Não consigo desinstalar o Baidu Antivirus

por Ana.Gen Sex 30 maio 2014, 20:43

Boa noite!
Novamente o mesmo problema de muitos usuários: Estou tentando instalar o Kaspersky e ele detecta o Baidu Antivirus, mas não consigo localizá-lo em Programas e Recursos.
Tentei seguir os passos de limpeza outros tópicos resolvidos para não abrir outro, mas quando chego no passo do uso do zoek.exe falta uma informação e não consigo ir adiante.
Portanto,peço orientações!

por **Danii** Sex 30 maio 2014, 21:15

ANTIVIRUS - Não consigo desinstalar o Baidu Antivirus 648673379

Olá Ana. Seja bem vinda.

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

ANTIVIRUS - Não consigo desinstalar o Baidu Antivirus 772309

ANTIVIRUS - Não consigo desinstalar o Baidu Antivirus 772309

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

por Ana.Gen Sex 30 maio 2014, 22:08

# AdwCleaner v3.211 - Relatório criado 30/05/2014 às 22:04:23
# Atualizado 26/05/2014 por Xplode
# Sistema Operacional : Windows 7 Starter Service Pack 1 (32 bits)
# Usuário : Ana Paula - ANAPAULA-VAIO
# Executando de : C:\Users\Ana Paula\Desktop\AdwCleaner.exe
# Opção : Examinar

***** [ Serviços ] *****

***** [ Arquivos / Pastas ] *****

***** [ Atalhos ] *****

***** [ Registro ] *****

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17041

-\\ Google Chrome v35.0.1916.114

[ Arquivo : C:\Users\Ana Paula\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [12894 octets] - [30/05/2014 19:40:30]
AdwCleaner[R1].txt - [714 octets] - [30/05/2014 22:04:23]
AdwCleaner[S0].txt - [12461 octets] - [30/05/2014 19:41:57]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [834 octets] ##########

por **Power Max** Sex 30 maio 2014, 22:09

Oi Ana.

Desative temporariamente seu antivírus para evitar conflitos.

Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

por Ana.Gen Sex 30 maio 2014, 22:15

Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by Ana Paula on 30/05/2014 at 20:39:12,41.
Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ana Paula\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

30/05/2014 21:00:46 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"="explorer.exe"

==== Deleting Files \ Folders ======================

C:\Users\Ana Paula\.android deleted
C:\Users\Ana Paula\AppData\Roaming\GetRightToGo deleted
C:\PROGRA~2\FileSplitUpLoad.dll deleted
C:\Users\Ana Paula\AppData\Local\nwhb-v9.4.15.crx deleted
C:\Users\Public\sdelevURL.tmp deleted
C:\Users\Ana Paula\Downloads\adt-bundle-windows-x86-20131030 (1).zip deleted
C:\Users\Ana Paula\Downloads\adt-bundle-windows-x86-20131030.zip deleted
C:\Users\Ana Paula\Downloads\SoftonicDownloader_para_arcsoft-magic-i-visual-effects.exe deleted
C:\Windows\System32\InstallUtil.InstallLog deleted
C:\Windows\System32\searchplugins deleted
C:\Windows\System32\Extensions deleted

==== Folders Found ======================

2014-05-30 22:41:59 2014-05-30 22:41:59 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2013-05-12 15:01:58 2014-03-09 22:28:48 -------- d-----w- C:\ProgramData\Baidu Security
2013-05-12 15:01:58 2014-03-09 22:28:48 -------- d-----w- C:\Users\All Users\Baidu Security
2013-05-12 14:57:12 2013-05-12 14:57:12 -------- d-----w- C:\Users\Ana Paula\AppData\Local\Temp\baidu_secure
2013-05-12 14:57:12 2013-05-12 14:57:12 -------- d-----w- C:\Users\Ana Paula\AppData\Roaming\Baidu Security

==== Files Found ======================

--- C:\Users\Ana Paula\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5T3SOMB4\Baixaki_Baidu[1].jpg ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 35695
Created time: 2013-11-05 01:41:59
Modified time: 2013-11-05 01:42:00
MD5: 644658896645C0FBB21229B24ACCEB69
SHA1: 21E8BB1A4167DAD511F060F8895E3F9A4011AE8E

--- C:\Users\Ana Paula\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8R01C7HW\banner_baidu_pc_faster_03[1].jpg ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 38519
Created time: 2013-09-15 15:12:12
Modified time: 2013-09-15 15:12:13
MD5: 9C95B4898C4BAEBEEF9A0199D914F878
SHA1: 585B7759AC6C8AB9A0054188303828D61DBB4E65

--- C:\Users\Ana Paula\AppData\Local\Temp\{23C8763F-D799-46BE-8E6A-7CD7F544BB11}\Cleaner\baidu_av_4_0_3_57478.ini ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 227
Created time: 2014-05-30 23:19:49
Modified time: 2014-05-27 18:29:02
MD5: C9F2E09C386C9A6E5434D21A0200F6E0
SHA1: 442F80424FDDE56047D0E11824A66CCC37D89CE4

--- C:\Users\Ana Paula\AppData\Local\Temp\{C1C2C54E-50FC-449E-8EB1-94D11429B937}\Cleaner\baidu_av_4_0_3_57478.ini ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 227
Created time: 2014-05-30 21:52:38
Modified time: 2014-05-27 18:29:02
MD5: C9F2E09C386C9A6E5434D21A0200F6E0
SHA1: 442F80424FDDE56047D0E11824A66CCC37D89CE4

==== Registry Search Results for "Baidu" ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"="C:\\ProgramData\\baidu\\commondll\\splitupload\\DllVersion_2.0\\FileSplitUpLoad.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
"DisplayName"="Baidu AntiVirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
"Description"="Baidu AntiVirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdApiUtil.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdCameraProtect.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bhbase]
"DisplayName"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
"DisplayName"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
"Description"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"="C:\\Program Files\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\bavsvc]
"DisplayName"="Baidu AntiVirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\bavsvc]
"Description"="Baidu AntiVirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdApiUtil.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdCameraProtect.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bhbase]
"DisplayName"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\bhipssvc]
"DisplayName"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\bhipssvc]
"Description"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"="C:\\Program Files\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bavsvc]
"DisplayName"="Baidu AntiVirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bavsvc]
"Description"="Baidu AntiVirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdApiUtil.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdCameraProtect.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bhbase]
"DisplayName"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bhipssvc]
"DisplayName"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bhipssvc]
"Description"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"="C:\\Program Files\\Baidu Security\\Baidu Antivirus"

[HKEY_USERS\.DEFAULT\Software\Baidu]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

[HKEY_USERS\.DEFAULT\Software\Baidu Security]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\030911-42931-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\071613-37190-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\MEMORY_130184548468316302.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\PC Faster\1.18.0.25]

[HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\PC Faster\1.18.0.25\Install]

[HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\PC Faster\1.18.0.25\Run]

[HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\PC Faster\1.18.0.25\Run\Disable]

[HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\PC Faster\1.18.0.25\Run\Disable\alluser]

[HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\PC Faster\1.18.0.25\Run\Disable\curuser]

[HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\PC Faster\1.18.0.25\Run\Disable\hkcu]

[HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\PC Faster\1.18.0.25\Run\Disable\hklm]

[HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\PC Faster\1.18.0.25\Statistic]

[HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\PC Faster\Setup]

[HKEY_USERS\S-1-5-18\Software\Baidu]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

[HKEY_USERS\S-1-5-18\Software\Baidu Security]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\030911-42931-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\071613-37190-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\MEMORY_130184548468316302.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [06/03/2014 13:24]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aoejbmmillcdifgagjpdlaamnalbielp - C:\Users\ANAPAU~1\AppData\Local\nwhb-v9.4.15.crx[]
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14/08/2013 15:24]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
aoejbmmillcdifgagjpdlaamnalbielp - C:\Users\ANAPAU~1\AppData\Local\nwhb-v9.4.15.crx[]

Google Drive - Ana Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Ana Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Ana Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Ana Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Ana Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Ana Paula\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cekcjpgehmohobmdiikfnopibipmgnml_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.baixaki.com.br/portal/?utm_source=sol&utm_medium=ppi&utm_campaign=portal"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.baixaki.com.br/portal/?utm_source=sol&utm_medium=ppi&utm_campaign=portal"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Ana Paula\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Ana Paula\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Ana Paula\Desktop\contatos gen atualizados2.0 - Atalho.lnk - C:\Users\Ana Paula\Downloads\contatos gen atualizados2.0.xlsx
C:\Users\Ana Paula\Desktop\Dropbox.lnk - C:\Users\Ana Paula\AppData\Roaming\Dropbox\bin\Dropbox.exe /home
C:\Users\Ana Paula\Desktop\Oceanis Change Background W7.lnk - C:\Program Files\Oceanis\SystemSetting\ChangeBackground.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\ Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe
C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\RealPlayer.lnk - C:\Program Files\Real\RealPlayer\realplay.exe /launch:desktop
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe
C:\Users\Public\Desktop\Sonora.lnk -
C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Users\Public\Desktop\WinZip.lnk - C:\Program Files\WinZip\WINZIP32.EXE

==== shortcuts in Users Start Menu ======================

C:\Users\Ana Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Ana Paula\AppData\Roaming\Dropbox\bin\Dropbox.exe /home
C:\Users\Ana Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk - C:\Users\Ana Paula\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
C:\Users\Ana Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Ana Paula\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

==== shortcuts in Quick Launch ======================

C:\Users\Ana Paula\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Ana Paula\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Ana Paula\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Ana Paula\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Ana Paula\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\Ana Paula\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Ana Paula\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Ana Paula\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\aoejbmmillcdifgagjpdlaamnalbielp deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\aoejbmmillcdifgagjpdlaamnalbielp deleted successfully

==== Empty IE Cache ======================

C:\Users\Ana Paula\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Ana Paula\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ana Paula\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ana Paula\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5T3SOMB4 will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Ana Paula\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=37 folders=6 1008736564 bytes)

==== Empty Temp Folders ======================

C:\Users\Ana Paula\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\ANAPAU~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== After Reboot ======================

==== Deleting Files / Folders ======================

"C:\Users\Ana Paula\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5T3SOMB4" not found
"C:\Users\Ana Paula\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\7XQ64LR2\portal.saude.gov.br" not found

==== EOF on 30/05/2014 at 21:58:04,28 ======================

por Ana.Gen Sáb 31 maio 2014, 11:03

Olá! Algum próximo passo? (:

por **Power Max** Sáb 31 maio 2014, 11:51

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

por Ana.Gen Sáb 31 maio 2014, 14:10

Olá! Segue o relatório:

Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by Ana Paula on 31/05/2014 at 13:43:38,87.
Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ana Paula\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-05-31-005804.log 25784 bytes
C:\zoek-results2014-05-31-163720.log 21920 bytes

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bavsvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\bavsvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BdApiUtil deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BdApiUtil deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BdCameraProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BdCameraProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bhbase deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bhbase deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bhipssvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\bhipssvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdCameraProtect]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdCameraProtect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bhbase]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bhbase]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\bavsvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\bavsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\bavsvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\bavsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdCameraProtect]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdCameraProtect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bhbase]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bhbase]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\bhipssvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\bhipssvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\bhipssvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bavsvc]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bavsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bavsvc]
"Description"=
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdCameraProtect]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdCameraProtect]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bhbase]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bhbase]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bhipssvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bhipssvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bhipssvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
[-HKEY_USERS\.DEFAULT\Software\Baidu]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\030911-42931-01.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\071613-37190-01.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\MEMORY_130184548468316302.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\PC Faster\1.18.0.25]
[-HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\PC Faster\1.18.0.25\Install]
[-HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\PC Faster\1.18.0.25\Run]
[-HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\PC Faster\1.18.0.25\Run\Disable]
[-HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\PC Faster\1.18.0.25\Run\Disable\alluser]
[-HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\PC Faster\1.18.0.25\Run\Disable\curuser]
[-HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\PC Faster\1.18.0.25\Run\Disable\hkcu]
[-HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\PC Faster\1.18.0.25\Run\Disable\hklm]
[-HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\PC Faster\1.18.0.25\Statistic]
[-HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\PC Faster\Setup]
[-HKEY_USERS\S-1-5-18\Software\Baidu]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\030911-42931-01.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\071613-37190-01.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\MEMORY_130184548468316302.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"rcloud"=-

==== Deleting Files \ Folders ======================

C:\Users\Ana Paula\AppData\Local\Temp\baidu_secure not found
"C:\Users\Ana Paula\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5T3SOMB4\Baixaki_Baidu[1].jpg" not found
"C:\Users\Ana Paula\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8R01C7HW\banner_baidu_pc_faster_03[1].jpg" not found
"C:\Users\Ana Paula\AppData\Local\Temp\{23C8763F-D799-46BE-8E6A-7CD7F544BB11}\Cleaner\baidu_av_4_0_3_57478.ini" not found
"C:\Users\Ana Paula\AppData\Local\Temp\{C1C2C54E-50FC-449E-8EB1-94D11429B937}\Cleaner\baidu_av_4_0_3_57478.ini" not found
C:\ProgramData\Baidu Security deleted
C:\Users\Ana Paula\AppData\Roaming\Baidu Security deleted

==== Folders Found ======================

2014-05-30 22:41:59 2014-05-30 22:41:59 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu

==== Files Found ======================

==== Registry Search Results for "Baidu" ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_USERS\.DEFAULT\Software\Baidu Security]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-18\Software\Baidu Security]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=54 folders=33 1014008001 bytes)

==== EOF on 31/05/2014 at 14:05:12,14 ======================

por **Power Max** Sáb 31 maio 2014, 14:31

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

por Ana.Gen Sáb 31 maio 2014, 14:41

Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by Ana Paula on 31/05/2014 at 14:34:02,34.
Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ana Paula\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-05-31-005804.log 25784 bytes
C:\zoek-results2014-05-31-163720.log 21920 bytes
C:\zoek-results2014-05-31-170512.log 15777 bytes

==== System Restore Info ======================

31/05/2014 14:37:00 Zoek.exe System Restore Point Created Succesfully.

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[-HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\Baidu Security\Antivirus\web]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]

==== Registry Search Results for "Baidu" ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=54 folders=33 1014008001 bytes)

==== EOF on 31/05/2014 at 14:41:08,62 ======================

por **Power Max** Sáb 31 maio 2014, 14:45

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

por Ana.Gen Sáb 31 maio 2014, 14:55

Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by Ana Paula on 31/05/2014 at 14:51:20,73.
Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ana Paula\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-05-31-005804.log 25784 bytes
C:\zoek-results2014-05-31-163720.log 21920 bytes
C:\zoek-results2014-05-31-170512.log 15777 bytes
C:\zoek-results2014-05-31-174108.log 2283 bytes

==== System Restore Info ======================

31/05/2014 14:52:02 Zoek.exe System Restore Point Created Succesfully.

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

==== Registry Search Results for "Baidu" ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=54 folders=33 1014008001 bytes)

==== EOF on 31/05/2014 at 14:54:39,23 ======================

por **Power Max** Sáb 31 maio 2014, 14:57

Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

por Ana.Gen Sáb 31 maio 2014, 15:19

~ Relatório do ZHPDiag v2014.5.30.78 - Nicolas Coolman (30/05/2014)
~ Iniciado por Ana Paula (31/05/2014 15:07:30)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão : Nova Versão disponivel
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user

---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17107
GCIE: Google Chrome v35.0.1916.114 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Starter, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK

---\\ Softwares de proteçao do sistema
Microsoft Security Client PT-BR Language Pack v2.1.1116.0
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Adobe Reader XI
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: x86 Family 20 Model 1 Stepping 0, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1642 MB (33% free)
System Restore: Activé (Enable)
System drive C: has 163 GB (35%) free of 457 GB

---\\ Modo de conexão ao sistema
~ Computer Name: ANAPAULA-VAIO
~ User Name: Ana Paula
~ All Users Names: Convidado, Ana Paula, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Ana Paula\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Ana Paula\AppData\Roaming\
~ %Desktop% : C:\Users\Ana Paula\Desktop\
~ %Favorites% : C:\Users\Ana Paula\Favorites\
~ %LocalAppData% : C:\Users\Ana Paula\AppData\Local\
~ %StartMenu% : C:\Users\Ana Paula\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 163 Go of 457 Go)

---\\ Estado do Centro de Segurança do Windows
~ Security Center: 38 Legitimates Filtered in 00mn 00s

---\\ Pesquisa particular de ficheiros genéricos
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 02:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.E4E829EE073E046B0EB19B5FECB19B8C] - (.Microsoft Corporation - Internet Extensions para Win32.) (.23/04/2014 - 09:58:18.) -- C:\Windows\System32\wininet.dll [1789440]
[MD5.998507B046BA314CE8245364C686FA67] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.04/03/2014 - 06:17:02.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 09:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/09/2013 - 21:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 05:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 05:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 06:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 05:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 05:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 09:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 06s

---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/20883
~ Mes musiques (My Musics) : 7/3170
~ Mes Videos (My Videos) : 1/165
~ Mes Favoris (My Favorites) : 1/25
~ Mes Documents (My Documents) : 5/16458
~ Mon Bureau (My Desktop) : 1/77
~ Menu demarrer (Programs) : 1/32
~ Hidden Files: Scanned in 03mn 19s

---\\ Processos lançados
[MD5.DA6EA8656109F445DF33F9F2A58018EE] - (.Sony Corporation - VAIO Care.) -- C:\Program Files\Sony\VAIO Care\VCSpt.exe [81296] [PID.1888]
[MD5.349AB4F70E2AC44970894E7F03E1576E] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) -- C:\ProgramData\DatacardService\DCSHelper.exe [236384] [PID.2172]
[MD5.7166C768EE9894C87E8195A7D20772D4] - (.Sony Corporation - VAIO Update.) -- C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe [1463664] [PID.2960]
[MD5.E91A96AE3959A494C777D2C3D5C1B29A] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1873192] [PID.3740]
[MD5.CCA9023E3DDBE290D4381344115D99B7] - (.Sony Corporation - No Comment.) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe [673136] [PID.3756]
[MD5.48B9248CED8A5DE4EB0917CB676CB8D5] - (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [648032] [PID.3764]
[MD5.3CB07566302BCEEB898DE270A0BEC175] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352] [PID.3840]
[MD5.F6158734F1E24C6C510155CF0D363911] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe [295512] [PID.3932]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336] [PID.4036]
[MD5.9D4A0ECBF734E2EECDD5B473A2D705FE] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [20922016] [PID.2724]
[MD5.9165C53D497582353D452E66799D5DB8] - (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [836896] [PID.2804]
[MD5.CCCDC7B64CFF96C977B0FADC24434628] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\Ana Paula\AppData\Roaming\Dropbox\bin\Dropbox.exe [33322312] [PID.2456]
[MD5.C64E9B1C9EA057DCECDCB98F34377811] - (.Microsoft Corporation - Microsoft OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.exe [228552] [PID.2492]
[MD5.001433A00C21E1BDBA381C4C80D38022] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720] [PID.1956]
[MD5.98B31CBC09D671DADEB7C92AEF1CBE29] - (.Huawei Technologies Co., Ltd. - Online Update Clinet.) -- C:\Users\Ana Paula\AppData\Roaming\VIVO INTERNET\ouc.exe [110592] [PID.3244]
[MD5.046C4928FB5D09D3BB3967B79845427E] - (.No owner - CCP.) -- C:\Program Files\Sony\SmartWi Connection Utility\CCP.exe [22504] [PID.2184]
[MD5.5E8687798FC2C1D3C5BAEEB8C57AD395] - (.Sony of America Corporation - VaioCare Window Listener Application.) -- C:\Program Files\Sony\VAIO Care\listener.exe [75776] [PID.3048]
[MD5.B7F182F0972EA735207AE66C775E77F1] - (.No owner - ThirdPartyAppMgr.) -- C:\Program Files\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe [23552] [PID.3832]
[MD5.20E915CF7C6F5E74E1FB4C8078D7CB83] - (.No owner - PowerManager.) -- C:\Program Files\Sony\SmartWi Connection Utility\PowerManager.exe [40952] [PID.1928]
[MD5.F120F63F99343B7D55C0E04285858295] - (...) -- C:\Program Files\Sony\SmartWi Connection Utility\SmartWi.exe [184816] [PID.4216]
[MD5.1620FE36666F4BBC2314B7F360FB1965] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [860488] [PID.3640]
[MD5.352E8561E633B17ED22012366721FFDC] - (...) -- C:\Users\Ana Paula\Downloads\zoek.exe [1285120] [PID.3140]
[MD5.6D652B06EB3916DC41A9DBBBC4EDEED1] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8020480] [PID.4432]
~ Processes Running: Scanned in 00mn 04s

---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Ana Paula\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 16 Legitimates Filtered in 00mn 04s

---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ IE Browser: 11 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

---\\ Barras do Internet Explorer (03))
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Chave orfã
~ Toolbar: Scanned in 00mn 00s

---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SmartWiHelper] . (.Sony Electronics Corporation - SmartWi Helper.) -- C:\Program Files\Sony\SmartWi Connection Utility\SmartWiHelper.exe
O4 - HKLM\..\Run: [ISBMgr.exe] . (.Sony Corporation - No Comment.) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [PMBVolumeWatcher] . (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe =>.RealNetworks, Inc
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [EPSON L200 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGUL.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [HW_OPENEYE_OUC_VIVO INTERNET] . (.Huawei Technologies Co., Ltd. - Online Update Clinet.) -- C:\Program Files\VIVO INTERNET\UpdateDog\ouc.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1636494452-3879391945-2239487440-1001\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-1636494452-3879391945-2239487440-1001\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-1636494452-3879391945-2239487440-1001\..\Run: [EPSON L200 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGUL.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-1636494452-3879391945-2239487440-1001\..\Run: [HW_OPENEYE_OUC_VIVO INTERNET] . (.Huawei Technologies Co., Ltd. - Online Update Clinet.) -- C:\Program Files\VIVO INTERNET\UpdateDog\ouc.exe
O4 - HKUS\S-1-5-21-1636494452-3879391945-2239487440-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
~ Application: Scanned in 00mn 00s

---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBTTN~1.dll =>.Microsoft Corporation
O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} . (.Evernote Corporation - Web Clipper extension tool for IE.) -- C:\Program Files\Evernote\Evernote3.5\enbar.dll
~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2B9D5BB1-69F6-42DE-8DEC-B4FC56553C8C}: DhcpNameServer = 189.6.0.134 189.6.0.78 201.6.4.116
O17 - HKLM\System\CCS\Services\Tcpip\..\{D2ECE46A-C699-425D-A8AB-B5CB1D28B1B6}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2B9D5BB1-69F6-42DE-8DEC-B4FC56553C8C}: DhcpNameServer = 189.6.0.134 189.6.0.78 201.6.4.116
O17 - HKLM\System\CS1\Services\Tcpip\..\{D2ECE46A-C699-425D-A8AB-B5CB1D28B1B6}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{2B9D5BB1-69F6-42DE-8DEC-B4FC56553C8C}: DhcpNameServer = 189.6.0.134 189.6.0.78 201.6.4.116
O17 - HKLM\System\CS2\Services\Tcpip\..\{D2ECE46A-C699-425D-A8AB-B5CB1D28B1B6}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 189.6.0.134 189.6.0.78 201.6.4.116
~ Domain: Scanned in 00mn 00s

---\\ Protocolo adicional (018)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: HWDeviceService.exe (HWDeviceService.exe) . (.No owner - DCSHOST.) - C:\ProgramData\DatacardService\HWDeviceService.exe
~ Services: 14 Legitimates Filtered in 00mn 12s

---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [{84BC0C5B-BF08-4042-AEF9-ACC79ACB375C}] (...) -- C:\Users\Ana Paula\AppData\Local\Temp\IS7011~1\MyBabylonTB.exe (.not file.) [0] =>PUP.Babylon
[MD5.00000000000000000000000000000000] [APT] [Java Update] (...) -- C:\Program Files\Java\jre6\bin\jusched.exe (.not file.) [0]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1058]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1062]
~ Scheduled Task: 24 Legitimates Filtered in 00mn 11s

---\\ Software instalados (042)
O42 - Logiciel: MEGA 4 - (.Sudhir Kumar et al..) [HKLM] -- {B185CA27-2F59-49C0-A043-42A98E723C8E}
O42 - Logiciel: Vivo - Guia Vivo Internet versão 1.0 - (.Vivo.) [HKLM] -- {C2E8B9C9-677A-46E6-AEC7-9435B5BCA765}_is1
O42 - Logiciel: Vivo 3G - (...) [HKLM] -- {93D34EE3-99B3-4DB1-8B0A-0A657466F90D}
~ Logic: 15 Legitimates Filtered in 00mn 01s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\KSS]
[HKLM\Software\Vivo 3G]
~ Key Software: 198 Legitimates Filtered in 00mn 01s

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 07/10/2011 - 09:14:18 - [] ----D C:\Program Files\MEGA 4
O43 - CFD: 28/12/2011 - 19:04:17 - [] ----D C:\Program Files\SupportInfo
O43 - CFD: 30/05/2013 - 22:16:57 - [] ----D C:\Program Files\Vivo
O43 - CFD: 04/01/2012 - 19:47:02 - [] ----D C:\Program Files\Vivo 3G
O43 - CFD: 30/05/2013 - 22:17:21 - [] ----D C:\Program Files\VIVO INTERNET
O43 - CFD: 29/05/2014 - 21:26:07 - [] ----D C:\Users\Ana Paula\AppData\Roaming\VIVO INTERNET
~ Program Folder: 161 Legitimates Filtered in 00mn 01s

---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.F3A715BB6BD5948383BDF92E50B57B71] - 21/05/2014 - 17:03:21 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [152288]
O44 - LFC:[MD5.A24A66E2F8EBF3B024FCCF00E614A7C5] - 21/05/2014 - 17:03:21 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [714556]
O44 - LFC:[MD5.9E78821B0E4BF59CFC4A6582DB5607AE] - 30/05/2014 - 18:39:17 ---A- . (...) -- C:\Windows\ntbtlog.txt [752660]
O44 - LFC:[MD5.0DC5AF80D059DEC792B665ED598C6567] - 30/05/2014 - 19:41:25 ---A- . (.SQLite Development Team - SQLite Dynamic Link Library (No TCL).) -- C:\Windows\System32\sqlite3.dll [536576]
O44 - LFC:[MD5.6CC414D757F8BA707DC8341D4ED8FF05] - 30/05/2014 - 21:58:04 ---A- . (...) -- C:\zoek-results2014-05-31-005804.log [25784]
O44 - LFC:[MD5.9B897BB0DA77751C642087EB18A80639] - 31/05/2014 - 14:05:12 ---A- . (...) -- C:\zoek-results2014-05-31-170512.log [15777]
O44 - LFC:[MD5.DFC83B07EC5E509B5A205DDAF86D253B] - 31/05/2014 - 14:41:08 ---A- . (...) -- C:\zoek-results2014-05-31-174108.log [2283]
O44 - LFC:[MD5.A27DEACC74A7E363A90882F54FCB1CD9] - 31/05/2014 - 14:54:39 ---A- . (...) -- C:\runcheck.txt [579]
O44 - LFC:[MD5.0487B4CF71688122158ABB38F5BC20A2] - 31/05/2014 - 14:54:39 ---A- . (...) -- C:\zoek-results.log [1185]
~ Files: 50 Legitimates Filtered in 00mn 20s

---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{1e5674d9-bc65-11e3-88bb-78843c2b6654}\AutoRun\command. (...) -- D:\AutoRun.exe (.not file.)
O51 - MPSK:{89ac63c4-a656-11e1-9c88-78843c2b6654}\AutoRun\command. (...) -- E:\LaunchU3.exe (.not file.)
O51 - MPSK:{95e12631-26b6-11e2-8450-78843c2b6654}\AutoRun\command. (...) -- D:\WD SmartWare.exe (.not file.)
O51 - MPSK:{c9aa0fe3-c11e-11e3-8941-78843c2b6654}\AutoRun\command. (...) -- D:\AutoRun.exe (.not file.)
O51 - MPSK:{e219e22b-c98d-11e2-be28-78843c2b6654}\AutoRun\command. (...) -- D:\AutoRun.exe (.not file.)
O51 - MPSK:{e219e24d-c98d-11e2-be28-78843c2b6654}\AutoRun\command. (...) -- D:\AutoRun.exe (.not file.)
~ Keys: Scanned in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s

---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:08/10/2010 - 16:55:06 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\Drivers\ewdcsc.sys [25856]
O58 - SDL:13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:06/08/2010 - 07:42:34 ---A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\Drivers\mod7700.sys [861696]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 100 Legitimates Filtered in 00mn 14s

---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s

---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.C8C690CDBFE10506BB28F4B60E67632C] [SPRF][13/05/2011] (...) -- C:\ProgramData\ezsidmv.dat [56]
[MD5.9EC73884D7D7BFEC9EED7EAF3122A0BE] [SPRF][30/05/2014] (...) -- C:\Users\Ana Paula\Desktop\AdwCleaner.exe [1327971]
~ Files: 2 Legitimates Filtered in 00mn 00s

---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\VuuPC_setup_RASAPI32 =>PUP.VuuPC
HKLM\SOFTWARE\Microsoft\Tracing\VuuPC_setup_RASMANCS =>PUP.VuuPC
~ BTK: 235 Legitimates Filtered in 00mn 00s

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 18/03/2010 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SS - | Demand 16/05/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 01/08/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 01/08/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Demand 10/09/2010 108400 | (SOHCImp) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHCImp.exe
SS - | Demand 12/10/2010 423280 | (SOHDms) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe
SS - | Demand 10/09/2010 67952 | (SOHDs) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDs.exe
SS - | Demand 25/10/2010 549168 | (VcmIAlzMgr) . (.Sony Corporation.) - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
SS - | Demand 25/10/2010 387896 | (VcmINSMgr) . (.Sony Corporation.) - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
SS - | Demand 25/10/2010 84256 | (VcmXmlIfHelper) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
SS - | Demand 31/05/2010 746864 | (VUAgent) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
SR - | Auto 18/12/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 03/12/2010 176128 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 18/11/2010 284160 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
SR - | Auto 17/06/2010 140224 | (AMD Reservation Manager) . (.Advanced Micro Devices.) - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
SR - | Auto 29/07/2010 656672 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SR - | Auto 14/03/2011 271712 | (HWDeviceService.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService.exe
SR - | Auto 26/11/2010 398176 | (PMBDeviceInfoProvider) . (.Sony Corporation.) - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
SR - | Auto 14/08/2013 39056 | (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 12/08/2010 187792 | (SampleCollector) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
SR - | Demand 27/09/2010 222464 | (SpfService) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe
SR - | Auto 18/09/2008 104960 | (uCamMonitor) . (.ArcSoft, Inc..) - C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
SR - | Auto 31/05/2010 217968 | (VAIO Event Service) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
SR - | Auto 27/09/2010 864000 | (VCFw) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
SR - | Auto 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 28s

---\\ Scâner Aditional (088)
Database Version : 13026 - (30/05/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

~ Additionnel Scan: 262511 Items scanned in 01mn 17s

---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Babylon
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.VuuPC
~ MSI: 2 link(s) detected in 00mn 00s

~ 801 Legitimates filtered by white list
End of the scan (431 lines in 08mn 10s)(0)

por **Power Max** Sáb 31 maio 2014, 15:32

Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC agora e de tempos em tempos.
_____________________________________________________________________________________________________________________

ANTIVIRUS - Não consigo desinstalar o Baidu Antivirus 772309

Faça o download do Usbfix [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (ao acessar a página clique no botão representado nesta imagem (na parte inferior direita da página) para baixá-lo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Utilize o USBFix conforme é mostrado nesta postagem:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
__________________________________________________________________________________________________________________

ANTIVIRUS - Não consigo desinstalar o Baidu Antivirus 772309

Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

ANTIVIRUS - Não consigo desinstalar o Baidu Antivirus 772309

Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta juntamente com o log (relatório) do Usbfix que estará em C:\UsbFix.txt

por Ana.Gen Sáb 31 maio 2014, 15:55

Relatório ZHPFix:
Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Ana Paula at 31/05/2014 15:53:01
High Elevated Privileges : OK
Windows 7 Starter Edition, 32-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 05s)
Reparação de atalhos do navegador

========== Chaves do Registo ==========
ELIMINÉ CLSID MPSK: {e219e24d-c98d-11e2-be28-78843c2b6654}
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\VuuPC_setup_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\VuuPC_setup_RASMANCS

========== Valores do Registo ==========
ELIMINÉ: Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ Temporários windows (1) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: {84BC0C5B-BF08-4042-AEF9-ACC79ACB375C}
ELIMINÉ: Java Update

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Recapitulativo ==========
3 : Chaves do Registo
7 : Valores do Registo
1 : Pastas
2 : Ficheiros
2 : Tarefa planificada
1 : Restauração Sistema

End of clean in 01mn 16s

========== Caminho do ficheiro do relatório ==========
C:\Users\Ana Paula\AppData\Roaming\ZHP\ZHPFix[R1].txt - 31/05/2014 15:53:06 [1482]

por Ana.Gen Sáb 31 maio 2014, 15:56

Relatório do Usbfix:

############################## | UsbFix V 7.171 | [Limpar]

Usuário: Ana Paula (Administrador) # ANAPAULA-VAIO
Atualizado em 18/05/2014 por El Desaparecido - SosVirus
Começou em 15:47:19 | 31/05/2014

Site : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Changelog : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Asistencia : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Upload Malware : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Contato : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

PC: Sony Corporation (VAIO)
CPU: AMD E-350 Processor
RAM -> [Total : 1643 Mo| Free : 391 Mo]
Bios: Insyde Corp.
Boot: Normal boot

OS: Microsoft Windows 7 Starter (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.17107
WB: Google Chrome : 35.0.1916.114

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AS: Windows Defender [Enabled | Updated]
FW: Windows FireWall [Enabled]

C:\ (%SystemDrive%) -> Disco fixo # 457 Gb (163 Mb livre - 36%) [] # NTFS

################## | Processos parados |

C:\Windows\System32\atiesrxx.exe (ID: 840|ParentID: 540)
C:\Windows\System32\atieclxx.exe (ID: 1248|ParentID: 840)
C:\Windows\System32\spoolsv.exe (ID: 1504|ParentID: 540)
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1700|ParentID: 540|SISTEMA)
C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe (ID: 1784|ParentID: 540|SISTEMA)
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (ID: 1808|ParentID: 540|SISTEMA)
C:\Windows\System32\taskhost.exe (ID: 2032|ParentID: 540|Ana Paula)
C:\ProgramData\DatacardService\HWDeviceService.exe (ID: 660|ParentID: 540|SISTEMA)
C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe (ID: 1096|ParentID: 540|SISTEMA)
C:\Windows\System32\taskeng.exe (ID: 1736|ParentID: 1032|Ana Paula)
C:\Program Files\Sony\VAIO Care\VCSpt.exe (ID: 1888|ParentID: 1736|Ana Paula)
C:\Windows\explorer.exe (ID: 1856|ParentID: 344|Ana Paula)
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe (ID: 1992|ParentID: 540|SISTEMA)
C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ID: 2088|ParentID: 540|SISTEMA)
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (ID: 2120|ParentID: 540|SISTEMA)
C:\ProgramData\DatacardService\DCSHelper.exe (ID: 2172|ParentID: 660|Ana Paula)
C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (ID: 2304|ParentID: 540|SISTEMA)
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (ID: 2328|ParentID: 540|SISTEMA)
C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (ID: 2424|ParentID: 2304|SISTEMA)
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe (ID: 2548|ParentID: 2120|SISTEMA)
C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe (ID: 2960|ParentID: 1736|Ana Paula)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (ID: 3740|ParentID: 1856|Ana Paula)
C:\Program Files\Sony\ISB Utility\ISBMgr.exe (ID: 3756|ParentID: 1856|Ana Paula)
C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe (ID: 3764|ParentID: 1856|Ana Paula)
C:\Program Files\Windows Sidebar\sidebar.exe (ID: 3788|ParentID: 1856|Ana Paula)
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (ID: 3840|ParentID: 1856|Ana Paula)
C:\Program Files\Real\RealPlayer\Update\realsched.exe (ID: 3932|ParentID: 1856|Ana Paula)
C:\Program Files\Common Files\Java\Java Update\jusched.exe (ID: 4036|ParentID: 1856|Ana Paula)
C:\Program Files\Skype\Phone\Skype.exe (ID: 2724|ParentID: 1856|Ana Paula)
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (ID: 2804|ParentID: 1856|Ana Paula)
C:\Users\Ana Paula\AppData\Roaming\Dropbox\bin\Dropbox.exe (ID: 2456|ParentID: 1856|Ana Paula)
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (ID: 2492|ParentID: 1856|Ana Paula)
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (ID: 1956|ParentID: 3740|Ana Paula)
C:\Users\Ana Paula\AppData\Roaming\VIVO INTERNET\ouc.exe (ID: 3244|ParentID: 2772|Ana Paula)
C:\Windows\System32\SearchIndexer.exe (ID: 3012|ParentID: 540|SISTEMA)
C:\Program Files\Sony\VAIO Care\VCPerfService.exe (ID: 2208|ParentID: 540|SISTEMA)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 3360|ParentID: 540|SERVIÇO DE REDE)
C:\Program Files\Sony\SmartWi Connection Utility\CCP.exe (ID: 2184|ParentID: 3748|Ana Paula)
C:\Program Files\Sony\VAIO Care\listener.exe (ID: 3048|ParentID: 2208|Ana Paula)
C:\Program Files\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe (ID: 3832|ParentID: 2184|Ana Paula)
C:\Program Files\Sony\SmartWi Connection Utility\PowerManager.exe (ID: 1928|ParentID: 2184|Ana Paula)
C:\Program Files\Sony\SmartWi Connection Utility\SmartWi.exe (ID: 4216|ParentID: 1928|Ana Paula)
C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (ID: 5104|ParentID: 540|SISTEMA)
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe (ID: 4140|ParentID: 540|SISTEMA)
C:\Windows\System32\taskhost.exe (ID: 2472|ParentID: 540|Ana Paula)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 3640|ParentID: 1856|Ana Paula)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 5088|ParentID: 3640|Ana Paula)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 5752|ParentID: 3640|Ana Paula)
C:\Users\Ana Paula\Downloads\zoek.exe (ID: 3140|ParentID: 1856|Ana Paula)
C:\Windows\System32\cmd.exe (ID: 5240|ParentID: 3140|Ana Paula)
C:\Windows\System32\conhost.exe (ID: 4744|ParentID: 496|Ana Paula)
C:\Windows\System32\cmd.exe (ID: 5800|ParentID: 5240|Ana Paula)
C:\Windows\System32\notepad.exe (ID: 5044|ParentID: 5800|Ana Paula)
C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (ID: 5112|ParentID: 540|SERVIÇO DE REDE)
C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE (ID: 3272|ParentID: 540|SISTEMA)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 5676|ParentID: 3640|Ana Paula)
C:\Windows\System32\notepad.exe (ID: 4988|ParentID: 4432|Ana Paula)

################## | Autorun |

################## | Procura genérica |

(!) Ficheiros temporários suprimido.

################## | Registro |

Supprimido ! HKU\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\.\.\.\.\Mountpoints2\{1e5674d9-bc65-11e3-88bb-78843c2b6654}
Supprimido ! HKU\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\.\.\.\.\Mountpoints2\{89ac63c4-a656-11e1-9c88-78843c2b6654}
Supprimido ! HKU\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\.\.\.\.\Mountpoints2\{95e12631-26b6-11e2-8450-78843c2b6654}
Supprimido ! HKU\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\.\.\.\.\Mountpoints2\{c9aa0fe3-c11e-11e3-8941-78843c2b6654}
Supprimido ! HKU\S-1-5-21-1636494452-3879391945-2239487440-1001\Software\.\.\.\.\Mountpoints2\{e219e22b-c98d-11e2-be28-78843c2b6654}

################## | Regedit Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
F3 - HKCU\..\Winlogon : [Shell] explorer.exe
04 - HKCU\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKCU\..\Run : [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
04 - HKCU\..\Run : [EPSON L200 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGUL.EXE /FU "C:\Windows\TEMP\E_SE205.tmp" /EF "HKCU"
04 - HKCU\..\Run : [HW_OPENEYE_OUC_VIVO INTERNET] "C:\Program Files\VIVO INTERNET\UpdateDog\ouc.exe"
04 - HKCU\..\Run : [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKLM\..\Run : [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
04 - HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - HKLM\..\Run : [SmartWiHelper] "C:\Program Files\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup
04 - HKLM\..\Run : [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
04 - HKLM\..\Run : [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
04 - HKLM\..\Run : [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [TkBellExe] "C:\Program Files\Real\RealPlayer\Update\realsched.exe" -osboot
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-1636494452-3879391945-2239487440-1001\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-1636494452-3879391945-2239487440-1001\..\Run : [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
04 - HKU\S-1-5-21-1636494452-3879391945-2239487440-1001\..\Run : [EPSON L200 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGUL.EXE /FU "C:\Windows\TEMP\E_SE205.tmp" /EF "HKCU"
04 - HKU\S-1-5-21-1636494452-3879391945-2239487440-1001\..\Run : [HW_OPENEYE_OUC_VIVO INTERNET] "C:\Program Files\VIVO INTERNET\UpdateDog\ouc.exe"
04 - HKU\S-1-5-21-1636494452-3879391945-2239487440-1001\..\Run : [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-18\..\RunOnce : [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601

################## | C:\ %SystemDrive% - Disco fixo (NTFS) |

[31/05/2014 - 14:54:39 | N | 1 Ko] - C:\runcheck.txt
[10/06/2009 - 18:42:20 | N | 0 Ko] - C:\config.sys
[04/11/2013 - 22:36:56 | RASH | 0 Ko] - C:\IO.SYS
[04/11/2013 - 22:36:56 | RASH | 0 Ko] - C:\MSDOS.SYS
[31/05/2014 - 13:36:31 | ASH | 1682332 Ko] - C:\pagefile.sys
[31/05/2014 - 13:36:31 | ASH | 1261748 Ko] - C:\hiberfil.sys
[18/05/2014 - 10:34:57 | D] - C:\Config.Msi
[13/01/2011 - 09:20:33 | N | 2 Ko] - C:\RHDSetup.log
[24/11/2012 - 15:11:59 | N | 2 Ko] - C:\MAKEMSI_VBSCA-Kaspersky Security Scan(1.0.0.500)-sábado.log
[30/05/2014 - 21:58:04 | N | 25 Ko] - C:\zoek-results2014-05-31-005804.log
[31/05/2014 - 13:37:20 | N | 21 Ko] - C:\zoek-results2014-05-31-163720.log
[31/05/2014 - 14:05:12 | N | 15 Ko] - C:\zoek-results2014-05-31-170512.log
[31/05/2014 - 14:41:08 | N | 2 Ko] - C:\zoek-results2014-05-31-174108.log
[31/05/2014 - 14:54:39 | N | 1 Ko] - C:\zoek-results.log
[31/05/2014 - 13:37:54 | SHD] - C:\$RECYCLE.BIN
[10/06/2009 - 18:42:20 | A | 0 Ko] - C:\autoexec.bat
[13/07/2009 - 23:37:05 | D] - C:\PerfLogs
[14/07/2009 - 01:53:55 | SHD] - C:\Documents and Settings
[13/01/2011 - 09:42:19 | D] - C:\Nobu_Icon
[13/01/2011 - 10:20:03 | D] - C:\VAIO Sample Contents
[13/01/2011 - 10:21:29 | D] - C:\Documentation
[13/01/2011 - 10:21:29 | D] - C:\_FS_SWRINFO
[03/03/2011 - 18:24:12 | D] - C:\Arquivos de Programas
[29/03/2011 - 18:36:27 | D] - C:\6f08f2f03ee3a803e5cc501394c02264
[31/10/2011 - 09:14:28 | D] - C:\PFiles
[25/01/2013 - 11:12:37 | D] - C:\Positivo
[21/07/2013 - 21:24:07 | D] - C:\FFOutput
[17/08/2013 - 10:05:47 | D] - C:\a6bb359a2ec7bc1465ae80d63a7faa
[10/10/2013 - 23:46:57 | D] - C:\d5c26c9f5b4198ae16422124be10
[29/04/2014 - 21:20:41 | RHD] - C:\MSOCache
[30/05/2014 - 22:06:51 | D] - C:\AdwCleaner
[31/05/2014 - 13:43:08 | D] - C:\Windows
[31/05/2014 - 13:54:27 | D] - C:\zoek_backup
[31/05/2014 - 13:54:29 | HD] - C:\ProgramData
[31/05/2014 - 14:51:54 | SHD] - C:\System Volume Information
[31/05/2014 - 15:06:37 | D] - C:\Program Files
[31/05/2014 - 15:07:30 | D] - C:\Users
[31/05/2014 - 15:46:47 | D] - C:\UsbFix

################## | Vaccin |

################## | E.O.F | [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] | [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] |

por **Power Max** Sáb 31 maio 2014, 16:02

Abra novamente o ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

por Ana.Gen Sáb 31 maio 2014, 16:13

~ Relatório do ZHPDiag v2014.5.30.78 - Nicolas Coolman (30/05/2014)
~ Iniciado por Ana Paula (31/05/2014 16:07:33)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão : Nova Versão disponivel
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program

---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17107
GCIE: Google Chrome v35.0.1916.114 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Starter, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK

---\\ Softwares de proteçao do sistema
Microsoft Security Client PT-BR Language Pack v2.1.1116.0
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Adobe Reader XI
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: x86 Family 20 Model 1 Stepping 0, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1642 MB (40% free)
System Restore: Activé (Enable)
System drive C: has 163 GB (35%) free of 457 GB

---\\ Modo de conexão ao sistema
~ Computer Name: ANAPAULA-VAIO
~ User Name: Ana Paula
~ All Users Names: Convidado, Ana Paula, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Ana Paula\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Ana Paula\AppData\Roaming\
~ %Desktop% : C:\Users\Ana Paula\Desktop\
~ %Favorites% : C:\Users\Ana Paula\Favorites\
~ %LocalAppData% : C:\Users\Ana Paula\AppData\Local\
~ %StartMenu% : C:\Users\Ana Paula\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 163 Go of 457 Go)

---\\ Estado do Centro de Segurança do Windows
~ Security Center: 38 Legitimates Filtered in 00mn 00s

---\\ Pesquisa particular de ficheiros genéricos
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 02:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.E4E829EE073E046B0EB19B5FECB19B8C] - (.Microsoft Corporation - Internet Extensions para Win32.) (.23/04/2014 - 09:58:18.) -- C:\Windows\System32\wininet.dll [1789440]
[MD5.998507B046BA314CE8245364C686FA67] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.04/03/2014 - 06:17:02.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 09:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/09/2013 - 21:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 05:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 05:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 06:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 05:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 05:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 09:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 01s

---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/20883
~ Mes musiques (My Musics) : 7/3170
~ Mes Videos (My Videos) : 1/165
~ Mes Favoris (My Favorites) : 1/25
~ Mes Documents (My Documents) : 5/16458
~ Mon Bureau (My Desktop) : 1/80
~ Menu demarrer (Programs) : 1/32
~ Hidden Files: Scanned in 00mn 34s

---\\ Processos lançados
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\system32\DllHost.exe [7168] [PID.2272]
[MD5.A60605FC66552B421EE1F3D4EBB9A4E0] - (.Sony Corporation - VAIO Event Service (Service Module).) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [217968] [PID.2168]
[MD5.1D702FFC1B8CDCF76FBCA7740CE510D8] - (.Sony Corporation - VAIO Event Service (Service Sub Module).) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe [120176] [PID.4312]
[MD5.110496CF8143FEA63B7A31DAD175829B] - (.Broadcom Corporation. - Bluetooth Support Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [656672] [PID.5180]
[MD5.1620FE36666F4BBC2314B7F360FB1965] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [860488] [PID.2532]
[MD5.6D652B06EB3916DC41A9DBBBC4EDEED1] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8020480] [PID.2884]
[MD5.CF87A1DE791347E75B98885214CED2B8] - (.Microsoft Corporation - Serviço da Plataforma de Proteção de Softwa.) -- C:\Windows\system32\sppsvc.exe [3179520] [PID.3060]
~ Processes Running: Scanned in 00mn 02s

---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Ana Paula\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 16 Legitimates Filtered in 00mn 04s

---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ IE Browser: 11 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SmartWiHelper] . (.Sony Electronics Corporation - SmartWi Helper.) -- C:\Program Files\Sony\SmartWi Connection Utility\SmartWiHelper.exe
O4 - HKLM\..\Run: [ISBMgr.exe] . (.Sony Corporation - No Comment.) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [PMBVolumeWatcher] . (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe =>.RealNetworks, Inc
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [EPSON L200 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGUL.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [HW_OPENEYE_OUC_VIVO INTERNET] . (.Huawei Technologies Co., Ltd. - Online Update Clinet.) -- C:\Program Files\VIVO INTERNET\UpdateDog\ouc.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1636494452-3879391945-2239487440-1001\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-1636494452-3879391945-2239487440-1001\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-1636494452-3879391945-2239487440-1001\..\Run: [EPSON L200 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGUL.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-1636494452-3879391945-2239487440-1001\..\Run: [HW_OPENEYE_OUC_VIVO INTERNET] . (.Huawei Technologies Co., Ltd. - Online Update Clinet.) -- C:\Program Files\VIVO INTERNET\UpdateDog\ouc.exe
O4 - HKUS\S-1-5-21-1636494452-3879391945-2239487440-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
~ Application: Scanned in 00mn 00s

---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBTTN~1.dll =>.Microsoft Corporation
O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} . (.Evernote Corporation - Web Clipper extension tool for IE.) -- C:\Program Files\Evernote\Evernote3.5\enbar.dll
~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2B9D5BB1-69F6-42DE-8DEC-B4FC56553C8C}: DhcpNameServer = 189.6.0.134 189.6.0.78 201.6.4.116
O17 - HKLM\System\CCS\Services\Tcpip\..\{D2ECE46A-C699-425D-A8AB-B5CB1D28B1B6}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2B9D5BB1-69F6-42DE-8DEC-B4FC56553C8C}: DhcpNameServer = 189.6.0.134 189.6.0.78 201.6.4.116
O17 - HKLM\System\CS1\Services\Tcpip\..\{D2ECE46A-C699-425D-A8AB-B5CB1D28B1B6}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{2B9D5BB1-69F6-42DE-8DEC-B4FC56553C8C}: DhcpNameServer = 189.6.0.134 189.6.0.78 201.6.4.116
O17 - HKLM\System\CS2\Services\Tcpip\..\{D2ECE46A-C699-425D-A8AB-B5CB1D28B1B6}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 189.6.0.134 189.6.0.78 201.6.4.116
~ Domain: Scanned in 00mn 00s

---\\ Protocolo adicional (018)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: HWDeviceService.exe (HWDeviceService.exe) . (.No owner - DCSHOST.) - C:\ProgramData\DatacardService\HWDeviceService.exe
~ Services: 14 Legitimates Filtered in 00mn 06s

---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [Java Update] (...) -- C:\Program Files\Java\jre6\bin\jusched.exe (.not file.) [0]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1058]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1062]
~ Scheduled Task: 23 Legitimates Filtered in 00mn 05s

---\\ Software instalados (042)
O42 - Logiciel: MEGA 4 - (.Sudhir Kumar et al..) [HKLM] -- {B185CA27-2F59-49C0-A043-42A98E723C8E}
O42 - Logiciel: Vivo - Guia Vivo Internet versão 1.0 - (.Vivo.) [HKLM] -- {C2E8B9C9-677A-46E6-AEC7-9435B5BCA765}_is1
O42 - Logiciel: Vivo 3G - (...) [HKLM] -- {93D34EE3-99B3-4DB1-8B0A-0A657466F90D}
~ Logic: 15 Legitimates Filtered in 00mn 00s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\KSS]
[HKLM\Software\Vivo 3G]
~ Key Software: 200 Legitimates Filtered in 00mn 00s

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 07/10/2011 - 09:14:18 - [] ----D C:\Program Files\MEGA 4
O43 - CFD: 28/12/2011 - 19:04:17 - [] ----D C:\Program Files\SupportInfo
O43 - CFD: 30/05/2013 - 22:16:57 - [] ----D C:\Program Files\Vivo
O43 - CFD: 04/01/2012 - 19:47:02 - [] ----D C:\Program Files\Vivo 3G
O43 - CFD: 30/05/2013 - 22:17:21 - [] ----D C:\Program Files\VIVO INTERNET
O43 - CFD: 29/05/2014 - 21:26:07 - [] ----D C:\Users\Ana Paula\AppData\Roaming\VIVO INTERNET
~ Program Folder: 161 Legitimates Filtered in 00mn 00s

---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.F3A715BB6BD5948383BDF92E50B57B71] - 21/05/2014 - 17:03:21 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [152288]
O44 - LFC:[MD5.A24A66E2F8EBF3B024FCCF00E614A7C5] - 21/05/2014 - 17:03:21 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [714556]
O44 - LFC:[MD5.9E78821B0E4BF59CFC4A6582DB5607AE] - 30/05/2014 - 18:39:17 ---A- . (...) -- C:\Windows\ntbtlog.txt [752660]
O44 - LFC:[MD5.0DC5AF80D059DEC792B665ED598C6567] - 30/05/2014 - 19:41:25 ---A- . (.SQLite Development Team - SQLite Dynamic Link Library (No TCL).) -- C:\Windows\System32\sqlite3.dll [536576]
O44 - LFC:[MD5.6CC414D757F8BA707DC8341D4ED8FF05] - 30/05/2014 - 21:58:04 ----- . (...) -- C:\zoek-results2014-05-31-005804.log [25784]
O44 - LFC:[MD5.9B897BB0DA77751C642087EB18A80639] - 31/05/2014 - 14:05:12 ----- . (...) -- C:\zoek-results2014-05-31-170512.log [15777]
O44 - LFC:[MD5.DFC83B07EC5E509B5A205DDAF86D253B] - 31/05/2014 - 14:41:08 ----- . (...) -- C:\zoek-results2014-05-31-174108.log [2283]
O44 - LFC:[MD5.A27DEACC74A7E363A90882F54FCB1CD9] - 31/05/2014 - 14:54:39 ----- . (...) -- C:\runcheck.txt [579]
O44 - LFC:[MD5.0487B4CF71688122158ABB38F5BC20A2] - 31/05/2014 - 14:54:39 ----- . (...) -- C:\zoek-results.log [1185]
~ Files: 50 Legitimates Filtered in 00mn 09s

---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s

---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:08/10/2010 - 16:55:06 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\Drivers\ewdcsc.sys [25856]
O58 - SDL:13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:06/08/2010 - 07:42:34 ---A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\Drivers\mod7700.sys [861696]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 100 Legitimates Filtered in 00mn 20s

---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: UsbFix - (.El Desaparecido - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s

---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.C8C690CDBFE10506BB28F4B60E67632C] [SPRF][13/05/2011] (...) -- C:\ProgramData\ezsidmv.dat [56]
[MD5.9EC73884D7D7BFEC9EED7EAF3122A0BE] [SPRF][30/05/2014] (...) -- C:\Users\Ana Paula\Desktop\AdwCleaner.exe [1327971]
~ Files: 2 Legitimates Filtered in 00mn 01s

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 18/03/2010 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SS - | Auto 18/12/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 16/05/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 03/12/2010 176128 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SS - | Auto 18/11/2010 284160 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
SS - | Auto 17/06/2010 140224 | (AMD Reservation Manager) . (.Advanced Micro Devices.) - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
SS - | Auto 01/08/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 01/08/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Auto 14/03/2011 271712 | (HWDeviceService.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService.exe
SS - | Auto 26/11/2010 398176 | (PMBDeviceInfoProvider) . (.Sony Corporation.) - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
SS - | Auto 14/08/2013 39056 | (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
SS - | Auto 12/08/2010 187792 | (SampleCollector) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Demand 10/09/2010 108400 | (SOHCImp) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHCImp.exe
SS - | Demand 12/10/2010 423280 | (SOHDms) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe
SS - | Demand 10/09/2010 67952 | (SOHDs) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDs.exe
SS - | Demand 27/09/2010 222464 | (SpfService) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe
SS - | Auto 18/09/2008 104960 | (uCamMonitor) . (.ArcSoft, Inc..) - C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
SS - | Auto 27/09/2010 864000 | (VCFw) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
SS - | Demand 25/10/2010 549168 | (VcmIAlzMgr) . (.Sony Corporation.) - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
SS - | Demand 25/10/2010 387896 | (VcmINSMgr) . (.Sony Corporation.) - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
SS - | Demand 25/10/2010 84256 | (VcmXmlIfHelper) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
SS - | Demand 31/05/2010 746864 | (VUAgent) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
SR - | Auto 29/07/2010 656672 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SR - | Auto 31/05/2010 217968 | (VAIO Event Service) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
SR - | Auto 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 23s

---\\ Scâner Aditional (088)
Database Version : 13026 - (30/05/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

~ Additionnel Scan: 261357 Items scanned in 00mn 31s

~ 802 Legitimates filtered by white list
End of the scan (384 lines in 03mn 23s)(0)

por **Power Max** Sáb 31 maio 2014, 16:28

Selecione e copie todo o texto destacado em vermelho que te passei (começando em script zhpfix e indo até emptyclsid)
_____________________________________________________________________________________________________________

ANTIVIRUS - Não consigo desinstalar o Baidu Antivirus 772309

Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta e nos diga como está seu PC depois disto.

por Ana.Gen Sáb 31 maio 2014, 16:32

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Ana Paula at 31/05/2014 16:31:20
High Elevated Privileges : OK
Windows 7 Starter Edition, 32-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 11s)

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ Temporários windows (1) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: Java Update

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Recapitulativo ==========
1 : Pastas
2 : Ficheiros
1 : Tarefa planificada
1 : Restauração Sistema

End of clean in 00mn 42s

========== Caminho do ficheiro do relatório ==========
C:\Users\Ana Paula\AppData\Roaming\ZHP\ZHPFix[R1].txt - 31/05/2014 15:53:06 [1566]
C:\Users\Ana Paula\AppData\Roaming\ZHP\ZHPFix[R2].txt - 31/05/2014 16:31:32 [912]

por **Power Max** Sáb 31 maio 2014, 16:36

Como está o computador?

por Ana.Gen Sáb 31 maio 2014, 16:59

Oi Power Max!!!
O computador está muuuuuito melhor!! Mais rápido e consegui instalar o antivirus sem problemas!!!
Mil vezes obrigada!!! Vocês são incríveis!! ;*

por **Power Max** Sáb 31 maio 2014, 17:06

Fico feliz que o problema tenha sido resolvido.

ANTIVIRUS - Não consigo desinstalar o Baidu Antivirus 772309

Só para finalizar siga estes tutoriais abaixo, por gentileza:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________

ANTIVIRUS - Não consigo desinstalar o Baidu Antivirus 772309

Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].
_______________________________________________________________________________________________________________________

ANTIVIRUS - Não consigo desinstalar o Baidu Antivirus 648673379

Foi um prazer ajudar. Conte sempre conosco!

por **Power Max** Sáb 31 maio 2014, 18:08

CASO RESOLVIDO

Caso a autora do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.

por Conteúdo patrocinado

Não consigo desinstalar o Baidu Antivirus

Não consigo desinstalar o Baidu Antivirus

Re: Não consigo desinstalar o Baidu Antivirus

Re: Não consigo desinstalar o Baidu Antivirus

Re: Não consigo desinstalar o Baidu Antivirus

Re: Não consigo desinstalar o Baidu Antivirus

Re: Não consigo desinstalar o Baidu Antivirus

Re: Não consigo desinstalar o Baidu Antivirus

Re: Não consigo desinstalar o Baidu Antivirus

Re: Não consigo desinstalar o Baidu Antivirus

Re: Não consigo desinstalar o Baidu Antivirus

Re: Não consigo desinstalar o Baidu Antivirus

Re: Não consigo desinstalar o Baidu Antivirus

Re: Não consigo desinstalar o Baidu Antivirus

Re: Não consigo desinstalar o Baidu Antivirus

Re: Não consigo desinstalar o Baidu Antivirus

Re: Não consigo desinstalar o Baidu Antivirus

Re: Não consigo desinstalar o Baidu Antivirus

Re: Não consigo desinstalar o Baidu Antivirus

Re: Não consigo desinstalar o Baidu Antivirus

Re: Não consigo desinstalar o Baidu Antivirus

Re: Não consigo desinstalar o Baidu Antivirus

Re: Não consigo desinstalar o Baidu Antivirus

Re: Não consigo desinstalar o Baidu Antivirus

Re: Não consigo desinstalar o Baidu Antivirus

Re: Não consigo desinstalar o Baidu Antivirus

Re: Não consigo desinstalar o Baidu Antivirus

Seg	Ter	Qua	Qui	Sex	Sáb	Dom
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30