PC muito lento preciso de uma análise e limpeza completa! Me ajuda!

Me digam ai os programas que mando os relatórios bem rápido pra análise

  Olá.

Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

~ Relatório do ZHPDiag v2014.5.24.73 - Nicolas Coolman (24/05/2014)
~ Iniciado por Família Lino (28/05/2014 22:20:49)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17107
MFIE: Mozilla Firefox 28.0
GCIE: Google Chrome v35.0.1916.114 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Starter, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK

---\\ Softwares de proteçao do sistema
Computer Security 12.77.101.0
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Adobe Reader 9.5.4 - Português
Java 7 Update 60

---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 28 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2037 MB (40% free)
System Restore: Activé (Enable)
System drive C: has 182 GB (61%) free of 293 GB

---\\ Modo de conexão ao sistema
~ Computer Name: FAMÍLIALINO-WIN
~ User Name: Família Lino
~ All Users Names: Família Lino, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Família Lino\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Família Lino\AppData\Roaming\
~ %Desktop% : C:\Users\Família Lino\Desktop\
~ %Favorites% : C:\Users\Família Lino\Favorites\
~ %LocalAppData% : C:\Users\Família Lino\AppData\Local\
~ %StartMenu% : C:\Users\Família Lino\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 182 Go of 293 Go)
D: Hard drive, Flash drive, Thumb drive (Free 1 Go of 5 Go)
E: CD-ROM drive (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Estado do Centro de Segurança do Windows
~ Security Center: 38 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 02:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.E4E829EE073E046B0EB19B5FECB19B8C] - (.Microsoft Corporation - Internet Extensions para Win32.) (.06/03/2014 - 02:41:49.) -- C:\Windows\System32\wininet.dll [1789440]
[MD5.998507B046BA314CE8245364C686FA67] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.04/03/2014 - 06:17:02.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 09:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/09/2013 - 21:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 05:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 05:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 06:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 05:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 05:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 09:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 01s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/6271
~ Mes musiques (My Musics) : 1/36
~ Mes Favoris (My Favorites) : 1/44
~ Mes Documents (My Documents) : 3/17
~ Mon Bureau (My Desktop) : 17/87
~ Menu demarrer (Programs) : 1/26
~ Hidden Files: Scanned in 00mn 11s



---\\ Processos lançados
[MD5.EBF0A311429601130833E8BF0CDC1167] - (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7866912] [PID.3312]
[MD5.7C5E49CEF394360F408AB400D2E7422E] - (.NewSoft - Monitor Application.) -- C:\Program Files\NewSoft\Presto! PVR\Monitor.exe [157520] [PID.3352]
[MD5.3CB07566302BCEEB898DE270A0BEC175] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352] [PID.3388]
[MD5.0BA966FD5349BDF9895F40C045A7C7EC] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [141848] [PID.3416]
[MD5.13B671D7253F29DA148569288CECF74B] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [173592] [PID.3432]
[MD5.052F402E557C9EC01B188AD56E336029] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [150552] [PID.3440]
[MD5.A0F2C92F410EBAE832DFE507C7E4D6FA] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\GVT\fshoster32.exe [188400] [PID.1780]
[MD5.FBAF93425D4B5A6C48ABB5B7F81088CD] - (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files\GVT\apps\ComputerSecurity\Common\FSM32.exe [201128] [PID.3516]
[MD5.2B3DB9C9D7E206CFCF3E327709BEF3AD] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [252952] [PID.3792]
[MD5.F8DB6AC90299677BEB828AC959D1C1BB] - (.Sunrex - Caps Lock | Num Lock | Scroll Lock State.) -- C:\Program Files\Keyboard status\Key_status.exe [412672] [PID.2592]
[MD5.1620FE36666F4BBC2314B7F360FB1965] - (.Google Inc. - Google Chrome.) -- C:\Users\Família Lino\AppData\Local\Google\Chrome\Application\chrome.exe [860488] [PID.4480]
[MD5.4FDF8F99557B275A3B5BF797761C7504] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7879168] [PID.5448]
~ Processes Running: Scanned in 00mn 02s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Família Lino\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [ifohbjbgfchkkfhphahclmkpgejiplfo] Lightning Newtab v.1.1.8.4, (Désactivé) =>PUP.Elex
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [ogfjmhfnldnajmfaofeiaepghjenbgjo] Extended Protection v.1.4.1 (Désactivé) =>PUP.ExtendedProtection

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 18 Legitimates Filtered in 00mn 26s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\Família Lino\AppData\Roaming\Mozilla\Firefox\Profiles\blu81imq.default\prefs.js
C:\Users\Família Lino\AppData\Roaming\Mozilla\Firefox\Profiles\blu81imq.default\user.js
M3 - MFPP: Plugins - [Família Lino] -- C:\Users\Família Lino\AppData\Roaming\Mozilla\Firefox\Profiles\blu81imq.default\searchplugins\bingp.xml
M0 - MFSP: prefs.js [Família Lino - blu81imq.default] [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.DeltaSearch
~ Firefox Browser: 15 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.DeltaSearch
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.DeltaSearch
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.DeltaSearch
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.DeltaSearch
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.DeltaSearch
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.DeltaSearch
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.DeltaSearch
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.DeltaSearch
~ IE Browser: 13 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Banco Bradesco S.A. - scpsssh2 Module.) -- C:\Program Files\Scpad\scpsssh2.dll
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} . (.Thinknice Co. Limited - SupTab setup package.) -- C:\Program Files\SupTab\SupTab.dll =>PUP.SupTab
~ BHO: 16 Legitimates Filtered in 00mn 00s



---\\ Barras do Internet Explorer (03))
O3 - Toolbar: Browsing Protection Toolbar - [HKLM]{265EEE8E-3228-44D3-AEA5-F7FDF5860049} . (.F-Secure Corporation - Litmus.) -- C:\Program Files\GVT\apps\ComputerSecurity\NRS\iescript\baselitmus.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Chave orfã
~ Toolbar: Scanned in 00mn 00s



---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.PortaldoSites
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.PortaldoSites
O4 - GS\QuickLaunch [Família Lino]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.PortaldoSites
O4 - GS\TaskBar [Família Lino]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.PortaldoSites
O4 - GS\Program [Família Lino]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.PortaldoSites
O4 - GS\SystemTools [Família Lino]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.PortaldoSites
O4 - GS\Desktop [Família Lino]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Família Lino\AppData\Local\Google\Chrome\Application\chrome.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.PortaldoSites
~ Global Startup: 7 Legitimates Filtered in 00mn 04s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [ChangeFilterMerit] . (.NewSoft - ChangeFilterMerit.) -- C:\Program Files\NewSoft\Presto! PVR\ChangeFilterMerit.exe
O4 - HKLM\..\Run: [Presto! PVR Monitor] . (.NewSoft - Monitor Application.) -- C:\Program Files\NewSoft\Presto! PVR\Monitor.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [F-Secure Hoster (51855)] . (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\GVT\fshoster32.exe
O4 - HKLM\..\Run: [F-Secure Manager] . (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files\GVT\apps\ComputerSecurity\Common\FSM32.exe
O4 - HKLM\..\Run: [F-Secure TNB] . (.F-Secure Corporation - TNBUtil.) -- C:\Program Files\GVT\apps\ComputerSecurity\FSGUI\TNBUtil.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Família Lino\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Família Lino\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [ares] C:\Program Files\Ares\Ares.exe (.not file.)
O4 - HKCU\..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (.not file.) =>P2P.µTorrent
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2830624172-2399402248-2096154357-1000\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Família Lino\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-2830624172-2399402248-2096154357-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Família Lino\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-2830624172-2399402248-2096154357-1000\..\Run: [ares] C:\Program Files\Ares\Ares.exe (.not file.)
O4 - HKUS\S-1-5-21-2830624172-2399402248-2096154357-1000\..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (.not file.) =>P2P.µTorrent
O4 - HKUS\S-1-5-21-2830624172-2399402248-2096154357-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
~ Application: Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{5BEA1A94-BA0D-44BC-AC5A-EDF4D18EB299}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{E80B00F9-D45A-4B66-AF79-F187974F51EE}: DhcpNameServer = 192.168.25.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{5BEA1A94-BA0D-44BC-AC5A-EDF4D18EB299}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{E80B00F9-D45A-4B66-AF79-F187974F51EE}: DhcpNameServer = 192.168.25.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{5BEA1A94-BA0D-44BC-AC5A-EDF4D18EB299}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{E80B00F9-D45A-4B66-AF79-F187974F51EE}: DhcpNameServer = 192.168.25.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Chave do Registo autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} . (.Banco Bradesco S.A. - scpIBLoad Module.) -- C:\Program Files\Scpad\scpLIB.dll
~ SSODL: 2 Legitimates Filtered in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: scpVista (scpVista) . (.Banco Bradesco S.A. - scpVista.) - C:\Program Files\Scpad\scpVista.exe
O23 - Service: WinZiper service (winzipersvc) . (.Taiwan Shui Mu Chih Ching Technology Limite - dsk service.) - C:\Program Files\WinZipper\winzipersvc.exe
O23 - Service: Wpm Service (Wpm) . (.Cherished Technololgy LIMITED - WPM Service.) - C:\ProgramData\WPM\wprotectmanager.exe =>PUP.WpManager
~ Services: 7 Legitimates Filtered in 01mn 38s



---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [DealPly] (...) -- C:\Users\Família Lino\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>PUP.DealPly
[MD5.95763B263F01DBBCAE1E03C64FD6D9FA] [APT] [Desk 365 RunAsStdUser] (.337 Technology Limited..) -- C:\Program Files\Desk 365\desk365.exe [895568] =>Hijacker.22Find
[MD5.00000000000000000000000000000000] [APT] [{0D2389D1-2A66-47B7-8394-0D39D4CD0881}] (...) -- C:\Users\Família Lino\Downloads\Brawl Busters Downloader.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{349AE1AE-5107-4650-A1AD-D1276FC915BE}] (...) -- C:\Program Files\Ares\Ares.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{481FC735-EE18-4011-A8A8-991AF42F905E}] (...) -- C:\Program Files\Ares\Ares.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{8841C443-54F2-41E3-9121-598F90E13DDC}] (...) -- C:\Program Files\Ares\Ares.exe (.not file.) [0]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2830624172-2399402248-2096154357-1000Core [934]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2830624172-2399402248-2096154357-1000UA [956]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2830624172-2399402248-2096154357-1000Core [1054]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2830624172-2399402248-2096154357-1000UA [1106]
~ Scheduled Task: 17 Legitimates Filtered in 00mn 07s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (fsvista) . (...) - C:\Program Files\GVT\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys
O41 - Driver: (iSafeKrnlKit) . (. - .) - C:\Program Files\iSafe\iSafeKrnlKit.sys (.not file.) =>Trojan.Staser
O41 - Driver: (iSafeNetFilter) . (. - .) - C:\Program Files\iSafe\iSafeNetFilter.sys (.not file.) =>Trojan.Staser
~ Drivers: 74 Legitimates Filtered in 00mn 02s



---\\ Software instalados (042)
O42 - Logiciel: Keyboard status - (...) [HKLM] -- Keyboard status Setup V.1.0_is1
O42 - Logiciel: Protect Total - (...) [HKLM] -- F-Secure Product 444
O42 - Logiciel: SupTab - (...) [HKLM] -- SupTab =>PUP.SupTab
O42 - Logiciel: TpsCap - (.Tps.) [HKLM] -- {46B59C73-99D7-4B23-A0F8-421E418E6794}
~ Logic: 17 Legitimates Filtered in 00mn 02s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Baidu Security]
[HKCU\Software\BitComet] =>P2P.BitComet
[HKCU\Software\Fazen]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\KeyBoard_status]
[HKCU\Software\Ntreev]
[HKCU\Software\V9]
[HKLM\Software\Babylon] =>PUP.Babylon
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\DNUA]
[HKLM\Software\Level Up! Interactive]
[HKLM\Software\Ntreev]
[HKLM\Software\V9]
[HKLM\Software\Wpm] =>PUP.WpManager
[HKLM\Software\deskSvc] =>Hijacker.22Find
[HKLM\Software\iSafe] =>Trojan.Staser
[HKLM\Software\supTab] =>PUP.SupTab
[HKLM\Software\supWPM] =>PUP.WpManager
~ Key Software: 224 Legitimates Filtered in 00mn 02s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 11/05/2013 - 11:32:40 - [] ----D C:\Program Files\Baidu Security
O43 - CFD: 10/08/2012 - 19:23:16 - [] ----D C:\Program Files\Conduit
O43 - CFD: 14/05/2013 - 14:50:21 - [] ----D C:\Program Files\Desk 365 =>Hijacker.22Find
O43 - CFD: 23/05/2013 - 19:23:23 - [0] ----D C:\Program Files\FindLyrics =>Adware.AddLyrics
O43 - CFD: 24/12/2013 - 18:58:38 - [] ----D C:\Program Files\GVT
O43 - CFD: 20/05/2010 - 00:07:30 - [] ----D C:\Program Files\Keyboard status
O43 - CFD: 11/10/2012 - 20:06:39 - [] ----D C:\Program Files\Scpad
O43 - CFD: 11/04/2014 - 06:56:10 - [] ----D C:\Program Files\SupTab =>PUP.SupTab
O43 - CFD: 11/05/2013 - 11:34:12 - [] ----D C:\Program Files\Common Files\337 =>Hijacker.22Find
O43 - CFD: 11/08/2012 - 15:39:47 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 11/05/2013 - 11:34:55 - [] ----D C:\ProgramData\Baidu Security
O43 - CFD: 07/01/2014 - 08:02:32 - [] ----D C:\ProgramData\eSafe =>PUP.eSafeSecurity
O43 - CFD: 28/05/2014 - 21:22:14 - [0] ----D C:\ProgramData\IePluginService =>Trojan.SProtector
O43 - CFD: 09/05/2014 - 08:45:13 - [] ----D C:\ProgramData\WPM =>PUP.WpManager
O43 - CFD: 11/08/2012 - 15:39:47 - [] ----D C:\Users\Família Lino\AppData\Roaming\Babylon =>PUP.Babylon
O43 - CFD: 11/05/2013 - 11:31:06 - [] ----D C:\Users\Família Lino\AppData\Roaming\Baidu Security
O43 - CFD: 05/03/2013 - 23:36:16 - [] ----D C:\Users\Família Lino\AppData\Roaming\BitComet =>P2P.BitComet
O43 - CFD: 29/05/2013 - 06:56:32 - [] ----D C:\Users\Família Lino\AppData\Roaming\DealPly =>PUP.DealPly
O43 - CFD: 29/05/2013 - 06:51:37 - [] ----D C:\Users\Família Lino\AppData\Roaming\eIntaller
O43 - CFD: 28/05/2014 - 21:28:34 - [] ----D C:\Users\Família Lino\AppData\Roaming\iSafe =>Trojan.Staser
O43 - CFD: 26/02/2014 - 21:49:58 - [] ----D C:\Users\Família Lino\AppData\Roaming\SupTab =>PUP.SupTab
O43 - CFD: 01/04/2012 - 13:03:27 - [] ----D C:\Users\Família Lino\AppData\Local\Ares
O43 - CFD: 07/08/2013 - 08:32:16 - [0] ----D C:\Users\Família Lino\AppData\Local\Conduit
~ 805 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 1020 Legitimates Filtered in 00mn 44s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.A797416AFE14ED3FF71BF29F646AFF55] - 28/05/2014 - 10:13:43 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [153664]
O44 - LFC:[MD5.97D1A240E93665E21EB8397B182F59F4] - 28/05/2014 - 10:13:43 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [718770]
O44 - LFC:[MD5.6FC811B666222D338AE59F43D9F5A46D] - 28/05/2014 - 22:24:32 ---A- . (...) -- C:\Windows\ih8.config.xml.log [876690489]
~ Files: 47 Legitimates Filtered in 02mn 02s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{f5e2d9df-e3d7-11e1-8db9-00e04c0afefa}\AutoRun\command. (...) -- F:\Setup.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:28/04/2014 - 18:43:10 ---A- . (...) -- C:\Windows\System32\Drivers\fsbts.sys [44240]
O58 - SDL:13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:24/02/2012 - 06:14:42 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [80824]
O58 - SDL:24/02/2012 - 06:14:42 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [181432]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 79 Legitimates Filtered in 00mn 09s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- c:\program files\mozilla firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- c:\users\família lino\appdata\local\google\chrome\application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- c:\program files\internet explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] EA1E7993702E4E8689F551E1FEE4BC0F - (Search the web (Babylon)) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Babylon
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (delta-homes) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.DeltaSearch
~ Keys: Scanned in 00mn 00s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\BitComet_RASAPI32 =>P2P.BitComet
HKLM\SOFTWARE\Microsoft\Tracing\BitComet_RASMANCS =>P2P.BitComet
HKLM\SOFTWARE\Microsoft\Tracing\MyBabylonTB_RASAPI32 =>PUP.Babylon
HKLM\SOFTWARE\Microsoft\Tracing\MyBabylonTB_RASMANCS =>PUP.Babylon
HKLM\SOFTWARE\Microsoft\Tracing\utorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\utorrent_RASMANCS =>P2P.µTorrent
~ BTK: 208 Legitimates Filtered in 00mn 01s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 14/05/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 24/05/2012 276288 | (cphs) . (.Intel Corporation.) - C:\Windows\System32\IntelCpHeciSvc.exe
SS - | Demand 28/04/2014 60352 | (FSORSPClient) . (.F-Secure Corporation.) - C:\Program Files\GVT\apps\ComputerSecurity\ORSP Client\fsorsp.exe
SS - | Demand 26/04/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 20/01/2013 5017816 | (npggsvc) . (.INCA Internet Co., Ltd..) - C:\Windows\system32\GameMon.des
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 18/11/2009 221608 | (F-Secure Gatekeeper Handler Starter) . (.F-Secure Corporation.) - C:\Program Files\GVT\apps\ComputerSecurity\Anti-Virus\fsgk32st.exe
SR - | Demand 18/11/2009 524712 | (FSDFWD) . (.F-Secure Corporation.) - C:\Program Files\GVT\apps\ComputerSecurity\FWES\Program\fsdfwd.exe
SR - | Auto 18/01/2013 188400 | (fshoster) . (.F-Secure Corporation.) - C:\Program Files\GVT\fshoster32.exe
SR - | Auto 18/11/2009 188840 | (FSMA) . (.F-Secure Corporation.) - C:\Program Files\GVT\apps\ComputerSecurity\Common\FSMA32.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 05/08/2011 368544 | (scpVista) . (.Banco Bradesco S.A..) - C:\Program Files\Scpad\scpVista.exe
SR - | Auto 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 26/02/2014 425104 | (winzipersvc) . (.Taiwan Shui Mu Chih Ching Technology Limite.) - C:\Program Files\WinZipper\winzipersvc.exe
SR - | Auto 09/05/2014 549008 | (Wpm) . (.Cherished Technololgy LIMITED.) - C:\ProgramData\WPM\wprotectmanager.exe =>PUP.WpManager
SR - | Auto 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 35s



---\\ Scâner Aditional (088)
Database Version : 13029 - (24/05/2014)
Clés trouvées (Keys found) : 19
Valeurs trouvées (Values found) : 8
Dossiers trouvés (Folders found) : 21
Fichiers trouvés (Files found) : 17

[HKLM\Software\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo] =>PUP.Elex^
[HKLM\Software\Google\Chrome\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo] =>PUP.ExtendedProtection^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] =>PUP.SupTab^
[HKLM\SYSTEM\CurrentControlSet\Services\Wpm] =>PUP.WpManager^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SupTab] =>PUP.SupTab^
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}] =>Adware.iWinArcade
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Microsoft\Tracing\MyBabylontb_RASAPI32] =>PUP.Babylon
[HKLM\Software\Microsoft\Tracing\MyBabylontb_RASMANCS] =>PUP.Babylon
[HKLM\Software\Classes\Prod.cap] =>PUP.Babylon
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\desksvc] =>Hijacker.22find
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\eSafeSvc] =>PUP.eSafeSecurity
[HKLM\Software\portaldositesSoftware] =>Hijacker.PortaldoSites
[HKLM\Software\delta-homesSoftware] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\Toolbar.CT2851643] =>Toolbar.Conduit
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.µTorrent^
C:\Users\Família Lino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo =>PUP.Elex^
C:\Users\Família Lino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo =>PUP.ExtendedProtection^
C:\Program Files\Desk 365 =>Hijacker.22Find^
C:\Program Files\FindLyrics =>Adware.AddLyrics^
C:\Program Files\SupTab =>PUP.SupTab^
C:\Program Files\Common Files\337 =>Hijacker.22Find^
C:\ProgramData\Babylon =>PUP.Babylon^
C:\ProgramData\eSafe =>PUP.eSafeSecurity^
C:\ProgramData\IePluginService =>Trojan.SProtector^
C:\ProgramData\WPM =>PUP.WpManager^
C:\Users\Família Lino\AppData\Roaming\Babylon =>PUP.Babylon^
C:\Users\Família Lino\AppData\Roaming\BitComet =>P2P.BitComet^
C:\Users\Família Lino\AppData\Roaming\DealPly =>PUP.DealPly^
C:\Users\Família Lino\AppData\Roaming\iSafe =>Trojan.Staser^
C:\Users\Família Lino\AppData\Roaming\SupTab =>PUP.SupTab^
C:\Program Files\Conduit =>Toolbar.Conduit
C:\Users\Família Lino\AppData\Roaming\eIntaller =>PUP.eSafeSecurity
C:\Users\Família Lino\AppData\Local\Conduit =>Toolbar.Conduit
C:\Users\Família Lino\AppData\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\Família Lino\AppData\Local\Temp\Installer =>Adware.InstallPedia
C:\Users\Família Lino\AppData\Local\Temp\Desk365 =>Hijacker.22find
C:\Program Files\Desk 365\desk365.exe =>Hijacker.22Find^
[HKCU\Software\BitComet] =>P2P.BitComet^
[HKLM\Software\Babylon] =>PUP.Babylon^
[HKLM\Software\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Wpm] =>PUP.WpManager^
[HKLM\Software\deskSvc] =>Hijacker.22Find^
[HKLM\Software\iSafe] =>Trojan.Staser^
[HKLM\Software\supTab] =>PUP.SupTab^
[HKLM\Software\supWPM] =>PUP.WpManager^
C:\Users\Família Lino\AppData\Local\Temp\crtE90B.tmp.exe =>Toolbar.Conduit
C:\Users\Família Lino\AppData\Local\Temp\iet2AAA.tmp.exe =>Toolbar.Conduit
C:\Users\Família Lino\AppData\Local\Temp\tbedrs.dll =>Toolbar.Conduit
C:\Users\Família Lino\AppData\Local\Temp\tbuTor.dll =>Toolbar.Conduit
~ Additionnel Scan: 306075 Items scanned in 03mn 08s



---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Elex
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.ExtendedProtection
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.DeltaSearch
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SupTab
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.PortaldoSites
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.WpManager
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.DealPly
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.22Find
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.Staser
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.InstallCore
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Babylon
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.Conduit
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.AddLyrics
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.eSafeSecurity
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.SProtector
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.V9Software
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.iWinArcade
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.InstallPedia
~ MSI: 18 link(s) detected in 00mn 00s



~ 1634 Legitimates filtered by white list
End of the scan (564 lines in 10mn 25s)(0)

Também estou com o problema de sempre que abro o navegador.. seja qual for vai pra página

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Gostaria de retirar isso também..

Olá.

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

# AdwCleaner v3.211 - Relatório criado 30/05/2014 às 17:35:05
# Atualizado 26/05/2014 por Xplode
# Sistema Operacional : Windows 7 Starter Service Pack 1 (32 bits)
# Usuário : Família Lino - FAMÍLIALINO-WIN
# Executando de : C:\Users\Família Lino\Desktop\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

Serviço Deletada : winzipersvc
Serviço Deletada : Wpm

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\Babylon
Pasta Deletada : C:\ProgramData\eSafe
Pasta Deletada : C:\ProgramData\IePluginService
Pasta Deletada : C:\ProgramData\WPM
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Pasta Deletada : C:\Program Files\Conduit
Pasta Deletada : C:\Program Files\Desk 365
Pasta Deletada : C:\Program Files\FindLyrics
Pasta Deletada : C:\Program Files\SupTab
Pasta Deletada : C:\Program Files\WinZipper
Pasta Deletada : C:\Program Files\Common Files\337
Pasta Deletada : C:\Users\Família Lino\AppData\Local\Conduit
Pasta Deletada : C:\Users\Família Lino\AppData\LocalLow\Conduit
Pasta Deletada : C:\Users\Família Lino\AppData\Roaming\Babylon
Pasta Deletada : C:\Users\Família Lino\AppData\Roaming\DealPly
Pasta Deletada : C:\Users\Família Lino\AppData\Roaming\eCyber
Pasta Deletada : C:\Users\Família Lino\AppData\Roaming\eIntaller
Pasta Deletada : C:\Users\Família Lino\AppData\Roaming\iSafe
Pasta Deletada : C:\Users\Família Lino\AppData\Roaming\SupTab
Pasta Deletada : C:\Users\Família Lino\AppData\Roaming\WinZipper
Pasta Deletada : C:\Users\Família Lino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
Arquivo Deletada : C:\Users\Família Lino\AppData\Roaming\Mozilla\Firefox\Profiles\blu81imq.default\searchplugins\bingp.xml
Arquivo Deletada : C:\Users\Família Lino\AppData\Roaming\Mozilla\Firefox\Profiles\blu81imq.default\user.js
Arquivo Deletada : C:\Program Files\Mozilla Firefox\user.js
Arquivo Deletada : C:\Users\Família Lino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx
Arquivo Deletada : C:\Users\Família Lino\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
Arquivo Deletada : C:\Windows\System32\Tasks\Dealply
Arquivo Deletada : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser

***** [ Atalhos ] *****

Atalho Desinfectada : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Atalho Desinfectada : C:\Users\Família Lino\Desktop\Google Chrome.lnk
Atalho Desinfectada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Atalho Desinfectada : C:\Users\Família Lino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Atalho Desinfectada : C:\Users\Família Lino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Atalho Desinfectada : C:\Users\Família Lino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Atalho Desinfectada : C:\Users\Família Lino\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Atalho Desinfectada : C:\Users\Família Lino\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Atalho Desinfectada : C:\Users\Família Lino\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk
Atalho Desinfectada : C:\Users\Família Lino\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk

***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7B94AAB4-FB78-4AC2-B65C-B479336E720E}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B94AAB4-FB78-4AC2-B65C-B479336E720E}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{940EA138-2914-4420-8934-3EA9B6526AEB}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{940EA138-2914-4420-8934-3EA9B6526AEB}
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar.CT2851643
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{73C1CE1A-2075-4350-A7B4-EBA78BA45FA8}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\V9
Chave Deletedo : HKCU\Software\AppDataLow\Software
Chave Deletedo : HKLM\Software\Babylon
Chave Deletedo : HKLM\Software\Conduit
Chave Deletedo : HKLM\Software\delta-homesSoftware
Chave Deletedo : HKLM\Software\Desksvc
Chave Deletedo : HKLM\Software\hdcode
Chave Deletedo : HKLM\Software\iSafe
Chave Deletedo : HKLM\Software\portaldositesSoftware
Chave Deletedo : HKLM\Software\SupTab
Chave Deletedo : HKLM\Software\supWPM
Chave Deletedo : HKLM\Software\V9
Chave Deletedo : HKLM\Software\V9Software
Chave Deletedo : HKLM\Software\winzipersvc
Chave Deletedo : HKLM\Software\Wpm
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SupTab
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17041

Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v28.0 (pt-BR)

[ Arquivo : C:\Users\Família Lino\AppData\Roaming\Mozilla\Firefox\Profiles\blu81imq.default\prefs.js ]

Linha deletada : user_pref("browser.newtab.url", "hxxp://www.delta-homes.com/newtab/?utm_source=b&utm_medium=wpm0226&utm_campaign=SAMSUNGXHM321HI_S29PJ56ZA12340&utm_content=nt&from=wpm0226&uid=SAMSUNGXHM321HI_S29PJ56Z[...]
Linha deletada : user_pref("browser.search.defaultenginename", "delta-homes");
Linha deletada : user_pref("browser.search.order.1", "portaldosites");
Linha deletada : user_pref("browser.search.selectedEngine", "delta-homes");
Linha deletada : user_pref("browser.startup.homepage", "hxxp://www.delta-homes.com/?type=hp&ts=1388717265&from=wpm0102&uid=SAMSUNGXHM321HI_S29PJ56ZA12340");

-\\ Google Chrome v

[ Arquivo : C:\Users\Família Lino\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Extension] : ifohbjbgfchkkfhphahclmkpgejiplfo
Deletedo [Extension] : ogfjmhfnldnajmfaofeiaepghjenbgjo

*************************

AdwCleaner[R0].txt - [11497 octets] - [30/05/2014 17:31:27]
AdwCleaner[S0].txt - [8857 octets] - [30/05/2014 17:35:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8917 octets] ##########

*Desative temporariamente seu antivírus para evitar conflitos.

* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executá-lo corretamente siga as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.

Zoek nunca termina de fazer a analise e sempre que fecho ele abre novamente

Parou assim

Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by Fam¡lia Lino on 30/05/2014 at 23:04:43,93.
Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\FAMLIA~1\Desktop\zoek.exe [Scan all users] [Script inserted]

===== Runcheck 23:06:28,62 =====

--- Create Environment Variables 23:06:47,59
--- Create System Restore Point 23:08:29,60
--- Checking Input 23:09:48,74
--- Reset Hosts File 23:20:22,82
--- AU AppData Check 23:20:30,59
--- Remove From Windows Installer 23:21:21,06

Ainda está rodando.. apareceram outras coisas, creio que vai demorar. Deixarei o PC ligado assim que tiver resultado digo

Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by Fam¡lia Lino on 31/05/2014 at 0:16:38,19.
Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\FAMLIA~1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-05-31-022030.log 1301 bytes

==== System Restore Info ======================

31/05/2014 00:19:16 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\FAMLIA~1\AppData\Roaming\Mozilla\Firefox\Profiles\blu81imq.default\prefs.js:
user_pref("keyword.URL", "http://www.bing.com/search?FORM=UP97DF&PC=UP97&q=");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\FAMLIA~1\AppData\Roaming\Mozilla\Firefox\Profiles\blu81imq.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\FAMLIA~1\AppData\Roaming\Mozilla\Firefox\Profiles\blu81imq.default

user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 3);
---- FireFox user.js and prefs.js backups ----

prefs_052014_0100_.backup

==== Deleting Files \ Folders ======================

"C:\user.js" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"litmus-ff@f-secure.com"="C:\Program Files\GVT\apps\ComputerSecurity\NRS\litmus-ff@f-secure.com" [28/04/2014 19:19]

==== Firefox Extensions ======================

ProfilePath: C:\Users\FAMLIA~1\AppData\Roaming\Mozilla\Firefox\Profiles\blu81imq.default
- Browsing Protection em:version1.10 - C:\Program Files\GVT\apps\ComputerSecurity\NRS\litmus-ff@f-secure.com

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17/01/2012 11:45]

Google Docs - FAMLIA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - FAMLIA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - FAMLIA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - FAMLIA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Skype Click to Call - FAMLIA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Wallet - FAMLIA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - FAMLIA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{EA70C329-CFF6-40D4-AFA5-44FC27E8666A} Unknown Url="Not_Found"

==== Reset Google Chrome ======================

C:\Users\FAMLIA~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\FAMLIA~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2830624172-2399402248-2096154357-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EA70C329-CFF6-40D4-AFA5-44FC27E8666A} deleted successfully

==== Deleting CLSID Registry Values ======================


==== shortcuts on Users Desktops ======================

C:\Users\FAMLIA~1\Desktop\Google Chrome.lnk - C:\Users\Família Lino\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\FAMLIA~1\Desktop\Microsoft Word Starter 2010.lnk - C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVH.EXE "Microsoft Word Starter 2010 9014006604160000"
C:\Users\FAMLIA~1\Desktop\Stellarium.lnk - C:\Program Files\Stellarium\stellarium.exe
C:\Users\FAMLIA~1\Desktop\TpsCap.lnk - C:\Program Files\Tps\TpsCap\TpsCap.exe
C:\Users\FAMLIA~1\Desktop\ZHPDiag.lnk - C:\Program Files\ZHPDiag\ZHPhep.exe
C:\Users\FAMLIA~1\Desktop\ZHPFix.lnk - C:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Presto PVR.lnk -
C:\Users\Public\Desktop\Protect Total.lnk - C:\Program Files\GVT\apps\ComputerSecurity\FSGUI\fscuif.exe --trigger @Triggers\Windows:show_main_window --assign page 0
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Família Lino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Família Lino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -
C:\Users\Família Lino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -
C:\Users\Família Lino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Família Lino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -
C:\Users\Família Lino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -
C:\Users\Família Lino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Família Lino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -
C:\Users\Família Lino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -
C:\Users\Família Lino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Família Lino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -
C:\Users\Família Lino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -
C:\Users\Família Lino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Família Lino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -
C:\Users\Família Lino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -
C:\Users\Família Lino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Família Lino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -
C:\Users\Família Lino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -
C:\Users\Família Lino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Família Lino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -
C:\Users\Família Lino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -
C:\Users\Família Lino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Família Lino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -
C:\Users\Família Lino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk - C:\Program Files\CCleaner\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPDiag.lnk - C:\Program Files\ZHPDiag\ZHPhep.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPFix.lnk - C:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Empty IE Cache ======================

C:\Users\FAMLIA~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\FAMLIA~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\FAMLIA~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=3 folders=0 11505 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\FAMLIA~1\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\FAMLIA~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 31/05/2014 at 2:39:45,90 ======================

Abra novamente o ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Pode ser cancelado esse post aqui, infelizmente não tenho mais acesso ao computador que estava sendo analisado

Obrigado assim mesmo!

TÓPICO ARQUIVADO

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.