Certificado de segurança CE_UmbrellaCert

por gabrieldeftyu Qui 22 maio 2014, 21:49

Surgiu em meu pc ajudem-me para a remoção

por **Power Max** Qui 22 maio 2014, 21:50

Certificado de segurança CE_UmbrellaCert 648673379

Olá Gabriel.

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Certificado de segurança CE_UmbrellaCert 772309

Certificado de segurança CE_UmbrellaCert 772309

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

por gabrieldeftyu Qui 22 maio 2014, 21:51

# AdwCleaner v3.210 - Relatório criado 22/05/2014 às 21:24:51
# Atualizado 19/05/2014 por Xplode
# Sistema Operacional : Windows 7 Home Premium Service Pack 1 (64 bits)
# Usuário : Gabriel - GABRIEL-MEGA
# Executando de : C:\Users\Gabriel\Downloads\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

Serviço Deletada : Application Updater
[#] Serviço Deletada : IBUpdaterService
Serviço Deletada : winzipersvc

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\~Browser Manager
Pasta Deletada : C:\ProgramData\Babylon
Pasta Deletada : C:\ProgramData\BonanzaDealsLive
Pasta Deletada : C:\ProgramData\BrowserProtect
Pasta Deletada : C:\ProgramData\eSafe
Pasta Deletada : C:\ProgramData\IBUpdaterService
Pasta Deletada : C:\ProgramData\SweetIM
Pasta Deletada : C:\ProgramData\Tarma Installer
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Pasta Deletada : C:\Program Files (x86)\Application Updater
Pasta Deletada : C:\Program Files (x86)\IObit Apps Toolbar
Pasta Deletada : C:\Program Files (x86)\WinZipper
Pasta Deletada : C:\Program Files (x86)\Common Files\Spigot
Pasta Deletada : C:\windows\SysWOW64\ARFC
Pasta Deletada : C:\windows\SysWOW64\jmdp
Pasta Deletada : C:\windows\SysWOW64\WNLT
Pasta Deletada : C:\Program Files\003
Pasta Deletada : C:\Program Files\SupraSavings
Pasta Deletada : C:\windows\System32\ljkb
Pasta Deletada : C:\Users\Gabriel\AppData\Local\appbario2
Pasta Deletada : C:\Users\Gabriel\AppData\Local\BonanzaDealsLive
Pasta Deletada : C:\Users\Gabriel\AppData\Local\Conduit
Pasta Deletada : C:\Users\Gabriel\AppData\Local\Mobogenie
Pasta Deletada : C:\Users\Gabriel\AppData\Local\NativeMessaging
Pasta Deletada : C:\Users\Gabriel\AppData\Local\Slick Savings
Pasta Deletada : C:\Users\Gabriel\AppData\LocalLow\BabylonToolbar
Pasta Deletada : C:\Users\Gabriel\AppData\LocalLow\bbrs_002.tb
Pasta Deletada : C:\Users\Gabriel\AppData\LocalLow\Conduit
Pasta Deletada : C:\Users\Gabriel\AppData\LocalLow\Funmoods
Pasta Deletada : C:\Users\Gabriel\AppData\LocalLow\PriceGong
Pasta Deletada : C:\Users\Gabriel\AppData\LocalLow\Search Settings
Pasta Deletada : C:\Users\Gabriel\AppData\LocalLow\SimplyTech
Pasta Deletada : C:\Users\Gabriel\AppData\Roaming\BrowserCompanion
Pasta Deletada : C:\Users\Gabriel\AppData\Roaming\eIntaller
Pasta Deletada : C:\Users\Gabriel\AppData\Roaming\PerformerSoft
Pasta Deletada : C:\Users\Gabriel\AppData\Roaming\PriceGong
Pasta Deletada : C:\Users\Gabriel\AppData\Roaming\WinZipper
Pasta Deletada : C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
Pasta Deletada : C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Pasta Deletada : C:\Users\Marcelo\AppData\Local\Mysearchdial
Pasta Deletada : C:\Users\Marcelo\AppData\LocalLow\bbrs_002.tb
Pasta Deletada : C:\Users\Marcelo\AppData\LocalLow\Search Settings
Pasta Deletada : C:\Users\Marcelo\AppData\LocalLow\SimplyTech
Pasta Deletada : C:\Users\Marcelo\AppData\Roaming\Desk 365
Pasta Deletada : C:\Users\Marcelo\AppData\Roaming\DigitalSites
Pasta Deletada : C:\Users\Marcelo\AppData\Roaming\Iminent
Pasta Deletada : C:\Users\Marcelo\AppData\Roaming\Mysearchdial
Pasta Deletada : C:\Users\Marcelo\AppData\Roaming\WinZipper
Pasta Deletada : C:\Users\Marcelo\AppData\Roaming\Mozilla\Firefox\Profiles\2k8smv1o.default\Extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}
Pasta Deletada : C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Arquivo Deletada : C:\windows\System32\dmwu.exe
Arquivo Deletada : C:\windows\System32\ImhxxpComm.dll
Arquivo Deletada : C:\windows\System32\roboot64.exe
Arquivo Deletada : C:\Users\Gabriel\daemonprocess.txt
Arquivo Deletada : C:\Users\Gabriel\AppData\Local\funmoods.crx
Arquivo Deletada : C:\Users\Gabriel\AppData\Local\funmoods-speeddial.crx
Arquivo Deletada : C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tcbhn.lnk
Arquivo Deletada : C:\Users\Marcelo\Desktop\Continue VuuPC Installation.lnk
Arquivo Deletada : C:\Users\Marcelo\AppData\Roaming\Mozilla\Firefox\Profiles\2k8smv1o.default\searchplugins\MyStart.xml
Arquivo Deletada : C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\3ui33zkn.default\user.js
Arquivo Deletada : C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Arquivo Deletada : C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Arquivo Deletada : C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Arquivo Deletada : C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
Arquivo Deletada : C:\windows\System32\Tasks\BrowserProtect
Arquivo Deletada : C:\windows\System32\Tasks\Desk 365 RunAsStdUser
Arquivo Deletada : C:\windows\Tasks\Digital Sites.job
Arquivo Deletada : C:\windows\System32\Tasks\Digital Sites
Arquivo Deletada : C:\windows\System32\Tasks\Driver Booster Update
Arquivo Deletada : C:\windows\Tasks\MySearchDial.job
Arquivo Deletada : C:\windows\System32\Tasks\MySearchDial
Arquivo Deletada : C:\windows\System32\Tasks\Protected Search

***** [ Atalhos ] *****

Atalho Desinfectada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Atalho Desinfectada : C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Atalho Desinfectada : C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Atalho Desinfectada : C:\Users\Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Atalho Desinfectada : C:\Users\Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Atalho Desinfectada : C:\Users\Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Atalho Desinfectada : C:\Users\Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk

***** [ Registro ] *****

Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Chave Deletedo : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Chave Deletedo : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.old.Start Page]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\base64
Chave Deletedo : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\chrome
Chave Deletedo : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\prox
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup{2_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup{2_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Chave Deletedo : HKCU\Software\955dcd0b33fe540
Chave Deletedo : HKLM\SOFTWARE\955dcd0b33fe540
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_go-bible_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_go-bible_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_minecraft_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_minecraft_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_mozilla-firefox_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_mozilla-firefox_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_where-am-i_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_where-am-i_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Valor Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKCU\Software\1ClickDownload
Chave Deletedo : HKCU\Software\BabylonToolbar
Chave Deletedo : HKCU\Software\bbrs_002.tb
Chave Deletedo : HKCU\Software\Blabbers
Chave Deletedo : HKCU\Software\Blabbers
Chave Deletedo : HKCU\Software\BonanzaDealsLive
Chave Deletedo : HKCU\Software\BrowserMngr
Chave Deletedo : HKCU\Software\Conduit
Chave Deletedo : HKCU\Software\DataMngr
[#] Chave Deletedo : HKCU\Software\DataMngr_Toolbar
Chave Deletedo : HKCU\Software\DealPly
Chave Deletedo : HKCU\Software\Headlight
Chave Deletedo : HKCU\Software\IM
Chave Deletedo : HKCU\Software\Iminent
Chave Deletedo : HKCU\Software\ImInstaller
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\PriceGong
Chave Deletedo : HKCU\Software\ProtectedSearch
Chave Deletedo : HKCU\Software\Search Settings
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\V9
Chave Deletedo : HKCU\Software\WNLT
Chave Deletedo : HKCU\Software\AppDataLow\Software\Conduit
Chave Deletedo : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Chave Deletedo : HKCU\Software\AppDataLow\Software\PriceGong
Chave Deletedo : HKCU\Software\AppDataLow\Software\Search Settings
Chave Deletedo : HKCU\Software\AppDataLow\Software\simplytech
Chave Deletedo : HKCU\Software\AppDataLow\Software\SmartBar
Chave Deletedo : HKCU\Software\AppDataLow\Software\suprasavings
Chave Deletedo : HKLM\Software\Application Updater
Chave Deletedo : HKLM\Software\Babylon
Chave Deletedo : HKLM\Software\BonanzaDealsLive
Chave Deletedo : HKLM\Software\BrowserCompanion
Chave Deletedo : HKLM\Software\BrowserMngr
Chave Deletedo : HKLM\Software\Conduit
Chave Deletedo : HKLM\Software\DataMngr
Chave Deletedo : HKLM\Software\DealPly
Chave Deletedo : HKLM\Software\delta-homesSoftware
Chave Deletedo : HKLM\Software\Desksvc
Chave Deletedo : HKLM\Software\eSafeSecControl
Chave Deletedo : HKLM\Software\hdcode
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKLM\Software\portaldositesSoftware
Chave Deletedo : HKLM\Software\Search Settings
Chave Deletedo : HKLM\Software\SimplyGen
Chave Deletedo : HKLM\Software\V9
Chave Deletedo : HKLM\Software\V9Software
Chave Deletedo : HKLM\Software\winzipersvc
Chave Deletedo : HKLM\Software\WNLT
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\V9Software
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Chave Deletedo : [x64] HKLM\SOFTWARE\suprasavings
Chave Deletedo : [x64] HKLM\SOFTWARE\Tarma Installer
Chave Deletedo : [x64] HKLM\SOFTWARE\WNLT
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\suprasavings
Dados Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17041

Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.Old.Start Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v

[ Arquivo : C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\3ui33zkn.default\prefs.js ]

[ Arquivo : C:\Users\Marcelo\AppData\Roaming\Mozilla\Firefox\Profiles\2k8smv1o.default\prefs.js ]

-\\ Google Chrome v34.0.1847.137

[ Arquivo : C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Extension] : bbjciahceamgodcoidkjpchnokgfpphh
Deletedo [Extension] : cjpglkicenollcignonpgiafdgfeehoj
Deletedo [Extension] : dlfienamagdnkekbbbocojppncdambda
Deletedo [Extension] : hbcennhacfaagdopikcegfcobcadeocj
Deletedo [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
Deletedo [Extension] : ifohbjbgfchkkfhphahclmkpgejiplfo
Deletedo [Extension] : jcdgjdiieiljkfkdcloehkohchhpekkn
Deletedo [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
Deletedo [Extension] : pfndaklgolladniicklehhancnlgocpp

[ Arquivo : C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Extension] : bodddioamolcibagionmmobehnbhiakf
Deletedo [Extension] : dlfienamagdnkekbbbocojppncdambda
Deletedo [Extension] : gaiilaahiahdejapggenmdmafpmbipje
Deletedo [Extension] : hbcennhacfaagdopikcegfcobcadeocj
Deletedo [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
Deletedo [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Deletedo [Extension] : ogccgbmabaphcakpiclgcnmcnimhokcj
Deletedo [Extension] : pflphaooapbgpeakohlggbpidpppgdff
Deletedo [Extension] : pfndaklgolladniicklehhancnlgocpp

*************************

AdwCleaner[R0].txt - [29379 octets] - [22/05/2014 21:23:12]
AdwCleaner[S0].txt - [23911 octets] - [22/05/2014 21:24:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [23972 octets] ##########

por **Power Max** Qui 22 maio 2014, 21:53

Desative temporariamente seu antivírus para evitar conflitos.

* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Certificado de segurança CE_UmbrellaCert 772309

Para executá-lo corretamente siga as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.

por gabrieldeftyu Qui 22 maio 2014, 22:35

Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by Gabriel on 22/05/2014 at 22:06:45,61.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gabriel\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

22/05/2014 22:10:16 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2924916565-3289012172-3205738302-1000\Software\Microsoft\Internet Explorer\SearchScopes\{50B512B2-19B8-4B7C-AB90-FC88525DB144} deleted successfully
HKEY_USERS\S-1-5-21-2924916565-3289012172-3205738302-1000\Software\Microsoft\Internet Explorer\SearchScopes\{62F04CE9-235C-8809-DEF9-2F02FCD0BFDC} deleted successfully
HKEY_USERS\S-1-5-21-2924916565-3289012172-3205738302-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C1F80264-CA89-47E1-BEC5-C72B3B235DA8} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\3ui33zkn.default\prefs.js:
user_pref("browser.search.defaultenginename", "Yahoo!");
user_pref("browser.search.selectedEngine", "Yahoo!");
user_pref("keyword.URL", "http://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p=");

Added to C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\3ui33zkn.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Marcelo\AppData\Roaming\Mozilla\Firefox\Profiles\2k8smv1o.default\prefs.js:
user_pref("browser.search.defaultenginename", "Yahoo!");
user_pref("browser.search.selectedEngine", "Yahoo!");
user_pref("keyword.URL", "http://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=198484&ilc=12&p=");

Added to C:\Users\Marcelo\AppData\Roaming\Mozilla\Firefox\Profiles\2k8smv1o.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\za40s3r6.default-1395593929366\prefs.js:

Added to C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\za40s3r6.default-1395593929366\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\3ui33zkn.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_052014_2219_.backup

ProfilePath: C:\Users\Marcelo\AppData\Roaming\Mozilla\Firefox\Profiles\2k8smv1o.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_052014_2219_.backup

ProfilePath: C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\za40s3r6.default-1395593929366

user.js not found
---- FireFox user.js and prefs.js backups ----

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"BrowserMngr Start Page"=-

==== Deleting Files \ Folders ======================

C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted
C:\Users\Gabriel\.android deleted
C:\PROGRA~2\GUT7A0.tmp deleted
C:\PROGRA~2\GUM79F.tmp deleted
C:\PROGRA~2\Internet Explorer\cr_addon.crx deleted
C:\PROGRA~2\Uninstall Information\ib_uninst_514 deleted
C:\PROGRA~2\Uninstall Information\ib_uninst_515 deleted
C:\found.000 deleted
C:\found.001 deleted
C:\Users\Marcelo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BearShare.lnk deleted
C:\windows\sysWoW64\config\systemprofile\AppData\Roaming\DealPly deleted
C:\PROGRA~3\ProductData deleted
C:\Users\Gabriel\AppData\Local\CRE deleted
C:\Users\Gabriel\AppData\Local\uTorrentBar_PT deleted
C:\Users\Gabriel\AppData\Local\cache deleted
C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted
C:\Users\Marcelo\AppData\Local\BearShare deleted
C:\Users\Gabriel\AppData\LocalLow\IObit Apps deleted
C:\Users\Marcelo\AppData\LocalLow\uTorrentBar_PT deleted
C:\windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\windows\sysWoW64\config\systemprofile\AppData\LocalLow\Toolbar4 deleted
C:\user.js deleted
C:\windows\Syswow64\InstallUtil.InstallLog deleted
C:\windows\Syswow64\shoA1BB.tmp deleted
C:\windows\Syswow64\shoA6FC.tmp deleted
C:\windows\SysWow64\AI_RecycleBin deleted
C:\windows\SysWow64\searchplugins deleted
C:\windows\SysWow64\Extensions deleted
C:\Users\Gabriel\Minecraft (2).exe deleted
"C:\windows\Installer\2caf7c3.msi" deleted
"C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\3ui33zkn.default\extensions\iobitapps@mybrowserbar.com" deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\3ui33zkn.default
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com

ProfilePath: C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\za40s3r6.default-1395593929366
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[22/05/2014 20:58]
mdebcffgnijbblbinknkbefciofebcda - C:\Users\Gabriel\AppData\Local\CRE\mdebcffgnijbblbinknkbefciofebcda.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
mdebcffgnijbblbinknkbefciofebcda - C:\Users\Gabriel\AppData\Local\CRE\mdebcffgnijbblbinknkbefciofebcda.crx[]

Advanced SystemCare Surfing Protection - Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd
Google Wallet - Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
https [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbgnflihbijgmgicmkkbcdhoobpmkbia
Google Wallet - Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://br.search.yahoo.com/?type=198484&fr=spigot-yhp-ie"
"Backup.Old.Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.certified-toolbar.com?si=41516&home=true&tid=554"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si=41516&home=true&tid=554"
"Default_Search_URL"="http://search.certified-toolbar.com?si=41516&tid=554&bs=true&q="
"Search Bar"="http://search.certified-toolbar.com?si=41516&tid=554&bs=true&q="
"Search Page"="http://search.certified-toolbar.com?si=41516&tid=554&bs=true&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.certified-toolbar.com?si=41516&home=true&tid=554"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si=41516&home=true&tid=554"
"Default_Search_URL"="http://search.certified-toolbar.com?si=41516&tid=554&bs=true&q="
"Search Bar"="http://search.certified-toolbar.com?si=41516&tid=554&bs=true&q="
"Search Page"="http://search.certified-toolbar.com?si=41516&tid=554&bs=true&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si=41516&bs=true&tid=554&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si=41516&bs=true&tid=554&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.certified-toolbar.com?si=41516&bs=true&tid=554&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si=41516&bs=true&tid=554&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.certified-toolbar.com?si=41516&bs=true&tid=554&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si=41516&bs=true&tid=554&q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si=41516&bs=true&tid=554&q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://search.certified-toolbar.com?si=41516&home=true&tid=554"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si=41516&home=true&tid=554"
"Default_Search_URL"="http://search.certified-toolbar.com?si=41516&tid=554&bs=true&q="
"Search Bar"="http://search.certified-toolbar.com?si=41516&tid=554&bs=true&q="
"Search Page"="http://search.certified-toolbar.com?si=41516&tid=554&bs=true&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://search.certified-toolbar.com?si=41516&home=true&tid=554"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si=41516&home=true&tid=554"
"Default_Search_URL"="http://search.certified-toolbar.com?si=41516&tid=554&bs=true&q="
"Search Bar"="http://search.certified-toolbar.com?si=41516&tid=554&bs=true&q="
"Search Page"="http://search.certified-toolbar.com?si=41516&tid=554&bs=true&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Search Page"="http://www.google.com"
"CustomizeSearch"="http://www.google.com"
"SearchAssistant"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"Start Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Search Page"="http://www.google.com"
"CustomizeSearch"="http://www.google.com"
"SearchAssistant"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
"Backup.Old.Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{80c554b9-c7f8-4a21-9471-06d606da78a2} Bing Url="http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE"

==== Reset Google Chrome ======================

C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Gabriel\Desktop\BitTorrent.lnk - C:\Users\Gabriel\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Users\Gabriel\Desktop\Bully Scholarship Edition.lnk - C:\Program Files (x86)\Rockstar Games\Bully Scholarship Edition\Bully.exe
C:\Users\Gabriel\Desktop\Daybreak.lnk - C:\GlobalGames\DayBreak\DBLauncher.exe
C:\Users\Gabriel\Desktop\Dragon Nest Europe.lnk - C:\Program Files (x86)\SDGi Europe\Dragon Nest Europe\dnlauncher.exe
C:\Users\Gabriel\Desktop\Elsword.lnk - C:\Level Up Games\Elsword\elsword.exe
C:\Users\Gabriel\Desktop\Grand Chase.lnk - C:\Level Up Games\Grand Chase\grandchase.exe
C:\Users\Gabriel\Desktop\LogMeIn Hamachi.lnk - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Users\Gabriel\Desktop\RaidCall.lnk - C:\Program Files (x86)\RaidCall\raidcall.exe
C:\Users\Gabriel\Desktop\WiFi Protector.lnk - C:\Program Files (x86)\WiFi Protector\wifiProtLauncher.exe --launchGUI
C:\Users\Marcelo\Desktop\BearShare.lnk - C:\Program Files (x86)\BearShare Applications\BearShare\BearShare.exe
C:\Users\Marcelo\Desktop\Continue FLV Player Installation.lnk - C:\Users\Gabriel\AppData\Local\Temp\ICReinstall_FLVPlayerSetup.exe /RR
C:\Users\Marcelo\Desktop\Continue Image Editor Installation.lnk - C:\Users\Marcelo\AppData\Local\Temp\ICReinstall_ImageEditorSetup.exe /RR
C:\Users\Marcelo\Desktop\Marcelo - Atalho.lnk - C:\Users\Gabriel
C:\Users\Marcelo\Desktop\Otshot.lnk - C:\Program Files\otshot\otshot.exe
C:\Users\Marcelo\Desktop\PDF Reader.lnk - C:\Users\Marcelo\PDFReader\SumatraPDF.exe
C:\Users\Marcelo\Desktop\RaidCall.lnk - C:\Program Files (x86)\RaidCall\raidcall.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader X.lnk - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Advanced SystemCare 7.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /manual
C:\Users\Public\Desktop\avast Free Antivirus.lnk -
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\Combat Arms.lnk - C:\Level Up Games\Combat Arms\CombatArms.exe
C:\Users\Public\Desktop\DAEMON Tools Lite.lnk - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Users\Public\Desktop\Driver Booster.lnk - C:\Program Files (x86)\IObit\Driver Booster\SkipUacExec.exe
C:\Users\Public\Desktop\EPSON Scan.lnk - C:\Windows\twain_32\escndv\escndv.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\HD VDeck.lnk - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Users\Public\Desktop\IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe
C:\Users\Public\Desktop\League of Legends.lnk - C:\Riot Games\League of Legends\lol.launcher.exe
C:\Users\Public\Desktop\osu.lnk -
C:\Users\Public\Desktop\Perfect World.lnk - C:\Level Up Games\Perfect World\launcher\Launcher.exe
C:\Users\Public\Desktop\Skype.lnk - C:\windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe
C:\Users\Public\Desktop\SlimDrivers.lnk - C:\windows\Installer\{A5457401-D56A-43F2-9524-78E54A7FC07A}\Icon.exe
C:\Users\Public\Desktop\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GlobalGames\Daybreak.lnk - C:\GlobalGames\DayBreak\DBLauncher.exe
C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GlobalGames\Uninstall Daybreak.lnk - C:\GlobalGames\DayBreak\uninst.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk - C:\windows\Installer\{AC76BA86-7AD7-1046-7B44-AA1000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7\Advanced SystemCare 7.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /manual
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7\Desinstalar Advanced SystemCare.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7\Toolbox.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /toolbox
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7\Turbo Boost.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /turboboost
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast Free Antivirus.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth\Heroes of Newerth Repair.lnk - C:\Program Files (x86)\Heroes of Newerth (Latin America)\hon.exe -repair
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth\Heroes of Newerth Update.lnk - C:\Program Files (x86)\Heroes of Newerth (Latin America)\hon.exe -update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth\Heroes of Newerth.lnk - C:\Program Files (x86)\Heroes of Newerth (Latin America)\hon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth\Map Editor.lnk - C:\Program Files (x86)\Heroes of Newerth (Latin America)\hon.exe -mod game;editor
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth\Uninstall.lnk - C:\Program Files (x86)\Heroes of Newerth (Latin America)\uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller\Help.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\help.html
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller\IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller\Uninstall IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallDisplay.exe uninstall_start
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\LogMeIn Hamachi.lnk - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\Uninstall.lnk - C:\windows\SysWOW64\msiexec.exe /i {C22378E6-9A65-438E-964C-7DB8FBB568DE} REMOVE=ALL
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaProLib\Desinstalar MegaProLib.lnk - C:\Program Files (x86)\MegaProLib\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaProLib\MegaProLib.lnk - C:\Program Files (x86)\MegaProLib\MegaProLib.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Alternate Start.lnk - C:\Program Files\SUPERAntiSpyware\RUNSAS.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Help.lnk - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Professional.lnk - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Registration-Activation.lnk - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe /register
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WiFi Protector\WiFi Protector.lnk - C:\Program Files (x86)\WiFi Protector\wifiProtLauncher.exe --launchGUI

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\windows\explorer.exe
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\windows\explorer.exe
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\windows\system32\control.exe
C:\Users\Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Grand Chase.lnk - C:\Level Up Games\Grand Chase\grandchase.exe
C:\Users\Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\League of Legends.lnk - C:\Riot Games\League of Legends\lol.launcher.exe
C:\Users\Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.lnk - C:\windows\system32\mspaint.exe
C:\Users\Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Uninstall Programs.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe
C:\Users\Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\windows\explorer.exe
C:\Users\Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\Marcelo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Marcelo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Marcelo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Marcelo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk - C:\windows\system32\calc.exe
C:\Users\Marcelo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Uninstall Programs.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe
C:\Users\Marcelo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Marcelo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Marcelo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer (2).lnk - C:\windows\explorer.exe
C:\Users\Marcelo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\windows\explorer.exe
C:\Users\Marcelo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\windows\explorer.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyServer"="http=127.0.0.1:61313;https=127.0.0.1:61313"
"ProxyOverride"="<-loopback>;"
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0345E5F48AD1B2B4BB622BC9E0D7FBBD deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mdebcffgnijbblbinknkbefciofebcda deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\mdebcffgnijbblbinknkbefciofebcda deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4F5E5430-1DA8-4B2B-BB26-B29C0E7DBFDB} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\0345E5F48AD1B2B4BB622BC9E0D7FBBD deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gabriel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Gabriel\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Marcelo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Marcelo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Marcelo\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Marcelo\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gabriel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7IDYQ0OH will be deleted at reboot
C:\Users\Gabriel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MD6TON1N will be deleted at reboot
C:\Users\Gabriel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V98DW1VF will be deleted at reboot
C:\Users\Gabriel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z8HP0TGO will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Marcelo\AppData\Local\Mozilla\Firefox\Profiles\2k8smv1o.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=338 folders=109 138935673 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Gabriel\AppData\Local\Temp will be emptied at reboot
C:\Users\Marcelo\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\Gabriel\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Gabriel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7IDYQ0OH" not found
"C:\Users\Gabriel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MD6TON1N" not found
"C:\Users\Gabriel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V98DW1VF" not found
"C:\Users\Gabriel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z8HP0TGO" not found

==== EOF on 22/05/2014 at 22:27:30,48 ======================

por **Power Max** Qui 22 maio 2014, 22:46

Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

por gabrieldeftyu Qui 22 maio 2014, 22:57

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Gabriel on 22/05/2014 at 22:49:21,32
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2924916565-3289012172-3205738302-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim

~~~ Files

Successfully deleted: [File] "C:\Users\Gabriel\appdata\locallow\SkwConfig.bin"

~~~ Folders

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22/05/2014 at 22:55:33,68
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

por **Power Max** Qui 22 maio 2014, 23:00

Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

por gabrieldeftyu Sex 23 maio 2014, 17:56

~ Relatório do ZHPDiag v2014.5.23.72 - Nicolas Coolman (23/05/2014)
~ Iniciado por Gabriel (23/05/2014 17:52:52)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user

---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17107
GCIE: Google Chrome v35.0.1916.114 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
avast! Free Antivirus v9.0.2018
Microsoft Security Client v4.5.0216.0
SUPERAntiSpyware v5.7.1018
Windows Defender W7 (Deactivate)

---\\ Softwares d'optimização do sistema
CCleaner v3.18

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Adobe Reader X

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 6050 MB (51% free)
System Restore: Activé (Enable)
System drive C: has 458 GB (65%) free of 699 GB

---\\ Modo de conexão ao sistema
~ Computer Name: GABRIEL-MEGA
~ User Name: Gabriel
~ All Users Names: Marcelo, HomeGroupUser$, Gabriel, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Gabriel\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Gabriel\AppData\Roaming\
~ %Desktop% : C:\Users\Gabriel\Desktop\
~ %Favorites% : C:\Users\Gabriel\Favorites\
~ %LocalAppData% : C:\Users\Gabriel\AppData\Local\
~ %StartMenu% : C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 458 Go of 699 Go)
D: CD-ROM drive (Not Inserted)
E: Floppy drive, Flash card reader, USB Key (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: CD-ROM drive (Free 0 Go of 3 Go)
K: CD-ROM drive (Free 0 Go of 4 Go)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)

---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s

---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.11/05/2011 - 17:04:55.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.F220BA78AB542C70211D73AE4729B2CD] - (.Microsoft Corporation - Internet Extensions para Win32.) (.06/03/2014 - 03:22:40.) -- C:\Windows\System32\wininet.dll [2260480]
[MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.04/03/2014 - 06:43:50.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.27/09/2013 - 22:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/06/2011 - 16:35:30.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s

---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/1563
~ Mes musiques (My Musics) : 1/204
~ Mes Videos (My Videos) : 1/268
~ Mes Favoris (My Favorites) : 1/20
~ Mes Documents (My Documents) : 2/1432
~ Mon Bureau (My Desktop) : 1/922
~ Menu demarrer (Programs) : 1/37
~ Hidden Files: Scanned in 00mn 05s

---\\ Processos lançados
[MD5.CC78200C3ECFFA178E78308A0E160D80] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Gabriel\AppData\Local\Akamai\netsession_win.exe [4672920] [PID.2452]
[MD5.127687F1D171D0820D02851A9FA62525] - (.IObit - Advanced SystemCare 7.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2295584] [PID.2512]
[MD5.9D4A0ECBF734E2EECDD5B473A2D705FE] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016] [PID.2524]
[MD5.995BEB69AE5C50D354894354F5A6CD5A] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296] [PID.2660]
[MD5.8E13CA0B48A1298F46F8739B95DBE4BF] - (.IObit - Advanced SystemCare 7 Monitor.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe [781600] [PID.2412]
[MD5.094A47AB1D4966C8CD318AD7EB1521A6] - (.SlimWare Utilities, Inc. - SlimDrivers.) -- C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [29395264] [PID.2744]
[MD5.3E364978E4C74D3BCEA29FB41743CB5A] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704] [PID.2768]
[MD5.1620FE36666F4BBC2314B7F360FB1965] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488] [PID.5084]
[MD5.E1631396823E6E55F0B31FDCBE959901] - (.Sun Microsystems, Inc. - Java(TM) Update Checker.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe [505736] [PID.5356]
[MD5.A34A745F55F26AE60A9FDB2027DC0BC0] - (.No owner - PVP.net Patcher Kernel.) -- C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe [1300376] [PID.5384]
[MD5.DF152CB41DA68342D29A550A0DE7CEEB] - (.No owner - PVP.net Patcher.) -- C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.208\deploy\LoLLauncher.exe [5464568] [PID.5540]
[MD5.5B93A9C1BB894EFA4D6429EEADA5007C] - (...) -- C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.91\deploy\LolClient.exe [74752] [PID.5820]
[MD5.2BE28172DB7CB4C3AB8AC061D5420316] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7877120] [PID.2328]
[MD5.6C856C581ACE1785CE3FC2414E9859A3] - (.IObit - Advanced SystemCare Service.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881952] [PID.844]
[MD5.DAAA237C34A506EF56D44A56EA039CC0] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe [452968] [PID.920]
[MD5.37D17AE2936867F88EB3C4CBCBC6B8A1] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1388]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1452]
[MD5.0B6A8BCF9C515543526FE9D170FEFA08] - (.No owner - UPSmart Module.) -- C:\Program Files (x86)\AOne\Keyboard Driver\UPServ.exe [106496] [PID.1100]
[MD5.E4C70E1D322B547F84109926A23A0D41] - (.No owner - Keyboard Driver.) -- C:\Program Files (x86)\AOne\Keyboard Driver\KMonitor.exe [190784] [PID.2412]
[MD5.6EEE29D055D14F84BEBDD71FA593E060] - (.Banco Bradesco S.A. - scpVista.) -- C:\Program Files (x86)\Scpad\scpVista.exe [368544] [PID.2280]
[MD5.39B1D0A636A400304565D4521FAD6D77] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [207528] [PID.3272]
[MD5.77C5A741A7452812F278EF2C18478862] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [523944] [PID.3916]
[MD5.FD557A50A65E44041CD2FCEF4BEB04DB] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822504] [PID.3552]
[MD5.2ED1786B7542CDA261029F6B526EDF44] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [325656] [PID.3632]
[MD5.7E5E1603D0FF2D240AE70295C5C3FEFC] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2656280] [PID.5128]
~ Processes Running: Scanned in 00mn 00s

---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 12 Legitimates Filtered in 00mn 01s

---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\3ui33zkn.default\prefs.js
C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\za40s3r6.default-1395593929366\prefs.js
M3 - MFPP: Plugins - [Gabriel] -- C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\3ui33zkn.default\searchplugins\yahoo_ff.xml
M2 - MFEP: prefs.js [Gabriel - 3ui33zkn.default\ascsurfingprotection@iobit.com] [] Advanced SystemCare Surfing Protection v1.0 (..)
M2 - MFEP: prefs.js [Gabriel - za40s3r6.default-1395593929366\ascsurfingprotection@iobit.com] [] Advanced SystemCare Surfing Protection v1.0 (..)
~ Firefox Browser: 9 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>; =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:61313;https=127.0.0.1:61313 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

---\\ Browser Helper Objects do navegador (02)
O2 - BHO: CompSegIB [64Bits] - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Banco Bradesco S.A. - scpsssh2 Module.) -- C:\Program Files (x86)\Scpad\scpsssh2.dll
O2 - BHO: G-Buster Browser Defense CEF [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540003} . (.Caixa Economica Federal - Gbieh Module.) -- C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehcef.dll
O2 - BHO: (no name) [64Bits] - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} Chave orfã
~ BHO: 12 Legitimates Filtered in 00mn 00s

---\\ Barras do Internet Explorer (03))
O3 - Toolbar: (no name) - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Chave orfã
~ Toolbar: Scanned in 00mn 00s

---\\ Outras conexões do utilizador (04)
O4 - GS\Program [Marcelo]: BearShare.lnk . (...) -- C:\Program Files (x86)\BearShare Applications\BearShare\BearShare.exe (.not file.) =>PUP.BearShare
O4 - GS\Desktop [Marcelo]: BearShare.lnk . (...) -- C:\Program Files (x86)\BearShare Applications\BearShare\BearShare.exe (.not file.) =>PUP.BearShare
O4 - GS\Desktop [Gabriel]: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.) -- C:\Users\Gabriel\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
~ Global Startup: 3 Legitimates Filtered in 00mn 02s

---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Gabriel\AppData\Local\Akamai\netsession_win.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKCU\..\Run: [Advanced SystemCare 7] . (.IObit - Advanced SystemCare 7.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [ContentExplorer] . (.ContentExplorer - ContentExplorer.) -- C:\Users\Gabriel\AppData\Roaming\ContentExplorer\ContentExplorer.exe
O4 - HKLM\..\Wow6432Node\Run: [HDAudDeck] . (.VIA - VIA HD Audio CPL.) -- C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [LogMeIn Hamachi Ui] . (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2924916565-3289012172-3205738302-1000\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Gabriel\AppData\Local\Akamai\netsession_win.exe
O4 - HKUS\S-1-5-21-2924916565-3289012172-3205738302-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKUS\S-1-5-21-2924916565-3289012172-3205738302-1000\..\Run: [Advanced SystemCare 7] . (.IObit - Advanced SystemCare 7.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
O4 - HKUS\S-1-5-21-2924916565-3289012172-3205738302-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-2924916565-3289012172-3205738302-1000\..\Run: [ContentExplorer] . (.ContentExplorer - ContentExplorer.) -- C:\Users\Gabriel\AppData\Roaming\ContentExplorer\ContentExplorer.exe
~ Application: Scanned in 00mn 00s

---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains] http.aeriagames.com
O15 - Trusted Zone: [HKCU\...\Domains\www] *.caixa.gov.br
O15 - Trusted Zone: [HKCU\...\Domains] http.ogdev.net
O15 - Trusted Zone: [HKCU\...\Domains] http.sdo.com
~ IE Zone Confiance: Scanned in 00mn 00s

---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{251970AC-0194-4B9A-934E-5DE9409589A2}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\..\{251970AC-0194-4B9A-934E-5DE9409589A2}: DhcpNameServer = 192.168.30.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{251970AC-0194-4B9A-934E-5DE9409589A2}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{251970AC-0194-4B9A-934E-5DE9409589A2}: DhcpNameServer = 192.168.30.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{251970AC-0194-4B9A-934E-5DE9409589A2}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS2\Services\Tcpip\..\{251970AC-0194-4B9A-934E-5DE9409589A2}: DhcpNameServer = 192.168.30.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.30.2
~ Domain: Scanned in 00mn 00s

---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s

---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
O23 - Service: KBRestart (KBRestart) . (.No owner - UPSmart Module.) - C:\Program Files (x86)\AOne\Keyboard Driver\UPServ.exe
O23 - Service: scpVista (scpVista) . (.Banco Bradesco S.A. - scpVista.) - C:\Program Files (x86)\Scpad\scpVista.exe
~ Services: 17 Legitimates Filtered in 00mn 04s

---\\ Tarefas planificadas automaticamente (039)
[MD5.AEF4D01FF6004A389CB782973679C1A7] [APT] [0414bUpdateInfo] (...) -- C:\ProgramData\Avg_Update_0414b\0414b_AVG-Secure-Search-Update.exe [2707480] =>Toolbar.AVGSearch
[MD5.00000000000000000000000000000000] [APT] [{64A07B45-7E50-469F-BFEC-135EB13B25B5}] (...) -- C:\Level Up! Games\Forsaken\Uninstall.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{83227FA6-306E-466E-88CB-7967D73E8CEC}] (...) -- C:\Program Files (x86)\PangYa Brasil\Uninstal.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A19C5FA5-728F-4881-BAAD-7B9A61504542}] (...) -- C:\Users\Gabriel\Desktop\Otshot_BR.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{AB95EBF2-48AF-4BBC-9690-813A7F354EC3}] (...) -- J:\SPORESetup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B9E4848D-FD36-4AF4-BF88-43FE9D6C146F}] (...) -- D:\Crack\KeyGen.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D1A7E623-D540-452C-8E3F-95D40C318DA6}] (...) -- D:\Crack\KeyGen.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EAAE6CBB-C077-48CC-B451-B710BECEBD30}] (...) -- C:\Users\Gabriel\Videos\GTA\Install.exe (.not file.) [0]
O39 - APT: 0414bUpdateInfo - (...) -- C:\Windows\Tasks\0414bUpdateInfo.job [316]
O39 - APT: 0414bUpdateInfo - (...) -- C:\Windows\System32\Tasks\0414bUpdateInfo [316]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1066]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1070]
O39 - APT: - (..) -- C:\Windows\Tasks\SlimDrivers Startup.job [414]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\SlimDrivers Startup [414]
~ Scheduled Task: 26 Legitimates Filtered in 00mn 03s

---\\ Software instalados (042)
O42 - Logiciel: ContentExplorer - (.ContentExplorer.net.) [HKLM][64Bits] -- ContentExplorer
O42 - Logiciel: Dragon Nest Europe - (...) [HKLM][64Bits] -- Dragon Nest Europe
O42 - Logiciel: MegaProLib versão 1.0 - (.Megaware Industrial Ltda.) [HKLM][64Bits] -- {F922B4E6-04A5-464E-8C40-CB4887DEE0D4}_is1
O42 - Logiciel: Megareg versão 1.0.10 - (.Megaware Industrial LTDA.) [HKLM][64Bits] -- {A208472A-31B9-48D8-B2FC-E339134BB1DE}_is1
O42 - Logiciel: WiFi Protector - (.Optimal Software s.r.o.) [HKLM][64Bits] -- wifiProt-SL_is1
~ Logic: 10 Legitimates Filtered in 00mn 00s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\Baidu Security]
[HKCU\Software\ContentExplorer]
[HKCU\Software\Font]
[HKCU\Software\IncrediMail]
[HKCU\Software\Mark J. Hadley]
[HKCU\Software\OnGame]
[HKCU\Software\Pando Networks]
[HKLM\Software\Wow6432Node\360Safe]
[HKLM\Software\Wow6432Node\AOne]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Baidu Security]
[HKLM\Software\Wow6432Node\Baidu_Drp_pos]
[HKLM\Software\Wow6432Node\Level Up! Interactive]
[HKLM\Software\Wow6432Node\Ntreev]
[HKLM\Software\Wow6432Node\Pando Networks]
[HKLM\Software\Wow6432Node\RCBR]
[HKLM\Software\Wow6432Node\SDGi Europe]
[HKLM\Software\Wow6432Node\Space]
~ Key Software: 272 Legitimates Filtered in 00mn 00s

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 11/02/2012 - 11:17:55 - [] ----D C:\Program Files (x86)\AOne
O43 - CFD: 30/04/2014 - 23:04:47 - [] ----D C:\Program Files (x86)\MegaProLib
O43 - CFD: 26/07/2013 - 09:09:55 - [] ----D C:\Program Files (x86)\Megareg
O43 - CFD: 22/05/2014 - 20:52:09 - [] ----D C:\Program Files (x86)\Scpad
O43 - CFD: 09/11/2013 - 20:41:27 - [] ----D C:\Program Files (x86)\SDGi Europe
O43 - CFD: 22/05/2014 - 20:52:09 - [] ----D C:\Program Files (x86)\WiFi Protector
O43 - CFD: 26/01/2014 - 19:40:40 - [] ----D C:\ProgramData\Baidu Security
O43 - CFD: 02/05/2012 - 09:13:19 - [] ----D C:\ProgramData\levelup downloader
O43 - CFD: 26/01/2014 - 19:40:57 - [] ----D C:\Users\Gabriel\AppData\Roaming\Baidu Security
O43 - CFD: 22/05/2014 - 20:50:03 - [] ----D C:\Users\Gabriel\AppData\Roaming\ContentExplorer
O43 - CFD: 21/04/2013 - 15:10:11 - [] ----D C:\Users\Gabriel\AppData\Roaming\IE Addon
O43 - CFD: 22/05/2014 - 20:50:03 - [] ----D C:\Users\Gabriel\AppData\Roaming\ProductData
O43 - CFD: 24/01/2014 - 18:21:45 - [] ----D C:\Users\Gabriel\AppData\Roaming\rcru
O43 - CFD: 12/06/2012 - 22:25:39 - [] ----D C:\Users\Gabriel\AppData\Local\Ares
O43 - CFD: 01/02/2014 - 23:14:08 - [] ----D C:\Users\Gabriel\AppData\Local\EdgeOfReality
O43 - CFD: 02/05/2012 - 09:13:19 - [] ----D C:\Users\Gabriel\AppData\Local\Level Up!
O43 - CFD: 09/03/2013 - 13:46:46 - [0] ----D C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Global Games
O43 - CFD: 09/05/2014 - 00:13:10 - [] ----D C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GlobalGames
O43 - CFD: 09/11/2013 - 20:49:36 - [] ----D C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SDGi Europe
~ Program Folder: 204 Legitimates Filtered in 00mn 00s

---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.8E9E3CBA08EC47245B277110835CF305] - 22/05/2014 - 19:06:14 ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [38216]
O44 - LFC:[MD5.6DCD2E21E873BBC95C1B9483739B64EE] - 22/05/2014 - 19:06:17 ---A- . (...) -- C:\Windows\certutil.log [957]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 22/05/2014 - 22:06:33 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.D3EDD8322FFE311B131B5BA1B88AF7BB] - 22/05/2014 - 22:27:30 ---A- . (...) -- C:\zoek-results.log [40634]
O44 - LFC:[MD5.9CFEFD62D86DABFAC12D1C5ED72BA6A4] - 23/05/2014 - 15:18:35 ---A- . (...) -- C:\Windows\System32\Drivers\SWDUMon.sys [16152]
~ Files: 43 Legitimates Filtered in 00mn 04s

---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{25190dbf-76af-11e3-bc36-c89cdc4d2b3c}\AutoRun\command. (.Rockstar Games - Setup Launcher.) -- I:\setup.exe
O51 - MPSK:{32b4152c-0006-11e2-8b1d-c89cdc4d2b3c}\AutoRun\command. (.Rockstar Games - Setup Launcher.) -- I:\setup.exe
O51 - MPSK:{4fbd4430-c095-11e2-a2e0-c89cdc4d2b3c}\AutoRun\command. (.Rockstar Games - Setup Launcher.) -- I:\setup.exe
O51 - MPSK:{5283bb98-7784-11e3-97d5-c89cdc4d2b3c}\AutoRun\command. (.Electronic Arts Inc. - Spore Launcher.) -- K:\autorun.exe
O51 - MPSK:{7089ae84-ba70-11e1-96cb-c89cdc4d2b3c}\AutoRun\command. (...) -- I:\DrvInst.exe (.not file.)
O51 - MPSK:{cef9a0fe-6feb-11e2-b2f8-c89cdc4d2b3c}\AutoRun\command. (...) -- I:\DrvInst.exe (.not file.)
~ Keys: Scanned in 00mn 02s

---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\RaidCall [Key] . (.RAIDCALL.COM - Raidcall.) -- C:\Program Files (x86)\RaidCall\raidcall.exe
~ SMSR Keys: 2 Legitimates Filtered in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s

---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:31/05/2012 - 21:21:04 R--A- . (.360.cn - 360HipsOEM.) -- C:\Windows\System32\Drivers\360FltOEM.sys [289952]
O58 - SDL:01/05/2014 - 18:20:26 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:01/05/2014 - 18:20:26 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:01/05/2014 - 18:20:26 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [208416] =>.ALWIL Software
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:23/05/2014 - 15:18:35 ---A- . (...) -- C:\Windows\System32\Drivers\SWDUMon.sys [16152]
O58 - SDL:09/04/2014 - 22:21:02 ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [38216]
O58 - SDL:30/11/2010 - 15:52:57 ---A- . (.OpenLibSys.org - WinRing0.) -- C:\Windows\System32\WinRing0.sys [14416]
O58 - SDL:30/11/2010 - 15:52:58 ---A- . (.OpenLibSys.org - WinRing0.) -- C:\Windows\System32\WinRing0x64.sys [14544]
O58 - SDL:04/10/2012 - 14:07:24 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpkm.sys [47720]
O58 - SDL:23/05/2014 - 15:14:47 ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpndisrd.sys [31088]
~ Drivers: 69 Legitimates Filtered in 00mn 04s

---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 01/05/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 01/05/2014 - C:\Windows\System32\Drivers\aswVmm.sys (aswVmm) .(...) - LEGACY_ASWVMM
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Legacy: 101 Legitimates Filtered in 00mn 00s

---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s

---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {80c554b9-c7f8-4a21-9471-06d606da78a2} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.28EE8AD53F3080F015BB2BB23302890E] [SPRF][09/05/2014] (.SUPERAntiSpyware - SUPERAntiSpyware Free Edition Setup.) -- C:\Users\Gabriel\Desktop\571-SUPERAntiSpyware.exe [17946224]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][27/04/2014] (...) -- C:\Users\Gabriel\Desktop\HoNLatinClient-3.2.6.2.exe [1980900840]
[MD5.605A171C61A0607BDCF6BE80ED07CF95] [SPRF][10/07/2012] (.AnjoCaido - Free launcher for Minecraft Alpha.) -- C:\Users\Gabriel\Desktop\Minecraft.exe [695296]
~ Files: 4 Legitimates Filtered in 00mn 00s

---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{F9F0A833-130F-4F30-9912-CC213176660B}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\Gabriel\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{7AC53F78-5963-4B30-9F8E-514CECE7BEEA}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\Gabriel\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 14s

---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "25BD30E1BC5D83343A835E62DDD4D41B" . (.Bing Bar.) -- C:\Windows\Installer\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}\icon_installer_ico =>Toolbar.Bing
~ Update Products: 1 Legitimates Filtered in 00mn 00s

---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASAPI32 =>Adware.PredictAd
HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASMANCS =>Adware.PredictAd
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\appbario2AutoUpdateHelper_RASAPI32 =>PUP.AppBario
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\appbario2AutoUpdateHelper_RASMANCS =>PUP.AppBario
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32 =>Toolbar.Bing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentSetup_2-KFRPtAWP-1__RASAPI32 =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentSetup_2-KFRPtAWP-1__RASMANCS =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent-32-build-27825-baixaki-32-bits-2192012111956_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent-32-build-27825-baixaki-32-bits-2192012111956_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent-Baixaki-32bit_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent-Baixaki-32bit_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
~ BTK: 377 Legitimates Filtered in 00mn 00s

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 13/05/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 17/04/2014 279024 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 26/05/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 26/05/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 13/05/2014 2228048 | (Hamachi2Svc) . (.LogMeIn Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
SS - | Auto 04/05/2014 2152736 | (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
SS - | Demand 10/07/1658 0 | (npggsvc) . (.INCA Internet Co., Ltd..) - C:\windows\system32\GameMon.des
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 27/01/2014 571816 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SS - | Demand 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/10/2013 144152 | (!SASCORE) . (.SUPERAntiSpyware.com.) - C:\Program Files\SUPERAntiSpyware\SASCORE64.exe
SR - | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 14/01/2014 881952 | (AdvancedSystemCareService7) . (.IObit.) - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
SR - | Auto 01/05/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 11/01/2011 168448 | (EPSON_EB_RPCV4_04) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.exe
SR - | Auto 11/01/2011 131072 | (EPSON_PM_RPCV4_04) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.exe
SR - | Auto 16/10/2013 452968 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
SR - | Auto 20/01/2012 106496 | (KBRestart) . (...) - C:\Program Files (x86)\AOne\Keyboard Driver\UPServ.exe
SR - | Auto 15/04/2014 377616 | (LMIGuardianSvc) . (.LogMeIn, Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
SR - | Auto 20/12/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 11/03/2014 23808 | (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 05/08/2011 368544 | (scpVista) . (.Banco Bradesco S.A..) - C:\Program Files (x86)\Scpad\scpVista.exe
SR - | Auto 20/12/2010 2656280 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 14/12/2010 27760 | (VIAKaraokeService) . (.VIA Technologies, Inc..) - C:\Windows\System32\viakaraokesrv.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Demand 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 05s

---\\ Scâner Aditional (088)
Database Version : 13029 - (23/05/2014)
Clés trouvées (Keys found) : 16
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Bing
[HKLM\Software\Classes\Installer\Products\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\Classes\Installer\Products\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9] =>PUP.Dealio
[HKCU\Software\IObit Apps] =>PUP.Dealio
[HKCU\Software\AppDataLow\Software\IObit Apps] =>PUP.Dealio
[HKLM\Software\Wow6432Node\IObit Apps] =>PUP.Dealio
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\eSafeSvc] =>PUP.eSafeSecurity
[HKLM\Software\Wow6432Node\360Safe] =>Trojan.Lozavita
C:\ProgramData\Avg_Update_0414b\0414b_AVG-Secure-Search-Update.exe =>Toolbar.AVGSearch^
~ Additionnel Scan: 273278 Items scanned in 00mn 36s

---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.Proxy
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.BearShare
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.PredictAd
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.AppBario
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.IMBooster
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Tarma
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Dealio
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.eSafeSecurity
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.Lozavita
~ MSI: 9 link(s) detected in 00mn 00s

~ 894 Legitimates filtered by white list
End of the scan (576 lines in 01mn 53s)(0)

por **Power Max** Sex 23 maio 2014, 20:15

Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC agora e de tempos em tempos.
_____________________________________________________________________________________________________________

* Faça o download do Usbfix [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (ao acessar a página clique no botão representado nesta imagem (na parte inferior direita da página) para baixá-lo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Certificado de segurança CE_UmbrellaCert 772309

Utilize o USBFix conforme é mostrado nesta postagem:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
________________________________________________________________________________________________

Certificado de segurança CE_UmbrellaCert 772309

Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

Certificado de segurança CE_UmbrellaCert 772309

Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta juntamente com o log (relatório) do Usbfix que estará em C:\UsbFix.txt

por gabrieldeftyu Sex 23 maio 2014, 22:18

############################## | UsbFix V 7.171 | [Pesquisa]

Usuário: Gabriel (Administrador) # GABRIEL-MEGA
Atualizado em 18/05/2014 por El Desaparecido - SosVirus
Começou em 22:09:32 | 23/05/2014

Site : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Changelog : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Asistencia : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Upload Malware : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Contato : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

PC: MEGAWARE (MW-H61H2-M2)
CPU: Intel(R) Core(TM) i5-2310 CPU @ 2.90GHz
RAM -> [Total : 6051 Mo| Free : 3276 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 7 Home Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.17107
WB: Google Chrome : 35.0.1916.114

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Microsoft Security Essentials [Enabled | Updated]
AV: avast! Antivirus [(!) Disabled | Updated]
AS: Windows Defender [(!) Disabled | (!) Outdated]
AS: avast! Antivirus [(!) Disabled | Updated]
AS: Microsoft Security Essentials [Enabled | Updated]
FW: Windows FireWall [(!) Disabled]

C:\ (%SystemDrive%) -> Disco fixo # 699 Gb (458 Mb livre - 65%) [Win7] # NTFS
D:\ -> CD-ROM
I:\ -> CD-ROM
K:\ -> CD-ROM

################## | Processos Ativos |

C:\Windows\System32\smss.exe (ID: 372|ParentID: 4|SISTEMA)
C:\Windows\System32\wininit.exe (ID: 540|ParentID: 456)
C:\Windows\System32\services.exe (ID: 608|ParentID: 540)
C:\Windows\System32\winlogon.exe (ID: 616|ParentID: 524)
C:\Windows\System32\lsass.exe (ID: 644|ParentID: 540)
C:\Windows\System32\lsm.exe (ID: 652|ParentID: 540)
C:\Windows\System32\svchost.exe (ID: 756|ParentID: 608)
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe (ID: 816|ParentID: 608)
C:\PROGRA~2\GbPlugin\gbpsv.exe (ID: 888|ParentID: 608)
C:\Windows\System32\svchost.exe (ID: 960|ParentID: 608)
C:\Program Files\Microsoft Security Client\MsMpEng.exe (ID: 128|ParentID: 608)
C:\Windows\System32\svchost.exe (ID: 480|ParentID: 608)
C:\Windows\System32\svchost.exe (ID: 528|ParentID: 608)
C:\Windows\System32\svchost.exe (ID: 312|ParentID: 608)
C:\Windows\System32\svchost.exe (ID: 1044|ParentID: 608)
C:\Windows\System32\svchost.exe (ID: 1368|ParentID: 608)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1440|ParentID: 608)
C:\Windows\System32\spoolsv.exe (ID: 1604|ParentID: 608)
C:\Windows\System32\svchost.exe (ID: 1680|ParentID: 608)
C:\Program Files\SUPERAntiSpyware\SASCore64.exe (ID: 1828|ParentID: 608)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1852|ParentID: 608)
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE (ID: 1884|ParentID: 608)
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE (ID: 1920|ParentID: 608)
C:\Windows\System32\svchost.exe (ID: 1956|ParentID: 608)
C:\Program Files (x86)\AOne\Keyboard Driver\UPServ.exe (ID: 1988|ParentID: 608)
C:\Windows\System32\taskeng.exe (ID: 1092|ParentID: 1044)
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (ID: 1216|ParentID: 608)
C:\Program Files (x86)\Scpad\scpVista.exe (ID: 1276|ParentID: 608)
C:\Windows\System32\taskhost.exe (ID: 1200|ParentID: 608|Gabriel)
C:\Windows\System32\taskeng.exe (ID: 1756|ParentID: 1044|Gabriel)
C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe (ID: 2088|ParentID: 1756|Gabriel)
C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe (ID: 2144|ParentID: 1756|Gabriel)
C:\Windows\System32\dwm.exe (ID: 2160|ParentID: 528|Gabriel)
C:\Windows\explorer.exe (ID: 2168|ParentID: 2136|Gabriel)
C:\Program Files (x86)\AOne\Keyboard Driver\KMonitor.exe (ID: 2216|ParentID: 1988)
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (ID: 2676|ParentID: 608)
C:\Windows\System32\svchost.exe (ID: 2752|ParentID: 608)
C:\Windows\System32\ViakaraokeSrv.exe (ID: 2788|ParentID: 608)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 2824|ParentID: 608)
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (ID: 2948|ParentID: 608)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (ID: 1636|ParentID: 2824)
C:\Program Files\Microsoft Security Client\msseces.exe (ID: 2212|ParentID: 2168|Gabriel)
C:\Windows\System32\hkcmd.exe (ID: 3112|ParentID: 2168|Gabriel)
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (ID: 3436|ParentID: 608)
C:\Windows\System32\igfxpers.exe (ID: 3780|ParentID: 2168|Gabriel)
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (ID: 3788|ParentID: 2948|Gabriel)
C:\Users\Gabriel\AppData\Local\Akamai\netsession_win.exe (ID: 3864|ParentID: 2168|Gabriel)
C:\Users\Gabriel\AppData\Local\Akamai\netsession_win.exe (ID: 3888|ParentID: 3864|Gabriel)
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe (ID: 1632|ParentID: 2168|Gabriel)
C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (ID: 3108|ParentID: 608)
C:\Program Files (x86)\Skype\Phone\Skype.exe (ID: 2348|ParentID: 2168|Gabriel)
C:\Users\Gabriel\AppData\Roaming\ContentExplorer\ContentExplorer.exe (ID: 3724|ParentID: 2168|Gabriel)
C:\Windows\System32\SearchIndexer.exe (ID: 904|ParentID: 608)
C:\Windows\System32\svchost.exe (ID: 4144|ParentID: 608)
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (ID: 4944|ParentID: 4456|Gabriel)
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ID: 5076|ParentID: 4456|Gabriel)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (ID: 5096|ParentID: 4456|Gabriel)
C:\Program Files\Microsoft Security Client\NisSrv.exe (ID: 2548|ParentID: 608)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 4264|ParentID: 608)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4924|ParentID: 2168|Gabriel)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 5068|ParentID: 4924|Gabriel)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 2844|ParentID: 4924|Gabriel)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4936|ParentID: 4924|Gabriel)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 3136|ParentID: 608)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (ID: 4976|ParentID: 608)
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (ID: 6084|ParentID: 5076|Gabriel)
C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe (ID: 5804|ParentID: 5412|Gabriel)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 6020|ParentID: 4924|Gabriel)
C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.208\deploy\LoLLauncher.exe (ID: 4196|ParentID: 5804|Gabriel)
C:\Program Files\CCleaner\CCleaner64.exe (ID: 6016|ParentID: 2168|Gabriel)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 1128|ParentID: 4924|Gabriel)
C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.91\deploy\LolClient.exe (ID: 5916|ParentID: 4196|Gabriel)
C:\Windows\System32\audiodg.exe (ID: 744|ParentID: 480)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 2580|ParentID: 4924|Gabriel)
C:\Windows\SysWOW64\ctfmon.exe (ID: 3324|ParentID: 5096|Gabriel)
C:\Windows\System32\notepad.exe (ID: 5372|ParentID: 2168|Gabriel)
C:\UsbFix\UsbFix.exe (ID: 4516|ParentID: 1580|Gabriel)

################## | Autorun |

################## | Regedit Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [Akamai NetSession Interface] "C:\Users\Gabriel\AppData\Local\Akamai\netsession_win.exe"
04 - HKCU\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKCU\..\Run : [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
04 - HKCU\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKCU\..\Run : [ContentExplorer] "C:\Users\Gabriel\AppData\Roaming\ContentExplorer\ContentExplorer.exe"
04 - HKLM\..\Run : [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKLM\..\Run : [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
04 - [x64] HKLM\..\Run : [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
04 - [x64] HKLM\..\Run : [IgfxTray] "C:\windows\system32\igfxtray.exe"
04 - [x64] HKLM\..\Run : [HotKeysCmds] "C:\windows\system32\hkcmd.exe"
04 - [x64] HKLM\..\Run : [Persistence] "C:\windows\system32\igfxpers.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2924916565-3289012172-3205738302-1000\..\Run : [Akamai NetSession Interface] "C:\Users\Gabriel\AppData\Local\Akamai\netsession_win.exe"
04 - HKU\S-1-5-21-2924916565-3289012172-3205738302-1000\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-21-2924916565-3289012172-3205738302-1000\..\Run : [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
04 - HKU\S-1-5-21-2924916565-3289012172-3205738302-1000\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-2924916565-3289012172-3205738302-1000\..\Run : [ContentExplorer] "C:\Users\Gabriel\AppData\Roaming\ContentExplorer\ContentExplorer.exe"
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

################## | Procura genérica |

################## | Registro |

################## | E.O.F | [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] | [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] |

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Gabriel at 23/05/2014 22:15:44
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 14s)
Reparação de atalhos do navegador

========== Softwares ==========
AUSENTE Uninstall Process: c:\users\gabriel\appdata\roaming\contentexplorer\uninstall.exe

========== Processo memória ==========
ELIMINÉ: Memory Process: C:\ProgramData\Avg_Update_0414b\0414b_AVG-Secure-Search-Update.exe

========== Chaves do Registo ==========
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\360Safe
ELIMINÉ:³ HKLM\Software\Wow6432Node\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu_Drp_pos
ELIMINÉ CLSID MPSK: {7089ae84-ba70-11e1-96cb-c89cdc4d2b3c}
ELIMINÉ CLSID MPSK: {cef9a0fe-6feb-11e2-b2f8-c89cdc4d2b3c}
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASAPI32
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\appbario2AutoUpdateHelper_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\appbario2AutoUpdateHelper_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentSetup_2-KFRPtAWP-1__RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentSetup_2-KFRPtAWP-1__RASMANCS
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
ELIMINÉ: HKCU\Software\IObit Apps
ELIMINÉ: HKCU\Software\AppDataLow\Software\IObit Apps
ELIMINÉ: HKLM\Software\Wow6432Node\IObit Apps
ELIMINÉ: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\eSafeSvc

========== Valores do Registo ==========
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Elementos dos dados do Registo ==========
ELIMINÉ: R1 Search Page =

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ Temporários windows (126) (1.999.911 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: 0414bUpdateInfo
ELIMINÉ: {64A07B45-7E50-469F-BFEC-135EB13B25B5}
ELIMINÉ: {83227FA6-306E-466E-88CB-7967D73E8CEC}
ELIMINÉ: {A19C5FA5-728F-4881-BAAD-7B9A61504542}
ELIMINÉ: {AB95EBF2-48AF-4BBC-9690-813A7F354EC3}
ELIMINÉ: {B9E4848D-FD36-4AF4-BF88-43FE9D6C146F}
ELIMINÉ: {D1A7E623-D540-452C-8E3F-95D40C318DA6}
ELIMINÉ: {EAAE6CBB-C077-48CC-B451-B710BECEBD30}

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Recapitulativo ==========
1 : Processo memória
20 : Chaves do Registo
6 : Valores do Registo
1 : Elementos dos dados do Registo
1 : Pastas
2 : Ficheiros
1 : Softwares
8 : Tarefa planificada
1 : Restauração Sistema

End of clean in 02mn 40s

========== Caminho do ficheiro do relatório ==========
C:\Users\Gabriel\AppData\Roaming\ZHP\ZHPFix[R1].txt - 23/05/2014 22:15:58 [3495]

por **Power Max** Sex 23 maio 2014, 22:50

Abra novamente o ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

por gabrieldeftyu Sex 23 maio 2014, 22:58

~ Relatório do ZHPDiag v2014.5.23.72 - Nicolas Coolman (23/05/2014)
~ Iniciado por Gabriel (23/05/2014 22:52:52)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user

---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17107
GCIE: Google Chrome v35.0.1916.114 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
avast! Free Antivirus v9.0.2018
Microsoft Security Client v4.5.0216.0
SUPERAntiSpyware v5.7.1018
Windows Defender W7 (Deactivate)

---\\ Softwares d'optimização do sistema
CCleaner v3.18

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Adobe Reader X

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 6050 MB (52% free)
System Restore: Activé (Enable)
System drive C: has 460 GB (65%) free of 699 GB

---\\ Modo de conexão ao sistema
~ Computer Name: GABRIEL-MEGA
~ User Name: Gabriel
~ All Users Names: Marcelo, HomeGroupUser$, Gabriel, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Gabriel\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Gabriel\AppData\Roaming\
~ %Desktop% : C:\Users\Gabriel\Desktop\
~ %Favorites% : C:\Users\Gabriel\Favorites\
~ %LocalAppData% : C:\Users\Gabriel\AppData\Local\
~ %StartMenu% : C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 460 Go of 699 Go)
D: CD-ROM drive (Not Inserted)
E: Floppy drive, Flash card reader, USB Key (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: CD-ROM drive (Free 0 Go of 3 Go)
K: CD-ROM drive (Free 0 Go of 4 Go)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)

---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s

---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.11/05/2011 - 17:04:55.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.F220BA78AB542C70211D73AE4729B2CD] - (.Microsoft Corporation - Internet Extensions para Win32.) (.06/03/2014 - 03:22:40.) -- C:\Windows\System32\wininet.dll [2260480]
[MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.04/03/2014 - 06:43:50.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.27/09/2013 - 22:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/06/2011 - 16:35:30.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s

---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/1563
~ Mes musiques (My Musics) : 1/204
~ Mes Videos (My Videos) : 1/268
~ Mes Favoris (My Favorites) : 1/20
~ Mes Documents (My Documents) : 2/1432
~ Mon Bureau (My Desktop) : 1/924
~ Menu demarrer (Programs) : 1/37
~ Hidden Files: Scanned in 00mn 05s

---\\ Processos lançados
[MD5.094A47AB1D4966C8CD318AD7EB1521A6] - (.SlimWare Utilities, Inc. - SlimDrivers.) -- C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [29395264] [PID.2088]
[MD5.8E13CA0B48A1298F46F8739B95DBE4BF] - (.IObit - Advanced SystemCare 7 Monitor.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe [781600] [PID.2144]
[MD5.2F0DEB0C6413D9DEABFD95A950A422CD] - (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736] [PID.3788]
[MD5.CC78200C3ECFFA178E78308A0E160D80] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Gabriel\AppData\Local\Akamai\netsession_win.exe [4672920] [PID.3864]
[MD5.127687F1D171D0820D02851A9FA62525] - (.IObit - Advanced SystemCare 7.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2295584] [PID.1632]
[MD5.9D4A0ECBF734E2EECDD5B473A2D705FE] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016] [PID.2348]
[MD5.995BEB69AE5C50D354894354F5A6CD5A] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296] [PID.5076]
[MD5.3E364978E4C74D3BCEA29FB41743CB5A] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704] [PID.5096]
[MD5.E1631396823E6E55F0B31FDCBE959901] - (.Sun Microsystems, Inc. - Java(TM) Update Checker.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe [505736] [PID.6084]
[MD5.A34A745F55F26AE60A9FDB2027DC0BC0] - (.No owner - PVP.net Patcher Kernel.) -- C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe [1300376] [PID.5804]
[MD5.DF152CB41DA68342D29A550A0DE7CEEB] - (.No owner - PVP.net Patcher.) -- C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.208\deploy\LoLLauncher.exe [5464568] [PID.4196]
[MD5.5B93A9C1BB894EFA4D6429EEADA5007C] - (...) -- C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.91\deploy\LolClient.exe [74752] [PID.5916]
[MD5.1620FE36666F4BBC2314B7F360FB1965] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488] [PID.4908]
[MD5.2BE28172DB7CB4C3AB8AC061D5420316] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7877120] [PID.4532]
[MD5.6C856C581ACE1785CE3FC2414E9859A3] - (.IObit - Advanced SystemCare Service.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881952] [PID.816]
[MD5.DAAA237C34A506EF56D44A56EA039CC0] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe [452968] [PID.888]
[MD5.37D17AE2936867F88EB3C4CBCBC6B8A1] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1440]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1852]
[MD5.0B6A8BCF9C515543526FE9D170FEFA08] - (.No owner - UPSmart Module.) -- C:\Program Files (x86)\AOne\Keyboard Driver\UPServ.exe [106496] [PID.1988]
[MD5.6EEE29D055D14F84BEBDD71FA593E060] - (.Banco Bradesco S.A. - scpVista.) -- C:\Program Files (x86)\Scpad\scpVista.exe [368544] [PID.1276]
[MD5.E4C70E1D322B547F84109926A23A0D41] - (.No owner - Keyboard Driver.) -- C:\Program Files (x86)\AOne\Keyboard Driver\KMonitor.exe [190784] [PID.2216]
[MD5.39B1D0A636A400304565D4521FAD6D77] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [207528] [PID.2676]
[MD5.77C5A741A7452812F278EF2C18478862] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [523944] [PID.3436]
[MD5.FD557A50A65E44041CD2FCEF4BEB04DB] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822504] [PID.3108]
[MD5.2ED1786B7542CDA261029F6B526EDF44] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [325656] [PID.4264]
[MD5.7E5E1603D0FF2D240AE70295C5C3FEFC] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2656280] [PID.4976]
~ Processes Running: Scanned in 00mn 02s

---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 12 Legitimates Filtered in 00mn 01s

---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\3ui33zkn.default\prefs.js
C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\za40s3r6.default-1395593929366\prefs.js
M3 - MFPP: Plugins - [Gabriel] -- C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\3ui33zkn.default\searchplugins\yahoo_ff.xml
M2 - MFEP: prefs.js [Gabriel - 3ui33zkn.default\ascsurfingprotection@iobit.com] [] Advanced SystemCare Surfing Protection v1.0 (..)
M2 - MFEP: prefs.js [Gabriel - za40s3r6.default-1395593929366\ascsurfingprotection@iobit.com] [] Advanced SystemCare Surfing Protection v1.0 (..)
~ Firefox Browser: 9 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

---\\ Browser Helper Objects do navegador (02)
O2 - BHO: CompSegIB [64Bits] - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Banco Bradesco S.A. - scpsssh2 Module.) -- C:\Program Files (x86)\Scpad\scpsssh2.dll
O2 - BHO: G-Buster Browser Defense CEF [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540003} . (.Caixa Economica Federal - Gbieh Module.) -- C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehcef.dll
O2 - BHO: (no name) [64Bits] - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} Chave orfã
~ BHO: 12 Legitimates Filtered in 00mn 00s

---\\ Barras do Internet Explorer (03))
O3 - Toolbar: (no name) - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Chave orfã
~ Toolbar: Scanned in 00mn 00s

---\\ Outras conexões do utilizador (04)
O4 - GS\Program [Marcelo]: BearShare.lnk . (...) -- C:\Program Files (x86)\BearShare Applications\BearShare\BearShare.exe (.not file.) =>PUP.BearShare
O4 - GS\Desktop [Marcelo]: BearShare.lnk . (...) -- C:\Program Files (x86)\BearShare Applications\BearShare\BearShare.exe (.not file.) =>PUP.BearShare
O4 - GS\Desktop [Gabriel]: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.) -- C:\Users\Gabriel\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
~ Global Startup: 3 Legitimates Filtered in 00mn 06s

---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Gabriel\AppData\Local\Akamai\netsession_win.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKCU\..\Run: [Advanced SystemCare 7] . (.IObit - Advanced SystemCare 7.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKLM\..\Wow6432Node\Run: [HDAudDeck] . (.VIA - VIA HD Audio CPL.) -- C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [LogMeIn Hamachi Ui] . (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2924916565-3289012172-3205738302-1000\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Gabriel\AppData\Local\Akamai\netsession_win.exe
O4 - HKUS\S-1-5-21-2924916565-3289012172-3205738302-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKUS\S-1-5-21-2924916565-3289012172-3205738302-1000\..\Run: [Advanced SystemCare 7] . (.IObit - Advanced SystemCare 7.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
O4 - HKUS\S-1-5-21-2924916565-3289012172-3205738302-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
~ Application: Scanned in 00mn 00s

---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains] http.aeriagames.com
O15 - Trusted Zone: [HKCU\...\Domains\www] *.caixa.gov.br
O15 - Trusted Zone: [HKCU\...\Domains] http.ogdev.net
O15 - Trusted Zone: [HKCU\...\Domains] http.sdo.com
~ IE Zone Confiance: Scanned in 00mn 00s

---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{251970AC-0194-4B9A-934E-5DE9409589A2}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\..\{251970AC-0194-4B9A-934E-5DE9409589A2}: DhcpNameServer = 192.168.30.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{251970AC-0194-4B9A-934E-5DE9409589A2}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{251970AC-0194-4B9A-934E-5DE9409589A2}: DhcpNameServer = 192.168.30.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{251970AC-0194-4B9A-934E-5DE9409589A2}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS2\Services\Tcpip\..\{251970AC-0194-4B9A-934E-5DE9409589A2}: DhcpNameServer = 192.168.30.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.30.2
~ Domain: Scanned in 00mn 00s

---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s

---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
O23 - Service: KBRestart (KBRestart) . (.No owner - UPSmart Module.) - C:\Program Files (x86)\AOne\Keyboard Driver\UPServ.exe
O23 - Service: scpVista (scpVista) . (.Banco Bradesco S.A. - scpVista.) - C:\Program Files (x86)\Scpad\scpVista.exe
~ Services: 17 Legitimates Filtered in 00mn 05s

---\\ Tarefas planificadas automaticamente (039)
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1066]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1070]
O39 - APT: - (..) -- C:\Windows\Tasks\SlimDrivers Startup.job [414]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\SlimDrivers Startup [414]
~ Scheduled Task: 18 Legitimates Filtered in 00mn 03s

---\\ Software instalados (042)
O42 - Logiciel: Dragon Nest Europe - (...) [HKLM][64Bits] -- Dragon Nest Europe
O42 - Logiciel: MegaProLib versão 1.0 - (.Megaware Industrial Ltda.) [HKLM][64Bits] -- {F922B4E6-04A5-464E-8C40-CB4887DEE0D4}_is1
O42 - Logiciel: Megareg versão 1.0.10 - (.Megaware Industrial LTDA.) [HKLM][64Bits] -- {A208472A-31B9-48D8-B2FC-E339134BB1DE}_is1
O42 - Logiciel: WiFi Protector - (.Optimal Software s.r.o.) [HKLM][64Bits] -- wifiProt-SL_is1
~ Logic: 9 Legitimates Filtered in 00mn 00s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\Font]
[HKCU\Software\IncrediMail]
[HKCU\Software\Mark J. Hadley]
[HKCU\Software\OnGame]
[HKCU\Software\Pando Networks]
[HKLM\Software\Wow6432Node\AOne]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Baidu Security]
[HKLM\Software\Wow6432Node\Level Up! Interactive]
[HKLM\Software\Wow6432Node\Ntreev]
[HKLM\Software\Wow6432Node\Pando Networks]
[HKLM\Software\Wow6432Node\RCBR]
[HKLM\Software\Wow6432Node\SDGi Europe]
[HKLM\Software\Wow6432Node\Space]
~ Key Software: 265 Legitimates Filtered in 00mn 00s

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 11/02/2012 - 11:17:55 - [] ----D C:\Program Files (x86)\AOne
O43 - CFD: 30/04/2014 - 23:04:47 - [] ----D C:\Program Files (x86)\MegaProLib
O43 - CFD: 26/07/2013 - 09:09:55 - [] ----D C:\Program Files (x86)\Megareg
O43 - CFD: 22/05/2014 - 20:52:09 - [] ----D C:\Program Files (x86)\Scpad
O43 - CFD: 09/11/2013 - 20:41:27 - [] ----D C:\Program Files (x86)\SDGi Europe
O43 - CFD: 22/05/2014 - 20:52:09 - [] ----D C:\Program Files (x86)\WiFi Protector
O43 - CFD: 02/05/2012 - 09:13:19 - [] ----D C:\ProgramData\levelup downloader
O43 - CFD: 22/05/2014 - 20:50:03 - [] ----D C:\Users\Gabriel\AppData\Roaming\ProductData
O43 - CFD: 24/01/2014 - 18:21:45 - [] ----D C:\Users\Gabriel\AppData\Roaming\rcru
O43 - CFD: 12/06/2012 - 22:25:39 - [] ----D C:\Users\Gabriel\AppData\Local\Ares
O43 - CFD: 01/02/2014 - 23:14:08 - [] ----D C:\Users\Gabriel\AppData\Local\EdgeOfReality
O43 - CFD: 02/05/2012 - 09:13:19 - [] ----D C:\Users\Gabriel\AppData\Local\Level Up!
O43 - CFD: 09/03/2013 - 13:46:46 - [0] ----D C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Global Games
O43 - CFD: 09/05/2014 - 00:13:10 - [] ----D C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GlobalGames
O43 - CFD: 09/11/2013 - 20:49:36 - [] ----D C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SDGi Europe
~ Program Folder: 200 Legitimates Filtered in 00mn 00s

---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.8E9E3CBA08EC47245B277110835CF305] - 22/05/2014 - 19:06:14 ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [38216]
O44 - LFC:[MD5.6DCD2E21E873BBC95C1B9483739B64EE] - 22/05/2014 - 19:06:17 ---A- . (...) -- C:\Windows\certutil.log [957]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 22/05/2014 - 22:06:33 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.D3EDD8322FFE311B131B5BA1B88AF7BB] - 22/05/2014 - 22:27:30 ---A- . (...) -- C:\zoek-results.log [40634]
O44 - LFC:[MD5.9CFEFD62D86DABFAC12D1C5ED72BA6A4] - 23/05/2014 - 19:03:38 ---A- . (...) -- C:\Windows\System32\Drivers\SWDUMon.sys [16152]
~ Files: 43 Legitimates Filtered in 00mn 42s

---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{25190dbf-76af-11e3-bc36-c89cdc4d2b3c}\AutoRun\command. (.Rockstar Games - Setup Launcher.) -- I:\setup.exe
O51 - MPSK:{32b4152c-0006-11e2-8b1d-c89cdc4d2b3c}\AutoRun\command. (.Rockstar Games - Setup Launcher.) -- I:\setup.exe
O51 - MPSK:{4fbd4430-c095-11e2-a2e0-c89cdc4d2b3c}\AutoRun\command. (.Rockstar Games - Setup Launcher.) -- I:\setup.exe
O51 - MPSK:{5283bb98-7784-11e3-97d5-c89cdc4d2b3c}\AutoRun\command. (.Electronic Arts Inc. - Spore Launcher.) -- K:\autorun.exe
~ Keys: Scanned in 00mn 02s

---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\RaidCall [Key] . (.RAIDCALL.COM - Raidcall.) -- C:\Program Files (x86)\RaidCall\raidcall.exe
~ SMSR Keys: 2 Legitimates Filtered in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s

---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:31/05/2012 - 21:21:04 R--A- . (.360.cn - 360HipsOEM.) -- C:\Windows\System32\Drivers\360FltOEM.sys [289952]
O58 - SDL:01/05/2014 - 18:20:26 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:01/05/2014 - 18:20:26 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:01/05/2014 - 18:20:26 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [208416] =>.ALWIL Software
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:23/05/2014 - 19:03:38 ---A- . (...) -- C:\Windows\System32\Drivers\SWDUMon.sys [16152]
O58 - SDL:09/04/2014 - 22:21:02 ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [38216]
O58 - SDL:30/11/2010 - 15:52:57 ---A- . (.OpenLibSys.org - WinRing0.) -- C:\Windows\System32\WinRing0.sys [14416]
O58 - SDL:30/11/2010 - 15:52:58 ---A- . (.OpenLibSys.org - WinRing0.) -- C:\Windows\System32\WinRing0x64.sys [14544]
O58 - SDL:04/10/2012 - 14:07:24 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpkm.sys [47720]
O58 - SDL:23/05/2014 - 19:02:42 ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpndisrd.sys [31088]
~ Drivers: 69 Legitimates Filtered in 00mn 26s

---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: UsbFix - (.El Desaparecido - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 01/05/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 01/05/2014 - C:\Windows\System32\Drivers\aswVmm.sys (aswVmm) .(...) - LEGACY_ASWVMM
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Legacy: 101 Legitimates Filtered in 00mn 00s

---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s

---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {80c554b9-c7f8-4a21-9471-06d606da78a2} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.28EE8AD53F3080F015BB2BB23302890E] [SPRF][09/05/2014] (.SUPERAntiSpyware - SUPERAntiSpyware Free Edition Setup.) -- C:\Users\Gabriel\Desktop\571-SUPERAntiSpyware.exe [17946224]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][27/04/2014] (...) -- C:\Users\Gabriel\Desktop\HoNLatinClient-3.2.6.2.exe [1980900840]
[MD5.605A171C61A0607BDCF6BE80ED07CF95] [SPRF][10/07/2012] (.AnjoCaido - Free launcher for Minecraft Alpha.) -- C:\Users\Gabriel\Desktop\Minecraft.exe [695296]
~ Files: 4 Legitimates Filtered in 00mn 00s

---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{F9F0A833-130F-4F30-9912-CC213176660B}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\Gabriel\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{7AC53F78-5963-4B30-9F8E-514CECE7BEEA}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\Gabriel\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 15s

---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "25BD30E1BC5D83343A835E62DDD4D41B" . (.Bing Bar.) -- C:\Windows\Installer\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}\icon_installer_ico =>Toolbar.Bing
~ Update Products: 1 Legitimates Filtered in 00mn 00s

---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32 =>Toolbar.Bing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent-32-build-27825-baixaki-32-bits-2192012111956_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent-32-build-27825-baixaki-32-bits-2192012111956_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent-Baixaki-32bit_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent-Baixaki-32bit_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
~ BTK: 373 Legitimates Filtered in 00mn 00s

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 13/05/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 17/04/2014 279024 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 26/05/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 26/05/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 04/05/2014 2152736 | (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
SS - | Demand 10/07/1658 0 | (npggsvc) . (.INCA Internet Co., Ltd..) - C:\windows\system32\GameMon.des
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 27/01/2014 571816 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SS - | Demand 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/10/2013 144152 | (!SASCORE) . (.SUPERAntiSpyware.com.) - C:\Program Files\SUPERAntiSpyware\SASCORE64.exe
SR - | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 14/01/2014 881952 | (AdvancedSystemCareService7) . (.IObit.) - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
SR - | Auto 01/05/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 11/01/2011 168448 | (EPSON_EB_RPCV4_04) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.exe
SR - | Auto 11/01/2011 131072 | (EPSON_PM_RPCV4_04) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.exe
SR - | Auto 16/10/2013 452968 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
SR - | Auto 13/05/2014 2228048 | (Hamachi2Svc) . (.LogMeIn Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
SR - | Auto 20/01/2012 106496 | (KBRestart) . (...) - C:\Program Files (x86)\AOne\Keyboard Driver\UPServ.exe
SR - | Auto 15/04/2014 377616 | (LMIGuardianSvc) . (.LogMeIn, Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
SR - | Auto 20/12/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 11/03/2014 23808 | (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 05/08/2011 368544 | (scpVista) . (.Banco Bradesco S.A..) - C:\Program Files (x86)\Scpad\scpVista.exe
SR - | Auto 20/12/2010 2656280 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 14/12/2010 27760 | (VIAKaraokeService) . (.VIA Technologies, Inc..) - C:\Windows\System32\viakaraokesrv.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Demand 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 07s

---\\ Scâner Aditional (088)
Database Version : 13029 - (23/05/2014)
Clés trouvées (Keys found) : 7
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Bing
[HKLM\Software\Classes\Installer\Products\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\Classes\Installer\Products\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Bing
~ Additionnel Scan: 272802 Items scanned in 00mn 45s

---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.BearShare
~ MSI: 1 link(s) detected in 00mn 00s

~ 875 Legitimates filtered by white list
End of the scan (531 lines in 03mn 05s)(0)

por **Power Max** Sex 23 maio 2014, 23:19

Continuam iniciando os mesmos programas junto com o Windows. Seria bom seguir aquele tutorial que te passei para desativar programas desnecessários da inicialização para deixar o PC mais rápido.
______________________________________________________________________________________________________

Certificado de segurança CE_UmbrellaCert 772309

Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

Certificado de segurança CE_UmbrellaCert 772309

Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta e nos diga como está seu PC depois disto.

por gabrieldeftyu Sex 23 maio 2014, 23:51

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Gabriel at 23/05/2014 23:49:23
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 05s)
Reparação de atalhos do navegador

========== Chaves do Registo ==========
ELIMINÉ:³ HKLM\Software\Wow6432Node\Baidu Security

========== Valores do Registo ==========
ELIMINÉ: Toolbar: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5}

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ Temporários windows (3) (25.096 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Recapitulativo ==========
1 : Chaves do Registo
1 : Valores do Registo
1 : Pastas
2 : Ficheiros
1 : Restauração Sistema

End of clean in 00mn 22s

========== Caminho do ficheiro do relatório ==========
C:\Users\Gabriel\AppData\Roaming\ZHP\ZHPFix[R1].txt - 23/05/2014 22:15:58 [3577]
C:\Users\Gabriel\AppData\Roaming\ZHP\ZHPFix[R2].txt - 23/05/2014 23:49:29 [1107]

por **Power Max** Sex 23 maio 2014, 23:57

Como está o PC?

por **Danii** Seg 09 Jun 2014, 09:58

TÓPICO ARQUIVADO

Como o autor não respondeu por mais de 15 dias, o tópico foi arquivado. Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.

por Conteúdo patrocinado

Certificado de segurança CE_UmbrellaCert

Certificado de segurança CE_UmbrellaCert

Re: Certificado de segurança CE_UmbrellaCert

isso ai...

Re: Certificado de segurança CE_UmbrellaCert

ta ai

Re: Certificado de segurança CE_UmbrellaCert

ta ai

Re: Certificado de segurança CE_UmbrellaCert

ta ai desculpa a demora

Re: Certificado de segurança CE_UmbrellaCert

esta aqui

Re: Certificado de segurança CE_UmbrellaCert

pronto

Re: Certificado de segurança CE_UmbrellaCert

ta ai

Re: Certificado de segurança CE_UmbrellaCert

Re: Certificado de segurança CE_UmbrellaCert

Re: Certificado de segurança CE_UmbrellaCert

Seg	Ter	Qua	Qui	Sex	Sáb	Dom
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31