(RESOLVIDO) virus autorun

antes de fazer este procedimento acima é preciso colocar o pendrive no PC para ele ser limpo também, fazendo aquele procedimento de ficar apertando o Shift para o pendrive não contaminar o PC.

ComboFix 14-02-05.02 - MarceloNote 07/02/2014  10:34:49.1.2 - x64
Microsoft Windows 8 Pro  6.2.9200.0.1252.55.1046.18.3965.2736 [GMT -2]
Executando de: c:\users\MarceloNote\Downloads\ComboFix.exe
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((   Outras Exclusões   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\MarceloNote\AppData\Local\lollipop
c:\users\MarceloNote\AppData\Roaming\899
c:\users\MarceloNote\AppData\Roaming\899\9f88.js
.
.
((((((((((((((((   Arquivos/Ficheiros criados de 2014-01-07 to 2014-02-07  ))))))))))))))))))))))))))))
.
.
2014-02-07 12:39 . 2014-02-07 12:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-07 03:08 . 2014-02-07 03:12 -------- d-----w- C:\UsbFix
2014-02-07 01:42 . 2014-02-07 01:42 -------- d-----w- c:\programdata\AVG 0214c Campaign
2014-02-07 01:23 . 2009-08-11 21:45 150784 ----a-w- c:\windows\system32\drivers\ZTEusbvoice.sys
2014-02-07 01:23 . 2009-08-11 21:45 167424 ----a-w- c:\windows\system32\drivers\ZTEusbnet.sys
2014-02-07 01:23 . 2009-08-11 21:45 150784 ----a-w- c:\windows\system32\drivers\ZTEusbnmea.sys
2014-02-07 01:23 . 2009-08-11 21:45 150656 ----a-w- c:\windows\system32\drivers\ZTEusbser6k.sys
2014-02-07 01:23 . 2009-08-11 21:45 150656 ----a-w- c:\windows\system32\drivers\ZTEusbmdm6k.sys
2014-02-07 01:23 . 2014-02-07 01:24 -------- d-----w- c:\program files (x86)\SupportInfo
2014-02-07 01:23 . 2014-02-07 01:24 -------- d-----w- c:\program files (x86)\Vivo 3G
2014-02-07 01:23 . 2014-02-07 01:23 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2014-02-06 23:35 . 2014-02-06 23:35 -------- d-----w- C:\884
2014-02-05 15:03 . 2014-02-05 15:04 -------- d-----w- c:\programdata\AVG2014
2014-02-05 15:03 . 2014-02-05 15:03 -------- d-----w- C:\$AVG
2014-02-05 15:03 . 2014-02-05 15:03 -------- d-----w- c:\program files (x86)\AVG
2014-02-05 15:01 . 2014-02-05 15:01 -------- d-----w- c:\programdata\Baidu Security
2014-02-05 15:01 . 2014-02-05 15:01 -------- d-----w- c:\programdata\Log
2014-02-05 14:55 . 2014-02-07 11:03 -------- d-----w- c:\programdata\MFAData
2014-02-05 14:55 . 2014-02-05 14:55 -------- d--h--w- c:\programdata\Common Files
2014-02-05 14:55 . 2014-02-05 14:55 -------- d-----w- c:\program files (x86)\Baidu Security
2014-02-05 14:39 . 2014-02-05 14:43 -------- d-----w- c:\program files (x86)\Common Files\Avid
2014-02-05 14:39 . 2014-02-05 14:39 -------- d-----w- c:\program files (x86)\Common Files\Digidesign
2014-02-05 14:38 . 2014-02-05 14:38 -------- d-----w- c:\program files\Avid
2014-02-05 14:38 . 2014-02-05 14:38 -------- d-----w- c:\program files (x86)\Avid
2014-02-05 14:29 . 2014-02-05 14:30 -------- d-----w- C:\Cakewalk Projects
2014-02-05 14:27 . 2014-02-05 14:27 -------- d-----w- c:\program files\Common Files\Propellerhead Software
2014-02-05 14:27 . 2012-06-20 18:38 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2014-02-05 14:27 . 2012-06-20 18:38 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2014-02-05 14:27 . 2012-06-20 18:38 487424 ----a-w- c:\windows\SysWow64\msvcp70.dll
2014-02-05 14:27 . 2012-06-20 18:38 344064 ----a-w- c:\windows\SysWow64\msvcr70.dll
2014-02-05 14:27 . 2012-06-20 18:38 1047552 ----a-w- c:\windows\SysWow64\mfc71u.dll
2014-02-05 14:27 . 2012-06-20 18:38 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2014-02-05 14:25 . 2014-02-05 14:25 -------- d-----w- c:\programdata\Package Cache
2014-02-05 14:23 . 2014-02-05 14:30 -------- d-----w- C:\Cakewalk Content
2014-02-05 14:20 . 2014-02-05 14:30 -------- d-----w- c:\programdata\Cakewalk
2014-02-05 14:20 . 2014-02-05 14:27 -------- d-----w- c:\program files\Cakewalk
2014-02-05 09:09 . 2014-02-05 09:09 -------- d-----w- c:\programdata\Oracle
2014-02-05 09:09 . 2014-02-05 09:09 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-02-05 09:09 . 2014-02-05 09:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-02-05 09:09 . 2014-02-05 09:09 -------- d-----w- c:\program files (x86)\Java
2014-02-05 05:00 . 2012-06-23 23:24 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1DE3A60B-A8EE-4A76-9644-A18AC321106B}\mpengine.dll
2014-02-05 03:15 . 2014-02-05 03:15 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2014-02-05 03:09 . 2014-02-05 03:09 -------- d-----w- c:\programdata\regid.1995-08.com.techsmith
2014-02-05 03:09 . 2014-02-05 03:09 -------- d-----w- c:\program files (x86)\QuickTime
2014-02-05 03:09 . 2014-02-05 03:09 -------- d-----w- c:\program files (x86)\Common Files\TechSmith Shared
2014-02-05 03:08 . 2014-02-05 03:08 -------- d-----w- c:\programdata\TechSmith
2014-02-05 03:08 . 2014-02-05 03:08 -------- d-----w- c:\program files (x86)\TechSmith
2014-02-05 03:03 . 2014-02-05 03:03 555224 ----a-w- c:\windows\system32\drivers\RtkBtfilter.sys
2014-02-05 02:51 . 2014-02-05 02:51 -------- d-----w- c:\program files (x86)\Common Files\EZB Systems
2014-02-05 02:51 . 2014-02-05 02:51 -------- d-----w- c:\program files (x86)\UltraISO
2014-02-05 02:49 . 2014-02-05 02:49 -------- d-----w- c:\programdata\Microsoft Toolkit
2014-02-05 02:42 . 2012-10-18 14:57 106496 ----a-w- c:\windows\system32\SLCHook.dll
2014-02-05 02:36 . 2014-02-05 02:36 -------- d-----w- c:\program files\Common Files\DESIGNER
2014-02-05 02:36 . 2014-02-05 02:36 -------- d-----w- c:\program files\Microsoft.NET
2014-02-05 02:36 . 2014-02-05 02:36 -------- d-----w- c:\program files (x86)\Microsoft SQL Server
2014-02-05 02:35 . 2014-02-05 02:35 -------- d-----w- c:\windows\PCHEALTH
2014-02-05 02:35 . 2014-02-05 02:35 -------- d-----w- c:\program files\Microsoft SQL Server
2014-02-05 02:33 . 2014-02-05 02:33 -------- d-----w- c:\program files\Microsoft Analysis Services
2014-02-05 02:33 . 2014-02-05 02:33 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2014-02-05 02:33 . 2014-02-05 02:35 -------- d-----w- c:\program files\Microsoft Office
2014-02-05 02:33 . 2014-02-07 11:14 -------- d-----w- c:\programdata\Microsoft Help
2014-02-05 02:33 . 2014-02-05 02:33 -------- d-----r- C:\MSOCache
2014-02-05 02:26 . 2014-02-05 02:26 -------- d-----w- c:\program files (x86)\USB Disk Security
2014-02-05 02:24 . 2014-02-05 02:30 -------- d-----w- c:\program files (x86)\Mobogenie
2014-02-05 02:20 . 2014-02-05 15:02 -------- d-----w- c:\program files (x86)\Webteh
2014-02-05 02:14 . 2014-02-05 02:14 -------- d-----w- c:\program files (x86)\Reference Assemblies
2014-02-05 02:14 . 2014-02-05 02:14 -------- d-----w- c:\program files (x86)\MSBuild
2014-02-05 02:13 . 2014-02-05 02:13 -------- d-----w- c:\windows\SysWow64\XPSViewer
2014-02-05 02:13 . 2014-02-05 02:13 -------- d-----w- c:\program files\Reference Assemblies
2014-02-05 02:13 . 2014-02-05 02:13 -------- d-----w- c:\program files\MSBuild
2014-02-05 02:09 . 2012-07-06 02:02 778856 ----a-w- c:\windows\SysWow64\PresentationNative_v0300.dll
2014-02-05 02:09 . 2012-07-06 02:02 35400 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-02-05 02:09 . 2012-07-06 02:02 102528 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2014-02-05 02:09 . 2012-07-06 02:02 35400 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-02-05 02:09 . 2012-07-06 02:02 124040 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-02-05 02:09 . 2012-07-06 02:02 1166440 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2014-02-05 02:03 . 2014-02-05 02:30 -------- d-----w- c:\programdata\IePluginService
2014-02-05 02:03 . 2014-02-05 02:30 -------- d-----w- c:\program files (x86)\SupTab
2014-02-05 02:03 . 2014-02-05 02:03 -------- d-----w- c:\programdata\WPM
2014-02-05 01:56 . 2014-02-05 01:02 -------- d-----w- c:\windows\Panther
2014-02-05 01:48 . 2014-02-05 01:48 2979544 ----a-w- c:\windows\system32\drivers\rtwlane.sys
2014-02-05 01:47 . 2014-02-05 03:03 -------- d-----w- C:\DrvInstall
2014-02-05 01:47 . 2014-02-05 01:47 9889352 ----a-w- c:\windows\SysWow64\RtsBaStorIcon.dll
2014-02-05 01:47 . 2014-02-05 01:47 309976 ----a-w- c:\windows\system32\drivers\RtsBaStor.sys
2014-02-05 01:47 . 2014-02-05 01:47 -------- d-----w- c:\program files (x86)\Intel
2014-02-05 01:47 . 2014-02-05 01:47 -------- d-----w- C:\Intel
2014-02-05 01:45 . 2014-02-05 01:45 838872 ----a-w- c:\windows\system32\drivers\Rt630x64.sys
2014-02-05 01:45 . 2014-02-05 01:45 73800 ----a-w- c:\windows\system32\RtNicProp64.dll
2014-02-05 01:29 . 2014-02-05 01:29 240816 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10232.bin
2014-02-05 01:23 . 2014-02-05 01:23 -------- d-----w- c:\program files\CCleaner
2014-02-05 01:20 . 2014-02-05 01:50 -------- d-----w- c:\program files (x86)\Google
2014-02-05 01:16 . 2014-02-05 01:16 -------- d-----w- c:\program files\WinRAR
2014-02-05 01:09 . 2014-02-05 01:09 -------- d-----w- c:\programdata\IObit
2014-02-05 01:09 . 2014-02-05 01:09 -------- d-----w- c:\program files (x86)\IObit
2014-02-05 01:03 . 2014-02-05 01:03 -------- d-----w- c:\programdata\PRICache
2014-02-05 01:03 . 2014-02-07 12:33 -------- d-----w- c:\users\MarceloNote
.
.
.
(((((((((((((((((((((((((((((((((((((   Relatório Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-05 03:02 . 2012-07-25 20:22 12859392 ----a-w- c:\windows\system32\igd10umd64.dll
2014-01-09 08:02 . 2012-07-26 08:14 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-09 08:02 . 2012-07-26 08:14 694240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-26 10:41 . 2013-11-26 10:41 630272 ----a-w- c:\windows\SysWow64\tsccvid64.dll
2013-11-26 10:41 . 2013-11-26 10:41 602624 ----a-w- c:\windows\SysWow64\tsccvid.dll
.
.
((((((((((((((((((((((((((   Pontos de Carregamento do Registro   )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-10-01 22:38 1720976 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-10-01 22:38 1720976 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-10-01 22:38 1720976 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"9f88"="c:\users\MarceloNote\AppData\Roaming\899\9f88.js" [X]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB Security"="c:\program files (x86)\USB Disk Security\USBGuard.exe" [2013-06-21 687336]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2013-11-08 4956176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AutoUpdateDisableNotify"=dword:00000001
.
R0 Avgboota;AVG Early Launch Anti-Malware Driver;c:\windows\system32\DRIVERS\avgboota.sys;c:\windows\SYSNATIVE\DRIVERS\avgboota.sys [x]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
R2 Wpm;Wpm Service;c:\programdata\WPM\wprotectmanager.exe;c:\programdata\WPM\wprotectmanager.exe [x]
R3 BprotectEx;Baidu ProtectEx;c:\windows\System32\drivers\BprotectEx.sys;c:\windows\SYSNATIVE\drivers\BprotectEx.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 PCFApiUtil;PCFApiUtil;c:\program files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys;c:\program files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgwfpa;AVG Firewall Driver;c:\windows\system32\DRIVERS\avgwfpa.sys;c:\windows\SYSNATIVE\DRIVERS\avgwfpa.sys [x]
S2 avgwd;Watchdog do AVG;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 BthLEEnum;Driver de Baixa Energia do Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 RSBASTOR;Realtek PCIE CardReader Driver - BA;c:\windows\system32\DRIVERS\RtsBaStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsBaStor.sys [x]
S3 RtkBtFilter;Realtek Bluetooth Filter Driver;c:\windows\system32\DRIVERS\RtkBtfilter.sys;c:\windows\SYSNATIVE\DRIVERS\RtkBtfilter.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;c:\windows\system32\DRIVERS\rtwlane.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlane.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-05 01:50 1211720 ----a-w- c:\program files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2014-02-07 c:\windows\Tasks\AVG_SYS_TASK.job
- c:\programdata\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe [2014-02-07 19:07]
.
2014-02-07 c:\windows\Tasks\AVG_SYS_TASK_DELETE.job
- c:\programdata\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe [2014-02-07 19:07]
.
2014-02-07 c:\windows\Tasks\Driver Booster Update.job
- c:\program files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-02-05 16:16]
.
2014-02-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-05 01:20]
.
2014-02-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-05 01:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-10-01 22:37 2322576 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-10-01 22:37 2322576 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-10-01 22:37 2322576 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-02-05 172016]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-02-05 399856]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-02-05 442352]
.
------- Scan Suplementar -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
mDefault_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
mDefault_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
mStart Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE: &Enviar para o OneNote - c:\progra~1\MICROS~1\Office15\ONBttnIE.dll/105
IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~1\Office15\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.50.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
.
- - - - ORFÃOS REMOVIDOS - - - -
.
Wow6432Node-HKLM-Run-mobilegeni daemon - c:\program files (x86)\Mobogenie\DaemonProcess.exe
AddRemove-Killer Bugs v3 for Pro Tools 10.3.7 5.7.7 - c:\program files (x86)\Avid\Pro Tools\Uninstall.exe
.
.
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Tempo para conclusão: 2014-02-07  10:41:39
ComboFix-quarantined-files.txt  2014-02-07 12:41
.
Pré-execução: 453.083.156.480 bytes disponíveis
Pós execução: 453.259.595.776 bytes disponíveis
.
- - End Of File - - 8143CE305CA1B51D38474F19FDCF7BF8
5FB38429D5D77768867C76DCBDB35194

Você usou o Combofix com o pendrive conectado no PC?

sim

Tinha algum vírus tanto no pc ou no pen driver ?

fiquei pressionando shift ,conectei o pen driver ,e executei o combo (nao cliquei para abrir o pendrive ?era preciso ou ele abre so )

É interessante que não constou nenhum arquivo do pendrive no log do Combofix, como se ele não estivesse conectado.

Mas deixe o Pendrive conectado aí no PC que daqui há pouco vou te passar o script para remover alguns problemas que o Combofix detectou no PC.

Juciane Bee escreveu:Tinha algum vírus tanto no pc ou no pen driver ?

Juciane Bee escreveu:fiquei pressionando shift ,conectei o pen driver ,e executei o combo (nao cliquei para abrir o pendrive ?era preciso ou ele abre so )

C:\884 <-- pasta para ser removida.., pertence ao malware que infectou seu pendrive

F:\89898 >Pasta que está dentro de seu pendrive "Suspeita" e muito estranho o USBFIX não te removido essa pasta!

F:\a >> Essa pasta te pertence você que criou ?

F:\vvvvv >> VVVV <-- ?? que é isso ??? rsrs

Mantenha o antivirus com a proteção desativada, para não causar conflitos. Mantenha-o desativados até terminar as instruções.

Mantenha o pendrive conectado no PC.

Selecione e copie o texto abaixo destacado. Abra o Bloco de Notas e cole o que copiou. Salve então, na área de trabalho, com o nome de CFScript.txt

Folder::
c:\programdata\Baidu Security
c:\program files (x86)\Baidu Security
c:\program files (x86)\Mobogenie
program files (x86)\SupTab
c:\programdata\WPM
Driver::
Wpm
BprotectEx
PCFApiUtil
File::
c:\programdata\WPM\wprotectmanager.exe
c:\windows\System32\drivers\BprotectEx.sys
c:\windows\SYSNATIVE\drivers\BprotectEx.sys
c:\program files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys
DDS::
uStart Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
mDefault_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
mDefault_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
mStart Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
mSearch Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"9f88"=-

- Arraste o CFScript.txt para o ComboFix conforme a imagem abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Se solicitado pressione "Enter" para iniciar o processo de remoção;

Não use o mouse nem o teclado quando o ComboFix estiver rodando.

Quando terminar, será gerado um log, que estará em C:\ComboFix.txt

Obs: Se o Combofix não reiniciar seu computador automaticamente, faça-o manualmente.

Na sua próxima resposta, poste o relatório que estará em C:\ComboFix.txt

oi ..essa pasta de numeros nao e minha (creio q virus tb ) ...e o combofix nao tem o icone na area de trabalho  ?aond e  que colo ?

Juciane Bee escreveu:oi ..essa pasta de numeros nao e minha (creio q virus tb )

Para você saber se os arquivos desta pasta tem vírus ou não é só enviar eles (um de cada vez para serem analisados no site [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Neste site acima o arquivo é analisado por vários antivirus ao mesmo tempo, o que dá muito mais segurança no resultado.
___________________________________________________________________________________________________

e o combofix nao tem o icone na area de trabalho  ?aond e  que colo ?

Deve ser porque quando você salvou o Combofix você deve ter salvo ele em um outro local.

Baixe o ComboFix novamente neste link abaixo e salve-o no Desktop (área de trabalho):
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Depois disto siga o procedimento que te passei na resposta anterior e poste o log do Combofix em sua próxima resposta

boa tarde agora nao consigo mais baixar  o combo ele ate executa mas nao faz o procedimento ate o final ...ta desabilitado o avg

Ele dá alguma mensagem de erro?

Hospedei o Combofix no endereço abaixo com o nome de amigo.rar, baixe-o e salve-o no Desktop (área de trabalho):
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Depois de baixá-lo, clique com o botão direito do mouse sobre ele e escolha a opção de extrair aqui.

Aí é só você pegar o CFScript que deverá estar na área de trabalho e arrastar para dentro do Amigo.exe como te falei na mensagem anterior.

oii ...nao to sabendo :(tipo baixei ele ..abri mas nao achei a ooção extrair aqui

Quando você baixou o Combofix pela primeira vez, onde ele estava? é só você achar onde ele está e copiar ele para o Desktop (área de trabalho).

Aí quando ele estiver em sua área de trabalho, você puxa o CFScript e joga em cima do ícone do Combofix.

Você baixou o Combofix neste local:
c:\users\MarceloNote\Downloads\ComboFix.exe

Então é só acessar este local acima, copiar o Combofix que está lá e jogar ele do Desktop. E depois disto faça o procedimento com o CFScript.

ComboFix 14-02-05.02 - MarceloNote 07/02/2014  15:44:13.2.2 - x64
Microsoft Windows 8 Pro  6.2.9200.0.1252.55.1046.18.3965.2597 [GMT -2]
Executando de: c:\users\MarceloNote\Downloads\ComboFix.exe
Comandos utilizados :: c:\users\MarceloNote\Desktop\CFScript.txt.txt
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys"
"c:\programdata\WPM\wprotectmanager.exe"
"c:\windows\system32\drivers\BprotectEx.sys"
"c:\windows\System32\drivers\BprotectEx.sys"
.
.
(((((((((((((((((((((((((((((((((((((   Outras Exclusões   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Baidu Security
c:\program files (x86)\Mobogenie
c:\program files (x86)\Mobogenie\MgAssist.exe
c:\program files (x86)\Mobogenie\msvcp100.dll
c:\program files (x86)\Mobogenie\msvcr100.dll
c:\program files (x86)\Mobogenie\ok.htm
c:\program files (x86)\Mobogenie\QtCore4.dll
c:\programdata\Baidu Security
c:\programdata\Baidu Security\PC Faster\4.0.0.0\sysopt\opthis.dat
c:\programdata\Baidu Security\PC Faster\4.0.0.0\sysopt\optignore.dat
c:\programdata\Baidu Security\PC Faster\4.0.0.0\sysopt\snopthis.dat
c:\programdata\Baidu Security\RpData\rpFile-Updater-2014-02-05 02-02-00-0496-[23659].tmp
c:\programdata\WPM
c:\programdata\WPM\update\conf
c:\programdata\WPM\wprotectmanager.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Serviços   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_BprotectEx
-------\Service_PCFApiUtil
-------\Service_Wpm
.
.
((((((((((((((((   Arquivos/Ficheiros criados de 2014-01-07 to 2014-02-07  ))))))))))))))))))))))))))))
.
.
2014-02-07 17:52 . 2014-02-07 17:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-07 16:06 . 2014-02-07 16:06 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2014-02-07 15:53 . 2013-06-22 05:45 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2014-02-07 15:53 . 2013-06-22 05:45 54488 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2014-02-07 15:53 . 2013-07-01 22:14 25600 ----a-w- c:\windows\system32\drivers\usbprint.sys
2014-02-07 15:53 . 2013-06-29 03:08 32768 ----a-w- c:\windows\system32\drivers\hidparse.sys
2014-02-07 15:53 . 2013-06-29 03:07 83968 ----a-w- c:\windows\system32\drivers\hidclass.sys
2014-02-07 15:53 . 2013-05-04 04:48 27648 ----a-w- c:\windows\system32\drivers\hidusb.sys
2014-02-07 15:50 . 2013-07-05 22:02 99328 ----a-w- c:\windows\system32\drivers\usbcir.sys
2014-02-07 15:45 . 2013-10-01 23:37 1569280 ----a-w- c:\windows\SysWow64\crypt32.dll
2014-02-07 15:45 . 2013-10-01 23:26 1890816 ----a-w- c:\windows\system32\crypt32.dll
2014-02-07 15:36 . 2013-04-23 23:13 1013248 ----a-w- c:\windows\SysWow64\certutil.exe
2014-02-07 15:36 . 2013-04-23 22:56 1255936 ----a-w- c:\windows\system32\certutil.exe
2014-02-07 15:36 . 2013-04-23 23:12 109056 ----a-w- c:\windows\SysWow64\cryptnet.dll
2014-02-07 15:36 . 2013-04-23 22:55 141312 ----a-w- c:\windows\system32\cryptnet.dll
2014-02-07 15:36 . 2013-07-09 06:07 2233168 ----a-w- c:\windows\system32\drivers\tcpip.sys
2014-02-07 15:36 . 2013-03-02 09:59 411880 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2014-02-07 15:33 . 2013-04-11 22:30 1421312 ----a-w- c:\windows\SysWow64\DWrite.dll
2014-02-07 15:33 . 2013-04-11 22:22 1838080 ----a-w- c:\windows\system32\DWrite.dll
2014-02-07 15:33 . 2012-10-24 03:24 405504 ----a-w- c:\windows\system32\pcasvc.dll
2014-02-07 15:33 . 2012-10-24 03:25 13312 ----a-w- c:\windows\system32\pcalua.exe
2014-02-07 15:33 . 2012-10-24 03:24 31232 ----a-w- c:\windows\system32\pcadm.dll
2014-02-07 15:33 . 2012-10-24 03:05 11776 ----a-w- c:\windows\system32\pcaevts.dll
2014-02-07 15:33 . 2013-08-23 07:22 2062848 ----a-w- c:\windows\system32\d3d11.dll
2014-02-07 15:33 . 2013-08-23 01:44 1711616 ----a-w- c:\windows\SysWow64\d3d11.dll
2014-02-07 15:28 . 2013-11-23 06:43 420864 ----a-w- c:\windows\system32\WMPhoto.dll
2014-02-07 15:28 . 2013-11-23 05:05 368640 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2014-02-07 15:28 . 2013-12-07 06:37 688640 ----a-w- c:\windows\system32\WSShared.dll
2014-02-07 15:28 . 2013-12-07 06:37 163840 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-07 15:28 . 2013-12-07 05:15 562688 ----a-w- c:\windows\SysWow64\WSShared.dll
2014-02-07 15:28 . 2013-12-07 05:15 124928 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-07 15:28 . 2013-08-16 05:21 198656 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.dll
2014-02-07 15:28 . 2013-08-15 22:43 143872 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.dll
2014-02-07 15:28 . 2013-04-02 23:12 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2014-02-07 15:28 . 2013-04-02 23:37 25088 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2014-02-07 13:06 . 2013-09-23 22:30 419328 ----a-w- c:\windows\system32\schannel.dll
2014-02-07 13:06 . 2013-09-23 22:30 323072 ----a-w- c:\windows\SysWow64\schannel.dll
2014-02-07 13:05 . 2013-02-05 22:31 622080 ----a-w- c:\windows\system32\drivers\srv2.sys
2014-02-07 13:05 . 2013-02-05 22:29 370688 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2014-02-07 13:05 . 2013-02-05 22:28 215552 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2014-02-07 13:05 . 2013-02-05 22:28 247808 ----a-w- c:\windows\system32\drivers\srvnet.sys
2014-02-07 12:55 . 2013-08-07 05:15 144896 ----a-w- c:\windows\system32\tssdisai.dll
2014-02-07 12:55 . 2012-11-10 04:22 122880 ----a-w- c:\windows\system32\VmHostAI.dll
2014-02-07 12:55 . 2012-11-10 04:22 126976 ----a-w- c:\windows\system32\RDWebAI.dll
2014-02-07 12:55 . 2012-11-10 04:20 135680 ----a-w- c:\windows\system32\appserverai.dll
2014-02-07 12:55 . 2012-11-10 04:23 132608 ----a-w- c:\windows\SysWow64\poqexec.exe
2014-02-07 12:55 . 2012-11-10 04:23 148480 ----a-w- c:\windows\system32\poqexec.exe
2014-02-07 12:55 . 2013-08-02 06:28 10116608 ----a-w- c:\windows\system32\twinui.dll
2014-02-07 12:55 . 2013-08-02 05:08 8858112 ----a-w- c:\windows\SysWow64\twinui.dll
2014-02-07 12:55 . 2013-10-01 23:37 2035712 ----a-w- c:\windows\SysWow64\authui.dll
2014-02-07 12:55 . 2013-10-01 23:26 2304512 ----a-w- c:\windows\system32\authui.dll
2014-02-07 12:55 . 2013-03-02 10:39 69864 ----a-w- c:\windows\system32\drivers\pdc.sys
2014-02-07 12:55 . 2013-03-02 02:43 2146304 ----a-w- c:\windows\system32\actxprxy.dll
2014-02-07 12:55 . 2013-02-07 01:33 754176 ----a-w- c:\windows\SysWow64\actxprxy.dll
2014-02-07 12:54 . 2013-11-01 05:38 312320 ----a-w- c:\windows\system32\msieftp.dll
2014-02-07 12:54 . 2013-11-01 03:49 273408 ----a-w- c:\windows\SysWow64\msieftp.dll
2014-02-07 12:53 . 2012-12-13 04:00 2048 ----a-w- c:\windows\system32\tzres.dll
2014-02-07 12:53 . 2012-12-13 03:59 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-02-07 12:53 . 2013-05-23 23:02 1314816 ----a-w- c:\windows\system32\rpcrt4.dll
2014-02-07 12:53 . 2013-05-23 22:25 694272 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-02-07 11:42 . 2013-06-01 09:25 496640 ----a-w- c:\windows\SysWow64\qedit.dll
2014-02-07 11:42 . 2013-06-01 09:21 595968 ----a-w- c:\windows\system32\qedit.dll
2014-02-07 11:31 . 2013-04-27 05:20 733184 ----a-w- c:\windows\system32\win32spl.dll
2014-02-07 11:24 . 2013-05-04 06:59 2842112 ----a-w- c:\windows\system32\WMVDECOD.DLL
2014-02-07 11:24 . 2013-05-04 04:57 2620928 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2014-02-07 11:24 . 2013-07-19 22:13 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-02-07 11:24 . 2013-07-19 22:13 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2014-02-07 11:24 . 2013-10-10 09:32 115712 ----a-w- c:\windows\SysWow64\cscript.exe
2014-02-07 11:24 . 2013-10-10 09:30 162304 ----a-w- c:\windows\SysWow64\scrobj.dll
2014-02-07 11:24 . 2013-10-10 09:30 156160 ----a-w- c:\windows\SysWow64\scrrun.dll
2014-02-07 11:24 . 2013-10-10 09:24 143872 ----a-w- c:\windows\system32\wshom.ocx
2014-02-07 11:24 . 2013-10-10 09:23 146944 ----a-w- c:\windows\system32\cscript.exe
2014-02-07 11:24 . 2013-10-10 09:22 222720 ----a-w- c:\windows\system32\scrobj.dll
2014-02-07 11:24 . 2013-10-10 09:22 194048 ----a-w- c:\windows\system32\scrrun.dll
2014-02-07 11:20 . 2013-07-13 06:18 337408 ----a-w- c:\windows\system32\wintrust.dll
2014-02-07 11:20 . 2013-07-13 04:24 261120 ----a-w- c:\windows\SysWow64\wintrust.dll
2014-02-07 11:20 . 2013-07-13 06:16 68096 ----a-w- c:\windows\system32\cryptsvc.dll
2014-02-07 11:20 . 2013-07-13 06:15 124416 ----a-w- c:\windows\system32\apprepapi.dll
2014-02-07 11:20 . 2013-07-13 06:15 98304 ----a-w- c:\windows\system32\apprepsync.dll
2014-02-07 11:20 . 2013-07-13 04:23 87040 ----a-w- c:\windows\SysWow64\apprepapi.dll
2014-02-07 11:20 . 2013-07-13 04:23 74240 ----a-w- c:\windows\SysWow64\apprepsync.dll
2014-02-07 11:20 . 2013-07-02 01:41 447320 ----a-w- c:\windows\system32\drivers\USBHUB3.SYS
2014-02-07 11:20 . 2013-07-02 01:41 337752 ----a-w- c:\windows\system32\drivers\USBXHCI.SYS
2014-02-07 11:20 . 2013-07-02 01:41 213336 ----a-w- c:\windows\system32\drivers\UCX01000.SYS
2014-02-07 11:20 . 2013-03-15 00:17 861184 ----a-w- c:\windows\system32\drivers\http.sys
2014-02-07 03:28 . 2013-09-28 03:35 288768 ----a-w- c:\windows\system32\drivers\portcls.sys
2014-02-07 03:28 . 2012-10-11 07:02 1636672 ----a-w- c:\windows\system32\WMALFXGFXDSP.dll
2014-02-07 03:28 . 2012-10-11 05:45 370176 ----a-w- c:\windows\system32\SysFxUI.dll
2014-02-07 03:28 . 2012-10-11 05:19 5632 ----a-w- c:\windows\system32\drivers\drmkaud.sys
2014-02-07 03:28 . 2012-10-11 05:18 111616 ----a-w- c:\windows\system32\drivers\drmk.sys
2014-02-07 03:28 . 2013-04-11 06:40 6987528 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-02-07 03:23 . 2012-11-01 04:40 2361344 ----a-w- c:\windows\system32\msxml6.dll
2014-02-07 03:23 . 2012-11-01 04:41 1802240 ----a-w- c:\windows\SysWow64\msxml6.dll
2014-02-07 03:23 . 2012-11-01 04:40 1836032 ----a-w- c:\windows\system32\msxml3.dll
2014-02-07 03:23 . 2012-11-01 04:41 1438720 ----a-w- c:\windows\SysWow64\msxml3.dll
2014-02-07 03:23 . 2012-11-01 04:21 2048 ----a-w- c:\windows\system32\msxml6r.dll
2014-02-07 03:23 . 2012-11-01 04:21 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-02-07 03:23 . 2012-11-01 04:20 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2014-02-07 03:23 . 2012-11-01 04:20 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2014-02-07 03:22 . 2013-09-04 03:11 576512 ----a-w- c:\windows\system32\drivers\afd.sys
2014-02-07 03:18 . 2012-11-03 05:26 32256 ----a-w- c:\windows\SysWow64\dpnsvr.exe
2014-02-07 03:18 . 2012-11-03 05:24 8192 ----a-w- c:\windows\SysWow64\dpnhupnp.dll
2014-02-07 03:18 . 2012-11-03 05:24 8192 ----a-w- c:\windows\SysWow64\dpnhpast.dll
2014-02-07 03:18 . 2012-11-03 05:24 58880 ----a-w- c:\windows\SysWow64\dpnathlp.dll
2014-02-07 03:18 . 2012-11-03 05:24 375808 ----a-w- c:\windows\SysWow64\dpnet.dll
2014-02-07 03:18 . 2012-11-03 05:00 3072 ----a-w- c:\windows\SysWow64\dpnlobby.dll
2014-02-07 03:18 . 2012-11-03 05:00 2560 ----a-w- c:\windows\SysWow64\dpnaddr.dll
2014-02-07 03:17 . 2012-11-03 05:26 34816 ----a-w- c:\windows\system32\dpnsvr.exe
2014-02-07 03:17 . 2012-11-03 05:24 9216 ----a-w- c:\windows\system32\dpnhupnp.dll
2014-02-07 03:17 . 2012-11-03 05:24 9216 ----a-w- c:\windows\system32\dpnhpast.dll
2014-02-07 03:17 . 2012-11-03 05:24 67584 ----a-w- c:\windows\system32\dpnathlp.dll
2014-02-07 03:17 . 2012-11-03 05:24 463872 ----a-w- c:\windows\system32\dpnet.dll
2014-02-07 03:17 . 2012-11-03 05:04 4096 ----a-w- c:\windows\system32\dpnlobby.dll
2014-02-07 03:17 . 2012-11-03 05:04 3584 ----a-w- c:\windows\system32\dpnaddr.dll
2014-02-07 03:08 . 2014-02-07 03:12 -------- d-----w- C:\UsbFix
2014-02-07 02:56 . 2013-03-22 03:49 2382336 ----a-w- c:\windows\SysWow64\esent.dll
2014-02-07 02:56 . 2013-03-21 22:47 2851840 ----a-w- c:\windows\system32\esent.dll
2014-02-07 02:06 . 2013-11-06 23:18 4036608 ----a-w- c:\windows\system32\win32k.sys
2014-02-07 01:42 . 2014-02-07 01:42 -------- d-----w- c:\programdata\AVG 0214c Campaign
2014-02-07 01:23 . 2009-08-11 21:45 150784 ----a-w- c:\windows\system32\drivers\ZTEusbvoice.sys
2014-02-07 01:23 . 2009-08-11 21:45 167424 ----a-w- c:\windows\system32\drivers\ZTEusbnet.sys
2014-02-07 01:23 . 2009-08-11 21:45 150784 ----a-w- c:\windows\system32\drivers\ZTEusbnmea.sys
2014-02-07 01:23 . 2009-08-11 21:45 150656 ----a-w- c:\windows\system32\drivers\ZTEusbser6k.sys
2014-02-07 01:23 . 2009-08-11 21:45 150656 ----a-w- c:\windows\system32\drivers\ZTEusbmdm6k.sys
2014-02-07 01:23 . 2014-02-07 01:24 -------- d-----w- c:\program files (x86)\SupportInfo
.
.
(((((((((((((((((((((((((((((((((((((   Relatório Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-05 03:02 . 2012-07-25 20:22 12859392 ----a-w- c:\windows\system32\igd10umd64.dll
2014-01-09 08:02 . 2012-07-26 08:14 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-09 08:02 . 2012-07-26 08:14 694240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-26 10:41 . 2013-11-26 10:41 630272 ----a-w- c:\windows\SysWow64\tsccvid64.dll
2013-11-26 10:41 . 2013-11-26 10:41 602624 ----a-w- c:\windows\SysWow64\tsccvid.dll
.
.
((((((((((((((((((((((((((   Pontos de Carregamento do Registro   )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-11-02 14:35 1727176 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-11-02 14:35 1727176 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-11-02 14:35 1727176 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB Security"="c:\program files (x86)\USB Disk Security\USBGuard.exe" [2013-06-21 687336]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2013-11-08 4956176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AutoUpdateDisableNotify"=dword:00000001
.
R0 Avgboota;AVG Early Launch Anti-Malware Driver;c:\windows\system32\DRIVERS\avgboota.sys;c:\windows\SYSNATIVE\DRIVERS\avgboota.sys [x]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgwfpa;AVG Firewall Driver;c:\windows\system32\DRIVERS\avgwfpa.sys;c:\windows\SYSNATIVE\DRIVERS\avgwfpa.sys [x]
S2 avgwd;Watchdog do AVG;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 BthLEEnum;Driver de Baixa Energia do Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 RSBASTOR;Realtek PCIE CardReader Driver - BA;c:\windows\system32\DRIVERS\RtsBaStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsBaStor.sys [x]
S3 RtkBtFilter;Realtek Bluetooth Filter Driver;c:\windows\system32\DRIVERS\RtkBtfilter.sys;c:\windows\SYSNATIVE\DRIVERS\RtkBtfilter.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;c:\windows\system32\DRIVERS\rtwlane.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlane.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-05 01:50 1211720 ----a-w- c:\program files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2014-02-07 c:\windows\Tasks\AVG_SYS_TASK.job
- c:\programdata\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe [2014-02-07 19:07]
.
2014-02-07 c:\windows\Tasks\AVG_SYS_TASK_DELETE.job
- c:\programdata\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe [2014-02-07 19:07]
.
2014-02-07 c:\windows\Tasks\Driver Booster Update.job
- c:\program files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-02-05 16:16]
.
2014-02-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-05 01:20]
.
2014-02-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-05 01:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-11-02 14:30 2331336 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-11-02 14:30 2331336 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-11-02 14:30 2331336 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-02-05 172016]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-02-05 399856]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-02-05 442352]
.
------- Scan Suplementar -------
.
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
mDefault_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
mStart Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE: &Enviar para o OneNote - c:\progra~1\MICROS~1\Office15\ONBttnIE.dll/105
IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~1\Office15\EXCEL.EXE/3000
TCP: Interfaces\{8C1DFFF6-835D-409F-892B-F25F2E4189D0}: NameServer = 187.100.246.254 187.100.246.251
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
.
- - - - ORFÃOS REMOVIDOS - - - -
.
AddRemove-Killer Bugs v3 for Pro Tools 10.3.7 5.7.7 - c:\program files (x86)\Avid\Pro Tools\Uninstall.exe
AddRemove-WPM - c:\programdata\WPM\wprotectmanager.exe
.
.
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
------------------------ Outros Processos em Execução ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
.
**************************************************************************
.
Tempo para conclusão: 2014-02-07  16:00:21 - Máquina reiniciou
ComboFix-quarantined-files.txt  2014-02-07 18:00
ComboFix2.txt  2014-02-07 12:41
.
Pré-execução: 450.729.562.112 bytes disponíveis
Pós execução: 450.061.668.352 bytes disponíveis
.
- - End Of File - - 9D2493D016FE6EB9A17B21E307A3E719
5FB38429D5D77768867C76DCBDB35194

  Mais alguns problemas foram removidos.
_______________________________________________

 Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Copie todo este texto destacado em vermelho abaixo e cole-o no espaço em branco do Zoek:

createsrpoint;
autoclean;
chrdefaults;
chromelook;
emptyalltemp;
iedefaults;
resetieproxy;
resethosts;
shortcutfix;

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

Zoek.exe is running now.
Do not start any browser windows, they will be closed automatically.
Please wait! This window will close when finished.
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

Zoek.exe v5.0.0.0 Updated 07-February-2014
Tool run by MarceloNote on 07/02/2014 at 16:14:33,26.
Microsoft Windows 8 Pro 6.2.9200  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\MarceloNote\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

07/02/2014 16:16:14 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1       localhost
::1             localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2029740786-2464121376-3946383696-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command]
@="C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe"

==== Deleting Files \ Folders ======================

C:\Users\MarceloNote\AppData\Local\genienext deleted
C:\Users\MarceloNote\daemonprocess.txt deleted
C:\Users\MarceloNote\.android deleted
C:\PROGRA~2\SupTab deleted
C:\ProgramData\IePluginService deleted
C:\ProgramData\Package Cache deleted
C:\Users\MarceloNote\AppData\Local\Mobogenie deleted
C:\Users\MarceloNote\AppData\Local\cache deleted
C:\Users\MarceloNote\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx deleted
C:\Users\MarceloNote\AppData\Local\Google\Chrome\User Data\Default\Extensions\WebNavigation.crx deleted
C:\windows\SysNative\tasks\AVG_SYS_TASK deleted
C:\windows\SysNative\tasks\AVG_SYS_TASK_DELETE deleted
C:\Users\MarceloNote\Documents\Mobogenie deleted
"C:\ProgramData\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe" deleted
"C:\ProgramData\AVG 0214c Campaign" not deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lkemddiljapcmhicklfpcbpfffahfbja - C:\Users\MarceloNote\AppData\Local\Google\Chrome\User Data\Default\extensions\WebNavigation.crx[]
pkndmigholgfjlniaohblojbhgjbkakn - C:\Users\MarceloNote\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx[]

Google Docs - MarceloNote\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - MarceloNote\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - MarceloNote\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Extended Protection - MarceloNote\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Google Search - MarceloNote\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - MarceloNote\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - MarceloNote\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\MarceloNote\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.awesomehp.com/web/?type=ds&ts=1391565731&from=amt&uid=ST500LM012XHN-M500MBB_S2SKJ5DC825288&q={searchTerms}"
"Default_Page_URL"="http://www.awesomehp.com/?type=hp&ts=1391565731&from=amt&uid=ST500LM012XHN-M500MBB_S2SKJ5DC825288"
"Start Page"="http://www.linkzb.com"
"Search Page"="http://www.awesomehp.com/web/?type=ds&ts=1391565731&from=amt&uid=ST500LM012XHN-M500MBB_S2SKJ5DC825288&q={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.awesomehp.com/web/?type=ds&ts=1391565731&from=amt&uid=ST500LM012XHN-M500MBB_S2SKJ5DC825288&q={searchTerms}"
"Default_Page_URL"="http://www.awesomehp.com/?type=hp&ts=1391565731&from=amt&uid=ST500LM012XHN-M500MBB_S2SKJ5DC825288"
"Start Page"="http://www.linkzb.com"
"Search Page"="http://www.awesomehp.com/web/?type=ds&ts=1391565731&from=amt&uid=ST500LM012XHN-M500MBB_S2SKJ5DC825288&q={searchTerms}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\MarceloNote\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\MarceloNote\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\MarceloNote\Desktop\ComboFix - Atalho.lnk - C:\Users\MarceloNote\Downloads\ComboFix.exe
C:\Users\MarceloNote\Desktop\UsbFix.lnk - C:\UsbFix\UsbFix.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\AVG 2014.lnk - C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Users\Public\Desktop\Camtasia Studio 8.lnk - C:\Program Files (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe
C:\Users\Public\Desktop\Pro Tools 10.lnk - C:\Program Files (x86)\Avid\Pro Tools\ProTools.exe
C:\Users\Public\Desktop\SONAR X3 Producer Trial (x64).lnk - C:\Program Files\Cakewalk\SONAR X3 Producer Trial\SONARPDR.exe
C:\Users\Public\Desktop\UltraISO.lnk - C:\Program Files (x86)\UltraISO\UltraISO.exe
C:\Users\Public\Desktop\USB Disk Security.lnk - C:\Program Files (x86)\USB Disk Security\USBGuard.exe
C:\Users\Public\Desktop\Vivo 3G.lnk - C:\Program Files (x86)\Vivo 3G\Vivo 3G.exe

==== shortcuts in Users Start Menu ======================

C:\Users\MarceloNote\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\MarceloNote\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm
C:\Users\MarceloNote\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual do Console RAR.lnk - C:\Program Files (x86)\WinRAR\Rar.txt
C:\Users\MarceloNote\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\O que há de novo na última versão.lnk -  
C:\Users\MarceloNote\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1046-7B44-AB0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2014.lnk - C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avid\Pro Tools\DigiTest.lnk - C:\Program Files (x86)\Avid\Pro Tools\Pro Tools Utilities\DigiTest\DigiTest.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avid\Pro Tools\Documentation.lnk - C:\Windows\SysWOW64\explorer.exe C:\Program Files (x86)\Avid\Pro Tools\Documentation
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avid\Pro Tools\Pro Tools 10.lnk - C:\Program Files (x86)\Avid\Pro Tools\ProTools.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cakewalk\SONAR X3 Producer Trial\Burn Audio CD.lnk - C:\Program Files\Cakewalk\Shared Utilities\CakewalkPublisher.exe -cd
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cakewalk\SONAR X3 Producer Trial\Cakewalk Audio Finder.lnk - C:\Program Files\Cakewalk\Shared Utilities\cwaftool.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cakewalk\SONAR X3 Producer Trial\Cakewalk Publisher.lnk - C:\Program Files\Cakewalk\Shared Utilities\CakewalkPublisher.exe -web
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cakewalk\SONAR X3 Producer Trial\SONAR X3 Producer Trial Help(x64).lnk - C:\Program Files\Cakewalk\SONAR X3 Producer Trial\SONAR.CHM
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cakewalk\SONAR X3 Producer Trial\SONAR X3 Producer Trial Readme(x64).lnk - C:\ProgramData\Cakewalk\SONAR X3 Producer Trial\Readme.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cakewalk\SONAR X3 Producer Trial\SONAR X3 Producer Trial(x64).lnk - C:\Program Files\Cakewalk\SONAR X3 Producer Trial\SONARPDR.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cakewalk\SONAR X3 Producer Trial\Uninstall SONAR X3 Producer Trial(x64).lnk - C:\Program Files (x86)\Cakewalk\SONAR X3 Producer Trial\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk - C:\Program Files (x86)\CCleaner\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster\Desinstalar Driver Booster.lnk - C:\Program Files (x86)\IObit\Driver Booster\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster\Driver Booster.lnk - C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\accicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Enviar para o OneNote 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\joticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\xlicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Designer 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\inficon.exe  /design
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Filler 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\inficon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Lync 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\joticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\outicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pptico.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pubs.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\SkyDrive Pro 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\grv_icons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\wordicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Centro de Carregamento do Office 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\msouc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Database Compare 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\dbcicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Gerenciador de Gravação do Lync.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Log de Telemetria do Office 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\osmclienticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Painel de Telemetria do Office 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\osmadminicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Preferências de Idioma do Office 2013.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Spreadsheet Compare 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\sscicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith\Camtasia Recorder 8.lnk - C:\Windows\Installer\{5303CFB5-D635-44F0-A94B-9611E81F07C4}\CamtasiaIcons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith\Camtasia Studio 8.lnk - C:\Windows\Installer\{5303CFB5-D635-44F0-A94B-9611E81F07C4}\CamtasiaIcons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO\UltraISO Help.lnk - C:\Program Files (x86)\UltraISO\ultraiso.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO\UltraISO Readme.lnk - C:\Program Files (x86)\UltraISO\Readme.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO\UltraISO Revision History.lnk - C:\Program Files (x86)\UltraISO\History.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO\UltraISO.lnk - C:\Program Files (x86)\UltraISO\UltraISO.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO\Uninstall UltraISO.lnk - C:\Program Files (x86)\UltraISO\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Security\Desinstalar USB Disk Security.lnk - C:\Program Files (x86)\USB Disk Security\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Security\Help.lnk - C:\Program Files (x86)\USB Disk Security\USBGuard.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Security\USB Disk Security.lnk - C:\Program Files (x86)\USB Disk Security\USBGuard.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Security\Web Navigation.lnk - C:\Program Files (x86)\USB Disk Security\linkzb.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vivo 3G\Desinstalar.lnk - C:\Program Files (x86)\SupportInfo\Setup\data.exe -l0x%x -removeonly
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vivo 3G\Vivo 3G.lnk - C:\Program Files (x86)\Vivo 3G\Vivo 3G.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual do Console RAR.lnk - C:\Program Files (x86)\WinRAR\Rar.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\O que há de novo na última versão.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\MarceloNote\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\MarceloNote\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\MarceloNote\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Pro Tools 10.lnk - C:\Program Files (x86)\Avid\Pro Tools\ProTools.exe
C:\Users\MarceloNote\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\MarceloNote\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\MarceloNote\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\chrome - Atalho.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\MarceloNote\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\MarceloNote\AppData\Roaming\Microsoft\Windows\Libraries
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

==== shortcuts After Repair ======================

C:\Users\MarceloNote\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\MarceloNote\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\MarceloNote\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lkemddiljapcmhicklfpcbpfffahfbja deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pkndmigholgfjlniaohblojbhgjbkakn deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WPM deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\MarceloNote\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\MarceloNote\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\MarceloNote\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1296 folders=146 147952499 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Public\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\MarceloNote\AppData\Local\Temp  will be emptied at reboot
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\MARCEL~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\ProgramData\AVG 0214c Campaign"  not found

==== EOF on 07/02/2014 at 16:41:51,23 ======================

Como está o computador e pendrive depois destas limpezas?

esta mais rapido ...no pen driver esta sem o virus ..o pc acredito que tb...( vc que entende e olhou tem virus ainda?

Nos relatórios dos programas que usamos não apareceu mais vírus no pendrive. E quanto aos do PC constam que foram removidos.

Seria bom agora você fazer uma verificação completa com seu antivirus no computador e no pendrive para remover mais algum probleminha que possa haver neles.

Depois desta limpeza nos diga se o antivirus removeu mais algum problema.

Boa tarde verifiquei completo sem vírus .agradeço muito a vcs pela compreensão problema resolvido .grata

  Fico feliz que o problema tenha sido resolvido.

Só para finalizar faça estes últimos procedimentos, por gentileza:

Instale o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (caso já tenha ele, não precisa instalar de novo).

Abra o Ccleaner > clique no botão Limpeza > clique na opção Executar Limpeza. Isto é demonstrado na imagem abaixo:


Confirme a operação acima clicando no botão OK. Aguarde a conclusão do procedimento.

Depois disto, clique no botão botão Registro > Procurar Erros > Corrigir erro(s) selecionado(s) > neste momento você poderá optar por fazer uma cópia das alterações que serão feitas no registro (por motivos de segurança), escolha a opção que desejar (sim ou não) > e confirme a limpeza clicando no botão Corrigir todos os erros selecionados > clique no botão Fechar (ou OK):

__________________________________________________________________________________________________________________

Depois disto siga também as dicas deste tutorial abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________

 Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Xplode) e salve no Desktop (Área de Trabalho)

*Depois disto é só executá-lo, deixar selecionadas as opções  Remove disinfection tools e Purge system restore

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Clique em [Run]

Depois de executar o Delfix conforme descrito acima, é só deletar o DelFix e o arquivo C:\DelFix.txt
_______________________________________________________________________________________________________________________

  Foi um prazer ajudar. Conte sempre conosco!

CASO RESOLVIDO

Caso a autora do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.