Remover o RELOPIX de meu computador

Olá, boa tarde!
Meu nome é Alessandra. Entrei neste fórum com o objetivo de resolver problemas com o meu PC e trocar idéias com outros membros.
No momento, estou lutando com um tal de RELOPIX que apareceu no meu note.
Alguém pode me ajudar?

Abs.

  Oi Alessandra. Seja bem vinda ao Fórum PC Brasil.

Seu tópico será movido para a área de Remoção de Malwares no endereço abaixo para que possam ser passadas as dicas para a solução deste problema:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Estamos combinados?

Boa tarde!
Executei hoje o HijackThis e o relatório apresentado foi o seguinte:


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:20:17, on 31/01/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
C:\Users\Alessandra\AppData\Roaming\Yontoo\YontooDesktop.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Users\Alessandra\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandra\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandra\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandra\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandra\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandra\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandra\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandra\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: VideoPlayerV3beta448 - {1b0d101b-2c98-4bf3-8bc9-5f8bb3ce5bf7} - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta448\ie\VideoPlayerV3beta448.dll
O2 - BHO: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: ST br FF - {b5d39f9d-9d08-4466-8f80-9873ed5124dd} - C:\Program Files (x86)\Softonic.com.br_FF\prxtbSof0.dll
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll
O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\PROGRA~2\GbPlugin\gbiehAbn.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\PROGRA~2\GbPlugin\gbiehuni.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: ST br FF Toolbar - {b5d39f9d-9d08-4466-8f80-9873ed5124dd} - C:\Program Files (x86)\Softonic.com.br_FF\prxtbSof0.dll
O3 - Toolbar: QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [20131121] C:\Program Files\Alwil Software\Avast5\setup\emupdate\c2ffb433-3fc1-4434-a325-c7bb38a02417.exe /check
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Alessandra\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Yontoo Desktop] "C:\Users\Alessandra\AppData\Roaming\Yontoo\YontooDesktop.exe"
O4 - HKCU\..\Run: [Browser Infrastructure Helper] C:\Users\Alessandra\AppData\Local\Smartbar\Application\QuickShare.exe startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: StartupFaster
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} (GbPluginObj Class) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} (GbPluginObj Class) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify:  GbPluginAbn - C:\PROGRA~2\GbPlugin\gbiehAbn.dll
O20 - Winlogon Notify:  GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll
O20 - Winlogon Notify:  GbPluginUni - C:\PROGRA~2\GbPlugin\gbiehUni.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: DCMessages - Global Graphics Software Ltd - C:\Windows\SysWOW64\DCMessages.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Backup (WDBackup) - Western Digital  - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: WD Rules (WDRulesService) - Western Digital  - C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13168 bytes


Aguardo análise para que possam me ajudar a resolver de vez esse problema.
Abs.

Olá lele_rlq

Power Max está offline. Quando retornar, ele dará continuidade no seu caso. Enquanto aguarda seu retorno, faça o procedimento abaixo:

Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Xplode) e salve-o no Desktop (Área de Trabalho)

*Salve qualquer trabalho aberto e feche o seu navegador

*Execute-o, clique [Examinar] e aguarde o término

*Clique [Limpar] e aguarde o término

*Caso seja solicitada a reinicialização do PC, clique [OK] para reiniciar.

*Cole o relatório C:\AdwCleaner\AdwCleaner[S0].txt

Olá,

Fiz conforme foi orientado.
Segue o relatório gerado pelo AdwCleaner:

# AdwCleaner v3.018 - Relatório criado 31/01/2014 às 18:09:12
# Atualizado 28/01/2014 por Xplode
# Sistema Operacional : Windows 7 Home Basic Service Pack 1 (64 bits)
# Usuário : Alessandra - ALESSANDRA-PC
# Executando de : C:\Users\Alessandra\Downloads\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

Serviço Deletada : Yontoo Desktop Updater

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\Ask
Pasta Deletada : C:\ProgramData\Babylon
Pasta Deletada : C:\ProgramData\boost_interprocess
Pasta Deletada : C:\ProgramData\eSafe
Pasta Deletada : C:\ProgramData\StarApp
Pasta Deletada : C:\ProgramData\Tarma Installer
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
Pasta Deletada : C:\Program Files (x86)\1ClickDownload
Pasta Deletada : C:\Program Files (x86)\Ask.com
Pasta Deletada : C:\Program Files (x86)\DealPly
Pasta Deletada : C:\Program Files (x86)\Desk 365
Pasta Deletada : C:\Program Files (x86)\fbphotozoom
Pasta Deletada : C:\Program Files (x86)\WinZipper
Pasta Deletada : C:\Program Files (x86)\Yontoo
Pasta Deletada : C:\Program Files (x86)\Softonic.com.br_FF
Pasta Deletada : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Pasta Deletada : C:\Users\Alessandra\AppData\Local\Babylon
Pasta Deletada : C:\Users\Alessandra\AppData\Local\Conduit
Pasta Deletada : C:\Users\Alessandra\AppData\Local\OpenCandy
Pasta Deletada : C:\Users\Alessandra\AppData\Local\Smartbar
Pasta Deletada : C:\Users\Alessandra\AppData\Local\SwvUpdater
Pasta Deletada : C:\Users\Alessandra\AppData\LocalLow\AskToolbar
Pasta Deletada : C:\Users\Alessandra\AppData\LocalLow\Smartbar
Pasta Deletada : C:\Users\Alessandra\AppData\LocalLow\Toolbar4
Pasta Deletada : C:\Users\Alessandra\AppData\Roaming\Babylon
Pasta Deletada : C:\Users\Alessandra\AppData\Roaming\DealPly
Pasta Deletada : C:\Users\Alessandra\AppData\Roaming\Desk 365
Pasta Deletada : C:\Users\Alessandra\AppData\Roaming\DSite
Pasta Deletada : C:\Users\Alessandra\AppData\Roaming\OpenCandy
Pasta Deletada : C:\Users\Alessandra\AppData\Roaming\Systweak
Pasta Deletada : C:\Users\Alessandra\AppData\Roaming\WinZipper
Pasta Deletada : C:\Users\Alessandra\AppData\Roaming\Yontoo
Pasta Deletada : C:\Users\Convidado\AppData\LocalLow\AskToolbar
Pasta Deletada : C:\Users\Convidado\AppData\LocalLow\BabylonToolbar
Pasta Deletada : C:\Users\Convidado\AppData\LocalLow\PriceGong
Pasta Deletada : C:\Users\Convidado\AppData\LocalLow\Toolbar4
Pasta Deletada : C:\Users\Convidado\AppData\LocalLow\Softonic.com.br_FF
Arquivo Deletada : C:\Windows\SysWOW64\conduitEngine.tmp
Arquivo Deletada : C:\Windows\System32\roboot64.exe
Arquivo Deletada : C:\Users\Alessandra\AppData\Roaming\Mozilla\Firefox\Profiles\hkdevdzv.default\user.js
Arquivo Deletada : C:\Windows\Tasks\AmiUpdXp.job
Arquivo Deletada : C:\Windows\System32\Tasks\AmiUpdXp
Arquivo Deletada : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser
Arquivo Deletada : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Yontoo Desktop]
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Chave Deletedo : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.bho
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Chave Deletedo : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Chave Deletedo : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar.CT2277128
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_gios-pdf-splitter-and-merger_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B5D39F9D-9D08-4466-8F80-9873ED5124DD}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{035B01F0-551E-4125-90A3-E2D9F0587473}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B5D39F9D-9D08-4466-8F80-9873ED5124DD}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B5D39F9D-9D08-4466-8F80-9873ED5124DD}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B5D39F9D-9D08-4466-8F80-9873ED5124DD}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{035B01F0-551E-4125-90A3-E2D9F0587473}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1A14EA9-B4C8-41B0-9AF9-EC60CC9056E1}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7BDF6BAB-E57C-4DB2-B426-EA9514BCF24C}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B5D39F9D-9D08-4466-8F80-9873ED5124DD}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{B5D39F9D-9D08-4466-8F80-9873ED5124DD}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{B5D39F9D-9D08-4466-8F80-9873ED5124DD}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{913FAA37-8CDB-4144-9047-E2A950CD967E}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C17A0751-580B-466B-8271-5C73EFDC1295}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Valor Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Chave Deletedo : HKCU\Software\1ClickDownload
Chave Deletedo : HKCU\Software\APN PIP
Chave Deletedo : HKCU\Software\APN
Chave Deletedo : HKCU\Software\Ask.com
Chave Deletedo : HKCU\Software\DealPly
Chave Deletedo : HKCU\Software\dsiteproducts
Chave Deletedo : HKCU\Software\Headlight
Chave Deletedo : HKCU\Software\Iminent
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\powerpack
Chave Deletedo : HKCU\Software\smartbar
Chave Deletedo : HKCU\Software\smartbarbackup
Chave Deletedo : HKCU\Software\smartbarlog
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\systweak
Chave Deletedo : HKCU\Software\AppDataLow\AskToolbarInfo
Chave Deletedo : HKCU\Software\AppDataLow\Toolbar
Chave Deletedo : HKCU\Software\AppDataLow\Software\AskToolbar
Chave Deletedo : HKCU\Software\AppDataLow\Software\Conduit
Chave Deletedo : HKCU\Software\AppDataLow\Software\LyricsFinder
Chave Deletedo : HKCU\Software\AppDataLow\Software\PriceGong
Chave Deletedo : HKCU\Software\AppDataLow\Software\smartbar
Chave Deletedo : HKCU\Software\AppDataLow\Software\Softonic.com.br_FF
Chave Deletedo : HKLM\Software\APN
Chave Deletedo : HKLM\Software\AskToolbar
Chave Deletedo : HKLM\Software\Babylon
Chave Deletedo : HKLM\Software\Conduit
Chave Deletedo : HKLM\Software\DealPly
Chave Deletedo : HKLM\Software\Desksvc
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKLM\Software\PIP
Chave Deletedo : HKLM\Software\Softonic.com.br_FF
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic.com.br_FF Toolbar
Chave Deletedo : [x64] HKLM\SOFTWARE\Tarma Installer
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Chave Deletedo : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Chave Deletedo : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

***** [ Navegadores ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v26.0 (pt-BR)

[ Arquivo : C:\Users\Alessandra\AppData\Roaming\Mozilla\Firefox\Profiles\hkdevdzv.default\prefs.js ]


-\\ Google Chrome v

[ Arquivo : C:\Users\Alessandra\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [19472 octets] - [31/01/2014 17:52:16]
AdwCleaner[S0].txt - [17927 octets] - [31/01/2014 18:09:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17988 octets] ##########

 Siga, por gentileza, as dicas do tutorial abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste, por gentileza, o log do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

Olá, boa tarde!
Segue conforme solicitado.

Abs.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Basic x64
Ran by Alessandra on 03/02/2014 at 17:09:02,70
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsFinderUpdater_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsFinderUpdater_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsFinder_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsFinder_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Softonic_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Softonic_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LyricsFinderUpdater_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LyricsFinderUpdater_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LyricsFinder_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LyricsFinder_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Softonic_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Softonic_RASMANCS
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\Alessandra\AppData\Roaming\getrighttogo"
Successfully deleted: [Empty Folder] C:\Users\Alessandra\appdata\local\{083BAAED-A03F-41AB-B6C1-92DB64222ACF}
Successfully deleted: [Empty Folder] C:\Users\Alessandra\appdata\local\{10809F6E-D327-46A3-B60F-E833080D30F6}
Successfully deleted: [Empty Folder] C:\Users\Alessandra\appdata\local\{1E3E5FC0-7346-4037-91C9-54ABEDC9EA72}
Successfully deleted: [Empty Folder] C:\Users\Alessandra\appdata\local\{24DCA212-CF7F-4303-8FA2-ED0B902F3814}
Successfully deleted: [Empty Folder] C:\Users\Alessandra\appdata\local\{2EC0ABE6-85EB-4A6E-8519-A68D9E249CC6}
Successfully deleted: [Empty Folder] C:\Users\Alessandra\appdata\local\{3993F3DD-E7B4-4CE0-A422-24DA6FE327F7}
Successfully deleted: [Empty Folder] C:\Users\Alessandra\appdata\local\{6488E0B5-8408-485A-9A9C-0803071A2CB9}
Successfully deleted: [Empty Folder] C:\Users\Alessandra\appdata\local\{8A2556E8-0DF9-4628-B531-135259283284}
Successfully deleted: [Empty Folder] C:\Users\Alessandra\appdata\local\{90310B83-9B28-4EAE-8D3A-80B4E473F074}
Successfully deleted: [Empty Folder] C:\Users\Alessandra\appdata\local\{95C0EF92-97A0-4105-AFB9-81D942D1D29D}
Successfully deleted: [Empty Folder] C:\Users\Alessandra\appdata\local\{95D4036B-5B44-4297-9C8F-A69EDFF0D105}
Successfully deleted: [Empty Folder] C:\Users\Alessandra\appdata\local\{9D482854-381A-40A6-8D59-83FE76D2925C}
Successfully deleted: [Empty Folder] C:\Users\Alessandra\appdata\local\{A4BD7273-A1E3-48C1-9B85-D702C88DEF5F}
Successfully deleted: [Empty Folder] C:\Users\Alessandra\appdata\local\{A63A322A-E0BF-4069-9035-6C354FDCBD7A}
Successfully deleted: [Empty Folder] C:\Users\Alessandra\appdata\local\{AD1C8E73-A551-4DF0-B603-C55D03055762}
Successfully deleted: [Empty Folder] C:\Users\Alessandra\appdata\local\{B083C3DD-32EA-41D5-8E6C-84347AFE86D4}
Successfully deleted: [Empty Folder] C:\Users\Alessandra\appdata\local\{BD2F4407-66F4-4A21-9E40-B29D9DEEBB31}
Successfully deleted: [Empty Folder] C:\Users\Alessandra\appdata\local\{D186DEC5-3AAC-4BCC-9375-D64A8DE9CBC3}
Successfully deleted: [Empty Folder] C:\Users\Alessandra\appdata\local\{DFBC38CE-CD67-4864-8942-432F2B1001D8}
Successfully deleted: [Empty Folder] C:\Users\Alessandra\appdata\local\{E26A94F1-D6C2-477D-9C08-D371A5C16D26}
Successfully deleted: [Empty Folder] C:\Users\Alessandra\appdata\local\{EDE578F1-0F1C-4D30-88DD-2AE2711F8DCF}



~~~ FireFox

Successfully deleted: [File] C:\user.js



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03/02/2014 at 17:23:13,26

 Siga, por gentileza, as dicas deste tutorial para fazer uma limpeza de seu PC com o Malwarebytes:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Na sua próxima resposta poste este log do Malwarebytes

Ficamos no aguardo.

Boa noite!

Segue o log.

Abs.


Malwarebytes Anti-Malware 1.75.0.1300
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Versão da Base de Dados:  v2014.02.03.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16540
Alessandra :: ALESSANDRA-PC [administrador]

03/02/2014 19:56:26
mbam-log-2014-02-03 (19-56-26).txt

Tipo de Verificação:  Verificação Completa  (C:\|D:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos  | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados:  387998
Tempo decorrido: 1 hora(s), 5 minuto(s), 41 segundo(s)

Processos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Chaves de Registro Detectadas: 6
HKCR\CLSID\{1b0d101b-2c98-4bf3-8bc9-5f8bb3ce5bf7} (Adware.BetterSurf) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\TypeLib\{8f9b4fa2-0d6a-4ae7-8fa0-791beaa448ab} (Adware.BetterSurf) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\Interface\{3F454256-A14B-4975-81BD-8E04111560EF} (Adware.BetterSurf) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1B0D101B-2C98-4BF3-8BC9-5F8BB3CE5BF7} (Adware.BetterSurf) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1B0D101B-2C98-4BF3-8BC9-5F8BB3CE5BF7} (Adware.BetterSurf) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1B0D101B-2C98-4BF3-8BC9-5F8BB3CE5BF7} (Adware.BetterSurf) -> Enviado para a Quarentena e deletado com sucesso.

Valores de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Pastas Detectadas: 8
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta448 (Adware.VPlayer) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta448\ch (Adware.VPlayer) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta448\ff (Adware.VPlayer) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta448\ff\chrome (Adware.VPlayer) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta448\ff\chrome\content (Adware.VPlayer) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta448\ff\chrome\content\icons (Adware.VPlayer) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta448\ff\chrome\content\icons\default (Adware.VPlayer) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta448\ie (Adware.VPlayer) -> Enviado para a Quarentena e deletado com sucesso.

Arquivos Detectados: 22
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta448\ie\VideoPlayerV3beta448.dll (Adware.BetterSurf) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\uninst.exe.vir (PUP.Optional.Dealply) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Yontoo\OptChrome.exe.vir (PUP.Optional.OptChrome.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Alessandra\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe.vir (PUP.Optional.SmartBar.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Users\Alessandra\AppData\Local\SwvUpdater\Updater.exe.vir (PUP.Optional.Amonetize.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\ProgramData\InstallMate\{6F5AD0DF-4C31-4C63-AE88-0413B4B9F229}\Custom.dll (Adware.Agent) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Alessandra\AppData\Local\Google\Chrome\User Data\Default\File System\005\t\00\00000000 (PUP.Optional.Somoto) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Alessandra\AppData\Local\Google\Chrome\User Data\Default\File System\006\t\00\00000000 (PUP.Optional.OneClickDownloader.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Alessandra\Downloads\aTubeCatcher.exe (PUP.Optional.Spigot.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Alessandra\Downloads\recuva-148982-32-bits.exe (PUP.Optional.InstallCore.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Windows\Installer\a1b081.msi (PUP.Optional.SmartBar.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Windows\System32\ALZALZ.BIN (Spyware.Passwords) -> Enviado para a Quarentena e deletado com sucesso.
C:\Windows\System32\ALZZip.BIN (Spyware.Passwords) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\Public\Desktop\MP3 Downloader.lnk (Rogue.Link) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta448\ch\VideoPlayerV3beta448.crx (Adware.VPlayer) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta448\ff\chrome.manifest (Adware.VPlayer) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta448\ff\install.rdf (Adware.VPlayer) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta448\ff\chrome\content\ffVideoPlayerV3beta448.js (Adware.VPlayer) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta448\ff\chrome\content\ffVideoPlayerV3beta448ffaction.js (Adware.VPlayer) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta448\ff\chrome\content\overlay.xul (Adware.VPlayer) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta448\ff\chrome\content\icons\Thumbs.db (Adware.VPlayer) -> Enviado para a Quarentena e deletado com sucesso.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta448\ff\chrome\content\icons\default\VideoPlayerV3beta448_32.png (Adware.VPlayer) -> Enviado para a Quarentena e deletado com sucesso.

(fim)

|- Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >  < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.
 
|- Execute o ícone do pergaminho. ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
 
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
 
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Olá,

Segue o relatório.

Abs.


~ Relatório do ZHPDiag v2014.1.25.26 - Nicolas Coolman  (25/01/2014)
~ Iniciado por Alessandra (04/02/2014 20:30:05)
~ Endereço do Website :  http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~  Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v10.0.9200.16540
MFIE: Mozilla Firefox 26.0

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Basic, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
avast! Free Antivirus v8.0.1489.0
Malwarebytes Anti-Malware versão 1.75.0.1300
Windows Defender W7

---\\ Softwares d'optimização do sistema
CCleaner v4.02 =>Piriform Ltd

---\\ Softwares de partilha do PeerToPeer (P2P)
µTorrent v3.0.0 =>P2P.µTorrent

---\\ Monitoramento dos softwares
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4057 MB (59% free)
System Restore: Activé (Enable)
System drive C: has 85 GB (38%) free of 223 GB

---\\ Modo de conexão ao sistema
~ Computer Name: ALESSANDRA-PC
~ User Name: Alessandra
~ All Users Names: Convidado, Alessandra, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Alessandra\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Alessandra\AppData\Roaming\
~ %Desktop% : C:\Users\Alessandra\Desktop\
~ %Favorites% : C:\Users\Alessandra\Favorites\
~ %LocalAppData% : C:\Users\Alessandra\AppData\Local\
~ %StartMenu% : C:\Users\Alessandra\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 85 Go of 223 Go)
D: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 03:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.753C0848AE7872A3F59663078A517293] - (.Microsoft Corporation - Internet Extensions para Win32.) (.21/02/2013 - 07:15:07.) -- C:\Windows\System32\wininet.dll [2240512]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20/11/2010 - 10:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 10:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 00:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 06:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 06:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 07:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 06:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.E453ACF4E7D44E5530B5D5F2B9CA8563] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.31/08/2012 - 15:19:35.) -- C:\Windows\system32\Drivers\ntfs.sys [1659760]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 07:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 06:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 10:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes musiques (My Musics) : 1/28
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/63
~ Mes Documents (My Documents) : 1/33
~ Mon Bureau (My Desktop) : 1/1631
~ Menu demarrer (Programs) : 1/41
~ Hidden Files:  Scanned in 00mn 00s



---\\ Processos lançados
[MD5.D96D0F617E2E06EEB709430515B3B7D8] - (.No owner - ST Service Scheduling.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe   [783680] [PID.2396]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.exe   [97680] [PID.2916]
[MD5.3F11B20D12D89365D7721BDC860CE5F0] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe   [4858968] [PID.3016]
[MD5.97FDFBFEFEBA6AF5D5A890907C7E0E4F] - (.Western Digital - WD Drive Auto Unlock.) -- C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe   [1688008] [PID.1884]
[MD5.EF6CEC2BAE95B5DCBD95E0BD0F4F65B7] - (.Western Digital Technologies, Inc. - WD Quick View.) -- C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe   [5236664] [PID.2180]
[MD5.CE5C9977DA751DDC30952AC4DCBCA788] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe   [49208] [PID.2512]
[MD5.048EA4B978851788E9F5E8E4F081DF7A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe   [959904] [PID.2432]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   [254336] [PID.1092]
[MD5.AB055E4E8A49E06469B137C93C8E11C6] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe   [12631904] [PID.3452]
[MD5.5640B4C10682FBC39C86C8C7A8392B5E] - (.Google Inc. - Google Chrome.) -- C:\Users\Alessandra\AppData\Local\Google\Chrome\Application\chrome.exe   [866632] [PID.948]
[MD5.CA25CAEEBDBE25D85565877219F684F8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [8339968] [PID.600]
[MD5.F67196A7F0ABDFB234D915DFF58C230B] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe   [410440] [PID.864]
[MD5.28D6701C710AD7BA3CB95E75F8F1A9AA] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe   [46808] [PID.1360]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe   [65640] [PID.1828]
[MD5.F67C21CC4195F6AFC447418FE163E156] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe   [5087584] [PID.1488]
[MD5.B5B84712111414DD1B14C2346E9868BE] - (.Western Digital - WD Drive Service.) -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe   [248248] [PID.2216]
[MD5.FD2D1C60CDBDFAB63EF182539D8FFC2D] - (.Western Digital - WD Rules Engine.) -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe   [1177536] [PID.2664]
[MD5.96C4C98FE4866C16FC64E4578A0AA975] - (.Western Digital - WD Backup Engine.) -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe   [1157056] [PID.3136]
[MD5.E623B98CC2F6275C027CCBDF13749A77] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe   [195936] [PID.2992]
~ Processes Running:  Scanned in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Alessandra\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [gaiilaahiahdejapggenmdmafpmbipje] DealPly v.3.0.7.2 (Désactivé) =>PUP.DealPly
G2 - GCE: Preference [User Data\Default] [kenlheonkkafkglgpkenpcnjbcbmnkeo] Video Player v.1.1 (Désactivé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
~ Google Browser: 17 Legitimates Filtered in 00mn 03s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/abn] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Alessandra\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/cef] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Alessandra\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll
~ Firefox Browser: 6 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
~ Proxy management:  Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense CEF [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540003} . (.Caixa Economica Federal - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbiehcef.dll
O2 - BHO: G-Buster Browser Defense Banco Real [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540007} . (.Banco Real - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbiehAbn.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540008} . (.Banco Itaú Unibanco - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbiehuni.dll
~ BHO: 12 Legitimates Filtered in 00mn 00s



---\\ Barras do Internet Explorer (03))
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Chave orfã
~ Toolbar:  Scanned in 00mn 00s



---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: aTube Catcher.lnk . (.DsNET - aTube Catcher to download and convert video.)  -- C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Desktop [Public]: EFD Contribuições.lnk . (...)  -- C:\Program Files (x86)\Programas_SPED\PisCofins2\spedContribuicoes.exe
O4 - GS\Desktop [Public]: Ganhos de Capital 2012.lnk . (...)  -- C:\Arquivos de Programas RFB\GCAP2012\GCAP2012.exe
O4 - GS\Desktop [Public]: gDoc Fusion.lnk . (.Global Graphics Software Ltd. - gDoc Fusion.)  -- C:\found.000\dir0067.chk\gDocFusion.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Receitanet 1.04 .lnk . (.SERPRO - Serviço Federal de Processamento d - Receitanet.)  -- C:\Program Files (x86)\Programas RFB\Receitanet\Windows\Receitanet.exe
O4 - GS\Desktop [Public]: Video Search.lnk . (.DsNET - aTube Catcher to download and convert video.)  -- C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Desktop [Public]: WD Security.lnk . (.Western Digital - WD Security.)  -- C:\Program Files (x86)\Western Digital\WD Security\WDDriveSecurity.exe
O4 - GS\Program [Public]: Documentação de ajuda da Dell.lnk . (...)  -- C:\Program Files (x86)\Dell Inc\Dell Edoc Viewer\EDocs.exe (.not file.)
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [Convidado]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Convidado]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [Convidado]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [Convidado]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Convidado]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Convidado]: DCTF Mensal 2.4.lnk . (...)  -- C:\Arquivos de Programas RFB\DCTF Mensal 2.4\DCTFMensal24.exe (.not file.)
O4 - GS\Desktop [Convidado]: Dirf 2012.LNK . (...)  -- C:\Arquivos de Programas RFB\Dirf2012\Dirf2012.exe (.not file.)
O4 - GS\Desktop [Convidado]: PER-DCOMP 5.1.lnk . (.SERPRO - No Comment.)  -- C:\Arquivos de Programas RFB\PERDCOMP51\PERDCOMP51.exe
O4 - GS\Desktop [Convidado]: PER_DCOMP.lnk . (...)  -- C:\Program Files (x86)\Cursos RFB\Simples\UNWISE.exe (.not file.)
O4 - GS\QuickLaunch [Alessandra]: aTube Catcher.lnk . (.DsNET - aTube Catcher to download and convert video.)  -- C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\QuickLaunch [Alessandra]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Alessandra]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.)  -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [Alessandra]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Users\Alessandra\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Alessandra]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Alessandra]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Alessandra]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SendTo [Alessandra]: Win2PDF.lnk - Chave orfã
O4 - GS\Desktop [Alessandra]: Carnê-Leão 2013.lnk . (...)  -- C:\Arquivos de Programas RFB\LEAO2013\LEAO2013.exe
O4 - GS\Desktop [Alessandra]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Users\Alessandra\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Alessandra]: HP Scan.lnk . (.Hewlett-Packard Co. - HPScan.)  -- C:\Program Files (x86)\HP\HP Deskjet 1050 J410 series\bin\HPScan.exe
O4 - GS\Desktop [Alessandra]: IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk . (...)  -- C:\Arquivos de Programas RFB\IRPF2012\IRPF2012.exe
O4 - GS\Desktop [Alessandra]: IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk . (...)  -- C:\Arquivos de Programas RFB\IRPF2013\IRPF2013.exe
O4 - GS\Desktop [Alessandra]: Lixeira.lnk - Chave orfã
O4 - GS\Desktop [Alessandra]: PER-DCOMP 5.1.lnk . (.SERPRO - No Comment.)  -- C:\Arquivos de Programas RFB\PERDCOMP51\PERDCOMP51.exe
O4 - GS\Desktop [Alessandra]: PER_DCOMP.lnk . (...)  -- C:\found.000\dir0019.chk\Simples\UNWISE.exe
O4 - GS\Desktop [Alessandra]: POWERPNT.lnk . (.Microsoft Corporation - Microsoft Office PowerPoint.)  -- C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.exe  =>.Microsoft Corporation
O4 - GS\Desktop [Alessandra]: Sicalc Auto Atendimento.lnk . (.SERPRO - No Comment.)  -- C:\Program Files (x86)\Programas RFB\Sicalc Auto Atendimento\sicalcp.exe
O4 - GS\Startup [Alessandra]: Startup Faster!.lnk . (.URSoft,Inc - Startup Faster! - Boot Windows faster..)  -- C:\Program Files (x86)\Startup Faster\StrpFstCfg.exe
O4 - GS\Desktop [Alessandra]: WINWORD.lnk . (.Microsoft Corporation - Microsoft Office Word.)  -- C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.exe
~ Global Startup: 111 Legitimates Filtered in 00mn 02s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - GS\Startup [Convidado]: Dell Dock.lnk . (...)  -- C:\Program Files (x86)\Dell\DellDock\DellDock.exe (.not file.)
O4 - GS\Startup [Alessandra]: Recorte de tela e Iniciador do OneNote 2007.lnk . (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.)  -- C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Alessandra\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [WD Drive Unlocker] . (.Western Digital - WD Drive Auto Unlock.) -- C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe  =>.Western Digital Technologies
O4 - HKLM\..\Wow6432Node\Run: [WD Quick View] . (.Western Digital Technologies, Inc. - WD Quick View.) -- C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe  =>.Western Digital Technologies
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe  =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe  =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [20131121] . (.AVAST Software - avast! Emergency Update.) -- C:\Program Files\Alwil Software\Avast5\setup\emupdate\c2ffb433-3fc1-4434-a325-c7bb38a02417.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe  =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\RunOnce: [Launcher] . (.Softthinks - VistaLauncher.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2973937001-495373740-789024467-1000\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Alessandra\AppData\Local\Google\Update\GoogleUpdate.exe
~ Application:  Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{11F261A3-3875-4DE8-B04A-CD055626CEB1}: DhcpNameServer = 201.17.0.54 201.17.0.82
O17 - HKLM\System\CCS\Services\Tcpip\..\{AEED6293-EAB0-43F9-AF32-1515AE13DC45}: DhcpNameServer = 201.17.0.54 201.17.0.82
O17 - HKLM\System\CS1\Services\Tcpip\..\{11F261A3-3875-4DE8-B04A-CD055626CEB1}: DhcpNameServer = 201.17.0.54 201.17.0.82
O17 - HKLM\System\CS1\Services\Tcpip\..\{AEED6293-EAB0-43F9-AF32-1515AE13DC45}: DhcpNameServer = 201.17.0.54 201.17.0.82
O17 - HKLM\System\CS2\Services\Tcpip\..\{11F261A3-3875-4DE8-B04A-CD055626CEB1}: DhcpNameServer = 201.17.0.54 201.17.0.82
O17 - HKLM\System\CS2\Services\Tcpip\..\{AEED6293-EAB0-43F9-AF32-1515AE13DC45}: DhcpNameServer = 201.17.0.54 201.17.0.82
~ Domain:  Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: GoToAssist . (...) -- C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll (.not file.)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
O23 - Service: WD Rules (WDRulesService) . (.Western Digital - WD Rules Engine.) - C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
~ Services: 7 Legitimates Filtered in 00mn 07s



---\\ Tarefas planificadas automaticamente (039)
[MD5.E94F30649F266169EFEE736022BC961A] [APT] [{10D640A9-372C-4A2A-AF56-AC862991C880}] (...) -- C:\Users\Alessandra\Downloads\PERDCOMPv5.1B.exe   [8571644]
[MD5.00000000000000000000000000000000] [APT] [{1DB57F10-49BA-4B54-8174-BDAF9FFE33EA}] (...) -- D:\setup.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{2C5B73DD-9C0D-4660-AF26-45337F7128D0}] (...) -- C:\Users\Alessandra\Downloads\iGBPCEFsf.exe (.not file.)   [0]
[MD5.DC9411D2A23F0E5B9395D93D042BCCBF] [APT] [{42379448-6B07-48B8-A3E7-B22507F2EB75}] (...) -- C:\drivers\printer\Z500-Z600\Setup.exe   [304048]
[MD5.00000000000000000000000000000000] [APT] [{6040CDCF-DC65-438A-BD75-7E9999128021}] (...) -- C:\Program Files (x86)\Baidu Security\PC Faster\3.7.0.0\UninstCaller.exe (.not file.)   [0]  =>Adware.BDSearch
[MD5.00000000000000000000000000000000] [APT] [{63C4D94C-F499-4EBB-AFFB-EC72FFC34F9D}] (...) -- C:\Users\Alessandra\Downloads\IRPF2012win32v1.1.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{6D76787D-21B2-4284-9844-91CA2A59F6A4}] (...) -- C:\Users\Alessandra\Desktop\Arquivos Notebook antigo\New_PC_Studio_1.4.0.IL2.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{911F512F-1654-43BB-86E0-F7BD2EAC893C}] (...) -- C:\Users\Alessandra\Downloads\iGBPCEFsf (5).exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{ADD9D0D9-96E7-4332-B6D0-041D3B5AF376}] (...) -- C:\Users\Alessandra\Downloads\iGBPCEFsf (3).exe (.not file.)   [0]
[MD5.DD17B734F49DED3147D99918EDA0839B] [APT] [{E5BB5E96-BDF9-41F9-9B0D-4FAA55B974FC}] (.Serpro - Serviço Federal de Processamento d.) -- C:\Users\Alessandra\Downloads\Receitanet-1.04.exe   [6182597]
[MD5.00000000000000000000000000000000] [APT] [{F520ADF1-4C3A-4BB2-80E8-90E6014F9D9F}] (...) -- C:\Users\Alessandra\Downloads\iGBPCEFsf (4).exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{F70DE38F-26F7-439B-9BD8-01106D4A7E9E}] (...) -- C:\Users\Alessandra\Downloads\Nero Vision Express-3.1.0.11\Nero Vision Express-3.1.0.11.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{F80E98A7-5FC6-427B-980A-ED4BB308862D}] (...) -- C:\Users\Alessandra\Downloads\iGBPCEFsf (6).exe (.not file.)   [0]
~ Scheduled Task: 28 Legitimates Filtered in 00mn 04s



---\\ Software instalados (042)
O42 - Logiciel: Carnê-Leão 2013 - (.Receita Federal do Brasil.) [HKLM][64Bits] -- LEAO2013
O42 - Logiciel: Crystal Player Professional 1.98 - (.Crystal Reality LLC.) [HKLM][64Bits] -- Crystal Player
O42 - Logiciel: FM Screen Capture Codec (Remove Only) - (...) [HKLM][64Bits] -- FMCODEC
O42 - Logiciel: GBBD Caixa Economica Federal - (...) [HKLM][64Bits] -- {5d01f486-f32d-462e-8830-cc1d116e8ece}_is1
O42 - Logiciel: Ganhos de Capital 2012 - (...) [HKLM][64Bits] -- Ganhos de Capital 2012
O42 - Logiciel: IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva  - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2012
O42 - Logiciel: IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva  - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2013
O42 - Logiciel: Módulo de Proteção Santander 3.2.0.2 - (...) [HKLM][64Bits] -- {83033d93-48d0-48fc-9c5b-82e57e7e0dd6}_is1
O42 - Logiciel: QuickShare - (.Linkury Inc..) [HKLM][64Bits] -- {D419D069-FBCE-40D4-B9F1-D0BF75ADFF5A} =>PUP.QuickShare
O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM][64Bits] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5
O42 - Logiciel: SafeSign - (.A.E.T. Europe B.V..) [HKLM][64Bits] -- {6347401C-C260-4B30-9816-8F5A1419CC49}
O42 - Logiciel: SafeSign 64-bits - (.A.E.T. Europe B.V..) [HKLM][64Bits] -- {66913111-2F8A-4950-AA93-51C26182FC35}
O42 - Logiciel: Sicalc Auto Atendimento - (.Receita Federal do Brasil.) [HKLM][64Bits] -- Sicalc Auto Atendimento
O42 - Logiciel: gDoc - (.Global Graphics.) [HKLM][64Bits] -- {EABCE84D-314C-4D47-8B8D-2743B45A4686}
~ Logic: 44 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\A.E.T. Europe B.V.]
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\Awsdata]
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\Crystal Reality]
[HKCU\Software\GbAs]
[HKCU\Software\IncrediMail]
[HKCU\Software\UltraDownloads.com.br]
[HKCU\Software\eBook Maestro Books]
[HKLM\Software\Wow6432Node\360Safe]
[HKLM\Software\Wow6432Node\A.E.T. Europe B.V.]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Awsdata]
[HKLM\Software\Wow6432Node\Programas RFB]
[HKLM\Software\Wow6432Node\WSED]
~ Key Software: 367 Legitimates Filtered in 00mn 01s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 26/01/2012 - 21:17:36 - [10,214] ----D C:\Program Files (x86)\A.E.T. Europe B.V
O43 - CFD: 06/09/2013 - 15:27:41 - [0] ----D C:\Program Files (x86)\Baidu Security =>Adware.BDSearch
O43 - CFD: 10/09/2010 - 18:37:56 - [5,505] ----D C:\Program Files (x86)\Crystal Player
O43 - CFD: 20/11/2012 - 11:54:33 - [0] ----D C:\Program Files (x86)\DreaMule
O43 - CFD: 19/07/2012 - 21:17:51 - [0] ----D C:\Program Files (x86)\GUMC13B.tmp
O43 - CFD: 28/03/2012 - 21:29:13 - [0] ----D C:\Program Files (x86)\GUMC9A4.tmp
O43 - CFD: 10/09/2010 - 19:12:12 - [0,476] ----D C:\Program Files (x86)\Marcos Velasco Security
O43 - CFD: 27/11/2013 - 15:13:33 - [18,094] ----D C:\Program Files (x86)\Programas RFB
O43 - CFD: 11/09/2011 - 11:30:26 - [0,050] ----D C:\Program Files (x86)\Programas SRF
O43 - CFD: 15/09/2012 - 17:53:50 - [108,511] ----D C:\Program Files (x86)\Programas_SPED
O43 - CFD: 10/09/2010 - 18:42:36 - [9,246] ----D C:\Program Files (x86)\Startup Faster
O43 - CFD: 28/07/2010 - 18:21:06 - [0,236] ----D C:\Program Files (x86)\WSED
O43 - CFD: 06/09/2013 - 15:27:52 - [70,113] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 17/08/2013 - 17:57:38 - [1,036] ----D C:\ProgramData\InstallMate =>PUP.Tarma
O43 - CFD: 24/08/2010 - 07:39:55 - [0,323] ----D C:\ProgramData\Win732
O43 - CFD: 24/08/2010 - 07:39:55 - [0,521] ----D C:\ProgramData\Win764
O43 - CFD: 28/07/2010 - 18:21:18 - [2,032] ----D C:\ProgramData\XP32
O43 - CFD: 06/09/2013 - 15:27:59 - [2,042] ----D C:\Users\Alessandra\AppData\Roaming\Baidu Security =>Adware.BDSearch
O43 - CFD: 30/05/2011 - 20:18:05 - [0,071] ----D C:\Users\Alessandra\AppData\Roaming\Crystal Player
O43 - CFD: 26/01/2012 - 21:19:01 - [0,025] ----D C:\Users\Alessandra\AppData\Local\A.E.T. Europe B.V
O43 - CFD: 10/03/2011 - 11:42:18 - [0,024] ----D C:\Users\Alessandra\AppData\Local\QuickStores
O43 - CFD: 15/09/2012 - 20:15:30 - [0] ----D C:\Users\Alessandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB
O43 - CFD: 30/08/2010 - 11:32:44 - [0] ----D C:\Users\Alessandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2010
O43 - CFD: 04/04/2012 - 22:48:05 - [0,004] ----D C:\Users\Alessandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2012
O43 - CFD: 07/05/2013 - 13:39:41 - [0,008] ----D C:\Users\Alessandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2013
~ Program Folder: 242 Legitimates Filtered in 00mn 16s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.95E6D56422142BB172D2AF6B7E70248E] - 03/02/2014 - 18:38:24 ---A- . (...) -- C:\Windows\System32\prfc0416.dat   [129172]
O44 - LFC:[MD5.3BE29BC87610E4E9DF4E2A42EB080F3B] - 03/02/2014 - 18:38:24 ---A- . (...) -- C:\Windows\System32\prfh0416.dat   [666942]
O44 - LFC:[MD5.4CE91CEDF6EC0F5FDFF2B6E2DB4E520A] - 28/01/2014 - 12:26:14 ---A- . (...) -- C:\Windows\NeroDigital.ini   [69]
~ Files: 12 Legitimates Filtered in 00mn 02s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{80b3765b-30d9-11e3-ac7f-00235a62e8b0}\AutoRun\command. (...) -- E:\WD Drive Unlock.exe (.not file.)
~ Keys:  Scanned in 00mn 00s



---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\CertificateRegistration  [Key] . (.A.E.T. Europe B.V. - Certificate Expiration Check Utility.) -- C:\Windows\System32\aetcrss1.exe
O53 - SMSR:HKLM\...\startupreg\wdbraz_certm  [Key] . (...) -- C:\Windows\SysWOW64\Watchdata\Watchdata Brazil CSP v1.0\BBCertM32.exe (.not file.)
~ SMSR Keys: 22 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.BC647F1F9DCE55B05B54683260ECE4FB] - 31/05/2012 - 21:21:04 R--A- . (.360.cn - 360HipsOEM.) -- C:\Windows\System32\Drivers\360FltOEM.sys   [289952]
O58 - SDL:[MD5.5573AA70993A2BB81525B1C704B88763] - 09/05/2013 - 05:59:07 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys   [65336]
O58 - SDL:[MD5.2E83D2621E87C493AB45DC6655BA77D4] - 27/06/2013 - 19:41:50 ---A- . (...) -- C:\Windows\System32\Drivers\aswSnx.sys.sum   [175]
O58 - SDL:[MD5.A5F29AC2F0ADE8B995B49D7350CE3AC0] - 27/06/2013 - 19:41:50 ---A- . (...) -- C:\Windows\System32\Drivers\aswSP.sys.sum   [175]
O58 - SDL:[MD5.22F521108881DC59837F6FC614E0568F] - 27/06/2013 - 19:41:50 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys   [189936]
O58 - SDL:[MD5.E86C64478D9A90D62255FE9EB0150C6E] - 27/06/2013 - 19:41:50 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys.sum   [175]
O58 - SDL:[MD5.118960D109F52515A0D9369139203D6D] - 08/08/2013 - 00:25:30 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\BprotectEx.sys   [76096]  =>Adware.BDSearch
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [530496]
O58 - SDL:[MD5.E47D9D7E6E53892FC97282482F4AE307] - 26/06/2009 - 15:43:42 ---A- . (.Windows (R) Win 7 DDK provider - Embedded System Control.) -- C:\Windows\System32\Drivers\EMSC.sys   [16752]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [31232]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [24656]
O58 - SDL:[MD5.CE4B6956E4E12492715A53076E58761F] - 14/12/2009 - 09:21:44 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\System32\Drivers\TFsExDisk.sys   [16392]
O58 - SDL:[MD5.CF460F454A0473E6C7AD846B94D8382A] - 26/06/2009 - 15:43:42 ---A- . (.Windows (R) Win 7 DDK provider - Embedded System Control.) -- C:\Windows\SysWOW64\drivers\EMSC.sys   [13680]
O58 - SDL:[MD5.6F34FD8453EBA4F55D74BA33A43445B0] - 15/10/2012 - 14:52:36 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\SysWOW64\drivers\GbpKm.sys   [46016]
O58 - SDL:[MD5.B7CC2AF3D5604EFDC5F82AF7A5B21FB1] - 04/02/2014 - 18:47:46 ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpndisrd.sys   [31088]
O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 25/10/2007 - 17:26:10 ---A- . (...) -- C:\Windows\SysWOW64\drivers\StarOpen.sys   [5632]
O58 - SDL:[MD5.CE4B6956E4E12492715A53076E58761F] - 14/12/2009 - 09:21:44 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys   [16392]
~ Drivers: 18 Legitimates Filtered in 00mn 38s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Alessandra\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {DE125FF9-0661-473A-8E15-E7AD0074B564} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.DF814B82A4B10FF48FD62EAAC98B6BE5] [SPRF][03/02/2014] (...) -- C:\Users\Alessandra\AppData\Local\Temp\.gbas.dll   [614473]
[MD5.47025DD5CBA8B43E9D26C960FF5B32A7] [SPRF][23/10/2013] (...) -- C:\Users\Alessandra\AppData\Local\Temp\Quarantine.exe   [344355]
[MD5.63F51C5CA8F6AF919B65C15CC55216C0] [SPRF][02/08/2013] (...) -- C:\Users\Alessandra\AppData\Roaming\unins000.dat   [12426]
[MD5.45D18DC0CA53BFFAA11F992BEF63280D] [SPRF][02/08/2013] (.No owner - Setup/Uninstall.) -- C:\Users\Alessandra\AppData\Roaming\unins000.exe   [706250]
[MD5.86B7E939B2C66357ABC5F371C8035484] [SPRF][31/01/2014] (...) -- C:\Users\Alessandra\AppData\Roaming\unins001.dat   [107274]
[MD5.169180F02ABCECA5DE72FC5EEBC861BB] [SPRF][31/01/2014] (.No owner - Setup/Uninstall.) -- C:\Users\Alessandra\AppData\Roaming\unins001.exe   [730322]
[MD5.E5447DC597144DDBD85BA741C0CB5F85] [SPRF][26/01/2012] (.A.E.T. Europe B.V. - SafeSign Standard.) -- C:\Users\Alessandra\Desktop\595.exe   [10231512]
[MD5.416740A57F4CF3A8707CC9691345D7E2] [SPRF][15/01/2012] (.Alpha Ltd. - Unlock Protected URL..) -- C:\Users\Alessandra\Desktop\Desprotetor_de_Links_v1.4.5.2b.exe   [4247639]
[MD5.6DD36D27085B68C1637A582296B856E6] [SPRF][12/09/2013] (.Defiant Technologies, LLC - DiskDigger.) -- C:\Users\Alessandra\Desktop\DiskDigger.exe   [1106208]
[MD5.7157C4A5D821EF06AFF5A98E98DA1322] [SPRF][29/09/2011] (.No owner - GbpDist Module.) -- C:\Windows\Downloaded Program Files\gbpdist.dll   [212984]
~ Files: 10 Legitimates Filtered in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{921E374D-EF65-44AA-A860-FF206C973F50}C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe" | In - Private - P6 - TRUE | .(.DsNET - aTube Catcher to download and convert videos..) -- C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe
O87 - FAEL: "UDP Query User{7CC86FD8-6A94-435A-A5B2-4A32BBF73B30}C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe" | In - Private - P17 - TRUE | .(.DsNET - aTube Catcher to download and convert videos..) -- C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe
O87 - FAEL: "TCP Query User{4E516DF1-AE17-49B6-8305-79CC9ADF0C2A}C:\program files (x86)\1clickdownload\1clickdownload.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\1clickdownload\1clickdownload.exe (.not file.) =>PUP.1ClickDownloader
O87 - FAEL: "UDP Query User{1E04EE63-0228-4E52-8AA4-2C900C182411}C:\program files (x86)\1clickdownload\1clickdownload.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\1clickdownload\1clickdownload.exe (.not file.) =>PUP.1ClickDownloader
~ Firewall: 201 Legitimates Filtered in 00mn 01s



---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "11131966A8F20594AA39152C1628CF53" . (.SafeSign 64-bits.) -- C:\Windows\Installer\{66913111-2F8A-4950-AA93-51C26182FC35}\ARPPRODUCTICON.exe
O90 - PUC: "6216BC6E021D5BF4D9B12E1E09306EC6" . (.WSED.) -- C:\Windows\Installer\{E6CB6126-D120-4FB5-9D1B-E2E19003E66C}\ARPPRODUCTICON.exe
O90 - PUC: "C1047436062C03B48961F8A54191CC94" . (.SafeSign.) -- C:\Windows\Installer\{6347401C-C260-4B30-9816-8F5A1419CC49}\ARPPRODUCTICON.exe
~ Update Products: 121 Legitimates Filtered in 00mn 00s



---\\ Listagem dos dados da chave NameSpace (MNS) (O92)
O92 - MNS:  - {35B6525E-071A-4EA9-B3BD-F6A742572F08}
~ MNS: 1 Legitimates Filtered in 00mn 00s



---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.45BE81497C00EF7FEC265296F42FDC8A] [WIS][10/03/2012] (.A.E.T. Europe B.V. - SafeSign.) -- C:\Windows\Installer\1b1b92a.msi   [7008768]
[MD5.A6AF29C6E4AA984798AE024B1EA64A74] [WIS][26/01/2012] (.A.E.T. Europe B.V. - SafeSign.) -- C:\Windows\Installer\1b7745.msi   [10121216]
~ WIS: 123 Legitimates Filtered in 00mn 14s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 12/12/2013 257416 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Disabled 29/03/2009 92160 |  (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
SS - | Disabled 25/05/2011 37664 |  (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SS - | Disabled 12/07/2011 387944 |  (Bonjour Service) . (.Apple Inc..) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
SS - | Demand 24/11/2009 99720 |  (DCMessages) . (.Global Graphics Software Ltd.) - C:\Windows\SysWOW64\DCMessages.exe
SS - | Disabled 09/06/2009 155648 |  (DockLoginService) . (.Stardock Corporation.) - C:\Program Files\Dell\DellDock\DockLogin.exe
SS - | Disabled 17/08/2009 16680 |  (GoToAssist) . (.Citrix Online, a division of Citrix Systems.) - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
SS - | Disabled 19/11/2012 2462128 |  (Hamachi2Svc) . (.LogMeIn Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
SS - | Disabled 04/06/2009 354840 |  (IAANTMON) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
SS - | Disabled 22/10/2004 73728 |  (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
SS - | Demand 05/12/2013 119408 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Disabled 09/06/2009 893112 |  (MpfService) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
SS - | Disabled 12/02/2007 65536 |  (O2FLASH) . (.O2Micro International.) - C:\Windows\System32\DRIVERS\o2flash.exe
SS - | Disabled 02/10/2011 10712 |  (SACSrv) . (.SafeNet, Inc..) - C:\Program Files\SafeNet\Authentication\SAC\x64\SACSrv.exe
SS - | Disabled 21/05/2010 673088 |  (SftService) . (.SoftThinks.) - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe
SS - | Disabled 05/05/2009 206064 |  (sprtsvc_DellComms) . (.SupportSoft, Inc..) - C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe
SS - | Disabled 03/06/2009 201968 |  (sprtsvc_DellSupportCenter) . (.SupportSoft, Inc..) - c:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
SS - | Disabled 03/06/2010 33280 |  (wltrysvc) . (...) - C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.exe
SS - | Demand 10/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
SS - | Disabled 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 11/05/2013 65640 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 09/05/2013 46808 |  (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Auto 01/07/2013 410440 |  (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
SR - | Auto 01/10/2013 5087584 |  (TeamViewer8) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
SR - | Auto 19/09/2012 1157056 |  (WDBackup) . (.Western Digital.) - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
SR - | Auto 06/09/2012 248248 |  (WDDriveService) . (.Western Digital.) - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
SR - | Auto 19/09/2012 1177536 |  (WDRulesService) . (.Western Digital.) - C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services:  Scanned in 00mn 16s



---\\ Scâner Aditional (088)
Database Version : 13030 - (25/01/2014)
Clés trouvées (Keys found) : 19
Valeurs trouvées (Values found) : 1
Dossiers trouvés  (Folders found) : 5
Fichiers trouvés  (Files found) : 1

[HKLM\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje]   =>PUP.DealPly^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D419D069-FBCE-40D4-B9F1-D0BF75ADFF5A}]   =>PUP.QuickShare^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF]   =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9]   =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater]   =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32]   =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375]   =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5]   =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2]   =>Toolbar.Ask
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\eSafeSvc]   =>PUP.eSafeSecurity
[HKLM\Software\Wow6432Node\360Safe]   =>Trojan.Lozavita
[HKLM\Software\Wow6432Node\aTube Catcher\OpenCandy]   =>Adware.OpenCandy
C:\Users\Alessandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje   =>PUP.DealPly^
C:\Program Files (x86)\Baidu Security   =>Adware.BDSearch^
C:\ProgramData\Baidu Security   =>Adware.BDSearch^
C:\ProgramData\InstallMate   =>PUP.Tarma^
C:\Users\Alessandra\AppData\Roaming\Baidu Security   =>Adware.BDSearch^
[HKCU\Software\Baidu Security]   =>Adware.BDSearch^
~ Additionnel Scan: 295538 Items scanned in 00mn 37s



---\\ Sumário das deteções encontradas na sua estação
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]   =>PUP.DealPly
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Adware.BDSearch
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]   =>PUP.QuickShare
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]   =>PUP.Tarma
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]   =>PUP.1ClickDownloader
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]   =>Toolbar.Ask
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]   =>Adware.MyWebSearch
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]   =>PUP.eSafeSecurity
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]   =>Trojan.Lozavita
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]   =>Adware.OpenCandy
~ MSI: 10 link(s) detected in 00mn 37s



~ 1262 Legitimates filtered by white list
End of the scan (602 lines in 02mn 33s)(0)

  Estou analisando o seu relatório e daqui há pouco te passo o próximo procedimento.

 Copie todo este script que te enviei.

 Vá no menu: Iniciar > Todos os programas > ZHP > Abra o Zhpfix > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta e nos diga como está seu PC após estes procedimentos.

Boa tarde,

Segue o relatório solicitado:

Rapport de ZHPFix 2014.1.17.2 par Nicolas Coolman, Update du 17/01/2014
Fichier d'export Registre :
Run by Alessandra at 05/02/2014 17:25:51
High Elevated Privileges : OK
Windows 7 Home Basic Edition, 64-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 07s)

========== Softwares ==========
ELIMINÉ: QuickShare

========== Processo memória ==========
ELIMINÉ: Memory Process: C:\Users\Alessandra\AppData\Roaming\unins000.exe
ELIMINÉ: Memory Process: C:\Users\Alessandra\AppData\Roaming\unins001.exe

========== Chaves do Registo ==========
ELIMINÉ: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D419D069-FBCE-40D4-B9F1-D0BF75ADFF5A}]
ELIMINÉ:* Winlogon Notify: GoToAssist
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKCU\Software\IncrediMail
ELIMINÉ: HKCU\Software\UltraDownloads.com.br
ELIMINÉ: HKLM\Software\Wow6432Node\360Safe
ELIMINÉ CLSID MPSK: {80b3765b-30d9-11e3-ac7f-00235a62e8b0}
ELIMINÉ:*  StartupReg: wdbraz_certm
ELIMINÉ: Service: Bonjour Service
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
ELIMINÉ:* HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
ELIMINÉ: HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
ELIMINÉ: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\eSafeSvc
ELIMINÉ: HKLM\Software\Wow6432Node\aTube Catcher\OpenCandy

========== Valores do Registo ==========
ELIMINÉ: Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068}
ELIMINÉ MWPS Value: EnableLUA
ELIMINÉ MWPS Value: EnableUIADesktopToggle
ELIMINÉ MWPS Value: PromptOnSecureDesktop
ELIMINÉ MWPS Value: FilterAdministratorToken
ELIMINÉ MWPE Value: NoActiveDesktopChanges
ELIMINÉ: TCP Query User{4E516DF1-AE17-49B6-8305-79CC9ADF0C2A}C:\program files (x86)\1clickdownload\1clickdownload.exe
ELIMINÉ: UDP Query User{1E04EE63-0228-4E52-8AA4-2C900C182411}C:\program files (x86)\1clickdownload\1clickdownload.exe
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Elementos dos dados do Registo ==========
SUBSTITUI Value NoActiveDesktopChanges :   Good (0) - Bad (1)
SUBSTITUI Value EnableLUA :   Good (1) - Bad (0)

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ: c:\users\alessandra\appdata\local\google\chrome\user data\default\preferences
ELIMINÉ: c:\programdata\microsoft\windows\start menu\programs\documentação de ajuda da dell.lnk
ELIMINÉ: c:\users\alessandra\desktop\per_dcomp.lnk
ELIMINA REINICIAR: c:\windows\system32\drivers\360fltoem.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotectex.sys
ELIMINÉ: c:\program files (x86)\bonjour\mdnsresponder.exe
ELIMINÉ Flash Cookies (0) (0 octets)
ELIMINÉ Temporários windows (161) (30.877.035 octets)

========== Tarefa planificada ==========
ELIMINÉ: {1DB57F10-49BA-4B54-8174-BDAF9FFE33EA}
ELIMINÉ: {2C5B73DD-9C0D-4660-AF26-45337F7128D0}
ELIMINÉ: {6040CDCF-DC65-438A-BD75-7E9999128021}
ELIMINÉ: {63C4D94C-F499-4EBB-AFFB-EC72FFC34F9D}
ELIMINÉ: {6D76787D-21B2-4284-9844-91CA2A59F6A4}
ELIMINÉ: {911F512F-1654-43BB-86E0-F7BD2EAC893C}
ELIMINÉ: {ADD9D0D9-96E7-4332-B6D0-041D3B5AF376}
ELIMINÉ: {F520ADF1-4C3A-4BB2-80E8-90E6014F9D9F}
ELIMINÉ: {F70DE38F-26F7-439B-9BD8-01106D4A7E9E}
ELIMINÉ: {F80E98A7-5FC6-427B-980A-ED4BB308862D}

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
2 : Processo memória
25 : Chaves do Registo
14 : Valores do Registo
2 : Elementos dos dados do Registo
1 : Pastas
8 : Ficheiros
1 : Softwares
10 : Tarefa planificada
1 : Restauração Sistema


End of clean in 01mn 43s

========== Caminho do ficheiro do relatório ==========
C:\Users\Alessandra\AppData\Roaming\ZHP\ZHPFix[R1].txt - 05/02/2014 17:25:59 [5342]

como está o PC depois destas limpezas?

Boa tarde!

Estou tentando agora instalar o software da nota fiscal eletronica, mas não consigo, pois exibe a mensagem: "Suas definições de segurança impediram a execução de uma aplicação autoassinada".
Com faço para alterar essas definições e conseguir baixar o programa???

Esse erro aparece quando o Java é atualizado para a última versão. Você tem que ir na configuração do JAVA e fazer dar permissão para este programa e/ou site do mesmo.

Bom dia!

Obrigada pela dica. Fiz os acertos e consegui instalar o programa normalmente.

Abs.

  Fico feliz que o problema tenha sido resolvido.

Só para finalizar faça estes últimos procedimentos, por gentileza:

Instale o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (caso já tenha ele, não precisa instalar de novo).

Abra o Ccleaner > clique no botão Limpeza > clique na opção Executar Limpeza. Isto é demonstrado na imagem abaixo:


Confirme a operação acima clicando no botão OK. Aguarde a conclusão do procedimento.

Depois disto, clique no botão botão Registro > Procurar Erros > Corrigir erro(s) selecionado(s) > neste momento você poderá optar por fazer uma cópia das alterações que serão feitas no registro (por motivos de segurança), escolha a opção que desejar (sim ou não) > e confirme a limpeza clicando no botão Corrigir todos os erros selecionados > clique no botão Fechar (ou OK):

__________________________________________________________________________________________________________________

Depois disto siga também as dicas deste tutorial abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________

 Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Xplode) e salve no Desktop (Área de Trabalho)

*Depois disto é só executá-lo, deixar selecionadas as opções  Remove disinfection tools e Purge system restore

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Clique em [Run]

Depois de executar o Delfix conforme descrito acima, é só deletar o DelFix e o arquivo C:\DelFix.txt
_______________________________________________________________________________________________________________________

  Foi um prazer ajudar. Conte sempre conosco!

CASO RESOLVIDO

Caso a autora do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.