Remover plugin do Banco do Brasil

por JoseCarlos Sáb 05 Abr 2014, 20:31

Quando estive no Brasil fiz consultas no site do banco do Brasil. Hoje residindo em Portugal tenho tido problemas com no PC derivado a um plugin que teimosamente não tenho encontrado forma de o remover. Segui aqui um auxílio e procedi a tudo igualmente e aqui agora posto o resultado que tive com o ZHPDiag para que o PowerMax me ajude também

~ Relatório do ZHPDiag v2014.4.3.2 - Nicolas Coolman (03-04-2014)
~ Iniciado por Utilizador (05-04-2014 23:19:22)
~ Endereço do Website : http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user

---\\ Navegadores Internet
MSIE: Internet Explorer v9.0.8112.16421 (Defaut)
GCIE: Google Chrome v33.0.1750.154

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 64-bit (Build 7600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
avast! Internet Security v9.0.2016
Microsoft Security Client PT-PT Language Pack v2.1.1116.0
Windows Defender W7

---\\ Softwares d'optimização do sistema
CCleaner v3.20 =>.Piriform Ltd

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
Adobe Reader XI
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 15 Stepping 6, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1022 MB (11% free)
System Restore: Activé (Enable)
System drive C: has 247 GB (82%) free of 298 GB

---\\ Modo de conexão ao sistema
~ Computer Name: TOSHIBAA100
~ User Name: Utilizador
~ All Users Names: Utilizador, Guest, Administrator,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Utilizador\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Utilizador\AppData\Roaming\
~ %Desktop% : C:\Users\Utilizador\Desktop\
~ %Favorites% : C:\Users\Utilizador\Favorites\
~ %LocalAppData% : C:\Users\Utilizador\AppData\Local\
~ %StartMenu% : C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 247 Go of 298 Go)
D: CD-ROM drive (Not Inserted)

---\\ Estado do Centro de Segurança do Windows
~ Security Center: 49 Legitimates Filtered in 00mn 00s

---\\ Pesquisa particular de ficheiros genéricos
[MD5.0862495E0C825893DB75EF44FAEA8E93] - (.Microsoft Corporation - Explorador do Windows.) (.26-02-2011 - 06:23:14.) -- C:\Windows\Explorer.exe [2870272]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicação de Arranque do Windows.) (.14-07-2009 - 01:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.A4F6142CABA82FB7293ECE5FF864B440] - (.Microsoft Corporation - Extensões da Internet para Win32.) (.22-02-2013 - 06:20:51.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.DA3E2A6FA9660CC75B471530CE88453A] - (.Microsoft Corporation - Aplicação de início de sessão do Windows.) (.28-10-2009 - 06:24:40.) -- C:\Windows\System32\Winlogon.exe [389632]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.14-07-2009 - 01:41:54.) -- C:\Windows\System32\sppcomapi.dll [231936]
[MD5.DB9D6C6B2CD95A9CA414D045B627422E] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28-12-2011 - 03:59:11.) -- C:\Windows\system32\Drivers\AFD.sys [499200]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14-07-2009 - 01:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13-07-2009 - 23:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13-07-2009 - 23:19:54.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9C253CE7311CA60FC11C774692A13208] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.27-04-2011 - 02:57:40.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.14-07-2009 - 00:06:13.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Controlador de porta i8042.) (.13-07-2009 - 23:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14-07-2009 - 00:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.040D62A9D8AD28922632137ACDD984F2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.04-05-2011 - 02:51:08.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157696]
[MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.13-07-2009 - 23:21:29.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
[MD5.9A6089B056EA1B83B36424FC9D0A300E] - (.Microsoft Corporation - Controlador de Sistema de Ficheiros NT.) (.12-04-2013 - 14:36:37.) -- C:\Windows\system32\Drivers\ntfs.sys [1653096]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Controlador de porta paralela.) (.14-07-2009 - 00:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14-07-2009 - 00:10:12.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
[MD5.9706B84DBABFC4B4CA46C5A82B14DFA3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.14-07-2009 - 00:18:02.) -- C:\Windows\system32\Drivers\rdpdr.sys [165376]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14-07-2009 - 00:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.13-07-2009 - 23:21:15.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
[MD5.9E425AC5C9A5A973273D169F43B4F5E1] - (.Microsoft Corporation - Controlador de cópia sombra do volume.) (.06-09-2012 - 17:38:18.) -- C:\Windows\system32\Drivers\volsnap.sys [295792]
~ Generic Processes: Scanned in 00mn 02s

---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/18
~ Mes musiques (My Musics) : 1/8
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/22
~ Mes Documents (My Documents) : 1/2482
~ Mon Bureau (My Desktop) : 10/385
~ Menu demarrer (Programs) : 1/37
~ Hidden Files: Scanned in 00mn 11s

---\\ Processos lançados
[MD5.CA1EA5BC13E3820624669E8871EA6DFC] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\Utilizador\AppData\Roaming\Dropbox\bin\Dropbox.exe [32667896] [PID.4076]
[MD5.4BFA1849DC7AA3CB99C160D9EB96C67B] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640] [PID.3428]
[MD5.3A924B200D86590D2C83214CEBFA9742] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859976] [PID.5024]
[MD5.E75DA1FAAFC9B69CCD0940F95C9D1CF7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8182272] [PID.4752]
[MD5.B99C37364701D19F2B5C0A0E1ECCDB80] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe [519720] [PID.812]
[MD5.BEA8D0FA8805CC2E6BB49728166699C7] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1360]
[MD5.D58C10AFF2B5C09D615623A4DAC0E330] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe [109048] [PID.1568]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1648]
[MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.1684]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Instalador do Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [PID.3248]
~ Processes Running: Scanned in 00mn 04s

---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Utilizador\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)

---\\ Pasta de extensão do Google Chrome

~ Google Lines Browser: 17 Legitimates Filtered in 00mn 01s

---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbieh.dll
~ BHO: 3 Legitimates Filtered in 00mn 00s

---\\ Barras do Internet Explorer (03))
O3 - Toolbar: (no name) - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Chave orfã
~ Toolbar: Scanned in 00mn 00s

---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: aTube Catcher.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Kobo.lnk . (...) -- C:\Program Files (x86)\Kobo\Kobo.exe
O4 - GS\Desktop [Public]: RegHunter.lnk . (...) -- C:\Program Files (x86)\Enigma Software Group\RegHunter\RegHunter.exe (.not file.) =>Crapware.RegHunter
O4 - GS\Desktop [Public]: Video Search.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\QuickLaunch [Utilizador]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Utilizador]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Utilizador]: Upgrade to Paltalk Extreme.lnk - Chave orfã
O4 - GS\QuickLaunch [Utilizador]: Viber.lnk . (...) -- C:\Users\Utilizador\AppData\Local\Viber\Viber.exe
O4 - GS\QuickLaunch [Utilizador]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Utilizador\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [Utilizador]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Utilizador]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Utilizador]: SpyHunter.lnk . (...) -- C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe (.not file.) =>Crapware.SpyHunter
O4 - GS\TaskBar [Utilizador]: Viber.lnk . (...) -- C:\Users\Utilizador\AppData\Local\Viber\Viber.exe
O4 - GS\TaskBar [Utilizador]: ZON NET MOBILE.lnk . (...) -- C:\Program Files (x86)\ZON NET MOBILE\UIMain.exe
O4 - GS\Program [Utilizador]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [Utilizador]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [Utilizador]: Viber.lnk . (...) -- C:\Users\Utilizador\AppData\Local\Viber\Viber.exe
O4 - GS\SystemTools [Utilizador]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Utilizador]: Documentos - Atalho.lnk . (...) -- C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms
O4 - GS\Desktop [Utilizador]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Utilizador\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\QuickLaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Guest]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Guest]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [Guest]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [Guest]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Guest]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Guest]: FacebookPasswordDecryptor.lnk . (.SecurityXploded - All-in-one Facebook Password Recovery Softw.) -- C:\Program Files (x86)\SecurityXploded\FacebookPasswordDecryptor\FacebookPasswordDecryptor.exe
~ Global Startup: 94 Legitimates Filtered in 00mn 11s

---\\ Aplicações iniciadas por registo & pastas (04)
O4 - GS\Startup [Utilizador]: Dropbox.lnk . (.Dropbox, Inc. - Dropbox.) -- C:\Users\Utilizador\AppData\Roaming\Dropbox\bin\Dropbox.exe =>.Dropbox
O4 - GS\Startup [Guest]: Uninstall Webroot RunOnce.lnk . (.Webroot Software, Inc. - Webroot Installer.) -- C:\Program Files (x86)\Common Files\wruninstall.exe
O4 - HKCU\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKUS\S-1-5-21-3136738229-3321464536-2784466607-1000\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
~ Application: Scanned in 00mn 00s

---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance: Scanned in 00mn 05s

---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{EE7A8BE6-057B-4CCA-BAB4-23EEBDAFB2B1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{F92DB7FD-987A-4D9A-814E-E9018FA08010}: DhcpNameServer = 77.234.40.79
O17 - HKLM\System\CS1\Services\Tcpip\..\{EE7A8BE6-057B-4CCA-BAB4-23EEBDAFB2B1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{F92DB7FD-987A-4D9A-814E-E9018FA08010}: DhcpNameServer = 77.234.40.79
O17 - HKLM\System\CS2\Services\Tcpip\..\{EE7A8BE6-057B-4CCA-BAB4-23EEBDAFB2B1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{F92DB7FD-987A-4D9A-814E-E9018FA08010}: DhcpNameServer = 77.234.40.79
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s

---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
~ Services: 10 Legitimates Filtered in 00mn 10s

---\\ Software instalados (042)
O42 - Logiciel: ZON NET MOBILE - (...) [HKLM][64Bits] -- {93D34EE3-99B3-4DB1-8B0A-0A657466F90D}
~ Logic: 6 Legitimates Filtered in 00mn 00s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\BancoBest]
[HKCU\Software\GbAs]
[HKCU\Software\PTEID]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
~ Key Software: 190 Legitimates Filtered in 00mn 00s

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 05-08-2012 - 22:49:50 - [0] ----D C:\Program Files (x86)\BancoBest
O43 - CFD: 17-03-2014 - 13:58:58 - [0] ----D C:\Program Files (x86)\DriverUpdate
O43 - CFD: 02-04-2014 - 02:04:55 - [19,629] ----D C:\Program Files (x86)\ZON NET MOBILE
O43 - CFD: 03-08-2012 - 18:11:55 - [0] ----D C:\Users\Utilizador\AppData\Roaming\BancoBest
O43 - CFD: 03-08-2012 - 18:11:45 - [0,103] ----D C:\Users\Utilizador\AppData\Local\BancoBest
O43 - CFD: 06-03-2014 - 13:13:35 - [0,407] ----D C:\Users\Utilizador\AppData\Local\BeAnywhere Support Express
O43 - CFD: 11-12-2013 - 16:39:36 - [13,226] ----D C:\Users\Utilizador\AppData\Local\lptmp1402949683
O43 - CFD: 11-01-2014 - 16:07:32 - [7,478] ----D C:\Users\Utilizador\AppData\Local\lptmp890397290
O43 - CFD: 13-03-2014 - 02:06:43 - [0] -SH-D C:\Users\Utilizador\AppData\Local\ms-drivers
O43 - CFD: 28-11-2013 - 21:52:07 - [0,005] ----D C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter =>Crapware.SpyHunter
~ Program Folder: 169 Legitimates Filtered in 00mn 26s

---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.3CF3D4A45CC2AF973DBC30EC8D33252B] - 05-04-2014 - 20:32:17 ---A- . (...) -- C:\Windows\system.ini [215]
O44 - LFC:[MD5.C9FFD23F9ED7F6FFDCB9C54BC1149191] - 05-04-2014 - 20:37:30 ---A- . (...) -- C:\ComboFix.txt [20920]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 05-04-2014 - 21:13:38 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.951970B9A9FCD9494A5054F20E085619] - 05-04-2014 - 21:46:31 ---A- . (...) -- C:\zoek-results.log [18697]
O44 - LFC:[MD5.ACBF9DA6EE3F6A82EABF2A43008E45EA] - 31-03-2014 - 18:52:17 ---A- . (...) -- C:\Windows\System32\prfc0816.dat [152656]
O44 - LFC:[MD5.7BA6C05D4CC77D7D5533A2284F5A00A8] - 31-03-2014 - 18:52:17 ---A- . (...) -- C:\Windows\System32\prfh0816.dat [721734]
~ Files: 25 Legitimates Filtered in 00mn 40s

---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Utilizador\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ SMSR Keys: 1 Legitimates Filtered in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s

---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.8D4B8BF93C65BDBC133B20706A3B5208] - 05-04-2014 - 19:17:59 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O58 - SDL:[MD5.F87990FDBDD4DC037343A80BD7E67538] - 13-01-2014 - 12:59:33 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\aswTap.sys [44640]
O58 - SDL:[MD5.0606875650850B0697D662934529F6FC] - 05-04-2014 - 19:17:59 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [208928]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14-07-2009 - 01:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.3B32CAA07D672F8A2E0DF5CB3A873F45] - 22-06-2012 - 11:01:32 ---A- . (...) -- C:\Windows\System32\Drivers\EsgScanner.sys [22704]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10-06-2009 - 20:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14-07-2009 - 01:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.2E3ACFDA0B792707C59B307ABB6A6E95] - 17-03-2014 - 12:24:34 ---A- . (...) -- C:\Windows\System32\Drivers\SWDUMon.sys [16152]
O58 - SDL:[MD5.2A6F99C1E2D25C4C920A37E07BB26291] - 16-10-2013 - 01:44:42 ---A- . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\Drivers\taphss6.sys [42184]
O58 - SDL:[MD5.8F866DF9A974BFFDCB2001D303BC0695] - 08-05-2013 - 12:52:48 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpkm.sys [49536]
O58 - SDL:[MD5.B7CC2AF3D5604EFDC5F82AF7A5B21FB1] - 16-03-2014 - 10:29:13 ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpndisrd.sys [31088]
~ Drivers: 19 Legitimates Filtered in 00mn 04s

---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
~ FASS Keys: 13 Legitimates Filtered in 00mn 00s

---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Opera> <Opera>[HKLM\..\Shell\open\Command] (.Not Key.)
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.DF06DC5837316EA78746E3F790A950ED] [SPRF][15-03-2014] (...) -- C:\Users\Utilizador\Desktop\adwcleaner.exe [1950720]
[MD5.FEE1D58C6AD73F25EB0DAD4F690560AD] [SPRF][22-02-2014] (.Facebook Inc. - Setup.) -- C:\Users\Utilizador\Desktop\FacebookVideoCallSetup_v1.2.205.0.exe [501248]
[MD5.972032F9CA03B3DA1EF34E3E9BD43F71] [SPRF][17-03-2014] (.FLVMPlayer - FLV Media Player Setup.) -- C:\Users\Utilizador\Desktop\FLVMPlayer.exe [4953944]
[MD5.348AD296FA2A5E0CCF6EE5CB13BBEFAB] [SPRF][17-03-2014] (.Appsinstaller - Application Installer.) -- C:\Users\Utilizador\Desktop\FLV_Media_Player.exe [299280]
[MD5.916EA7F9B2882A6E955DF42D6B037934] [SPRF][17-03-2014] (.BitTorrent Inc. - µTorrent.) -- C:\Users\Utilizador\Desktop\uTorrent-2-.exe [1852496] =>P2P.BitTorrent
[MD5.E1E94652EB813EBC06C3867E0D3F5E03] [SPRF][12-12-2013] (.John Drew - Yagi Calculator Setup.) -- C:\Users\Utilizador\Desktop\yagisetup (1).exe [717209]
[MD5.2ED2319F3DE13495AAA49B70A1467055] [SPRF][05-04-2014] (...) -- C:\Users\Utilizador\Desktop\zoek.exe [1285120]
~ Files: 12 Legitimates Filtered in 00mn 02s

---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.BBCDC61C8AA8009FED0028798A761EE2] [WIS][17-08-2013] (.Skype Technologies S.A. - Skype Click to Call.) -- C:\Windows\Installer\1877aa5.msi [10502144]
~ WIS: 125 Legitimates Filtered in 00mn 37s

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 18-03-2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 17-02-2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 17-02-2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 23-10-2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe

SR - | Auto 21-12-2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 07-09-2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 05-04-2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 05-04-2014 109048 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 30-08-2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 21-02-2014 519720 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
SR - | Auto 14-07-2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 14-07-2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 06-03-2009 364064 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe
SR - | Auto 14-07-2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 18-10-2013 1025408 | (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC..) - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe =>Crapware.SpyHunter
SR - | Auto 14-07-2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Demand 10-07-1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14-07-2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 44s

---\\ Scâner Aditional (088)
Database Version : 13036 - (03-04-2014)
Clés trouvées (Keys found) : 11
Valeurs trouvées (Values found) : 4
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 1

[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] =>P2P.BitTorrent^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9] =>Adware.MyWebSearch
[HKLM\SYSTEM\CurrentControlSet\Services\SpyHunter 4 Service] =>Crapware.SpyHunter
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2] =>Toolbar.Ask
C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter =>Crapware.SpyHunter^
C:\Users\Utilizador\Desktop\uTorrent-2-.exe =>P2P.BitTorrent^
~ Additionnel Scan: 212508 Items scanned in 00mn 59s

---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Crapware.RegHunter
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Crapware.SpyHunter
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.Ask
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.MyWebSearch
~ MSI: 4 link(s) detected in 00mn 00s

~ 1043 Legitimates filtered by white list
End of the scan (436 lines in 05mn 24s)(0)

por **Power Max** Sáb 05 Abr 2014, 21:09

Remover plugin do Banco do Brasil 772309

Você sabe do que se trata estes programas em negrito abaixo que estão instalados em seu computador?

C:\Program Files (x86)\BancoBest

C:\Program Files (x86)\ZON NET MOBILE
__________________________________________________________________________________________________________

Remover plugin do Banco do Brasil 772309

Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

Remover plugin do Banco do Brasil 772309

Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta e resposta a pergunta que lhe fiz acima também.

por JoseCarlos Dom 06 Abr 2014, 06:41

Bom dia !
Power Max muito obrigado,pelo relatório pude ver que tudo está dando certo.
Acerca das duas questões
C:\Program Files (x86)\BancoBest

C:\Program Files (x86)\ZON NET MOBILE[/color]

Sim são conhecidas e autorizadas porque uma é um Banco daqui e outra é da operadora de internet que uso.

Resultado do ZHP Fix

Rapport de ZHPFix 2014.3.25.5 par Nicolas Coolman, Update du 25/03/2014
Fichier d'export Registre :
Run by Utilizador at 06-04-2014 10:33:53
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 64-bit (Build 7600)

Reciclagem vazia (00mn 17s)
Reparação de atalhos do navegador

========== Chaves do Registo ==========
ELIMINÉ: CLSID BHO: {C41A1C0E-EA6C-11D4-B1B8-444553540000}
ELIMINÉ: Service: GbpSv
ELIMINÉ: HKCU\Software\GbAs
ELIMINÉ: Service: Bonjour Service
ELIMINÉ: Service: SpyHunter 4 Service
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2

========== Valores do Registo ==========
ELIMINÉ: Toolbar: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Elementos dos dados do Registo ==========
ELIMINÉ Trusted Zone: bancobrasil.com.br
ELIMINÉ Trusted Zone: bb.com.br

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\program files (x86)\gbplugin\gbieh.dll
ELIMINÉ: c:\users\public\desktop\reghunter.lnk
ELIMINÉ: c:\users\utilizador\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\spyhunter.lnk
ELIMINÉ: c:\windows\syswow64\drivers\gbpndisrd.sys
ELIMINA REINICIAR: c:\program files\bonjour\mdnsresponder.exe
ELIMINA REINICIAR: c:\program files\enigma software group\spyhunter\sh4service.exe
ELIMINÉ Temporários windows (121) (1.822.394 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Recapitulativo ==========
14 : Chaves do Registo
7 : Valores do Registo
2 : Elementos dos dados do Registo
1 : Pastas
8 : Ficheiros
1 : Restauração Sistema

End of clean in 01mn 48s

========== Caminho do ficheiro do relatório ==========
C:\Users\Utilizador\AppData\Roaming\ZHP\ZHPFix[R1].txt - 06-04-2014 10:34:11 [3095]

por **Power Max** Dom 06 Abr 2014, 10:22

Abra novamente o ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

por JoseCarlos Dom 06 Abr 2014, 11:05

Power Max ,boa tarde!
Aqui está o resultado

~ Relatório do ZHPDiag v2014.4.6.3 - Nicolas Coolman (06-04-2014)
~ Iniciado por Utilizador (06-04-2014 14:52:57)
~ Endereço do Website : http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user

---\\ Navegadores Internet
MSIE: Internet Explorer v9.0.8112.16421 (Defaut)
GCIE: Google Chrome v33.0.1750.154

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 64-bit (Build 7600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
avast! Internet Security v9.0.2016
Microsoft Security Client PT-PT Language Pack v2.1.1116.0
Windows Defender W7

---\\ Softwares d'optimização do sistema
CCleaner v3.20 =>.Piriform Ltd

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
Adobe Reader XI
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 15 Stepping 6, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1022 MB (18% free)
System Restore: Activé (Enable)
System drive C: has 246 GB (82%) free of 298 GB

---\\ Modo de conexão ao sistema
~ Computer Name: TOSHIBAA100
~ User Name: Utilizador
~ All Users Names: Utilizador, Guest, Administrator,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Utilizador\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Utilizador\AppData\Roaming\
~ %Desktop% : C:\Users\Utilizador\Desktop\
~ %Favorites% : C:\Users\Utilizador\Favorites\
~ %LocalAppData% : C:\Users\Utilizador\AppData\Local\
~ %StartMenu% : C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 246 Go of 298 Go)
D: CD-ROM drive (Not Inserted)

---\\ Estado do Centro de Segurança do Windows
~ Security Center: 49 Legitimates Filtered in 00mn 00s

---\\ Pesquisa particular de ficheiros genéricos
[MD5.0862495E0C825893DB75EF44FAEA8E93] - (.Microsoft Corporation - Explorador do Windows.) (.26-02-2011 - 06:23:14.) -- C:\Windows\Explorer.exe [2870272]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicação de Arranque do Windows.) (.14-07-2009 - 01:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.A4F6142CABA82FB7293ECE5FF864B440] - (.Microsoft Corporation - Extensões da Internet para Win32.) (.22-02-2013 - 06:20:51.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.DA3E2A6FA9660CC75B471530CE88453A] - (.Microsoft Corporation - Aplicação de início de sessão do Windows.) (.28-10-2009 - 06:24:40.) -- C:\Windows\System32\Winlogon.exe [389632]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.14-07-2009 - 01:41:54.) -- C:\Windows\System32\sppcomapi.dll [231936]
[MD5.DB9D6C6B2CD95A9CA414D045B627422E] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28-12-2011 - 03:59:11.) -- C:\Windows\system32\Drivers\AFD.sys [499200]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14-07-2009 - 01:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13-07-2009 - 23:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13-07-2009 - 23:19:54.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9C253CE7311CA60FC11C774692A13208] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.27-04-2011 - 02:57:40.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.14-07-2009 - 00:06:13.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Controlador de porta i8042.) (.13-07-2009 - 23:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14-07-2009 - 00:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.040D62A9D8AD28922632137ACDD984F2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.04-05-2011 - 02:51:08.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157696]
[MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.13-07-2009 - 23:21:29.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
[MD5.9A6089B056EA1B83B36424FC9D0A300E] - (.Microsoft Corporation - Controlador de Sistema de Ficheiros NT.) (.12-04-2013 - 14:36:37.) -- C:\Windows\system32\Drivers\ntfs.sys [1653096]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Controlador de porta paralela.) (.14-07-2009 - 00:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14-07-2009 - 00:10:12.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
[MD5.9706B84DBABFC4B4CA46C5A82B14DFA3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.14-07-2009 - 00:18:02.) -- C:\Windows\system32\Drivers\rdpdr.sys [165376]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14-07-2009 - 00:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.13-07-2009 - 23:21:15.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
[MD5.9E425AC5C9A5A973273D169F43B4F5E1] - (.Microsoft Corporation - Controlador de cópia sombra do volume.) (.06-09-2012 - 17:38:18.) -- C:\Windows\system32\Drivers\volsnap.sys [295792]
~ Generic Processes: Scanned in 00mn 06s

---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/18
~ Mes musiques (My Musics) : 1/8
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/22
~ Mes Documents (My Documents) : 1/2482
~ Mon Bureau (My Desktop) : 10/389
~ Menu demarrer (Programs) : 1/34
~ Hidden Files: Scanned in 00mn 12s

---\\ Processos lançados
[MD5.4BFA1849DC7AA3CB99C160D9EB96C67B] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640] [PID.3400]
[MD5.CA1EA5BC13E3820624669E8871EA6DFC] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\Utilizador\AppData\Roaming\Dropbox\bin\Dropbox.exe [32667896] [PID.3544]
[MD5.3A924B200D86590D2C83214CEBFA9742] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859976] [PID.3688]
[MD5.4456B06D9E1340C39017EA98DA6436A0] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8184320] [PID.3640]
[MD5.B99C37364701D19F2B5C0A0E1ECCDB80] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe [519720] [PID.800]
[MD5.BEA8D0FA8805CC2E6BB49728166699C7] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1352]
[MD5.D58C10AFF2B5C09D615623A4DAC0E330] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe [109048] [PID.1544]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1624]
[MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.1652]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Instalador do Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [PID.3052]
~ Processes Running: Scanned in 00mn 07s

---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Utilizador\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)

---\\ Pasta de extensão do Google Chrome

~ Google Lines Browser: 17 Legitimates Filtered in 00mn 02s

---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbieh.dll
~ BHO: 3 Legitimates Filtered in 00mn 00s

---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: aTube Catcher.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Kobo.lnk . (...) -- C:\Program Files (x86)\Kobo\Kobo.exe
O4 - GS\Desktop [Public]: Video Search.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\QuickLaunch [Utilizador]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Utilizador]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Utilizador]: Upgrade to Paltalk Extreme.lnk - Chave orfã
O4 - GS\QuickLaunch [Utilizador]: Viber.lnk . (...) -- C:\Users\Utilizador\AppData\Local\Viber\Viber.exe
O4 - GS\QuickLaunch [Utilizador]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Utilizador\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [Utilizador]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Utilizador]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Utilizador]: Viber.lnk . (...) -- C:\Users\Utilizador\AppData\Local\Viber\Viber.exe
O4 - GS\TaskBar [Utilizador]: ZON NET MOBILE.lnk . (...) -- C:\Program Files (x86)\ZON NET MOBILE\UIMain.exe
O4 - GS\Program [Utilizador]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [Utilizador]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [Utilizador]: Viber.lnk . (...) -- C:\Users\Utilizador\AppData\Local\Viber\Viber.exe
O4 - GS\SystemTools [Utilizador]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Utilizador]: Documentos - Atalho.lnk . (...) -- C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms
O4 - GS\Desktop [Utilizador]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Utilizador\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\QuickLaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Guest]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Guest]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [Guest]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [Guest]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Guest]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Guest]: FacebookPasswordDecryptor.lnk . (.SecurityXploded - All-in-one Facebook Password Recovery Softw.) -- C:\Program Files (x86)\SecurityXploded\FacebookPasswordDecryptor\FacebookPasswordDecryptor.exe
~ Global Startup: 92 Legitimates Filtered in 00mn 17s

---\\ Aplicações iniciadas por registo & pastas (04)
O4 - GS\Startup [Utilizador]: Dropbox.lnk . (.Dropbox, Inc. - Dropbox.) -- C:\Users\Utilizador\AppData\Roaming\Dropbox\bin\Dropbox.exe =>.Dropbox
O4 - GS\Startup [Guest]: Uninstall Webroot RunOnce.lnk . (.Webroot Software, Inc. - Webroot Installer.) -- C:\Program Files (x86)\Common Files\wruninstall.exe
O4 - HKCU\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKUS\S-1-5-21-3136738229-3321464536-2784466607-1000\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
~ Application: Scanned in 00mn 00s

---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{EE7A8BE6-057B-4CCA-BAB4-23EEBDAFB2B1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{F92DB7FD-987A-4D9A-814E-E9018FA08010}: DhcpNameServer = 77.234.40.79
O17 - HKLM\System\CS1\Services\Tcpip\..\{EE7A8BE6-057B-4CCA-BAB4-23EEBDAFB2B1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{F92DB7FD-987A-4D9A-814E-E9018FA08010}: DhcpNameServer = 77.234.40.79
O17 - HKLM\System\CS2\Services\Tcpip\..\{EE7A8BE6-057B-4CCA-BAB4-23EEBDAFB2B1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{F92DB7FD-987A-4D9A-814E-E9018FA08010}: DhcpNameServer = 77.234.40.79
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s

---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
~ Services: 8 Legitimates Filtered in 00mn 12s

---\\ Software instalados (042)
O42 - Logiciel: ZON NET MOBILE - (...) [HKLM][64Bits] -- {93D34EE3-99B3-4DB1-8B0A-0A657466F90D}
~ Logic: 6 Legitimates Filtered in 00mn 00s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\BancoBest]
[HKCU\Software\PTEID]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
~ Key Software: 189 Legitimates Filtered in 00mn 00s

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 05-08-2012 - 22:49:50 - [0] ----D C:\Program Files (x86)\BancoBest
O43 - CFD: 17-03-2014 - 13:58:58 - [0] ----D C:\Program Files (x86)\DriverUpdate
O43 - CFD: 02-04-2014 - 02:04:55 - [19,629] ----D C:\Program Files (x86)\ZON NET MOBILE
O43 - CFD: 03-08-2012 - 18:11:55 - [0] ----D C:\Users\Utilizador\AppData\Roaming\BancoBest
O43 - CFD: 03-08-2012 - 18:11:45 - [0,103] ----D C:\Users\Utilizador\AppData\Local\BancoBest
O43 - CFD: 06-03-2014 - 13:13:35 - [0,407] ----D C:\Users\Utilizador\AppData\Local\BeAnywhere Support Express
O43 - CFD: 11-12-2013 - 16:39:36 - [13,226] ----D C:\Users\Utilizador\AppData\Local\lptmp1402949683
O43 - CFD: 11-01-2014 - 16:07:32 - [7,478] ----D C:\Users\Utilizador\AppData\Local\lptmp890397290
O43 - CFD: 13-03-2014 - 02:06:43 - [0] -SH-D C:\Users\Utilizador\AppData\Local\ms-drivers
~ Program Folder: 168 Legitimates Filtered in 00mn 32s

---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.3CF3D4A45CC2AF973DBC30EC8D33252B] - 05-04-2014 - 20:32:17 ---A- . (...) -- C:\Windows\system.ini [215]
O44 - LFC:[MD5.C9FFD23F9ED7F6FFDCB9C54BC1149191] - 05-04-2014 - 20:37:30 ---A- . (...) -- C:\ComboFix.txt [20920]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 05-04-2014 - 21:13:38 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.951970B9A9FCD9494A5054F20E085619] - 05-04-2014 - 21:46:31 ---A- . (...) -- C:\zoek-results.log [18697]
O44 - LFC:[MD5.ACBF9DA6EE3F6A82EABF2A43008E45EA] - 31-03-2014 - 18:52:17 ---A- . (...) -- C:\Windows\System32\prfc0816.dat [152656]
O44 - LFC:[MD5.7BA6C05D4CC77D7D5533A2284F5A00A8] - 31-03-2014 - 18:52:17 ---A- . (...) -- C:\Windows\System32\prfh0816.dat [721734]
~ Files: 22 Legitimates Filtered in 02mn 20s

---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Utilizador\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ SMSR Keys: 1 Legitimates Filtered in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s

---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.8D4B8BF93C65BDBC133B20706A3B5208] - 05-04-2014 - 19:17:59 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O58 - SDL:[MD5.F87990FDBDD4DC037343A80BD7E67538] - 13-01-2014 - 12:59:33 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\aswTap.sys [44640]
O58 - SDL:[MD5.0606875650850B0697D662934529F6FC] - 05-04-2014 - 19:17:59 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [208928]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14-07-2009 - 01:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.3B32CAA07D672F8A2E0DF5CB3A873F45] - 22-06-2012 - 11:01:32 ---A- . (...) -- C:\Windows\System32\Drivers\EsgScanner.sys [22704]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10-06-2009 - 20:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14-07-2009 - 01:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.2E3ACFDA0B792707C59B307ABB6A6E95] - 17-03-2014 - 12:24:34 ---A- . (...) -- C:\Windows\System32\Drivers\SWDUMon.sys [16152]
O58 - SDL:[MD5.2A6F99C1E2D25C4C920A37E07BB26291] - 16-10-2013 - 01:44:42 ---A- . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\Drivers\taphss6.sys [42184]
O58 - SDL:[MD5.8F866DF9A974BFFDCB2001D303BC0695] - 08-05-2013 - 12:52:48 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpkm.sys [49536]
~ Drivers: 19 Legitimates Filtered in 00mn 07s

---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
~ FASS Keys: 13 Legitimates Filtered in 00mn 01s

---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Not Key.)
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.DF06DC5837316EA78746E3F790A950ED] [SPRF][15-03-2014] (...) -- C:\Users\Utilizador\Desktop\adwcleaner.exe [1950720]
[MD5.FEE1D58C6AD73F25EB0DAD4F690560AD] [SPRF][22-02-2014] (.Facebook Inc. - Setup.) -- C:\Users\Utilizador\Desktop\FacebookVideoCallSetup_v1.2.205.0.exe [501248]
[MD5.972032F9CA03B3DA1EF34E3E9BD43F71] [SPRF][17-03-2014] (.FLVMPlayer - FLV Media Player Setup.) -- C:\Users\Utilizador\Desktop\FLVMPlayer.exe [4953944]
[MD5.348AD296FA2A5E0CCF6EE5CB13BBEFAB] [SPRF][17-03-2014] (.Appsinstaller - Application Installer.) -- C:\Users\Utilizador\Desktop\FLV_Media_Player.exe [299280]
[MD5.916EA7F9B2882A6E955DF42D6B037934] [SPRF][17-03-2014] (.BitTorrent Inc. - µTorrent.) -- C:\Users\Utilizador\Desktop\uTorrent-2-.exe [1852496] =>P2P.BitTorrent
[MD5.E1E94652EB813EBC06C3867E0D3F5E03] [SPRF][12-12-2013] (.John Drew - Yagi Calculator Setup.) -- C:\Users\Utilizador\Desktop\yagisetup (1).exe [717209]
[MD5.2ED2319F3DE13495AAA49B70A1467055] [SPRF][05-04-2014] (...) -- C:\Users\Utilizador\Desktop\zoek.exe [1285120]
~ Files: 12 Legitimates Filtered in 00mn 03s

---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.BBCDC61C8AA8009FED0028798A761EE2] [WIS][17-08-2013] (.Skype Technologies S.A. - Skype Click to Call.) -- C:\Windows\Installer\1877aa5.msi [10502144]
~ WIS: 125 Legitimates Filtered in 00mn 27s

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 18-03-2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 17-02-2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 17-02-2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 14-07-2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Auto 23-10-2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe

SR - | Auto 21-12-2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 07-09-2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 05-04-2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 05-04-2014 109048 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 21-02-2014 519720 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
SR - | Auto 14-07-2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 14-07-2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 06-03-2009 364064 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe
SR - | Auto 14-07-2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Demand 10-07-1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14-07-2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 45s

---\\ Scâner Aditional (088)
Database Version : 13044 - (06-04-2014)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1

[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] =>P2P.BitTorrent^
C:\Users\Utilizador\Desktop\uTorrent-2-.exe =>P2P.BitTorrent^
~ Additionnel Scan: 212319 Items scanned in 01mn 06s

---\\ Sumário das deteções encontradas na sua estação
~ MSI: 0 link(s) detected in 00mn 00s

~ 1039 Legitimates filtered by white list
End of the scan (401 lines in 07mn 08s)(0)

por **Power Max** Dom 06 Abr 2014, 11:15

Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

Remover plugin do Banco do Brasil 772309

Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta

por JoseCarlos Dom 06 Abr 2014, 19:24

Max Power grato mais esta vez pela sua dedicação.Aqui está o resultado do que me pediu para fazer

Rapport de ZHPFix 2014.4.6.1 par Nicolas Coolman, Update du 06/04/2014
Fichier d'export Registre :
Run by Utilizador at 06-04-2014 23:19:26
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 64-bit (Build 7600)

Reciclagem vazia (00mn 04s)

========== Chaves do Registo ==========
ELIMINÉ: CLSID BHO: {C41A1C0E-EA6C-11D4-B1B8-444553540000}
ELIMINÉ: Service: GbpSv

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\program files (x86)\gbplugin\gbieh.dll
ELIMINA REINICIAR: c:\windows\syswow64\drivers\gbpkm.sys
ELIMINÉ Temporários windows (3) (41.984 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Recapitulativo ==========
2 : Chaves do Registo
1 : Pastas
4 : Ficheiros
1 : Restauração Sistema

End of clean in 01mn 34s

========== Caminho do ficheiro do relatório ==========
C:\Users\Utilizador\AppData\Roaming\ZHP\ZHPFix[R1].txt - 06-04-2014 09:34:11 [3180]
C:\Users\Utilizador\AppData\Roaming\ZHP\ZHPFix[R2].txt - 06-04-2014 23:19:31 [1086]

por **Power Max** Dom 06 Abr 2014, 19:29

Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e salve-o no Desktop (Área de Trabalho)

Obs: Ao acessar o link acima, clique no botão Download Now 64-Bit Version

*Execute o FRST e aceite o contrato

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Clique [Scan]

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Ao término clique [OK] > [OK]

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Serão criados dois relatórios no Desktop: FRST.txt e Addition.txt

Poste estes dois relatórios em sua próxima resposta. (Obs: se não couber em uma só resposta, pode dividi-la em mais postagens).

por JoseCarlos Dom 06 Abr 2014, 19:57

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Utilizador (administrator) on TOSHIBAA100 on 06-04-2014 23:54:30
Running from C:\Users\Utilizador\Downloads
Windows 7 Ultimate (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link for 64-Bit Version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc.) C:\Users\Utilizador\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\Utilizador\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-05] (AVAST Software)
Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
HKU\S-1-5-21-3136738229-3321464536-2784466607-1000\...\Run: [ccleaner] - C:\Program Files\CCleaner\CCleaner64.exe [5283680 2012-06-22] (Piriform Ltd)
HKU\S-1-5-21-3136738229-3321464536-2784466607-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall Webroot RunOnce.lnk
ShortcutTarget: Uninstall Webroot RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)
Startup: C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Utilizador\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA04945B8BC4FCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1582632 2014-02-21] (Banco do Brasil)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Utilizador\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-17]
CHR Extension: (Google Drive) - C:\Users\Utilizador\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-17]
CHR Extension: (YouTube) - C:\Users\Utilizador\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-17]
CHR Extension: (Pesquisa do Google) - C:\Users\Utilizador\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-17]
CHR Extension: (avast! Online Security) - C:\Users\Utilizador\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-17]
CHR Extension: (Google Wallet) - C:\Users\Utilizador\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-17]
CHR Extension: (Gmail) - C:\Users\Utilizador\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-05]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-05] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-04-05] (AVAST Software)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [519720 2014-02-21] (GAS Tecnologia)

==================== Drivers (Whitelisted) ====================

R1 44278511; C:\Windows\System32\DRIVERS\44278511.sys [157712 2009-09-25] (Kaspersky Lab)
R0 44278512; C:\Windows\System32\DRIVERS\44278512.sys [40464 2009-10-22] (Kaspersky Lab)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-04-05] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-05] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [445304 2014-04-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-05] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-05] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2014-01-13] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-05] ()
S3 catchme; No ImagePath
R3 E100B; C:\Windows\System32\DRIVERS\efe5b32e.sys [192256 2009-06-10] (Intel Corporation)
S3 esgiguard; No ImagePath
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2012-06-22] ()
S0 GbpKm; C:\Windows\SysWOW64\drivers\GbpKm.sys [49536 2013-05-08] (GAS Tecnologia)
R1 setup_9.0.0.722_22.04.2013_05-21drv; C:\Windows\System32\DRIVERS\4427851.sys [352784 2009-10-10] (Kaspersky Lab)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-03-17] ()
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-10-16] (Anchorfree Inc.)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-06 23:53 - 2014-04-06 23:53 - 02157056 _____ (Farbar) C:\Users\Utilizador\Downloads\FRST64 (1).exe
2014-04-06 23:45 - 2014-04-06 23:45 - 00000926 _____ () C:\Users\Utilizador\ComboFix - Atalho.lnk
2014-04-06 23:42 - 2014-04-06 23:42 - 00000056 _____ () C:\Windows\setupact.log
2014-04-06 23:42 - 2014-04-06 23:42 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-06 23:39 - 2014-04-06 23:39 - 00030219 _____ () C:\Users\Utilizador\Desktop\FRST1.txt
2014-04-06 23:38 - 2014-04-06 23:38 - 00025674 _____ () C:\Users\Utilizador\Desktop\Addition1.txt
2014-04-06 23:36 - 2014-04-06 23:37 - 00025674 _____ () C:\Users\Utilizador\Downloads\Addition.txt
2014-04-06 23:33 - 2014-04-06 23:54 - 00009406 _____ () C:\Users\Utilizador\Downloads\FRST.txt
2014-04-06 23:32 - 2014-04-06 23:54 - 00000000 ____D () C:\FRST
2014-04-06 23:30 - 2014-04-06 23:31 - 02157056 _____ (Farbar) C:\Users\Utilizador\Downloads\FRST64.exe
2014-04-06 23:21 - 2014-04-06 23:19 - 00001171 _____ () C:\Users\Utilizador\Desktop\ZHPFixReport.txt
2014-04-06 23:20 - 2014-04-06 23:20 - 00001171 _____ () C:\Users\Utilizador\Desktop\ZHPFix[R2]4.txt
2014-04-06 19:01 - 2014-04-06 19:01 - 00242059 _____ () C:\Users\Utilizador\Desktop\ZHPDiag3.txt
2014-04-06 15:35 - 2014-04-06 15:35 - 00242059 _____ () C:\Users\Utilizador\Desktop\ZHPDiag.txt
2014-04-06 15:34 - 2014-04-06 15:34 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2014-04-06 15:11 - 2014-04-06 15:11 - 00027390 _____ () C:\Users\Utilizador\Desktop\ZHPDiag2.txt
2014-04-06 14:52 - 2014-04-06 14:52 - 00003168 _____ () C:\Windows\System32\Tasks\{090D53FE-5DFE-4B01-8D01-B349B0F40E93}
2014-04-06 10:52 - 2014-04-06 23:40 - 00035389 _____ () C:\Windows\WindowsUpdate.log
2014-04-06 10:46 - 2014-04-06 10:46 - 00003196 _____ () C:\Windows\System32\Tasks\{4484B57A-3C80-43CF-A90B-B640234BD1A5}
2014-04-06 10:35 - 2014-04-06 10:35 - 00003180 _____ () C:\Users\Utilizador\Desktop\ZHPFix[R1]1.txt
2014-04-05 23:32 - 2014-04-05 23:32 - 00030577 _____ () C:\Users\Utilizador\Desktop\ZHPDiag1.txt
2014-04-05 23:18 - 2014-04-06 23:21 - 00000000 ____D () C:\Users\Utilizador\AppData\Roaming\ZHP
2014-04-05 23:18 - 2014-04-06 14:52 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-04-05 23:18 - 2014-04-06 14:51 - 00001991 _____ () C:\Users\Utilizador\Desktop\ZHPFix.lnk
2014-04-05 23:18 - 2014-04-06 14:51 - 00001864 _____ () C:\Users\Utilizador\Desktop\ZHPDiag.lnk
2014-04-05 23:17 - 2014-04-05 23:17 - 06863616 _____ (Nicolas Coolman ) C:\Users\Utilizador\Downloads\ZHPDiag2.exe
2014-04-05 23:16 - 2014-04-05 23:16 - 00018697 _____ () C:\Users\Utilizador\Desktop\zoek-results.txt
2014-04-05 23:16 - 2014-04-05 23:16 - 00002074 _____ () C:\Users\Utilizador\Desktop\JRT1.txt
2014-04-05 23:14 - 2014-04-05 23:14 - 00002074 _____ () C:\Users\Utilizador\Desktop\JRT.txt
2014-04-05 23:00 - 2014-04-05 23:00 - 00000000 ____D () C:\Windows\ERUNT
2014-04-05 22:58 - 2014-04-05 22:58 - 01038974 _____ (Thisisu) C:\Users\Utilizador\Downloads\JRT.exe
2014-04-05 22:43 - 2014-04-05 22:13 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-04-05 22:15 - 2014-04-05 22:46 - 00018697 _____ () C:\zoek-results.log
2014-04-05 22:13 - 2014-04-05 22:33 - 00000000 ____D () C:\zoek_backup
2014-04-05 22:12 - 2014-04-05 22:13 - 01285120 _____ () C:\Users\Utilizador\Desktop\zoek.exe
2014-04-05 21:37 - 2014-04-05 21:37 - 00020920 _____ () C:\ComboFix.txt
2014-04-05 21:13 - 2014-04-05 21:14 - 05193579 ____R (Swearware) C:\Users\Utilizador\Desktop\ComboFix.exe
2014-04-05 20:46 - 2014-04-06 23:44 - 00000000 ___RD () C:\Users\Utilizador\Documents\Dropbox
2014-04-05 20:46 - 2014-04-05 20:46 - 00001006 _____ () C:\Users\Utilizador\Desktop\Dropbox.lnk
2014-04-05 20:43 - 2014-04-05 20:46 - 00000000 ____D () C:\Users\Utilizador\AppData\Roaming\DropboxMaster
2014-04-05 20:42 - 2014-04-05 20:43 - 00000000 ____D () C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-05 20:17 - 2014-04-05 20:17 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-05 20:16 - 2014-04-05 20:16 - 00445304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-04-02 23:26 - 2014-04-02 23:26 - 00014479 _____ () C:\Users\Utilizador\Reclamação.htm
2014-04-02 23:26 - 2014-04-02 23:26 - 00000000 ____D () C:\Users\Utilizador\Reclamação_files
2014-03-30 01:12 - 2014-03-30 01:12 - 00000000 ____D () C:\Users\Utilizador\AppData\Roaming\Mozilla
2014-03-30 01:08 - 2014-03-30 01:09 - 00847856 _____ (Google Inc.) C:\Users\Utilizador\Desktop\GoogleVoiceAndVideoSetup.exe
2014-03-27 23:18 - 2014-03-27 23:24 - 00165888 _____ () C:\Users\Utilizador\Desktop\Melhores-taxas-de-juro-de-depósitos-a-prazo-Total41.xls
2014-03-23 23:23 - 2014-03-23 23:44 - 00013810 _____ () C:\Users\Utilizador\GESTÃO DO SKODA 2014.xlsx
2014-03-18 19:06 - 2014-03-18 19:06 - 00002122 _____ () C:\Users\Public\Desktop\Video Search.lnk
2014-03-18 19:06 - 2014-03-18 19:06 - 00001190 _____ () C:\Users\Public\Desktop\aTube Catcher.lnk
2014-03-18 19:05 - 2014-03-18 19:05 - 00000000 ____D () C:\Program Files (x86)\DsNET Corp
2014-03-18 19:02 - 2014-03-18 19:03 - 11928264 _____ (DsNET Corp) C:\Users\Utilizador\aTubeCatcher.exe
2014-03-18 00:47 - 2014-03-18 01:07 - 1464738954 _____ () C:\Users\Utilizador\Downloads\Baise-Moi.mkv
2014-03-17 13:24 - 2014-03-17 13:24 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2014-03-17 13:24 - 2014-03-17 13:24 - 00000000 ____D () C:\Users\Utilizador\AppData\Local\SlimWare Utilities Inc
2014-03-17 13:23 - 2014-03-17 13:58 - 00000000 ____D () C:\Program Files (x86)\DriverUpdate
2014-03-17 13:23 - 2014-03-17 13:23 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-03-17 11:30 - 2014-03-17 11:36 - 00000000 ____D () C:\Users\Utilizador\Downloads\We Are Explorers - 3D Printed Video
2014-03-17 11:29 - 2014-03-17 11:29 - 00000818 _____ () C:\Users\Utilizador\Desktop\µTorrent.lnk
2014-03-17 11:29 - 2014-03-17 11:29 - 00000798 _____ () C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-03-17 11:27 - 2014-03-19 23:36 - 00000000 ____D () C:\Users\Utilizador\AppData\Roaming\uTorrent
2014-03-17 11:24 - 2014-03-17 11:25 - 01852496 _____ (BitTorrent Inc.) C:\Users\Utilizador\Desktop\uTorrent-2-.exe
2014-03-17 10:09 - 2014-03-18 09:13 - 00001077 _____ () C:\Users\Public\Desktop\FLV Media Player.lnk
2014-03-17 10:09 - 2014-03-18 09:13 - 00000000 ____D () C:\Program Files (x86)\FLV Media Player
2014-03-17 10:01 - 2014-03-17 10:01 - 04953944 _____ (FLVMPlayer ) C:\Users\Utilizador\Desktop\FLVMPlayer.exe
2014-03-17 09:56 - 2014-03-17 09:57 - 00299280 _____ (Appsinstaller) C:\Users\Utilizador\FLV_Media_Player.exe
2014-03-15 01:01 - 2014-03-15 01:01 - 01950720 _____ () C:\Users\Utilizador\adwcleaner.exe
2014-03-13 23:21 - 2014-03-13 23:30 - 00000000 ____D () C:\Users\Utilizador\AppData\Roaming\PFStaticIP
2014-03-13 23:21 - 2014-03-13 23:21 - 00000000 ____D () C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portforward.com
2014-03-13 02:06 - 2014-03-13 12:16 - 00000000 ____D () C:\Users\Utilizador\AppData\Local\MetaGeek,_LLC
2014-03-13 02:06 - 2014-03-13 02:06 - 00000037 ___SH () C:\Users\Utilizador\AppData\Local\70149b02515b3bb20dd492.47983420
2014-03-13 02:06 - 2014-03-13 02:06 - 00000000 ____D () C:\Users\Utilizador\AppData\Local\IsolatedStorage
2014-03-11 12:26 - 2014-03-11 12:26 - 00000000 ____D () C:\Users\Utilizador\AppData\Local\Skype
2014-03-09 01:50 - 2014-03-09 01:51 - 00118149 _____ () C:\Users\Utilizador\Downloads\wmpChrome (3).crx

==================== One Month Modified Files and Folders =======

2014-04-06 23:55 - 2014-04-06 23:33 - 00009406 _____ () C:\Users\Utilizador\Downloads\FRST.txt
2014-04-06 23:54 - 2014-04-06 23:32 - 00000000 ____D () C:\FRST
2014-04-06 23:53 - 2014-04-06 23:53 - 02157056 _____ (Farbar) C:\Users\Utilizador\Downloads\FRST64 (1).exe
2014-04-06 23:48 - 2014-04-06 10:52 - 00035389 _____ () C:\Windows\WindowsUpdate.log
2014-04-06 23:48 - 2013-11-28 02:33 - 00000000 ____D () C:\Users\Utilizador\Desktop\X_Receitas
2014-04-06 23:47 - 2012-06-21 10:50 - 00000000 ____D () C:\Users\Utilizador
2014-04-06 23:47 - 2009-07-14 05:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-06 23:47 - 2009-07-14 05:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-06 23:45 - 2014-04-06 23:45 - 00000926 _____ () C:\Users\Utilizador\ComboFix - Atalho.lnk
2014-04-06 23:44 - 2014-04-05 20:46 - 00000000 ___RD () C:\Users\Utilizador\Documents\Dropbox
2014-04-06 23:44 - 2012-07-14 21:56 - 00000000 ____D () C:\Users\Utilizador\AppData\Roaming\Dropbox
2014-04-06 23:42 - 2014-04-06 23:42 - 00000056 _____ () C:\Windows\setupact.log
2014-04-06 23:42 - 2014-04-06 23:42 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-06 23:42 - 2013-04-05 23:50 - 00016384 _____ () C:\Windows\system32\Ikeext.etl
2014-04-06 23:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-06 23:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2014-04-06 23:39 - 2014-04-06 23:39 - 00030219 _____ () C:\Users\Utilizador\Desktop\FRST1.txt
2014-04-06 23:38 - 2014-04-06 23:38 - 00025674 _____ () C:\Users\Utilizador\Desktop\Addition1.txt
2014-04-06 23:37 - 2014-04-06 23:36 - 00025674 _____ () C:\Users\Utilizador\Downloads\Addition.txt
2014-04-06 23:35 - 2013-12-23 00:20 - 00000000 ____D () C:\Users\Utilizador\Desktop\Anti
2014-04-06 23:31 - 2014-04-06 23:30 - 02157056 _____ (Farbar) C:\Users\Utilizador\Downloads\FRST64.exe
2014-04-06 23:21 - 2014-04-05 23:18 - 00000000 ____D () C:\Users\Utilizador\AppData\Roaming\ZHP
2014-04-06 23:20 - 2014-04-06 23:20 - 00001171 _____ () C:\Users\Utilizador\Desktop\ZHPFix[R2]4.txt
2014-04-06 23:19 - 2014-04-06 23:21 - 00001171 _____ () C:\Users\Utilizador\Desktop\ZHPFixReport.txt
2014-04-06 19:01 - 2014-04-06 19:01 - 00242059 _____ () C:\Users\Utilizador\Desktop\ZHPDiag3.txt
2014-04-06 15:35 - 2014-04-06 15:35 - 00242059 _____ () C:\Users\Utilizador\Desktop\ZHPDiag.txt
2014-04-06 15:34 - 2014-04-06 15:34 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2014-04-06 15:11 - 2014-04-06 15:11 - 00027390 _____ () C:\Users\Utilizador\Desktop\ZHPDiag2.txt
2014-04-06 14:52 - 2014-04-06 14:52 - 00003168 _____ () C:\Windows\System32\Tasks\{090D53FE-5DFE-4B01-8D01-B349B0F40E93}
2014-04-06 14:52 - 2014-04-05 23:18 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-04-06 14:51 - 2014-04-05 23:18 - 00001991 _____ () C:\Users\Utilizador\Desktop\ZHPFix.lnk
2014-04-06 14:51 - 2014-04-05 23:18 - 00001864 _____ () C:\Users\Utilizador\Desktop\ZHPDiag.lnk
2014-04-06 10:46 - 2014-04-06 10:46 - 00003196 _____ () C:\Windows\System32\Tasks\{4484B57A-3C80-43CF-A90B-B640234BD1A5}
2014-04-06 10:35 - 2014-04-06 10:35 - 00003180 _____ () C:\Users\Utilizador\Desktop\ZHPFix[R1]1.txt
2014-04-06 10:23 - 2014-01-13 14:00 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-05 23:32 - 2014-04-05 23:32 - 00030577 _____ () C:\Users\Utilizador\Desktop\ZHPDiag1.txt
2014-04-05 23:17 - 2014-04-05 23:17 - 06863616 _____ (Nicolas Coolman ) C:\Users\Utilizador\Downloads\ZHPDiag2.exe
2014-04-05 23:16 - 2014-04-05 23:16 - 00018697 _____ () C:\Users\Utilizador\Desktop\zoek-results.txt
2014-04-05 23:16 - 2014-04-05 23:16 - 00002074 _____ () C:\Users\Utilizador\Desktop\JRT1.txt
2014-04-05 23:14 - 2014-04-05 23:14 - 00002074 _____ () C:\Users\Utilizador\Desktop\JRT.txt
2014-04-05 23:00 - 2014-04-05 23:00 - 00000000 ____D () C:\Windows\ERUNT
2014-04-05 22:58 - 2014-04-05 22:58 - 01038974 _____ (Thisisu) C:\Users\Utilizador\Downloads\JRT.exe
2014-04-05 22:46 - 2014-04-05 22:15 - 00018697 _____ () C:\zoek-results.log
2014-04-05 22:33 - 2014-04-05 22:13 - 00000000 ____D () C:\zoek_backup
2014-04-05 22:13 - 2014-04-05 22:43 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-04-05 22:13 - 2014-04-05 22:12 - 01285120 _____ () C:\Users\Utilizador\Desktop\zoek.exe
2014-04-05 21:37 - 2014-04-05 21:37 - 00020920 _____ () C:\ComboFix.txt
2014-04-05 21:37 - 2013-04-22 00:14 - 00000000 ____D () C:\Qoobox
2014-04-05 21:32 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-05 21:14 - 2014-04-05 21:13 - 05193579 ____R (Swearware) C:\Users\Utilizador\Desktop\ComboFix.exe
2014-04-05 21:11 - 2013-04-21 01:13 - 00000000 ____D () C:\Users\Utilizador\Downloads\backups
2014-04-05 21:05 - 2014-02-13 13:44 - 00006651 _____ () C:\Users\Utilizador\Downloads\hijackthis.log
2014-04-05 20:46 - 2014-04-05 20:46 - 00001006 _____ () C:\Users\Utilizador\Desktop\Dropbox.lnk
2014-04-05 20:46 - 2014-04-05 20:43 - 00000000 ____D () C:\Users\Utilizador\AppData\Roaming\DropboxMaster
2014-04-05 20:45 - 2012-06-21 10:51 - 00000000 ___RD () C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-05 20:43 - 2014-04-05 20:42 - 00000000 ____D () C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-05 20:23 - 2014-01-29 11:36 - 00001972 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-04-05 20:18 - 2014-01-13 14:00 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-04-05 20:17 - 2014-04-05 20:17 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-05 20:17 - 2014-01-29 11:33 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-04-05 20:17 - 2014-01-13 14:00 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-05 20:17 - 2014-01-13 14:00 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-05 20:17 - 2014-01-13 14:00 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-05 20:17 - 2014-01-13 14:00 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-05 20:17 - 2014-01-13 14:00 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-05 20:17 - 2014-01-13 13:59 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-05 20:17 - 2014-01-13 13:59 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-05 20:16 - 2014-04-05 20:16 - 00445304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-04-05 01:10 - 2014-01-29 11:36 - 00002032 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-04-05 00:45 - 2012-07-03 10:50 - 00000000 ____D () C:\Program Files (x86)\HP
2014-04-05 00:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-05 00:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-04-05 00:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-04-05 00:28 - 2012-08-16 12:56 - 00000000 ____D () C:\Users\Guest
2014-04-05 00:15 - 2012-07-03 10:47 - 00008526 _____ () C:\ProgramData\hpzinstall.log
2014-04-04 12:36 - 2013-08-26 21:57 - 00000000 ____D () C:\AdwCleaner
2014-04-04 12:17 - 2013-12-23 00:23 - 00000000 ____D () C:\Users\Utilizador\Imagens
2014-04-03 23:33 - 2012-07-03 10:47 - 00000000 ____D () C:\ProgramData\HP
2014-04-02 23:26 - 2014-04-02 23:26 - 00014479 _____ () C:\Users\Utilizador\Reclamação.htm
2014-04-02 23:26 - 2014-04-02 23:26 - 00000000 ____D () C:\Users\Utilizador\Reclamação_files
2014-04-02 02:04 - 2013-02-26 09:23 - 00000000 ____D () C:\Program Files (x86)\ZON NET MOBILE
2014-03-31 19:52 - 2012-06-21 11:22 - 00721734 _____ () C:\Windows\system32\prfh0816.dat
2014-03-31 19:52 - 2012-06-21 11:22 - 00152656 _____ () C:\Windows\system32\prfc0816.dat
2014-03-31 19:52 - 2009-07-14 06:13 - 01656832 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-31 02:53 - 2013-01-25 11:01 - 00000000 ____D () C:\Users\Utilizador\AppData\Roaming\Skype
2014-03-30 01:12 - 2014-03-30 01:12 - 00000000 ____D () C:\Users\Utilizador\AppData\Roaming\Mozilla
2014-03-30 01:12 - 2012-06-30 09:37 - 00000000 ____D () C:\Users\Utilizador\AppData\Local\Google
2014-03-30 01:09 - 2014-03-30 01:08 - 00847856 _____ (Google Inc.) C:\Users\Utilizador\Desktop\GoogleVoiceAndVideoSetup.exe
2014-03-27 23:24 - 2014-03-27 23:18 - 00165888 _____ () C:\Users\Utilizador\Desktop\Melhores-taxas-de-juro-de-depósitos-a-prazo-Total41.xls
2014-03-23 23:44 - 2014-03-23 23:23 - 00013810 _____ () C:\Users\Utilizador\GESTÃO DO SKODA 2014.xlsx
2014-03-19 23:36 - 2014-03-17 11:27 - 00000000 ____D () C:\Users\Utilizador\AppData\Roaming\uTorrent
2014-03-19 10:52 - 2013-08-04 03:34 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 10:47 - 2012-06-21 13:25 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-18 19:32 - 2013-12-21 00:42 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-18 19:32 - 2013-12-21 00:42 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-18 19:06 - 2014-03-18 19:06 - 00002122 _____ () C:\Users\Public\Desktop\Video Search.lnk
2014-03-18 19:06 - 2014-03-18 19:06 - 00001190 _____ () C:\Users\Public\Desktop\aTube Catcher.lnk
2014-03-18 19:05 - 2014-03-18 19:05 - 00000000 ____D () C:\Program Files (x86)\DsNET Corp
2014-03-18 19:03 - 2014-03-18 19:02 - 11928264 _____ (DsNET Corp) C:\Users\Utilizador\aTubeCatcher.exe
2014-03-18 09:13 - 2014-03-17 10:09 - 00001077 _____ () C:\Users\Public\Desktop\FLV Media Player.lnk
2014-03-18 09:13 - 2014-03-17 10:09 - 00000000 ____D () C:\Program Files (x86)\FLV Media Player
2014-03-18 09:04 - 2012-06-21 17:52 - 00000000 ____D () C:\Users\Utilizador\AppData\Local\Windows Live
2014-03-18 01:07 - 2014-03-18 00:47 - 1464738954 _____ () C:\Users\Utilizador\Downloads\Baise-Moi.mkv
2014-03-17 21:22 - 2009-07-14 06:08 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-17 21:22 - 2009-07-14 06:08 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU(84).TXT
2014-03-17 13:58 - 2014-03-17 13:23 - 00000000 ____D () C:\Program Files (x86)\DriverUpdate
2014-03-17 13:24 - 2014-03-17 13:24 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2014-03-17 13:24 - 2014-03-17 13:24 - 00000000 ____D () C:\Users\Utilizador\AppData\Local\SlimWare Utilities Inc
2014-03-17 13:23 - 2014-03-17 13:23 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-03-17 11:36 - 2014-03-17 11:30 - 00000000 ____D () C:\Users\Utilizador\Downloads\We Are Explorers - 3D Printed Video
2014-03-17 11:29 - 2014-03-17 11:29 - 00000818 _____ () C:\Users\Utilizador\Desktop\µTorrent.lnk
2014-03-17 11:29 - 2014-03-17 11:29 - 00000798 _____ () C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-03-17 11:25 - 2014-03-17 11:24 - 01852496 _____ (BitTorrent Inc.) C:\Users\Utilizador\Desktop\uTorrent-2-.exe
2014-03-17 10:01 - 2014-03-17 10:01 - 04953944 _____ (FLVMPlayer ) C:\Users\Utilizador\Desktop\FLVMPlayer.exe
2014-03-17 09:57 - 2014-03-17 09:56 - 00299280 _____ (Appsinstaller) C:\Users\Utilizador\FLV_Media_Player.exe
2014-03-17 08:54 - 2013-09-14 02:15 - 00000000 ____D () C:\ProgramData\GbPlugin
2014-03-17 08:54 - 2013-09-14 02:15 - 00000000 ____D () C:\Program Files (x86)\GbPlugin
2014-03-16 11:29 - 2013-09-14 02:16 - 00010266 _____ () C:\Windows\SysWOW64\Drivers\ndisrd.cat
2014-03-16 11:29 - 2013-09-14 02:16 - 00001402 _____ () C:\Windows\SysWOW64\Drivers\gas.cer
2014-03-15 19:07 - 2014-02-17 23:23 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-15 01:01 - 2014-03-15 01:01 - 01950720 _____ () C:\Users\Utilizador\adwcleaner.exe
2014-03-13 23:30 - 2014-03-13 23:21 - 00000000 ____D () C:\Users\Utilizador\AppData\Roaming\PFStaticIP
2014-03-13 23:21 - 2014-03-13 23:21 - 00000000 ____D () C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portforward.com
2014-03-13 12:16 - 2014-03-13 02:06 - 00000000 ____D () C:\Users\Utilizador\AppData\Local\MetaGeek,_LLC
2014-03-13 02:06 - 2014-03-13 02:06 - 00000037 ___SH () C:\Users\Utilizador\AppData\Local\70149b02515b3bb20dd492.47983420
2014-03-13 02:06 - 2014-03-13 02:06 - 00000000 ____D () C:\Users\Utilizador\AppData\Local\IsolatedStorage
2014-03-12 10:25 - 2012-06-21 16:28 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-12 10:25 - 2012-06-21 16:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 10:00 - 2012-06-21 16:05 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-11 12:26 - 2014-03-11 12:26 - 00000000 ____D () C:\Users\Utilizador\AppData\Local\Skype
2014-03-11 12:26 - 2013-01-25 11:00 - 00000000 ____D () C:\ProgramData\Skype
2014-03-11 12:25 - 2013-03-10 18:26 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-09 01:51 - 2014-03-09 01:50 - 00118149 _____ () C:\Users\Utilizador\Downloads\wmpChrome (3).crx

Files to move or delete:
====================
C:\Users\Utilizador\adwcleaner.exe
C:\Users\Utilizador\aTubeCatcher.exe
C:\Users\Utilizador\chromeinstall-7u51.exe
C:\Users\Utilizador\FLV_Media_Player.exe
C:\Users\Utilizador\MicrosoftFixit.wu.LB.27306334611135907.1.1.Run.exe

Some content of TEMP:
====================
C:\Users\Utilizador\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvnkf6m.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-03-30 01:01

==================== End Of Log ============================

por JoseCarlos Dom 06 Abr 2014, 20:04

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Utilizador at 2014-04-07 00:01:57
Running from C:\Users\Utilizador\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.0.30660 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
Actualização do Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0816-0000-0000000FF1CE}_ENTERPRISE_{CCDE3C71-5F35-477F-BA90-1A399C91C10C}) (Version: - Microsoft)
Actualização do Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0816-0000-0000000FF1CE}_ENTERPRISE_{CF0BC77F-1B63-44BF-BCFE-3A8CBB9077D1}) (Version: - Microsoft)
Actualização do Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0816-0000-0000000FF1CE}_ENTERPRISE_{A1A8C49E-BB40-4852-853E-B5A1F6BB2A3C}) (Version: - Microsoft)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.6610 - DsNET Corp)
avast! Internet Security (HKLM-x32\...\Avast) (Version: 9.0.2016 - Avast Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.20 - Piriform)
Complemento Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
CPUID CPU-Z 1.61 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
FLV Media Player version 1.3 (HKLM-x32\...\{0E08BAC8-845B-4327-8CDB-4B0F8C9857A5}_is1) (Version: 1.3 - FLVMPlayer)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{E121A4FE-009B-385B-BB0D-B934E2A88288}) (Version: 5.2.4.18058 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
HP Photosmart Wireless B110 All-In-One Driver 14.0 Rel. 7 (HKLM\...\{014E482A-0C27-47E3-BA82-307E9DCA2F47}) (Version: 14.0 - HP)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 3.2.1 - Kobo Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft Antimalware Service PT-PT Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Portuguese (Portugal)) 2007 (x32 Version: 12.0.4518.1029 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client PT-PT Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 140.0.212.000 - Hewlett-Packard) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PS_AIO_07_B110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
RegHunter (HKLM\...\{F94A63D7-9A61-403B-8F6F-90B1BF77211A}) (Version: 1.3.3.1613 - Enigma Software Group USA, LLC)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Scan (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype

6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SpyHunter (HKLM\...\{72AAF455-1E54-475B-B0AB-5413C78D0E63}) (Version: 4.16.5.4290 - Enigma Software Group USA, LLC)
Suporte para Aplicações Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.2.4.0 - Synaptics)
Toolbox (x32 Version: 140.0.424.000 - Hewlett-Packard) Hidden
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0816-0000-0000000FF1CE}_ENTERPRISE_{6A112399-633E-4C18-B796-0F175DC2F2F2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{EC1934B0-AE0F-4BBD-8955-54BB3247ED9E}) (Version: - Microsoft)
Viber (HKCU\...\Viber) (Version: 3.0.0.133634 - Viber Media Inc)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
ZHPDiag 2014 (HKLM-x32\...\ZHPDiag_is1) (Version: 2014 - Nicolas Coolman)
ZON NET MOBILE (HKLM-x32\...\{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}) (Version: 1.0.0.1 - )

==================== Restore Points =========================

22-03-2014 23:53:55 Device Driver Package Install: TAP-Windows Provider V9 Network adapters
25-03-2014 20:48:42 Windows Update
31-03-2014 02:24:08 Revo Uninstaller's restore point - Windows Media Player Firefox Plugin
02-04-2014 10:02:54 Windows Update
04-04-2014 23:20:52 Operação de Restauro
04-04-2014 23:30:12 avast! antivirus system restore point
04-04-2014 23:35:21 Operação de Restauro
04-04-2014 23:36:21 Device Driver Package Install: Avast Network Service
05-04-2014 00:03:23 avast! antivirus system restore point
05-04-2014 00:07:48 Windows Update
05-04-2014 19:14:50 avast! antivirus system restore point
05-04-2014 19:19:45 Device Driver Package Install: Avast Network Service
05-04-2014 21:15:59 zoek.exe restore point
06-04-2014 09:32:32 ZHPFix Restore System Point
06-04-2014 22:18:14 ZHPFix Restore System Point

==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-04-05 22:17 - 00000840 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {2DEE7B10-06EC-4B88-A1BB-3FB902F4BAD3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-05] (AVAST Software)
Task: {4533E05D-C03B-4CD1-B15F-C6DBDBDE71FD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {588F13FD-46F7-4A2E-A03E-8FA8E56652E9} - \BackgroundContainer Startup Task No Task File
Task: {970538B7-1B2C-42B8-B229-1E272D3181AD} - System32\Tasks\RegHunterStartup => C:\Program Files\Enigma Software Group\RegHunter\RegHunter.exe [2013-08-13] (Enigma Software Group USA, LLC.)

==================== Loaded Modules (whitelisted) =============

2014-04-06 10:26 - 2014-04-06 10:26 - 02189824 _____ () C:\Program Files\AVAST Software\Avast\defs\14040600\algo.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-13 13:59 - 2014-01-13 13:59 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-04-06 23:44 - 2014-04-06 23:44 - 00041984 _____ () C:\Users\Utilizador\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvnkf6m.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\Utilizador\AppData\Roaming\Dropbox\bin\libcef.dll
2014-03-15 19:07 - 2014-03-15 01:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-15 19:07 - 2014-03-15 01:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-15 19:07 - 2014-03-15 01:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-15 19:07 - 2014-03-15 01:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-15 19:07 - 2014-03-15 01:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-15 19:07 - 2014-03-15 01:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows\System32:4EC39D70_Bb.gbp

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: uTorrent => "C:\Users\Utilizador\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

==================== Faulty Device Manager Devices =============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Controlador de armazenamento em massa
Description: Controlador de armazenamento em massa
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet Professional P 1102w
Description: HP LaserJet Professional P 1102w
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (04/06/2014 11:51:21 AM) (Source: Microsoft-Windows-HAL) (User: )
Description: O firmware da plataforma danificou memória durante a transição anterior de energia do sistema. Verifique se existe firmware actualizado para o sistema.

Error: (04/06/2014 10:27:12 AM) (Source: Service Control Manager) (User: )
Description: O serviço HP Network Devices Support desligou-se ao iniciar.

Error: (04/06/2014 00:37:38 AM) (Source: Service Control Manager) (User: )
Description: O serviço Windows Time terminou com o seguinte erro:
%%1115

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2013-07-04 10:02:44.102
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-07-04 10:02:44.024
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-07-04 10:02:43.930
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-07-04 10:02:43.852
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-06-18 23:41:15.964
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-06-18 23:41:15.886
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-06-18 23:41:15.730
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-06-18 23:41:15.652
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-04-28 22:45:16.567
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-04-28 22:45:16.489
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Percentage of memory in use: 94%
Total physical RAM: 1022.05 MB
Available physical RAM: 58.99 MB
Total Pagefile: 2046.05 MB
Available Pagefile: 309.1 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.99 GB) (Free:247.85 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Cool

(Size: 298 GB) (Disk ID: A289A289)

Partition: GPT Partition Type.

==================== End Of Log ============================

por **Power Max** Dom 06 Abr 2014, 20:43

Baixe o arquivo fixlist.txt que está anexado nesta postagem e salve-o no mesmo lugar onde você deixou o FRST (Farbar) que é este local abaixo:
C:\Users\Utilizador\Downloads

Execute o FRST. Clique no botão Fix.

Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.

Selecione, copie e cole o conteúdo deste Fixlog.txt em sua próxima resposta.

por JoseCarlos Dom 06 Abr 2014, 21:18

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Utilizador at 2014-04-07 01:16:53 Run:1
Running from C:\Users\Utilizador\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1582632 2014-02-21] (Banco do Brasil)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [519720 2014-02-21] (GAS Tecnologia)
S0 GbpKm; C:\Windows\SysWOW64\drivers\GbpKm.sys [49536 2013-05-08] (GAS Tecnologia)
2014-03-17 08:54 - 2013-09-14 02:15 - 00000000 ____D () C:\ProgramData\GbPlugin
2014-03-17 08:54 - 2013-09-14 02:15 - 00000000 ____D () C:\Program Files (x86)\GbPlugin
2014-03-16 11:29 - 2013-09-14 02:16 - 00001402 _____ () C:\Windows\SysWOW64\Drivers\gas.cer
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Task: {588F13FD-46F7-4A2E-A03E-8FA8E56652E9} - \BackgroundContainer Startup Task No Task File
end
*****************

[804] C:\Program Files (x86)\GbPlugin\gbpsv.exe => Process closed successfully.
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ GbPluginBb => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C41A1C0E-EA6C-11D4-B1B8-444553540000} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{C41A1C0E-EA6C-11D4-B1B8-444553540000} => Key deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{E37CB5F0-51F5-4395-A808-5FA49E399F83} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{E37CB5F0-51F5-4395-A808-5FA49E399F83} => Key deleted successfully.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
GbpSv => Service stopped successfully.
GbpSv => Service deleted successfully.
GbpKm => Service deleted successfully.
C:\ProgramData\GbPlugin => Moved successfully.
C:\Program Files (x86)\GbPlugin => Moved successfully.
C:\Windows\SysWOW64\Drivers\gas.cer => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{588F13FD-46F7-4A2E-A03E-8FA8E56652E9} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{588F13FD-46F7-4A2E-A03E-8FA8E56652E9} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BackgroundContainer Startup Task => Key not found.

==== End of Fixlog ====

por **Power Max** Dom 06 Abr 2014, 21:22

Como está o PC após este procedimento? O plugin ainda aparece?

por JoseCarlos Dom 06 Abr 2014, 21:43

Power Max por agora você resolveu o meu problema.Muito obrigado.
No relatório dos erros no registro do ccleaner apareceu como erro este relatório e eu nem arrisquei corrigir receando que isso ponha repor o plugin. Que me diz? Faço a correcção?
Erro no ActiveX/COM Gbieh.GbIehObj - {C41A1C0E-EA6C-11D4-B1B8-444553540000} HKCR\Gbieh.GbIehObj
Erro no ActiveX/COM Gbieh.GbIehObj.1 - {C41A1C0E-EA6C-11D4-B1B8-444553540000} HKCR\Gbieh.GbIehObj.1
Erro no ActiveX/COM Gbieh.GbPluginObj - {E37CB5F0-51F5-4395-A808-5FA49E399F83} HKCR\Gbieh.GbPluginObj
Erro no ActiveX/COM Gbieh.GbPluginObj.1 - {E37CB5F0-51F5-4395-A808-5FA49E399F83} HKCR\Gbieh.GbPluginObj.1
Erro no ActiveX/COM InProcServer32\C:\Program Files (x86)\GbPlugin\gbieh.dll HKCR\CLSID\{98C11555-BC81-40aa-A053-DAADC5630000}
Chave de Software obsoleta ZebHelpProcess Helper HKCU\Software\ZebHelpProcess Helper
Referência MUI em falta C:\Users\Utilizador\Desktop\MicrosoftFixit.wu.LB.27306334611135907.1.1.Run.exe HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
Referência MUI em falta C:\Users\Utilizador\Desktop\chromeinstall-7u51.exe HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
Referência MUI em falta C:\Users\Utilizador\Desktop\FLV_Media_Player.exe HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
Referência MUI em falta C:\Users\Utilizador\Desktop\adwcleaner.exe HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache

por **Power Max** Dom 06 Abr 2014, 21:52

Este tutorial abaixo mostra como fazer a limpeza com o Ccleaner corretamente:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Aproveite e faça também uma limpeza com o PureRa:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Depois nos diga o resultado.

por JoseCarlos Dom 06 Abr 2014, 23:57

Power Max boa noite!
OBRIGADÂO pelo tanto que me deu.Me ajudou muito. Seu trabalho foi árduo demais. Tenho uma grande dívida.

por **Power Max** Ter 08 Abr 2014, 12:10

CASO RESOLVIDO

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.

por Conteúdo patrocinado

Remover plugin do Banco do Brasil

Remover plugin do Banco do Brasil

Re: Remover plugin do Banco do Brasil

(RESOLVIDO) Remover plugin do Banco do Brasil

Re: Remover plugin do Banco do Brasil

(RESOLVIDO) Remover plugin do Banco do Brasil

Re: Remover plugin do Banco do Brasil

Remover plugin do Banco do Brasil

Re: Remover plugin do Banco do Brasil

Re: Remover plugin do Banco do Brasil

(RESOLVIDO) Remover plugin do Banco do Brasil

Re: Remover plugin do Banco do Brasil

(RESOLVIDO) Remover plugin do Banco do Brasil

Re: Remover plugin do Banco do Brasil

Re: Remover plugin do Banco do Brasil

Re: Remover plugin do Banco do Brasil

(RESOLVIDO) Remover plugin do Banco do Brasil

Re: Remover plugin do Banco do Brasil

Re: Remover plugin do Banco do Brasil

Seg	Ter	Qua	Qui	Sex	Sáb	Dom
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31