Blue Screen of Death - (win32k.sys ; dxgkrnl.sys ; nvlddmkm.sys)

Estou com este problema de BSoD nestes três locais mencionados acima.
O problema não ocorre todo dia, as vezes demora um tempo para a BSoD aparecer novamente.
Meu sistema operacional é um Windows 7 Professional 64bits.
Gostaria de ajuda para resolver o problema.
Vou postar de imediato o log do HiJackThis.
Desde já, obrigado.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:23:02, on 07/05/2014
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16526)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Syns\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Auxiliar de Conexão de Conta da Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Smiley Bar for Facebook - {944FEDFD-C4FD-441D-8275-9C651A9FFBDE} - C:\Program Files (x86)\Smiley Bar for Facebook\ScriptHost.dll
O2 - BHO: DataMngr - {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Search-Results Toolbar - {f34c9277-6577-4dff-b2d7-7d58092f272f} - (no file)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Search-Results Toolbar - {f34c9277-6577-4dff-b2d7-7d58092f272f} - (no file)
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [ServicioSpeedy] C:\Program Files (x86)\Telefonica\Speedy\SATCfgApp.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Syns\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"  /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~3\Wincert\WIN32C~1.DLL C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Updater Service (IBUpdaterService) - Unknown owner - C:\ProgramData\IBUpdaterService\ibsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12688 bytes

Olá Neo.

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

Aqui está o relatório solicitado.

# AdwCleaner v3.207 - Relatório criado 07/05/2014 às 22:46:24
# Atualizado 05/05/2014 por Xplode
# Sistema Operacional : Windows 7 Professional (64 bits)
# Usuário : Syns - SYNS-PC
# Executando de : C:\Users\Syns\Downloads\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

Serviço Deletada : IBUpdaterService

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\Browser Manager
Pasta Deletada : C:\ProgramData\IBUpdaterService
Pasta Deletada : C:\ProgramData\Tarma Installer
Pasta Deletada : C:\ProgramData\wincert
Pasta Deletada : C:\Program Files (x86)\file scout
Pasta Deletada : C:\Program Files (x86)\Gophoto.it
Pasta Deletada : C:\Program Files (x86)\Iminent
Pasta Deletada : C:\Program Files (x86)\Search Results Toolbar
Pasta Deletada : C:\Program Files (x86)\SearchProtect
Pasta Deletada : C:\Program Files (x86)\Smiley Bar for Facebook
Pasta Deletada : C:\Program Files (x86)\TornTV.com
Pasta Deletada : C:\Users\Syns\AppData\Local\iLivid
Pasta Deletada : C:\Users\Syns\AppData\Local\SearchProtect
Pasta Deletada : C:\Users\Syns\AppData\LocalLow\ilividtoolbarguid
Pasta Deletada : C:\Users\Syns\AppData\LocalLow\Minibar
Pasta Deletada : C:\Users\Syns\AppData\Roaming\B1Toolbar
Pasta Deletada : C:\Users\Syns\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Syns\AppData\Roaming\file scout
Pasta Deletada : C:\Users\Syns\AppData\Roaming\Funmoods
Pasta Deletada : C:\Users\Syns\AppData\Roaming\OpenCandy
Pasta Deletada : C:\Users\Syns\AppData\Roaming\PerformerSoft
Pasta Deletada : C:\Users\Syns\AppData\Roaming\StatusWinks
Pasta Deletada : C:\Users\Syns\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Arquivo Deletada : C:\END
Arquivo Deletada : C:\Windows\System32\roboot64.exe
Arquivo Deletada : C:\Users\Syns\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
Arquivo Deletada : C:\Users\Syns\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Arquivo Deletada : C:\Users\Syns\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage-journal
Arquivo Deletada : C:\Windows\System32\Tasks\Dealply
Arquivo Deletada : C:\Windows\System32\Tasks\Funmoods

***** [ Atalhos ] *****


***** [ Registro ] *****

Valor Deletedo : HKCU\Software\Mozilla\Firefox\Extensions [statuswinks@StatusWinks]
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [statuswinks@StatusWinks]
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\hgojaaaiddhmiiakpejiklijbalpckih
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Chave Deletedo : HKLM\SOFTWARE\Classes\*\shell\filescout
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Chave Deletedo : HKLM\SOFTWARE\Classes\BrowserConnection.Loader
Chave Deletedo : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Facebook.ScriptHostObject
Chave Deletedo : HKLM\SOFTWARE\Classes\Facebook.ScriptHostObject.1
Chave Deletedo : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard
Chave Deletedo : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard.1
Chave Deletedo : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Chave Deletedo : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9FF9AE6F-4553-41A7-B645-B0E88850EABF}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CE4DB5A3-58E6-41F1-8761-47238DF4F468}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{1FDC0B61-91AC-4157-9B27-CAD9A09AB67E}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{75E8DA27-44AF-40AE-927C-F2EEC99D65B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F34C9277-6577-4DFF-B2D7-7D58092F272F}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
Valor Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
Chave Deletedo : HKCU\Software\1ClickDownload
Chave Deletedo : HKCU\Software\APN DTX
Chave Deletedo : HKCU\Software\DataMngr
Chave Deletedo : HKCU\Software\DataMngr_Toolbar
Chave Deletedo : HKCU\Software\filescout
Chave Deletedo : HKCU\Software\ilivid
Chave Deletedo : HKCU\Software\ilividtoolbarguid
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKLM\Software\DataMngr
Chave Deletedo : HKLM\Software\iLividSRTB
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKLM\Software\InstallCore
Chave Deletedo : HKLM\Software\PIP
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smiley Bar for Facebook
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
Chave Deletedo : [x64] HKLM\SOFTWARE\DataMngr
Chave Deletedo : [x64] HKLM\SOFTWARE\Tarma Installer
Dados Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\Wincert\WIN32C~1.DLL
Dados Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll
Dados Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll
Dados Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\Wincert\WIN64C~1.DLL
Dados Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll
Dados Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll

***** [ Navegadores ] *****

-\\ Internet Explorer v9.0.8112.16526

Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v

[ Arquivo : C:\Users\Syns\AppData\Roaming\Mozilla\Firefox\Profiles\[opt]rs0\prefs.js ]


-\\ Google Chrome v34.0.1847.131

[ Arquivo : C:\Users\Syns\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Extension] : aidbbndgjnlaclnmhkdimcdjiebjpdel
Deletedo [Extension] : bfcpnihmbfoaeoakalclfalkdepgiaje
Deletedo [Extension] : cfcbmgbfdbijmjgjihagbomfbjfjmgon
Deletedo [Extension] : gaiilaahiahdejapggenmdmafpmbipje
Deletedo [Extension] : hgojaaaiddhmiiakpejiklijbalpckih
Deletedo [Extension] : mocblcnaofikinigmceddfghppkkjbog
Deletedo [Extension] : pfmopbbadnfoelckkcmjjeaaegjpjjbk

*************************

AdwCleaner[R0].txt - [24768 octets] - [07/05/2014 22:44:24]
AdwCleaner[S0].txt - [23496 octets] - [07/05/2014 22:46:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [23557 octets] ##########

Desative temporariamente seu antivírus para evitar conflitos.

* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executá-lo corretamente siga as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.

Aqui está o relatório solicitado.

Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Syns on 07/05/2014 at 23:11:19,84.
Microsoft Windows 7 Professional 6.1.7600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Syns\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

07/05/2014 23:15:20 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1747083752-940438871-2986847662-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E627DC4B-8C04-4234-A2D4-1D634EE01C41} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Syns\AppData\Roaming\Mozilla\Firefox\Profiles\[opt]rs0\prefs.js:

Added to C:\Users\Syns\AppData\Roaming\Mozilla\Firefox\Profiles\[opt]rs0\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

C:\Users\Syns\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\DealPly deleted
C:\PROGRA~3\boost_interprocess deleted
C:\Users\Syns\Downloads\iLividSetup.exe deleted
C:\Users\Syns\Downloads\VideoPerformerSetup.exe deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Toolbar4 deleted
C:\Windows\Syswow64\InstallUtil.InstallLog deleted
C:\Users\Syns\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{0153E448-190B-4987-BDE1-F256CADA672F}"="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext" [06/11/2012 11:06]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [30/10/2012 21:59]

==== Firefox Extensions ======================

ExtDir: C:\Users\Syns\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- GoPhotoIt - %ExtDir%\gophoto@gophoto.it.xpi

==== Firefox Plugins ======================


==== Deleted Firefox Extensions ======================

C:\Users\Syns\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\gophoto@gophoto.it.xpi deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
jfmjfhklogoienhpfnppmbcbjfjnkonk - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx[06/11/2012 11:06]
pppagaglfkmlpgobnlenhknilehpmcbo - C:\Program Files (x86)\PSafe\PSafeAV\safemon\360webshield.crx[]

YouTube - Syns\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Syns\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
AdBlock - Syns\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
RealPlayer HTML5Video Downloader Extension - Syns\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk
Google Wallet - Syns\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Syns\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx deleted successfully
C:\Users\Syns\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_artigos.softonic.com.br_0.localstorage deleted successfully
C:\Users\Syns\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_artigos.softonic.com.br_0.localstorage-journal deleted successfully
C:\Users\Syns\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_hijackthis.softonic.com.br_0.localstorage deleted successfully
C:\Users\Syns\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_hijackthis.softonic.com.br_0.localstorage-journal deleted successfully
C:\Users\Syns\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://g.msn.com/USREL/5"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://br.hao123.com/?tn=smt_hp_hao123_br"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://br.hao123.com/?tn=smt_hp_hao123_br"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://g.msn.com/USREL/5"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Syns\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Syns\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Syns\Desktop\Adobe After Effects CS6.lnk - C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\AfterFX.exe
C:\Users\Syns\Desktop\Adobe Illustrator CS6 (64 Bit).lnk - C:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\Illustrator.exe
C:\Users\Syns\Desktop\Adobe Photoshop CS6 (64 Bit).lnk - C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe
C:\Users\Syns\Desktop\Ativar Modo MuChaos Janela.lnk - C:\ChaosGameServer17ah\MuChaos Janela.exe
C:\Users\Syns\Desktop\Far Cry 3.lnk - C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
C:\Users\Syns\Desktop\Infestation Survivor Stories.lnk - C:\Program Files (x86)\Steam\SteamApps\common\The War Z\WarZlauncher.exe
C:\Users\Syns\Desktop\Internet Explorer (64-bit).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Syns\Desktop\VirtualDJ Home FREE.lnk - C:\Program Files (x86)\VirtualDJ\virtualdj_home.exe
C:\Users\Syns\Desktop\Wow - Atalho.lnk - C:\WOW\Wow.exe
C:\Users\Syns\Desktop\SÒ JOGOS\Aliens vs. Predator.lnk -
C:\Users\Syns\Desktop\SÒ JOGOS\CrossFire AL.lnk -
C:\Users\Syns\Desktop\SÒ JOGOS\Jogar Muchaos 1.7 sem launcher.lnk -
C:\Users\Syns\Desktop\SÒ JOGOS\Jogar Muchaos1.7 .lnk -
C:\Users\Syns\Desktop\SÒ JOGOS\Play Hitman Absolution.lnk -
C:\Users\Syns\Desktop\SÒ JOGOS\Play South Park The Stick of Truth.lnk -
C:\Users\Syns\Desktop\SÒ JOGOS\Skyrim.lnk -

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\avast Free Antivirus.lnk -
C:\Users\Public\Desktop\CorelDRAW X6 (64-Bit).lnk - c:\Windows\Installer\{27AE72A4-B217-4CDC-B82B-3311E9D7460E}\NewShortcut1_41AAC0AC880545E6A1C81230F4159C30.exe
C:\Users\Public\Desktop\FL Studio 11.lnk - C:\Program Files (x86)\Image-Line\FL Studio 11\FL.exe
C:\Users\Public\Desktop\GeForce Experience.lnk - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe
C:\Users\Public\Desktop\GunBound Thor's Hammer.lnk - C:\Program Files (x86)\Softnyx\Gunbound\Launcher.exe
C:\Users\Public\Desktop\League Of Legends.lnk - C:\Riot Games\League of Legends\lol.launcher.exe
C:\Users\Public\Desktop\Nokia PC Suite.lnk - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Users\Public\Desktop\PowerISO.lnk - C:\Program Files (x86)\PowerISO\PowerISO.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe
C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk - C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
C:\Users\Public\Desktop\The Elder Scrolls V Skyrim Dragonborn.lnk - C:\Program Files (x86)\The Elder Scrolls V Skyrim\SkyrimLauncher.exe
C:\Users\Public\Desktop\Video Search.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe /VIDEOSEARCH
C:\Users\Public\Desktop\µTorrent.lnk -

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\LogMeIn Hamachi.lnk - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\Uninstall.lnk - C:\Windows\SysWOW64\msiexec.exe /i {A313C1BB-04A5-49FA-AA26-6C3DDD9F6C7F} REMOVE=ALL

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Syns\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\200113.lnk - C:\Program Files (x86)\200113\f301212_1.exe
C:\Users\Syns\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Syns\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Syns\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Syns\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\Syns\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\Syns\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Syns\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Syns\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pppagaglfkmlpgobnlenhknilehpmcbo deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Syns\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Syns\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=35 folders=12 2434396 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Syns\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Syns\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Syns\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on 07/05/2014 at 23:25:02,68 ======================

Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

Aqui está o relatório solicitado.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by Syns on 07/05/2014 at 23:44:58,67
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASMANCS



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free window registry repair"
Successfully deleted: [Folder] "C:\Users\Syns\AppData\Roaming\microsoft\windows\start menu\programs\free window registry repair"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07/05/2014 at 23:49:11,02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Faça o download do Malwarebytes em um destes links abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para instalá-lo e executá-lo corretamente siga, por gentileza, as dicas desta postagem:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Na sua próxima resposta poste este log (relatório) do Malwarebytes.

Ficamos no aguardo.

Aqui está o relatório solicitado.

Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Data de Verificação: 08/05/2014
Hora da Verificação: 02:15:40
Logfile: Relatório do MAM.txt
Administrador: Sim

Versão: 2.00.1.1004
Malware Database: v2014.05.08.01
Rootkit Database: v2014.03.27.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Chameleon: Desabilitado

OS: Windows 7
CPU: x64
Sistema de Arquivo: NTFS
Usuário: Syns

Tipo da Verificação: Verificação Personalizada
Resultado: Completado
Arquivos Verificados: 493461
Tempo Decorrido: 1 hr, 59 min, 52 seg

Memória: Enabled
Inicialização: Enabled
Filesystem: Enabled
Arquivos: Enabled
Rootkits: Desabilitado
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processos: 0
(No malicious items detected)

Módulos: 0
(No malicious items detected)

Chaves de Registro: 1
Adware.Funmoods, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{77DFB1D1-45E7-43C8-8260-687A15359FCE}_is1, Quarantined, [7081202eed8e310501dc3e4d09fac63a],

Valores de Registro: 0
(No malicious items detected)

Dados do Registro: 0
(No malicious items detected)

Pastas: 1
Adware.Funmoods, C:\Program Files (x86)\200113, Quarantined, [7081202eed8e310501dc3e4d09fac63a],

Arquivos: 37
PUP.RiskwareTool.CK, C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\amtlib.dll, No Action By User, [a24f8dc197e4bc7a98b503dd35cc8c74],
PUP.RiskwareTool.CK, C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\amtlib.dll, No Action By User, [5a9773db6d0eb4824d00cb15c33e7e82],
PUP.RiskwareTool.CK, C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\amtlib.dll, No Action By User, [3ab755f95d1ef93d3f0e5d83946d51af],
Trojan.VirTool, C:\Program Files (x86)\The Elder Scrolls V Skyrim\steam_api.dll, No Action By User, [975ae5690c6ff541a4311cecf111a35d],
Trojan.VirTool, C:\Program Files (x86)\The Walking Dead Survival Instinct\steam_api.dll, No Action By User, [3fb2cc823a4144f2c4110dfb31d1a35d],
Trojan.VirTool, C:\Users\Syns\Documents\Skyrim novo\Crack\steam_api.dll, No Action By User, [e70ae36bee8d45f112c3fb0d41c153ad],
PUP.RiskwareTool.CK, C:\Users\Syns\Downloads\Adobe After Effects CS6 11.0.0.378 LS7 Multilanguage [ChingLiu]\Cracked dll\amtlib.dll, No Action By User, [00f19eb0d6a5fd39d17c5a86da278c74],
PUP.RiskwareTool.CK, C:\Users\Syns\Downloads\Adobe Illustrator CS6\DLL FILE\32bit\amtlib.dll, No Action By User, [15dcb19da2d9ad894efe5f8189781de3],
PUP.RiskwareTool.CK, C:\Users\Syns\Downloads\Adobe Illustrator CS6\DLL FILE\64bit\amtlib.dll, No Action By User, [8a67b599e794d85e4b02a43c0ef3c13f],
PUP.RiskwareTool.CK, C:\Users\Syns\Downloads\Adobe Illustrator CS6 Crack .DLL Files RELOADED\32-bit (x86)\amtlib.dll, No Action By User, [5d94ada1aad1f1457cd07c64e71a59a7],
PUP.RiskwareTool.CK, C:\Users\Syns\Downloads\Adobe Illustrator CS6 Crack .DLL Files RELOADED\64-bit (x64)\amtlib.dll, No Action By User, [579a59f512695adc8ebf726ec93834cc],
PUP.RiskwareTool.CK, C:\Users\Syns\Downloads\Adobe Photoshop CS6 13.0.1 Final Multilanguage (cracked dll) [ChingLiu]\cracked dll\32 bit\amtlib.dll, No Action By User, [da17133b8af152e454f8bd23f20fea16],
PUP.RiskwareTool.CK, C:\Users\Syns\Downloads\Adobe Photoshop CS6 13.0.1 Final Multilanguage (cracked dll) [ChingLiu]\cracked dll\64 bit\amtlib.dll, No Action By User, [7180b6986912a492c08d34ac4cb519e7],
PUP.Optional.FileScout.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\file scout\filescout.exe.vir, Quarantined, [f4fde16d502b38fedeea14f108f9c937],
Adware.InstallBrain, C:\AdwCleaner\Quarantine\C\ProgramData\IBUpdaterService\ibsvc.exe.vir, Quarantined, [747daaa4433869cd6fa948109f6207f9],
PUP.Optional.PCPerformer.A, C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir, Quarantined, [a44de26cbcbfda5c9935869a3ec2b749],
PUP.Optional.Bandoo, C:\zoek_backup\C_Users_Syns_Downloads_iLividSetup.exe.vir, Quarantined, [4ca581cd1f5c2a0c4d549b6cc8392fd1],
Adware.InstallBrain, C:\zoek_backup\C_Users_Syns_Downloads_VideoPerformerSetup.exe.vir, Quarantined, [6a8756f8cead77bff523a5b33bc6d32d],
PUP.DealPly, C:\Program Files (x86)\200113\dealply301212.exe, Quarantined, [9f521d311467270fb7a4bea262a2d22e],
PUP.Riskware.Patcher, C:\Users\Syns\Documents\CRACK_FLSTUDIO11_([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Quarantined, [3eb3074786f5e94df328e4266899d828],
PUP.Optional.OpenCandy, C:\Users\Syns\Downloads\DTLite4454-0316.exe, Quarantined, [48a956f87902fd3939ca83df41c3ad53],
PUP.Riskware.Patcher, C:\Users\Syns\Downloads\CRACK_FLSTUDIO11_([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Quarantined, [7a778fbf0d6ead89ef2c9d6db051b54b],
PUP.AdBundle, C:\Users\Syns\Downloads\winrar-420-baixaki-32-bits-18102012184425.exe, Quarantined, [40b10f3fa8d3da5c79347932e818b749],
PUP.Optional.Spigot.A, C:\Users\Syns\Downloads\aTubeCatcher (1).exe, Quarantined, [965b410dbfbc7bbb1c8f1b0706fbea16],
PUP.Optional.Spigot.A, C:\Users\Syns\Downloads\aTubeCatcher (2).exe, Quarantined, [965b430b403bf6402883d15152af2ad6],
PUP.Optional.Spigot.A, C:\Users\Syns\Downloads\aTubeCatcher.exe, Quarantined, [fef37ad4f5861f17c1ea78aa6c950af6],
PUP.Optional.Somoto, C:\Users\Syns\Downloads\CheatEngine62.exe, Quarantined, [d71a2f1f2754b3833407b5ac0cf8619f],
PUP.AdBundle, C:\Users\Syns\Downloads\atube-catcher-291347-baixaki-32-bits (1).exe, Quarantined, [be33361895e641f5fdb0c0eb946cf709],
PUP.AdBundle, C:\Users\Syns\Downloads\poweriso-54-baixaki-32-bits-18102012185021.exe, Quarantined, [5d945bf3314ac175baf3f8b3867a09f7],
PUP.BundleInstaller.DW, C:\Users\Syns\Downloads\The_Walking_Dead_Episode_1_(English)(PC)(RELOADED).exe, Quarantined, [f00177d71269ba7c0780837f8a7750b0],
PUP.AdBundle, C:\Users\Syns\Downloads\hamachi²-210215-baixaki-32-bits-18102012185442.exe, Quarantined, [b23fe36bd1aad75fd7d6f1baf30d10f0],
Adware.Funmoods, C:\Program Files (x86)\200113\contaprime.url, Quarantined, [7081202eed8e310501dc3e4d09fac63a],
Adware.Funmoods, C:\Program Files (x86)\200113\contaprime.ico, Quarantined, [7081202eed8e310501dc3e4d09fac63a],
Adware.Funmoods, C:\Program Files (x86)\200113\dealply301212.exe, Quarantined, [7081202eed8e310501dc3e4d09fac63a],
Adware.Funmoods, C:\Program Files (x86)\200113\icone.ico, Quarantined, [7081202eed8e310501dc3e4d09fac63a],
Adware.Funmoods, C:\Program Files (x86)\200113\unins000.dat, Quarantined, [7081202eed8e310501dc3e4d09fac63a],
Adware.Funmoods, C:\Program Files (x86)\200113\unins000.exe, Quarantined, [7081202eed8e310501dc3e4d09fac63a],

Physical Sectors: 0
(No malicious items detected)


(end)

Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

Aqui está o relatório solicitado.

~ Relatório do ZHPDiag v2014.5.8.57 - Nicolas Coolman (08/05/2014)
~ Iniciado por Syns (08/05/2014 20:39:59)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v34.0.1847.131 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Professional, 64-bit (Build 7600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
avast! Free Antivirus v9.0.2011
Malwarebytes Anti-Malware versão 2.0.1.1004
Windows Defender W7

---\\ Softwares d'optimização do sistema
CCleaner v3.28

---\\ Softwares de partilha do PeerToPeer (P2P)
Pando Media Booster v2.6.0.8
µTorrent v3.2.3.28705 =>P2P.µTorrent

---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Adobe Reader XI
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8131 MB (73% free)
System Restore: Activé (Enable)
System drive C: has 627 GB (67%) free of 931 GB

---\\ Modo de conexão ao sistema
~ Computer Name: SYNS-PC
~ User Name: Syns
~ All Users Names: Syns, HomeGroupUser$, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Syns\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Syns\AppData\Roaming\
~ %Desktop% : C:\Users\Syns\Desktop\
~ %Favorites% : C:\Users\Syns\Favorites\
~ %LocalAppData% : C:\Users\Syns\AppData\Local\
~ %StartMenu% : C:\Users\Syns\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 627 Go of 931 Go)
D: CD-ROM drive (Not Inserted)
E: CD-ROM drive (Free 0 Go of 11 Go)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 44 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.9AAAEC8DAC27AA17B053E6352AD233AE] - (.Microsoft Corporation - Windows Explorer.) (.31/10/2009 - 03:34:59.) -- C:\Windows\Explorer.exe [2870272]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.60CA010B705660542FB33B43C3653BA0] - (.Microsoft Corporation - Internet Extensions para Win32.) (.29/01/2014 - 05:56:52.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.DA3E2A6FA9660CC75B471530CE88453A] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.28/10/2009 - 03:24:40.) -- C:\Windows\System32\Winlogon.exe [389632]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.13/07/2009 - 22:41:54.) -- C:\Windows\System32\sppcomapi.dll [231936]
[MD5.DB9D6C6B2CD95A9CA414D045B627422E] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 00:59:11.) -- C:\Windows\system32\Drivers\AFD.sys [499200]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/07/2009 - 20:19:54.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9C253CE7311CA60FC11C774692A13208] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/04/2011 - 23:57:40.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.13/07/2009 - 21:06:13.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.040D62A9D8AD28922632137ACDD984F2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.03/05/2011 - 23:51:08.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157696]
[MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.13/07/2009 - 20:21:29.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
[MD5.9A6089B056EA1B83B36424FC9D0A300E] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.12/04/2013 - 11:36:37.) -- C:\Windows\system32\Drivers\ntfs.sys [1653096]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 21:10:12.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
[MD5.9706B84DBABFC4B4CA46C5A82B14DFA3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/07/2009 - 21:18:02.) -- C:\Windows\system32\Drivers\rdpdr.sys [165376]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.13/07/2009 - 20:21:15.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
[MD5.9E425AC5C9A5A973273D169F43B4F5E1] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.06/09/2012 - 14:38:18.) -- C:\Windows\system32\Drivers\volsnap.sys [295792]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/1182
~ Mes musiques (My Musics) : 6/914
~ Mes Videos (My Videos) : 10/65
~ Mes Favoris (My Favorites) : 1/24
~ Mes Documents (My Documents) : 1/8031
~ Mon Bureau (My Desktop) : 1/65
~ Menu demarrer (Programs) : 1/54
~ Hidden Files: Scanned in 00mn 10s



---\\ Processos lançados
[MD5.EE73B56ED71EB6383F25FA5468923BB2] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144] [PID.2084]
[MD5.DC86647F15642A3CAFF8F2D6E2C5C553] - (.PriceMeter - PriceMeterW.) -- C:\Users\Syns\AppData\Local\PriceMeter\pricemeterw.exe [287232] [PID.2768] =>PUP.PriceMeter
[MD5.B54921381A950C8215FB363B485C432B] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [270336] [PID.3056]
[MD5.9073765E84738588480E0241A1189A64] - (.PriceMeter - No Comment.) -- C:\Users\Syns\AppData\Local\PriceMeter\pricemeter.exe [869888] [PID.3064] =>PUP.PriceMeter
[MD5.A73731A0B0A165907799E9AFB461F856] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296096] [PID.3708]
[MD5.AFEBF9E0B223FF04709F747C172D3540] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024] [PID.3780]
[MD5.F16EEA6CCA9D8A7D1193AE80E43FBBC7] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe [168960] [PID.6888]
[MD5.8A9FACCB684500829F7D0BCC67B386CC] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe [559104] [PID.6932]
[MD5.883008A9B5BFF94A153D99DBA54CB5C1] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe [362496] [PID.7084]
[MD5.BC591594C582630A646B4E0E014518EF] - (...) -- C:\Program Files (x86)\webget\bin\webget.BrowserAdapter.exe [96536] [PID.7132] =>PUP.WebGet
[MD5.542459D16B416D054161007FC9B1246E] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032] [PID.16108]
[MD5.CCD09CA21C1946AF24834512BD9A6FCA] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7873536] [PID.3932]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Syns\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 16 Legitimates Filtered in 00mn 01s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SweetPage
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SweetPage
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SweetPage
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SweetPage
~ IE Browser: 18 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: webget [64Bits] - {dc264a72-fa75-4948-b881-ea8eff8e5dd2} . (.webget - webget.) -- C:\Program Files (x86)\webget\webgetbho.dll =>PUP.WebGet
~ BHO: 11 Legitimates Filtered in 00mn 00s



---\\ Barras do Internet Explorer (03))
O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
~ Toolbar: Scanned in 00mn 00s



---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\QuickLaunch [Syns]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 2 Legitimates Filtered in 00mn 02s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\Windows\system32\nvspcap64.dll
O4 - HKCU\..\Run: [Pando Media Booster] . (.No owner - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKCU\..\Run: [PriceMeterW] . (.PriceMeter - PriceMeterW.) -- C:\Users\Syns\AppData\Local\PriceMeter\pricemeterw.exe =>PUP.PriceMeter
O4 - HKLM\..\Wow6432Node\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe =>.RealNetworks, Inc
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS6ServiceManager] . (.Adobe Systems Incorporated - Adobe CS6 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
O4 - HKUS\S-1-5-21-1747083752-940438871-2986847662-1000\..\Run: [Pando Media Booster] . (.No owner - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-21-1747083752-940438871-2986847662-1000\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-1747083752-940438871-2986847662-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKUS\S-1-5-21-1747083752-940438871-2986847662-1000\..\Run: [PriceMeterW] . (.PriceMeter - PriceMeterW.) -- C:\Users\Syns\AppData\Local\PriceMeter\pricemeterw.exe =>PUP.PriceMeter
~ Application: Scanned in 00mn 00s



---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains] *.clonewarsadventures.com
O15 - Trusted Zone: [HKCU\...\Domains] *.freerealms.com
O15 - Trusted Zone: [HKCU\...\Domains] *.soe.com
O15 - Trusted Zone: [HKCU\...\Domains] *.sony.com
~ IE Zone Confiance: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0F6A903C-5F49-4C3E-8174-6D18189BB7E6}: DhcpNameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CS1\Services\Tcpip\..\{0F6A903C-5F49-4C3E-8174-6D18189BB7E6}: DhcpNameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CS2\Services\Tcpip\..\{0F6A903C-5F49-4C3E-8174-6D18189BB7E6}: DhcpNameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.204.0.10 200.204.0.138
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: IePlugin Service (IePluginService) . (.Cherished Technololgy LIMITED - IePlugin Service.) - C:\ProgramData\IePluginService\PluginService.exe =>Trojan.SProtector
O23 - Service: Update webget (Update webget) . (...) - C:\Program Files (x86)\webget\updatewebget.exe =>PUP.WebGet
O23 - Service: Util webget (Util webget) . (...) - C:\Program Files (x86)\webget\bin\utilwebget.exe =>PUP.WebGet
O23 - Service: Wpm Service (Wpm) . (.Cherished Technololgy LIMITED - WPM Service.) - C:\ProgramData\WPM\wprotectmanager.exe =>PUP.WpManager
~ Services: 16 Legitimates Filtered in 00mn 03s



---\\ Tarefas planificadas automaticamente (039)
[MD5.0F82B8D84D6CDA2C627DAE13B1E758E6] [APT] [pricemeterdownloader] (.PriceMeter.) -- C:\Users\Syns\AppData\Local\PriceMeter\pricemeterd.exe [355328] =>PUP.PriceMeter
[MD5.00000000000000000000000000000000] [APT] [pricemetertask] (...) -- C:\Users\Syns\AppData\Local\PriceMeter\TEMP\pricemeter.exe (.not file.) [0] =>PUP.PriceMeter
[MD5.DC86647F15642A3CAFF8F2D6E2C5C553] [APT] [pricemeterwatcher] (.PriceMeter.) -- C:\Users\Syns\AppData\Local\PriceMeter\pricemeterw.exe [287232] =>PUP.PriceMeter
[MD5.00000000000000000000000000000000] [APT] [{271B4C79-4E69-4378-88F8-DDE6A76B3C74}] (...) -- C:\Users\Syns\Desktop\JOGO\install.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{AB5F35B8-ABC4-4867-B048-E98FB10FAB8E}] (...) -- D:\setup.exe (.not file.) [0]
[MD5.C5318421E90DC0A94E90231AF1FE0791] [APT] [{B20461C6-54BF-44F1-BC7A-14B32A4578AA}] (.Alexander Roshal.) -- C:\Program Files (x86)\WinRAR\uninstall.exe [123904]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1747083752-940438871-2986847662-1000Core [902]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1747083752-940438871-2986847662-1000UA [924]
~ Scheduled Task: 20 Legitimates Filtered in 00mn 03s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (BAPIDRV) . (. - .) - C:\Windows\system32\Drivers\BAPIDRV64.sys (.not file.)
O41 - Driver: (Bfilter) . (. - .) - C:\Windows\system32\drivers\Bfilter.sys (.not file.)
O41 - Driver: (Bfmon) . (. - .) - C:\Windows\system32\drivers\Bfmon.sys (.not file.)
O41 - Driver: (Bnbase) . (. - .) - C:\Windows\System32\drivers\bnbasex64.sys (.not file.)
O41 - Driver: (Bndef) . (. - .) - C:\Windows\system32\drivers\bndef64.sys (.not file.)
O41 - Driver: (Bprotect) . (. - .) - C:\Windows\system32\drivers\Bprotect.sys (.not file.)
O41 - Driver: ({9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys =>PUP.LinkiDoo
~ Drivers: 95 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: Cross Fire AL - (.Z8Games.com.) [HKLM][64Bits] -- Cross Fire AL_is1
O42 - Logiciel: Graphmatica - (.kSoft.) [HKLM][64Bits] -- {9B1851BB-E52A-43C4-9941-D315384A8F1C}
O42 - Logiciel: Mu - (...) [HKLM][64Bits] -- {F57CEB84-3D22-4657-8EDA-F8CD5217B83E}
O42 - Logiciel: PokerStars - (.PokerStars.) [HKLM][64Bits] -- PokerStars
O42 - Logiciel: Price Metér (remove only) - (.Price Meter.) [HKCU][64Bits] -- Price Metér =>PUP.PriceMeter
O42 - Logiciel: Speedy - (...) [HKLM][64Bits] -- Speedy
O42 - Logiciel: WPM18.8.0.273 - (.Cherished Technololgy LIMITED.) [HKLM][64Bits] -- WPM =>PUP.WpManager
O42 - Logiciel: webget - (.webget.) [HKLM][64Bits] -- webget =>PUP.WebGet
~ Logic: 26 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\4PlayFun Entertainment Group]
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\Pando Networks]
[HKCU\Software\PriceMeter] =>PUP.PriceMeter
[HKCU\Software\Tribo Gamer]
[HKCU\Software\webget] =>PUP.WebGet
[HKLM\Software\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\360Safe] =>Trojan.Lozavita
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\DealPlyLive] =>PUP.DealPly
[HKLM\Software\Wow6432Node\Pando Networks]
[HKLM\Software\Wow6432Node\Wpm] =>PUP.WpManager
[HKLM\Software\Wow6432Node\baidu] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager
[HKLM\Software\Wow6432Node\webget] =>PUP.WebGet
~ Key Software: 354 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 08/05/2014 - 15:04:46 - [] ----D C:\Program Files (x86)\Baidu Security =>Adware.BDSearch
O43 - CFD: 01/11/2012 - 18:09:53 - [] ----D C:\Program Files (x86)\Pando Networks
O43 - CFD: 01/11/2012 - 21:08:14 - [] ----D C:\Program Files (x86)\PC Blast
O43 - CFD: 20/09/2013 - 20:41:16 - [] ----D C:\Program Files (x86)\PokerStars
O43 - CFD: 08/05/2014 - 16:05:55 - [] ----D C:\Program Files (x86)\SupTab =>PUP.SupTab
O43 - CFD: 08/05/2014 - 16:02:21 - [] ----D C:\Program Files (x86)\webget =>PUP.WebGet
O43 - CFD: 08/05/2014 - 15:05:07 - [] ----D C:\ProgramData\baidu =>Adware.BDSearch
O43 - CFD: 08/05/2014 - 15:05:16 - [] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 08/05/2014 - 16:00:53 - [] ----D C:\ProgramData\IePluginService =>Trojan.SProtector
O43 - CFD: 08/05/2014 - 15:02:25 - [] ----D C:\ProgramData\WPM =>PUP.WpManager
O43 - CFD: 28/03/2014 - 18:24:39 - [] ----D C:\Users\Syns\AppData\Roaming\360safe =>Trojan.Lozavita
O43 - CFD: 08/05/2014 - 15:05:22 - [] ----D C:\Users\Syns\AppData\Roaming\Baidu =>Adware.BDSearch
O43 - CFD: 08/05/2014 - 15:02:24 - [] ----D C:\Users\Syns\AppData\Roaming\SupTab =>PUP.SupTab
O43 - CFD: 08/05/2014 - 16:05:59 - [] ----D C:\Users\Syns\AppData\Roaming\sweet-page =>PUP.SweetPage
O43 - CFD: 06/05/2013 - 01:54:34 - [] ----D C:\Users\Syns\AppData\Local\4PlayFun
O43 - CFD: 22/09/2013 - 20:35:31 - [] ----D C:\Users\Syns\AppData\Local\PokerStars
O43 - CFD: 08/05/2014 - 16:04:31 - [] ----D C:\Users\Syns\AppData\Local\PriceMeter =>PUP.PriceMeter
O43 - CFD: 30/10/2012 - 22:10:11 - [0] ----D C:\Users\Syns\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chaos Game Server 1.7
O43 - CFD: 27/03/2014 - 11:19:12 - [0] ----D C:\Users\Syns\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio
O43 - CFD: 20/09/2013 - 20:40:49 - [] ----D C:\Users\Syns\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars
O43 - CFD: 08/05/2014 - 16:00:03 - [] ----D C:\Users\Syns\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMetér
~ Program Folder: 241 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.473147F58231CDADCBD7054E7914AEC3] - 07/05/2014 - 16:06:16 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys [61112] =>PUP.LinkiDoo
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 07/05/2014 - 23:11:07 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.3F9ABB19CB97B1C93B32C4542EC44CAD] - 07/05/2014 - 23:25:02 ---A- . (...) -- C:\zoek-results.log [15988]
O44 - LFC:[MD5.C6AB0BE2A3555DEF7BA3B0AF23DFEEBB] - 08/05/2014 - 02:15:41 ---A- . (...) -- C:\ntuser.dat [262144]
O44 - LFC:[MD5.82FFB9FAA0166D536A694B6FD9F224BB] - 08/05/2014 - 02:15:41 -SHA- . (...) -- C:\ntuser.dat.LOG1 [5120]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 08/05/2014 - 02:15:41 -SHA- . (...) -- C:\ntuser.dat.LOG2 [0]
O44 - LFC:[MD5.C5259C389C74DAC69EDF9B5C53610A31] - 08/05/2014 - 02:15:43 -SHA- . (...) -- C:\ntuser.dat{c72fdc15-d657-11e3-abc1-10bf487ae89e}.TM.blf [65536]
O44 - LFC:[MD5.F97F6138B19F3A9B25021076E1957E6A] - 08/05/2014 - 02:15:43 -SHA- . (...) -- C:\ntuser.dat{c72fdc15-d657-11e3-abc1-10bf487ae89e}.TMContainer00000000000000000001.regtrans-ms [524288]
O44 - LFC:[MD5.59071590099D21DD439896592338BF95] - 08/05/2014 - 02:15:43 -SHA- . (...) -- C:\ntuser.dat{c72fdc15-d657-11e3-abc1-10bf487ae89e}.TMContainer00000000000000000002.regtrans-ms [524288]
O44 - LFC:[MD5.3C2DB8DC1326367575457EA3F8514E63] - 08/05/2014 - 16:42:46 ---A- . (...) -- C:\Windows\win.ini [615]
~ Files: 18 Legitimates Filtered in 00mn 02s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{22130b90-261c-11e3-91ba-10bf487ae89e}\AutoRun\command. (...) -- G:\Startme.exe (.not file.)
O51 - MPSK:{d80edcbb-2356-11e2-ad5e-10bf487ae89e}\AutoRun\command. (.No owner - Dark Souls 2 (c) Namco Bandai Setup.) -- E:\setup.exe
~ Keys: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:24/02/2014 - 19:31:12 R--A- . (.360.cn - 360杀毒 文件监控驱动.) -- C:\Windows\System32\Drivers\360AvFlt.sys [71360]
O58 - SDL:11/01/2014 - 22:22:06 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:11/01/2014 - 22:22:06 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [207904] =>.ALWIL Software
O58 - SDL:31/10/2012 - 20:19:45 ---A- . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\Drivers\dtsoftbus01.sys [283200]
O58 - SDL:25/02/2014 - 21:00:11 ---A- . (.360安全中心 - 360Efimon Driver.) -- C:\Windows\System32\Drivers\efimon.sys [23624]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:07/05/2014 - 16:06:16 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys [61112] =>PUP.LinkiDoo
O58 - SDL:02/04/2009 - 09:30:14 ---A- . (...) -- C:\Windows\SysWOW64\drivers\ASUSHWIO.SYS [10296]
~ Drivers: 82 Legitimates Filtered in 00mn 04s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 07/06/1742 - C:\Windows\system32\Drivers\BAPIDRV64.sys (BAPIDRV) .(...) - LEGACY_BAPIDRV
O64 - Services: CurCS - 07/06/1742 - C:\Windows\system32\drivers\Bfilter.sys (Bfilter) .(...) - LEGACY_BFILTER
O64 - Services: CurCS - 07/06/1742 - C:\Windows\system32\drivers\Bfmon.sys (Bfmon) .(...) - LEGACY_BFMON
O64 - Services: CurCS - 07/06/1742 - C:\Windows\System32\drivers\bnbasex64.sys (Bnbase) .(...) - LEGACY_BNBASE
O64 - Services: CurCS - 07/06/1742 - C:\Windows\system32\drivers\bndef64.sys (Bndef) .(...) - LEGACY_BNDEF
O64 - Services: CurCS - 07/06/1742 - C:\Windows\system32\drivers\Bprotect.sys (Bprotect) .(...) - LEGACY_BPROTECT
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 07/05/2014 - C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys ({9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64) .(.StdLib - StdLib.) - LEGACY_{9EDD0EA8-2819-47C2-8320-B007D5996F8A}GW64 =>PUP.LinkiDoo
~ Legacy: 90 Legitimates Filtered in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Opera\Opera.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{EEC0072A-C76E-4CDE-8BFC-3BC69CEEF655}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{8AEC14F0-2A52-4508-A0C2-68BB598C5674}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "TCP Query User{214A688D-3E98-4E0C-97EC-241F171E2833}C:\users\syns\downloads\utorrent.exe" | In - Private - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\users\syns\downloads\utorrent.exe =>P2P.BitTorrent
O87 - FAEL: "UDP Query User{3F855DDB-CB25-41DA-A67C-DFCF4E249A92}C:\users\syns\downloads\utorrent.exe" | In - Private - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\users\syns\downloads\utorrent.exe =>P2P.BitTorrent
~ Firewall: 4 Legitimates Filtered in 00mn 01s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BetterInstaller_RASAPI32 =>Adware.MegaSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BetterInstaller_RASMANCS =>Adware.MegaSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LatestDLMgr_RASAPI32 =>Adware.OpenCandy
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LatestDLMgr_RASMANCS =>Adware.OpenCandy
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\pricemeterd_RASAPI32 =>PUP.PriceMeter
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\pricemeterd_RASMANCS =>PUP.PriceMeter
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SupTab_RASAPI32 =>PUP.SupTab
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SupTab_RASMANCS =>PUP.SupTab
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewebget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewebget_RASMANCS =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilwebget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilwebget_RASMANCS =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_RASMANCS =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_setup_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_setup_RASMANCS =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wpm_v18_RASAPI32 =>PUP.WpManager
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wpm_v18_RASMANCS =>PUP.WpManager
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-53B0_RASAPI32 =>Adware.Yontoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-53B0_RASMANCS =>Adware.Yontoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASAPI32 =>Adware.Yontoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASMANCS =>Adware.Yontoo
~ BTK: 416 Legitimates Filtered in 00mn 00s



---\\ Scâner Aditional (088)
Database Version : 13045 - (08/05/2014)
Clés trouvées (Keys found) : 9
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 12
Fichiers trouvés (Files found) : 16

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DC264A72-FA75-4948-B881-EA8EFF8E5DD2}] =>PUP.WebGet^
[HKLM\SYSTEM\CurrentControlSet\Services\IePluginService] =>Trojan.SProtector^
[HKLM\SYSTEM\CurrentControlSet\Services\Update webget] =>PUP.WebGet^
[HKLM\SYSTEM\CurrentControlSet\Services\Util webget] =>PUP.WebGet^
[HKLM\SYSTEM\CurrentControlSet\Services\Wpm] =>PUP.WpManager^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Price Metér] =>PUP.PriceMeter^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WPM] =>PUP.WpManager^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\webget] =>PUP.WebGet^
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent^
C:\Program Files (x86)\Baidu Security =>Adware.BDSearch^
C:\Program Files (x86)\SupTab =>PUP.SupTab^
C:\Program Files (x86)\webget =>PUP.WebGet^
C:\ProgramData\baidu =>Adware.BDSearch^
C:\ProgramData\Baidu Security =>Adware.BDSearch^
C:\ProgramData\IePluginService =>Trojan.SProtector^
C:\ProgramData\WPM =>PUP.WpManager^
C:\Users\Syns\AppData\Roaming\360safe =>Trojan.Lozavita^
C:\Users\Syns\AppData\Roaming\Baidu =>Adware.BDSearch^
C:\Users\Syns\AppData\Roaming\SupTab =>PUP.SupTab^
C:\Users\Syns\AppData\Roaming\sweet-page =>PUP.SweetPage^
C:\Users\Syns\AppData\Local\PriceMeter =>PUP.PriceMeter^
C:\Users\Syns\AppData\Local\PriceMeter\pricemeterw.exe =>PUP.PriceMeter^
C:\Users\Syns\AppData\Local\PriceMeter\pricemeter.exe =>PUP.PriceMeter^
C:\Program Files (x86)\webget\bin\webget.BrowserAdapter.exe =>PUP.WebGet^
C:\Users\Syns\AppData\Local\PriceMeter\pricemeterd.exe =>PUP.PriceMeter^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKCU\Software\PriceMeter] =>PUP.PriceMeter^
[HKCU\Software\webget] =>PUP.WebGet^
[HKLM\Software\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\360Safe] =>Trojan.Lozavita^
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\DealPlyLive] =>PUP.DealPly^
[HKLM\Software\Wow6432Node\Wpm] =>PUP.WpManager^
[HKLM\Software\Wow6432Node\baidu] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab^
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^
[HKLM\Software\Wow6432Node\webget] =>PUP.WebGet^
~ Additionnel Scan: 345795 Items scanned in 00mn 16s



---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.PriceMeter
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.WebGet
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SweetPage
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.SProtector
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.WpManager
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.LinkiDoo
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.InstallCore
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.Lozavita
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.DealPly
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SupTab
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.MegaSearch
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.OpenCandy
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.Yontoo
~ MSI: 14 link(s) detected in 00mn 00s



~ 928 Legitimates filtered by white list
End of the scan (540 lines in 01mn 14s)(0)

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.

Aqui está o relatório solicitado.

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Syns at 08/05/2014 22:50:19
High Elevated Privileges : OK
Windows 7 Business Edition, 64-bit (Build 7600)

Reciclagem vazia (00mn 06s)
Reparação de atalhos do navegador

========== Estado dos serviços ==========
BFILTER Parado
BFMON Parado
BNBASE Parado
BNDEF Parado
BPROTECT Parado
{9EDD0EA8-2819-47C2-8320-B007D5996F8A}GW64 Parado

========== Chaves do Registo ==========
ELIMINÉ: Service: IePluginService
ELIMINÉ Driver Key: BAPIDRV
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bnbase
ELIMINÉ Driver Key: Bndef
ELIMINÉ Driver Key: Bprotect
ELIMINÉ Driver Key: {9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKCU\Software\InstallCore
ELIMINÉ:* HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\360Safe
ELIMINÉ: HKLM\Software\Wow6432Node\DealPlyLive
ELIMINÉ: HKLM\Software\Wow6432Node\Wpm
ELIMINÉ: HKLM\Software\Wow6432Node\baidu
ELIMINÉ: HKLM\Software\Wow6432Node\supTab
ELIMINÉ: HKLM\Software\Wow6432Node\supWPM
ELIMINÉ CLSID MPSK: {22130b90-261c-11e3-91ba-10bf487ae89e}
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BetterInstaller_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BetterInstaller_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LatestDLMgr_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LatestDLMgr_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\pricemeterd_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\pricemeterd_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SupTab_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SupTab_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewebget_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewebget_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilwebget_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilwebget_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_setup_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_setup_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wpm_v18_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wpm_v18_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-53B0_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-53B0_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASMANCS

========== Valores do Registo ==========
ELIMINÉ RunValue: PriceMeterW
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Elementos dos dados do Registo ==========
ELIMINÉ: R1 Search Page =

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\programdata\iepluginservice\pluginservice.exe
ELIMINA REINICIAR: c:\windows\system32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}gw64.sys
ELIMINÉ Temporários windows (296) (31.787.251 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: pricemeterdownloader
ELIMINÉ: {271B4C79-4E69-4378-88F8-DDE6A76B3C74}
ELIMINÉ: {AB5F35B8-ABC4-4867-B048-E98FB10FAB8E}

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
40 : Chaves do Registo
7 : Valores do Registo
1 : Elementos dos dados do Registo
1 : Pastas
4 : Ficheiros
6 : Estado dos serviços
3 : Tarefa planificada
1 : Restauração Sistema


End of clean in 00mn 25s

========== Caminho do ficheiro do relatório ==========
C:\Users\Syns\AppData\Roaming\ZHP\ZHPFix[R1].txt - 08/05/2014 22:50:26 [4148]

Abra novamente o ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Aqui está o relatório solicitado.

~ Relatório do ZHPDiag v2014.5.8.57 - Nicolas Coolman (08/05/2014)
~ Iniciado por Syns (08/05/2014 22:58:19)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v34.0.1847.131 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Professional, 64-bit (Build 7600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
avast! Free Antivirus v9.0.2011
Malwarebytes Anti-Malware versão 2.0.1.1004
Windows Defender W7

---\\ Softwares d'optimização do sistema
CCleaner v3.28

---\\ Softwares de partilha do PeerToPeer (P2P)
Pando Media Booster v2.6.0.8
µTorrent v3.2.3.28705 =>P2P.µTorrent

---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Adobe Reader XI
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8131 MB (77% free)
System Restore: Activé (Enable)
System drive C: has 627 GB (67%) free of 931 GB

---\\ Modo de conexão ao sistema
~ Computer Name: SYNS-PC
~ User Name: Syns
~ All Users Names: Syns, HomeGroupUser$, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Syns\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Syns\AppData\Roaming\
~ %Desktop% : C:\Users\Syns\Desktop\
~ %Favorites% : C:\Users\Syns\Favorites\
~ %LocalAppData% : C:\Users\Syns\AppData\Local\
~ %StartMenu% : C:\Users\Syns\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 627 Go of 931 Go)
D: CD-ROM drive (Not Inserted)
E: CD-ROM drive (Free 0 Go of 11 Go)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 44 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.9AAAEC8DAC27AA17B053E6352AD233AE] - (.Microsoft Corporation - Windows Explorer.) (.31/10/2009 - 03:34:59.) -- C:\Windows\Explorer.exe [2870272]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.60CA010B705660542FB33B43C3653BA0] - (.Microsoft Corporation - Internet Extensions para Win32.) (.29/01/2014 - 05:56:52.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.DA3E2A6FA9660CC75B471530CE88453A] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.28/10/2009 - 03:24:40.) -- C:\Windows\System32\Winlogon.exe [389632]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.13/07/2009 - 22:41:54.) -- C:\Windows\System32\sppcomapi.dll [231936]
[MD5.DB9D6C6B2CD95A9CA414D045B627422E] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 00:59:11.) -- C:\Windows\system32\Drivers\AFD.sys [499200]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/07/2009 - 20:19:54.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9C253CE7311CA60FC11C774692A13208] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/04/2011 - 23:57:40.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.13/07/2009 - 21:06:13.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.040D62A9D8AD28922632137ACDD984F2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.03/05/2011 - 23:51:08.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157696]
[MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.13/07/2009 - 20:21:29.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
[MD5.9A6089B056EA1B83B36424FC9D0A300E] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.12/04/2013 - 11:36:37.) -- C:\Windows\system32\Drivers\ntfs.sys [1653096]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 21:10:12.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
[MD5.9706B84DBABFC4B4CA46C5A82B14DFA3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/07/2009 - 21:18:02.) -- C:\Windows\system32\Drivers\rdpdr.sys [165376]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.13/07/2009 - 20:21:15.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
[MD5.9E425AC5C9A5A973273D169F43B4F5E1] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.06/09/2012 - 14:38:18.) -- C:\Windows\system32\Drivers\volsnap.sys [295792]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/1182
~ Mes musiques (My Musics) : 6/914
~ Mes Videos (My Videos) : 10/65
~ Mes Favoris (My Favorites) : 1/24
~ Mes Documents (My Documents) : 1/8031
~ Mon Bureau (My Desktop) : 1/66
~ Menu demarrer (Programs) : 1/51
~ Hidden Files: Scanned in 00mn 01s



---\\ Processos lançados
[MD5.EE73B56ED71EB6383F25FA5468923BB2] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144] [PID.2084]
[MD5.B54921381A950C8215FB363B485C432B] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [270336] [PID.3056]
[MD5.A73731A0B0A165907799E9AFB461F856] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296096] [PID.3708]
[MD5.AFEBF9E0B223FF04709F747C172D3540] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024] [PID.3780]
[MD5.F16EEA6CCA9D8A7D1193AE80E43FBBC7] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe [168960] [PID.6888]
[MD5.8A9FACCB684500829F7D0BCC67B386CC] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe [559104] [PID.6932]
[MD5.883008A9B5BFF94A153D99DBA54CB5C1] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe [362496] [PID.7084]
[MD5.542459D16B416D054161007FC9B1246E] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032] [PID.19248]
[MD5.CCD09CA21C1946AF24834512BD9A6FCA] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7873536] [PID.22300]
[MD5.B5D2F4BF587FD60AF75B09EFC1AD0E0A] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [411936] [PID.984]
[MD5.D74884939D53612FD84AC82C59CCFE27] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1400]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1600]
[MD5.D2FE0376285A783693469422678E878B] - (.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632] [PID.3100]
[MD5.3A2E85F7D90D15460C337CE80C2E3B29] - (...) -- C:\Windows\SysWOW64\PnkBstrA.exe [76888] [PID.3628]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Syns\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 16 Legitimates Filtered in 00mn 01s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ IE Browser: 18 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Barras do Internet Explorer (03))
O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
~ Toolbar: Scanned in 00mn 00s



---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\QuickLaunch [Syns]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 2 Legitimates Filtered in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\Windows\system32\nvspcap64.dll
O4 - HKCU\..\Run: [Pando Media Booster] . (.No owner - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKLM\..\Wow6432Node\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe =>.RealNetworks, Inc
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS6ServiceManager] . (.Adobe Systems Incorporated - Adobe CS6 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1747083752-940438871-2986847662-1000\..\Run: [Pando Media Booster] . (.No owner - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-21-1747083752-940438871-2986847662-1000\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-1747083752-940438871-2986847662-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
~ Application: Scanned in 00mn 00s



---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains] *.clonewarsadventures.com
O15 - Trusted Zone: [HKCU\...\Domains] *.freerealms.com
O15 - Trusted Zone: [HKCU\...\Domains] *.soe.com
O15 - Trusted Zone: [HKCU\...\Domains] *.sony.com
~ IE Zone Confiance: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0F6A903C-5F49-4C3E-8174-6D18189BB7E6}: DhcpNameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CS1\Services\Tcpip\..\{0F6A903C-5F49-4C3E-8174-6D18189BB7E6}: DhcpNameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CS2\Services\Tcpip\..\{0F6A903C-5F49-4C3E-8174-6D18189BB7E6}: DhcpNameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.204.0.10 200.204.0.138
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Tarefas planificadas automaticamente (039)
[MD5.C5318421E90DC0A94E90231AF1FE0791] [APT] [{B20461C6-54BF-44F1-BC7A-14B32A4578AA}] (.Alexander Roshal.) -- C:\Program Files (x86)\WinRAR\uninstall.exe [123904]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1747083752-940438871-2986847662-1000Core [902]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1747083752-940438871-2986847662-1000UA [924]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1060]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1064]
~ Scheduled Task: 22 Legitimates Filtered in 00mn 00s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (BAPIDRV) . (. - .) - C:\Windows\system32\Drivers\BAPIDRV64.sys (.not file.)
O41 - Driver: (Bfilter) . (. - .) - C:\Windows\system32\drivers\Bfilter.sys (.not file.)
O41 - Driver: (Bfmon) . (. - .) - C:\Windows\system32\drivers\Bfmon.sys (.not file.)
O41 - Driver: (Bnbase) . (. - .) - C:\Windows\System32\drivers\bnbasex64.sys (.not file.)
O41 - Driver: (Bndef) . (. - .) - C:\Windows\system32\drivers\bndef64.sys (.not file.)
O41 - Driver: (Bprotect) . (. - .) - C:\Windows\system32\drivers\Bprotect.sys (.not file.)
~ Drivers: 81 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: Cross Fire AL - (.Z8Games.com.) [HKLM][64Bits] -- Cross Fire AL_is1
O42 - Logiciel: Graphmatica - (.kSoft.) [HKLM][64Bits] -- {9B1851BB-E52A-43C4-9941-D315384A8F1C}
O42 - Logiciel: Mu - (...) [HKLM][64Bits] -- {F57CEB84-3D22-4657-8EDA-F8CD5217B83E}
O42 - Logiciel: PokerStars - (.PokerStars.) [HKLM][64Bits] -- PokerStars
O42 - Logiciel: Speedy - (...) [HKLM][64Bits] -- Speedy
~ Logic: 23 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\4PlayFun Entertainment Group]
[HKCU\Software\Pando Networks]
[HKCU\Software\Tribo Gamer]
[HKLM\Software\Wow6432Node\Pando Networks]
~ Key Software: 334 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 08/05/2014 - 15:04:46 - [] ----D C:\Program Files (x86)\Baidu Security =>Adware.BDSearch
O43 - CFD: 01/11/2012 - 18:09:53 - [] ----D C:\Program Files (x86)\Pando Networks
O43 - CFD: 01/11/2012 - 21:08:14 - [] ----D C:\Program Files (x86)\PC Blast
O43 - CFD: 20/09/2013 - 20:41:16 - [] ----D C:\Program Files (x86)\PokerStars
O43 - CFD: 06/05/2013 - 01:54:34 - [] ----D C:\Users\Syns\AppData\Local\4PlayFun
O43 - CFD: 22/09/2013 - 20:35:31 - [] ----D C:\Users\Syns\AppData\Local\PokerStars
O43 - CFD: 30/10/2012 - 22:10:11 - [0] ----D C:\Users\Syns\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chaos Game Server 1.7
O43 - CFD: 27/03/2014 - 11:19:12 - [0] ----D C:\Users\Syns\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio
O43 - CFD: 20/09/2013 - 20:40:49 - [] ----D C:\Users\Syns\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars
~ Program Folder: 229 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.473147F58231CDADCBD7054E7914AEC3] - 07/05/2014 - 16:06:16 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys [61112] =>PUP.LinkiDoo
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 07/05/2014 - 23:11:07 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.3F9ABB19CB97B1C93B32C4542EC44CAD] - 07/05/2014 - 23:25:02 ---A- . (...) -- C:\zoek-results.log [15988]
O44 - LFC:[MD5.C6AB0BE2A3555DEF7BA3B0AF23DFEEBB] - 08/05/2014 - 02:15:41 ---A- . (...) -- C:\ntuser.dat [262144]
O44 - LFC:[MD5.82FFB9FAA0166D536A694B6FD9F224BB] - 08/05/2014 - 02:15:41 -SHA- . (...) -- C:\ntuser.dat.LOG1 [5120]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 08/05/2014 - 02:15:41 -SHA- . (...) -- C:\ntuser.dat.LOG2 [0]
O44 - LFC:[MD5.C5259C389C74DAC69EDF9B5C53610A31] - 08/05/2014 - 02:15:43 -SHA- . (...) -- C:\ntuser.dat{c72fdc15-d657-11e3-abc1-10bf487ae89e}.TM.blf [65536]
O44 - LFC:[MD5.F97F6138B19F3A9B25021076E1957E6A] - 08/05/2014 - 02:15:43 -SHA- . (...) -- C:\ntuser.dat{c72fdc15-d657-11e3-abc1-10bf487ae89e}.TMContainer00000000000000000001.regtrans-ms [524288]
O44 - LFC:[MD5.59071590099D21DD439896592338BF95] - 08/05/2014 - 02:15:43 -SHA- . (...) -- C:\ntuser.dat{c72fdc15-d657-11e3-abc1-10bf487ae89e}.TMContainer00000000000000000002.regtrans-ms [524288]
O44 - LFC:[MD5.3C2DB8DC1326367575457EA3F8514E63] - 08/05/2014 - 16:42:46 ---A- . (...) -- C:\Windows\win.ini [615]
~ Files: 19 Legitimates Filtered in 00mn 00s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{d80edcbb-2356-11e2-ad5e-10bf487ae89e}\AutoRun\command. (.No owner - Dark Souls 2 (c) Namco Bandai Setup.) -- E:\setup.exe
~ Keys: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:24/02/2014 - 19:31:12 R--A- . (.360.cn - 360杀毒 文件监控驱动.) -- C:\Windows\System32\Drivers\360AvFlt.sys [71360]
O58 - SDL:11/01/2014 - 22:22:06 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:11/01/2014 - 22:22:06 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [207904] =>.ALWIL Software
O58 - SDL:31/10/2012 - 20:19:45 ---A- . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\Drivers\dtsoftbus01.sys [283200]
O58 - SDL:25/02/2014 - 21:00:11 ---A- . (.360安全中心 - 360Efimon Driver.) -- C:\Windows\System32\Drivers\efimon.sys [23624]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:07/05/2014 - 16:06:16 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys [61112] =>PUP.LinkiDoo
O58 - SDL:02/04/2009 - 09:30:14 ---A- . (...) -- C:\Windows\SysWOW64\drivers\ASUSHWIO.SYS [10296]
~ Drivers: 82 Legitimates Filtered in 00mn 00s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Legacy: 90 Legitimates Filtered in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Opera\Opera.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{EEC0072A-C76E-4CDE-8BFC-3BC69CEEF655}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{8AEC14F0-2A52-4508-A0C2-68BB598C5674}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "TCP Query User{214A688D-3E98-4E0C-97EC-241F171E2833}C:\users\syns\downloads\utorrent.exe" | In - Private - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\users\syns\downloads\utorrent.exe =>P2P.BitTorrent
O87 - FAEL: "UDP Query User{3F855DDB-CB25-41DA-A67C-DFCF4E249A92}C:\users\syns\downloads\utorrent.exe" | In - Private - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\users\syns\downloads\utorrent.exe =>P2P.BitTorrent
~ Firewall: 4 Legitimates Filtered in 00mn 00s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
~ BTK: 394 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 29/04/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 30/10/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 30/10/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 03/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Demand 10/07/1658 0 | (npggsvc) . (.INCA Internet Co., Ltd..) - C:\Windows\system32\GameMon.des
SS - | Demand 11/06/2012 724376 | (ServiceLayer) . (.Nokia.) - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 23/04/2014 572096 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 11/01/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 15/04/2014 2227536 | (Hamachi2Svc) . (.LogMeIn Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
SR - | Demand 13/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 08/04/2014 377616 | (LMIGuardianSvc) . (.LogMeIn, Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 05/02/2014 1593632 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - | Auto 05/02/2014 16941856 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SR - | Auto 08/02/2014 923936 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
SR - | Auto 30/11/2010 336824 | (PSI_SVC_2_x64) . (.arvato digital services llc.) - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
SR - | Auto 08/02/2014 411936 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 03s



---\\ Scâner Aditional (088)
Database Version : 13045 - (08/05/2014)
Clés trouvées (Keys found) : 4
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 0

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Classes\Interface\{8DEC3C75-9A5D-446C-B7B5-E4AB4FDD6309}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\Interface\{8DEC3C75-9A5D-446C-B7B5-E4AB4FDD6309}] =>Adware.Bandoo
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent^
C:\Program Files (x86)\Baidu Security =>Adware.BDSearch^
~ Additionnel Scan: 342497 Items scanned in 00mn 15s



---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.LinkiDoo
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Tarma
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.Bandoo
~ MSI: 4 link(s) detected in 00mn 00s



~ 882 Legitimates filtered by white list
End of the scan (455 lines in 00mn 34s)(0)

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.

Aqui está o relatório solicitado.

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Syns at 08/05/2014 23:21:24
High Elevated Privileges : OK
Windows 7 Business Edition, 64-bit (Build 7600)

Reciclagem vazia (00mn 06s)
Reparação de atalhos do navegador

========== Chaves do Registo ==========
ELIMINÉ Driver Key: BAPIDRV
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bnbase
ELIMINÉ Driver Key: Bndef
ELIMINÉ Driver Key: Bprotect
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
ELIMINÉ:* HKLM\Software\Classes\Interface\{8DEC3C75-9A5D-446C-B7B5-E4AB4FDD6309}

========== Valores do Registo ==========
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\windows\system32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}gw64.sys
ELIMINÉ Temporários windows (1) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
9 : Chaves do Registo
6 : Valores do Registo
1 : Pastas
3 : Ficheiros
1 : Restauração Sistema


End of clean in 00mn 12s

========== Caminho do ficheiro do relatório ==========
C:\Users\Syns\AppData\Roaming\ZHP\ZHPFix[R1].txt - 08/05/2014 22:50:26 [4227]
C:\Users\Syns\AppData\Roaming\ZHP\ZHPFix[R2].txt - 08/05/2014 23:21:30 [1767]

Como está o PC depois destes procedimentos?

Vou continuar usando o PC durante estes dias, e caso o problema persistir eu volto a me comunicar no fórum.

Aparenta estar bem melhor do que antes.

O PC estava cheio de aquivos inúteis e estranhos na máquina, as suas instruções foram muito importantes.

Muito obrigado pela atenção e pela ajuda. ;D

Abraços, Neo.

Ok, vou considerar o caso como resolvido, mas se o problema voltar é só nos avisar.

Só para finalizar siga estes tutoriais abaixo, por gentileza:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________

Foi um prazer ajudar. Conte sempre conosco!

CASO RESOLVIDO

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.