Fórum PC Brasil
Gostaria de reagir a esta mensagem? Crie uma conta em poucos cliques ou inicie sessão para continuar.
Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking reddit      

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14806 usuários registrados
O último membro registrado é King empero

Os nossos membros postaram um total de 36043 mensagens em 3684 assuntos
Últimos assuntos
» Possíveis vírus
por joram Sex 15 Mar 2024, 19:05

Quem está conectado?
12 usuários online :: 0 registrados, 0 invisíveis e 12 visitantes

Nenhum

O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
 
 

Resultados por:
 


Rechercher Pesquisa avançada

março 2024
SegTerQuaQuiSexSábDom
    123
45678910
11121314151617
18192021222324
25262728293031

Calendário Calendário


Por favor, o que fazer quando o mouse esta desaparecendo?

2 participantes

Página 1 de 2 1, 2  Seguinte

Ir para baixo

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? Empty Por favor, o que fazer quando o mouse esta desaparecendo?

Mensagem por Glaurey Qui 10 Abr 2014, 17:10

Como posso fazer pra descobrir o que esta acontecendo?
Glaurey
Glaurey
Membro
Membro

Mensagens : 54
Reputação : 1
Data de inscrição : 03/02/2014
Localização : Minas Gerais

Ir para o topo Ir para baixo

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? Empty Re: Por favor, o que fazer quando o mouse esta desaparecendo?

Mensagem por Power Max Qui 10 Abr 2014, 19:30

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? 648673379  Olá Glaurey.

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? 772309  Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >  < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.
 
|- Execute o ícone do pergaminho. ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
 
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
 
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? Empty RELATÓRIO DO PERGAMINHO

Mensagem por Glaurey Seg 14 Abr 2014, 18:37

~ Relatório do ZHPDiag v2014.4.14.26 - Nicolas Coolman  (14/04/2014)
~ Iniciado por CLAUCE (14/04/2014 18:21:24)
~ Endereço do Website :  http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~  Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program


---\\ Navegadores Internet
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox 27.0.1
GCIE: Google Chrome v34.0.1847.116 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 64-bit  (Build 7600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Key Management Service client information : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
avast! Free Antivirus v8.0.1506.0
Malwarebytes Anti-Malware versão 2.0.1.1004
Windows Defender W7

---\\ Softwares d'optimização do sistema
CCleaner v4.00  =>.Piriform Ltd

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 11 Plugin
Adobe Reader XI

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 6126 MB (66% free)
System Restore: Activé (Enable)
System drive C: has 499 GB (67%) free of 736 GB

---\\ Modo de conexão ao sistema
~ Computer Name: GLAUCE-PC
~ User Name: CLAUCE
~ All Users Names: UpdatusUser, Convidado, CLAUCE, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\CLAUCE\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\CLAUCE\AppData\Roaming\
~ %Desktop% : C:\Users\CLAUCE\Desktop\
~ %Favorites% : C:\Users\CLAUCE\Favorites\
~ %LocalAppData% : C:\Users\CLAUCE\AppData\Local\
~ %StartMenu% : C:\Users\CLAUCE\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 499 Go of 736 Go)
D: Hard drive, Flash drive, Thumb drive (Free 190 Go of 195 Go)
E: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Free 7 Go of 7 Go)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 46 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.C235A51CB740E45FFA0EBFB9BAFCDA64] - (.Microsoft Corporation - Windows Explorer.) (.13/07/2009 - 22:39:10.) -- C:\Windows\Explorer.exe [2868224]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.B1037F0131C9A010D611F6914E03CD92] - (.Microsoft Corporation - Internet Extensions para Win32.) (.13/07/2009 - 22:41:56.) -- C:\Windows\System32\wininet.dll [1193472]
[MD5.132328DF455B0028F13BF0ABEE51A63A] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Winlogon.exe [389120]
[MD5.96119226320B3B2A80E87FDB9D446BA0] - (.Microsoft Corporation - Microsoft Tablet PC Component.) (.13/07/2009 - 22:41:54.) -- C:\Windows\System32\sppcomapi.dll [1536]
[MD5.B9384E03479D2506BC924C16A3DB87BC] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/07/2009 - 20:21:42.) -- C:\Windows\system32\Drivers\AFD.sys [500224]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/07/2009 - 20:19:54.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.3F1DC527070ACB87E40AFE46EF6DA749] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.13/07/2009 - 20:23:44.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.13/07/2009 - 21:06:13.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.CFDCD8CA87C2A657DEBC150AC35B5E08] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.13/07/2009 - 20:24:00.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157184]
[MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.13/07/2009 - 20:21:29.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
[MD5.356698A13C4630D5B31C37378D469196] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.13/07/2009 - 22:48:27.) -- C:\Windows\system32\Drivers\ntfs.sys [1659984]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 21:10:12.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
[MD5.9706B84DBABFC4B4CA46C5A82B14DFA3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/07/2009 - 21:18:02.) -- C:\Windows\system32\Drivers\rdpdr.sys [165376]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.13/07/2009 - 20:21:15.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
[MD5.58F82EED8CA24B461441F9C3E4F0BF5C] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.13/07/2009 - 22:45:55.) -- C:\Windows\system32\Drivers\volsnap.sys [294992]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/6821
~ Mes musiques (My Musics) : 4/48
~ Mes Videos (My Videos) : 2/57
~ Mes Favoris (My Favorites) : 1/62
~ Mes Documents (My Documents) : 3/90501
~ Mon Bureau (My Desktop) : 2/21751
~ Menu demarrer (Programs) : 1/30
~ Hidden Files:  Scanned in 01mn 02s



---\\ Processos lançados
[MD5.6CB3E72B0D37A2AEFD22BEF916A297B3] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\CLAUCE\AppData\Roaming\uTorrent\uTorrent.exe   [1264984] [PID.2588]  =>P2P.BitTorrent
[MD5.41AD6110110A2E89957F831DCBFAF892] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe   [6963512] [PID.2924]
[MD5.9D4A0ECBF734E2EECDD5B473A2D705FE] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe   [20922016] [PID.3376]
[MD5.D5E7E2BBFF0C29246F0DA3C6EFC7DEB2] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe   [4858968] [PID.3568]
[MD5.2EBBBFC120593C683796092F2DDA0EFC] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   [841032] [PID.5248]
[MD5.775DDB699B40C42E1BD799CC0EBF3528] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [8215552] [PID.4032]
[MD5.A9D26626BEADF5A0641BF6B5095EF309] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe   [414496] [PID.916]
[MD5.B99C37364701D19F2B5C0A0E1ECCDB80] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe   [519720] [PID.944]
[MD5.E3BE7DAC6E46C2F1461996F29A09B6FA] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe   [46808] [PID.1620]
[MD5.3927397AC60D943DAF8808AFFED582B7] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe   [65192] [PID.2356]
[MD5.35A85429EC0A09EF4CF53F5BB1F5C2C5] - (.Autodesk, Inc. - Content Service.) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe   [18720] [PID.2656]
[MD5.0E08BDD7326E657D59DB40BAD23D8169] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe   [1809720] [PID.2828]
[MD5.A8E7F3DB083EB0839DFC1C763CDD2594] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe   [857912] [PID.2912]
[MD5.20372BE109FEE1C37E2D5216680DB9EB] - (.pdfforge GmbH - PDF Architect Helper Service.) -- C:\Program Files (x86)\PDF Architect\HelperService.exe   [1320496] [PID.1768]
[MD5.B90A279073A815A4AA2C45A09EE004FA] - (.pdfforge GmbH - PDF Architect Conversion Service.) -- C:\Program Files (x86)\PDF Architect\ConversionService.exe   [799280] [PID.2500]
[MD5.DF4A7E1E2BA788E28747F1EF49692ED6] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe   [5341536] [PID.2344]
[MD5.AA130938A27BB80A8B6438EF83232275] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe   [1364256] [PID.3496]
~ Processes Running:  Scanned in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\CLAUCE\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nnjbodopomfddehlalfilheomcahbpei] GBBD Caixa Economica Federal v.3.5.0 (Désactivé)
G2 - GCE: Preference [User Data\Default] [pbcaplhfkihhldmlbjhgajdeghjdbffi] GBBD Caixa Economica Federal v.3.6.2 (Activé)
G2 - GCE: Preference [User Data\Default] [pcoohmdcpejoeggdnihdfhohjgdbllgm] Avira SearchFree Toolbar plus Web Protection v.32.5, (Désactivé)  =>Toolbar.Avira

---\\ Pasta de extensão do Google Chrome

~ Google Lines Browser: 21 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\CLAUCE\AppData\Roaming\Mozilla\Firefox\Profiles\3rq1bp6x.default\prefs.js
C:\Users\CLAUCE\AppData\Roaming\Mozilla\Firefox\Profiles\3rq1bp6x.default\user.js
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/abn] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\CLAUCE\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\CLAUCE\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/cef] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\CLAUCE\AppData\Local\GAS Tecnologia\GBBD\npsf_CEF.dll
~ Firefox Browser: 9 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ IE Browser: 20 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 0



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O2 - BHO: YoutubeAdblocker [64Bits] - {2D1E2409-32FE-86EA-4B83-011EAFBDE154} Chave orfã  =>PUP.TubeAdBlocker
O2 - BHO: (no name) [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Chave orfã
~ BHO: 12 Legitimates Filtered in 00mn 00s



---\\ Barras do Internet Explorer (03))
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
~ Toolbar:  Scanned in 00mn 00s



---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Autodesk ReCap.lnk . (...)  -- C:\Program Files (x86)\Autodesk\Autodesk ReCap\recap.exe (.not file.)
O4 - GS\Desktop [Public]: Google SketchUp 8.lnk . (.Google, Inc. - SketchUp Application.)  -- C:\Program Files (x86)\Google\Google SketchUp 8\SketchUp.exe
O4 - GS\Desktop [Public]: HD VDeck.lnk . (.VIA - VIA HD Audio CPL.)  -- C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
O4 - GS\Desktop [Public]: LayOut 3.lnk . (.Google, Inc. - LayOut.)  -- C:\Program Files (x86)\Google\Google SketchUp 8\LayOut\LayOut.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Style Builder 2.lnk . (...)  -- C:\Program Files (x86)\Google\Google SketchUp 8\Style Builder\Style Builder.exe
O4 - GS\Desktop [Public]: TubeDigger.lnk . (...)  -- C:\Program Files (x86)\TubeDigger\TubeDigger.exe (.not file.)
O4 - GS\Program [Public]: HD VDeck.lnk . (.VIA - VIA HD Audio CPL.)  -- C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [CLAUCE]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [CLAUCE]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [CLAUCE]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.)  -- C:\Users\CLAUCE\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
O4 - GS\TaskBar [CLAUCE]: chrome - Atalho.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [CLAUCE]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [CLAUCE]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar [CLAUCE]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.)  -- C:\Users\CLAUCE\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
O4 - GS\Program [CLAUCE]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [CLAUCE]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [CLAUCE]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SendTo [CLAUCE]: Transferência de Arquivo Bluetooth.LNK . (.Microsoft Corporation - No Comment.)  -- C:\Windows\System32\fsquirt.exe
O4 - GS\Desktop [CLAUCE]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.)  -- C:\Users\CLAUCE\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
~ Global Startup: 94 Legitimates Filtered in 00mn 01s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\CLAUCE\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\CLAUCE\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe   =>.Skype Technologies S.A.
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2758932580-3479336420-2192492680-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\CLAUCE\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-2758932580-3479336420-2192492680-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\CLAUCE\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-2758932580-3479336420-2192492680-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe   =>.Skype Technologies S.A.
~ Application:  Scanned in 00mn 00s



---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance:  Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{6452776B-8B5A-4326-8167-FF2F163ECA3C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{6452776B-8B5A-4326-8167-FF2F163ECA3C}: DhcpDomain = domain.name
O17 - HKLM\System\CS1\Services\Tcpip\..\{6452776B-8B5A-4326-8167-FF2F163ECA3C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{6452776B-8B5A-4326-8167-FF2F163ECA3C}: DhcpDomain = domain.name
O17 - HKLM\System\CS2\Services\Tcpip\..\{6452776B-8B5A-4326-8167-FF2F163ECA3C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{6452776B-8B5A-4326-8167-FF2F163ECA3C}: DhcpDomain = domain.name
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
O23 - Service: KMService (KMService) . (...) - C:\Windows\SysWOW64\srvany.exe  =>Hijacker.Office
~ Services: 15 Legitimates Filtered in 00mn 07s



---\\ Tarefas planificadas automaticamente (039)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\Digital Sites.job   [296]
[MD5.00000000000000000000000000000000] [APT] [Digital Sites] (...) -- C:\Users\CLAUCE\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.exe (.not file.)   [0]
[MD5.905B65996358CCE4E4CB6CB6CFC1E859] [APT] [{AF237733-BC96-4DED-B6FF-7DC5A27F8A92}] (...) -- C:\Program Files (x86)\StreamingStar\HiDownload_Platinum\HiDownloadPlatinum.exe   [5198336]
~ Scheduled Task: 18 Legitimates Filtered in 00mn 02s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver:  (Bfilter) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\Windows\system32\drivers\Bfilter.sys
O41 - Driver:  (Bfmon) . (.Baidu, Inc. - Baidu FS Monitor Driver.) - C:\Windows\system32\drivers\Bfmon.sys  =>Adware.BDSearch
O41 - Driver:  (Bprotect) . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - C:\Windows\system32\drivers\Bprotect.sys
~ Drivers: 75 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: GBBD Banco do Brasil - (...) [HKLM][64Bits] -- {36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1
O42 - Logiciel: HiDownloadPlatinum - (...) [HKLM][64Bits] -- HiDownload Platinum_is1
O42 - Logiciel: URL Helper - (...) [HKLM][64Bits] -- URL Helper_is1
O42 - Logiciel: WBN240-64bits - (.Nome de sua empresa:.) [HKLM][64Bits] -- {D0C33E57-616D-40CE-945E-6DD6ACC995BA}
~ Logic: 25 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\Baidu Security]  =>Adware.BDSearch
[HKCU\Software\GbAs]
[HKCU\Software\Kerkythea Rendering System]
[HKCU\Software\TubeDigger]
[HKCU\Software\URLHelper]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Baidu Security]  =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Baidu_Drp_pos]  =>Adware.BDSearch
[HKLM\Software\Wow6432Node\TubeDigger]
[HKLM\Software\Wow6432Node\URLHelper]
[HKLM\Software\Wow6432Node\baidu]  =>Adware.BDSearch
~ Key Software: 278 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 19/02/2014 - 11:12:57 - [0] ----D C:\Program Files (x86)\Baidu Security  =>Adware.BDSearch
O43 - CFD: 02/01/2014 - 17:35:23 - [8,211] ----D C:\Program Files (x86)\Kerkythea Rendering System
O43 - CFD: 07/04/2014 - 12:14:30 - [0,008] ----D C:\Program Files (x86)\Seaercih--NewTab  =>Adware.FastSaveApp
O43 - CFD: 20/03/2014 - 16:49:08 - [30,617] ----D C:\Program Files (x86)\StreamingStar
O43 - CFD: 07/02/2014 - 13:55:02 - [466,130] ----D C:\Program Files (x86)\SulAmerica
O43 - CFD: 07/04/2014 - 12:14:30 - [0,008] ----D C:\Program Files (x86)\websave  =>PUP.Websave
O43 - CFD: 20/02/2014 - 08:36:24 - [0,140] ----D C:\ProgramData\3399e7679ad6712b
O43 - CFD: 07/04/2014 - 12:12:38 - [0] ----D C:\ProgramData\APN
O43 - CFD: 19/02/2014 - 11:08:04 - [1,316] ----D C:\ProgramData\baidu  =>Adware.BDSearch
O43 - CFD: 18/02/2014 - 17:01:46 - [16,391] ----D C:\ProgramData\Baidu Security  =>Adware.BDSearch
O43 - CFD: 05/03/2014 - 16:22:52 - [0] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 21/03/2014 - 17:07:49 - [0] ----D C:\ProgramData\FARO
O43 - CFD: 20/02/2014 - 08:36:24 - [0,005] ----D C:\ProgramData\GreatSoft
O43 - CFD: 20/02/2014 - 08:36:24 - [2,207] ----D C:\ProgramData\InstallMate  =>PUP.Tarma
O43 - CFD: 20/02/2014 - 08:45:19 - [0,004] ----D C:\ProgramData\Seaercih--NewTab  =>Adware.FastSaveApp
O43 - CFD: 20/02/2014 - 08:45:19 - [0,004] ----D C:\ProgramData\websave  =>PUP.Websave
O43 - CFD: 19/02/2014 - 11:08:13 - [0] ----D C:\Users\CLAUCE\AppData\Roaming\Baidu  =>Adware.BDSearch
O43 - CFD: 18/02/2014 - 17:02:04 - [2,821] ----D C:\Users\CLAUCE\AppData\Roaming\Baidu Security  =>Adware.BDSearch
~ Program Folder: 176 Legitimates Filtered in 00mn 19s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.26D93A797DCD31377D1A9B3E21CB770A] - 07/04/2014 - 11:33:30 ---A- . (...) -- C:\Windows\System32\prfc0416.dat   [146924]
O44 - LFC:[MD5.9151CEB0076A530722984ECD49F0AFB4] - 07/04/2014 - 11:33:30 ---A- . (...) -- C:\Windows\System32\prfh0416.dat   [706198]
~ Files: 15 Legitimates Filtered in 00mn 21s



---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj [64Bits] - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks:  Scanned in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.DC80CB69042C790E3EACD38942C680D4] - 22/01/2014 - 12:52:21 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys   [65336]
O58 - SDL:[MD5.43E5B51F295E09D51D64FF1C66757DAA] - 22/01/2014 - 12:52:21 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys   [189936]
O58 - SDL:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 21/01/2014 - 11:14:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys   [52032]
O58 - SDL:[MD5.DFC1681F6645CB2AEA83897588F05362] - 21/01/2014 - 11:14:50 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys   [34624]  =>Adware.BDSearch
O58 - SDL:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys   [128992]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [31232]
O58 - SDL:[MD5.DE7FCC77F4A503AF4CA6A47D49B3713D] - 28/02/2013 - 22:49:12 ---A- . (.Riverbed Technology, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\Drivers\npf.sys   [36600]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [24656]
O58 - SDL:[MD5.3A7CABF7DE8F1325BE8F46685469AEC3] - 20/06/2013 - 22:09:46 ---A- . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\Drivers\taphss6.sys   [42184]
O58 - SDL:[MD5.8F866DF9A974BFFDCB2001D303BC0695] - 08/05/2013 - 09:52:48 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpkm.sys   [49536]
O58 - SDL:[MD5.B7CC2AF3D5604EFDC5F82AF7A5B21FB1] - 04/03/2014 - 08:34:41 ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpndisrd.sys   [31088]
~ Drivers: 14 Legitimates Filtered in 00mn 00s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 21/01/2014 - C:\Windows\system32\drivers\Bfilter.sys (Bfilter)  .(.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - LEGACY_BFILTER
O64 - Services: CurCS - 21/01/2014 - C:\Windows\system32\drivers\Bfmon.sys (Bfmon)  .(.Baidu, Inc. - Baidu FS Monitor Driver.) - LEGACY_BFMON  =>Adware.BDSearch
O64 - Services: CurCS - 21/01/2014 - C:\Windows\system32\drivers\Bprotect.sys (Bprotect)  .(.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - LEGACY_BPROTECT
~ Legacy: 88 Legitimates Filtered in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 12 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Mysearchdial) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Adware.MyWebSearch
O69 - SBI: SearchScopes [HKCU] {77AA745B-F4F8-45DA-9B14-61D2D95054C8} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.8DDB84FB5FD7958654F23ECE6EA14D0F] [SPRF][15/01/2014] (.Baidu, Inc. - Baidu Antivirus FileSplitUpLoad Library.) -- C:\ProgramData\FileSplitUpLoad.dll   [167784]
[MD5.F1D4FB08208F4A1CD50B84998B695978] [SPRF][07/01/2014] (...) -- C:\Users\CLAUCE\AppData\Roaming\unins000.dat   [36792]
[MD5.B1AA7A6159645FA55C036F07505E1C76] [SPRF][09/01/2014] (...) -- C:\Users\CLAUCE\AppData\Roaming\unins001.dat   [15748]
[MD5.3F02A696DD9DD17D2ADB8BE6075CC0A5] [SPRF][04/03/2014] (...) -- C:\Users\CLAUCE\AppData\Roaming\unins002.dat   [19489]
[MD5.AD6E810B9CE3D8C0C1FF0203C68C6FA6] [SPRF][04/03/2014] (.No owner - Setup/Uninstall.) -- C:\Users\CLAUCE\AppData\Roaming\unins002.exe   [720082]
~ Files: 7 Legitimates Filtered in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{D002C6BC-463A-4C18-A438-3CED4FB3E218}C:\Program Files (x86)\orbitdownloader\orbitnet.exe" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\orbitdownloader\orbitnet.exe (.not file.)
O87 - FAEL: "UDP Query User{0071486F-A607-4827-BA88-C89F6FB6E552}C:\Program Files (x86)\orbitdownloader\orbitnet.exe" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\orbitdownloader\orbitnet.exe (.not file.)
O87 - FAEL: "{98AF6CE3-0FEB-4C6B-81DC-5A599ACD1454}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\TubeDigger\TubeDigger.exe (.not file.)
O87 - FAEL: "{87439B2D-92DC-4EA2-AA49-3E13AED82924}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\TubeDigger\TubeDigger.exe (.not file.)
O87 - FAEL: "{45611F77-9FBF-4596-9297-42A9AD311F0A}" | In - Private - P6 - TRUE | .(.No owner - HiDownload.) -- C:\Program Files (x86)\StreamingStar\HiDownload_Platinum\HiDownloadPlatinum.exe
O87 - FAEL: "{BF0AD315-5E33-4D9A-8531-4DE528CDDD55}" | In - Private - P17 - TRUE | .(.No owner - HiDownload.) -- C:\Program Files (x86)\StreamingStar\HiDownload_Platinum\HiDownloadPlatinum.exe
O87 - FAEL: "{562BF25C-5363-4E0C-B190-81173A393E6E}" | In - Domain - P6 - FALSE | .(.No owner - HiDownload.) -- C:\Program Files (x86)\StreamingStar\HiDownload_Platinum\HiDownloadPlatinum.exe
O87 - FAEL: "{2667D2B6-9691-4249-8BC0-EC011729500E}" | In - Domain - P17 - FALSE | .(.No owner - HiDownload.) -- C:\Program Files (x86)\StreamingStar\HiDownload_Platinum\HiDownloadPlatinum.exe
O87 - FAEL: "TCP Query User{DBE11C0B-6930-4AB2-BD58-3C09D6C521CD}C:\program files (x86)\streamingstar\hidownload_platinum\flvfilter.exe" | In - Private - P6 - TRUE | .(.TODO: - FlvFilter.) -- C:\program files (x86)\streamingstar\hidownload_platinum\flvfilter.exe
O87 - FAEL: "UDP Query User{A2DE7685-55B9-4406-AA6B-D605127EF407}C:\program files (x86)\streamingstar\hidownload_platinum\flvfilter.exe" | In - Private - P17 - TRUE | .(.TODO: - FlvFilter.) -- C:\program files (x86)\streamingstar\hidownload_platinum\flvfilter.exe
~ Firewall: 235 Legitimates Filtered in 00mn 00s



---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "75E33C0DD616EC0449E5D66DCA9C59AB" . (.WBN240-64bits.) -- C:\Windows\Installer\{D0C33E57-616D-40CE-945E-6DD6ACC995BA}\ARPPRODUCTICON.exe
~ Update Products: 118 Legitimates Filtered in 00mn 00s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\desk365_RASAPI32  =>Hijacker.22Find
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\desk365_RASMANCS  =>Hijacker.22Find
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FindRight_RASAPI32  =>Hijacker.FindrToolbar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FindRight_RASMANCS  =>Hijacker.FindrToolbar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MySearchDial_RASAPI32  =>Adware.MyWebSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MySearchDial_RASMANCS  =>Adware.MyWebSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MYSEAR~1_RASAPI32  =>Adware.MyWebSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MYSEAR~1_RASMANCS  =>Adware.MyWebSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SupTab_RASAPI32  =>PUP.SupTab
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SupTab_RASMANCS  =>PUP.SupTab
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Torntv V6_RASAPI32  =>Hijacker.TornTV
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Torntv V6_RASMANCS  =>Hijacker.TornTV
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASAPI32  =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASMANCS  =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wpm_RASAPI32  =>PUP.WpManager
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wpm_RASMANCS  =>PUP.WpManager
~ BTK: 253 Legitimates Filtered in 00mn 00s



---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{2D1E2409-32FE-86EA-4B83-011EAFBDE154}] (YoutubeAdblocker)  =>PUP.Multiplug
~ BCK: 5687 Legitimates Filtered in 00mn 04s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Disabled 02/01/2014 654848 |  (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Demand 02/01/2014 1471352 |  (FlexNet Licensing Service 64) . (.Flexera Software LLC.) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
SS - | Auto 02/01/2014 116648 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 02/01/2014 116648 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 10/07/1658 0 |  (KMService) . (...) - C:\Windows\system32\srvany.exe  =>Hijacker.Office
SS - | Demand 29/06/2007 800040 |  (NBService) . (.Nero AG.) - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
SS - | Demand 27/06/2007 279848 |  (NMIndexingService) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
SS - | Disabled 30/11/2010 336824 |  (PSI_SVC_2_x64) . (.arvato digital services llc.) - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
SS - | Demand 28/02/2013 118520 |  (rpcapd) . (.Riverbed Technology, Inc..) - C:\Program Files (x86)\WinPcap\rpcapd.exe
SS - | Auto 23/10/2013 172192 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Disabled 11/11/2011 27760 |  (VIAKaraokeService) . (.VIA Technologies, Inc..) - C:\Windows\System32\viakaraokesrv.exe
SS - | Disabled 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 18/12/2012 65192 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 09/02/2012 18720 |  (Autodesk Content Service) . (.Autodesk, Inc..) - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
SR - | Auto 22/01/2014 46808 |  (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 21/02/2014 519720 |  (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
SR - | Auto 03/04/2014 1809720 |  (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
SR - | Auto 03/04/2014 857912 |  (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
SR - | Auto 23/10/2013 922912 |  (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 27/10/2013 1364256 |  (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 08/04/2013 1320496 |  (PDF Architect Helper Service) . (.pdfforge GmbH.) - C:\Program Files (x86)\PDF Architect\HelperService.exe
SR - | Auto 08/04/2013 799280 |  (PDF Architect Service) . (.pdfforge GmbH.) - C:\Program Files (x86)\PDF Architect\ConversionService.exe
SR - | Auto 23/10/2013 414496 |  (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 17/12/2013 5341536 |  (TeamViewer9) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation

~ Services:  Scanned in 00mn 05s



---\\ Scâner Aditional (088)
Database Version : 13044 - (14/04/2014)
Clés trouvées (Keys found) : 8
Valeurs trouvées (Values found) : 4
Dossiers trouvés  (Folders found) : 11
Fichiers trouvés  (Files found) : 7

[HKLM\Software\Google\Chrome\Extensions\pcoohmdcpejoeggdnihdfhohjgdbllgm]   =>Toolbar.Avira^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2D1E2409-32FE-86EA-4B83-011EAFBDE154}]   =>PUP.TubeAdBlocker^
[HKLM\SYSTEM\CurrentControlSet\Services\KMService]   =>Hijacker.Office^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}]   =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}]   =>Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}]   =>Adware.Agent
[HKLM\Software\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}]   =>Adware.MagniPic
[HKLM\Software\Wow6432Node\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}]   =>Adware.MagniPic
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent   =>P2P.BitTorrent^
C:\Users\CLAUCE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcoohmdcpejoeggdnihdfhohjgdbllgm   =>Toolbar.Avira^
C:\Program Files (x86)\Baidu Security   =>Adware.BDSearch^
C:\Program Files (x86)\Seaercih--NewTab   =>Adware.FastSaveApp^
C:\Program Files (x86)\websave   =>PUP.Websave^
C:\ProgramData\baidu   =>Adware.BDSearch^
C:\ProgramData\Baidu Security   =>Adware.BDSearch^
C:\ProgramData\InstallMate   =>PUP.Tarma^
C:\ProgramData\Seaercih--NewTab   =>Adware.FastSaveApp^
C:\ProgramData\websave   =>PUP.Websave^
C:\Users\CLAUCE\AppData\Roaming\Baidu   =>Adware.BDSearch^
C:\Users\CLAUCE\AppData\Roaming\Baidu Security   =>Adware.BDSearch^
C:\Users\CLAUCE\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent^
O2 - BHO: YoutubeAdblocker [64Bits] - {2D1E2409-32FE-86EA-4B83-011EAFBDE154} Chave orfã   =>PUP.TubeAdBlocker^
[HKCU\Software\Baidu Security]   =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu Security]   =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu_Drp_pos]   =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\baidu]   =>Adware.BDSearch^
[HKCR\CLSID\{2D1E2409-32FE-86EA-4B83-011EAFBDE154}] (YoutubeAdblocker)   =>PUP.Multiplug^
~ Additionnel Scan: 623112 Items scanned in 00mn 47s



---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Hijacker.Office
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Adware.BDSearch
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Adware.FastSaveApp
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>PUP.Websave
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>PUP.Tarma
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Adware.MyWebSearch
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Hijacker.22Find
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Hijacker.FindrToolbar
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>PUP.SupTab
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Hijacker.TornTV
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>PUP.WpManager
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Adware.MagniPic
~ MSI: 12 link(s) detected in 00mn 00s



~ 1147 Legitimates filtered by white list
End of the scan (568 lines in 03mn 13s)(0)
Glaurey
Glaurey
Membro
Membro

Mensagens : 54
Reputação : 1
Data de inscrição : 03/02/2014
Localização : Minas Gerais

Ir para o topo Ir para baixo

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? Empty Re: Por favor, o que fazer quando o mouse esta desaparecendo?

Mensagem por Power Max Seg 14 Abr 2014, 19:31

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? 772309  Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? 772309  Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.


Última edição por Power Max em Qua 23 Abr 2014, 10:11, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? Empty Relatório ZHPfix

Mensagem por Glaurey Ter 22 Abr 2014, 13:09

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by CLAUCE at 22/04/2014 13:03:48
High Elevated Privileges : OK
Windows Vista Ultimate Edition, 64-bit  (Build 6000)

Reciclagem vazia (Cancelado pelo utilizador)
Reparação de atalhos do navegador

========== Estado dos serviços ==========
BFILTER Parado
BFMON Parado
BPROTECT Parado

========== Chaves do Registo ==========
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bprotect
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu_Drp_pos
ELIMINÉ: HKLM\Software\Wow6432Node\baidu
ELIMINÉ: SearchScopes :{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
ELIMINÉ: SearchScopes :{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\desk365_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\desk365_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FindRight_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FindRight_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MySearchDial_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MySearchDial_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MYSEAR~1_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MYSEAR~1_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SupTab_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SupTab_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Torntv V6_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Torntv V6_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wpm_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wpm_RASMANCS
ELIMINÉ:* HKCR\CLSID\{2D1E2409-32FE-86EA-4B83-011EAFBDE154}
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2D1E2409-32FE-86EA-4B83-011EAFBDE154}
ELIMINÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
ELIMINÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
ELIMINÉ: HKLM\Software\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
ELIMINÉ:* HKLM\Software\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}

========== Valores do Registo ==========
ELIMINÉ: TCP Query User{D002C6BC-463A-4C18-A438-3CED4FB3E218}C:\Program Files (x86)\orbitdownloader\orbitnet.exe
ELIMINÉ: UDP Query User{0071486F-A607-4827-BA88-C89F6FB6E552}C:\Program Files (x86)\orbitdownloader\orbitnet.exe
ELIMINÉ: {98AF6CE3-0FEB-4C6B-81DC-5A599ACD1454}
ELIMINÉ: {87439B2D-92DC-4EA2-AA49-3E13AED82924}
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ: c:\windows\tasks\digital sites.job
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINÉ Temporários windows (12703) (364.034.550 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: Digital Sites

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Outros ==========
NÃO-TRATADO _____________________________________


========== Recapitulativo ==========
29 : Chaves do Registo
10 : Valores do Registo
1 : Pastas
6 : Ficheiros
3 : Estado dos serviços
1 : Tarefa planificada
1 : Restauração Sistema
1 : Outros


End of clean in 01mn 55s

========== Caminho do ficheiro do relatório ==========
C:\Users\CLAUCE\AppData\Roaming\ZHP\ZHPFix[R1].txt - 04/02/2014 10:46:09 [5037]
C:\Users\CLAUCE\AppData\Roaming\ZHP\ZHPFix[R2].txt - 12/02/2014 17:18:00 [1175]
C:\Users\CLAUCE\AppData\Roaming\ZHP\ZHPFix[R3].txt - 18/02/2014 19:12:25 [745]
C:\Users\CLAUCE\AppData\Roaming\ZHP\ZHPFix[R4].txt - 18/02/2014 19:12:56 [941]
C:\Users\CLAUCE\AppData\Roaming\ZHP\ZHPFix[R5].txt - 18/02/2014 19:13:26 [1222]
C:\Users\CLAUCE\AppData\Roaming\ZHP\ZHPFix[R6].txt - 18/02/2014 19:16:25 [1422]
C:\Users\CLAUCE\AppData\Roaming\ZHP\ZHPFix[R7].txt - 22/04/2014 13:04:05 [4422]


Glaurey
Glaurey
Membro
Membro

Mensagens : 54
Reputação : 1
Data de inscrição : 03/02/2014
Localização : Minas Gerais

Ir para o topo Ir para baixo

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? Empty Re: Por favor, o que fazer quando o mouse esta desaparecendo?

Mensagem por Power Max Ter 22 Abr 2014, 14:46

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? 772309 Abra novamente o ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? Empty RELATÓRIO ZHPDiag

Mensagem por Glaurey Ter 22 Abr 2014, 16:19

~ Relatório do ZHPDiag v2014.4.14.26 - Nicolas Coolman  (14/04/2014)
~ Iniciado por CLAUCE (22/04/2014 16:03:48)
~ Endereço do Website :  http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~  Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program


---\\ Navegadores Internet
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox 28.0
GCIE: Google Chrome v34.0.1847.116 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 64-bit  (Build 7600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Key Management Service client information : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
avast! Free Antivirus v8.0.1506.0
Malwarebytes Anti-Malware versão 2.0.1.1004
Windows Defender W7

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 11 Plugin
Adobe Reader XI

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 6126 MB (66% free)
System Restore: Activé (Enable)
System drive C: has 503 GB (68%) free of 736 GB

---\\ Modo de conexão ao sistema
~ Computer Name: GLAUCE-PC
~ User Name: CLAUCE
~ All Users Names: UpdatusUser, Convidado, CLAUCE, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\CLAUCE\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\CLAUCE\AppData\Roaming\
~ %Desktop% : C:\Users\CLAUCE\Desktop\
~ %Favorites% : C:\Users\CLAUCE\Favorites\
~ %LocalAppData% : C:\Users\CLAUCE\AppData\Local\
~ %StartMenu% : C:\Users\CLAUCE\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 503 Go of 736 Go)
D: Hard drive, Flash drive, Thumb drive (Free 190 Go of 195 Go)
E: CD-ROM drive (Not Inserted)
F: Hard drive, Flash drive, Thumb drive (Free 817 Go of 932 Go)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 46 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.C235A51CB740E45FFA0EBFB9BAFCDA64] - (.Microsoft Corporation - Windows Explorer.) (.13/07/2009 - 22:39:10.) -- C:\Windows\Explorer.exe [2868224]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.B1037F0131C9A010D611F6914E03CD92] - (.Microsoft Corporation - Internet Extensions para Win32.) (.13/07/2009 - 22:41:56.) -- C:\Windows\System32\wininet.dll [1193472]
[MD5.132328DF455B0028F13BF0ABEE51A63A] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Winlogon.exe [389120]
[MD5.96119226320B3B2A80E87FDB9D446BA0] - (.Microsoft Corporation - Microsoft Tablet PC Component.) (.13/07/2009 - 22:41:54.) -- C:\Windows\System32\sppcomapi.dll [1536]
[MD5.B9384E03479D2506BC924C16A3DB87BC] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/07/2009 - 20:21:42.) -- C:\Windows\system32\Drivers\AFD.sys [500224]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/07/2009 - 20:19:54.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.3F1DC527070ACB87E40AFE46EF6DA749] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.13/07/2009 - 20:23:44.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.13/07/2009 - 21:06:13.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.CFDCD8CA87C2A657DEBC150AC35B5E08] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.13/07/2009 - 20:24:00.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157184]
[MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.13/07/2009 - 20:21:29.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
[MD5.356698A13C4630D5B31C37378D469196] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.13/07/2009 - 22:48:27.) -- C:\Windows\system32\Drivers\ntfs.sys [1659984]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 21:10:12.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
[MD5.9706B84DBABFC4B4CA46C5A82B14DFA3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/07/2009 - 21:18:02.) -- C:\Windows\system32\Drivers\rdpdr.sys [165376]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.13/07/2009 - 20:21:15.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
[MD5.58F82EED8CA24B461441F9C3E4F0BF5C] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.13/07/2009 - 22:45:55.) -- C:\Windows\system32\Drivers\volsnap.sys [294992]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/6854
~ Mes musiques (My Musics) : 4/48
~ Mes Videos (My Videos) : 2/110
~ Mes Favoris (My Favorites) : 1/124
~ Mes Documents (My Documents) : 3/181000
~ Mon Bureau (My Desktop) : 2/42532
~ Menu demarrer (Programs) : 1/60
~ Hidden Files:  Scanned in 00mn 09s



---\\ Processos lançados
[MD5.723DB99F24FBDCC8DE746D5689B20E79] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\CLAUCE\AppData\Roaming\uTorrent\uTorrent.exe   [1266520] [PID.2524]  =>P2P.BitTorrent
[MD5.9D4A0ECBF734E2EECDD5B473A2D705FE] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe   [20922016] [PID.2864]
[MD5.D5E7E2BBFF0C29246F0DA3C6EFC7DEB2] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe   [4858968] [PID.2904]
[MD5.2EBBBFC120593C683796092F2DDA0EFC] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   [841032] [PID.1168]
[MD5.775DDB699B40C42E1BD799CC0EBF3528] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [8215552] [PID.3104]
[MD5.A9D26626BEADF5A0641BF6B5095EF309] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe   [414496] [PID.904]
[MD5.B99C37364701D19F2B5C0A0E1ECCDB80] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe   [519720] [PID.932]
[MD5.E3BE7DAC6E46C2F1461996F29A09B6FA] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe   [46808] [PID.1612]
[MD5.3927397AC60D943DAF8808AFFED582B7] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe   [65192] [PID.1984]
[MD5.35A85429EC0A09EF4CF53F5BB1F5C2C5] - (.Autodesk, Inc. - Content Service.) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe   [18720] [PID.1960]
[MD5.81B6F0661DDA1AF80BABBBF633E4F2A6] - (.Bandoo Media Inc - Datamngr Coordinator.) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe   [3544064] [PID.2456]  =>PUP.Datamngr
[MD5.57FF6D87F7E89F98D13EF8DC6B13FADB] - (.Bandoo Media Inc - Data Manager.) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe   [3584000] [PID.2808]  =>PUP.Datamngr
[MD5.20372BE109FEE1C37E2D5216680DB9EB] - (.pdfforge GmbH - PDF Architect Helper Service.) -- C:\Program Files (x86)\PDF Architect\HelperService.exe   [1320496] [PID.3188]
[MD5.B90A279073A815A4AA2C45A09EE004FA] - (.pdfforge GmbH - PDF Architect Conversion Service.) -- C:\Program Files (x86)\PDF Architect\ConversionService.exe   [799280] [PID.3260]
[MD5.DF4A7E1E2BA788E28747F1EF49692ED6] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe   [5341536] [PID.3468]
[MD5.AA130938A27BB80A8B6438EF83232275] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe   [1364256] [PID.3356]
~ Processes Running:  Scanned in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\CLAUCE\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nnjbodopomfddehlalfilheomcahbpei] GBBD Caixa Economica Federal v.3.5.0 (Désactivé)
G2 - GCE: Preference [User Data\Default] [pbcaplhfkihhldmlbjhgajdeghjdbffi] GBBD Caixa Economica Federal v.3.6.2 (Activé)
G2 - GCE: Preference [User Data\Default] [pcoohmdcpejoeggdnihdfhohjgdbllgm] Avira SearchFree Toolbar plus Web Protection v.32.5, (Désactivé)  =>Toolbar.Avira

---\\ Pasta de extensão do Google Chrome

~ Google Lines Browser: 40 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\CLAUCE\AppData\Roaming\Mozilla\Firefox\Profiles\3rq1bp6x.default\prefs.js
C:\Users\CLAUCE\AppData\Roaming\Mozilla\Firefox\Profiles\3rq1bp6x.default\user.js
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/abn] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\CLAUCE\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/cef] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\CLAUCE\AppData\Local\GAS Tecnologia\GBBD\npsf_CEF.dll
~ Firefox Browser: 7 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ IE Browser: 20 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 0



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: Movies Toolbar (Dist. by Bandoo Media, Inc.) [64Bits] - {95bef0b1-9d3a-41f3-bb8b-8275aaa48c66} . (.No owner - dtx Dynamic Link Library.) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\searchresultsDx.dll  =>PUP.Datamngr
O2 - BHO: G-Buster Browser Defense [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O2 - BHO: (no name) [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Chave orfã
~ BHO: 24 Legitimates Filtered in 00mn 00s



---\\ Barras do Internet Explorer (03))
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
~ Toolbar:  Scanned in 00mn 00s



---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Autodesk ReCap.lnk . (...)  -- C:\Program Files (x86)\Autodesk\Autodesk ReCap\recap.exe (.not file.)
O4 - GS\Desktop [Public]: Google SketchUp 8.lnk . (.Google, Inc. - SketchUp Application.)  -- C:\Program Files (x86)\Google\Google SketchUp 8\SketchUp.exe
O4 - GS\Desktop [Public]: HD VDeck.lnk . (.VIA - VIA HD Audio CPL.)  -- C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
O4 - GS\Desktop [Public]: LayOut 3.lnk . (.Google, Inc. - LayOut.)  -- C:\Program Files (x86)\Google\Google SketchUp 8\LayOut\LayOut.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Style Builder 2.lnk . (...)  -- C:\Program Files (x86)\Google\Google SketchUp 8\Style Builder\Style Builder.exe
O4 - GS\Desktop [Public]: TubeDigger.lnk . (...)  -- C:\Program Files (x86)\TubeDigger\TubeDigger.exe (.not file.)
O4 - GS\Program [Public]: HD VDeck.lnk . (.VIA - VIA HD Audio CPL.)  -- C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [CLAUCE]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [CLAUCE]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [CLAUCE]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.)  -- C:\Users\CLAUCE\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
O4 - GS\TaskBar [CLAUCE]: chrome - Atalho.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [CLAUCE]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [CLAUCE]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar [CLAUCE]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.)  -- C:\Users\CLAUCE\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
O4 - GS\Program [CLAUCE]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [CLAUCE]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [CLAUCE]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SendTo [CLAUCE]: Transferência de Arquivo Bluetooth.LNK . (.Microsoft Corporation - No Comment.)  -- C:\Windows\System32\fsquirt.exe
O4 - GS\Desktop [CLAUCE]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.)  -- C:\Users\CLAUCE\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
~ Global Startup: 93 Legitimates Filtered in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\CLAUCE\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\CLAUCE\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe   =>.Skype Technologies S.A.
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2758932580-3479336420-2192492680-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\CLAUCE\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-2758932580-3479336420-2192492680-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\CLAUCE\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-2758932580-3479336420-2192492680-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe   =>.Skype Technologies S.A.
~ Application:  Scanned in 00mn 00s



---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance:  Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{6452776B-8B5A-4326-8167-FF2F163ECA3C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{6452776B-8B5A-4326-8167-FF2F163ECA3C}: DhcpDomain = domain.name
O17 - HKLM\System\CS1\Services\Tcpip\..\{6452776B-8B5A-4326-8167-FF2F163ECA3C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{6452776B-8B5A-4326-8167-FF2F163ECA3C}: DhcpDomain = domain.name
O17 - HKLM\System\CS2\Services\Tcpip\..\{6452776B-8B5A-4326-8167-FF2F163ECA3C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{6452776B-8B5A-4326-8167-FF2F163ECA3C}: DhcpDomain = domain.name
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Datamngr Coordinator (DatamngrCoordinator) . (.Bandoo Media Inc - Datamngr Coordinator.) - C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe  =>PUP.Datamngr
O23 - Service: F06DEFF2-5B9C-490D-910F-35D3A9119622 (F06DEFF2-5B9C-490D-910F-35D3A9119622) . (.Bandoo Media Inc - Datamngr Configuration.) - C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\setmgrc1.cfg  =>PUP.Datamngr
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
O23 - Service: KMService (KMService) . (...) - C:\Windows\SysWOW64\srvany.exe  =>Hijacker.Office
~ Services: 16 Legitimates Filtered in 00mn 03s



---\\ Chaves de Gerenciamento Sessão (AppCertDlls,KnownDLLs) (O36)
O36 - AppCertDlls: (x86) . (...) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll  =>PUP.Datamngr
O36 - AppCertDlls: (x64) . (...) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll  =>PUP.Datamngr
~ Keys:  Scanned in 00mn 00s



---\\ Tarefas planificadas automaticamente (039)
[MD5.905B65996358CCE4E4CB6CB6CFC1E859] [APT] [{AF237733-BC96-4DED-B6FF-7DC5A27F8A92}] (...) -- C:\Program Files (x86)\StreamingStar\HiDownload_Platinum\HiDownloadPlatinum.exe   [5198336]
~ Scheduled Task: 30 Legitimates Filtered in 00mn 00s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver:  (F06DEFF2-5B9C-490D-910F-35D3A9119622) . (.Bandoo Media Inc - Datamngr Configuration.) - C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\setmgrc1.cfg  =>PUP.Datamngr
~ Drivers: 69 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: HiDownloadPlatinum - (...) [HKLM][64Bits] -- HiDownload Platinum_is1
O42 - Logiciel: WBN240-64bits - (.Nome de sua empresa:.) [HKLM][64Bits] -- {D0C33E57-616D-40CE-945E-6DD6ACC995BA}
~ Logic: 24 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\APN DTX]
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\GbAs]
[HKCU\Software\Kerkythea Rendering System]
[HKCU\Software\TubeDigger]
[HKCU\Software\URLHelper]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Datamngr]  =>PUP.Datamngr
[HKLM\Software\Wow6432Node\TubeDigger]
[HKLM\Software\Wow6432Node\URLHelper]
~ Key Software: 274 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 02/01/2014 - 17:35:23 - [8,211] ----D C:\Program Files (x86)\Kerkythea Rendering System
O43 - CFD: 15/04/2014 - 08:50:56 - [24,255] ----D C:\Program Files (x86)\Movies Toolbar  =>PUP.MoviesToolbar
O43 - CFD: 15/04/2014 - 08:50:07 - [0,006] ----D C:\Program Files (x86)\Savevid  =>Adware.Bandoo
O43 - CFD: 20/03/2014 - 16:49:08 - [30,625] ----D C:\Program Files (x86)\StreamingStar
O43 - CFD: 20/02/2014 - 08:36:24 - [0,140] ----D C:\ProgramData\3399e7679ad6712b
O43 - CFD: 22/04/2014 - 16:03:21 - [0,006] ----D C:\ProgramData\Datamngr  =>PUP.Datamngr
O43 - CFD: 21/03/2014 - 17:07:49 - [0] ----D C:\ProgramData\FARO
O43 - CFD: 20/02/2014 - 08:36:24 - [0,005] ----D C:\ProgramData\GreatSoft
~ Program Folder: 167 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.26D93A797DCD31377D1A9B3E21CB770A] - 22/04/2014 - 13:21:43 ---A- . (...) -- C:\Windows\System32\prfc0416.dat   [146924]
O44 - LFC:[MD5.9151CEB0076A530722984ECD49F0AFB4] - 22/04/2014 - 13:21:43 ---A- . (...) -- C:\Windows\System32\prfh0416.dat   [706198]
~ Files: 11 Legitimates Filtered in 00mn 00s



---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj [64Bits] - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks:  Scanned in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - bitguard.exe - tasklist.exe  =>PUP.BitGuard
O50 - IFEO:Image File Execution Options - bprotect.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - bpsvc.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - browserdefender.exe - tasklist.exe  =>Hijacker.Eazel
O50 - IFEO:Image File Execution Options - browserprotect.exe - tasklist.exe  =>Hijacker.Eazel
O50 - IFEO:Image File Execution Options - browsersafeguard.exe - tasklist.exe  =>PUP.BrowserSafeguard
O50 - IFEO:Image File Execution Options - dprotectsvc.exe - tasklist.exe  =>Trojan.Staser
O50 - IFEO:Image File Execution Options - jumpflip - tasklist.exe  =>PUP.JumpFlip
O50 - IFEO:Image File Execution Options - protectedsearch.exe - tasklist.exe  =>Spyware.ProtectedSearch
O50 - IFEO:Image File Execution Options - searchinstaller.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - searchprotection.exe - tasklist.exe  =>Toolbar.Conduit
O50 - IFEO:Image File Execution Options - searchprotector.exe - tasklist.exe  =>Toolbar.Conduit
O50 - IFEO:Image File Execution Options - searchsettings.exe - tasklist.exe  =>Adware.SearchSettings
O50 - IFEO:Image File Execution Options - searchsettings64.exe - tasklist.exe  =>Adware.SearchSettings
O50 - IFEO:Image File Execution Options - snapdo.exe - tasklist.exe  =>Hijacker.SmartBar
O50 - IFEO:Image File Execution Options - stinst32.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - stinst64.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - umbrella.exe - tasklist.exe  =>Adware.IMBooster
O50 - IFEO:Image File Execution Options - utiljumpflip.exe - tasklist.exe  =>PUP.JumpFlip
O50 - IFEO:Image File Execution Options - volaro - tasklist.exe  =>Trojan.Vonteera
O50 - IFEO:Image File Execution Options - vonteera - tasklist.exe  =>Trojan.Vonteera
O50 - IFEO:Image File Execution Options - websteroids.exe - tasklist.exe  =>PUP.TubeDimmer
O50 - IFEO:Image File Execution Options - websteroidsservice.exe - tasklist.exe  =>PUP.TubeDimmer
~ IFEO:  Scanned in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.DC80CB69042C790E3EACD38942C680D4] - 22/01/2014 - 12:52:21 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys   [65336]
O58 - SDL:[MD5.43E5B51F295E09D51D64FF1C66757DAA] - 22/01/2014 - 12:52:21 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys   [189936]
O58 - SDL:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 21/01/2014 - 11:14:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys   [52032]
O58 - SDL:[MD5.DFC1681F6645CB2AEA83897588F05362] - 21/01/2014 - 11:14:50 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys   [34624]  =>Adware.BDSearch
O58 - SDL:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys   [128992]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [31232]
O58 - SDL:[MD5.DE7FCC77F4A503AF4CA6A47D49B3713D] - 28/02/2013 - 22:49:12 ---A- . (.Riverbed Technology, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\Drivers\npf.sys   [36600]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [24656]
O58 - SDL:[MD5.3A7CABF7DE8F1325BE8F46685469AEC3] - 20/06/2013 - 22:09:46 ---A- . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\Drivers\taphss6.sys   [42184]
O58 - SDL:[MD5.8F866DF9A974BFFDCB2001D303BC0695] - 08/05/2013 - 09:52:48 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpkm.sys   [49536]
O58 - SDL:[MD5.B7CC2AF3D5604EFDC5F82AF7A5B21FB1] - 04/03/2014 - 08:34:41 ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpndisrd.sys   [31088]
~ Drivers: 14 Legitimates Filtered in 00mn 00s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 08/04/2014 - C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\setmgrc1.cfg (F06DEFF2-5B9C-490D-910F-35D3A9119622)  .(.Bandoo Media Inc - Datamngr Configuration.) - LEGACY_F06DEFF2-5B9C-490D-910F-35D3A9119622  =>PUP.Datamngr
O64 - Services: CurCS - 03/04/2014 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector)  .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR
~ Legacy: 88 Legitimates Filtered in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 12 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2405} - (Ask.com) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.8DDB84FB5FD7958654F23ECE6EA14D0F] [SPRF][15/01/2014] (.Baidu, Inc. - Baidu Antivirus FileSplitUpLoad Library.) -- C:\ProgramData\FileSplitUpLoad.dll   [167784]
[MD5.F1D4FB08208F4A1CD50B84998B695978] [SPRF][07/01/2014] (...) -- C:\Users\CLAUCE\AppData\Roaming\unins000.dat   [36792]
[MD5.B1AA7A6159645FA55C036F07505E1C76] [SPRF][09/01/2014] (...) -- C:\Users\CLAUCE\AppData\Roaming\unins001.dat   [15748]
~ Files: 5 Legitimates Filtered in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{45611F77-9FBF-4596-9297-42A9AD311F0A}" | In - Private - P6 - TRUE | .(.No owner - HiDownload.) -- C:\Program Files (x86)\StreamingStar\HiDownload_Platinum\HiDownloadPlatinum.exe
O87 - FAEL: "{BF0AD315-5E33-4D9A-8531-4DE528CDDD55}" | In - Private - P17 - TRUE | .(.No owner - HiDownload.) -- C:\Program Files (x86)\StreamingStar\HiDownload_Platinum\HiDownloadPlatinum.exe
O87 - FAEL: "{562BF25C-5363-4E0C-B190-81173A393E6E}" | In - Domain - P6 - FALSE | .(.No owner - HiDownload.) -- C:\Program Files (x86)\StreamingStar\HiDownload_Platinum\HiDownloadPlatinum.exe
O87 - FAEL: "{2667D2B6-9691-4249-8BC0-EC011729500E}" | In - Domain - P17 - FALSE | .(.No owner - HiDownload.) -- C:\Program Files (x86)\StreamingStar\HiDownload_Platinum\HiDownloadPlatinum.exe
O87 - FAEL: "TCP Query User{DBE11C0B-6930-4AB2-BD58-3C09D6C521CD}C:\program files (x86)\streamingstar\hidownload_platinum\flvfilter.exe" | In - Private - P6 - TRUE | .(.TODO: - FlvFilter.) -- C:\program files (x86)\streamingstar\hidownload_platinum\flvfilter.exe
O87 - FAEL: "UDP Query User{A2DE7685-55B9-4406-AA6B-D605127EF407}C:\program files (x86)\streamingstar\hidownload_platinum\flvfilter.exe" | In - Private - P17 - TRUE | .(.TODO: - FlvFilter.) -- C:\program files (x86)\streamingstar\hidownload_platinum\flvfilter.exe
O87 - FAEL: "{47D22B7D-8284-41DD-A536-14AFB0C153BF}" | In - Private - P6 - TRUE | .(.APN LLC - DtUser.) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe  =>PUP.Datamngr
O87 - FAEL: "{3F11D417-EB5C-48CB-B32D-84F526F689BC}" | In - Private - P17 - TRUE | .(.APN LLC - DtUser.) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe  =>PUP.Datamngr
~ Firewall: 233 Legitimates Filtered in 00mn 00s



---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "75E33C0DD616EC0449E5D66DCA9C59AB" . (.WBN240-64bits.) -- C:\Windows\Installer\{D0C33E57-616D-40CE-945E-6DD6ACC995BA}\ARPPRODUCTICON.exe
~ Update Products: 118 Legitimates Filtered in 00mn 00s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SavevidMediaBar_RASAPI32  =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SavevidMediaBar_RASMANCS  =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SavevidSetup-r0-n-bc_RASAPI32  =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SavevidSetup-r0-n-bc_RASMANCS  =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Savevid_RASAPI32  =>PUP.Datamngr
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Savevid_RASMANCS  =>PUP.Datamngr
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASAPI32  =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASMANCS  =>P2P.µTorrent
~ BTK: 245 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Disabled 02/01/2014 654848 |  (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Demand 02/01/2014 1471352 |  (FlexNet Licensing Service 64) . (.Flexera Software LLC.) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
SS - | Auto 02/01/2014 116648 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 02/01/2014 116648 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 10/07/1658 0 |  (KMService) . (...) - C:\Windows\system32\srvany.exe  =>Hijacker.Office
SS - | Disabled 03/04/2014 1809720 |  (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
SS - | Auto 03/04/2014 857912 |  (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
SS - | Demand 15/03/2014 119408 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 29/06/2007 800040 |  (NBService) . (.Nero AG.) - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
SS - | Demand 27/06/2007 279848 |  (NMIndexingService) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
SS - | Disabled 30/11/2010 336824 |  (PSI_SVC_2_x64) . (.arvato digital services llc.) - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
SS - | Demand 28/02/2013 118520 |  (rpcapd) . (.Riverbed Technology, Inc..) - C:\Program Files (x86)\WinPcap\rpcapd.exe
SS - | Auto 23/10/2013 172192 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Disabled 11/11/2011 27760 |  (VIAKaraokeService) . (.VIA Technologies, Inc..) - C:\Windows\System32\viakaraokesrv.exe
SS - | Disabled 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 18/12/2012 65192 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 09/02/2012 18720 |  (Autodesk Content Service) . (.Autodesk, Inc..) - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
SR - | Auto 22/01/2014 46808 |  (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 08/04/2014 3544064 |  (DatamngrCoordinator) . (.Bandoo Media Inc.) - C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe  =>PUP.Datamngr
SR - | System 08/04/2014 36216 |  (F06DEFF2-5B9C-490D-910F-35D3A9119622) . (.Bandoo Media Inc.) - C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\setmgrc1.cfg  =>PUP.Datamngr
SR - | Auto 21/02/2014 519720 |  (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
SR - | Auto 23/10/2013 922912 |  (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 27/10/2013 1364256 |  (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 08/04/2013 1320496 |  (PDF Architect Helper Service) . (.pdfforge GmbH.) - C:\Program Files (x86)\PDF Architect\HelperService.exe
SR - | Auto 08/04/2013 799280 |  (PDF Architect Service) . (.pdfforge GmbH.) - C:\Program Files (x86)\PDF Architect\ConversionService.exe
SR - | Auto 23/10/2013 414496 |  (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 17/12/2013 5341536 |  (TeamViewer9) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation

~ Services:  Scanned in 00mn 04s



---\\ Scâner Aditional (088)
Database Version : 13044 - (14/04/2014)
Clés trouvées (Keys found) : 18
Valeurs trouvées (Values found) : 4
Dossiers trouvés  (Folders found) : 4
Fichiers trouvés  (Files found) : 4

[HKLM\Software\Google\Chrome\Extensions\pcoohmdcpejoeggdnihdfhohjgdbllgm]   =>Toolbar.Avira^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95BEF0B1-9D3A-41F3-BB8B-8275AAA48C66}]   =>PUP.Datamngr^
[HKLM\SYSTEM\CurrentControlSet\Services\DatamngrCoordinator]   =>PUP.Datamngr^
[HKLM\SYSTEM\CurrentControlSet\Services\F06DEFF2-5B9C-490D-910F-35D3A9119622]   =>PUP.Datamngr^
[HKLM\SYSTEM\CurrentControlSet\Services\KMService]   =>Hijacker.Office^
[HKLM\Software\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}]   =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}]   =>Adware.Bandoo
[HKLM\Software\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}]   =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}]   =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}]   =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}]   =>Adware.Bandoo
[HKLM\Software\Classes\SearchQUIEHelper.DNSGuard]   =>Adware.Bandoo
[HKLM\Software\Classes\SearchQUIEHelper.DNSGuard.1]   =>Adware.Bandoo
[HKCU\Software\APN DTX]   =>Toolbar.Ask
[HKLM\Software\Wow6432Node\DataMngr]   =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\SearchQUIEHelper.DNSGuard]   =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\SearchQUIEHelper.DNSGuard.1]   =>Adware.Bandoo
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}]   =>Adware.Bandoo^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent   =>P2P.BitTorrent^
C:\Users\CLAUCE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcoohmdcpejoeggdnihdfhohjgdbllgm   =>Toolbar.Avira^
C:\Program Files (x86)\Movies Toolbar   =>PUP.MoviesToolbar^
C:\Program Files (x86)\Savevid   =>Adware.Bandoo^
C:\ProgramData\Datamngr   =>PUP.Datamngr^
C:\Users\CLAUCE\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent^
C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe   =>PUP.Datamngr^
C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe   =>PUP.Datamngr^
[HKLM\Software\Wow6432Node\Datamngr]   =>PUP.Datamngr^
~ Additionnel Scan: 354714 Items scanned in 00mn 17s



---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>PUP.Datamngr
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Hijacker.Office
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>PUP.MoviesToolbar
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Adware.Bandoo
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>PUP.BitGuard
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Hijacker.Eazel
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>PUP.BrowserSafeguard
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Trojan.Staser
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Spyware.ProtectedSearch
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Toolbar.Conduit
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Adware.SearchSettings
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Hijacker.SmartBar
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Adware.IMBooster
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Trojan.Vonteera
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>PUP.TubeDimmer
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Adware.BDSearch
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Toolbar.Ask
~ MSI: 17 link(s) detected in 00mn 00s



~ 1149 Legitimates filtered by white list
End of the scan (572 lines in 00mn 47s)(0)
Glaurey
Glaurey
Membro
Membro

Mensagens : 54
Reputação : 1
Data de inscrição : 03/02/2014
Localização : Minas Gerais

Ir para o topo Ir para baixo

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? Empty Re: Por favor, o que fazer quando o mouse esta desaparecendo?

Mensagem por Power Max Ter 22 Abr 2014, 16:44

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? 772309  Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? 772309  Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.


Última edição por Power Max em Qua 23 Abr 2014, 10:11, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? Empty Relatório ZHPFix

Mensagem por Glaurey Qua 23 Abr 2014, 10:01

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by CLAUCE at 23/04/2014 09:59:39
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 64-bit  (Build 7600)

Reciclagem vazia (00mn 35s)
Reparação de atalhos do navegador

========== Processo memória ==========
ELIMINA REINICIAR: Memory Process: C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe
ELIMINA REINICIAR: Memory Process: C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe

========== Estado dos serviços ==========
F06DEFF2-5B9C-490D-910F-35D3A9119622 Parado

========== Chaves do Registo ==========
ELIMINÉ: CLSID BHO: {95bef0b1-9d3a-41f3-bb8b-8275aaa48c66}
ELIMINÉ:³ Service: DatamngrCoordinator
ELIMINÉ:³ Service: F06DEFF2-5B9C-490D-910F-35D3A9119622
ELIMINÉ Driver Key: F06DEFF2-5B9C-490D-910F-35D3A9119622
ELIMINÉ: HKCU\Software\APN DTX
ELIMINÉ: HKLM\Software\Wow6432Node\Datamngr
ELIMINÉ: O50 - IFEO:Image File Execution Options - bitguard.exe - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - bprotect.exe - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - bpsvc.exe - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - browserdefender.exe - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - browserprotect.exe - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - browsersafeguard.exe - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - dprotectsvc.exe - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - jumpflip - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - protectedsearch.exe - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - searchinstaller.exe - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - searchprotection.exe - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - searchprotector.exe - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - searchsettings.exe - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - searchsettings64.exe - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - snapdo.exe - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - stinst32.exe - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - stinst64.exe - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - umbrella.exe - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - utiljumpflip.exe - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - volaro - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - vonteera - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - websteroids.exe - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - websteroidsservice.exe - tasklist.exe
ELIMINÉ: SearchScopes :{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SavevidMediaBar_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SavevidMediaBar_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SavevidSetup-r0-n-bc_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SavevidSetup-r0-n-bc_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Savevid_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Savevid_RASMANCS
ELIMINÉ:³ HKLM\SYSTEM\CurrentControlSet\Services\DatamngrCoordinator
ELIMINÉ:³ HKLM\SYSTEM\CurrentControlSet\Services\F06DEFF2-5B9C-490D-910F-35D3A9119622
ELIMINÉ:* HKLM\Software\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
ELIMINÉ: HKLM\Software\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
ELIMINÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}
ELIMINÉ:* HKLM\Software\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}
ELIMINÉ:* HKLM\Software\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
ELIMINÉ: HKLM\Software\Classes\SearchQUIEHelper.DNSGuard
ELIMINÉ: HKLM\Software\Classes\SearchQUIEHelper.DNSGuard.1
ELIMINÉ:* HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}

========== Valores do Registo ==========
ELIMINÉ: {47D22B7D-8284-41DD-A536-14AFB0C153BF}
ELIMINÉ: {3F11D417-EB5C-48CB-B32D-84F526F689BC}

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\program files (x86)\movies toolbar\datamngr\srtool~1\ie\searchresultsdx.dll
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINÉ Temporários windows (132) (15.236.809 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
2 : Processo memória
46 : Chaves do Registo
2 : Valores do Registo
1 : Pastas
6 : Ficheiros
1 : Estado dos serviços
1 : Restauração Sistema


End of clean in 01mn 59s

========== Caminho do ficheiro do relatório ==========
C:\Users\CLAUCE\AppData\Roaming\ZHP\ZHPFix[R1].txt - 04/02/2014 10:46:09 [5037]
C:\Users\CLAUCE\AppData\Roaming\ZHP\ZHPFix[R2].txt - 12/02/2014 17:18:00 [1175]
C:\Users\CLAUCE\AppData\Roaming\ZHP\ZHPFix[R3].txt - 18/02/2014 19:12:25 [745]
C:\Users\CLAUCE\AppData\Roaming\ZHP\ZHPFix[R4].txt - 18/02/2014 19:12:56 [941]
C:\Users\CLAUCE\AppData\Roaming\ZHP\ZHPFix[R5].txt - 18/02/2014 19:13:26 [1222]
C:\Users\CLAUCE\AppData\Roaming\ZHP\ZHPFix[R6].txt - 18/02/2014 19:16:25 [1422]
C:\Users\CLAUCE\AppData\Roaming\ZHP\ZHPFix[R7].txt - 22/04/2014 13:04:05 [4503]
C:\Users\CLAUCE\AppData\Roaming\ZHP\ZHPFix[R8].txt - 23/04/2014 10:00:14 [5790]
Glaurey
Glaurey
Membro
Membro

Mensagens : 54
Reputação : 1
Data de inscrição : 03/02/2014
Localização : Minas Gerais

Ir para o topo Ir para baixo

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? Empty Re: Por favor, o que fazer quando o mouse esta desaparecendo?

Mensagem por Power Max Qua 23 Abr 2014, 10:10

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? 772309 Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? Empty Procedimento ja realizado!!!

Mensagem por Glaurey Qua 23 Abr 2014, 10:33

Esse procedimento já foi realizado, veja nas postagens anteriores, acho que estamos repetindo o processo! Rsrs

Power Max escreveu:fazer - Por favor, o que fazer quando o mouse esta desaparecendo? 772309  Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.
Glaurey
Glaurey
Membro
Membro

Mensagens : 54
Reputação : 1
Data de inscrição : 03/02/2014
Localização : Minas Gerais

Ir para o topo Ir para baixo

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? Empty Re: Por favor, o que fazer quando o mouse esta desaparecendo?

Mensagem por Power Max Qua 23 Abr 2014, 10:56

Glaurey escreveu:Esse procedimento já foi realizado, veja nas postagens anteriores, acho que estamos repetindo o processo! Rsrs
Em qual lugar do seu tópico nós fizemos este procedimento? parece que só usamos o ZHP até agora, não foi isso não?

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? Empty Relatório AdwCleaner

Mensagem por Glaurey Qui 24 Abr 2014, 09:56

Me desculpe, você tem toda razão, me confundi aqui!!! Segue relatório:

# AdwCleaner v3.018 - Relatório criado 03/02/2014 às 08:49:37
# Atualizado 28/01/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate (64 bits)
# Usuário : CLAUCE - CLAUCE-PC
# Executando de : C:\Users\CLAUCE\Downloads\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

[!] Pasta Deletada : C:\ProgramData\apn
[!] Pasta Deletada : C:\ProgramData\boost_interprocess
[!] Pasta Deletada : C:\Program Files (x86)\Common Files\337
[!] Pasta Deletada : C:\Users\CLAUCE\AppData\Local\Temp\apn
[!] Pasta Deletada : C:\Users\CLAUCE\AppData\Local\Temp\Desk365
[!] Pasta Deletada : C:\Users\CLAUCE\AppData\Roaming\pdfforge
[!] Pasta Deletada : C:\Users\CLAUCE\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Arquivo Deletada : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Classes\S
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\1ClickDownload
Chave Deletedo : HKCU\Software\anchorfree
Chave Deletedo : HKCU\Software\Crossrider
Chave Deletedo : HKCU\Software\AppDataLow\Software\Crossrider
Chave Deletedo : HKCU\Software\AppDataLow\Software\PriceGong
Chave Deletedo : HKLM\Software\Desksvc
Chave Deletedo : HKLM\Software\V9

***** [ Navegadores ] *****

-\\ Internet Explorer v8.0.7600.16385


-\\ Mozilla Firefox v26.0 (pt-BR)

[ Arquivo : C:\Users\CLAUCE\AppData\Roaming\Mozilla\Firefox\Profiles\3rq1bp6x.default\prefs.js ]


-\\ Google Chrome v32.0.1700.102

[ Arquivo : C:\Users\CLAUCE\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [3803 octets] - [03/02/2014 08:47:04]
AdwCleaner[S0].txt - [3402 octets] - [03/02/2014 08:49:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3462 octets] ##########
# AdwCleaner v3.202 - Relatório criado 24/04/2014 às 09:50:31
# Atualizado 23/04/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate (64 bits)
# Usuário : CLAUCE - GLAUCE-PC
# Executando de : C:\Users\CLAUCE\Downloads\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

[#] Serviço Deletada : DatamngrCoordinator
[#] Serviço Deletada : F06DEFF2-5B9C-490D-910F-35D3A9119622

***** [ Arquivos / Pastas ] *****

[!] Pasta Deletada : C:\ProgramData\DataMngr
[!] Pasta Deletada : C:\Program Files (x86)\Movies Toolbar
[!] Pasta Deletada : C:\Users\CLAUCE\.android
[!] Pasta Deletada : C:\Users\CLAUCE\AppData\Local\torch
[!] Pasta Deletada : C:\Users\CLAUCE\AppData\LocalLow\Mysearchdial
[!] Pasta Deletada : C:\Users\CLAUCE\AppData\Roaming\DigitalSites
[!] Pasta Deletada : C:\Users\CLAUCE\AppData\Roaming\pdfforge
[!] Pasta Deletada : C:\Users\CLAUCE\Documents\Mobogenie
[!] Pasta Deletada : C:\Users\UpdatusUser\AppData\Local\torch
[!] Pasta Deletada : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfldfmhgjapfdnpdnkpchmmgigngiknc
[!] Pasta Deletada : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\igfpicnkfmfoececlbecccpeflnggkjm
Arquivo Deletada : C:\Users\CLAUCE\daemonprocess.txt
Arquivo Deletada : C:\Users\CLAUCE\AppData\Roaming\Mozilla\Firefox\Profiles\3rq1bp6x.default\user.js

***** [ Atalhos ] *****

Atalho Desinfectada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk

***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Valor Deletedo : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Valor Deletedo : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Valor Deletedo : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Valor Deletedo : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Valor Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Chave Deletedo : HKCU\Software\dsiteproducts
Chave Deletedo : HKCU\Software\RegisteredApplicationsEx
Chave Deletedo : HKLM\Software\DataMngr
Chave Deletedo : HKLM\Software\hdcode

***** [ Navegadores ] *****

-\\ Internet Explorer v8.0.7600.16385


-\\ Mozilla Firefox v28.0 (pt-BR)

[ Arquivo : C:\Users\CLAUCE\AppData\Roaming\Mozilla\Firefox\Profiles\3rq1bp6x.default\prefs.js ]

Linha deletada : user_pref("browser.search.defaultenginename", "WebSearch");
Linha deletada : user_pref("browser.search.defaulturl", "hxxp://websearch.searchsun.info/?pid=724&r=2014/02/20&hid=2527924244580801097&lg=EN&cc=BR&l=1&q=");
Linha deletada : user_pref("browser.search.order.1", "WebSearch");
Linha deletada : user_pref("browser.search.order.1,S", "WebSearch");
Linha deletada : user_pref("browser.search.selectedEngine", "WebSearch");
Linha deletada : user_pref("browser.search.selectedEngine,S", "WebSearch");
Linha deletada : user_pref("extensions.JexIJzdJ0JPM.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf([...]
Linha deletada : user_pref("extensions.UwycBCqnH.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"s[...]
Linha deletada : user_pref("extensions.cbh.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumorob[...]

-\\ Google Chrome v34.0.1847.116

[ Arquivo : C:\Users\CLAUCE\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Homepage] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*************************

AdwCleaner[R0].txt - [10986 octets] - [03/02/2014 07:47:04]
AdwCleaner[R1].txt - [1025 octets] - [03/02/2014 07:57:18]
AdwCleaner[S0].txt - [9943 octets] - [03/02/2014 07:49:37]
AdwCleaner[S1].txt - [1084 octets] - [03/02/2014 07:59:19]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10063 octets] ##########



Power Max escreveu:
Glaurey escreveu:Esse procedimento já foi realizado, veja nas postagens anteriores, acho que estamos repetindo o processo! Rsrs
Em qual lugar do seu tópico nós fizemos este procedimento? parece que só usamos o ZHP até agora, não foi isso não?
Glaurey
Glaurey
Membro
Membro

Mensagens : 54
Reputação : 1
Data de inscrição : 03/02/2014
Localização : Minas Gerais

Ir para o topo Ir para baixo

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? Empty Re: Por favor, o que fazer quando o mouse esta desaparecendo?

Mensagem por Power Max Qui 24 Abr 2014, 11:39

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? 772309  Desative temporariamente seu antivírus para evitar conflitos.

Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Qui 24 Abr 2014, 12:56, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? Empty Relatório Zoek.exe

Mensagem por Glaurey Qui 24 Abr 2014, 12:48

Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by CLAUCE on 24/04/2014 at 12:13:41,90.
Microsoft Windows 7 Ultimate  6.1.7600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\CLAUCE\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

24/04/2014 12:15:11 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1       localhost
::1             localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\CLAUCE\AppData\Roaming\Mozilla\Firefox\Profiles\3rq1bp6x.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com.br/");

Added to C:\Users\CLAUCE\AppData\Roaming\Mozilla\Firefox\Profiles\3rq1bp6x.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\CLAUCE\AppData\Roaming\Mozilla\Firefox\Profiles\3rq1bp6x.default

user.js not found
---- Lines mysearch removed from prefs.js ----
user_pref("extensions.irmysearch.aflt", "dsites0103");
user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutCtD0B0FyEzzyBtAyB0EtDyDtBtB0ByCtN0D0Tzu0SyBzztDtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1
user_pref("extensions.irmysearch.cr", "1889520932");
user_pref("extensions.irmysearch.instlRef", "");
---- Lines extensions.JexIJzdJ0JPM removed from prefs.js ----
user_pref("extensions.JexIJzdJ0JPM.epoch", "1394133776");
user_pref("extensions.JexIJzdJ0JPM.url", "http://webdireect.in/sync2/?q=hfZ9ofDSBShEAen0qHs9tMqLDe49CNU0nVsMCMlNhd9FqdaGrTaFrjr7rTkMBzqUojw9rdrEqjw4rT
---- Lines extensions.UwycBCqnH removed from prefs.js ----
user_pref("extensions.UwycBCqnH.epoch", "1394133777");
user_pref("extensions.UwycBCqnH.url", "http://toolkitcard.info/sync2/?q=hfZ9ofDSC6gMCyVUojCGqchTB6lKDzt4oktitNtVh7n0rjnErTsErjwHqjs6tMFHhd9FqdaHrdkFpj
---- Lines extensions.cbh removed from prefs.js ----
user_pref("extensions.cbh.epoch", "1397601722");
user_pref("extensions.cbh.url", "http://syncjpi.info/sync2/?q=hfZ9ofV9CShEAen0qHs9tMqLDe49CNU0nVsMCMlNhd9FqdaGrTaFrjr8rHCMBzqUojw9rdnFqdsGqdw9rih7hfs0
---- FireFox user.js and prefs.js backups ----

prefs_042014_1221_.backup

==== Deleting Files \ Folders ======================

C:\Users\CLAUCE\AppData\LocalLow\{1ED343F1-168C-5479-68FA-BEC2B8F31C6C} deleted
C:\Users\CLAUCE\AppData\LocalLow\{2D1E2409-32FE-86EA-4B83-011EAFBDE154} deleted
C:\Users\CLAUCE\AppData\LocalLow\{73F08C43-A846-EBA7-8D47-E8C68A99DDBD} deleted
C:\Users\CLAUCE\AppData\Local\Packages\windows_ie_ac_001\AC\{1ED343F1-168C-5479-68FA-BEC2B8F31C6C} deleted
C:\Users\CLAUCE\AppData\Local\Packages\windows_ie_ac_001\AC\{2D1E2409-32FE-86EA-4B83-011EAFBDE154} deleted
C:\Users\CLAUCE\AppData\Local\Packages\windows_ie_ac_001\AC\{73F08C43-A846-EBA7-8D47-E8C68A99DDBD} deleted
C:\PROGRA~3\FileSplitUpLoad.dll deleted
C:\PROGRA~3\GreatSoft deleted
C:\Users\CLAUCE\AppData\Local\cache deleted
C:\Users\CLAUCE\AppData\LocalLow\savevidmoviestoolbarha deleted
C:\Users\CLAUCE\AppData\Roaming\Mozilla\Firefox\Profiles\3rq1bp6x.default\savevidmoviestoolbarha deleted
C:\Users\CLAUCE\iGBPCEFsf.exe deleted
"C:\PROGRA~3\3399e7679ad6712b\{476D78C4-1DB0-2D88-7FCC-AA6559F59A8D}" deleted
"C:\PROGRA~3\3399e7679ad6712b\{476D78C4-1DB0-2D88-7FCC-AA6559F59A8D}.old" deleted
"C:\PROGRA~3\3399e7679ad6712b\{4820778D-AB0D-6D18-C316-52A6A0E1D507}" deleted
"C:\PROGRA~3\3399e7679ad6712b\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}" deleted
"C:\PROGRA~3\3399e7679ad6712b\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}" deleted
"C:\PROGRA~3\3399e7679ad6712b\{CF830981-8F31-C561-C7A0-FE2CE1878B40}" deleted
"C:\PROGRA~3\3399e7679ad6712b\{E32743D3-5789-6E4F-3998-06FB87C9214B}" deleted
"C:\PROGRA~3\3399e7679ad6712b" deleted
"C:\Users\CLAUCE\AppData\Roaming\GrabPro" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"FFPDFArchitectConverter@pdfarchitect.com"=hex(2):43,00,3a,00,5c,00,50,00,72,\ []
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{87F8774F-B485-47E2-A755-A40A8A5E8874}"="C:\Users\CLAUCE\AppData\Local\GAS Tecnologia\GBBD\abn\xpi" [05/03/2014 16:55]

==== Firefox Extensions ======================

ProfilePath: C:\Users\CLAUCE\AppData\Roaming\Mozilla\Firefox\Profiles\3rq1bp6x.default
- DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
- Google Translator for Firefox - %ProfilePath%\extensions\translator@zoli.bod.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\CLAUCE\AppData\Roaming\Mozilla\Firefox\Profiles\3rq1bp6x.default
89A6AB9E12FEDEBCC5EC0F40D66 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll - Shockwave Flash
FF0D6F82A0EC13952E83B9439100E45D - C:\Users\CLAUCE\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin

==== Chrome Look ======================

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
abmojiekfpcmkkfamgfcpgfgipocface - C:\Users\CLAUCE\AppData\Local\GAS Tecnologia\GBBD\abn\sf.crx[07/01/2014 18:46]
nnjbodopomfddehlalfilheomcahbpei - C:\Users\CLAUCE\AppData\Local\GAS Tecnologia\GBBD\cef\sf.crx[13/01/2014 13:52]

YTBookaMark - Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\akpidgaabbmiehpidhlbahkkdjmkloal
YoutubeAdblocker - Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cfldfmhgjapfdnpdnkpchmmgigngiknc
weubsavE - Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hgajekmmmcfbgkihgdoccbploohamhpb
Seaercih--NewTab - Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\igfpicnkfmfoececlbecccpeflnggkjm
Minimal Memory - Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig
YTBookaMark - Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpidgaabbmiehpidhlbahkkdjmkloal
YoutubeAdblocker - Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfldfmhgjapfdnpdnkpchmmgigngiknc
weubsavE - Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgajekmmmcfbgkihgdoccbploohamhpb
Seaercih--NewTab - Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\igfpicnkfmfoececlbecccpeflnggkjm
Minimal Memory - Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig
YTBookaMark - Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\akpidgaabbmiehpidhlbahkkdjmkloal
YoutubeAdblocker - Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cfldfmhgjapfdnpdnkpchmmgigngiknc
weubsavE - Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hgajekmmmcfbgkihgdoccbploohamhpb
Seaercih--NewTab - Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\igfpicnkfmfoececlbecccpeflnggkjm
Minimal Memory - Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig
YTBookaMark - Administrador\AppData\Local\Torch\User Data\Default\Extensions\akpidgaabbmiehpidhlbahkkdjmkloal
YoutubeAdblocker - Administrador\AppData\Local\Torch\User Data\Default\Extensions\cfldfmhgjapfdnpdnkpchmmgigngiknc
weubsavE - Administrador\AppData\Local\Torch\User Data\Default\Extensions\hgajekmmmcfbgkihgdoccbploohamhpb
Seaercih--NewTab - Administrador\AppData\Local\Torch\User Data\Default\Extensions\igfpicnkfmfoececlbecccpeflnggkjm
Minimal Memory - Administrador\AppData\Local\Torch\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig
YTBookaMark - CLAUCE\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\akpidgaabbmiehpidhlbahkkdjmkloal
YoutubeAdblocker - CLAUCE\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cfldfmhgjapfdnpdnkpchmmgigngiknc
weubsavE - CLAUCE\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hgajekmmmcfbgkihgdoccbploohamhpb
Seaercih--NewTab - CLAUCE\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\igfpicnkfmfoececlbecccpeflnggkjm
Minimal Memory - CLAUCE\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig
GBBD Banco Santander (Brasil) S.A. - CLAUCE\AppData\Local\Google\Chrome\User Data\Default\Extensions\abmojiekfpcmkkfamgfcpgfgipocface
YTBookaMark - CLAUCE\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpidgaabbmiehpidhlbahkkdjmkloal
Google Docs - CLAUCE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - CLAUCE\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - CLAUCE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - CLAUCE\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
GBBD Banco Santander (Brasil) S.A. - CLAUCE\AppData\Local\Google\Chrome\User Data\Default\Extensions\idnljhnpjegfbcohjhdnhjlnfnffmbnf
Google Wallet - CLAUCE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
GBBD Caixa Economica Federal - CLAUCE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi
Gmail - CLAUCE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
YTBookaMark - CLAUCE\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\akpidgaabbmiehpidhlbahkkdjmkloal
YoutubeAdblocker - CLAUCE\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cfldfmhgjapfdnpdnkpchmmgigngiknc
weubsavE - CLAUCE\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hgajekmmmcfbgkihgdoccbploohamhpb
Seaercih--NewTab - CLAUCE\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\igfpicnkfmfoececlbecccpeflnggkjm
Minimal Memory - CLAUCE\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig
YTBookaMark - Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\akpidgaabbmiehpidhlbahkkdjmkloal
YoutubeAdblocker - Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cfldfmhgjapfdnpdnkpchmmgigngiknc
weubsavE - Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hgajekmmmcfbgkihgdoccbploohamhpb
Seaercih--NewTab - Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\igfpicnkfmfoececlbecccpeflnggkjm
Minimal Memory - Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig
YTBookaMark - Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpidgaabbmiehpidhlbahkkdjmkloal
YoutubeAdblocker - Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfldfmhgjapfdnpdnkpchmmgigngiknc
weubsavE - Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgajekmmmcfbgkihgdoccbploohamhpb
Seaercih--NewTab - Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\igfpicnkfmfoececlbecccpeflnggkjm
Minimal Memory - Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig
YTBookaMark - Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\akpidgaabbmiehpidhlbahkkdjmkloal
YoutubeAdblocker - Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cfldfmhgjapfdnpdnkpchmmgigngiknc
weubsavE - Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hgajekmmmcfbgkihgdoccbploohamhpb
Seaercih--NewTab - Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\igfpicnkfmfoececlbecccpeflnggkjm
Minimal Memory - Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig
YTBookaMark - Convidado\AppData\Local\Torch\User Data\Default\Extensions\akpidgaabbmiehpidhlbahkkdjmkloal
YoutubeAdblocker - Convidado\AppData\Local\Torch\User Data\Default\Extensions\cfldfmhgjapfdnpdnkpchmmgigngiknc
weubsavE - Convidado\AppData\Local\Torch\User Data\Default\Extensions\hgajekmmmcfbgkihgdoccbploohamhpb
Seaercih--NewTab - Convidado\AppData\Local\Torch\User Data\Default\Extensions\igfpicnkfmfoececlbecccpeflnggkjm
Minimal Memory - Convidado\AppData\Local\Torch\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig
YTBookaMark - UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\akpidgaabbmiehpidhlbahkkdjmkloal
YoutubeAdblocker - UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cfldfmhgjapfdnpdnkpchmmgigngiknc
weubsavE - UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hgajekmmmcfbgkihgdoccbploohamhpb
Seaercih--NewTab - UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\igfpicnkfmfoececlbecccpeflnggkjm
Minimal Memory - UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig
YTBookaMark - UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpidgaabbmiehpidhlbahkkdjmkloal
weubsavE - UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgajekmmmcfbgkihgdoccbploohamhpb
Minimal Memory - UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig
YTBookaMark - UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\akpidgaabbmiehpidhlbahkkdjmkloal
YoutubeAdblocker - UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cfldfmhgjapfdnpdnkpchmmgigngiknc
weubsavE - UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hgajekmmmcfbgkihgdoccbploohamhpb
Seaercih--NewTab - UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\igfpicnkfmfoececlbecccpeflnggkjm
Minimal Memory - UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig

==== Chrome Fix ======================

C:\Users\CLAUCE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.searchsun.info_0.localstorage deleted successfully
C:\Users\CLAUCE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.searchsun.info_0.localstorage-journal deleted successfully
C:\Users\CLAUCE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_portugues.babylon.com_0.localstorage deleted successfully
C:\Users\CLAUCE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_portugues.babylon.com_0.localstorage-journal deleted successfully
C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cfldfmhgjapfdnpdnkpchmmgigngiknc deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfldfmhgjapfdnpdnkpchmmgigngiknc deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cfldfmhgjapfdnpdnkpchmmgigngiknc deleted successfully
C:\Users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\cfldfmhgjapfdnpdnkpchmmgigngiknc deleted successfully
C:\Users\CLAUCE\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cfldfmhgjapfdnpdnkpchmmgigngiknc deleted successfully
C:\Users\CLAUCE\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cfldfmhgjapfdnpdnkpchmmgigngiknc deleted successfully
C:\Users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cfldfmhgjapfdnpdnkpchmmgigngiknc deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfldfmhgjapfdnpdnkpchmmgigngiknc deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cfldfmhgjapfdnpdnkpchmmgigngiknc deleted successfully
C:\Users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\cfldfmhgjapfdnpdnkpchmmgigngiknc deleted successfully
C:\Users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cfldfmhgjapfdnpdnkpchmmgigngiknc deleted successfully
C:\Users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cfldfmhgjapfdnpdnkpchmmgigngiknc deleted successfully
C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\akpidgaabbmiehpidhlbahkkdjmkloal deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpidgaabbmiehpidhlbahkkdjmkloal deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\akpidgaabbmiehpidhlbahkkdjmkloal deleted successfully
C:\Users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\akpidgaabbmiehpidhlbahkkdjmkloal deleted successfully
C:\Users\CLAUCE\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\akpidgaabbmiehpidhlbahkkdjmkloal deleted successfully
C:\Users\CLAUCE\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpidgaabbmiehpidhlbahkkdjmkloal deleted successfully
C:\Users\CLAUCE\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\akpidgaabbmiehpidhlbahkkdjmkloal deleted successfully
C:\Users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\akpidgaabbmiehpidhlbahkkdjmkloal deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpidgaabbmiehpidhlbahkkdjmkloal deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\akpidgaabbmiehpidhlbahkkdjmkloal deleted successfully
C:\Users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\akpidgaabbmiehpidhlbahkkdjmkloal deleted successfully
C:\Users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\akpidgaabbmiehpidhlbahkkdjmkloal deleted successfully
C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpidgaabbmiehpidhlbahkkdjmkloal deleted successfully
C:\Users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\akpidgaabbmiehpidhlbahkkdjmkloal deleted successfully
C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hgajekmmmcfbgkihgdoccbploohamhpb deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgajekmmmcfbgkihgdoccbploohamhpb deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hgajekmmmcfbgkihgdoccbploohamhpb deleted successfully
C:\Users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\hgajekmmmcfbgkihgdoccbploohamhpb deleted successfully
C:\Users\CLAUCE\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hgajekmmmcfbgkihgdoccbploohamhpb deleted successfully
C:\Users\CLAUCE\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hgajekmmmcfbgkihgdoccbploohamhpb deleted successfully
C:\Users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hgajekmmmcfbgkihgdoccbploohamhpb deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgajekmmmcfbgkihgdoccbploohamhpb deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hgajekmmmcfbgkihgdoccbploohamhpb deleted successfully
C:\Users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\hgajekmmmcfbgkihgdoccbploohamhpb deleted successfully
C:\Users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hgajekmmmcfbgkihgdoccbploohamhpb deleted successfully
C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgajekmmmcfbgkihgdoccbploohamhpb deleted successfully
C:\Users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hgajekmmmcfbgkihgdoccbploohamhpb deleted successfully
C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\igfpicnkfmfoececlbecccpeflnggkjm deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\igfpicnkfmfoececlbecccpeflnggkjm deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\igfpicnkfmfoececlbecccpeflnggkjm deleted successfully
C:\Users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\igfpicnkfmfoececlbecccpeflnggkjm deleted successfully
C:\Users\CLAUCE\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\igfpicnkfmfoececlbecccpeflnggkjm deleted successfully
C:\Users\CLAUCE\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\igfpicnkfmfoececlbecccpeflnggkjm deleted successfully
C:\Users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\igfpicnkfmfoececlbecccpeflnggkjm deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\igfpicnkfmfoececlbecccpeflnggkjm deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\igfpicnkfmfoececlbecccpeflnggkjm deleted successfully
C:\Users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\igfpicnkfmfoececlbecccpeflnggkjm deleted successfully
C:\Users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\igfpicnkfmfoececlbecccpeflnggkjm deleted successfully
C:\Users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\igfpicnkfmfoececlbecccpeflnggkjm deleted successfully
C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig deleted successfully
C:\Users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig deleted successfully
C:\Users\CLAUCE\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig deleted successfully
C:\Users\CLAUCE\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig deleted successfully
C:\Users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig deleted successfully
C:\Users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig deleted successfully
C:\Users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig deleted successfully
C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig deleted successfully
C:\Users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com.br/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com.br/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\CLAUCE\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\CLAUCE\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95bef0b1-9d3a-41f3-bb8b-8275aaa48c66} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2758932580-3479336420-2192492680-1000\Software\Mozilla\Firefox\Extensions\mozilla_cc@internetdownloadmanager.com deleted successfully
HKEY_USERS\S-1-5-21-2758932580-3479336420-2192492680-1000\Software\Mozilla\Firefox\Extensions\{87F8774F-B485-47E2-A755-A40A8A5E886C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95bef0b1-9d3a-41f3-bb8b-8275aaa48c66} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\FFPDFArchitectConverter@pdfarchitect.com deleted successfully

==== shortcuts on Users Desktops ======================

C:\Users\CLAUCE\Desktop\Adobe Photoshop CS3.lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop CS3\Photoshop.exe
C:\Users\CLAUCE\Desktop\Dropbox.lnk - C:\Users\CLAUCE\AppData\Roaming\Dropbox\bin\Dropbox.exe /home
C:\Users\CLAUCE\Desktop\PDF Architect.lnk - C:\Program Files (x86)\PDF Architect\PDF Architect.exe
C:\Users\CLAUCE\Desktop\ZHPDiag.lnk - C:\Program Files (x86)\ZHPDiag\ZHPhep.exe
C:\Users\CLAUCE\Desktop\ZHPFix.lnk - C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe
C:\Users\CLAUCE\Desktop\µTorrent.lnk -  
C:\Users\CLAUCE\Desktop\Manutenção Otávio\Revo Uninstaller.lnk -  

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\AutoCAD 2014 - Português - Brasil (Brazilian Portuguese).lnk -  
C:\Users\Public\Desktop\Autodesk ReCap.lnk - C:\Program Files (x86)\Autodesk\Autodesk ReCap\recap.exe
C:\Users\Public\Desktop\avast Free Antivirus.lnk -  
C:\Users\Public\Desktop\Corel CAPTURE X6 (64-Bit).lnk - c:\Windows\Installer\{1967EF95-E00B-4669-8B1C-A589BE8BF24F}\NewShortcut6_C2D12190778B49D7B6847BAECAE7BE9D.exe
C:\Users\Public\Desktop\Corel CONNECT X6 (64-Bit).lnk - C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X6\Connect64\Connect.exe
C:\Users\Public\Desktop\Corel PHOTO-PAINT X6 (64-Bit).lnk - c:\Windows\Installer\{D7C2687D-924E-4485-B367-C7D95CBF8DDD}\NewShortcut4_1B93EBAA624B47A7847E8976FF2E037B.exe
C:\Users\Public\Desktop\CorelDRAW X6 (64-Bit).lnk - c:\Windows\Installer\{27AE72A4-B217-4CDC-B82B-3311E9D7460E}\NewShortcut1_41AAC0AC880545E6A1C81230F4159C30.exe
C:\Users\Public\Desktop\Google SketchUp 8.lnk - C:\Program Files (x86)\Google\Google SketchUp 8\SketchUp.exe
C:\Users\Public\Desktop\HD VDeck.lnk - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Users\Public\Desktop\LayOut 3.lnk - C:\Program Files (x86)\Google\Google SketchUp 8\LayOut\LayOut.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Nero StartSmart.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8  
C:\Users\Public\Desktop\PDFCreator.lnk - C:\Program Files (x86)\PDFCreator\PDFCreator.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe
C:\Users\Public\Desktop\Style Builder 2.lnk - C:\Program Files (x86)\Google\Google SketchUp 8\Style Builder\Style Builder.exe
C:\Users\Public\Desktop\TeamViewer 9.lnk - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Users\Public\Desktop\TubeDigger.lnk - C:\Program Files (x86)\TubeDigger\TubeDigger.exe
C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamingStar\HiDownload Platinum\HiDownload Platinum.lnk - C:\Program Files (x86)\StreamingStar\HiDownload_Platinum\HiDownloadPlatinum.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamingStar\HiDownload Platinum\Uninstall.lnk - C:\Program Files (x86)\StreamingStar\HiDownload_Platinum\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap\Uninstall WinPcap 4.1.3.lnk - C:\Program Files (x86)\WinPcap\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPDiag.lnk - C:\Program Files (x86)\ZHPDiag\ZHPhep.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPFix.lnk - C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe

==== shortcuts in Quick Launch ======================

C:\Users\CLAUCE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\CLAUCE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\CLAUCE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero Home.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero Home\NeroHome.exe -ScParameter=8  
C:\Users\CLAUCE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8  
C:\Users\CLAUCE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\CLAUCE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\CLAUCE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -  
C:\Users\CLAUCE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\chrome - Atalho.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\CLAUCE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\CLAUCE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\CLAUCE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\CLAUCE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\CLAUCE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\µTorrent.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyOverride"="*.local"
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\91a1ca12-982d-4ae4-921e-acff75887eda deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\savevidmoviestoolbarhaIE deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\CLAUCE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\CLAUCE\Documents\backup 2011\C\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\CLAUCE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S0Z7JLIV will be deleted at reboot
C:\Users\CLAUCE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\CLAUCE\AppData\Local\Mozilla\Firefox\Profiles\3rq1bp6x.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\CLAUCE\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=536 folders=162 7086415 bytes)

==== Empty Temp Folders ======================

C:\Users\CLAUCE\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\CLAUCE\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\CLAUCE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Users\CLAUCE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S0Z7JLIV" not found

==== EOF on 24/04/2014 at 12:35:11,09 ======================
Glaurey
Glaurey
Membro
Membro

Mensagens : 54
Reputação : 1
Data de inscrição : 03/02/2014
Localização : Minas Gerais

Ir para o topo Ir para baixo

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? Empty Re: Por favor, o que fazer quando o mouse esta desaparecendo?

Mensagem por Power Max Qui 24 Abr 2014, 12:55

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? 772309 Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? Empty Relatório Junware

Mensagem por Glaurey Qui 24 Abr 2014, 13:03

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by CLAUCE on 24/04/2014 at 12:57:06,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110411591160}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411591160}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASMANCS



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\CLAUCE\AppData\Roaming\mozilla\firefox\profiles\3rq1bp6x.default\minidumps [6 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24/04/2014 at 13:01:58,20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Glaurey
Glaurey
Membro
Membro

Mensagens : 54
Reputação : 1
Data de inscrição : 03/02/2014
Localização : Minas Gerais

Ir para o topo Ir para baixo

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? Empty Re: Por favor, o que fazer quando o mouse esta desaparecendo?

Mensagem por Power Max Qui 24 Abr 2014, 13:04

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? 772309 Faça uma atualização (update) de seu Malwarebytes e faça uma limpeza com ele seguindo as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Na sua próxima resposta poste este log (relatório) do Malwarebytes.

Ficamos no aguardo.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? Empty Relatório Malware

Mensagem por Glaurey Qui 24 Abr 2014, 18:33

Nenhuma ameaça foi encontrada!!!  :rindo_atoa:  fazer - Por favor, o que fazer quando o mouse esta desaparecendo? 404338 


Muito obrigada!!!
Glaurey
Glaurey
Membro
Membro

Mensagens : 54
Reputação : 1
Data de inscrição : 03/02/2014
Localização : Minas Gerais

Ir para o topo Ir para baixo

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? Empty Re: Por favor, o que fazer quando o mouse esta desaparecendo?

Mensagem por Power Max Qui 24 Abr 2014, 18:34

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? 772309 Poste só o relatório do Malwarebytes aqui no seu tópico, por gentileza.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? Empty Relatório Malware

Mensagem por Glaurey Qui 24 Abr 2014, 18:49

Desculpe, o relatório não apareceu automaticamente.
Segue:

Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Data de Verificação: 24/04/2014
Hora da Verificação: 18:39:37
Logfile: relatorio Malware.txt
Administrador: Sim

Versão: 2.00.1.1004
Malware Database: v2014.04.24.09
Rootkit Database: v2014.03.27.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Chameleon: Desabilitado

OS: Windows 7
CPU: x64
Sistema de Arquivo: NTFS
Usuário: CLAUCE

Tipo da Verificação: Verificar Ameaça
Resultado: Completado
Arquivos Verificados: 303873
Tempo Decorrido: 23 min, 1 seg

Memória: Enabled
Inicialização: Enabled
Filesystem: Enabled
Arquivos: Enabled
Rootkits: Desabilitado
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processos: 0
(No malicious items detected)

Módulos: 0
(No malicious items detected)

Chaves de Registro: 1
PUP.Optional.MoviesToolBar.A, HKU\S-1-5-21-2758932580-3479336420-2192492680-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\savevidmoviestoolbarha, Quarantined, [90992806aad1ac8a03c8aed6659d1fe1],

Valores de Registro: 0
(No malicious items detected)

Dados do Registro: 0
(No malicious items detected)

Pastas: 0
(No malicious items detected)

Arquivos: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Power Max escreveu:fazer - Por favor, o que fazer quando o mouse esta desaparecendo? 772309  Poste só o relatório do Malwarebytes aqui no seu tópico, por gentileza.
Glaurey
Glaurey
Membro
Membro

Mensagens : 54
Reputação : 1
Data de inscrição : 03/02/2014
Localização : Minas Gerais

Ir para o topo Ir para baixo

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? Empty Re: Por favor, o que fazer quando o mouse esta desaparecendo?

Mensagem por Power Max Qui 24 Abr 2014, 18:53

Você não escaneou como está no tutorial. Faça exatamente como está no tutorial que te passei, por gentileza, e depois poste o novo relatório que ele irá criar.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? Empty LOG MALWARE

Mensagem por Glaurey Qui 24 Abr 2014, 20:49

Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Data de Verificação: 24/04/2014
Hora da Verificação: 18:39:37
Logfile: LOG.txt
Administrador: Sim

Versão: 2.00.1.1004
Malware Database: v2014.04.24.09
Rootkit Database: v2014.03.27.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Chameleon: Desabilitado

OS: Windows 7
CPU: x64
Sistema de Arquivo: NTFS
Usuário: CLAUCE

Tipo da Verificação: Verificar Ameaça
Resultado: Completado
Arquivos Verificados: 303873
Tempo Decorrido: 23 min, 1 seg

Memória: Enabled
Inicialização: Enabled
Filesystem: Enabled
Arquivos: Enabled
Rootkits: Desabilitado
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processos: 0
(No malicious items detected)

Módulos: 0
(No malicious items detected)

Chaves de Registro: 1
PUP.Optional.MoviesToolBar.A, HKU\S-1-5-21-2758932580-3479336420-2192492680-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\savevidmoviestoolbarha, Quarantined, [90992806aad1ac8a03c8aed6659d1fe1],

Valores de Registro: 0
(No malicious items detected)

Dados do Registro: 0
(No malicious items detected)

Pastas: 0
(No malicious items detected)

Arquivos: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)


Power Max escreveu:Você não escaneou como está no tutorial. Faça exatamente como está no tutorial que te passei, por gentileza, e depois poste o novo relatório que ele irá criar.
Glaurey
Glaurey
Membro
Membro

Mensagens : 54
Reputação : 1
Data de inscrição : 03/02/2014
Localização : Minas Gerais

Ir para o topo Ir para baixo

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? Empty Re: Por favor, o que fazer quando o mouse esta desaparecendo?

Mensagem por Power Max Qui 24 Abr 2014, 20:56

Você postou o mesmo relatório que tinha postado antes, veja que a data e horário são exatamente iguais:

Data de Verificação: 24/04/2014
Hora da Verificação: 18:39:37

Data de Verificação: 24/04/2014
Hora da Verificação: 18:39:37

O novo relatório deve estar com o horário diferente, encontre ele aí por gentileza e o poste.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? Empty LOG JRT

Mensagem por Glaurey Qui 24 Abr 2014, 21:03

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by CLAUCE on 24/04/2014 at 20:57:27,78
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24/04/2014 at 21:02:28,31
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



Power Max escreveu:fazer - Por favor, o que fazer quando o mouse esta desaparecendo? 772309  Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.
Glaurey
Glaurey
Membro
Membro

Mensagens : 54
Reputação : 1
Data de inscrição : 03/02/2014
Localização : Minas Gerais

Ir para o topo Ir para baixo

fazer - Por favor, o que fazer quando o mouse esta desaparecendo? Empty Re: Por favor, o que fazer quando o mouse esta desaparecendo?

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Ir para o topo Ir para baixo

Página 1 de 2 1, 2  Seguinte

Ir para o topo

- Tópicos semelhantes

 
Permissões neste sub-fórum
Não podes responder a tópicos