Virus de Navegador

por emily00 Dom 09 Mar 2014, 18:37

Boa noite pessoal,

Preciso muito de ajuda para me livrar de um virus que entrou no internet explorer, já passei quase todos os antivírus que eu conheço mas não resolveu.

Passei também o Antimalwarebytes, parecia que ele tinha saído, mas quando eu ascessei o internet explorer ele reapareceu.

O nome que apareceu na url da janela que abriu sozinha é Wrapper.z5x.net.

Se puderem me ajudar agradeço

por **Power Max** Dom 09 Mar 2014, 18:43

Oi Emily. Seja bem vinda ao Fórum PC Brasil.
______________________________________________________

Passei também o Malwarebytes, parecia que ele tinha saído, mas quando eu ascessei o internet explorer ele reapareceu.

Poste o log (relatório) do Malwarebytes para que possamos analisá-lo.

por emily00 Dom 09 Mar 2014, 18:51

Não encontrei mais o relatório, vou passar novamente o malware bytes e então envio o relatório ok?

por **Power Max** Dom 09 Mar 2014, 18:55

emily00 escreveu:Não encontrei mais o relatório, vou passar novamente o malware bytes e então envio o relatório ok?

Abra o Malwarebytes > Clique na aba Logs > Aí é só abrir o relatório que tiver lá, copiar ele e depois postar aqui.

por emily00 Dom 09 Mar 2014, 20:12

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Versão da Base de Dados: v2014.03.09.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Lu :: LU-PC [administrador]

Proteção: Permitir

09/03/2014 18:51:53
mbam-log-2014-03-09 (18-51-53).txt

Tipo de Verificação: Verificação Completa (C:\|D:\|G:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 366726
Tempo decorrido: 1 hora(s), 18 minuto(s), 37 segundo(s)

Processos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Chaves de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Valores de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Pastas Detectadas: 0
(Não foram detectados ítens maliciosos)

por **Power Max** Dom 09 Mar 2014, 20:14

Siga, por gentileza, as dicas do tutorial abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

por emily00 Dom 09 Mar 2014, 20:52

Eu tinha feito uma verificação com o Adw Cleaner hoje, por volta de meio dia, então eu achei a pasta com os seguintes relatórios:

# AdwCleaner v3.020 - Relatório criado 09/03/2014 às 12:40:56
# Atualizado 27/02/2014 por Xplode
# Sistema Operacional : Windows 7 Starter Service Pack 1 (32 bits)
# Usuário : Lu - LU-PC
# Executando de : C:\Users\Lu\Downloads\AdwCleaner.exe
# Opção : Examinar

***** [ Serviços ] *****

Serviço Encontrado : BrowserDefendert
Serviço Encontrado : MovieMode

***** [ Arquivos / Pastas ] *****

Arquivo Encontrado : C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Arquivo Encontrado : C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage-journal
Arquivo Encontrado : C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_f.dealply.com_0.localstorage
Arquivo Encontrado : C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_f.dealply.com_0.localstorage-journal
Arquivo Encontrado : C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage
Arquivo Encontrado : C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal
Arquivo Encontrado : C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-search.com_0.localstorage
Arquivo Encontrado : C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-search.com_0.localstorage-journal
Arquivo Encontrado : C:\Users\Lu\AppData\Local\Temp\Uninstall.exe
Arquivo Encontrado : C:\Windows\System32\Tasks\Dealply
Arquivo Encontrado : C:\Windows\System32\Tasks\LaunchApp
Arquivo Encontrado : C:\Windows\System32\Tasks\MetaCrawler
Arquivo Encontrado : C:\Windows\System32\Tasks\RegClean Pro
Arquivo Encontrado : C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
Arquivo Encontrado : C:\Windows\System32\Tasks\RegClean Pro_UPDATES
Arquivo Encontrado : C:\Windows\System32\Tasks\SaveSense
Arquivo Encontrado : C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineCore
Arquivo Encontrado : C:\Windows\Tasks\SaveSense.job
Pasta Encontrado C:\Program Files\Freecorder extension
Pasta Encontrado C:\Program Files\Level Quality Watcher
Pasta Encontrado C:\Program Files\MyPC Backup
Pasta Encontrado C:\Program Files\Search Results Toolbar
Pasta Encontrado C:\ProgramData\Ask
Pasta Encontrado C:\ProgramData\baidu
Pasta Encontrado C:\ProgramData\BitGuard
Pasta Encontrado C:\ProgramData\Browser Manager
Pasta Encontrado C:\ProgramData\BrowserProtect
Pasta Encontrado C:\ProgramData\coontinUUeettoesavee
Pasta Encontrado C:\ProgramData\eSafe
Pasta Encontrado C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Claro
Pasta Encontrado C:\ProgramData\Microsoft\Windows\Start Menu\Programs\coontinUUeettoesavee
Pasta Encontrado C:\ProgramData\MovieMode
Pasta Encontrado C:\ProgramData\SoftSafe
Pasta Encontrado C:\ProgramData\Tarma Installer
Pasta Encontrado C:\Users\Lu\AppData\Local\b1e
Pasta Encontrado C:\Users\Lu\AppData\Local\genienext
Pasta Encontrado C:\Users\Lu\AppData\Local\jZip
Pasta Encontrado C:\Users\Lu\AppData\Local\lollipop
Pasta Encontrado C:\Users\Lu\AppData\Local\Mobogenie
Pasta Encontrado C:\Users\Lu\AppData\Local\SaveSense
Pasta Encontrado C:\Users\Lu\AppData\Local\Temp\AskSearch
Pasta Encontrado C:\Users\Lu\AppData\Local\Temp\jZip
Pasta Encontrado C:\Users\Lu\AppData\LocalLow\coontinUUeettoesavee
Pasta Encontrado C:\Users\Lu\AppData\LocalLow\Mysearchdial
Pasta Encontrado C:\Users\Lu\AppData\LocalLow\searchresultstb
Pasta Encontrado C:\Users\Lu\AppData\LocalLow\Softonic
Pasta Encontrado C:\Users\Lu\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
Pasta Encontrado C:\Users\Lu\AppData\Roaming\B1Toolbar
Pasta Encontrado C:\Users\Lu\AppData\Roaming\BabSolution
Pasta Encontrado C:\Users\Lu\AppData\Roaming\baidu
Pasta Encontrado C:\Users\Lu\AppData\Roaming\DigitalSites
Pasta Encontrado C:\Users\Lu\AppData\Roaming\DSite
Pasta Encontrado C:\Users\Lu\AppData\Roaming\eIntaller
Pasta Encontrado C:\Users\Lu\AppData\Roaming\MetaCrawler
Pasta Encontrado C:\Users\Lu\AppData\Roaming\PerformerSoft
Pasta Encontrado C:\Users\Lu\AppData\Roaming\pluswinks
Pasta Encontrado C:\Users\Lu\AppData\Roaming\SpecialSavings
Pasta Encontrado C:\Users\Lu\AppData\Roaming\Systweak
Pasta Encontrado C:\Users\Lu\AppData\Roaming\UpdaterEX

***** [ Atalhos ] *****

***** [ Registro ] *****

Chave Encontrada : HKCU\Software\a55dd8db639be17
Chave Encontrada : HKCU\Software\APN PIP
Chave Encontrada : HKCU\Software\BI
Chave Encontrada : HKCU\Software\Conduit
Chave Encontrada : HKCU\Software\dsiteproducts
Chave Encontrada : HKCU\Software\Headlight
Chave Encontrada : HKCU\Software\ilivid
Chave Encontrada : HKCU\Software\lollipop
Chave Encontrada : HKCU\Software\Softonic
Chave Encontrada : HKCU\Software\systweak
Chave Encontrada : HKCU\Software\Tuto4PC
Chave Encontrada : HKCU\Software\Tutorials
Chave Encontrada : HKCU\Software\TutoTag
Chave Encontrada : HKCU\Software\Unitech LLC
Chave Encontrada : HKCU\Software\UpdaterEX
Chave Encontrada : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Encontrada : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Chave Encontrada : HKLM\SOFTWARE\a55dd8db639be17
Chave Encontrada : HKLM\SOFTWARE\Classes\*\shell\filescout
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{544C2426-48FD-4C40-AE3B-31257FF334D0}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\RegistryHelper.DLL
Chave Encontrada : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Chave Encontrada : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Chave Encontrada : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Chave Encontrada : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Chave Encontrada : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Chave Encontrada : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{1917AB4C-E2E9-42AE-A51E-B5750F160BFB}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{A4341726-E922-47BB-86A6-23F4F4F67342}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{B887CA3B-D82B-4A01-AD29-E97444D01CE6}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Chave Encontrada : HKLM\SOFTWARE\Classes\Prod.cap
Chave Encontrada : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Chave Encontrada : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Chave Encontrada : HKLM\Software\Conduit
Chave Encontrada : HKLM\Software\DataMngr
Chave Encontrada : HKLM\SOFTWARE\Google\Chrome\Extensions\bgnjcnjlaajofpendibcoodneacalfho
Chave Encontrada : HKLM\SOFTWARE\Google\Chrome\Extensions\ieadcoanfjloocmfafkebdnfefmohngj
Chave Encontrada : HKLM\SOFTWARE\Google\Chrome\Extensions\jmhhdaimhfblnamlcdijbaakkifakade
Chave Encontrada : HKLM\Software\InstallCore
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB904C4-C255-4540-B97E-A75A34F1FFB0}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_avg-antivirus-free-2014_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_avg-antivirus-free-2014_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_internet-explorer-9_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_internet-explorer-9_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_libreoffice_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_libreoffice_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Dealply
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\LaunchApp
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\MetaCrawler
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\RegClean Pro
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\RegClean Pro_DEFAULT
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\RegClean Pro_UPDATES
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\SaveSense
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\SaveSenseLiveUpdateTaskMachineCore
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01AD280C-42ED-4A11-9F1F-79DDBD381EC1}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{020B9087-1D06-42BA-8017-569B2148252B}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0233FCC8-12C6-4EFB-9B4B-602F721E212C}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0233FCC8-12C6-4EFB-9B4B-602F721E212C}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E3E9C98-329A-4DBA-81AB-85569D98FBED}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66184358-A4E0-46E4-9688-4C350447B46B}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B46A24B-9803-4B0F-9D75-5533286F5974}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B46A24B-9803-4B0F-9D75-5533286F5974}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{910D3485-C3E4-4D46-B003-1C758F1BB653}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA57FBEE-D723-4593-8D06-391EBFBEB05F}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F768390F-9D85-455E-82B9-160C357C3E21}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F768390F-9D85-455E-82B9-160C357C3E21}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Chave Encontrada : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\claro
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
Chave Encontrada : HKLM\Software\mysearchdial
Chave Encontrada : HKLM\Software\SP Global
Chave Encontrada : HKLM\Software\SProtector
Chave Encontrada : HKLM\Software\systweak
Chave Encontrada : HKLM\Software\Tarma Installer
Chave Encontrada : HKLM\Software\Tuto_4PC
Chave Encontrada : HKLM\Software\Tutorials
Chave Encontrada : HKLM\Software\Unitech LLC
Chave Encontrada : HKLM\Software\V9Software
Chave Encontrada : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Valor Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Valor Encontrada : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [gethighlightly@gethighlightly.com]
Valor Encontrada : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ocr@babylon.com]
Valor Encontrada : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [SpecialSavings@SpecialSavings.com]
Valor Encontrada : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [speedanalysis02@SpeedAnalysis.com]
Valor Encontrada : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Valor Encontrada : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Valor Encontrada : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x64]

***** [ Navegadores ] *****

-\\ Internet Explorer v9.0.8112.16533

Configurações Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Configurações Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

-\\ Mozilla Firefox v27.0.1 (pt-BR)

[ Arquivo : C:\Users\Lu\AppData\Roaming\Mozilla\Firefox\Profiles\2hhbp2z6.default\prefs.js ]

-\\ Google Chrome v33.0.1750.146

[ Arquivo : C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [25097 octets] - [09/03/2014 12:40:56]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [25158 octets] ##########

# AdwCleaner v3.020 - Relatório criado 09/03/2014 às 12:49:43
# Atualizado 27/02/2014 por Xplode
# Sistema Operacional : Windows 7 Starter Service Pack 1 (32 bits)
# Usuário : Lu - LU-PC
# Executando de : C:\Users\Lu\Downloads\AdwCleaner (1).exe
# Opção : Examinar

***** [ Serviços ] *****

***** [ Arquivos / Pastas ] *****

Pasta Encontrado C:\ProgramData\baidu

***** [ Atalhos ] *****

***** [ Registro ] *****

***** [ Navegadores ] *****

-\\ Internet Explorer v9.0.8112.16533

-\\ Mozilla Firefox v27.0.1 (pt-BR)

[ Arquivo : C:\Users\Lu\AppData\Roaming\Mozilla\Firefox\Profiles\2hhbp2z6.default\prefs.js ]

-\\ Google Chrome v33.0.1750.146

[ Arquivo : C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [25239 octets] - [09/03/2014 12:40:56]
AdwCleaner[R1].txt - [866 octets] - [09/03/2014 12:49:43]
AdwCleaner[S0].txt - [24092 octets] - [09/03/2014 12:43:28]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [986 octets] ##########

# AdwCleaner v3.020 - Relatório criado 09/03/2014 às 13:02:29
# Atualizado 27/02/2014 por Xplode
# Sistema Operacional : Windows 7 Starter Service Pack 1 (32 bits)
# Usuário : Lu - LU-PC
# Executando de : C:\Users\Lu\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JZZU0HZE\AdwCleaner.exe
# Opção : Examinar

***** [ Serviços ] *****

***** [ Arquivos / Pastas ] *****

Pasta Encontrado C:\ProgramData\baidu

***** [ Atalhos ] *****

***** [ Registro ] *****

***** [ Navegadores ] *****

-\\ Internet Explorer v9.0.8112.16533

-\\ Mozilla Firefox v27.0.1 (pt-BR)

[ Arquivo : C:\Users\Lu\AppData\Roaming\Mozilla\Firefox\Profiles\2hhbp2z6.default\prefs.js ]

-\\ Google Chrome v33.0.1750.146

[ Arquivo : C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [25239 octets] - [09/03/2014 12:40:56]
AdwCleaner[R1].txt - [1065 octets] - [09/03/2014 12:49:43]
AdwCleaner[R2].txt - [990 octets] - [09/03/2014 13:02:29]
AdwCleaner[S0].txt - [24092 octets] - [09/03/2014 12:43:28]
AdwCleaner[S1].txt - [1124 octets] - [09/03/2014 12:50:47]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1170 octets] ##########

# AdwCleaner v3.020 - Relatório criado 09/03/2014 às 13:16:09
# Atualizado 27/02/2014 por Xplode
# Sistema Operacional : Windows 7 Starter Service Pack 1 (32 bits)
# Usuário : Lu - LU-PC
# Executando de : C:\Users\Lu\Downloads\AdwCleaner (2).exe
# Opção : Examinar

***** [ Serviços ] *****

***** [ Arquivos / Pastas ] *****

Pasta Encontrado C:\ProgramData\baidu

***** [ Atalhos ] *****

***** [ Registro ] *****

***** [ Navegadores ] *****

-\\ Internet Explorer v9.0.8112.16533

-\\ Mozilla Firefox v27.0.1 (pt-BR)

[ Arquivo : C:\Users\Lu\AppData\Roaming\Mozilla\Firefox\Profiles\2hhbp2z6.default\prefs.js ]

-\\ Google Chrome v33.0.1750.146

[ Arquivo : C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [25239 octets] - [09/03/2014 12:40:56]
AdwCleaner[R1].txt - [1065 octets] - [09/03/2014 12:49:43]
AdwCleaner[R2].txt - [1250 octets] - [09/03/2014 13:02:29]
AdwCleaner[R3].txt - [986 octets] - [09/03/2014 13:16:09]
AdwCleaner[S0].txt - [24092 octets] - [09/03/2014 12:43:28]
AdwCleaner[S1].txt - [1124 octets] - [09/03/2014 12:50:47]
AdwCleaner[S2].txt - [1309 octets] - [09/03/2014 13:03:38]

########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [1226 octets] ##########

# AdwCleaner v3.020 - Relatório criado 09/03/2014 às 13:23:04
# Atualizado 27/02/2014 por Xplode
# Sistema Operacional : Windows 7 Starter Service Pack 1 (32 bits)
# Usuário : Lu - LU-PC
# Executando de : C:\Users\Lu\Downloads\AdwCleaner (4).exe
# Opção : Examinar

***** [ Serviços ] *****

***** [ Arquivos / Pastas ] *****

Pasta Encontrado C:\ProgramData\baidu

***** [ Atalhos ] *****

***** [ Registro ] *****

***** [ Navegadores ] *****

-\\ Internet Explorer v9.0.8112.16533

-\\ Mozilla Firefox v27.0.1 (pt-BR)

[ Arquivo : C:\Users\Lu\AppData\Roaming\Mozilla\Firefox\Profiles\2hhbp2z6.default\prefs.js ]

-\\ Google Chrome v33.0.1750.146

[ Arquivo : C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [25239 octets] - [09/03/2014 12:40:56]
AdwCleaner[R1].txt - [1065 octets] - [09/03/2014 12:49:43]
AdwCleaner[R2].txt - [1250 octets] - [09/03/2014 13:02:29]
AdwCleaner[R3].txt - [1306 octets] - [09/03/2014 13:16:09]
AdwCleaner[R4].txt - [1046 octets] - [09/03/2014 13:23:04]
AdwCleaner[S0].txt - [24092 octets] - [09/03/2014 12:43:28]
AdwCleaner[S1].txt - [1124 octets] - [09/03/2014 12:50:47]
AdwCleaner[S2].txt - [1309 octets] - [09/03/2014 13:03:38]
AdwCleaner[S3].txt - [1365 octets] - [09/03/2014 13:16:57]

########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [1347 octets] ##########

# AdwCleaner v3.020 - Relatório criado 09/03/2014 às 20:24:54
# Atualizado 27/02/2014 por Xplode
# Sistema Operacional : Windows 7 Starter Service Pack 1 (32 bits)
# Usuário : Lu - LU-PC
# Executando de : C:\Users\Lu\Downloads\AdwCleaner (1).exe
# Opção : Examinar

***** [ Serviços ] *****

***** [ Arquivos / Pastas ] *****

Pasta Encontrado C:\ProgramData\baidu

***** [ Atalhos ] *****

***** [ Registro ] *****

***** [ Navegadores ] *****

-\\ Internet Explorer v9.0.8112.16533

-\\ Mozilla Firefox v27.0.1 (pt-BR)

[ Arquivo : C:\Users\Lu\AppData\Roaming\Mozilla\Firefox\Profiles\2hhbp2z6.default\prefs.js ]

-\\ Google Chrome v33.0.1750.146

[ Arquivo : C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\preferences ]

# AdwCleaner v3.020 - Relatório criado 09/03/2014 às 12:43:28
# Atualizado 27/02/2014 por Xplode
# Sistema Operacional : Windows 7 Starter Service Pack 1 (32 bits)
# Usuário : Lu - LU-PC
# Executando de : C:\Users\Lu\Downloads\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

[#] Serviço Deletada : BrowserDefendert
[#] Serviço Deletada : MovieMode

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\Ask
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\BitGuard
Pasta Deletada : C:\ProgramData\Browser Manager
Pasta Deletada : C:\ProgramData\BrowserProtect
Pasta Deletada : C:\ProgramData\eSafe
Pasta Deletada : C:\ProgramData\MovieMode
Pasta Deletada : C:\ProgramData\SoftSafe
Pasta Deletada : C:\ProgramData\Tarma Installer
Pasta Deletada : C:\ProgramData\coontinUUeettoesavee
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Claro
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\coontinUUeettoesavee
Pasta Deletada : C:\Program Files\Freecorder extension
Pasta Deletada : C:\Program Files\Level Quality Watcher
Pasta Deletada : C:\Program Files\MyPC Backup
Pasta Deletada : C:\Program Files\Search Results Toolbar
Pasta Deletada : C:\Users\Lu\AppData\Local\b1e
Pasta Deletada : C:\Users\Lu\AppData\Local\genienext
Pasta Deletada : C:\Users\Lu\AppData\Local\jZip
Pasta Deletada : C:\Users\Lu\AppData\Local\lollipop
Pasta Deletada : C:\Users\Lu\AppData\Local\Mobogenie
Pasta Deletada : C:\Users\Lu\AppData\Local\SaveSense
Pasta Deletada : C:\Users\Lu\AppData\Local\Temp\AskSearch
Pasta Deletada : C:\Users\Lu\AppData\Local\Temp\jZip
Pasta Deletada : C:\Users\Lu\AppData\LocalLow\Mysearchdial
Pasta Deletada : C:\Users\Lu\AppData\LocalLow\searchresultstb
Pasta Deletada : C:\Users\Lu\AppData\LocalLow\Softonic
Pasta Deletada : C:\Users\Lu\AppData\LocalLow\coontinUUeettoesavee
Pasta Deletada : C:\Users\Lu\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
Pasta Deletada : C:\Users\Lu\AppData\Roaming\B1Toolbar
Pasta Deletada : C:\Users\Lu\AppData\Roaming\BabSolution
Pasta Deletada : C:\Users\Lu\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Lu\AppData\Roaming\DigitalSites
Pasta Deletada : C:\Users\Lu\AppData\Roaming\DSite
Pasta Deletada : C:\Users\Lu\AppData\Roaming\eIntaller
Pasta Deletada : C:\Users\Lu\AppData\Roaming\MetaCrawler
Pasta Deletada : C:\Users\Lu\AppData\Roaming\PerformerSoft
Pasta Deletada : C:\Users\Lu\AppData\Roaming\pluswinks
Pasta Deletada : C:\Users\Lu\AppData\Roaming\SpecialSavings
Pasta Deletada : C:\Users\Lu\AppData\Roaming\Systweak
Pasta Deletada : C:\Users\Lu\AppData\Roaming\UpdaterEX
Arquivo Deletada : C:\Users\Lu\AppData\Local\Temp\Uninstall.exe
Arquivo Deletada : C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Arquivo Deletada : C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage-journal
Arquivo Deletada : C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_f.dealply.com_0.localstorage
Arquivo Deletada : C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_f.dealply.com_0.localstorage-journal
Arquivo Deletada : C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage
Arquivo Deletada : C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal
Arquivo Deletada : C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-search.com_0.localstorage
Arquivo Deletada : C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-search.com_0.localstorage-journal
Arquivo Deletada : C:\Windows\System32\Tasks\Dealply
Arquivo Deletada : C:\Windows\System32\Tasks\LaunchApp
Arquivo Deletada : C:\Windows\System32\Tasks\MetaCrawler
Arquivo Deletada : C:\Windows\System32\Tasks\RegClean Pro
Arquivo Deletada : C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
Arquivo Deletada : C:\Windows\System32\Tasks\RegClean Pro_UPDATES
Arquivo Deletada : C:\Windows\Tasks\SaveSense.job
Arquivo Deletada : C:\Windows\System32\Tasks\SaveSense
Arquivo Deletada : C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineCore

***** [ Atalhos ] *****

***** [ Registro ] *****

Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [gethighlightly@gethighlightly.com]
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ocr@babylon.com]
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [SpecialSavings@SpecialSavings.com]
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [speedanalysis02@SpeedAnalysis.com]
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\bgnjcnjlaajofpendibcoodneacalfho
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ieadcoanfjloocmfafkebdnfefmohngj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\jmhhdaimhfblnamlcdijbaakkifakade
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3E3E9C98-329A-4DBA-81AB-85569D98FBED}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E3E9C98-329A-4DBA-81AB-85569D98FBED}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA57FBEE-D723-4593-8D06-391EBFBEB05F}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA57FBEE-D723-4593-8D06-391EBFBEB05F}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{66184358-A4E0-46E4-9688-4C350447B46B}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66184358-A4E0-46E4-9688-4C350447B46B}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{020B9087-1D06-42BA-8017-569B2148252B}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{020B9087-1D06-42BA-8017-569B2148252B}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B46A24B-9803-4B0F-9D75-5533286F5974}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F768390F-9D85-455E-82B9-160C357C3E21}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F768390F-9D85-455E-82B9-160C357C3E21}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B46A24B-9803-4B0F-9D75-5533286F5974}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{01AD280C-42ED-4A11-9F1F-79DDBD381EC1}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01AD280C-42ED-4A11-9F1F-79DDBD381EC1}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0233FCC8-12C6-4EFB-9B4B-602F721E212C}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{910D3485-C3E4-4D46-B003-1C758F1BB653}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0233FCC8-12C6-4EFB-9B4B-602F721E212C}
Chave Deletedo : HKLM\SOFTWARE\Classes\*\shell\filescout
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\RegistryHelper.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Chave Deletedo : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Chave Deletedo : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Valor Deletedo : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Valor Deletedo : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Chave Deletedo : HKCU\Software\a55dd8db639be17
Chave Deletedo : HKLM\SOFTWARE\a55dd8db639be17
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_avg-antivirus-free-2014_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_avg-antivirus-free-2014_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_internet-explorer-9_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_internet-explorer-9_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_libreoffice_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_libreoffice_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{544C2426-48FD-4C40-AE3B-31257FF334D0}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1917AB4C-E2E9-42AE-A51E-B5750F160BFB}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A4341726-E922-47BB-86A6-23F4F4F67342}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B887CA3B-D82B-4A01-AD29-E97444D01CE6}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB904C4-C255-4540-B97E-A75A34F1FFB0}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Chave Deletedo : HKCU\Software\APN PIP
Chave Deletedo : HKCU\Software\BI
Chave Deletedo : HKCU\Software\Conduit
Chave Deletedo : HKCU\Software\dsiteproducts
Chave Deletedo : HKCU\Software\Headlight
Chave Deletedo : HKCU\Software\ilivid
Chave Deletedo : HKCU\Software\lollipop
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\systweak
Chave Deletedo : HKCU\Software\Tuto4PC
Chave Deletedo : HKCU\Software\Tutorials
Chave Deletedo : HKCU\Software\TutoTag
Chave Deletedo : HKCU\Software\Unitech LLC
Chave Deletedo : HKCU\Software\UpdaterEX
Chave Deletedo : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Deletedo : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Chave Deletedo : HKLM\Software\Conduit
Chave Deletedo : HKLM\Software\DataMngr
Chave Deletedo : HKLM\Software\InstallCore
Chave Deletedo : HKLM\Software\mysearchdial
Chave Deletedo : HKLM\Software\SP Global
Chave Deletedo : HKLM\Software\SProtector
Chave Deletedo : HKLM\Software\systweak
Chave Deletedo : HKLM\Software\Tarma Installer
Chave Deletedo : HKLM\Software\Tuto_4PC
Chave Deletedo : HKLM\Software\Tutorials
Chave Deletedo : HKLM\Software\Unitech LLC
Chave Deletedo : HKLM\Software\V9Software
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\claro
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7

***** [ Navegadores ] *****

-\\ Internet Explorer v9.0.8112.16533

Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v27.0.1 (pt-BR)

[ Arquivo : C:\Users\Lu\AppData\Roaming\Mozilla\Firefox\Profiles\2hhbp2z6.default\prefs.js ]

-\\ Google Chrome v33.0.1750.146

[ Arquivo : C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [25239 octets] - [09/03/2014 12:40:56]
AdwCleaner[S0].txt - [23950 octets] - [09/03/2014 12:43:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [24011 octets] ##########

AdwCleaner v3.020 - Relatório criado 09/03/2014 às 12:50:47
# Atualizado 27/02/2014 por Xplode
# Sistema Operacional : Windows 7 Starter Service Pack 1 (32 bits)
# Usuário : Lu - LU-PC
# Executando de : C:\Users\Lu\Downloads\AdwCleaner (1).exe
# Opção : Limpar

***** [ Serviços ] *****

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\baidu

***** [ Atalhos ] *****

***** [ Registro ] *****

***** [ Navegadores ] *****

-\\ Internet Explorer v9.0.8112.16533

-\\ Mozilla Firefox v27.0.1 (pt-BR)

[ Arquivo : C:\Users\Lu\AppData\Roaming\Mozilla\Firefox\Profiles\2hhbp2z6.default\prefs.js ]

-\\ Google Chrome v33.0.1750.146

[ Arquivo : C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [25239 octets] - [09/03/2014 12:40:56]
AdwCleaner[R1].txt - [1065 octets] - [09/03/2014 12:49:43]
AdwCleaner[S0].txt - [24092 octets] - [09/03/2014 12:43:28]
AdwCleaner[S1].txt - [985 octets] - [09/03/2014 12:50:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1044 octets] ##########

# Atualizado 27/02/2014 por Xplode
# Sistema Operacional : Windows 7 Starter Service Pack 1 (32 bits)
# Usuário : Lu - LU-PC
# Executando de : C:\Users\Lu\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JZZU0HZE\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\baidu

***** [ Atalhos ] *****

***** [ Registro ] *****

***** [ Navegadores ] *****

-\\ Internet Explorer v9.0.8112.16533

-\\ Mozilla Firefox v27.0.1 (pt-BR)

[ Arquivo : C:\Users\Lu\AppData\Roaming\Mozilla\Firefox\Profiles\2hhbp2z6.default\prefs.js ]

-\\ Google Chrome v33.0.1750.146

[ Arquivo : C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [25239 octets] - [09/03/2014 12:40:56]
AdwCleaner[R1].txt - [1065 octets] - [09/03/2014 12:49:43]
AdwCleaner[R2].txt - [1250 octets] - [09/03/2014 13:02:29]
AdwCleaner[S0].txt - [24092 octets] - [09/03/2014 12:43:28]
AdwCleaner[S1].txt - [1124 octets] - [09/03/2014 12:50:47]
AdwCleaner[S2].txt - [1169 octets] - [09/03/2014 13:03:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1229 octets] ##########

# AdwCleaner v3.020 - Relatório criado 09/03/2014 às 13:16:57
# Atualizado 27/02/2014 por Xplode
# Sistema Operacional : Windows 7 Starter Service Pack 1 (32 bits)
# Usuário : Lu - LU-PC
# Executando de : C:\Users\Lu\Downloads\AdwCleaner (2).exe
# Opção : Limpar

***** [ Serviços ] *****

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\baidu

***** [ Atalhos ] *****

***** [ Registro ] *****

***** [ Navegadores ] *****

-\\ Internet Explorer v9.0.8112.16533

-\\ Mozilla Firefox v27.0.1 (pt-BR)

[ Arquivo : C:\Users\Lu\AppData\Roaming\Mozilla\Firefox\Profiles\2hhbp2z6.default\prefs.js ]

-\\ Google Chrome v33.0.1750.146

[ Arquivo : C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [25239 octets] - [09/03/2014 12:40:56]
AdwCleaner[R1].txt - [1065 octets] - [09/03/2014 12:49:43]
AdwCleaner[R2].txt - [1250 octets] - [09/03/2014 13:02:29]
AdwCleaner[R3].txt - [1306 octets] - [09/03/2014 13:16:09]
AdwCleaner[S0].txt - [24092 octets] - [09/03/2014 12:43:28]
AdwCleaner[S1].txt - [1124 octets] - [09/03/2014 12:50:47]
AdwCleaner[S2].txt - [1309 octets] - [09/03/2014 13:03:38]
AdwCleaner[S3].txt - [1225 octets] - [09/03/2014 13:16:57]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1285 octets] ##########

AdwCleaner v3.020 - Relatório criado 09/03/2014 às 13:23:45
# Atualizado 27/02/2014 por Xplode
# Sistema Operacional : Windows 7 Starter Service Pack 1 (32 bits)
# Usuário : Lu - LU-PC
# Executando de : C:\Users\Lu\Downloads\AdwCleaner (4).exe
# Opção : Limpar

***** [ Serviços ] *****

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\baidu

***** [ Atalhos ] *****

***** [ Registro ] *****

***** [ Navegadores ] *****

-\\ Internet Explorer v9.0.8112.16533

-\\ Mozilla Firefox v27.0.1 (pt-BR)

[ Arquivo : C:\Users\Lu\AppData\Roaming\Mozilla\Firefox\Profiles\2hhbp2z6.default\prefs.js ]

-\\ Google Chrome v33.0.1750.146

[ Arquivo : C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [25239 octets] - [09/03/2014 12:40:56]
AdwCleaner[R1].txt - [1065 octets] - [09/03/2014 12:49:43]
AdwCleaner[R2].txt - [1250 octets] - [09/03/2014 13:02:29]
AdwCleaner[R3].txt - [1306 octets] - [09/03/2014 13:16:09]
AdwCleaner[R4].txt - [1427 octets] - [09/03/2014 13:23:04]
AdwCleaner[S0].txt - [24092 octets] - [09/03/2014 12:43:28]
AdwCleaner[S1].txt - [1124 octets] - [09/03/2014 12:50:47]
AdwCleaner[S2].txt - [1309 octets] - [09/03/2014 13:03:38]
AdwCleaner[S3].txt - [1365 octets] - [09/03/2014 13:16:57]
AdwCleaner[S4].txt - [1345 octets] - [09/03/2014 13:23:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1405 octets] ##########

# AdwCleaner v3.020 - Relatório criado 09/03/2014 às 20:25:53
# Atualizado 27/02/2014 por Xplode
# Sistema Operacional : Windows 7 Starter Service Pack 1 (32 bits)
# Usuário : Lu - LU-PC
# Executando de : C:\Users\Lu\Downloads\AdwCleaner (1).exe
# Opção : Limpar

***** [ Serviços ] *****

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\baidu

***** [ Atalhos ] *****

***** [ Registro ] *****

***** [ Navegadores ] *****

-\\ Internet Explorer v9.0.8112.16533

-\\ Mozilla Firefox v27.0.1 (pt-BR)

[ Arquivo : C:\Users\Lu\AppData\Roaming\Mozilla\Firefox\Profiles\2hhbp2z6.default\prefs.js ]

-\\ Google Chrome v33.0.1750.146

[ Arquivo : C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [25239 octets] - [09/03/2014 12:40:56]
AdwCleaner[R1].txt - [1065 octets] - [09/03/2014 12:49:43]
AdwCleaner[R2].txt - [1250 octets] - [09/03/2014 13:02:29]
AdwCleaner[R3].txt - [1306 octets] - [09/03/2014 13:16:09]
AdwCleaner[R4].txt - [1427 octets] - [09/03/2014 13:23:04]
AdwCleaner[R5].txt - [1547 octets] - [09/03/2014 20:24:54]
AdwCleaner[S0].txt - [24092 octets] - [09/03/2014 12:43:28]
AdwCleaner[S1].txt - [1124 octets] - [09/03/2014 12:50:47]
AdwCleaner[S2].txt - [1309 octets] - [09/03/2014 13:03:38]
AdwCleaner[S3].txt - [1365 octets] - [09/03/2014 13:16:57]
AdwCleaner[S4].txt - [1485 octets] - [09/03/2014 13:23:45]
AdwCleaner[S5].txt - [1465 octets] - [09/03/2014 20:25:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1525 octets] ##########

por **Power Max** Dom 09 Mar 2014, 20:55

Desative temporariamente seu antivírus para evitar conflitos.

Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

por emily00 Dom 09 Mar 2014, 21:54

Relatório:

Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by Lu on 09/03/2014 at 21:19:03,21.
Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Lu\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

09/03/2014 21:21:19 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

por **Power Max** Dom 09 Mar 2014, 21:56

O Zoek ainda não terminou a limpeza, aguarde ele terminar e depois poste o relatório completo.

por emily00 Dom 09 Mar 2014, 22:00

ele parou a limpeza, fechou a janela e reiniciou automaticamente

por **Power Max** Dom 09 Mar 2014, 22:02

Veja se o log completo dele está naquele lugar que te passei:
C:\zoek-results.txt

por emily00 Dom 09 Mar 2014, 22:04

Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by Lu on 09/03/2014 at 21:19:03,21.
Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Lu\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

09/03/2014 21:21:19 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\Program Files\office.tmp deleted
C:\Program Files\Check Point Software Technologies LTD deleted
C:\extensions.sqlite deleted
C:\PROGRA~2\FileSplitUpLoad.dll deleted
C:\PROGRA~2\Baidu deleted
C:\PROGRA~2\InstallMate deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\system32\tasks\SaveSenseLiveUpdateTaskMachineUA deleted
C:\Windows\system32\tasks\Digital Sites deleted
C:\Windows\tasks\Digital Sites.job deleted
C:\Windows\System32\InstallUtil.InstallLog deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{F04D2D30-776C-4d02-8627-8E4385ECA58D}"="C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn" [09/03/2014 20:29]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gpicboiclhmnllnjdcfcffifpoaebgkm - C:\Program Files\Freecorder extension\Freecorder.crx[]
kcendgajlhoaiiccpijilcpmgphfflnj - C:\Users\Lu\AppData\Local\newhb.crx[01/08/2013 01:37]
nppllibpnmahfaklnpggkibhkapjkeob - C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\Exts\Chrome.crx[28/11/2013 07:25]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

Nothing found to reset

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\ Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe
C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Conexão Família.lnk -
C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk - C:\Program Files\Emsisoft Anti-Malware\a2start.exe
C:\Users\Public\Desktop\Faces.lnk - C:\Program Files\Faces\Faces.exe
C:\Users\Public\Desktop\Image Converter.lnk - C:\Program Files\Image Converter\Image Converter\imageconverter.exe
C:\Users\Public\Desktop\Jogo.lnk - C:\Fabricante\FoodForce\Food-Force_BR.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Norton AntiVirus.lnk - C:\Program Files\Norton AntiVirus\Engine\21.1.0.18\uiStub.exe
C:\Users\Public\Desktop\Paint.NET.lnk - C:\Program Files\Paint.NET\PaintDotNet.exe
C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk - C:\Program Files\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exe
C:\Users\Public\Desktop\QuickTime Player.lnk - C:\Program Files\QuickTime\QuickTimePlayer.exe
C:\Users\Public\Desktop\Relação de Assistências Técnicas Autorizadas.lnk -
C:\Users\Public\Desktop\WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware\Emsisoft Anti-Malware Guard.lnk - C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware\Emsisoft Anti-Malware.lnk - C:\Program Files\Emsisoft Anti-Malware\a2start.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware\Emsisoft HiJackFree.lnk - C:\Program Files\Emsisoft Anti-Malware\a2HiJackFree.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware\Emsisoft Homepage.lnk - C:\Program Files\Emsisoft Anti-Malware\Emsisoft.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware\Help.lnk - C:\Program Files\Emsisoft Anti-Malware\en-us.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware\Scan Reports.lnk - C:\Users\Lu\Documents\Anti-Malware\Reports
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware\Scansets.lnk - C:\Users\Lu\Documents\Anti-Malware\Scansets
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware\Uninstall.lnk - C:\Program Files\Emsisoft Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter\Media Splitter Settings.lnk - C:\Windows\System32\rundll32.exe splitter.ax,Configure
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter\Uninstall.lnk - C:\Program Files\Haali\MatroskaSplitter\uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus\LiveUpdate.lnk - C:\Program Files\Norton AntiVirus\Engine\21.1.0.18\uiStub.exe /lu
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus\NBRT.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus\Norton AntiVirus.lnk - C:\Program Files\Norton AntiVirus\Engine\21.1.0.18\uiStub.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus\Support.lnk - C:\Program Files\Norton AntiVirus\Engine\21.1.0.18\symerr.exe /support
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus\Uninstall Norton AntiVirus.lnk - C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV\A5E82D02\21.1.0.18\InstStub.exe /X /shortcut
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe\Desinstalar o Norton Identity Safe.LNK -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security\Panda Cloud Cleaner\Panda Cloud Cleaner.lnk - C:\Program Files\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security\Panda Cloud Cleaner\Uninstall Panda Cloud Cleaner.lnk - C:\Program Files\Panda Security\Panda Cloud Cleaner\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\segnas.net\Caderno de Receitas.lnk - C:\Segnas\Receitas.exe

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{00AC3122-9E12-726B-0952-26E6DC3ABC49} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{87F8FA0A-3553-458A-A761-7D715C1BD8FC} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B6E756EE-BB62-4E52-ACB9-F3406D047418} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DC8AC524-DC74-51A3-B4DE-431635E48952} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E22EE955-158B-4CA0-AE4B-5DA939CDCBA3} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm deleted successfully

==== Empty IE Cache ======================

C:\\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\\Users\Lu\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\\Users\Lu\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\\Users\Lu\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\\Users\Lu\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\\Windows\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\\Users\Lu\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=102 folders=25 8136759 bytes)

==== Empty Temp Folders ======================

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Lu\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

por **Power Max** Dom 09 Mar 2014, 22:14

Siga, por gentileza, as dicas do tutorial abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

por emily00 Dom 09 Mar 2014, 22:17

Desculpe, acho que eu não havia postado o relatório completo

por emily00 Dom 09 Mar 2014, 22:33

Eis o relatório:

Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Starter x86
Ran by Lu on 09/03/2014 at 22:29:15,51
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2631333086-1251509141-173655686-1000\Software\Microsoft\Internet Explorer\Main\\Start Page

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\backupstack_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\backupstack_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\aol_pricecheck_ie_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\aol_pricecheck_ie_RASMANCS

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\baidu"
Successfully deleted: [Folder] "C:\Users\Lu\appdata\locallow\datamngr"

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09/03/2014 at 22:30:59,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

por **Power Max** Dom 09 Mar 2014, 22:37

emily00 escreveu:Desculpe, acho que eu não havia postado o relatório completo

o log do Junkware Removal Tool estará salvo em sua área de trabalho com o nome de JRT.txt

por emily00 Dom 09 Mar 2014, 22:45

Relatório:

Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Starter x86
Ran by Lu on 09/03/2014 at 22:29:15,51
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2631333086-1251509141-173655686-1000\Software\Microsoft\Internet Explorer\Main\\Start Page

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\backupstack_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\backupstack_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\aol_pricecheck_ie_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\aol_pricecheck_ie_RASMANCS

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\baidu"
Successfully deleted: [Folder] "C:\Users\Lu\appdata\locallow\datamngr"

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09/03/2014 at 22:30:59,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

por **Power Max** Dom 09 Mar 2014, 22:56

Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.

|- Execute o ícone do pergaminho. ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

por emily00 Dom 09 Mar 2014, 23:15

Segue o relatório:

Relatório do ZHPDiag v2014.3.2.6 - Nicolas Coolman (03/03/2014)
~ Iniciado por Lu (09/03/2014 23:07:47)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program

---\\ Navegadores Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 27.0.1
GCIE: Google Chrome v33.0.1750.146 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Starter, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Emsisoft Anti-Malware
Malwarebytes Anti-Malware versão 1.75.0.1300
Panda Cloud Cleaner v1.0.87
Norton AntiVirus v21.1.0.18
Windows Defender W7

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 12 ActiveX
Adobe Reader XI

---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2038 MB (36% free)
System Restore: Activé (Enable)
System drive C: has 236 GB (81%) free of 288 GB

---\\ Modo de conexão ao sistema
~ Computer Name: LU-PC
~ User Name: Lu
~ All Users Names: Lu, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Lu\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Lu\AppData\Roaming\
~ %Desktop% : C:\Users\Lu\Desktop\
~ %Favorites% : C:\Users\Lu\Favorites\
~ %LocalAppData% : C:\Users\Lu\AppData\Local\
~ %StartMenu% : C:\Users\Lu\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 236 Go of 288 Go)
D: CD-ROM drive (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)

---\\ Estado do Centro de Segurança do Windows
~ Security Center: 29 Legitimates Filtered in 00mn 00s

---\\ Pesquisa particular de ficheiros genéricos
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 02:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.679EAED8E703235BA81AA2E58F4E2D16] - (.Microsoft Corporation - Internet Extensions para Win32.) (.05/02/2014 - 05:50:39.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20/11/2010 - 09:17:54.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 09:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/09/2013 - 21:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 05:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 05:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 06:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 05:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.12/04/2013 - 10:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 05:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 09:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s

---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/3
~ Mes Favoris (My Favorites) : 1/968
~ Mes Documents (My Documents) : 2/24
~ Mon Bureau (My Desktop) : 4/1765
~ Menu demarrer (Programs) : 1/26
~ Hidden Files: Scanned in 00mn 11s

---\\ Processos lançados
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.3368]
[MD5.AC91A8C861299897DAA5F2D48A83DF89] - (.Symantec Corporation - Norton AntiVirus.) -- C:\Program Files\Norton AntiVirus\Engine\21.1.0.18\NAV.exe [262288] [PID.884]
[MD5.3E3A97C7C7E79DF8F08F22F0666D9E03] - (.Symantec Corporation - Norton Identity Safe.) -- C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\NST.exe [129424] [PID.1368]
[MD5.02B7AE9FBEFCF00E0DCB3390EB9EB6B5] - (.Baidu, Inc. - Baidu Antivirus Tray Application.) -- C:\Program Files\Baidu Security\Baidu Antivirus\BavTray.exe [1177960] [PID.2564] =>Adware.BDSearch
[MD5.D22A83F727579570A11ED0A39114D5B8] - (.Positivo Informática - Recovery.) -- C:\Program Files\Positivo Informática\Recovery\Recovery2.exe [1433600] [PID.3256]
[MD5.D143C38DA73FD7FE3CA308380F8BD843] - (.Positivo Informática - Monitor de Registro Positivo Informá.) -- C:\Program Files\Positivo Informática\SW_Cadastro\Monitor.exe [4880488] [PID.1072]
[MD5.27D179FDCE726BC88E99969F737B4422] - (.OpenOffice.org - BrOffice.org 2.4.) -- C:\Program Files\BrOffice.org 2.4\program\soffice.exe [2363392] [PID.1732]
[MD5.5CB8A3DE467FA72800EF149059B218D9] - (.OpenOffice.org - BrOffice.org 2.4.) -- C:\Program Files\BrOffice.org 2.4\program\soffice.BIN [2580480] [PID.3680]
[MD5.E6D37F59C2A4E24899B8CC0B50EC430D] - (.Positivo Informática - Registro de usuários Positivo Inform.) -- C:\Program Files\Positivo Informática\SW_Cadastro\Registro.exe [4818627] [PID.1564]
[MD5.026C4CA19FAE1F84894A99735B15AACA] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [859464] [PID.6072]
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53784] [PID.6112]
[MD5.66EA3B698F9A7EA2DBF0E4B246B6C958] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8349696] [PID.5804]
~ Processes Running: Scanned in 00mn 00s

---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
~ Google Browser: 12 Legitimates Filtered in 00mn 12s

---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\Lu\AppData\Roaming\Mozilla\Firefox\Profiles\2hhbp2z6.default\prefs.js
~ Firefox Browser: 5 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
~ Proxy management: Scanned in 00mn 00s

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\Program Files\GbPlugin\gbieh.dll
O2 - BHO: Jap.fm - {cc018c22-4de8-431f-9a1b-964bc51844a3} . (.Jap.fm Company - Jap.fm.) -- C:\Program Files\Jap.fm\jap.fm.dll
~ BHO: 12 Legitimates Filtered in 00mn 00s

---\\ Barras do Internet Explorer (03))
O3 - Toolbar: (no name) - [HKLM]{32C4237A-AA9C-4CE4-AB55-EDDE1EB9962B} Chave orfã
O3 - Toolbar: Norton Identity Safe Toolbar - [HKLM]{A13C2648-91D4-4bf3-BC6D-0079707C4389} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll
~ Toolbar: Scanned in 00mn 00s

---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Conexão Família.lnk . (...) -- C:\Program Files\Positivo Informática\ConexaoFamilia\ConexaoFamilia.exe (.not file.)
O4 - GS\Desktop [Public]: Emsisoft Anti-Malware.lnk . (.Emsisoft GmbH - Security Center.) -- C:\Program Files\Emsisoft Anti-Malware\a2start.exe
O4 - GS\Desktop [Public]: Faces.lnk . (...) -- C:\Program Files\Faces\Faces.exe
O4 - GS\Desktop [Public]: Image Converter.lnk . (...) -- C:\Program Files\Image Converter\Image Converter\imageconverter.exe
O4 - GS\Desktop [Public]: Jogo.lnk . (.Macromedia, Inc. - Macromedia Projector.) -- C:\Fabricante\FoodForce\Food-Force_BR.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Norton AntiVirus.lnk . (.Symantec Corporation - Norton Protection Center UI Stub.) -- C:\Program Files\Norton AntiVirus\Engine\21.1.0.18\uiStub.exe
O4 - GS\Desktop [Public]: Panda Cloud Cleaner.lnk . (...) -- C:\Program Files\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exe
O4 - GS\Desktop [Public]: Relação de Assistências Técnicas Autorizadas.lnk . (...) -- C:\Fabricante\Relação de Assistências Técnicas Autorizadas\Desktop_Ipanema_Rede_Assistencia_Tecnica.pdf
O4 - GS\Desktop [Public]: WinRAR.lnk . (.Alexander Roshal - WinRAR archiver.) -- C:\Program Files\WinRAR\WinRAR.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [Lu]: Emsisoft Anti-Malware.lnk . (.Emsisoft GmbH - Security Center.) -- C:\Program Files\Emsisoft Anti-Malware\a2start.exe
O4 - GS\QuickLaunch [Lu]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Lu]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Lu]: PhotoScape.lnk . (...) -- C:\Program Files\PhotoScape\PhotoScape.exe
O4 - GS\TaskBar [Lu]: Google Chrome (2).lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Lu]: Google Chrome (3).lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Lu]: Google Chrome (4).lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Lu]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (10).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (11).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (12).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (13).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (14).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (15).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (16).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (17).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (18).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (19).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (2).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (20).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (21).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (22).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (23).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (24).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (25).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (26).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (27).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (28).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (29).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (3).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (30).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (31).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (32).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (33).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (34).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (35).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (36).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (37).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (38).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (39).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (4).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (5).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (6).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (7).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer ( Cool

.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer (9).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Lu]: Mozilla Firefox (2).lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar [Lu]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Lu]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Lu]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Lu]: BrOffice.org Writer.lnk . (...) -- C:\Program Files\BrOffice.org 2.4\program\swriter.exe
O4 - GS\Desktop [Lu]: EPSON Scan.lnk . (.SEIKO EPSON CORP. - EPSON Scan.) -- C:\Windows\twain_32\escndv\escndv.exe
O4 - GS\Desktop [Lu]: PDF Image Extraction Wizard.lnk . (.RL Vision - No Comment.) -- C:\Program Files\PDF Image Extraction Wizard\PdfWiz.exe
O4 - GS\Desktop [Lu]: PhotoScape.lnk . (...) -- C:\Program Files\PhotoScape\PhotoScape.exe
~ Global Startup: 204 Legitimates Filtered in 00mn 04s

---\\ Aplicações iniciadas por registo & pastas (04)
O4 - GS\Startup [Public]: Assistente para criação de disco de recuperação.lnk . (.Positivo Informática - Recovery.) -- C:\Program Files\Positivo Informática\Recovery\Recovery2.exe
O4 - GS\Startup [Public]: Monitor.lnk . (.Positivo Informática - Monitor de Registro Positivo Informá.) -- C:\Program Files\Positivo Informática\SW_Cadastro\Monitor.exe
O4 - GS\Startup [Lu]: BrOffice.org 2.4.lnk . (...) -- C:\Program Files\BrOffice.org 2.4\program\quickstart.exe
O4 - HKLM\..\Run: [Baidu Antivirus] . (.Baidu, Inc. - Baidu Antivirus Tray Application.) -- C:\Program Files\Baidu Security\Baidu Antivirus\BavTray.exe =>Adware.BDSearch
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s

---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Objets ActiveX: Scanned in 00mn 00s

---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{9D1DA1F1-798A-4343-92B9-F1C9E3B3E367}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{9D1DA1F1-798A-4343-92B9-F1C9E3B3E367}: DhcpNameServer = 189.7.104.22 189.7.104.16 201.6.4.116
O17 - HKLM\System\CS1\Services\Tcpip\..\{9D1DA1F1-798A-4343-92B9-F1C9E3B3E367}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{9D1DA1F1-798A-4343-92B9-F1C9E3B3E367}: DhcpNameServer = 189.7.104.22 189.7.104.16 201.6.4.116
O17 - HKLM\System\CS2\Services\Tcpip\..\{9D1DA1F1-798A-4343-92B9-F1C9E3B3E367}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{9D1DA1F1-798A-4343-92B9-F1C9E3B3E367}: DhcpNameServer = 189.7.104.22 189.7.104.16 201.6.4.116
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 189.7.104.22 189.7.104.16 201.6.4.116
~ Domain: Scanned in 00mn 00s

---\\ Protocolo adicional (018)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: GbPluginBb . (.Banco do Brasil - Gbieh Module.) -- C:\Program Files\GbPlugin\gbieh.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s

---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Baidu Antivirus Service (BAVSvc) . (.Baidu, Inc. - Baidu Antivirus Service.) - C:\Program Files\Baidu Security\Baidu Antivirus\BAVSvc.exe =>Adware.BDSearch
O23 - Service: Baidu Hips Service (BHipsSvc) . (.Baidu, Inc. - Baidu Antivirus Hips Service.) - C:\Program Files\Baidu Security\Baidu Antivirus\BHipsSvc.exe =>Adware.BDSearch
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files\GbPlugin\gbpsv.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
~ Services: 13 Legitimates Filtered in 00mn 14s

---\\ Listagem dos dados do BootExecute (Bex) (034)
O34 - HKLM BootExecute: (sasnative32) - File not found
~ BEX: 2 Legitimates Filtered in 00mn 00s

---\\ Tarefas planificadas automaticamente (039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}.job [448]
[MD5.00000000000000000000000000000000] [APT] [4374] (...) -- C:\Users\Lu\AppData\Local\Temp\launchie.vbs \\B (.not file.) [0]
[MD5.EFAD35C449565BEA5CD70B9CB76F5DFE] [APT] [{1E3386FA-57B4-4741-A003-98B651E958D1}] (.Auralog.) -- C:\Program Files\Auralog\TELL ME MORE 8.0 DEMO\Bin\unsetup.exe [381832]
[MD5.00000000000000000000000000000000] [APT] [{D0E5C1A4-979F-4C11-9229-A400002243EC}] (...) -- C:\ProgramData\MovieMode\uninstall.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F0B752A7-AB77-4116-93DA-213104D0C3E2}] (...) -- D:\Setupx.exe (.not file.) [0]
~ Scheduled Task: 20 Legitimates Filtered in 00mn 04s

---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (360FileOem) . (.360.cn - 360FileOem.) - C:\Windows\system32\drivers\360FileOem.sys
O41 - Driver: (360RegOem) . (.360安全中心 - 360RegOem.) - C:\Windows\system32\drivers\360RegOem.sys
O41 - Driver: (360SpOEM) . (.360安全中心 - 360安全卫士 - SelfProtection.) - C:\Windows\System32\drivers\360SpOEM.sys
O41 - Driver: (Bfilter) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\Windows\system32\drivers\Bfilter.sys =>Adware.BDSearch
O41 - Driver: (Bfmon) . (.Baidu, Inc. - Baidu FS Monitor Driver.) - C:\Windows\system32\drivers\Bfmon.sys =>Adware.BDSearch
O41 - Driver: (Bprotect) . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - C:\Windows\system32\drivers\Bprotect.sys =>Adware.BDSearch
O41 - Driver: (Ndisrd) . (.GAS Tecnologia - GAS Tecnologia - LWF Helper Driver.) - C:\Windows\System32\DRIVERS\gbpndisrdn.sys
~ Drivers: 109 Legitimates Filtered in 00mn 38s

---\\ Software instalados (042)
O42 - Logiciel: Caderno de Receitas - (...) [HKLM] -- Caderno de Receitas_is1
O42 - Logiciel: Mundo da Criança - PC da Família - (...) [HKLM] -- Mundo da Criança - PC da Família
O42 - Logiciel: coontinUUeettoesavee - (.continue to save.) [HKLM] -- {C1C6816E-CBB3-A748-85F9-A8B47B68985B} =>PUP.Offerware
O42 - Logiciel: jFinanças Pessoal 2012 - (.Cenize.) [HKLM] -- jFinanças Pessoal 2012
~ Logic: 22 Legitimates Filtered in 00mn 00s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\Cenize]
[HKCU\Software\jap.fm]
[HKLM\Software\AutoHelpDesk]
[HKLM\Software\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Baidu_Drp_pos] =>Adware.BDSearch
[HKLM\Software\Cenize]
[HKLM\Software\Instasoft]
[HKLM\Software\KCC]
[HKLM\Software\Price Check by AOL]
~ Key Software: 227 Legitimates Filtered in 00mn 00s

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 02/03/2014 - 13:50:14 - [40,711] ----D C:\Program Files\Baidu Security =>Adware.BDSearch
O43 - CFD: 02/03/2014 - 13:58:08 - [225,408] ----D C:\Program Files\Faces
O43 - CFD: 02/03/2014 - 13:57:41 - [0,084] ----D C:\Program Files\Jap.fm
O43 - CFD: 02/03/2014 - 13:57:41 - [91,653] ----D C:\Program Files\jFinanças Pessoal 2012
O43 - CFD: 04/03/2014 - 20:05:57 - [0] ----D C:\Program Files\Oasis Games Limited
O43 - CFD: 09/03/2014 - 22:49:40 - [0] ----D C:\ProgramData\Baidu =>Adware.BDSearch
O43 - CFD: 29/11/2013 - 10:35:08 - [47,461] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 08/03/2014 - 22:07:56 - [0,002] ----D C:\ProgramData\NCOTEMP
O43 - CFD: 05/06/2013 - 17:47:41 - [0,042] ----D C:\ProgramData\Price Check by AOL
O43 - CFD: 28/11/2012 - 16:13:07 - [0] ----D C:\ProgramData\{3697A195-664C-4775-9370-AD7AE05D78CA}
O43 - CFD: 03/03/2014 - 20:13:21 - [0] ----D C:\Users\Lu\AppData\Roaming\1H1Q
O43 - CFD: 13/06/2013 - 23:11:52 - [6,808] ----D C:\Users\Lu\AppData\Roaming\Baidu Security =>Adware.BDSearch
O43 - CFD: 28/11/2012 - 16:13:00 - [5,895] ----D C:\Users\Lu\AppData\Local\Cenize
O43 - CFD: 05/06/2013 - 19:23:58 - [0] ----D C:\Users\Lu\AppData\Local\Price Check by AOL
O43 - CFD: 28/11/2012 - 16:13:07 - [0] ----D C:\Users\Lu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jFinanças Pessoal 2012
~ Program Folder: 231 Legitimates Filtered in 00mn 47s

---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.A5C914C5CBCFF645434535234BFCEACA] - 02/03/2014 - 13:59:29 ---A- . (.GAS Tecnologia - GAS Tecnologia - LWF Helper Driver.) -- C:\Windows\System32\Drivers\gbpndisrdn.sys [29400]
O44 - LFC:[MD5.3087D81A82F174FC825560781741B072] - 02/03/2014 - 16:02:13 ---A- . (...) -- C:\Windows\audaces.ini [8]
O44 - LFC:[MD5.E16580A3BB2C9660877853370A332F96] - 04/03/2014 - 20:26:31 ---A- . (...) -- C:\Windows\System32\log.txt [23131435]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 05/03/2014 - 01:17:41 ---A- . (...) -- C:\Windows\System32\Drivers\utm0nziw.sys [0]
O44 - LFC:[MD5.0219EA48EB408174F51F6404828915FF] - 05/03/2014 - 04:57:39 ---A- . (...) -- C:\Windows\IE11_main.log [22085]
O44 - LFC:[MD5.5866F5AC5FA90002CC1275789B715A60] - 07/03/2014 - 01:38:13 ---A- . (...) -- C:\Windows\NeroDigital.ini [116]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 07/03/2014 - 19:18:50 ---A- . (...) -- C:\Windows\System32\Drivers\GDWFPCD32.SYS [0]
O44 - LFC:[MD5.0E73E5993207048391870312736B0043] - 08/03/2014 - 19:47:59 ---A- . (...) -- C:\Windows\System32\Drivers\sfi.dat [1474832]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 08/03/2014 - 21:12:31 ---A- . (...) -- C:\Windows\SETUP.LST [0]
O44 - LFC:[MD5.8128DD4852B101ABD9CFB2B93B7EEC0E] - 08/03/2014 - 22:07:27 ---A- . (...) -- C:\Windows\System32\Drivers\SYMEVENT.CAT [8194]
O44 - LFC:[MD5.A56FDE291912C739D5EDC705B4552D19] - 08/03/2014 - 22:07:27 ---A- . (...) -- C:\Windows\System32\Drivers\SYMEVENT.INF [805]
O44 - LFC:[MD5.9E258CE9E479A0AB6BAF2DACD71810B0] - 09/03/2014 - 00:46:31 ---A- . (...) -- C:\Windows\System32\PCloudCleanerService.log [1224]
O44 - LFC:[MD5.AA96094960F93C838AD51738C349A354] - 09/03/2014 - 03:33:57 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [165954]
O44 - LFC:[MD5.A727CE5541726FECC9957B76B635759B] - 09/03/2014 - 03:33:57 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [756410]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 09/03/2014 - 21:13:42 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.D40177F2B3ABD10524B635E16B1D3DF7] - 09/03/2014 - 21:36:42 ---A- . (...) -- C:\files.log [95]
O44 - LFC:[MD5.3A60BD4FFE1007DE958AA4D519A138BA] - 09/03/2014 - 21:40:16 ---A- . (...) -- C:\zoek-results.log [13320]
O44 - LFC:[MD5.0DF2AF79EA178B3896C2831F0A693A15] - 09/03/2014 - 21:44:39 ---A- . (...) -- C:\Windows\ntbtlog.txt [1278100]
~ Files: 52 Legitimates Filtered in 00mn 12s

---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files\GbPlugin\gbieh.dll
~ ShellExecuteHooks: Scanned in 00mn 00s

---\\ Controlo do Modo de Segurança (CSB) (49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\CleanHlp.sys . (...) -- C:\Windows\System32\Drivers\CleanHlp.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\CleanHlp.sys . (...) -- C:\Windows\System32\Drivers\CleanHlp.sys (.not file.)
~ CSB: 15 Legitimates Filtered in 00mn 00s

---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - bpsvc.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - browsersafeguard.exe - tasklist.exe =>PUP.BrowserSafeguard
O50 - IFEO:Image File Execution Options - dprotectsvc.exe - tasklist.exe =>Trojan.Trojan.Staser
O50 - IFEO:Image File Execution Options - protectedsearch.exe - tasklist.exe =>Spyware.ProtectedSearch
O50 - IFEO:Image File Execution Options - rjatydimofu.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - searchprotection.exe - tasklist.exe =>Toolbar.Conduit
O50 - IFEO:Image File Execution Options - searchprotector.exe - tasklist.exe =>Toolbar.Conduit
O50 - IFEO:Image File Execution Options - snapdo.exe - tasklist.exe =>Hijacker.SmartBar
O50 - IFEO:Image File Execution Options - stinst32.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - stinst64.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - utiljumpflip.exe - tasklist.exe =>PUP.JumpFlip
~ IFEO: Scanned in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s

---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.31E96818831A9BDFEA233CF078A7DCB3] - 10/07/2013 - 09:19:00 R--A- . (.360.cn - 360FileOem.) -- C:\Windows\System32\Drivers\360FileOem.sys [152880]
O58 - SDL:[MD5.C5CE40B86C1C58A96F59DF554CFBD912] - 10/07/2013 - 09:19:00 R--A- . (.360安全中心 - 360HookOem.) -- C:\Windows\System32\Drivers\360HookOem.sys [61488]
O58 - SDL:[MD5.D538CEAE6E9BBC0AA364CFF2380D24EE] - 10/07/2013 - 09:19:00 R--A- . (.360安全中心 - 360RegOem.) -- C:\Windows\System32\Drivers\360RegOem.sys [29744]
O58 - SDL:[MD5.856806FC4A05FAF93B817712EA9A35C9] - 10/07/2013 - 09:19:00 R--A- . (.360安全中心 - 360安全卫士 - SelfProtection.) -- C:\Windows\System32\Drivers\360SpOEM.sys [64048]
O58 - SDL:[MD5.F3628BF262DE8F349E5298F8A94FAE63] - 21/01/2014 - 11:14:38 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [43840] =>Adware.BDSearch
O58 - SDL:[MD5.C84059943241394E90D8C30E2C573A9D] - 21/01/2014 - 11:14:48 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [27456] =>Adware.BDSearch
O58 - SDL:[MD5.36D995EE7DD05E77E50DD0DD4F953F94] - 09/01/2014 - 08:42:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Hook Base.) -- C:\Windows\System32\Drivers\Bhbase.sys [47456] =>Adware.BDSearch
O58 - SDL:[MD5.2FBA6087B5CF341024D3606250CC5173] - 21/01/2014 - 07:01:34 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [135488] =>Adware.BDSearch
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:[MD5.C1258ADCBE6E51A3C06C234D2BDB81B5] - 26/09/2008 - 18:03:26 R--A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\Drivers\ewdcsc.sys [23424]
O58 - SDL:[MD5.8F866DF9A974BFFDCB2001D303BC0695] - 08/05/2013 - 09:52:48 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\System32\Drivers\gbpkm.sys [49536]
O58 - SDL:[MD5.A5C914C5CBCFF645434535234BFCEACA] - 02/03/2014 - 13:59:29 ---A- . (.GAS Tecnologia - GAS Tecnologia - LWF Helper Driver.) -- C:\Windows\System32\Drivers\gbpndisrdn.sys [29400]
O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 07/03/2014 - 19:18:50 ---A- . (...) -- C:\Windows\System32\Drivers\GDWFPCD32.SYS [0]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.62C212678CA063DA233ED4B0B6FC9162] - 26/09/2008 - 18:04:52 R--A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\Drivers\mod7700.sys [621056]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 05/03/2014 - 01:17:41 ---A- . (...) -- C:\Windows\System32\Drivers\utm0nziw.sys [0]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 16 Legitimates Filtered in 00mn 15s

---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 10/07/2013 - C:\Windows\system32\drivers\360FileOem.sys (360FileOem) .(.360.cn - 360FileOem.) - LEGACY_360FILEOEM
O64 - Services: CurCS - 10/07/2013 - C:\Windows\System32\drivers\360HookOEM.sys (360HookOem) .(.360安全中心 - 360HookOem.) - LEGACY_360HOOKOEM
O64 - Services: CurCS - 10/07/2013 - C:\Windows\system32\drivers\360RegOem.sys (360RegOem) .(.360安全中心 - 360RegOem.) - LEGACY_360REGOEM
O64 - Services: CurCS - 10/07/2013 - C:\Windows\System32\drivers\360SpOEM.sys (360SpOEM) .(.360安全中心 - 360安全卫士 - SelfProtection.) - LEGACY_360SPOEM
O64 - Services: CurCS - 03/01/2014 - C:\Program Files\Baidu Security\Baidu Antivirus\BdApiUtil.sys (BdApiUtil) .(.Baidu, Inc. - Baidu Antivirus BdApi Driver.) - LEGACY_BDAPIUTIL =>Adware.BDSearch
O64 - Services: CurCS - 21/01/2014 - C:\Program Files\Baidu Security\Baidu Antivirus\BdCameraProtect.sys (BdCameraProtect) .(.Baidu, Inc. - Baidu Antivirus Camera Protector Driver.) - LEGACY_BDCAMERAPROTECT =>Adware.BDSearch
O64 - Services: CurCS - 21/01/2014 - C:\Windows\system32\drivers\Bfilter.sys (Bfilter) .(.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - LEGACY_BFILTER =>Adware.BDSearch
O64 - Services: CurCS - 21/01/2014 - C:\Windows\system32\drivers\Bfmon.sys (Bfmon) .(.Baidu, Inc. - Baidu FS Monitor Driver.) - LEGACY_BFMON =>Adware.BDSearch
O64 - Services: CurCS - 09/01/2014 - C:\Windows\System32\drivers\Bhbase.sys (Bhbase) .(.Baidu, Inc. - Baidu Antivirus Hook Base.) - LEGACY_BHBASE =>Adware.BDSearch
O64 - Services: CurCS - 21/01/2014 - C:\Windows\system32\drivers\Bprotect.sys (Bprotect) .(.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - LEGACY_BPROTECT =>Adware.BDSearch
O64 - Services: CurCS - 08/05/2013 - C:\Windows\System32\drivers\gbpkm.sys (GbpKm) .(.GAS Tecnologia - GbPlugin Device Driver.) - LEGACY_GBPKM
~ Legacy: 120 Legitimates Filtered in 00mn 00s

---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.A2590ED188BBDEC032B3380B33C0B610] [SPRF][09/10/2013] (...) -- C:\Users\Lu\AppData\Roaming\unins000.dat [16235]
[MD5.AD6E810B9CE3D8C0C1FF0203C68C6FA6] [SPRF][09/10/2013] (.No owner - Setup/Uninstall.) -- C:\Users\Lu\AppData\Roaming\unins000.exe [720082]
[MD5.27B3CB29890BDFDBDF711E0313E8A972] [SPRF][03/03/2014] (.No owner - Virus Removal Tool Setup.) -- C:\Users\Lu\Desktop\kaspersky.exe [135005840]
~ Files: 9 Legitimates Filtered in 00mn 03s

---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{5F227450-0EF3-4B9D-BF6D-3B0FB4B48EBB}" |In - None - P17 - TRUE | .(...) -- C:\Program Files\WinZip Driver Updater\winzipdu.exe (.not file.)
O87 - FAEL: "{02CF4398-6F3B-4525-B0E1-3131F1855CE4}" |In - Public - P6 - TRUE | .(...) -- C:\ProgramData\eSafe\eGdpSvc.exe (.not file.) =>PUP.eSafeSecurity
O87 - FAEL: "{1F9A6CEC-F58A-4D6D-8DA0-80405E99850E}" |In - None - P6 - TRUE | .(...) -- C:\Users\Lu\AppData\Local\TNT2\2.0.0.1760\TNT2User.exe (.not file.)
~ Firewall: 177 Legitimates Filtered in 00mn 01s

---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "20CE7BE554DA8BD4B9A67B0AE92D29E5" . (.Discador Positivo.) -- C:\Windows\Installer\{5EB7EC02-AD45-4DB8-9B6A-B7A09ED2925E}\ARPPRODUCTICON.exe
O90 - PUC: "61D191A4316EA424787ACEC367FDCB4B" . (.Conexao da Família.) -- C:\Windows\Installer\{4A191D16-E613-424A-87A7-EC3C76DFBCB4}\ARPPRODUCTICON.exe
O90 - PUC: "95049A39C3A5B6142BAEDADC3E1650A2" . (.Creditos MDC.) -- C:\Windows\Installer\{93A94059-5A3C-416B-B2EA-ADCDE361052A}\ARPPRODUCTICON.exe
~ Update Products: 71 Legitimates Filtered in 00mn 00s

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 20/02/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 05/06/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 05/06/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 23/11/2013 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 12/02/2014 118896 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe

SR - | Auto 09/03/2014 4163584 | (a2AntiMalware) . (.Emsisoft GmbH.) - C:\Program Files\Emsisoft Anti-Malware\a2service.exe
SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 05/03/2009 132424 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
SR - | Auto 21/01/2014 1923376 | (BAVSvc) . (.Baidu, Inc..) - C:\Program Files\Baidu Security\Baidu Antivirus\BAVSvc.exe =>Adware.BDSearch
SR - | Auto 21/01/2014 459416 | (BHipsSvc) . (.Baidu, Inc..) - C:\Program Files\Baidu Security\Baidu Antivirus\BHipsSvc.exe =>Adware.BDSearch
SR - | Auto 12/12/2008 238888 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 21/02/2014 519720 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files\GbPlugin\gbpsv.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 08/10/2013 262288 | (NAV) . (.Symantec Corporation.) - C:\Program Files\Norton AntiVirus\Engine\21.1.0.18\NAV.exe
SR - | Auto 06/10/2013 129424 | (NCO) . (.Symantec Corporation.) - C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
SR - | Auto 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 13s

---\\ Scâner Aditional (088)
Database Version : 13031 - (03/03/2014)
Clés trouvées (Keys found) : 6
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 4
Fichiers trouvés (Files found) : 4

[HKLM\SYSTEM\CurrentControlSet\Services\BAVSvc] =>Adware.BDSearch^
[HKLM\SYSTEM\CurrentControlSet\Services\BHipsSvc] =>Adware.BDSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C1C6816E-CBB3-A748-85F9-A8B47B68985B}] =>PUP.Offerware^
[HKCU\Software\USyndication] =>Trojan.USyndication
[HKCU\Software\usyndication.com] =>Trojan.USyndication
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus] =>Adware.BDSearch
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Baidu Antivirus =>Adware.BDSearch^
C:\Program Files\Baidu Security =>Adware.BDSearch^
C:\ProgramData\Baidu =>Adware.BDSearch^
C:\ProgramData\Baidu Security =>Adware.BDSearch^
C:\Users\Lu\AppData\Roaming\Baidu Security =>Adware.BDSearch^
C:\Program Files\Baidu Security\Baidu Antivirus\BavTray.exe =>Adware.BDSearch^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Baidu_Drp_pos] =>Adware.BDSearch^
~ Additionnel Scan: 231620 Items scanned in 00mn 18s

---\\ Sumário das deteções encontradas na sua estação
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Offerware
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.BrowserSafeguard
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.Staser
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Spyware.ProtectedSearch
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.Conduit
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.SmartBar
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.eSafeSecurity
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.USyndication
~ MSI: 9 link(s) detected in 00mn 18s

~ 1137 Legitimates filtered by white list
End of the scan (604 lines in 03mn 43s)(0)

por **Power Max** Seg 10 Mar 2014, 00:12

Acesse o site [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e envie estes arquivos destacados em negrito abaixo para serem analisados (um de cada vez):
C:\Program Files\Faces\Faces.exe
C:\Program Files\Image Converter\Image Converter\imageconverter.exe
C:\Windows\system32\drivers\360RegOem.sys
C:\Windows\System32\drivers\360SpOEM.sys
C:\Windows\System32\Drivers\360HookOem.sys

E à medida em que cada um deles for analisado, copie o link que aparecerá na barra de endereços de seu navegador e poste estes links em sua próxima resposta juntamente com o relatório do ZHPFix que pedi abaixo.
___________________________________________________________________________________________________

Virus de Navegador 772309

Copie todo o texto destacado em vermelho que te passei (começando em script zhpfix e indo até emptyclsid)
_____________________________________________________________________________________________________________

Virus de Navegador 772309

Vá no menu: Iniciar > Todos os programas > ZHP > Abra o Zhpfix > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta juntamente com os links com as análises dos arquivos no site Virus Total.

por emily00 Seg 10 Mar 2014, 17:25

Boa tarde,

Seguem os relatórios feitos pelo site vírus total:

Faces.exe
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Imagemconverter.exe

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Regoem.sys

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

360 Spoem.sys
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Hook Oem.sys
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Relatório Nicolas Colman:

Rapport de ZHPFix 2014.2.16.5 par Nicolas Coolman, Update du 16/02/2014
Fichier d'export Registre :
Run by Lu at 10/03/2014 16:59:08
High Elevated Privileges : OK
Windows 7 Starter Edition, 32-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 09s)
Reparação de atalhos do navegador

========== Softwares ==========
AUSENTE Uninstall Process: c:\programdata\coontinuueettoesavee\uninstall.exe

========== Processo memória ==========
ELIMINA REINICIAR: Memory Process: C:\Program Files\Baidu Security\Baidu Antivirus\BavTray.exe
AUSENTE Memory Process: O34 - HKLM BootExecute: (sasnative32) - File not found
ELIMINÉ: Memory Process: C:\Users\Lu\AppData\Roaming\unins000.exe

========== Estado dos serviços ==========
BDAPIUTIL Parado
BDCAMERAPROTECT Parado
BFILTER Parado
BFMON Parado
BHBASE Parado
BPROTECT Parado

========== Chaves do Registo ==========
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C1C6816E-CBB3-A748-85F9-A8B47B68985B}]
ELIMINÉ: Service: BAVSvc
ELIMINÉ: Service: BHipsSvc
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bprotect
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\Baidu_Drp_pos
ELIMINÉ: HKLM\Software\Price Check by AOL
ELIMINÉ O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\CleanHlp.sys . (...) -- C:\Windows\System32\Drivers\CleanHlp.sys (.not file.)
ELIMINÉ O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\CleanHlp.sys . (...) -- C:\Windows\System32\Drivers\CleanHlp.sys (.not file.)
ELIMINÉ: O50 - IFEO:Image File Execution Options - browsersafeguard.exe - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - dprotectsvc.exe - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - protectedsearch.exe - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - rjatydimofu.exe - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - searchprotection.exe - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - searchprotector.exe - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - snapdo.exe - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - stinst32.exe - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - stinst64.exe - tasklist.exe
ELIMINÉ: O50 - IFEO:Image File Execution Options - utiljumpflip.exe - tasklist.exe
ELIMINÉ: Service: Bonjour Service
ELIMINÉ: HKCU\Software\USyndication
ELIMINÉ: HKCU\Software\usyndication.com
ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus

========== Valores do Registo ==========
ELIMINÉ: Toolbar: {32C4237A-AA9C-4CE4-AB55-EDDE1EB9962B}
ELIMINÉ RunValue: Baidu Antivirus
ELIMINÉ: {5F227450-0EF3-4B9D-BF6D-3B0FB4B48EBB}
ELIMINÉ: {02CF4398-6F3B-4525-B0E1-3131F1855CE4}
ELIMINÉ: {1F9A6CEC-F58A-4D6D-8DA0-80405E99850E}
ELIMINÉ [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Baidu Antivirus
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :
ELIMINÉ: FirewallRaz (None) : {089634DB-6065-4DEF-9928-B325C9A1FFFB}
ELIMINÉ: FirewallRaz (Private) : {60662FD0-5D51-4743-8AEF-90837C821D3D}
ELIMINÉ: FirewallRaz (Private) : {28346662-F843-4272-A2C5-4D1E01D3DA20}
ELIMINÉ: FirewallRaz (Private) : {7E5A5864-5B01-4E93-9E47-727376920D16}
ELIMINÉ: FirewallRaz (Private) : {CD94AB7A-8AC9-4EC1-BFCF-6F935C44D69C}
ELIMINÉ: FirewallRaz (Private) : {1D870811-F9CA-4D9D-AE52-F38350117B39}
ELIMINÉ: FirewallRaz (Private) : {A18D7900-E7C1-4BCC-B5D0-DFC85D81D377}
ELIMINÉ: FirewallRaz (Private) : {44DA56FD-0499-45AB-9840-DF3D10EF390C}
ELIMINÉ: FirewallRaz (Private) : {B7914C22-6BC6-4FE6-8F0A-572706006B8F}
ELIMINÉ: FirewallRaz (Public) : {6F2A4BA7-2ED1-420E-A2F8-9175EF0DA7B3}
ELIMINÉ: FirewallRaz (Public) : {BC943C1E-05AF-49EF-89E9-826BCA209BEF}
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ: c:\users\public\desktop\conexão família.lnk
ELIMINA REINICIAR: c:\program files\baidu security\baidu antivirus\bavtray.exe
ELIMINA REINICIAR: c:\program files\baidu security\baidu antivirus\bavsvc.exe
ELIMINA REINICIAR: c:\program files\baidu security\baidu antivirus\bhipssvc.exe
ELIMINÉ: c:\windows\system32\drivers\bfilter.sys
ELIMINÉ: c:\windows\system32\drivers\bfmon.sys
ELIMINÉ: c:\windows\system32\drivers\bhbase.sys
ELIMINÉ: c:\windows\system32\drivers\bprotect.sys
ELIMINA REINICIAR: c:\program files\bonjour\mdnsresponder.exe
ELIMINÉ Temporários windows (186) (22.670.402 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: 4374
ELIMINÉ: {D0E5C1A4-979F-4C11-9229-A400002243EC}
ELIMINÉ: {F0B752A7-AB77-4116-93DA-213104D0C3E2}

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Recapitulativo ==========
3 : Processo memória
26 : Chaves do Registo
25 : Valores do Registo
1 : Pastas
11 : Ficheiros
1 : Softwares
6 : Estado dos serviços
3 : Tarefa planificada
1 : Restauração Sistema

End of clean in 02mn 16s

========== Caminho do ficheiro do relatório ==========
C:\Users\Lu\AppData\Roaming\ZHP\ZHPFix[R1].txt - 10/03/2014 16:59:18 [5383]

por **Power Max** Seg 10 Mar 2014, 17:43

Você usa este programa abaixo?
C:\Program Files\Image Converter\Image Converter\imageconverter.exe

Veja que dois antivirus o consideram como perigoso no site Virus Total. Sugiro que o desinstale.
_____________________________________________________________________________

Como está o seu PC após estas limpezas?

por emily00 Seg 10 Mar 2014, 19:53

Melhorou bastante, o internet explorer parou de travar e mandar mensagens e também parou de direcionar para aquelas páginas de anúncios. Eu consegui colocar a home page que eu queria, mas quando eu clico para abrir uma nova guia ao lado, a nova guia não abre com a home page que eu coloquei, abre com a mesma página que tinha antes, que foi o vírus que colocou, só a primeira página abre com a home page que eu coloquei, mesmo eu tendo configurado nas opções de internet para ficar uma única home page. Sobre o programa image converter eu já apaguei.

Tem um anúncio da positivo que cobre toda a área de trabalho do meu computador, e por isso, eu só consigo acessar o menu iniciar através do teclado. Esse anúncio já veio no meu computador quando eu comprei, mas não aparecia na área de trabalho antes. Quando eu fiz a varredura com o Norton ele tinha detectado uma ameaça com o nome de Positivo. Tinha também uma foto da positivo que estava aparecendo quando eu ligava o computador, mas esta já desapareceu e parou de tocar música.

por **Power Max** Seg 10 Mar 2014, 22:31

Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e salve-o no Desktop (Área de Trabalho)

Obs: Ao acessar o link acima, clique no botão Download Now 32-Bit Version

*Execute o FRST e aceite o contrato

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Clique [Scan]

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Ao término clique [OK] > [OK]

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Serão criados dois relatórios no Desktop: FRST.txt e Addition.txt

Poste estes dois relatórios em sua próxima resposta. (Obs: se não couber em uma só resposta, pode dividi-la em mais postagens.

por Conteúdo patrocinado

Virus de Navegador

Virus de Navegador

Re: Virus de Navegador

Re: Virus de Navegador

Re: Virus de Navegador

Re: Virus de Navegador

Re: Virus de Navegador

Re: Virus de Navegador

Re: Virus de Navegador

Re: Virus de Navegador

Re: Virus de Navegador

Re: Virus de Navegador

Re: Virus de Navegador

Re: Virus de Navegador

Re: Virus de Navegador

Re: Virus de Navegador

Re: Virus de Navegador

Re: Virus de Navegador

Re: Virus de Navegador

Re: Virus de Navegador

Re: Virus de Navegador

Re: Virus de Navegador

Re: Virus de Navegador

Re: Virus de Navegador

Re: Virus de Navegador

Re: Virus de Navegador

Re: Virus de Navegador

Seg	Ter	Qua	Qui	Sex	Sáb	Dom
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30