Re: Problemas com Baidu Antivírus

por **Power Max** Sex 20 Jun 2014, 17:33

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

por gersonmora Sex 20 Jun 2014, 21:28

Segue último relatório:

Zoek.exe v5.0.0.0 Updated 21-05-2014
Tool run by Gerson on 20/06/2014 at 21:20:31,14.
Microsoft Windows 8 Single Language 6.2.9200 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Gerson\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-20-160007.log 54358 bytes
C:\zoek-results2014-06-20-171028.log 1098465 bytes

==== System Restore Info ======================

20/06/2014 21:21:09 Zoek.exe System Restore Point Created Succesfully.

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu Antivirus"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayIcon"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"UninstallString"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"URLInfoAbout"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"Publisher"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"InstallDir"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BAVSvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BAVSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BHipsSvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BHipsSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BAVSvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BAVSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsSvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect]
[-HKEY_USERS\S-1-5-21-1142106890-189007607-1029277635-1001\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-1142106890-189007607-1029277635-1001\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-1142106890-189007607-1029277635-1001\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-1142106890-189007607-1029277635-1001\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-21-1142106890-189007607-1029277635-1001\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-21-1142106890-189007607-1029277635-1001\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[HKEY_USERS\S-1-5-21-1142106890-189007607-1029277635-1001\Software\Baidu Security\PC Faster]
"C:\\Users\\Gerson\\Desktop\\topg gar\\Top_Gear_-_[18x08]_-_2012_10_29_-_50_Years_of_Bond_Cars_[720p_x264_by_FoV].exe"=-
"C:\\Program Files (x86)\\Baidu-Security-2014-4.4.4.73687\\Baidu Antivirus\\Uninstall.exe"=-

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\Baidu-Security-2014-4.4.4.73687 not found
C:\Program Files (x86)\Baidu-Security-2014-4.4.4.73687\Baidu Antivirus not found
C:\ProgramData\Baidu deleted

==== Registry Search Results for "Baidu" ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_USERS\.DEFAULT\Software\Baidu]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BHipsSvc.exe]

[HKEY_USERS\S-1-5-21-1142106890-189007607-1029277635-1001\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-1142106890-189007607-1029277635-1001\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-21-1142106890-189007607-1029277635-1001\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-21-1142106890-189007607-1029277635-1001\Software\Baidu Security\PC Faster]

"C:\\Users\\Gerson\\Desktop\\topg gar\\Top_Gear_-_[18x08]_-_2012_10_29_-_50_Years_of_Bond_Cars_[720p_x264_by_FoV].exe"=hex:53,\
"C:\\Program Files (x86)\\Baidu-Security-2014-4.4.4.73687\\Baidu Antivirus\\Uninstall.exe"=hex:53,\

[HKEY_USERS\S-1-5-18\Software\Baidu]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BHipsSvc.exe]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=3889 folders=578 209361642 bytes)

==== EOF on 20/06/2014 at 21:22:44,24 ======================

por **Power Max** Sex 20 Jun 2014, 21:56

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

por gersonmora Sex 20 Jun 2014, 22:03

As duas últimas varreduras já não reinicializaram o computador.
Devo reiniciar manualmente a cada vez?
Segue relatório:

Zoek.exe v5.0.0.0 Updated 21-05-2014
Tool run by Gerson on 20/06/2014 at 21:59:26,76.
Microsoft Windows 8 Single Language 6.2.9200 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Gerson\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-20-160007.log 54358 bytes
C:\zoek-results2014-06-20-171028.log 1098465 bytes
C:\zoek-results2014-06-21-002244.log 6741 bytes

==== System Restore Info ======================

20/06/2014 22:00:07 Zoek.exe System Restore Point Created Succesfully.

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[-HKEY_USERS\.DEFAULT\Software\Baidu]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BHipsSvc.exe]
[-HKEY_USERS\S-1-5-21-1142106890-189007607-1029277635-1001\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-1142106890-189007607-1029277635-1001\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-1142106890-189007607-1029277635-1001\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-1142106890-189007607-1029277635-1001\Software\Baidu Security\PC Faster]
"C:\\Users\\Gerson\\Desktop\\topg gar\\Top_Gear_-_[18x08]_-_2012_10_29_-_50_Years_of_Bond_Cars_[720p_x264_by_FoV].exe"=-
"C:\\Program Files (x86)\\Baidu-Security-2014-4.4.4.73687\\Baidu Antivirus\\Uninstall.exe"=-
[-HKEY_USERS\S-1-5-18\Software\Baidu]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BHipsSvc.exe]

==== Registry Search Results for "Baidu" ======================

[HKEY_USERS\S-1-5-21-1142106890-189007607-1029277635-1001\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-1142106890-189007607-1029277635-1001\Software\Baidu Security\PC Faster]

"C:\\Users\\Gerson\\Desktop\\topg gar\\Top_Gear_-_[18x08]_-_2012_10_29_-_50_Years_of_Bond_Cars_[720p_x264_by_FoV].exe"=hex:53,\
"C:\\Program Files (x86)\\Baidu-Security-2014-4.4.4.73687\\Baidu Antivirus\\Uninstall.exe"=hex:53,\

==== C:\zoek_backup content ======================

C:\zoek_backup (files=3889 folders=578 209361642 bytes)

==== EOF on 20/06/2014 at 22:01:26,80 ======================

por **Power Max** Sex 20 Jun 2014, 22:11

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

por gersonmora Sex 20 Jun 2014, 22:17

Sgue

Zoek.exe v5.0.0.0 Updated 21-05-2014
Tool run by Gerson on 20/06/2014 at 22:14:30,80.
Microsoft Windows 8 Single Language 6.2.9200 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Gerson\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-20-160007.log 54358 bytes
C:\zoek-results2014-06-20-171028.log 1098465 bytes
C:\zoek-results2014-06-21-002244.log 6741 bytes
C:\zoek-results2014-06-21-010126.log 2626 bytes

==== System Restore Info ======================

20/06/2014 22:15:24 Zoek.exe System Restore Point Created Succesfully.

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_USERS\S-1-5-21-1142106890-189007607-1029277635-1001\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-1142106890-189007607-1029277635-1001\Software\Baidu Security\PC Faster]
"C:\\Users\\Gerson\\Desktop\\topg gar\\Top_Gear_-_[18x08]_-_2012_10_29_-_50_Years_of_Bond_Cars_[720p_x264_by_FoV].exe"=-
"C:\\Program Files (x86)\\Baidu-Security-2014-4.4.4.73687\\Baidu Antivirus\\Uninstall.exe"=-
[-HKEY_USERS\S-1-5-21-1142106890-189007607-1029277635-1001\Software\Baidu Security\PC Faster]

==== Registry Search Results for "Baidu" ======================

[HKEY_USERS\S-1-5-21-1142106890-189007607-1029277635-1001\Software\Baidu Security]

"C:\\Users\\Gerson\\Desktop\\topg gar\\Top_Gear_-_[18x08]_-_2012_10_29_-_50_Years_of_Bond_Cars_[720p_x264_by_FoV].exe"=hex:53,\
"C:\\Program Files (x86)\\Baidu-Security-2014-4.4.4.73687\\Baidu Antivirus\\Uninstall.exe"=hex:53,\

==== C:\zoek_backup content ======================

C:\zoek_backup (files=3889 folders=578 209361642 bytes)

==== EOF on 20/06/2014 at 22:16:04,64 ======================

por **Power Max** Sex 20 Jun 2014, 22:26

ANTIVIRUS - Problemas com Baidu Antivírus - Página 2 772309

Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

por gersonmora Sex 20 Jun 2014, 22:42

~ Relatório do ZHPDiag v2014.6.19.94 - Nicolas Coolman (19/06/2014)
~ Iniciado por Gerson (20/06/2014 22:40:01)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão : Nova Versão disponivel
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program

---\\ Navegadores Internet
MSIE: Internet Explorer v10.0.9200.16921
GCIE: Google Chrome v35.0.1916.153 (Defaut)
OBIE: Wacom WebTabletPlugin for Netscape v1.1.0.5

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8 Single Language, 64-bit (Build 9200)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
McAfee Internet Security v12.8.958
Windows Defender W8 (Deactivate)

---\\ Softwares d'optimização do sistema
CCleaner v4.14

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 9 ActiveX
Java 7 Update 60

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 69 Stepping 1, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 16265 MB (85% free)
System Restore: Activé (Enable)
System drive C: has 609 GB (65%) free of 930 GB

---\\ Modo de conexão ao sistema
~ Computer Name: MANÁ-DELL2
~ User Name: Gerson
~ All Users Names: Gerson, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Gerson\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Gerson\AppData\Roaming\
~ %Desktop% : C:\Users\Gerson\Desktop\
~ %Favorites% : C:\Users\Gerson\Favorites\
~ %LocalAppData% : C:\Users\Gerson\AppData\Local\
~ %StartMenu% : C:\Users\Gerson\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 609 Go of 930 Go)
D: CD-ROM drive (Not Inserted)

---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s

---\\ Pesquisa particular de ficheiros genéricos
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Windows Explorer.) (.25/10/2013 - 07:52:53.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.26/07/2012 - 00:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.73AB92A1AA104EAF08B7AEA27B10C5CD] - (.Microsoft Corporation - Internet Extensions para Win32.) (.23/05/2014 - 23:47:54.) -- C:\Windows\System32\wininet.dll [2239488]
[MD5.75DD70A14145499C9F7D903CF9A8C91B] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.12/04/2014 - 06:10:31.) -- C:\Windows\System32\Winlogon.exe [578048]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.26/07/2012 - 00:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.7C0E0EDF18D6CC565D7BFBB451709FA5] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.04/09/2013 - 00:11:23.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 02:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.25/07/2012 - 23:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.25/07/2012 - 23:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.431141C6859990824D17F71C30A78728] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.15/01/2014 - 20:42:58.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.3865C4E388B31940C8BB9F73D9738E93] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.08/02/2014 - 01:34:16.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Driver de porta i8042.) (.25/07/2012 - 23:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.25/07/2012 - 23:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.7A761AEE58658378BBA45D360F874CB0] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.26/02/2014 - 20:18:55.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.25/07/2012 - 23:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.27/01/2014 - 00:39:40.) -- C:\Windows\system32\Drivers\ntfs.sys [1939288]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Driver de porta paralela.) (.25/07/2012 - 23:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.25/07/2012 - 23:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.25/07/2012 - 23:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 02:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.25/10/2013 - 07:52:53.) -- C:\Windows\system32\Drivers\volsnap.sys [327936]
~ Generic Processes: Scanned in 00mn 00s

---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/2
~ Mes musiques (My Musics) : 1/3
~ Mes Favoris (My Favorites) : 1/37
~ Mes Documents (My Documents) : 1/26
~ Mon Bureau (My Desktop) : 1/1662
~ Menu demarrer (Programs) : 1/33
~ Hidden Files: Scanned in 00mn 00s

---\\ Processos lançados
[MD5.349AB4F70E2AC44970894E7F03E1576E] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) -- C:\ProgramData\DatacardService\DCSHelper.exe [236384] [PID.3848]
[MD5.DB314CFF0FB931BEEF9AA53B4DBABDC5] - (.Microsoft Corporation - Touch Keyboard and Handwriting Panel Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe [21064] [PID.3312]
[MD5.139C3E683C64935D397A3A656D443E29] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928] [PID.4436]
[MD5.F419E9A607B79DAB0AC93119016E8342] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136] [PID.5636]
[MD5.581D8AD206E0DE14DB6B76884E144AF5] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704] [PID.5948]
[MD5.BB6ECFA1410FAF93A9DC762E8214D115] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [770736] [PID.6240]
[MD5.CBE988F2111B0FC033E00CEA7ADF9C85] - (.Adobe Systems Incorporated - Adobe Acrobat 8.0.) -- C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe [349808] [PID.3004]
[MD5.6101A08505E45E1230A67FB8E32A707F] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8070656] [PID.7284]
~ Processes Running: Scanned in 00mn 00s

---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- C:\Program Files\mcafee\msc\npMcSnFFPl64.dll
~ Firefox Browser: 1 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
~ IE Browser: 17 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

---\\ Browser Helper Objects do navegador (02)
O2 - BHO: CompSegIB [64Bits] - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Banco Bradesco S.A. - scpsssh2 Module.) -- C:\Program Files (x86)\Scpad\scpsssh2.dll
~ BHO: 6 Legitimates Filtered in 00mn 00s

---\\ Barras do Internet Explorer (03))
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{47833539-D0C5-4125-9FA8-0819E2EAAC93} Chave orfã
~ Toolbar: Scanned in 00mn 00s

---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [RtHDVBg_PushButton] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickSet] . (.Dell Inc. - QuickSet.) -- c:\Program Files\Dell\QuickSet\QuickSet.exe
O4 - HKLM\..\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKCU\..\Run: [HW_OPENEYE_OUC_Claro] C:\Program Files (x86)\Claro\UpdateDog\ouc.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [mcpltui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Wow6432Node\Run: [Acrobat Assistant 8.0] . (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\policies\Explorer\Run: [BtvStack] . (.Atheros Communications - Bluetooth Stack Server.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
O4 - HKUS\S-1-5-21-1142106890-189007607-1029277635-1001\..\Run: [HW_OPENEYE_OUC_Claro] C:\Program Files (x86)\Claro\UpdateDog\ouc.exe (.not file.)
~ Application: Scanned in 00mn 00s

---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Send by Bluetooth to [64Bits] - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Chave orfã
~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{19E56F96-C1D3-4821-8907-1EF0D47BF997}: NameServer = 200.169.119.222 200.169.119.221
O17 - HKLM\System\CCS\Services\Tcpip\..\{84E63E3D-E11C-487E-A8F5-A12A2F359770}: DhcpNameServer = 10.42.0.251 10.42.0.252
O17 - HKLM\System\CCS\Services\Tcpip\..\{A524871E-AC26-48F4-8150-895B5AF8F62E}: DhcpNameServer = 192.168.25.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{84E63E3D-E11C-487E-A8F5-A12A2F359770}: DhcpDomain = vcp.amer.dell.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{19E56F96-C1D3-4821-8907-1EF0D47BF997}: NameServer = 200.169.119.222 200.169.119.221
O17 - HKLM\System\CS1\Services\Tcpip\..\{84E63E3D-E11C-487E-A8F5-A12A2F359770}: DhcpNameServer = 10.42.0.251 10.42.0.252
O17 - HKLM\System\CS1\Services\Tcpip\..\{A524871E-AC26-48F4-8150-895B5AF8F62E}: DhcpNameServer = 192.168.25.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{84E63E3D-E11C-487E-A8F5-A12A2F359770}: DhcpDomain = vcp.amer.dell.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.25.1
~ Domain: Scanned in 00mn 00s

---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s

---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: DAZ Content Management Service (DAZContentManagementService) . (...) - C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
O23 - Service: HWDeviceService64.exe (HWDeviceService64.exe) . (.No owner - DCSHOST.) - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: scpVista (scpVista) . (.Banco Bradesco S.A. - scpVista.) - C:\Program Files (x86)\Scpad\scpVista.exe
~ Services: 28 Legitimates Filtered in 00mn 03s

---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [{92BE63F3-2F6A-439D-B050-72469DDCEE18}] (...) -- C:\Users\Gerson\AppData\Roaming\webssearches\UninstallManager.exe (.not file.) [0] =>Hijacker.WebsSearches
[MD5.00000000000000000000000000000000] [APT] [{BC1DFB6A-29A4-44A4-945A-0C83D0CADF4F}] (...) -- C:\Program Files (x86)\Baidu-Security-2014-4.4.4.73687\Baidu Antivirus\Uninstall.exe (.not file.) [0]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1086]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1090]
~ Scheduled Task: 10 Legitimates Filtered in 00mn 02s

---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (Bnbase) . (.Baidu, Inc. - Baidu Antivirus NetBase Driver.) - C:\Windows\System32\drivers\bnbasex64.sys
~ Drivers: 38 Legitimates Filtered in 00mn 00s

---\\ Software instalados (042)
O42 - Logiciel: Remove on Reboot Shell Extension - (.BJB, Inc..) [HKLM][64Bits] -- Remove on Reboot Shell Extension_is1
~ Logic: 25 Legitimates Filtered in 00mn 00s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\Baidu Security]
[HKLM\Software\Baidu Security]
~ Key Software: 250 Legitimates Filtered in 00mn 00s

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 20/06/2014 - 01:38:21 - [] ----D C:\Program Files (x86)\Remove on Reboot
O43 - CFD: 09/06/2014 - 12:28:09 - [] ----D C:\Program Files (x86)\Scpad
~ Program Folder: 136 Legitimates Filtered in 00mn 00s

---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.93E7FA131B9AF0AF62D112AB19D31264] - 07/06/2014 - 18:34:45 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [387268]
O44 - LFC:[MD5.81D27D8A16176D37FA0B8464D2493CDC] - 12/06/2014 - 23:11:05 ---A- . (.Baidu, Inc. - Baidu Antivirus NetDefense Driver.) -- C:\Windows\System32\Drivers\bndef64.sys [70912]
O44 - LFC:[MD5.AF020BE6B7091E9A99C6D927AA406C93] - 13/06/2014 - 07:03:37 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [144960]
O44 - LFC:[MD5.800B9D5A64C2DFD1BE2445A1DFF58D95] - 19/06/2014 - 20:10:30 ---A- . (.Baidu, Inc. - Baidu Antivirus NetBase Driver.) -- C:\Windows\System32\Drivers\bnbasex64.sys [91616]
O44 - LFC:[MD5.D4A1358D1B27EACEDC010D40DC3F0622] - 19/06/2014 - 20:10:31 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [56640]
O44 - LFC:[MD5.1F8BFB887B0CB018BF39DE01A2DF8760] - 19/06/2014 - 20:10:37 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [37696]
O44 - LFC:[MD5.7D0E26CD2951BFF174212F7C7DC0F0C8] - 20/06/2014 - 13:00:07 ---A- . (...) -- C:\zoek-results2014-06-20-160007.log [54358]
O44 - LFC:[MD5.1E1C132FB279A5534C95648696C90D8C] - 20/06/2014 - 14:10:28 ---A- . (...) -- C:\zoek-results2014-06-20-171028.log [1098465]
O44 - LFC:[MD5.6BB8628762CCE2FEA899594E8515968E] - 20/06/2014 - 21:22:44 ---A- . (...) -- C:\zoek-results2014-06-21-002244.log [6741]
O44 - LFC:[MD5.D83F234C709E29339F289B422A509450] - 20/06/2014 - 22:01:26 ---A- . (...) -- C:\zoek-results2014-06-21-010126.log [2626]
O44 - LFC:[MD5.0D81B1EC59725FD32CCED931F908A4FA] - 20/06/2014 - 22:10:40 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [155144]
O44 - LFC:[MD5.FFC16E790499E32F3B5A16CF7A4F2AC3] - 20/06/2014 - 22:10:40 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [763854]
O44 - LFC:[MD5.CB5F224F4767615188C1806B38D82AD5] - 20/06/2014 - 22:16:04 ---A- . (...) -- C:\zoek-results.log [1793]
~ Files: 99 Legitimates Filtered in 00mn 01s

---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{1caecf18-91f7-11e3-be72-3c77e6b4be9c}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{1caecfb1-91f7-11e3-be72-3c77e6b4be9c}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{7df8dca7-52fb-11e3-be71-a41f72f63f66}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{7df8dcf0-52fb-11e3-be71-a41f72f63f66}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{a39ac4cd-5d4c-11e3-be72-3c77e6b4be9c}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
~ Keys: Scanned in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableCAD"=1
~ MWPS: 22 Legitimates Filtered in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s

---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:27/05/2014 - 03:19:38 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [56640]
O58 - SDL:27/05/2014 - 03:19:38 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [37696]
O58 - SDL:27/05/2014 - 03:19:38 ---A- . (.Baidu, Inc. - Baidu Antivirus NetBase Driver.) -- C:\Windows\System32\Drivers\bnbasex64.sys [91616]
O58 - SDL:12/06/2014 - 23:11:05 ---A- . (.Baidu, Inc. - Baidu Antivirus NetDefense Driver.) -- C:\Windows\System32\Drivers\bndef64.sys [70912]
O58 - SDL:13/06/2014 - 07:03:37 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [144960]
O58 - SDL:19/10/2012 - 04:52:32 ---A- . (.Windows (R) Win 7 DDK provider - IEEE-1284.4-1999 Driver.) -- C:\Windows\System32\Drivers\Dot4.sys [151968]
O58 - SDL:19/10/2012 - 04:52:30 ---A- . (.Windows (R) Win 7 DDK provider - IEEE-1284.4 Print Class Driver.) -- C:\Windows\System32\Drivers\Dot4Prt.sys [27040]
O58 - SDL:08/10/2010 - 15:59:40 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\Drivers\ewdcsc.sys [32768]
O58 - SDL:06/08/2010 - 06:43:20 ---A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\Drivers\mod7700.sys [1001472]
O58 - SDL:26/07/2012 - 02:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [30960]
~ Drivers: 89 Legitimates Filtered in 00mn 00s

---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s

---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.352E8561E633B17ED22012366721FFDC] [SPRF][20/06/2014] (...) -- C:\Users\Gerson\Desktop\zoek.exe [1285120]
~ Files: 3 Legitimates Filtered in 00mn 00s

---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "BD04C21DD7DC68D42958E5F22E63394E" . (.SupraSavings.) -- c:\Windows\Installer\{D12C40DB-CD7D-4D86-9285-5E2FE23693E4}\icon64.ico =>PUP.SupraSavings
~ Update Products: 1 Legitimates Filtered in 00mn 00s

---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.9A5263D3C011F34BFA10C5458CF27197] [WIS][19/06/2014] (.SupraSavings - SupraSavings.) -- C:\Windows\Installer\248a1b6f.msi [4997120] =>PUP.SupraSavings
~ WIS: 1 Legitimates Filtered in 00mn 00s

---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASAPI32 =>Hijacker.TornTV
HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASMANCS =>Hijacker.TornTV
~ BTK: 57 Legitimates Filtered in 00mn 00s

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 14/05/2013 279024 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 21/11/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 21/11/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 11/05/2013 822232 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SS - | Demand 21/12/2012 334760 | (McAWFwk) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe
SS - | Demand 02/08/2013 602944 | (McODS) . (.McAfee, Inc..) - C:\Program Files\mcafee\VirusScan\mcods.exe
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 18/11/2009 98208 | (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
SR - | Auto 05/05/2013 241152 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 28/02/2013 227968 | (AtherosSvc) . (.Qualcomm Atheros Commnucations.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
SR - | Auto 20/11/2013 79360 | (Autodesk Licensing Service) . (.Autodesk.) - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
SR - | Auto 28/02/2006 229376 | (Bonjour Service) . (.Apple Computer, Inc..) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
SR - | Auto 05/05/2011 22528 | (DAZContentManagementService) . (...) - C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
SR - | Demand 20/11/2013 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SR - | Auto 30/07/2013 328928 | (HomeNetSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 14/03/2011 346976 | (HWDeviceService64.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService64.exe
SR - | Auto 30/04/2013 15344 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 11/05/2013 733696 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - c:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 01/06/2013 169432 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 01/06/2013 368600 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 25/04/2014 178528 | (McAPExe) . (.McAfee, Inc..) - C:\Program Files\McAfee\MSC\McAPexe.exe
SR - | Auto 30/07/2013 328928 | (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 328928 | (McOobeSv2) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 328928 | (mcpltsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 328928 | (McProxy) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
SR - | Auto 18/03/2014 1041192 | (mfecore) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
SR - | Auto 03/04/2014 219752 | (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
SR - | Auto 03/04/2014 189912 | (mfevtp) . (.McAfee, Inc..) - C:\Windows\system32\mfevtps.exe
SR - | Auto 09/03/2008 65536 | (mi-raysat_3dsMax2009_64) . (...) - C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_64server.exe
SR - | Auto 24/04/2012 254512 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
SR - | Auto 18/05/2013 245832 | (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
SR - | Auto 24/10/2012 360624 | (scpVista) . (.Banco Bradesco S.A..) - C:\Program Files (x86)\Scpad\scpVista.exe
SR - | Auto 13/10/2010 5790064 | (TabletServicePen) . (.Wacom Technology, Corp..) - C:\Program Files\Tablet\Pen\Pen_Tablet.exe
SR - | Auto 13/10/2010 487280 | (TouchServicePen) . (.Wacom Technology, Corp..) - C:\Program Files\Tablet\Pen\Pen_TouchService.exe
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 02/03/2013 81536 | (ZAtheros Wlan Agent) . (.Atheros.) - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
~ Services: Scanned in 00mn 05s

---\\ Scâner Aditional (088)
Database Version : 13026 - (19/06/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1

C:\Windows\Installer\248a1b6f.msi =>PUP.SupraSavings^
~ Additionnel Scan: 331393 Items scanned in 00mn 15s

---\\ Informações complémentaires do módulos
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Internet Explorer, Gestão do Proxy (R5)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Browser Helper Objects do navegador (02)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Barras do Internet Explorer (03))
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Aplicações iniciadas por registo & pastas (04)
~ AMI: 4 Legitimates Filtered in 00mn 00s

---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.WebsSearches
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SupraSavings
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.TornTV
~ MSI: 3 link(s) detected in 00mn 00s

~ 675 Legitimates filtered by white list
End of the scan (452 lines in 00mn 35s)(0)

por **Power Max** Sex 20 Jun 2014, 23:29

Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC.
_____________________________________________________________________________________

ANTIVIRUS - Problemas com Baidu Antivírus - Página 2 772309

Faça o download do Usbfix [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (ao acessar a página clique no botão representado nesta imagem (na parte inferior direita da página) para baixá-lo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Utilize o USBFix conforme é mostrado nesta postagem:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
______________________________________________________________________________________________________

ANTIVIRUS - Problemas com Baidu Antivírus - Página 2 772309

Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

ANTIVIRUS - Problemas com Baidu Antivírus - Página 2 772309

Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta juntamente com o log (relatório) do Usbfix que estará em C:\UsbFix.txt

por gersonmora Sáb 21 Jun 2014, 11:15

############################## | UsbFix V 7.171 | [Limpar]

Usuário: Gerson (Administrador) # MANÁ-DELL2
Atualizado em 09/06/2014 por El Desaparecido - SosVirus
Começou em 10:44:55 | 21/06/2014

Site : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Changelog : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Asistencia : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Upload Malware : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Contato : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

PC: Dell Inc. (02T8TW)
CPU: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
RAM -> [Total : 16265 Mo| Free : 14082 Mo]
Bios: Dell Inc.
Boot: Normal boot

OS: Microsoft Windows 8 Single Language (6.2.9200 64-Bit)
WB: Windows Internet Explorer : 10.0.9200.16921
WB: Google Chrome : 35.0.1916.153

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: McAfee Anti-Virus and Anti-Spyware [(!) Disabled | Updated]
AV: Windows Defender [(!) Disabled | Updated]
AS: McAfee Anti-Virus and Anti-Spyware [(!) Disabled | Updated]
AS: Windows Defender [(!) Disabled | Updated]
FW: Windows FireWall [(!) Disabled]

C:\ (%SystemDrive%) -> Disco fixo # 930 Gb (609 Mb livre - 65%) [OS] # NTFS
D:\ -> CD-ROM

################## | Processos parados |

C:\Windows\System32\atiesrxx.exe (ID: 384|ParentID: 820)
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (ID: 1244|ParentID: 820)
C:\Program Files\Tablet\Pen\Pen_TouchService.exe (ID: 1428|ParentID: 820)
C:\Windows\System32\spoolsv.exe (ID: 1904|ParentID: 820)
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (ID: 2040|ParentID: 820|SISTEMA)
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe (ID: 876|ParentID: 820|SISTEMA)
C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe (ID: 1208|ParentID: 820|SISTEMA)
C:\Program Files (x86)\Bonjour\mDNSResponder.exe (ID: 1560|ParentID: 820|SISTEMA)
C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe (ID: 1836|ParentID: 820|SISTEMA)
C:\ProgramData\DatacardService\HWDeviceService64.exe (ID: 1452|ParentID: 820|SISTEMA)
C:\Windows\System32\dasHost.exe (ID: 2060|ParentID: 1104|SERVIÇO LOCAL)
C:\Program Files\Intel\iCLS Client\HeciServer.exe (ID: 2100|ParentID: 820|SISTEMA)
C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_64server.exe (ID: 2196|ParentID: 820|SISTEMA)
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (ID: 2252|ParentID: 820|SISTEMA)
C:\Program Files (x86)\Scpad\scpVista.exe (ID: 2312|ParentID: 820|SISTEMA)
C:\Program Files\Tablet\Pen\Pen_Tablet.exe (ID: 2364|ParentID: 820|SISTEMA)
C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe (ID: 2448|ParentID: 820|SISTEMA)
C:\Windows\System32\SearchIndexer.exe (ID: 3560|ParentID: 820|SISTEMA)
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (ID: 5288|ParentID: 820|SISTEMA)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (ID: 4984|ParentID: 820|SISTEMA)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 4468|ParentID: 820|SISTEMA)
C:\Windows\System32\taskhost.exe (ID: 7008|ParentID: 820|SERVIÇO LOCAL)
C:\Windows\System32\taskhostex.exe (ID: 6152|ParentID: 820|Gerson)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (ID: 3580|ParentID: 820|Gerson)
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (ID: 7224|ParentID: 1244|SISTEMA)
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (ID: 7680|ParentID: 1244|SISTEMA)
C:\Windows\explorer.exe (ID: 1680|ParentID: 7876|Gerson)
C:\Program Files\Tablet\Pen\Pen_TouchUser.exe (ID: 9684|ParentID: 1428|Gerson)
C:\Program Files\Tablet\Pen\Pen_TabletUser.exe (ID: 11136|ParentID: 2364|Gerson)
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe (ID: 8336|ParentID: 932|Gerson)
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe (ID: 4364|ParentID: 1104|Gerson)
C:\Program Files\Tablet\Pen\Pen_Tablet.exe (ID: 9812|ParentID: 2364|SISTEMA)
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (ID: 9976|ParentID: 10184|Gerson)
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe (ID: 11212|ParentID: 1680|Gerson)
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (ID: 11004|ParentID: 1680|Gerson)
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (ID: 6968|ParentID: 1680|Gerson)
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (ID: 10628|ParentID: 1680|Gerson)
C:\Windows\System32\igfxtray.exe (ID: 6396|ParentID: 1680|Gerson)
C:\Windows\System32\igfxsrvc.exe (ID: 9408|ParentID: 932|Gerson)
C:\Windows\System32\hkcmd.exe (ID: 9800|ParentID: 1680|Gerson)
C:\Windows\System32\igfxpers.exe (ID: 5972|ParentID: 1680|Gerson)
C:\Program Files\Dell\QuickSet\quickset.exe (ID: 9688|ParentID: 1680|Gerson)
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (ID: 11064|ParentID: 9500|Gerson)
C:\Windows\System32\RuntimeBroker.exe (ID: 10728|ParentID: 932|Gerson)
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (ID: 13060|ParentID: 820|Gerson)
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (ID: 11472|ParentID: 11228|Gerson)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ID: 4896|ParentID: 10552|Gerson)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ID: 7336|ParentID: 4896|Gerson)
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe (ID: 5868|ParentID: 9352|Gerson)
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (ID: 9528|ParentID: 820|SISTEMA)
C:\Program Files\Internet Explorer\iexplore.exe (ID: 5916|ParentID: 1680|Gerson)
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe (ID: 6328|ParentID: 932|Gerson)

################## | Autorun |

################## | Procura genérica |

(!) Ficheiros temporários suprimido.

################## | Registro |

Supprimido ! HKU\S-1-5-21-1142106890-189007607-1029277635-1001\Software\.\.\.\.\Mountpoints2\{1caecf18-91f7-11e3-be72-3c77e6b4be9c}
Supprimido ! HKU\S-1-5-21-1142106890-189007607-1029277635-1001\Software\.\.\.\.\Mountpoints2\{7df8dca7-52fb-11e3-be71-a41f72f63f66}
Supprimido ! HKU\S-1-5-21-1142106890-189007607-1029277635-1001\Software\.\.\.\.\Mountpoints2\{a39ac4cd-5d4c-11e3-be72-3c77e6b4be9c}

################## | Regedit Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [HW_OPENEYE_OUC_Claro] "C:\Program Files (x86)\Claro\UpdateDog\ouc.exe"
04 - HKLM\..\Run : [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
04 - HKLM\..\Run : [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
04 - HKLM\..\Run : [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
04 - HKLM\..\Run : [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Policies\Explorer\run : [BtvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
04 - [x64] HKLM\..\Run : [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
04 - [x64] HKLM\..\Run : [RtHDVBg] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4P1
04 - [x64] HKLM\..\Run : [RtHDVBg_PushButton] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /IM
04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - [x64] HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - [x64] HKLM\..\Run : [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe
04 - [x64] HKLM\..\Run : [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
04 - [x64] HKLM\..\Policies\Explorer\run : [BtvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
04 - HKU\S-1-5-21-1142106890-189007607-1029277635-1001\..\Run : [HW_OPENEYE_OUC_Claro] "C:\Program Files (x86)\Claro\UpdateDog\ouc.exe"

################## | C:\ %SystemDrive% - Disco fixo (NTFS) |

[20/06/2014 - 22:05:41 | ASH | 13324252 Ko] - C:\hiberfil.sys
[20/06/2014 - 22:05:45 | ASH | 2359296 Ko] - C:\pagefile.sys
[20/06/2014 - 22:05:46 | ASH | 262144 Ko] - C:\swapfile.sys
[25/10/2013 - 08:02:31 | N | 29 Ko] - C:\dell.sdr
[20/06/2014 - 13:00:07 | N | 53 Ko] - C:\zoek-results2014-06-20-160007.log
[20/06/2014 - 14:10:28 | N | 1073 Ko] - C:\zoek-results2014-06-20-171028.log
[20/06/2014 - 21:22:44 | N | 7 Ko] - C:\zoek-results2014-06-21-002244.log
[20/06/2014 - 22:01:26 | N | 3 Ko] - C:\zoek-results2014-06-21-010126.log
[20/06/2014 - 22:16:04 | N | 2 Ko] - C:\zoek-results.log
[01/12/2006 - 22:37:14 | N | 884 Ko | SHA1: 9E32797D7CBCD599BA64BA28C0EB93EC06840C1E] - C:\msdia80.dll
[20/06/2014 - 13:00:31 | SHD] - C:\$RECYCLE.BIN
[02/06/2012 - 11:30:55 | N | 0 Ko] - C:\BOOTNXT
[26/07/2012 - 00:44:30 | RASH | 389 Ko] - C:\bootmgr
[26/07/2012 - 04:22:08 | SHD] - C:\Documents and Settings
[26/07/2012 - 04:33:46 | D] - C:\PerfLogs
[25/10/2013 - 02:32:41 | D] - C:\Intel
[25/10/2013 - 07:23:35 | D] - C:\Drivers
[25/10/2013 - 09:13:30 | D] - C:\DELL
[19/11/2013 - 11:28:43 | D] - C:\Arquivos de Programas
[19/11/2013 - 11:36:23 | D] - C:\Users
[20/11/2013 - 14:38:20 | D] - C:\Autodesk
[07/06/2014 - 18:05:38 | D] - C:\DAZ
[10/06/2014 - 21:24:20 | D] - C:\Backup HP
[12/06/2014 - 14:25:14 | D] - C:\Trabalhos
[13/06/2014 - 18:25:26 | D] - C:\Filmes
[19/06/2014 - 19:51:51 | D] - C:\temp
[19/06/2014 - 22:43:01 | D] - C:\Program Files
[20/06/2014 - 02:24:35 | D] - C:\Programas
[20/06/2014 - 02:25:32 | D] - C:\Problemas PC
[20/06/2014 - 11:11:46 | D] - C:\AdwCleaner
[20/06/2014 - 21:21:56 | D] - C:\zoek_backup
[20/06/2014 - 21:21:56 | HD] - C:\ProgramData
[20/06/2014 - 22:15:21 | SHD] - C:\System Volume Information
[20/06/2014 - 22:36:54 | D] - C:\Program Files (x86)
[21/06/2014 - 10:41:09 | D] - C:\Windows
[21/06/2014 - 10:44:17 | D] - C:\UsbFix

################## | Vaccin |

################## | E.O.F | [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] | [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] |

por gersonmora Sáb 21 Jun 2014, 11:16

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Gerson at 21/06/2014 11:02:05
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit (Build 9200)

Reciclagem vazia (00mn 04s)
Reparação de atalhos do navegador

========== Chaves do Registo ==========
ELIMINÉ Driver Key: Bnbase
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ:* HKLM\Software\Baidu Security
ELIMINÉ CLSID MPSK: {1caecfb1-91f7-11e3-be72-3c77e6b4be9c}
ELIMINÉ CLSID MPSK: {7df8dcf0-52fb-11e3-be71-a41f72f63f66}
ELIMINÉ: [HKLM\Software\Classes\Installer\Products\\BD04C21DD7DC68D42958E5F22E63394E]
ELIMINÉ: [HKLM\Software\Classes\Installer\Features\BD04C21DD7DC68D42958E5F22E63394E]
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASAPI32
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASMANCS

========== Valores do Registo ==========
ELIMINÉ RunValue: HW_OPENEYE_OUC_Claro
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\windows\system32\drivers\bndef64.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bnbasex64.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINÉ: C:\Windows\Installer\248a1b6f.msi
ELIMINÉ Temporários windows (0) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: {92BE63F3-2F6A-439D-B050-72469DDCEE18}
ELIMINÉ: {BC1DFB6A-29A4-44A4-945A-0C83D0CADF4F}

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Recapitulativo ==========
9 : Chaves do Registo
7 : Valores do Registo
1 : Pastas
8 : Ficheiros
2 : Tarefa planificada
1 : Restauração Sistema

End of clean in 00mn 15s

========== Caminho do ficheiro do relatório ==========
C:\Users\Gerson\AppData\Roaming\ZHP\ZHPFix[R1].txt - 21/06/2014 11:02:09 [2178]

por **Power Max** Sáb 21 Jun 2014, 11:30

Abra novamente o ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

por gersonmora Sáb 21 Jun 2014, 11:44

~ Relatório do ZHPDiag v2014.6.21.95 - Nicolas Coolman (21/06/2014)
~ Iniciado por Gerson (21/06/2014 11:39:44)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão : Nova Versão disponivel
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user

---\\ Navegadores Internet
MSIE: Internet Explorer v10.0.9200.16921
GCIE: Google Chrome v35.0.1916.153 (Defaut)
OBIE: Wacom WebTabletPlugin for Netscape v1.1.0.5

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8 Single Language, 64-bit (Build 9200)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
McAfee Internet Security v12.8.958
Windows Defender W8 (Deactivate)

---\\ Softwares d'optimização do sistema
CCleaner v4.14

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 9 ActiveX
Java 7 Update 60

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 69 Stepping 1, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 16265 MB (87% free)
System Restore: Activé (Enable)
System drive C: has 609 GB (65%) free of 930 GB

---\\ Modo de conexão ao sistema
~ Computer Name: MANÁ-DELL2
~ User Name: Gerson
~ All Users Names: Gerson, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Gerson\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Gerson\AppData\Roaming\
~ %Desktop% : C:\Users\Gerson\Desktop\
~ %Favorites% : C:\Users\Gerson\Favorites\
~ %LocalAppData% : C:\Users\Gerson\AppData\Local\
~ %StartMenu% : C:\Users\Gerson\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 609 Go of 930 Go)
D: CD-ROM drive (Not Inserted)

---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s

---\\ Pesquisa particular de ficheiros genéricos
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Windows Explorer.) (.25/10/2013 - 07:52:53.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.26/07/2012 - 00:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.73AB92A1AA104EAF08B7AEA27B10C5CD] - (.Microsoft Corporation - Internet Extensions para Win32.) (.23/05/2014 - 23:47:54.) -- C:\Windows\System32\wininet.dll [2239488]
[MD5.75DD70A14145499C9F7D903CF9A8C91B] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.12/04/2014 - 06:10:31.) -- C:\Windows\System32\Winlogon.exe [578048]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.26/07/2012 - 00:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.7C0E0EDF18D6CC565D7BFBB451709FA5] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.04/09/2013 - 00:11:23.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 02:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.25/07/2012 - 23:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.25/07/2012 - 23:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.431141C6859990824D17F71C30A78728] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.15/01/2014 - 20:42:58.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.3865C4E388B31940C8BB9F73D9738E93] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.08/02/2014 - 01:34:16.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Driver de porta i8042.) (.25/07/2012 - 23:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.25/07/2012 - 23:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.7A761AEE58658378BBA45D360F874CB0] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.26/02/2014 - 20:18:55.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.25/07/2012 - 23:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.27/01/2014 - 00:39:40.) -- C:\Windows\system32\Drivers\ntfs.sys [1939288]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Driver de porta paralela.) (.25/07/2012 - 23:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.25/07/2012 - 23:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.25/07/2012 - 23:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 02:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.25/10/2013 - 07:52:53.) -- C:\Windows\system32\Drivers\volsnap.sys [327936]
~ Generic Processes: Scanned in 00mn 00s

---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/2
~ Mes musiques (My Musics) : 1/3
~ Mes Favoris (My Favorites) : 1/38
~ Mes Documents (My Documents) : 1/26
~ Mon Bureau (My Desktop) : 1/1668
~ Menu demarrer (Programs) : 1/33
~ Hidden Files: Scanned in 00mn 00s

---\\ Processos lançados
[MD5.349AB4F70E2AC44970894E7F03E1576E] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) -- C:\ProgramData\DatacardService\DCSHelper.exe [236384] [PID.3556]
[MD5.DB314CFF0FB931BEEF9AA53B4DBABDC5] - (.Microsoft Corporation - Touch Keyboard and Handwriting Panel Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe [21064] [PID.4032]
[MD5.139C3E683C64935D397A3A656D443E29] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928] [PID.4444]
[MD5.F419E9A607B79DAB0AC93119016E8342] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136] [PID.4780]
[MD5.581D8AD206E0DE14DB6B76884E144AF5] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704] [PID.1700]
[MD5.53C418610A3C3E0C27EC146D3F6094AE] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8070144] [PID.8492]
~ Processes Running: Scanned in 00mn 00s

---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Gerson\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 16 Legitimates Filtered in 00mn 00s

---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- C:\Program Files\mcafee\msc\npMcSnFFPl64.dll
~ Firefox Browser: 1 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
~ IE Browser: 17 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

---\\ Browser Helper Objects do navegador (02)
O2 - BHO: CompSegIB [64Bits] - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Banco Bradesco S.A. - scpsssh2 Module.) -- C:\Program Files (x86)\Scpad\scpsssh2.dll
~ BHO: 6 Legitimates Filtered in 00mn 00s

---\\ Barras do Internet Explorer (03))
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{47833539-D0C5-4125-9FA8-0819E2EAAC93} Chave orfã
~ Toolbar: Scanned in 00mn 00s

---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [RtHDVBg_PushButton] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickSet] . (.Dell Inc. - QuickSet.) -- c:\Program Files\Dell\QuickSet\QuickSet.exe
O4 - HKLM\..\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [mcpltui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Wow6432Node\Run: [Acrobat Assistant 8.0] . (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\policies\Explorer\Run: [BtvStack] . (.Atheros Communications - Bluetooth Stack Server.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
~ Application: Scanned in 00mn 00s

---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Send by Bluetooth to [64Bits] - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Chave orfã
~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{19E56F96-C1D3-4821-8907-1EF0D47BF997}: NameServer = 200.169.119.222 200.169.119.221
O17 - HKLM\System\CCS\Services\Tcpip\..\{84E63E3D-E11C-487E-A8F5-A12A2F359770}: DhcpNameServer = 10.42.0.251 10.42.0.252
O17 - HKLM\System\CCS\Services\Tcpip\..\{A524871E-AC26-48F4-8150-895B5AF8F62E}: DhcpNameServer = 192.168.25.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{84E63E3D-E11C-487E-A8F5-A12A2F359770}: DhcpDomain = vcp.amer.dell.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{19E56F96-C1D3-4821-8907-1EF0D47BF997}: NameServer = 200.169.119.222 200.169.119.221
O17 - HKLM\System\CS1\Services\Tcpip\..\{84E63E3D-E11C-487E-A8F5-A12A2F359770}: DhcpNameServer = 10.42.0.251 10.42.0.252
O17 - HKLM\System\CS1\Services\Tcpip\..\{A524871E-AC26-48F4-8150-895B5AF8F62E}: DhcpNameServer = 192.168.25.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{84E63E3D-E11C-487E-A8F5-A12A2F359770}: DhcpDomain = vcp.amer.dell.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.25.1
~ Domain: Scanned in 00mn 00s

---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s

---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: DAZ Content Management Service (DAZContentManagementService) . (...) - C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
O23 - Service: HWDeviceService64.exe (HWDeviceService64.exe) . (.No owner - DCSHOST.) - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: scpVista (scpVista) . (.Banco Bradesco S.A. - scpVista.) - C:\Program Files (x86)\Scpad\scpVista.exe
~ Services: 28 Legitimates Filtered in 00mn 03s

---\\ Tarefas planificadas automaticamente (039)
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1086]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1090]
~ Scheduled Task: 8 Legitimates Filtered in 00mn 02s

---\\ Software instalados (042)
O42 - Logiciel: Remove on Reboot Shell Extension - (.BJB, Inc..) [HKLM][64Bits] -- Remove on Reboot Shell Extension_is1
~ Logic: 25 Legitimates Filtered in 00mn 00s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\Conduit] =>Toolbar.Conduit
~ Key Software: 251 Legitimates Filtered in 00mn 00s

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 20/06/2014 - 01:38:21 - [] ----D C:\Program Files (x86)\Remove on Reboot
O43 - CFD: 09/06/2014 - 12:28:09 - [] ----D C:\Program Files (x86)\Scpad
~ Program Folder: 136 Legitimates Filtered in 00mn 00s

---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.93E7FA131B9AF0AF62D112AB19D31264] - 07/06/2014 - 18:34:45 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [387268]
O44 - LFC:[MD5.81D27D8A16176D37FA0B8464D2493CDC] - 12/06/2014 - 23:11:05 ---A- . (.Baidu, Inc. - Baidu Antivirus NetDefense Driver.) -- C:\Windows\System32\Drivers\bndef64.sys [70912]
O44 - LFC:[MD5.AF020BE6B7091E9A99C6D927AA406C93] - 13/06/2014 - 07:03:37 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [144960]
O44 - LFC:[MD5.800B9D5A64C2DFD1BE2445A1DFF58D95] - 19/06/2014 - 20:10:30 ---A- . (.Baidu, Inc. - Baidu Antivirus NetBase Driver.) -- C:\Windows\System32\Drivers\bnbasex64.sys [91616]
O44 - LFC:[MD5.D4A1358D1B27EACEDC010D40DC3F0622] - 19/06/2014 - 20:10:31 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [56640]
O44 - LFC:[MD5.1F8BFB887B0CB018BF39DE01A2DF8760] - 19/06/2014 - 20:10:37 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [37696]
O44 - LFC:[MD5.7D0E26CD2951BFF174212F7C7DC0F0C8] - 20/06/2014 - 13:00:07 ----- . (...) -- C:\zoek-results2014-06-20-160007.log [54358]
O44 - LFC:[MD5.1E1C132FB279A5534C95648696C90D8C] - 20/06/2014 - 14:10:28 ----- . (...) -- C:\zoek-results2014-06-20-171028.log [1098465]
O44 - LFC:[MD5.6BB8628762CCE2FEA899594E8515968E] - 20/06/2014 - 21:22:44 ----- . (...) -- C:\zoek-results2014-06-21-002244.log [6741]
O44 - LFC:[MD5.D83F234C709E29339F289B422A509450] - 20/06/2014 - 22:01:26 ----- . (...) -- C:\zoek-results2014-06-21-010126.log [2626]
O44 - LFC:[MD5.CB5F224F4767615188C1806B38D82AD5] - 20/06/2014 - 22:16:04 ----- . (...) -- C:\zoek-results.log [1793]
O44 - LFC:[MD5.0D81B1EC59725FD32CCED931F908A4FA] - 21/06/2014 - 11:11:23 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [155144]
O44 - LFC:[MD5.FFC16E790499E32F3B5A16CF7A4F2AC3] - 21/06/2014 - 11:11:23 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [763854]
~ Files: 98 Legitimates Filtered in 00mn 01s

---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableCAD"=1
~ MWPS: 21 Legitimates Filtered in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s

---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:27/05/2014 - 03:19:38 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [56640]
O58 - SDL:27/05/2014 - 03:19:38 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [37696]
O58 - SDL:27/05/2014 - 03:19:38 ---A- . (.Baidu, Inc. - Baidu Antivirus NetBase Driver.) -- C:\Windows\System32\Drivers\bnbasex64.sys [91616]
O58 - SDL:12/06/2014 - 23:11:05 ---A- . (.Baidu, Inc. - Baidu Antivirus NetDefense Driver.) -- C:\Windows\System32\Drivers\bndef64.sys [70912]
O58 - SDL:13/06/2014 - 07:03:37 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [144960]
O58 - SDL:19/10/2012 - 04:52:32 ---A- . (.Windows (R) Win 7 DDK provider - IEEE-1284.4-1999 Driver.) -- C:\Windows\System32\Drivers\Dot4.sys [151968]
O58 - SDL:19/10/2012 - 04:52:30 ---A- . (.Windows (R) Win 7 DDK provider - IEEE-1284.4 Print Class Driver.) -- C:\Windows\System32\Drivers\Dot4Prt.sys [27040]
O58 - SDL:08/10/2010 - 15:59:40 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\Drivers\ewdcsc.sys [32768]
O58 - SDL:06/08/2010 - 06:43:20 ---A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\Drivers\mod7700.sys [1001472]
O58 - SDL:26/07/2012 - 02:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [30960]
~ Drivers: 89 Legitimates Filtered in 00mn 00s

---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: UsbFix - (.El Desaparecido - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s

---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.352E8561E633B17ED22012366721FFDC] [SPRF][20/06/2014] (...) -- C:\Users\Gerson\Desktop\zoek.exe [1285120]
~ Files: 3 Legitimates Filtered in 00mn 00s

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 14/05/2013 279024 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 20/11/2013 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 21/11/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 21/11/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 11/05/2013 822232 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SS - | Demand 21/12/2012 334760 | (McAWFwk) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe
SS - | Demand 02/08/2013 602944 | (McODS) . (.McAfee, Inc..) - C:\Program Files\mcafee\VirusScan\mcods.exe
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 18/11/2009 98208 | (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
SR - | Auto 05/05/2013 241152 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 28/02/2013 227968 | (AtherosSvc) . (.Qualcomm Atheros Commnucations.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
SR - | Auto 20/11/2013 79360 | (Autodesk Licensing Service) . (.Autodesk.) - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
SR - | Auto 28/02/2006 229376 | (Bonjour Service) . (.Apple Computer, Inc..) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
SR - | Auto 05/05/2011 22528 | (DAZContentManagementService) . (...) - C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
SR - | Auto 30/07/2013 328928 | (HomeNetSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 14/03/2011 346976 | (HWDeviceService64.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService64.exe
SR - | Auto 30/04/2013 15344 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 11/05/2013 733696 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - c:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 01/06/2013 169432 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 01/06/2013 368600 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 25/04/2014 178528 | (McAPExe) . (.McAfee, Inc..) - C:\Program Files\McAfee\MSC\McAPexe.exe
SR - | Auto 30/07/2013 328928 | (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 328928 | (McOobeSv2) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 328928 | (mcpltsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 328928 | (McProxy) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
SR - | Auto 18/03/2014 1041192 | (mfecore) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
SR - | Auto 03/04/2014 219752 | (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
SR - | Auto 03/04/2014 189912 | (mfevtp) . (.McAfee, Inc..) - C:\Windows\system32\mfevtps.exe
SR - | Auto 09/03/2008 65536 | (mi-raysat_3dsMax2009_64) . (...) - C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_64server.exe
SR - | Auto 24/04/2012 254512 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
SR - | Auto 18/05/2013 245832 | (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
SR - | Auto 24/10/2012 360624 | (scpVista) . (.Banco Bradesco S.A..) - C:\Program Files (x86)\Scpad\scpVista.exe
SR - | Auto 13/10/2010 5790064 | (TabletServicePen) . (.Wacom Technology, Corp..) - C:\Program Files\Tablet\Pen\Pen_Tablet.exe
SR - | Auto 13/10/2010 487280 | (TouchServicePen) . (.Wacom Technology, Corp..) - C:\Program Files\Tablet\Pen\Pen_TouchService.exe
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 02/03/2013 81536 | (ZAtheros Wlan Agent) . (.Atheros.) - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
~ Services: Scanned in 00mn 05s

---\\ Scâner Aditional (088)
Database Version : 13026 - (21/06/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1

[HKCU\Software\Conduit] =>Toolbar.Conduit^
~ Additionnel Scan: 330173 Items scanned in 00mn 14s

---\\ Informações complémentaires do módulos
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Internet Explorer, Gestão do Proxy (R5)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Browser Helper Objects do navegador (02)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Barras do Internet Explorer (03))
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Aplicações iniciadas por registo & pastas (04)
~ AMI: 5 Legitimates Filtered in 00mn 00s

---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.Conduit
~ MSI: 1 link(s) detected in 00mn 00s

~ 669 Legitimates filtered by white list
End of the scan (421 lines in 00mn 35s)(0)

por **Power Max** Sáb 21 Jun 2014, 11:57

Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

ANTIVIRUS - Problemas com Baidu Antivírus - Página 2 772309

Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.

por gersonmora Sáb 21 Jun 2014, 12:06

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Gerson at 21/06/2014 12:01:46
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit (Build 9200)

Reciclagem vazia (00mn 02s)
Reparação de atalhos do navegador

========== Chaves do Registo ==========
ELIMINÉ: HKCU\Software\Conduit

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\windows\system32\drivers\bndef64.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bnbasex64.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINÉ Temporários windows (32) (32.768 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Recapitulativo ==========
1 : Chaves do Registo
1 : Pastas
7 : Ficheiros
1 : Restauração Sistema

End of clean in 00mn 07s

========== Caminho do ficheiro do relatório ==========
C:\Users\Gerson\AppData\Roaming\ZHP\ZHPFix[R1].txt - 21/06/2014 11:02:09 [2259]
C:\Users\Gerson\AppData\Roaming\ZHP\ZHPFix[R2].txt - 21/06/2014 12:01:49 [1247]

por **Power Max** Sáb 21 Jun 2014, 12:07

Reinicie o PC para que o ZHP complete a limpeza. Depois disto nos diga como está o PC e se os problemas foram resolvidos.

por gersonmora Sáb 21 Jun 2014, 12:16

Eu já havia reiniciado o PC antes de postar o relatório.
Não encontrei mais o Baidu. Existe mais alguma coisa a ser feita em relação a isto?
Ou, vida normal agora?
Mais uma pergunta qual seria o ideal em termos monitoramente para este tipo de acontecimento, Baidu entre outros?

por **Power Max** Sáb 21 Jun 2014, 12:19

Mais uma pergunta qual seria o ideal em termos monitoramente para este tipo de acontecimento, Baidu entre outros?

Não entendi sua pergunta. Explique melhor por gentileza.

por gersonmora Sáb 21 Jun 2014, 12:29

Me refiro específicamente a casos como o Baidu, não sei exatamente como ele foi instalado.
Eu havia feito um download de um programa de tvonline através do Baixaki, o problema é que não aceitei nenhuma das sugestões durante a instalação.
Como isso pode ser evitado?

por **Power Max** Sáb 21 Jun 2014, 12:35

O melhor sempre é baixar programas no site oficial deles e mesmo assim é preciso ter cuidado pois no próprio instalador oficial dos programas pode haver a oferta de adwares, aí é preciso ir desmarcando as caixinhas que pedem a instalação deles.

Pessoalmente quando preciso fazer downloads em outro site diferente do oficial do programa, preciso baixar nestes abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Mas quando você for baixar pelo Baixaki, para evitar baixar programas que contenham estes problemas embutidos, quando for baixar alguma coisa do Baixaki, veja se abaixo do botão "Clique para Baixar" há a frase "Ou baixe sem o instalador do Baixaki". Quando houver esta frase, clique este link com a frase "Ou baixe sem o instalador do Baixaki" para fazer o download de forma mais segura.
___________________________________________________________________________________________

isso aí!

Fico feliz que o problema tenha sido resolvido.

ANTIVIRUS - Problemas com Baidu Antivírus - Página 2 772309

Só para finalizar siga estes tutoriais abaixo, por gentileza:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________

ANTIVIRUS - Problemas com Baidu Antivírus - Página 2 772309

Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].
_______________________________________________________________________________________________________________________

ANTIVIRUS - Problemas com Baidu Antivírus - Página 2 648673379

ANTIVIRUS - Problemas com Baidu Antivírus - Página 2 648673379

Foi um prazer ajudar. Conte sempre conosco!

por gersonmora Sáb 21 Jun 2014, 12:39

Apenas uma última informação.
Como é que vcs trabalham tanto?
E em que posso auxiliar vcs?
Parabéns pelo trabalho, e muito obrigado pela inestimável ajuda.

por **Power Max** Sáb 21 Jun 2014, 12:42

Apenas uma última informação.
Como é que vcs trabalham tanto?

Atualmente estou de férias em meu serviço, então estou tendo mais tempo para ajudar aqui no fórum. Quando voltar a trabalhar lá só poderei ajudar aqui nos horários de folga.
___________________________________________________________

E em que posso auxiliar vcs?

Você pode ajudar divulgando o fórum para seus colegas, amigos e familiares.

por gersonmora Sáb 21 Jun 2014, 12:45

Power Max escreveu:
Apenas uma última informação.
Como é que vcs trabalham tanto?
Atualmente estou de férias em meu serviço, então estou tendo mais tempo para ajudar aqui no fórum. Quando voltar a trabalhar lá só poderei ajudar aqui nos horários de folga.
___________________________________________________________

E em que posso auxiliar vcs?
Você pode ajudar divulgando o fórum para seus colegas, amigos e familiares.

Farei isso, aliás o tipo de trabalho que vc faz aqui é de utilidade pública.
Parabéns (novamente) pela competência e pela gentileza.

por **Power Max** Sáb 21 Jun 2014, 13:28

CASO RESOLVIDO

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.

por Conteúdo patrocinado

Seg	Ter	Qua	Qui	Sex	Sáb	Dom
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30