Computador com vários itens desnecessários e potencialmente perigosos

por andreia1 Seg 07 Abr 2014, 15:50

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:44:08, on 07/04/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\firebird\bin\fbguard.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
c:\firebird\bin\fbserver.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Carlos\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Carlos\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Carlos\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Carlos\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Carlos\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Users\Carlos\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Carlos\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Carlos\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE
C:\Users\Carlos\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Carlos\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, enhanced for Bing and MSN
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2 - BHO: Mega Browse - {4e6cd411-ce62-4584-97ff-6afbcf6900af} - (no file)
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Firebird] c:\firebird\bin\fbguard.exe -a
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Carlos\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O8 - Extra context menu item: &Enviar para o OneNote - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: Adicionar ao Antibanner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: Teclado Virtual - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Verificação de URLs - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O23 - Service: ABBYY FineReader 11 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.11.0) - ABBYY - C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Serviço do Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 13360 bytes

por **Power Max** Seg 07 Abr 2014, 16:34

computador https - forumpcbrasil forumeiros com - Computador com vários itens desnecessários e potencialmente perigosos 648673379

Oi Andreia. Seja bem vinda ao Fórum PC Brasil.

computador https - forumpcbrasil forumeiros com - Computador com vários itens desnecessários e potencialmente perigosos 772309

computador https - forumpcbrasil forumeiros com - Computador com vários itens desnecessários e potencialmente perigosos 772309

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

por andreia1 Seg 07 Abr 2014, 16:57

# AdwCleaner v3.023 - Relatório criado 07/04/2014 às 16:38:19
# Atualizado 01/04/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate Service Pack 1 (64 bits)
# Usuário : Carlos - ANDREIA-PC
# Executando de : C:\Users\Carlos\Desktop\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\Program Files (x86)\Mega Browse
Pasta Deletada : C:\Users\Carlos\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
Pasta Deletada : C:\Users\Carlos\AppData\Roaming\DigitalSites
Arquivo Deletada : C:\Users\Carlos\AppData\Roaming\Mozilla\Firefox\Profiles\5zy3pgpo.default\searchplugins\Mysearchdial.xml
Arquivo Deletada : C:\Users\Carlos\AppData\Roaming\Mozilla\Firefox\Profiles\5zy3pgpo.default\user.js
Arquivo Deletada : C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage
Arquivo Deletada : C:\Windows\Tasks\Digital Sites.job
Arquivo Deletada : C:\Windows\System32\Tasks\Digital Sites

***** [ Atalhos ] *****

***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E6CD411-CE62-4584-97FF-6AFBCF6900AF}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Chave Deletedo : HKCU\Software\dsiteproducts
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\mysearchdial.com
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Jump Flip

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.16521

Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v28.0 (pt-BR)

[ Arquivo : C:\Users\Carlos\AppData\Roaming\Mozilla\Firefox\Profiles\5zy3pgpo.default\prefs.js ]

Linha deletada : user_pref("browser.search.order.1", "Mysearchdial");
Linha deletada : user_pref("extensions.mysearchdial.AL", 2);
Linha deletada : user_pref("extensions.mysearchdial.aflt", "dsites_14_12_ff");
Linha deletada : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Linha deletada : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzuyEzzyD0BtAzy0FyB0ByB0CtAtDtAtC0FtN0D0Tzu0SzztDzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StB0DtB0DyDzyyEtDtGtBtA0Dy[...]
Linha deletada : user_pref("extensions.mysearchdial.cntry", "BR");
Linha deletada : user_pref("extensions.mysearchdial.cr", "1357154428");
Linha deletada : user_pref("extensions.mysearchdial.dfltLng", "");
Linha deletada : user_pref("extensions.mysearchdial.dfltSrch", true);
Linha deletada : user_pref("extensions.mysearchdial.dnsErr", true);
Linha deletada : user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,3224935090,2597085128,18285[...]
Linha deletada : user_pref("extensions.mysearchdial.excTlbr", false);
Linha deletada : user_pref("extensions.mysearchdial.hdrMd5", "3E856F72F1C58457B0864FEE547D63E2");
Linha deletada : user_pref("extensions.mysearchdial.hmpg", true);
Linha deletada : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=dsites_14_12_ff&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzy0FyB0ByB0CtAtDtAtC0FtN0D0Tzu0SzztDzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutC[...]
Linha deletada : user_pref("extensions.mysearchdial.hpFFXOld", "[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Linha deletada : user_pref("extensions.mysearchdial.id", "485B39F7B7C3031F");
Linha deletada : user_pref("extensions.mysearchdial.instlDay", "16147");
Linha deletada : user_pref("extensions.mysearchdial.instlRef", "140305_b");
Linha deletada : user_pref("extensions.mysearchdial.lastB", "[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Linha deletada : user_pref("extensions.mysearchdial.lastVrsnTs", "1.8.29.016:40:40");
Linha deletada : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=dsites_14_12_ff&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzy0FyB0ByB0CtAtDtAtC0FtN0D0Tzu0SzztDzztN1L2XzutBtFtCzztFtBtFtDtN1L1Czu[...]
Linha deletada : user_pref("extensions.mysearchdial.pnu_base", "{\"newVrsn\":\"94\",\"lastVrsn\":\"94\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"true\",\"msgTs\":0,\"lstMsgTs\":\"0\"}");
Linha deletada : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Linha deletada : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Linha deletada : user_pref("extensions.mysearchdial.sg", "none");
Linha deletada : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Linha deletada : user_pref("extensions.mysearchdial.tlbrId", "base");
Linha deletada : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=dsites_14_12_ff&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzy0FyB0ByB0CtAtDtAtC0FtN0D0Tzu0SzztDzztN1L2XzutBtFtCzztFtBtFtDtN1L1C[...]
Linha deletada : user_pref("extensions.mysearchdial.vrsn", "1.8.29.0");
Linha deletada : user_pref("extensions.mysearchdial.vrsni", "1.8.29.0");
Linha deletada : user_pref("extensions.mysearchdial_i.newTab", false);
Linha deletada : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Linha deletada : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.29.016:40:40");

-\\ Google Chrome v

[ Arquivo : C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [7774 octets] - [07/04/2014 16:37:35]
AdwCleaner[S0].txt - [6519 octets] - [07/04/2014 16:38:19]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6579 octets] ##########

por **Power Max** Seg 07 Abr 2014, 17:17

Desative temporariamente seu antivírus para evitar conflitos.

Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

por andreia1 Seg 07 Abr 2014, 18:54

Segue anexo o log zoek.

por **Power Max** Ter 08 Abr 2014, 00:58

Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

por andreia1 Ter 08 Abr 2014, 07:00

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by Carlos on 08/04/2014 at 6:50:30,93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ FireFox

Emptied folder: C:\Users\Carlos\AppData\Roaming\mozilla\firefox\profiles\5zy3pgpo.default\minidumps [10 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08/04/2014 at 6:59:09,42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

por **Power Max** Ter 08 Abr 2014, 10:15

Como está o PC após estas limpezas?

por andreia1 Ter 08 Abr 2014, 15:50

O pc melhorou mas o mozila continua com travamentos.

por **Power Max** Ter 08 Abr 2014, 15:52

Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.

|- Execute o ícone do pergaminho. ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

por andreia1 Ter 08 Abr 2014, 16:19

~ Relatório do ZHPDiag v2014.4.8.11 - Nicolas Coolman (09/04/2014)
~ Iniciado por Carlos (08/04/2014 16:16:23)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user

---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.16521
MFIE: Mozilla Firefox 28.0 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Kaspersky Internet Security v14.0.0.4651
Malwarebytes Anti-Malware versão 1.75.0.1300
Windows Defender W7

---\\ Softwares d'optimização do sistema
CCleaner v4.10 =>.Piriform Ltd

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
Adobe Reader XI
Java 7 Update 25
Java 7 Update 45

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4086 MB (58% free)
System Restore: Activé (Enable)
System drive C: has 595 GB (85%) free of 699 GB

---\\ Modo de conexão ao sistema
~ Computer Name: ANDREIA-PC
~ User Name: Carlos
~ All Users Names: HomeGroupUser$, Convidado, Carlos, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Carlos\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Carlos\AppData\Roaming\
~ %Desktop% : C:\Users\Carlos\Desktop\
~ %Favorites% : C:\Users\Carlos\Favorites\
~ %LocalAppData% : C:\Users\Carlos\AppData\Local\
~ %StartMenu% : C:\Users\Carlos\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 595 Go of 699 Go)
D: CD-ROM drive (Not Inserted)
F: CD-ROM drive (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)

---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s

---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 03:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.DF79CE9B950C62677D232154E93A81C7] - (.Microsoft Corporation - Internet Extensions para Win32.) (.01/03/2014 - 00:10:28.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.21/11/2010 - 00:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.27/09/2013 - 22:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.12/04/2013 - 11:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 00:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s

---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/223
~ Mes musiques (My Musics) : 5/1536
~ Mes Videos (My Videos) : 1/11
~ Mes Favoris (My Favorites) : 1/23
~ Mes Documents (My Documents) : 4/943
~ Mon Bureau (My Desktop) : 4/98
~ Menu demarrer (Programs) : 1/43
~ Hidden Files: Scanned in 00mn 02s

---\\ Processos lançados
[MD5.DF552350CDC2AA39C01CE40612DF82A8] - (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528] [PID.2788]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.2800] =>Toolbar.Google
[MD5.15D2DB9BFA8E833ED31FAB2BB088FDDA] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128] [PID.1912]
[MD5.AF9975E9DF253F552F7725972CE93F07] - (.The Firebird Project - Firebird SQL Server.) -- c:\firebird\bin\fbserver.exe [1515599] [PID.3300]
[MD5.8E556A72D54F7E3B7844AB9217F02DD7] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.1800]
[MD5.CBA0013EBDE3F0B08B043F61857E9809] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.3620]
[MD5.497E84A1B6767142987A17574C57C04E] - (.Adobe Systems, Inc. - Adobe Flash Player 12.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe [1863560] [PID.4944]
[MD5.9ECCE6A982223E99A5E1BB1A92A7D075] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8203264] [PID.4368]
[MD5.F5456293D2604BCE2BEC07FC6186A341] - (.IObit - Advanced SystemCare Service.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881440] [PID.808]
[MD5.201BCF8550512C105BAC78E9FA401260] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe [452136] [PID.872]
[MD5.7546427637E4BDFFF6F0E53C39DD844B] - (.ABBYY - ABBYY network license server.) -- C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [819976] [PID.1596]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1888]
[MD5.BE531939BB6D153DB63DBBFBD398A713] - (.Microsoft Corporation - Updates Skype Click to Call.) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584] [PID.2020]
[MD5.33E9F08F675EF94633C8EF8A7C4EADF3] - (.Microsoft Corporation - Phone Number Recognition (PNR) module.) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608] [PID.1072]
[MD5.7E6B107120108B3A15BFECE0DE3201DB] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe [228744] [PID.2056]
[MD5.543A4EF0923BF70D126625B034EF25AF] - (.Protexis Inc. - PsiService PsiService.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [189728] [PID.2424]
[MD5.2B29FD3AF7B4FEB272CD1F6EEC8FE4BA] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [4915040] [PID.2552]
[MD5.E0E4A1F81A7D69C595A8A9DDAD084C19] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe [769432] [PID.724]
~ Processes Running: Scanned in 00mn 00s

---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\Carlos\AppData\Roaming\Mozilla\Firefox\Profiles\5zy3pgpo.default\prefs.js
M3 - MFPP: Plugins - [Carlos] -- C:\Users\Carlos\AppData\Roaming\Mozilla\Firefox\Profiles\5zy3pgpo.default\searchplugins\clikseguro.xml
M2 - MFEP: prefs.js [Carlos - 5zy3pgpo.default\ascsurfingprotection@iobit.com] [] Advanced SystemCare Surfing Protection v1.0 (..)
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Carlos\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll
~ Firefox Browser: 9 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
~ BHO: 23 Legitimates Filtered in 00mn 00s

---\\ Barras do Internet Explorer (03))
O3 - Toolbar: Bing Bar - [HKLM]{eec0f710-38b5-4aba-99bf-ec87564a4e13} . (.Microsoft Corporation. - Bing Client Extensions.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll =>Toolbar.Bing
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Chave orfã
~ Toolbar: Scanned in 00mn 00s

---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: aTube Catcher.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Desktop [Public]: Central de Soluções HP.lnk . (.Hewlett-Packard Company - hpqdirec.exe.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe
O4 - GS\Desktop [Public]: Curriculum 3.1.lnk . (.Alv Sites - Soluções Web - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -- C:\Program Files (x86)\Curriculum 3.1\Curriculum.exe
O4 - GS\Desktop [Public]: HP ePrintCenter - HP Officejet Pro 8600.lnk . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\HP\HP Officejet Pro 8600\ePrintCenterShortcut.url (.not file.) =>.Hewlett-Packard Co
O4 - GS\Desktop [Public]: HP Officejet Pro 8600.lnk . (...) -- C:\Program Files (x86)\HP\HP Officejet Pro 8600\Bin\HP Officejet Pro 8600.exe (.not file.) =>.Hewlett-Packard Co
O4 - GS\Desktop [Public]: IObit Uninstaller.lnk . (.IObit - IObit Uninstaller.) -- C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
O4 - GS\Desktop [Public]: Kaspersky Internet Security 2013.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus Launcher.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\starter_avp.exe
O4 - GS\Desktop [Public]: Media Player Classic.lnk . (.Gabest - Media Player Classic.) -- C:\Program Files (x86)\Real Alternative\Media Player Classic\mplayerc.exe
O4 - GS\Desktop [Public]: Recibo Grátis.lnk . (...) -- C:\Recibo\Recibo.exe
O4 - GS\Desktop [Public]: Video Search.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Registro OCR I.R.I.S..lnk . (.I.R.I.S. Image Recognition Integarted Syste - Registration Wizard.) -- C:\Program Files (x86)\HP\IrisOCR_12.3.4.0\regipe.exe
O4 - GS\QuickLaunch [Carlos]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Carlos]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Carlos]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Carlos]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Carlos]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Carlos]: Banca Segura.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus Launcher.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\starter_avp.exe
O4 - GS\Desktop [Carlos]: Dic Michaelis - UOL.LNK . (...) -- C:\Dic\WDIC\WDIC.exe
O4 - GS\Desktop [Carlos]: DVD Shrink 3.2.lnk . (.DVD Shrink - DVD Shrink 3.2.) -- C:\Program Files (x86)\DVD Shrink\DVD Shrink 3.2.exe
O4 - GS\Desktop [Carlos]: hermesNet.lnk . (.Hermes S/A - Sistema de digitação de pedidos para distri.) -- C:\SPE\spe.exe
O4 - GS\Desktop [Carlos]: Impress - Atalho.lnk . (...) -- C:\Users\Carlos\Teste de Cartuchos (IMPRESS)\Impress.exe
O4 - GS\Desktop [Carlos]: Sip - Atalho.lnk . (.Viablu Ind & Com Ltda - No Comment.) -- C:\SIP\Sip.exe
O4 - GS\Desktop [Carlos]: UnderCoverXP.lnk . (.Wicked & Wild Inc. - What Covers Do Ya Wanna Print Today?.) -- C:\Program Files (x86)\UnderCoverXP\UnderCoverXP.exe
~ Global Startup: 89 Legitimates Filtered in 00mn 01s

---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKLM\..\Wow6432Node\Run: [Firebird] . (.The Firebird Project - Firebird SQL Server.) -- c:\firebird\bin\fbguard.exe
O4 - HKLM\..\Wow6432Node\Run: [AVP] . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1914712712-4087923188-980834768-1001\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKUS\S-1-5-21-1914712712-4087923188-980834768-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
~ Application: Scanned in 00mn 00s

---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Teclado Virtual [64Bits] - {0C4CC089-D306-440D-9772-464E226F6539} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kbrd.ico
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
O9 - Extra button: Verificação de URLs [64Bits] - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\logo.ico
~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance: Scanned in 00mn 00s

---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{7F224BB8-FE28-46FC-A86D-01EBF1B54B8F}: DhcpNameServer = 192.168.1.1 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{7F224BB8-FE28-46FC-A86D-01EBF1B54B8F}: DhcpNameServer = 192.168.1.1 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{7F224BB8-FE28-46FC-A86D-01EBF1B54B8F}: DhcpNameServer = 192.168.1.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.0.1
~ Domain: Scanned in 00mn 00s

---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s

---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
~ Services: 12 Legitimates Filtered in 00mn 04s

---\\ Tarefas planificadas automaticamente (039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\DriverEasy Scheduled Scan.job [408]
[MD5.00000000000000000000000000000000] [APT] [DAP_Setup] (...) -- C:\Users\Carlos\AppData\Local\Temp\Stub\-1936702292\dap10_0d69bd2853_setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Speedbit SBW setup] (...) -- C:\Users\Carlos\AppData\Local\Temp\Stub\-1936702292\dap10_0d69bd2853_setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{19E899C2-0791-41C7-A3D0-0A064DC8C7B8}] (...) -- C:\Users\Carlos\Desktop\zoek.scr -d C:\Users\Carlos\Desktop -c \S (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{7674C1A4-34E6-4A97-94D9-F5E92E4A55CD}] (...) -- C:\Users\Carlos\Desktop\zoek.scr -d C:\Users\Carlos\Desktop -c \S (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{BE6096B7-05BF-4D29-A750-192E0B291AA0}] (...) -- C:\Users\Carlos\Desktop\zoek.com -d C:\Users\Carlos\Desktop (.not file.) [0]
~ Scheduled Task: 19 Legitimates Filtered in 00mn 02s

---\\ Software instalados (042)
O42 - Logiciel: Curriculum 3.1 versão 3.1.0.6 - (.Alv Sites - Soluções Web.) [HKLM][64Bits] -- {863A2C4E-047D-4137-BF99-57D21C1A1AC7}_is1
O42 - Logiciel: Dic Michaelis - UOL - (...) [HKLM][64Bits] -- WDIC
O42 - Logiciel: Mega Browse - (.Mega Browse.) [HKLM][64Bits] -- Mega Browse =>PUP.MegaBrowse
O42 - Logiciel: Recibo Grátis versão 1.3 - (.P5 Sistemas.) [HKLM][64Bits] -- {B231FA7F-4CB5-4C83-87DD-8C4D670CCF2C}_is1
O42 - Logiciel: SIP - Sistema Integrado de Pedidos Viablu v 1.4.0 - (...) [HKLM][64Bits] -- ST6UNST #1
O42 - Logiciel: SaveSense - (...) [HKCU][64Bits] -- SaveSense =>PUP.SaveSense
~ Logic: 29 Legitimates Filtered in 00mn 00s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\Amigo Mouse]
[HKCU\Software\AppWork]
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\GbAs]
[HKCU\Software\Mega Browse] =>PUP.MegaBrowse
[HKCU\Software\SpeedBit]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\HERMES]
[HKLM\Software\Wow6432Node\Mega Browse] =>PUP.MegaBrowse
~ Key Software: 332 Legitimates Filtered in 00mn 00s

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 21/01/2014 - 11:07:22 - [0] ----D C:\Program Files (x86)\Baidu Security =>Adware.BDSearch
O43 - CFD: 08/08/2013 - 09:28:22 - [4,635] ----D C:\Program Files (x86)\Curriculum 3.1
O43 - CFD: 23/05/2013 - 11:47:12 - [0] ----D C:\Program Files (x86)\ShowMyPCService
O43 - CFD: 09/10/2013 - 06:53:52 - [2,898] ----D C:\Program Files (x86)\Common Files\SpeedBit
O43 - CFD: 21/01/2014 - 11:29:41 - [94,071] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 27/01/2014 - 09:23:36 - [0,002] ----D C:\Users\Carlos\AppData\Roaming\360safe =>Trojan.Lozavita
O43 - CFD: 21/01/2014 - 11:29:42 - [2,841] ----D C:\Users\Carlos\AppData\Roaming\Baidu Security =>Adware.BDSearch
O43 - CFD: 19/01/2014 - 10:19:58 - [37,140] ----D C:\Users\Carlos\AppData\Roaming\rmi
O43 - CFD: 19/01/2014 - 10:41:09 - [0] ----D C:\Users\Carlos\AppData\Local\Media Get LLC =>PUP.MediaGet
O43 - CFD: 19/01/2014 - 10:41:09 - [0] ----D C:\Users\Carlos\AppData\Local\MediaGet2 =>PUP.MediaGet
O43 - CFD: 16/05/2013 - 17:02:17 - [0] ----D C:\Users\Carlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dic Michaelis - UOL
O43 - CFD: 19/01/2014 - 10:41:09 - [0] ----D C:\Users\Carlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaGet2 =>PUP.MediaGet
O43 - CFD: 27/05/2013 - 14:03:19 - [0] ----D C:\Users\Carlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SIP - Sistema Integrado de Pedidos Viablu
~ Program Folder: 177 Legitimates Filtered in 00mn 26s

---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.516B61A00602AF5D3EAE5DBE71354F7D] - 07/04/2014 - 18:11:13 ---A- . (...) -- C:\zoek-results2014-04-07-211113.log [3232]
O44 - LFC:[MD5.D416849B9418A281CC8263E42EC00EEF] - 07/04/2014 - 18:41:54 ---A- . (...) -- C:\Windows\ntbtlog.txt [241156]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 07/04/2014 - 18:48:23 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.48CAB7F8C431568FAA349AB7D9AF82C4] - 07/04/2014 - 18:51:08 ---A- . (...) -- C:\zoek-results.log [21125]
O44 - LFC:[MD5.67D866372F09F3B7D000B2588A63AD22] - 08/04/2014 - 15:32:41 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [147638]
O44 - LFC:[MD5.779FDEA1E55558425A0A586615427F4D] - 08/04/2014 - 15:32:41 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [705798]
~ Files: 13 Legitimates Filtered in 00mn 02s

---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{30e5bbdc-b596-11e2-abfa-806e6f6e6963}\AutoRun\command. (...) -- D:\Setup.exe (.not file.)
~ Keys: Scanned in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ MWPS: 19 Legitimates Filtered in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s

---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.CF54BC5630C200393369DDD1A5B63261] - 18/01/2014 - 23:59:20 R--A- . (.360.cn - 360杀毒文件监控驱动.) -- C:\Windows\System32\Drivers\360AvFlt.sys [71360]
O58 - SDL:[MD5.2219A3D695405E7BA2186BA6B9EDE14A] - 14/05/2009 - 09:26:24 ---A- . (.No owner - ATK0110 ACPI Utility.) -- C:\Windows\System32\Drivers\ASACPI.sys [15416]
O58 - SDL:[MD5.6E42F2E5B5BDE3FE4066C9B2D6091E17] - 21/01/2014 - 11:18:35 ---A- . (.360安全中心 - 360Efimon Driver.) -- C:\Windows\System32\Drivers\efimon.sys [23624]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.E428DFFA96FAD07D8CA3C9082563A225] - 21/08/2013 - 01:31:40 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [103576]
O58 - SDL:[MD5.AAF6F247F1DC370C593B4430974EAD9C] - 21/08/2013 - 01:31:40 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [204568]
O58 - SDL:[MD5.3248B5CC4AA7942EE7BC26F1EB00210B] - 21/08/2013 - 01:31:40 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG USB Mobile Logging Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudserd.sys [204568]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.8F866DF9A974BFFDCB2001D303BC0695] - 08/05/2013 - 09:52:48 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpkm.sys [49536]
O58 - SDL:[MD5.B7CC2AF3D5604EFDC5F82AF7A5B21FB1] - 08/04/2014 - 15:27:15 ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpndisrd.sys [31088]
~ Drivers: 19 Legitimates Filtered in 00mn 15s

---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {92001F8A-C36B-473A-91E7-5BE0C81CF2B3} - (PSafe ClikSeguro) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.2E6B7E92F232FC14343150E1B9377EE9] [SPRF][29/08/2013] (...) -- C:\ProgramData\ntuser.dat [262144]
[MD5.F80BD16394C407FC5D0C7389997049A4] [SPRF][21/08/2013] (...) -- C:\Users\Carlos\AppData\Roaming\unins000.dat [17435]
[MD5.04B47DEEB298AE90A0C42DEAED71F8BA] [SPRF][07/04/2014] (...) -- C:\Users\Carlos\Desktop\AdwCleaner.exe [1426178]
[MD5.D9DE89F0FAF18019BC9595F0F47BCA61] [SPRF][28/01/2014] (.Atribune.org - ATF Cleaner.exe.) -- C:\Users\Carlos\Desktop\ATF-Cleaner.exe [50688]
[MD5.0F1CC5D9DB42AAFF03DFAED59C5BCF19] [SPRF][11/12/2012] (.fcportables.blogspot.com - ConvertXToDVD transcoder.) -- C:\Users\Carlos\Desktop\ConvertXtoDvd.exe [39714108]
[MD5.64BAEC464B396B66A353D8FC2F42A4E3] [SPRF][31/07/2011] (.RaProducts.org - System Purification Tool.) -- C:\Users\Carlos\Desktop\PureRa.exe [76565]
[MD5.DCF741DF9F654F5A2C1BEC789F53AEB3] [SPRF][08/03/2014] (...) -- C:\Users\Carlos\Desktop\zoek.com [1414742]
~ Files: 11 Legitimates Filtered in 00mn 00s

---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "537E56336A8449149988EC95CAA55E30" . (.Bing Bar.) -- C:\Windows\Installer\{3365E735-48A6-4194-9988-CE59AC5AE503}\icon_installer_ico =>Toolbar.Bing
~ Update Products: 124 Legitimates Filtered in 00mn 00s

---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.7AE5FF598B22E4F65558BAF73107FA7E] [WIS][14/05/2009] (.Builds the Destinations MSI - Builds the Destinations MSI.) -- C:\Windows\Installer\11ce16.msi [459264]
~ WIS: 126 Legitimates Filtered in 00mn 11s

---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\DriverEasy_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\DriverEasy_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\atualizador_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\avp_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DefaultPack_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DefaultPack_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DSCOM_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Kies_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Kies_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\pssmartup_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\spe_importar_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\spe_RASAPI32
~ BTK: 30 Legitimates Filtered in 00mn 00s

---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}] (Bing Bar Helper) =>Toolbar.Bing
[HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google
[HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google
[HKCR\CLSID\{eec0f710-38b5-4aba-99bf-ec87564a4e13}] (Bing Bar) =>Toolbar.Bing
~ BCK: 5332 Legitimates Filtered in 00mn 05s

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 12/03/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 11/03/2014 193696 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe =>Toolbar.Bing
SS - | Auto 16/05/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 16/05/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 16/05/2013 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 03/12/2013 2151200 | (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
SS - | Demand 29/03/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Disabled 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation

SR - | Auto 12/10/2011 819976 | (ABBYY.Licensing.FineReader.Professional.11.0) . (.ABBYY.) - C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 09/12/2013 881440 | (AdvancedSystemCareService7) . (.IObit.) - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
SR - | Auto 10/10/2013 356128 | (AVP) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
SR - | Demand 11/03/2014 247968 | (BBUpdate) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe =>Toolbar.Bing
SR - | Auto 08/10/2013 452136 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
SR - | Demand 13/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2012 769432 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/03/2010 189728 | (PSI_SVC_2) . (.Protexis Inc..) - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
SR - | Auto 17/02/2014 4915040 | (TeamViewer9) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
SR - | Auto 11/12/2012 27768 | (VIAKaraokeService) . (.VIA Technologies, Inc..) - C:\Windows\System32\viakaraokesrv.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 06s

---\\ Scâner Aditional (088)
Database Version : 13044 - (09/04/2014)
Clés trouvées (Keys found) : 2
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 7
Fichiers trouvés (Files found) : 10

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Mega Browse] =>PUP.MegaBrowse^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SaveSense] =>PUP.SaveSense^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{eec0f710-38b5-4aba-99bf-ec87564a4e13} =>Toolbar.Bing^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^
C:\Program Files (x86)\Baidu Security =>Adware.BDSearch^
C:\ProgramData\Baidu Security =>Adware.BDSearch^
C:\Users\Carlos\AppData\Roaming\360safe =>Trojan.Lozavita^
C:\Users\Carlos\AppData\Roaming\Baidu Security =>Adware.BDSearch^
C:\Users\Carlos\AppData\Local\Media Get LLC =>PUP.MediaGet^
C:\Users\Carlos\AppData\Local\MediaGet2 =>PUP.MediaGet^
C:\Users\Carlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaGet2 =>PUP.MediaGet^
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKCU\Software\Mega Browse] =>PUP.MegaBrowse^
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Mega Browse] =>PUP.MegaBrowse^
[HKCR\CLSID\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}] (Bing Bar Helper) =>Toolbar.Bing^
[HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google^
[HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google^
[HKCR\CLSID\{eec0f710-38b5-4aba-99bf-ec87564a4e13}] (Bing Bar) =>Toolbar.Bing^
~ Additionnel Scan: 351017 Items scanned in 00mn 22s

---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.MegaBrowse
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SaveSense
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.Lozavita
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.MediaGet
~ MSI: 5 link(s) detected in 00mn 00s

~ 1168 Legitimates filtered by white list
End of the scan (531 lines in 02mn 03s)(0)

por **Power Max** Ter 08 Abr 2014, 16:56

Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

computador https - forumpcbrasil forumeiros com - Computador com vários itens desnecessários e potencialmente perigosos 772309

Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.

por andreia1 Ter 08 Abr 2014, 17:08

Esqueci de copiar o relatorio, e agora?

por **Power Max** Ter 08 Abr 2014, 17:10

Abra novamente o ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

por andreia1 Ter 08 Abr 2014, 17:41

~ Relatório do ZHPDiag v2014.4.8.11 - Nicolas Coolman (09/04/2014)
~ Iniciado por Carlos (08/04/2014 17:24:42)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user

---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.16521
MFIE: Mozilla Firefox 28.0 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Kaspersky Internet Security v14.0.0.4651
Malwarebytes Anti-Malware versão 1.75.0.1300
Windows Defender W7

---\\ Softwares d'optimização do sistema
CCleaner v4.10 =>.Piriform Ltd

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
Adobe Reader XI
Java 7 Update 25
Java 7 Update 45

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4086 MB (64% free)
System Restore: Activé (Enable)
System drive C: has 595 GB (85%) free of 699 GB

---\\ Modo de conexão ao sistema
~ Computer Name: ANDREIA-PC
~ User Name: Carlos
~ All Users Names: HomeGroupUser$, Convidado, Carlos, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Carlos\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Carlos\AppData\Roaming\
~ %Desktop% : C:\Users\Carlos\Desktop\
~ %Favorites% : C:\Users\Carlos\Favorites\
~ %LocalAppData% : C:\Users\Carlos\AppData\Local\
~ %StartMenu% : C:\Users\Carlos\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 595 Go of 699 Go)
D: CD-ROM drive (Not Inserted)
F: CD-ROM drive (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)

---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s

---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 03:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.DF79CE9B950C62677D232154E93A81C7] - (.Microsoft Corporation - Internet Extensions para Win32.) (.01/03/2014 - 00:10:28.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.21/11/2010 - 00:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.27/09/2013 - 22:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.12/04/2013 - 11:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 00:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s

---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/223
~ Mes musiques (My Musics) : 5/1536
~ Mes Videos (My Videos) : 1/11
~ Mes Favoris (My Favorites) : 1/23
~ Mes Documents (My Documents) : 4/943
~ Mon Bureau (My Desktop) : 4/101
~ Menu demarrer (Programs) : 1/43
~ Hidden Files: Scanned in 00mn 01s

---\\ Processos lançados
[MD5.DF552350CDC2AA39C01CE40612DF82A8] - (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528] [PID.2732]
[MD5.2F8C1551C3B67AB4E03FDFCFEAA1E67A] - (.The Firebird Project - Firebird SQL Server.) -- C:\firebird\bin\fbguard.exe [65536] [PID.2800]
[MD5.15D2DB9BFA8E833ED31FAB2BB088FDDA] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128] [PID.1904]
[MD5.AF9975E9DF253F552F7725972CE93F07] - (.The Firebird Project - Firebird SQL Server.) -- c:\firebird\bin\fbserver.exe [1515599] [PID.2528]
[MD5.8E556A72D54F7E3B7844AB9217F02DD7] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.4040]
[MD5.CBA0013EBDE3F0B08B043F61857E9809] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.3312]
[MD5.9ECCE6A982223E99A5E1BB1A92A7D075] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8203264] [PID.756]
[MD5.F5456293D2604BCE2BEC07FC6186A341] - (.IObit - Advanced SystemCare Service.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881440] [PID.804]
[MD5.201BCF8550512C105BAC78E9FA401260] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe [452136] [PID.868]
[MD5.7546427637E4BDFFF6F0E53C39DD844B] - (.ABBYY - ABBYY network license server.) -- C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [819976] [PID.1580]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1884]
[MD5.BE531939BB6D153DB63DBBFBD398A713] - (.Microsoft Corporation - Updates Skype Click to Call.) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584] [PID.1988]
[MD5.33E9F08F675EF94633C8EF8A7C4EADF3] - (.Microsoft Corporation - Phone Number Recognition (PNR) module.) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608] [PID.2020]
[MD5.7E6B107120108B3A15BFECE0DE3201DB] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe [228744] [PID.708]
[MD5.543A4EF0923BF70D126625B034EF25AF] - (.Protexis Inc. - PsiService PsiService.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [189728] [PID.2368]
[MD5.2B29FD3AF7B4FEB272CD1F6EEC8FE4BA] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [4915040] [PID.2464]
[MD5.E0E4A1F81A7D69C595A8A9DDAD084C19] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe [769432] [PID.5056]
~ Processes Running: Scanned in 00mn 02s

---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\Carlos\AppData\Roaming\Mozilla\Firefox\Profiles\5zy3pgpo.default\prefs.js
M2 - MFEP: prefs.js [Carlos - 5zy3pgpo.default\ascsurfingprotection@iobit.com] [] Advanced SystemCare Surfing Protection v1.0 (..)
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Carlos\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll
~ Firefox Browser: 8 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
~ BHO: 23 Legitimates Filtered in 00mn 00s

---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: aTube Catcher.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Desktop [Public]: Central de Soluções HP.lnk . (.Hewlett-Packard Company - hpqdirec.exe.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe
O4 - GS\Desktop [Public]: Curriculum 3.1.lnk . (.Alv Sites - Soluções Web - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -- C:\Program Files (x86)\Curriculum 3.1\Curriculum.exe
O4 - GS\Desktop [Public]: HP ePrintCenter - HP Officejet Pro 8600.lnk . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\HP\HP Officejet Pro 8600\ePrintCenterShortcut.url (.not file.) =>.Hewlett-Packard Co
O4 - GS\Desktop [Public]: HP Officejet Pro 8600.lnk . (...) -- C:\Program Files (x86)\HP\HP Officejet Pro 8600\Bin\HP Officejet Pro 8600.exe (.not file.) =>.Hewlett-Packard Co
O4 - GS\Desktop [Public]: IObit Uninstaller.lnk . (.IObit - IObit Uninstaller.) -- C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
O4 - GS\Desktop [Public]: Kaspersky Internet Security 2013.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus Launcher.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\starter_avp.exe
O4 - GS\Desktop [Public]: Media Player Classic.lnk . (.Gabest - Media Player Classic.) -- C:\Program Files (x86)\Real Alternative\Media Player Classic\mplayerc.exe
O4 - GS\Desktop [Public]: Recibo Grátis.lnk . (...) -- C:\Recibo\Recibo.exe
O4 - GS\Desktop [Public]: Video Search.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Registro OCR I.R.I.S..lnk . (.I.R.I.S. Image Recognition Integarted Syste - Registration Wizard.) -- C:\Program Files (x86)\HP\IrisOCR_12.3.4.0\regipe.exe
O4 - GS\QuickLaunch [Carlos]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Carlos]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Carlos]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Carlos]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Carlos]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Carlos]: Banca Segura.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus Launcher.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\starter_avp.exe
O4 - GS\Desktop [Carlos]: Dic Michaelis - UOL.LNK . (...) -- C:\Dic\WDIC\WDIC.exe
O4 - GS\Desktop [Carlos]: DVD Shrink 3.2.lnk . (.DVD Shrink - DVD Shrink 3.2.) -- C:\Program Files (x86)\DVD Shrink\DVD Shrink 3.2.exe
O4 - GS\Desktop [Carlos]: hermesNet.lnk . (.Hermes S/A - Sistema de digitação de pedidos para distri.) -- C:\SPE\spe.exe
O4 - GS\Desktop [Carlos]: Impress - Atalho.lnk . (...) -- C:\Users\Carlos\Teste de Cartuchos (IMPRESS)\Impress.exe
O4 - GS\Desktop [Carlos]: Sip - Atalho.lnk . (.Viablu Ind & Com Ltda - No Comment.) -- C:\SIP\Sip.exe
O4 - GS\Desktop [Carlos]: UnderCoverXP.lnk . (.Wicked & Wild Inc. - What Covers Do Ya Wanna Print Today?.) -- C:\Program Files (x86)\UnderCoverXP\UnderCoverXP.exe
~ Global Startup: 89 Legitimates Filtered in 00mn 02s

---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKLM\..\Wow6432Node\Run: [Firebird] . (.The Firebird Project - Firebird SQL Server.) -- c:\firebird\bin\fbguard.exe
O4 - HKLM\..\Wow6432Node\Run: [AVP] . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1914712712-4087923188-980834768-1001\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
~ Application: Scanned in 00mn 00s

---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Teclado Virtual [64Bits] - {0C4CC089-D306-440D-9772-464E226F6539} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kbrd.ico
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
O9 - Extra button: Verificação de URLs [64Bits] - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\logo.ico
~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance: Scanned in 00mn 00s

---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{7F224BB8-FE28-46FC-A86D-01EBF1B54B8F}: DhcpNameServer = 192.168.1.1 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{7F224BB8-FE28-46FC-A86D-01EBF1B54B8F}: DhcpNameServer = 192.168.1.1 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{7F224BB8-FE28-46FC-A86D-01EBF1B54B8F}: DhcpNameServer = 192.168.1.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.0.1
~ Domain: Scanned in 00mn 00s

---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s

---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
~ Services: 12 Legitimates Filtered in 00mn 06s

---\\ Tarefas planificadas automaticamente (039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\DriverEasy Scheduled Scan.job [408]
~ Scheduled Task: 14 Legitimates Filtered in 00mn 02s

---\\ Software instalados (042)
O42 - Logiciel: Curriculum 3.1 versão 3.1.0.6 - (.Alv Sites - Soluções Web.) [HKLM][64Bits] -- {863A2C4E-047D-4137-BF99-57D21C1A1AC7}_is1
O42 - Logiciel: Dic Michaelis - UOL - (...) [HKLM][64Bits] -- WDIC
O42 - Logiciel: Recibo Grátis versão 1.3 - (.P5 Sistemas.) [HKLM][64Bits] -- {B231FA7F-4CB5-4C83-87DD-8C4D670CCF2C}_is1
O42 - Logiciel: SIP - Sistema Integrado de Pedidos Viablu v 1.4.0 - (...) [HKLM][64Bits] -- ST6UNST #1
~ Logic: 27 Legitimates Filtered in 00mn 00s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\Amigo Mouse]
[HKCU\Software\AppWork]
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\GbAs]
[HKCU\Software\SpeedBit]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\HERMES]
~ Key Software: 323 Legitimates Filtered in 00mn 00s

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 08/08/2013 - 09:28:22 - [4,635] ----D C:\Program Files (x86)\Curriculum 3.1
O43 - CFD: 23/05/2013 - 11:47:12 - [0] ----D C:\Program Files (x86)\ShowMyPCService
O43 - CFD: 09/10/2013 - 06:53:52 - [2,898] ----D C:\Program Files (x86)\Common Files\SpeedBit
O43 - CFD: 19/01/2014 - 10:19:58 - [37,140] ----D C:\Users\Carlos\AppData\Roaming\rmi
O43 - CFD: 16/05/2013 - 17:02:17 - [0] ----D C:\Users\Carlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dic Michaelis - UOL
O43 - CFD: 27/05/2013 - 14:03:19 - [0] ----D C:\Users\Carlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SIP - Sistema Integrado de Pedidos Viablu
~ Program Folder: 170 Legitimates Filtered in 00mn 15s

---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.516B61A00602AF5D3EAE5DBE71354F7D] - 07/04/2014 - 18:11:13 ---A- . (...) -- C:\zoek-results2014-04-07-211113.log [3232]
O44 - LFC:[MD5.D416849B9418A281CC8263E42EC00EEF] - 07/04/2014 - 18:41:54 ---A- . (...) -- C:\Windows\ntbtlog.txt [241156]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 07/04/2014 - 18:48:23 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.48CAB7F8C431568FAA349AB7D9AF82C4] - 07/04/2014 - 18:51:08 ---A- . (...) -- C:\zoek-results.log [21125]
O44 - LFC:[MD5.67D866372F09F3B7D000B2588A63AD22] - 08/04/2014 - 17:10:27 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [147638]
O44 - LFC:[MD5.779FDEA1E55558425A0A586615427F4D] - 08/04/2014 - 17:10:27 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [705798]
~ Files: 13 Legitimates Filtered in 00mn 10s

---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ MWPS: 19 Legitimates Filtered in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s

---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.CF54BC5630C200393369DDD1A5B63261] - 18/01/2014 - 23:59:20 R--A- . (.360.cn - 360杀毒文件监控驱动.) -- C:\Windows\System32\Drivers\360AvFlt.sys [71360]
O58 - SDL:[MD5.2219A3D695405E7BA2186BA6B9EDE14A] - 14/05/2009 - 09:26:24 ---A- . (.No owner - ATK0110 ACPI Utility.) -- C:\Windows\System32\Drivers\ASACPI.sys [15416]
O58 - SDL:[MD5.6E42F2E5B5BDE3FE4066C9B2D6091E17] - 21/01/2014 - 11:18:35 ---A- . (.360安全中心 - 360Efimon Driver.) -- C:\Windows\System32\Drivers\efimon.sys [23624]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.E428DFFA96FAD07D8CA3C9082563A225] - 21/08/2013 - 01:31:40 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [103576]
O58 - SDL:[MD5.AAF6F247F1DC370C593B4430974EAD9C] - 21/08/2013 - 01:31:40 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [204568]
O58 - SDL:[MD5.3248B5CC4AA7942EE7BC26F1EB00210B] - 21/08/2013 - 01:31:40 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG USB Mobile Logging Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudserd.sys [204568]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.8F866DF9A974BFFDCB2001D303BC0695] - 08/05/2013 - 09:52:48 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpkm.sys [49536]
O58 - SDL:[MD5.B7CC2AF3D5604EFDC5F82AF7A5B21FB1] - 08/04/2014 - 17:05:54 ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpndisrd.sys [31088]
~ Drivers: 19 Legitimates Filtered in 00mn 16s

---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.2E6B7E92F232FC14343150E1B9377EE9] [SPRF][29/08/2013] (...) -- C:\ProgramData\ntuser.dat [262144]
[MD5.F80BD16394C407FC5D0C7389997049A4] [SPRF][21/08/2013] (...) -- C:\Users\Carlos\AppData\Roaming\unins000.dat [17435]
[MD5.04B47DEEB298AE90A0C42DEAED71F8BA] [SPRF][07/04/2014] (...) -- C:\Users\Carlos\Desktop\AdwCleaner.exe [1426178]
[MD5.D9DE89F0FAF18019BC9595F0F47BCA61] [SPRF][28/01/2014] (.Atribune.org - ATF Cleaner.exe.) -- C:\Users\Carlos\Desktop\ATF-Cleaner.exe [50688]
[MD5.0F1CC5D9DB42AAFF03DFAED59C5BCF19] [SPRF][11/12/2012] (.fcportables.blogspot.com - ConvertXToDVD transcoder.) -- C:\Users\Carlos\Desktop\ConvertXtoDvd.exe [39714108]
[MD5.64BAEC464B396B66A353D8FC2F42A4E3] [SPRF][31/07/2011] (.RaProducts.org - System Purification Tool.) -- C:\Users\Carlos\Desktop\PureRa.exe [76565]
[MD5.DCF741DF9F654F5A2C1BEC789F53AEB3] [SPRF][08/03/2014] (...) -- C:\Users\Carlos\Desktop\zoek.com [1414742]
~ Files: 11 Legitimates Filtered in 00mn 01s

---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.7AE5FF598B22E4F65558BAF73107FA7E] [WIS][14/05/2009] (.Builds the Destinations MSI - Builds the Destinations MSI.) -- C:\Windows\Installer\11ce16.msi [459264]
~ WIS: 126 Legitimates Filtered in 00mn 14s

---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\DriverEasy_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\DriverEasy_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\atualizador_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\avp_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DefaultPack_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DefaultPack_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DSCOM_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Kies_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Kies_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\pssmartup_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\spe_importar_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\spe_RASAPI32
~ BTK: 29 Legitimates Filtered in 00mn 00s

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 12/03/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 16/05/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 16/05/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 16/05/2013 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 03/12/2013 2151200 | (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
SS - | Demand 29/03/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Disabled 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation

SR - | Auto 12/10/2011 819976 | (ABBYY.Licensing.FineReader.Professional.11.0) . (.ABBYY.) - C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 09/12/2013 881440 | (AdvancedSystemCareService7) . (.IObit.) - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
SR - | Auto 10/10/2013 356128 | (AVP) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
SR - | Auto 08/10/2013 452136 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
SR - | Demand 13/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2012 769432 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/03/2010 189728 | (PSI_SVC_2) . (.Protexis Inc..) - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
SR - | Auto 17/02/2014 4915040 | (TeamViewer9) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
SR - | Auto 11/12/2012 27768 | (VIAKaraokeService) . (.VIA Technologies, Inc..) - C:\Windows\System32\viakaraokesrv.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 06s

---\\ Scâner Aditional (088)
Database Version : 13044 - (09/04/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

~ Additionnel Scan: 350413 Items scanned in 00mn 21s

~ 1147 Legitimates filtered by white list
End of the scan (444 lines in 01mn 55s)(0)

por **Power Max** Ter 08 Abr 2014, 17:50

Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

computador https - forumpcbrasil forumeiros com - Computador com vários itens desnecessários e potencialmente perigosos 772309

Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta e nos diga como está seu PC depois deste procedimento.

por andreia1 Ter 08 Abr 2014, 17:59

Rapport de ZHPFix 2014.4.7.2 par Nicolas Coolman, Update du 07/04/2014
Fichier d'export Registre :
Run by Carlos at 08/04/2014 17:58:13
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 64-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 02s)
Reparação de atalhos do navegador

========== Valores do Registo ==========
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\windows\system32\drivers\360avflt.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\efimon.sys
ELIMINÉ Temporários windows (5) (2.724 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Recapitulativo ==========
6 : Valores do Registo
1 : Pastas
4 : Ficheiros
1 : Restauração Sistema

End of clean in 00mn 22s

========== Caminho do ficheiro do relatório ==========
C:\Users\Carlos\AppData\Roaming\ZHP\ZHPFix[R1].txt - 08/04/2014 17:00:32 [3266]
C:\Users\Carlos\AppData\Roaming\ZHP\ZHPFix[R2].txt - 08/04/2014 17:58:15 [1235]

por **Power Max** Ter 08 Abr 2014, 18:47

Como está seu PC depois deste procedimento?

por andreia1 Ter 08 Abr 2014, 19:30

Amanha posto como ele esta pois por não usar o em questão mas hoje estou respondendo de outro pc.

por **Power Max** Ter 08 Abr 2014, 20:04

andreia1 escreveu:Amanha posto como ele esta pois por não usar o em questão mas hoje estou respondendo de outro pc.

Ok, fico na espera.

por andreia1 Qua 09 Abr 2014, 10:15

Esta otimo, mas o firefox não ta normal, pesquisei aqui no forum uma solução mas ela não funcinou então irei remover e reinstalar.

por **Power Max** Qua 09 Abr 2014, 10:20

O melhor neste caso é realmente desinstalar o Firefox e reinstalá-lo.

por andreia1 Qua 09 Abr 2014, 10:37

Usei o delfix para remover o programas usados na desinfecção mas ele não removeu nada.

por **Power Max** Qua 09 Abr 2014, 11:43

Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].

Você já reinstalou o Firefox? O problema foi resolvido?

por andreia1 Ter 15 Abr 2014, 09:24

Referente aos problemas deste tópico tudo foi resolvido.

por Conteúdo patrocinado

Computador com vários itens desnecessários e potencialmente perigosos

Computador com vários itens desnecessários e potencialmente perigosos

Re: Computador com vários itens desnecessários e potencialmente perigosos

Re: Computador com vários itens desnecessários e potencialmente perigosos

Re: Computador com vários itens desnecessários e potencialmente perigosos

Re: Computador com vários itens desnecessários e potencialmente perigosos

Re: Computador com vários itens desnecessários e potencialmente perigosos

Re: Computador com vários itens desnecessários e potencialmente perigosos

Re: Computador com vários itens desnecessários e potencialmente perigosos

Re: Computador com vários itens desnecessários e potencialmente perigosos

Re: Computador com vários itens desnecessários e potencialmente perigosos

Re: Computador com vários itens desnecessários e potencialmente perigosos

Re: Computador com vários itens desnecessários e potencialmente perigosos

Re: Computador com vários itens desnecessários e potencialmente perigosos

Re: Computador com vários itens desnecessários e potencialmente perigosos

Re: Computador com vários itens desnecessários e potencialmente perigosos

Re: Computador com vários itens desnecessários e potencialmente perigosos

Re: Computador com vários itens desnecessários e potencialmente perigosos

Re: Computador com vários itens desnecessários e potencialmente perigosos

Re: Computador com vários itens desnecessários e potencialmente perigosos

Re: Computador com vários itens desnecessários e potencialmente perigosos

Re: Computador com vários itens desnecessários e potencialmente perigosos

Re: Computador com vários itens desnecessários e potencialmente perigosos

Re: Computador com vários itens desnecessários e potencialmente perigosos

Re: Computador com vários itens desnecessários e potencialmente perigosos

Re: Computador com vários itens desnecessários e potencialmente perigosos

Re: Computador com vários itens desnecessários e potencialmente perigosos

Seg	Ter	Qua	Qui	Sex	Sáb	Dom
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31