ao término clique [OK] > [OK]

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Serão criados dois relatórios no Desktop: FRST.txt e Addition.txt

Poste estes dois relatórios em sua próxima resposta. (Obs: se não couber em uma só resposta, pode dividi-la em mais postagens).

por Conteúdo patrocinado

istart webssearches abrindo no lugar da pag inicial parte 2

istart webssearches abrindo no lugar da pag inicial parte 2

Re: istart webssearches abrindo no lugar da pag inicial parte 2

istart webssearches abrindo no lugar da pag inicial parte 2

Re: istart webssearches abrindo no lugar da pag inicial parte 2

Re: istart webssearches abrindo no lugar da pag inicial parte 2

Re: istart webssearches abrindo no lugar da pag inicial parte 2

Re: istart webssearches abrindo no lugar da pag inicial parte 2

Re: istart webssearches abrindo no lugar da pag inicial parte 2

Re: istart webssearches abrindo no lugar da pag inicial parte 2

Re: istart webssearches abrindo no lugar da pag inicial parte 2

Re: istart webssearches abrindo no lugar da pag inicial parte 2

Re: istart webssearches abrindo no lugar da pag inicial parte 2

Re: istart webssearches abrindo no lugar da pag inicial parte 2

Re: istart webssearches abrindo no lugar da pag inicial parte 2

Re: istart webssearches abrindo no lugar da pag inicial parte 2

Re: istart webssearches abrindo no lugar da pag inicial parte 2

Re: istart webssearches abrindo no lugar da pag inicial parte 2

Re: istart webssearches abrindo no lugar da pag inicial parte 2

Re: istart webssearches abrindo no lugar da pag inicial parte 2

Re: istart webssearches abrindo no lugar da pag inicial parte 2

Re: istart webssearches abrindo no lugar da pag inicial parte 2

Re: istart webssearches abrindo no lugar da pag inicial parte 2

Re: istart webssearches abrindo no lugar da pag inicial parte 2

Re: istart webssearches abrindo no lugar da pag inicial parte 2

Re: istart webssearches abrindo no lugar da pag inicial parte 2

Re: istart webssearches abrindo no lugar da pag inicial parte 2

Seg	Ter	Qua	Qui	Sex	Sáb	Dom
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31