Note lento, abri várias paginas que não consigo apagar

Not muito lento, abrindo varias páginas da internet pedindo para instalar um monte de coisas. Tirei muitas programas com o Ccleaner mas continua lento, será que vou precisar formatar?

Segue Log do Hijack


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:27:43, on 28/07/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe
C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Anoto\penDirector\penDirector.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Anoto\4.1\DockingEngine.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe
C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe
c:\program files (x86)\common files\installshield\updateservice\isuspm.exe
C:\Program Files\Sony\VAIO Care\listener.exe
c:\program files (x86)\real\realplayer\update\realsched.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\program files (x86)\free_ven_s_pro 25\free_ven_s_pro 25-bg.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\Marta Tasca\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IE Security Component - {0D778FDC-FAD7-4B1D-AB88-7A76A562D65C} - C:\ProgramData\Plugin\ISeekDeal.dll
O2 - BHO: CrossriderApp0058028 - {11111111-1111-1111-1111-110511801128} - C:\Program Files (x86)\Free_Ven_s_pro 25\Free_Ven_s_pro 25-bho.dll
O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Program Files (x86)\Scpad\scpsssh2.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: MuvicEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing)
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.5.0.28\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.5.0.28\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: SNT - {8FB6844C-A757-8D43-BE5F-108A4274541C} - C:\Program Files (x86)\SNT\TuB933ZF0.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\PROGRA~2\GbPlugin\gbiehabn.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\PROGRA~2\GbPlugin\gbiehUni.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: ToggleMark - {dc59a866-959c-4638-a191-c13177d0bd68} - C:\Program Files (x86)\ToggleMark\ToggleMarkbho.dll
O2 - BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: greaTsaaver - {F7F56620-AF4A-DB11-D019-81450208C7DA} - C:\Program Files (x86)\greaTsaaver\nlg.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.5.0.28\coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Muvic - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SmartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [fst_br_152] "C:\Program Files (x86)\fst_br_152\fst_br_152.exe"
O4 - HKLM\..\RunOnce: [upfst_br_152.exe] C:\Users\Marta Tasca\AppData\Local\fst_br_152\upfst_br_152.exe -runonce
O4 - HKLM\..\RunOnce: [Del-731269833] cmd.exe /Q /D /c del "C:\Users\MARTAT~1\AppData\Local\Temp\81803.del"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] "c:\Program Files (x86)\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKCU\..\Run: [Elbserver] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe /Stay
O4 - HKCU\..\Run: [VRLPHelper] C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe /Stay
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [NoteTaker]  -silent
O4 - HKCU\..\Run: [MyScript InkRetriever] C:/Program Files (x86)/Vision Objects/MyScript Studio/MyScript_GenericInkRetriever.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Marta Tasca\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Marta Tasca\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Browser Infrastructure Helper] C:\Users\Marta Tasca\AppData\Local\Smartbar\Application\Muvic.exe startup
O4 - HKCU\..\RunOnce: [Del-731269833] cmd.exe /Q /D /c del "C:\Users\MARTAT~1\AppData\Local\Temp\81803.del"
O4 - Startup: Microsoft SharePoint Workspace.lnk = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: Anoto penDirector.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Evernote Clipper.lnk = ?
O8 - Extra context menu item: &Enviar para o OneNote - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: Add to Evernote 4.0 - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: Append Link Target to Existing PDF - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: wwws.realsecureweb.com.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: wwws.santandernet.com.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} (GbPluginObj Class) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} (GbPluginObj Class) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify:  GbPluginAbn - C:\PROGRA~2\GbPlugin\gbiehAbn.dll
O20 - Winlogon Notify:  GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O20 - Winlogon Notify:  GbPluginUni - C:\PROGRA~2\GbPlugin\gbiehUni.dll
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files (x86)\Scpad\scpLIB.dll
O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files (x86)\Scpad\scpLIB.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LPT System Updater Service (LPTSystemUpdater) - Unknown owner - C:\Program Files (x86)\LPT\srpts.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.5.0.28\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Oasis2Service - Digital Delivery Networks, Inc. - C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
O23 - Service: Digital Pen rendezvous server (PenRendezvous) - Logitech - C:\Program Files (x86)\Common Files\Logitech\Pen\Phal\Service\LPhal.exe
O23 - Service: Digital Pen Socket to USB protocol (PenSup) - Logitech - C:\Program Files (x86)\Common Files\Logitech\Pen\Phal\Service\LPhal.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: scpVista - Banco Bradesco S.A. - C:\Program Files (x86)\Scpad\scpVista.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update ToggleMark - Unknown owner - C:\Program Files (x86)\ToggleMark\updateToggleMark.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wpm Service (Wpm) - Cherished Technololgy LIMITED - C:\ProgramData\WPM\wprotectmanager.exe

--
End of file - 26977 bytes

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

Note travado, não consigo salvar o AwwCleaner, estou tentando mandar a foto do print da tela, mas tambem não estou conseguindo

inicie o PC em Modo Seguro com rede (apertando a tecla F8 (ou a tecla F5 em alguns computadores) repetidas vezes quando o computador estiver iniciando e escolhendo a opção Modo Seguro com rede (ou Modo seguro). Quando o PC estiver em modo seguro faça a limpeza com o adwcleaner.

Segue relatório do AdwCleaner, retomo as atividades amanhã pois estou fechando o escritório, obrigado pela ajuda, até amanhã


# AdwCleaner v3.301 - Report created 28/07/2014 at 17:22:53
# Updated 28/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Marta Tasca - MARTA-VAIO
# Running from : C:\Users\Marta Tasca\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : LPTSystemUpdater
[#] Service Deleted : Update ToggleMark
[#] Service Deleted : Util ToggleMark
Service Deleted : Wpm
Service Deleted : {9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw64

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\House Of Soft
Folder Deleted : C:\ProgramData\SNT
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\WPM
Folder Deleted : C:\ProgramData\Alawar Stargaze
Folder Deleted : C:\ProgramData\FiNdBestDeaal
Folder Deleted : C:\ProgramData\ggrreatsaaVer
Folder Deleted : C:\ProgramData\greaatsaver
Folder Deleted : C:\ProgramData\greaTsaaver
Folder Deleted : C:\ProgramData\SaveiLots
Folder Deleted : C:\ProgramData\YoutubeAdblocker
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free_soft_today
Folder Deleted : C:\Program Files (x86)\Desk 365
Folder Deleted : C:\Program Files (x86)\Free_Ven_s_pro 25
[!] Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\HiDefMedia
Folder Deleted : C:\Program Files (x86)\LPT
Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Program Files (x86)\SNT
[!] Folder Deleted : C:\Program Files (x86)\ToggleMark
Folder Deleted : C:\Program Files (x86)\ggrreatsaaVer
Folder Deleted : C:\Program Files (x86)\greaatsaver
Folder Deleted : C:\Program Files (x86)\greaTsaaver
Folder Deleted : C:\Program Files (x86)\YoutubeAdblocker
Folder Deleted : C:\Program Files (x86)\fst_br_152
[!] Folder Deleted : C:\Program Files (x86)\ToggleMark
Folder Deleted : C:\Program Files (x86)\Common Files\337
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\MARTAT~1\AppData\Local\Temp\Smartbar
Folder Deleted : C:\Users\boinc_master\AppData\Local\torch
Folder Deleted : C:\Users\boinc_project\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Marta Tasca\AppData\Local\Babylon
Folder Deleted : C:\Users\Marta Tasca\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Marta Tasca\AppData\Local\LPT
Folder Deleted : C:\Users\Marta Tasca\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Marta Tasca\AppData\Local\Smartbar
Folder Deleted : C:\Users\Marta Tasca\AppData\Local\torch
Folder Deleted : C:\Users\Marta Tasca\AppData\Local\fst_br_152
Folder Deleted : C:\Users\Marta Tasca\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Marta Tasca\AppData\LocalLow\Smartbar
Folder Deleted : C:\Users\Marta Tasca\AppData\Roaming\Activeris
Folder Deleted : C:\Users\Marta Tasca\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Marta Tasca\AppData\Roaming\DealPly
Folder Deleted : C:\Users\Marta Tasca\AppData\Roaming\Desk 365
Folder Deleted : C:\Users\Marta Tasca\AppData\Roaming\Alawar Stargaze
Folder Deleted : C:\Users\Marta Tasca\Documents\Mobogenie
Folder Deleted : C:\Users\Marta Tasca\Documents\Optimizer Pro
Folder Deleted : C:\Users\wangjihua\AppData\Local\Mobogenie
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Windows\System32\drivers\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw64.sys
File Deleted : C:\Users\MARTAT~1\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Marta Tasca\daemonprocess.txt
File Deleted : C:\Users\Marta Tasca\AppData\Roaming\LiveSupport.exe_log.txt
File Deleted : C:\Users\Marta Tasca\AppData\Roaming\regsvr32.exe_log.txt
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
File Deleted : C:\Users\Marta Tasca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Marta Tasca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Marta Tasca\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Marta Tasca\Desktop\Search.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Messenger\View Inbox.lnk
Shortcut Disinfected : C:\Users\Marta Tasca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Marta Tasca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
Shortcut Disinfected : C:\Users\Marta Tasca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Marta Tasca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Marta Tasca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Key Deleted : HKCU\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bho
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [fst_br_152]
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{1a34a8e0}
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0058028.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0058028.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0058028.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0058028.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_itunes-lyrics-importer-ilyrics_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_itunes-lyrics-importer-ilyrics_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_free-mp3-wma-converter_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_free-mp3-wma-converter_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_free-pdf-to-word-doc-converter_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_free-pdf-to-word-doc-converter_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_itunes-art-importer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_itunes-art-importer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_tagscanner_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_tagscanner_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6D4506CE-F855-4657-AA38-DB6B1F733982}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DC59A866-959C-4638-A191-C13177D0BD68}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511801128}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522802228}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555805528}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566806628}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5B79DF26-5A4A-4A88-BFF4-FE188A4F223E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{c3715f93-4241-49f6-ba85-1d8151b277af}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DC59A866-959C-4638-A191-C13177D0BD68}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511801128}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DC59A866-959C-4638-A191-C13177D0BD68}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511801128}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DC59A866-959C-4638-A191-C13177D0BD68}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110511801128}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511801128}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522802228}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555805528}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566806628}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5B79DF26-5A4A-4A88-BFF4-FE188A4F223E}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511801128}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\DealPly
Key Deleted : HKCU\Software\FreeSoftToday
Key Deleted : HKCU\Software\genesis
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\smartbarbackup
Key Deleted : HKCU\Software\smartbarlog
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\ToggleMark
Key Deleted : HKCU\Software\Tutorials
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Free_Ven_s_pro 25
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\DealPly
Key Deleted : HKLM\Software\Desksvc
Key Deleted : HKLM\Software\DeviceVM
Key Deleted : HKLM\Software\Free_soft_today
Key Deleted : HKLM\Software\GlobalUpdate
Key Deleted : HKLM\Software\hdcode
Key Deleted : HKLM\Software\InstalledBrowserExtensions
Key Deleted : HKLM\Software\nationzoomSoftware
Key Deleted : HKLM\Software\supWPM
Key Deleted : HKLM\Software\ToggleMark
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKLM\Software\Tutorials
Key Deleted : HKLM\Software\Free_Ven_s_pro 25
Key Deleted : HKLM\Software\ToggleMark
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA41BB14-E67B-1653-C57B-5CA99418A866}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wpm
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B5DB572D-EA87-D3B0-08F6-4D153EA6A783}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{35E13884-BAC3-5F4A-799B-05F882E0BD9F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fst_br_152_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Free_Ven_s_pro 25
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ToggleMark

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v

[ File : C:\Users\Marta Tasca\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deleted [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deleted [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deleted [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deleted [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*************************

AdwCleaner[R0].txt - [33168 octets] - [28/07/2014 17:15:58]
AdwCleaner[S0].txt - [28905 octets] - [28/07/2014 17:22:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [28966 octets] ##########

Desative temporariamente seu antivírus para evitar conflitos.

* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executá-lo corretamente siga as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.

A largura da mensagem ultrapassa o limite, o que fazer? já tentei salvar pelo word e também ultrapassa

 Acesse o site Cjoint:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Clique no botão Escolher arquivo > Selecione o arquivo do log (relatório) e clique no botão Abrir.

Clique no botão Créer le lien Cjoint

Copie o link que aparecerá ao lado da frase Le lien a été créé e poste este link em sua próxima resposta.

não sei se acertei

Le lien a été créé: http://cjoint.com/?DGDsaRWmygM

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

brmct escreveu:não sei se acertei

   Você fez certo, é assim mesmo.
______________________________________

Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

Segue relatório JRT


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Marta Tasca on 29/07/2014 at 13:24:30,82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440544804428}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440544804428}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440544804428}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440544804428}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\big fish games"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29/07/2014 at 13:36:41,86
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Faça o download do Malwarebytes em um destes links abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para instalá-lo e executá-lo corretamente siga, por gentileza, as dicas desta postagem:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Na sua próxima resposta poste este log (relatório) do Malwarebytes.

Ficamos no aguardo.

Segue relatório do Malwarebytes

Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]


Update, 29/07/2014 13:52:50, SYSTEM, MARTA-VAIO, Manual, Rootkit Database, 2014.2.20.1, 2014.7.17.1,
Update, 29/07/2014 13:55:31, SYSTEM, MARTA-VAIO, Manual, Malware Database, 2014.3.4.9, 2014.7.29.5,

(end)

O relatório que precisamos é outro.

Siga as dicas abaixo para acessar o Log (relatório) do Malwarebytes:

Para isto abra o Malwarebytes > Clique no botão Histórico > Clique em Logs de Aplicativos > E dê um duplo clique com o botão esquerdo do mouse sobre o Log de Verificação mais atual para abri-lo. Isto é mostrado nesta imagem:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Na próxima tela que surgirá clique no botão Exportar > e clique na opção Arquivo texto (*.txt):

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Na outra tela que vai aparecer dê um nome para este relatório (como LOG por exemplo) > Clique em Área de Trabalho (para que ele seja salvo no seu Desktop) > Clique em Salvar:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Clique em OK na próxima mensagem que aparece:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Depois disto é só postar este log do Malwarebytes em sua próxima resposta.

Fiz isso mas só aparece aquelas 4 linhas no log, comecei a verificação ontem, e após 3 horas pausei e coloquei o note para hibernar, voltei hoje e continuei a verificação, fui almoçar e quando voltei o note estava reiniciando. Vou passar a verificação de novo, talves tenha dado algum erro

Ok, quando a verificação terminar você segue estes passos que indiquei acima para gerar o log dele. Fico na espera.

Segue relatorio, depois de muito tempo de espera rsrsrsrsrsrs


Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Data de Verificação: 30/07/2014
Hora da Verificação: 14:14:15
Logfile: LOG.txt
Administrador: Não

Versão: 2.00.2.1012
Malware Database: v2014.07.30.05
Rootkit Database: v2014.07.17.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Self-protection: Desabilitado

OS: Windows 7 Service Pack 1
CPU: x64
Sistema de Arquivo: NTFS
Usuário: Marta Tasca

Tipo da Verificação: Verificação Personalizada
Resultado: Completado
Arquivos Verificados: 867268
Tempo Decorrido: 47 hr, 44 min, 54 seg

Memória: Enabled
Inicialização: Enabled
Filesystem: Enabled
Arquivos: Enabled
Rootkits: Desabilitado
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processos: 0
(No malicious items detected)

Módulos: 0
(No malicious items detected)

Chaves de Registro: 12
Adware.ISeekDeals, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{0D778FDC-FAD7-4B1D-AB88-7A76A562D65C}, , [b1fcdcc9f18afc3ab1252544b54df907],
Adware.ISeekDeals, HKLM\SOFTWARE\CLASSES\ISeekDeal.TISeekDeal, , [b1fcdcc9f18afc3ab1252544b54df907],
Adware.ISeekDeals, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{0D778FDC-FAD7-4B1D-AB88-7A76A562D65C}, , [b1fcdcc9f18afc3ab1252544b54df907],
Adware.ISeekDeals, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ISeekDeal.TISeekDeal, , [b1fcdcc9f18afc3ab1252544b54df907],
Adware.ISeekDeals, HKU\S-1-5-21-1433544187-2707227800-1237913233-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{0D778FDC-FAD7-4B1D-AB88-7A76A562D65C}, , [b1fcdcc9f18afc3ab1252544b54df907],
Adware.ISeekDeals, HKU\S-1-5-21-1433544187-2707227800-1237913233-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{0D778FDC-FAD7-4B1D-AB88-7A76A562D65C}, , [b1fcdcc9f18afc3ab1252544b54df907],
PUP.Optional.Feven.A, HKLM\SOFTWARE\WOW6432NODE\Free_Ven_s_pro 25, , [f6b7b9eca7d4ce684e0c1abe31d142be],
PUP.Optional.ToggleMark.A, HKLM\SOFTWARE\WOW6432NODE\ToggleMark, , [cde045604a31f1452a85965411f1b54b],
PUP.Optional.Feven.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Free_Ven_s_pro 25, , [d6d72c79ea91b58168ee9444a75bd62a],
PUP.Optional.SuperFish.A, HKU\S-1-5-21-1433544187-2707227800-1237913233-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, , [9a13465f3e3d41f5a73707ccbb476898],
PUP.Optional.Groovorio, HKU\S-1-5-21-1433544187-2707227800-1237913233-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{CC865B26-C31D-4D23-B17B-96548EEF03F6}, , [cce1c0e5fd7ea98dfeafab848a7acd33],
PUP.Optional.DealPly.A, HKU\S-1-5-21-1433544187-2707227800-1237913233-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\gaiilaahiahdejapggenmdmafpmbipje, , [d4d9069f69125ed89067409cb1517987],

Valores de Registro: 0
(No malicious items detected)

Dados do Registro: 3
PUP.Optional.NationZoom.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|CustomizeSearch, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Good: ([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Bad: (http://www.nationzoom.com/web/?type=ds&ts=1390602883&from=air&uid=TOSHIBAXMK6465GSXN_Z0JRC02UTXXZ0JRC02UT&q={searchTerms}),,[f4b9b6ef6219053161df2789dc28db25]
PUP.Optional.NationZoom.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Good: ([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Bad: (http://www.nationzoom.com/web/?type=ds&ts=1390602883&from=air&uid=TOSHIBAXMK6465GSXN_Z0JRC02UTXXZ0JRC02UT&q={searchTerms}),,[2f7e891c532870c6221ff4bc5fa56997]
PUP.Optional.Groovorio.A, HKU\S-1-5-21-1433544187-2707227800-1237913233-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Good: ([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Bad: (http://groovorio.com/?f=1&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0FtD0B0FzyyBtD0FtA0DzzyD0F0Bzz0DtN0D0Tzu0SzyyEtDtN1L2XzutBtFtBtCtFtCyBtFtCtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDtC0F0C0C0C0FtCtG0DyCyDzztGzytByCyBtGtA0C0A0AtGyB0BzyyDtByBtC0FtCyCtB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyEtDtDtCyB0AyBtGtAtB0D0DtG0E0Dzy0BtGtCtCtA0FtGyDtDtDyBzzyEtA0C0F0CzztC2Q&cr=1265522798&ir=),,[1e8fc3e2077455e16086a40aed177090]

Pastas: 6
PUP.Optional.FileHunter, C:\Users\Marta Tasca\AppData\Roaming\FileHunter, , [c4e9772e2358f541acb64b5d4db69070],
PUP.Optional.FileHunter, C:\Users\Marta Tasca\AppData\Roaming\FileHunter\downloads, , [c4e9772e2358f541acb64b5d4db69070],
PUP.Optional.CrossRider.A, C:\Users\Marta Tasca\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\flcnmdehjfeflkohlockkbmoglehckdf, , [3479267f1f5c0e28c1959429f012f40c],
PUP.Optional.CrossRider.A, C:\Users\Marta Tasca\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_flcnmdehjfeflkohlockkbmoglehckdf_0, , [1a932382275469cd5dfaa7165ea49769],
PUP.Optional.Groovorio.A, C:\Users\Marta Tasca\AppData\Roaming\GroovorioUpdater, , [8429871ede9d68ced2027f4707fb2bd5],
PUP.Optional.Groovorio.A, C:\Users\Marta Tasca\AppData\Roaming\GroovorioUpdater\UpdateProc, , [8429871ede9d68ced2027f4707fb2bd5],

Arquivos: 68
Adware.ISeekDeals, C:\ProgramData\Plugin\ISeekDeal.dll, , [b1fcdcc9f18afc3ab1252544b54df907],
Extension.Mismatch, C:\Users\Marta Tasca\Documents\Apartamento\f p3_g.jpg, , [b6f75055f8830f276c1a4f264db3ea16],
Hacktool.WPA, C:\Users\Marta Tasca\Documents\Pen Drive Preta\Marta\Aplicativos\ogacheckcontrol\Oga 17\OGA_171110.rar, , [7637089d552651e5a5bb6be92cd406fa],
RiskWare.Tool.CK, C:\Users\Marta Tasca\Documents\Pen Drive Preta\Marta\Aplicativos\Downloads\Microsoft.Office.2007.Enterprise.Keygen.Only-MiCROSOFT\mo2007ek.zip, , [812c12933f3cca6c725636aacf32b749],
Extension.Mismatch, C:\Users\Marta Tasca\Documents\Pen Drive Preta\Marta\Pessoal\Cavalos\CAPA\Fotos\P2080006.JPG, , [a10c9e07d2a91323671f1362f10f1ae6],
Extension.Mismatch, C:\Users\Marta Tasca\Documents\PESSOAL\Cavalos\CAPA\Fotos\P2080006.JPG, , [3b7235700675ae88c0c660152ed28f71],
PUP.Optional.SnapDo.A, C:\Windows\Installer\2bfa4a9.msi, , [8d20f9ac1764ed497d5daae2629f7f81],
PUP.Optional.ToggleMark.A, C:\zoek_backup\C_PROGRA~2_ToggleMark\bin\utilToggleMark.exe, , [139a11943f3cf3430da19bd937ca28d8],
PUP.Optional.Feven.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Free_Ven_s_pro 25\44b29ac0-dae3-4e59-87cc-ce9f39b88854-11.exe.vir, , [4667e9bc106b1521ae6dade2ea17738d],
PUP.Optional.Feven.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Free_Ven_s_pro 25\44b29ac0-dae3-4e59-87cc-ce9f39b88854-2.exe.vir, , [4469079e62193afc0912711ecb363fc1],
PUP.Optional.Feven.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Free_Ven_s_pro 25\44b29ac0-dae3-4e59-87cc-ce9f39b88854-3.exe.vir, , [decfc3e2f883ef47c9521a758e7346ba],
PUP.Optional.Feven.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Free_Ven_s_pro 25\44b29ac0-dae3-4e59-87cc-ce9f39b88854-4.exe.vir, , [e5c87e27d8a3df57bc5f850a1ae7b64a],
PUP.Optional.Feven.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Free_Ven_s_pro 25\44b29ac0-dae3-4e59-87cc-ce9f39b88854-5.exe.vir, , [218cd4d139426fc754c71d724ab717e9],
PUP.Optional.Feven.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Free_Ven_s_pro 25\Free_Ven_s_pro 25-bg.exe.vir, , [832a1a8b5922ef47e3381a7516eb13ed],
PUP.Optional.Feven.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Free_Ven_s_pro 25\Free_Ven_s_pro 25-bho.dll.vir, , [c7e6cbdaafcce84e4fcc028dbe43ac54],
PUP.Optional.Feven.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Free_Ven_s_pro 25\Free_Ven_s_pro 25-bho64.dll.vir, , [733ad6cf6a11ce6868b3dcb36c95c43c],
PUP.Optional.Feven.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Free_Ven_s_pro 25\Free_Ven_s_pro 25-codedownloader.exe.vir, , [9a1305a0e299da5c78a396f94eb36a96],
PUP.Optional.Feven.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Free_Ven_s_pro 25\Free_Ven_s_pro 25-nova.exe.vir, , [c0ed980dd3a8a3939b80563999683fc1],
PUP.Optional.Feven.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Free_Ven_s_pro 25\Free_Ven_s_pro 25-novainstaller.exe.vir, , [8825eeb7a9d21422f12ae5aa3dc4f40c],
PUP.Optional.Feven.A, c:\AdwCleaner\Quarantine\C\Program Files (x86)\Free_Ven_s_pro 25\utils.exe.vir, , [6d40edb8a9d279bdb2435ce3d828f30d],
PUP.Optional.FreeSoftToday.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\fst_br_152\freeSoftToday_widget.exe.vir, , [604d6144c9b2dd59d08a58f1b947ef11],
Adware.Tuto4PC, c:\AdwCleaner\Quarantine\C\Program Files (x86)\fst_br_152\fst_br_152.exe.vir, , [327b881db4c7a09638ac7d949c65bc44],
PUP.Optional.MultiPlug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\greaatsaver\CppJSV2lf.x64.dll.vir, , [535a584d9edde452b0c78bc8c1407a86],
PUP.Optional.MultiPlug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\greaTsaaver\nlg.dll.vir, , [a4096144cab182b4205798bbb051867a],
PUP.Optional.MultiPlug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\greaTsaaver\nlg.x64.dll.vir, , [1895d2d348330d296116480b5da4a15f],
PUP.Optional.NextLive.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\nengine.dll.vir, , [c1ece7becead81b556698bd2f20fd12f],
PUP.Optional.MultiPlug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SNT\TuB933ZF0.dll.vir, , [e4c97332453684b28bec401327da26da],
PUP.Optional.MultiPlug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SNT\TuB933ZF0.x64.dll.vir, , [8f1efaabbebd0234d2a5c78c51b019e7],
PUP.Optional.ToggleMark.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ToggleMark\ToggleMarkBHO.dll.vir, , [b2fb02a36f0c92a48f1ef57f1ce5e11f],
PUP.Optional.ToggleMark.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ToggleMark\updateToggleMark.exe.vir, , [8924edb8d9a254e203ab284c16ebe41c],
PUP.Optional.ToggleMark.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ToggleMark\bin\utilToggleMark.exe.vir, , [c4e90f96205be0561f8fa9cbdb26af51],
PUP.Optional.Sanbreel.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ToggleMark\bin\plugins\ToggleMark.BrowserAdapterS.dll.vir, , [c6e7168f2e4d4aecf7d305892cd543bd],
PUP.Optional.Sanbreel.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ToggleMark\bin\plugins\ToggleMark.PurBrowseG.dll.vir, , [aa031293ea9147ef7989027e43be7b85],
PUP.Optional.MultiPlug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\YoutubeAdblocker\fIQ.x64.dll.vir, , [e2cbe6bf95e6d66089eecf84d32ea15f],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\FiNdBestDeaal\KdJB94s.dll.vir, , [5c514461c5b6ec4a9ece8c0b33ce916f],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\FiNdBestDeaal\KdJB94s.exe.vir, , [c3ea8b1a2c4fe155c523cccefa07738d],
PUP.Optional.Preload, C:\AdwCleaner\Quarantine\C\ProgramData\FiNdBestDeaal\KdJB94s.x64.dll.vir, , [a00da1047ffc2016f9a06f2df90815eb],
PUP.Optional.MultiPlug.A, C:\AdwCleaner\Quarantine\C\ProgramData\greaatsaver\hVnmAbRXBX.exe.vir, , [8f1e960f0b708babfb7cda79b74ae41c],
PUP.Optional.MultiPlug.A, C:\AdwCleaner\Quarantine\C\ProgramData\greaTsaaver\QfMC.exe.vir, , [4f5e089d592289ad82f5aaa956ab8779],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\SaveiLots\JyESrIH8do.dll.vir, , [02abe3c2adcec670006c3760f40dae52],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\SaveiLots\JyESrIH8do.exe.vir, , [f0bd2580e19aae8814d4643648b9bd43],
PUP.Optional.Preload, C:\AdwCleaner\Quarantine\C\ProgramData\SaveiLots\JyESrIH8do.x64.dll.vir, , [06a7dfc64e2d270f6237c1dbf110f10f],
PUP.Optional.MultiPlug.A, C:\AdwCleaner\Quarantine\C\ProgramData\SNT\vE5_rIiE8Z.exe.vir, , [fdb0efb6c1bafc3ab5c21f348c75fc04],
PUP.Optional.WpManager, C:\AdwCleaner\Quarantine\C\ProgramData\WPM\wprotectmanager.exe.vir, , [8e1fa5001b604fe743cd87e3629f46ba],
PUP.Optional.MultiPlug.A, C:\AdwCleaner\Quarantine\C\ProgramData\YoutubeAdblocker\RNZq.exe.vir, , [1f8e8f1697e477bf5c1b3c17bc457888],
PUP.Optional.NextLive.A, C:\AdwCleaner\Quarantine\C\Users\Marta Tasca\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.1.35.zip.vir, , [5459485dadced660ac1384d9f1100ef2],
PUP.Optional.NextLive.A, C:\AdwCleaner\Quarantine\C\Users\Marta Tasca\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\nengine.dll.vir, , [efbee1c4681386b0ccf3eb72dc258a76],
PUP.Optional.SnapDo.A, C:\AdwCleaner\Quarantine\C\Users\Marta Tasca\AppData\Local\Smartbar\Application\BrowserHelper.exe.vir, , [aa03f8ad225981b525b517756e938779],
PUP.Optional.SmartBar.A, C:\AdwCleaner\Quarantine\C\Users\Marta Tasca\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe.vir, , [634ac5e0641742f417e11512847c966a],
PUP.Optional.Desk365.A, C:\AdwCleaner\Quarantine\C\Users\Marta Tasca\AppData\Roaming\Desk 365\components\component_libcef_1.1364.1123.exe.vir, , [ddd0c5e05c1f62d483042db246bebb45],
PUP.Optional.Groovorio.A, C:\Windows\Tasks\Groovorio Updater.job, , [0aa3c5e00b708fa71f9423ab4db5a45c],
PUP.Optional.Groovorio.A, C:\Windows\System32\Tasks\Groovorio Updater, , [09a4cdd888f3e94dbef61bb315ed58a8],
PUP.Optional.CrossRider.A, C:\Users\Marta Tasca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_flcnmdehjfeflkohlockkbmoglehckdf_0.localstorage, , [377652537902b185344e17c456ac44bc],
PUP.Optional.FileHunter, C:\Users\Marta Tasca\AppData\Roaming\FileHunter\pumpa.state, , [c4e9772e2358f541acb64b5d4db69070],
PUP.Optional.FileHunter, C:\Users\Marta Tasca\AppData\Roaming\FileHunter\pumpa.exe, , [c4e9772e2358f541acb64b5d4db69070],
PUP.Optional.CrossRider.A, C:\Users\Marta Tasca\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\flcnmdehjfeflkohlockkbmoglehckdf\000022.ldb, , [3479267f1f5c0e28c1959429f012f40c],
PUP.Optional.CrossRider.A, C:\Users\Marta Tasca\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\flcnmdehjfeflkohlockkbmoglehckdf\000031.log, , [3479267f1f5c0e28c1959429f012f40c],
PUP.Optional.CrossRider.A, C:\Users\Marta Tasca\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\flcnmdehjfeflkohlockkbmoglehckdf\CURRENT, , [3479267f1f5c0e28c1959429f012f40c],
PUP.Optional.CrossRider.A, C:\Users\Marta Tasca\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\flcnmdehjfeflkohlockkbmoglehckdf\LOCK, , [3479267f1f5c0e28c1959429f012f40c],
PUP.Optional.CrossRider.A, C:\Users\Marta Tasca\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\flcnmdehjfeflkohlockkbmoglehckdf\LOG, , [3479267f1f5c0e28c1959429f012f40c],
PUP.Optional.CrossRider.A, C:\Users\Marta Tasca\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\flcnmdehjfeflkohlockkbmoglehckdf\LOG.old, , [3479267f1f5c0e28c1959429f012f40c],
PUP.Optional.CrossRider.A, C:\Users\Marta Tasca\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\flcnmdehjfeflkohlockkbmoglehckdf\MANIFEST-000029, , [3479267f1f5c0e28c1959429f012f40c],
PUP.Optional.CrossRider.A, C:\Users\Marta Tasca\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_flcnmdehjfeflkohlockkbmoglehckdf_0\14, , [1a932382275469cd5dfaa7165ea49769],
PUP.Optional.Groovorio.A, C:\Users\Marta Tasca\AppData\Roaming\GroovorioUpdater\UpdateProc\config.dat, , [8429871ede9d68ced2027f4707fb2bd5],
PUP.Optional.Groovorio.A, C:\Users\Marta Tasca\AppData\Roaming\GroovorioUpdater\UpdateProc\info.dat, , [8429871ede9d68ced2027f4707fb2bd5],
PUP.Optional.Groovorio.A, C:\Users\Marta Tasca\AppData\Roaming\GroovorioUpdater\UpdateProc\STTL.DAT, , [8429871ede9d68ced2027f4707fb2bd5],
PUP.Optional.Groovorio.A, C:\Users\Marta Tasca\AppData\Roaming\GroovorioUpdater\UpdateProc\TTL.DAT, , [8429871ede9d68ced2027f4707fb2bd5],
PUP.Optional.Groovorio.A, C:\Users\Marta Tasca\AppData\Roaming\GroovorioUpdater\UpdateProc\UpdateTask.exe, , [8429871ede9d68ced2027f4707fb2bd5],

Physical Sectors: 0
(No malicious items detected)


(end)

Está constando que o Malwarebytes encontrou vários problemas, mas que você ainda não os removeu. É preciso selecionar e remover todos eles, como mostra o tutorial que te passei. Depois disto poste o novo relatório que ele irá criar.

Ele removeu tudo para a quarentena e depois eu apaguei tudo o que estava na pasta da quarentena

brmct escreveu:Ele removeu tudo para a quarentena e depois eu apaguei tudo o que estava na pasta da quarentena

Ah sim, então é porque você deve ter pegado o relatório antes dele remover os problemas. Então está certo, o importante é ter removido os itens contaminados.
__________________________________________________________

Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

Segue Relatório ZIP


~ Relatório do ZHPDiag v2014.7.30.111 - Nicolas Coolman (30/07/2014)
~ Iniciado por Marta Tasca (01/08/2014 15:01:24)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Endereço do Webforum : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17207
GCIE: Google Chrome v36.0.1985.125 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK

---\\ Softwares de proteçao do sistema
Malwarebytes Anti-Malware versão 2.0.2.1012
Microsoft Security Client v4.5.0216.0
Windows Defender W7 (Deactivate)

---\\ Softwares d'optimização do sistema
CCleaner v4.02

---\\ Softwares de partilha do PeerToPeer (P2P)
µTorrent v2.2.1 =>P2P.µTorrent

---\\ Monitoramento dos softwares
Adobe Flash Player 14 Plugin
Adobe Reader X
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3758 MB (33% free)
System Restore: Activé (Enable)
System drive C: has 250 GB (42%) free of 582 GB

---\\ Modo de conexão ao sistema
~ Computer Name: MARTA-VAIO
~ User Name: Marta Tasca
~ All Users Names: Marta Tasca, HomeGroupUser$, Guest, boinc_project, boinc_master, Administrator,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Marta Tasca\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Marta Tasca\AppData\Roaming\
~ %Desktop% : C:\Users\Marta Tasca\Desktop\
~ %Favorites% : C:\Users\Marta Tasca\Favorites\
~ %LocalAppData% : C:\Users\Marta Tasca\AppData\Local\
~ %StartMenu% : C:\Users\Marta Tasca\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 250 Go of 582 Go)
E: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 03:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Windows Start-Up Application.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.2EE102DF0EDD8A1EDD3D1E9B99A91BEC] - (.Microsoft Corporation - Internet Extensions for Win32.) (.18/06/2014 - 19:58:27.) -- C:\Windows\System32\wininet.dll [2266112]
[MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Windows Logon Application.) (.04/03/2014 - 06:43:50.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Software Licensing Library.) (.20/11/2010 - 10:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 03:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 06:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 06:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 07:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - i8042 Port Driver.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 06:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - NT File System Driver.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Parallel Port Driver.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 07:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 06:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Volume Shadow Copy Driver.) (.20/11/2010 - 10:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 01s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/37327
~ Mes musiques (My Musics) : 1/79373
~ Mes Videos (My Videos) : 1/932
~ Mes Favoris (My Favorites) : 1/116
~ Mes Documents (My Documents) : 2/12074
~ Mon Bureau (My Desktop) : 1/38
~ Menu demarrer (Programs) : 1/34
~ Hidden Files: Scanned in 12mn 38s



---\\ Processos lançados
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.2196]
[MD5.607AA4260DB60270916B871BA99FF8E0] - (.Sony Corporation - No Comment.) -- C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [81264] [PID.4556]
[MD5.2272BFCAA05155C2310A09DE3D92C113] - (.Sony Corporation - VRLPHelper.) -- C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe [183152] [PID.4416]
[MD5.48C3EBD6D5E52AFCB1A0FA9B7F9802FA] - (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720] [PID.5632]
[MD5.25107F58D1B8F60D67D1EE95798C0DE8] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696] [PID.6008]
[MD5.B41D1BDB8673873AB25B7540E9B433F1] - (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe [642664] [PID.5148]
[MD5.CCA9023E3DDBE290D4381344115D99B7] - (.Sony Corporation - No Comment.) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673136] [PID.2624]
[MD5.96A8933D2F6D731E6BA2AC4914513A2B] - (.Sony Corporation - SHTtray.) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [99696] [PID.5780]
[MD5.7D58C9BDF9C0A3955BDCDE7387AD12AC] - (.Macrovision Corporation - InstallShield Update Service Scheduler.) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920] [PID.6048]
[MD5.8FB740D758B14B1BC950CC347C21E461] - (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [32768] [PID.4060]
[MD5.A05602FCF939A0A051D0CDF8C5CEDA98] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296096] [PID.2372]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.5008]
[MD5.B4E6C1B28AF8806008CB654C716ABAFA] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.1732]
[MD5.E0ACF6A07402A8ABF4083BE6470E3653] - (.Anoto AB - Anoto Digital penDirector.) -- C:\Program Files (x86)\Anoto\penDirector\penDirector.exe [700416] [PID.6644]
[MD5.6912D02CC912B980C8C12F9CDADB8763] - (.Evernote Corp., 333 W Evelyn Ave. Mountain - Evernote Clipper.) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe [956416] [PID.6876]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\RunDll32.exe [0] [PID.7044]
[MD5.56625FF37D4E21069D3743A0DA0F4DC9] - (.Anoto AB - LPLS DockingEngine Module.) -- C:\Program Files (x86)\Common Files\Anoto\4.1\DockingEngine.exe [1470464] [PID.7088]
[MD5.CCC250711E6B5F998DC1B7393233A755] - (.Broadcom Corporation. - Bluetooth Headset Skype Proxy.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe [13600] [PID.6824]
[MD5.046C4928FB5D09D3BB3967B79845427E] - (.No owner - CCP.) -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe [22504] [PID.4212]
[MD5.1BF9D6476061B31CD7FC2BF848529A56] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.5.0.28\ccSvcHst.exe [144368] [PID.4892]
[MD5.B7F182F0972EA735207AE66C775E77F1] - (.No owner - ThirdPartyAppMgr.) -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe [23552] [PID.7536]
[MD5.20E915CF7C6F5E74E1FB4C8078D7CB83] - (.No owner - PowerManager.) -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe [40952] [PID.7544]
[MD5.F120F63F99343B7D55C0E04285858295] - (...) -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe [184816] [PID.8164]
[MD5.05D8BC3C23ECB752E26DB2153B305562] - (.Sony Corporation - VAIO Personalization Manager.) -- C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe [243056] [PID.4160]
[MD5.7DCE7A74764EB7C67D21A32BC579453D] - (.Oracle Corporation - Java(TM) Update Checker.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe [507264] [PID.7708]
[MD5.C967BDA9397E004842498A25583983A2] - (.Sony Corporation - VAIO Personalization Manager Morphological.) -- C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe [87408] [PID.3972]
[MD5.4D96F6F7508BDF46771262EEEA505F98] - (.Sony of America Corporation - VaioCare Window Listener Application.) -- C:\Program Files\Sony\VAIO Care\listener.exe [81016] [PID.8132]
[MD5.ED561B00BA0DB6F4A51D711A8720395C] - (.Digital Delivery Networks, Inc. - VAIO Messenger.) -- C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe [1498024] [PID.8732]
[MD5.4FBC630768570E6AC35C3DE8F6EC79F5] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [6970168] [PID.908]
[MD5.B43E68B8A022FB00FF54360D408E871B] - (.Google Inc. - Google Chrome.) -- C:\Users\Marta Tasca\AppData\Local\Google\Chrome\Application\chrome.exe [860488] [PID.6120]
[MD5.B3593D56E802DE2C61B755B85669B2B4] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8083968] [PID.8920]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Marta Tasca\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 18 Legitimates Filtered in 00mn 01s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: CompSegIB [64Bits] - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Banco Bradesco S.A. - scpsssh2 Module.) -- C:\Program Files (x86)\Scpad\scpsssh2.dll
O2 - BHO: G-Buster Browser Defense [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O2 - BHO: G-Buster Browser Defense Banco Real [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540007} . (.Banco Real - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbiehabn.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540008} . (.Banco Itaú Unibanco - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbiehUni.dll
~ BHO: 22 Legitimates Filtered in 00mn 01s



---\\ Barras do Internet Explorer (03))
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{47833539-D0C5-4125-9FA8-0819E2EAAC93} Chave orfã
~ Toolbar: Scanned in 00mn 00s



---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: MiniLyrics.lnk . (.Crintsoft - No Comment.) -- C:\Program Files (x86)\Minilyrics\MiniLyrics.exe =>Adware.AddLyrics
O4 - GS\Desktop [Public]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\QuickLaunch [Marta Tasca]: MiniLyrics.lnk . (.Crintsoft - No Comment.) -- C:\Program Files (x86)\Minilyrics\MiniLyrics.exe =>Adware.AddLyrics
O4 - GS\QuickLaunch [Marta Tasca]: Reiniciar MiniLyrics.lnk . (...) -- C:\Program Files (x86)\Minilyrics\MLStart.exe (.not file.) =>Adware.AddLyrics
O4 - GS\QuickLaunch [Marta Tasca]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 5 Legitimates Filtered in 00mn 05s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files (x86)\Apoint\Apoint.exe (.not file.)
O4 - HKLM\..\Run: [IntelWireless] . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Framework.) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKLM\..\Run: [Windows Mobile Device Center] . (.Microsoft Corporation - Windows Mobile Device Center.) -- C:\Windows\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ISUSPM Startup] . (.Macrovision Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
O4 - HKCU\..\Run: [Elbserver] . (.Sony Corporation - No Comment.) -- C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
O4 - HKCU\..\Run: [VRLPHelper] . (.Sony Corporation - VRLPHelper.) -- C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe
O4 - HKCU\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.exe
O4 - HKCU\..\Run: [NoteTaker] Chave orfã
O4 - HKCU\..\Run: [MyScript InkRetriever] . (...) -- C:\Program Files (x86)\Vision Objects\MyScript Studio\MyScript_GenericInkRetriever.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen] . (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] . (.Apple Inc. - Apple Photostreams Uploader Executable.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [ALLUpdate] C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe (.not file.)
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Marta Tasca\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [Adobe Acrobat Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [Acrobat Assistant 8.0] . (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
O4 - HKLM\..\Wow6432Node\Run: [SmartWiHelper] . (.Sony Electronics Corporation - SmartWi Helper.) -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [ISBMgr.exe] . (.Sony Corporation - No Comment.) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Wow6432Node\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Wow6432Node\Run: [SHTtray.exe] . (.Sony Corporation - SHTtray.) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
O4 - HKLM\..\Wow6432Node\Run: [ISUSScheduler] . (.Macrovision Corporation - InstallShield Update Service Scheduler.) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl] . (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe =>.RealNetworks, Inc
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKUS\S-1-5-21-1433544187-2707227800-1237913233-1008\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-1433544187-2707227800-1237913233-1008\..\Run: [ISUSPM Startup] . (.Macrovision Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
O4 - HKUS\S-1-5-21-1433544187-2707227800-1237913233-1008\..\Run: [Elbserver] . (.Sony Corporation - No Comment.) -- C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
O4 - HKUS\S-1-5-21-1433544187-2707227800-1237913233-1008\..\Run: [VRLPHelper] . (.Sony Corporation - VRLPHelper.) -- C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe
O4 - HKUS\S-1-5-21-1433544187-2707227800-1237913233-1008\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.exe
O4 - HKUS\S-1-5-21-1433544187-2707227800-1237913233-1008\..\Run: [NoteTaker] Chave orfã
O4 - HKUS\S-1-5-21-1433544187-2707227800-1237913233-1008\..\Run: [MyScript InkRetriever] . (...) -- C:\Program Files (x86)\Vision Objects\MyScript Studio\MyScript_GenericInkRetriever.exe
O4 - HKUS\S-1-5-21-1433544187-2707227800-1237913233-1008\..\Run: [Gadwin PrintScreen] . (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
O4 - HKUS\S-1-5-21-1433544187-2707227800-1237913233-1008\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-1433544187-2707227800-1237913233-1008\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKUS\S-1-5-21-1433544187-2707227800-1237913233-1008\..\Run: [ApplePhotoStreams] . (.Apple Inc. - Apple Photostreams Uploader Executable.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKUS\S-1-5-21-1433544187-2707227800-1237913233-1008\..\Run: [ALLUpdate] C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe (.not file.)
O4 - HKUS\S-1-5-21-1433544187-2707227800-1237913233-1008\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Marta Tasca\AppData\Local\Google\Update\GoogleUpdate.exe
~ Application: Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.santander.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.santandernet.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.secureweb.com.br
~ IE Zone Confiance: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{172F2F57-9B13-4095-8ADB-7D63B1ADE604}: DhcpNameServer = 189.7.32.15 189.7.32.16
O17 - HKLM\System\CCS\Services\Tcpip\..\{3104D023-7EC6-4901-8295-C7492BCBCE73}: DhcpNameServer = 192.168.88.1 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{172F2F57-9B13-4095-8ADB-7D63B1ADE604}: DhcpNameServer = 189.7.32.15 189.7.32.16
O17 - HKLM\System\CS1\Services\Tcpip\..\{3104D023-7EC6-4901-8295-C7492BCBCE73}: DhcpNameServer = 192.168.88.1 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{172F2F57-9B13-4095-8ADB-7D63B1ADE604}: DhcpNameServer = 189.7.32.15 189.7.32.16
O17 - HKLM\System\CS2\Services\Tcpip\..\{3104D023-7EC6-4901-8295-C7492BCBCE73}: DhcpNameServer = 192.168.88.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.88.1 192.168.0.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Program Files (x86)\GS_X64~1.EN~ (.not file.)
~ AppInit DLL: Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
O23 - Service: (Oasis2Service) . (.Digital Delivery Networks, Inc. - Oasis2Service.) - C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
O23 - Service: scpVista (scpVista) . (.Banco Bradesco S.A. - scpVista.) - C:\Program Files (x86)\Scpad\scpVista.exe
~ Services: 29 Legitimates Filtered in 00mn 09s



---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [4813] (...) -- C:\Users\Marta Tasca\AppData\Local\Temp\launchie.vbs \\B (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS.exe (.not file.) [0] =>Trojan.AutoKMS
[MD5.DE54B81B68132B3716EAF95DBF66A59F] [APT] [DDNi Startup] (.Digital Delivery Networks, Inc..) -- C:\Program Files (x86)\DDNi\Oasis\DDNiStartup.exe [12200]
[MD5.ED561B00BA0DB6F4A51D711A8720395C] [APT] [VAIO© Messenger (Marta Tasca)] (.Digital Delivery Networks, Inc..) -- C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe [1498024]
[MD5.00000000000000000000000000000000] [APT] [{10E90973-6A74-49C4-8048-EA0B2306B8F5}] (...) -- C:\Users\Marta Tasca\Downloads\OnlineBackgammon-Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{2BFA17D3-B625-44DE-B31A-53BFD531D676}] (...) -- C:\Users\Marta Tasca\Downloads\MillenniumSecretsRoxannesNecklaceNew.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{574D5767-2EB6-4962-8981-63A244E5161E}] (...) -- C:\Users\Marta Tasca\Downloads\RevengeSpiritRiteResurrection.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A92622B0-3808-439E-BF32-BEAEE2FAA661}] (...) -- E:\Install.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A95C10BB-C986-4A27-8A3F-236D7D13B699}] (...) -- C:\Users\Marta Tasca\Downloads\IntrigueIncRavensFlightNEW.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C5E13AAE-DC9A-458C-AC58-2FD65C619389}] (...) -- C:\Users\Marta Tasca\Downloads\FacesCE.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Java Update] (...) -- C:\Program Files\Java\jre6\bin\jusched.exe (.not file.) [0]
[MD5.C4AF8FF242602D9B88686387A6DAED96] [APT] [VAIO Survey] (...) -- C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe [390448]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [830]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [892]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [896]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1433544187-2707227800-1237913233-1008Core [1050]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1433544187-2707227800-1237913233-1008UA [1102]
O39 - APT: - (..) -- C:\Windows\Tasks\ReclaimerUpdateFiles_Marta Tasca.job [394]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Marta Tasca [394]
O39 - APT: - (..) -- C:\Windows\Tasks\ReclaimerUpdateXML_Marta Tasca.job [390]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\ReclaimerUpdateXML_Marta Tasca [390]
O39 - APT: - (..) -- C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Marta Tasca.job [400]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_Marta Tasca [400]
~ Scheduled Task: 48 Legitimates Filtered in 00mn 08s



---\\ Software instalados (042)
O42 - Logiciel: 888casino - (...) [HKLM][64Bits] -- 888casino
O42 - Logiciel: Anoto penDirector 1.2.0.0 - (.Anoto AB.) [HKLM][64Bits] -- {770E1C5A-8004-4875-BC53-C10142432392}
O42 - Logiciel: BrainsBreaker 5.3.0(003) - (...) [HKLM][64Bits] -- BBrk5_is1
O42 - Logiciel: Casino-On-Net - (...) [HKLM][64Bits] -- Casino-On-Net
O42 - Logiciel: Oasis2Service - (.DDNi.) [HKLM][64Bits] -- {E50FC5DB-7CBD-407D-A46E-0C13E45BC386}
~ Logic: 31 Legitimates Filtered in 00mn 02s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\8.1]
[HKCU\Software\Anoto]
[HKCU\Software\BGroom]
[HKCU\Software\Cenize]
[HKCU\Software\Vagalume]
[HKCU\Software\casino-on-net]
[HKLM\Software\Wow6432Node\Anoto]
[HKLM\Software\Wow6432Node\Cenize]
[HKLM\Software\Wow6432Node\DDNi]
[HKLM\Software\Wow6432Node\MaxPower]
[HKLM\Software\Wow6432Node\MegaJogos]
[HKLM\Software\Wow6432Node\Search Toolbar]
[HKLM\Software\Wow6432Node\ds]
~ Key Software: 396 Legitimates Filtered in 00mn 02s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 15/06/2011 - 00:27:00 - [] ----D C:\Program Files (x86)\Anoto
O43 - CFD: 09/11/2013 - 13:52:18 - [] ----D C:\Program Files (x86)\BrainsBreaker 5
O43 - CFD: 24/10/2011 - 22:35:11 - [] ----D C:\Program Files (x86)\casino-on-net
O43 - CFD: 04/07/2013 - 22:08:27 - [] ----D C:\Program Files (x86)\DDNi
O43 - CFD: 18/06/2011 - 15:36:48 - [] ----D C:\Program Files (x86)\Meu GPS Airis
O43 - CFD: 28/07/2014 - 14:03:00 - [0] ----D C:\Program Files (x86)\PokerStars
O43 - CFD: 24/12/2012 - 17:17:11 - [] ----D C:\Program Files (x86)\Scpad
O43 - CFD: 15/06/2011 - 00:27:01 - [] ----D C:\Program Files (x86)\Common Files\Anoto
O43 - CFD: 15/06/2011 - 00:27:21 - [] ----D C:\ProgramData\Anoto
O43 - CFD: 18/10/2011 - 18:59:30 - [] ----D C:\ProgramData\DDNi
O43 - CFD: 01/08/2014 - 14:00:58 - [] ----D C:\ProgramData\Plugin
O43 - CFD: 29/07/2011 - 14:07:55 - [] ----D C:\ProgramData\RegUse
O43 - CFD: 04/07/2013 - 22:09:50 - [] --H-D C:\ProgramData\{AA28280A-C4CA-4B4F-9DF1-593032D2F3EC}
O43 - CFD: 18/10/2011 - 10:23:02 - [] ----D C:\ProgramData\{F77EE8EF-305B-4394-A018-C1A57D2D66B5}
O43 - CFD: 15/06/2011 - 00:27:30 - [] ----D C:\Users\Marta Tasca\AppData\Roaming\anoto
O43 - CFD: 24/10/2011 - 22:47:20 - [] ----D C:\Users\Marta Tasca\AppData\Roaming\casino-on-net
O43 - CFD: 14/01/2014 - 00:22:50 - [] ----D C:\Users\Marta Tasca\AppData\Roaming\DominiGames
O43 - CFD: 18/08/2012 - 01:23:15 - [] ----D C:\Users\Marta Tasca\AppData\Roaming\InfernalBros
O43 - CFD: 09/11/2013 - 13:52:28 - [] ----D C:\Users\Marta Tasca\AppData\Roaming\JTTSoft
O43 - CFD: 12/07/2011 - 23:32:35 - [] ----D C:\Users\Marta Tasca\AppData\Roaming\Nextel
O43 - CFD: 19/12/2012 - 19:23:06 - [] ----D C:\Users\Marta Tasca\AppData\Roaming\PlayWay
O43 - CFD: 07/08/2011 - 22:05:48 - [] ----D C:\Users\Marta Tasca\AppData\Roaming\sekrbfg
O43 - CFD: 15/08/2011 - 14:50:36 - [] ----D C:\Users\Marta Tasca\AppData\Roaming\Teyon
O43 - CFD: 26/10/2011 - 14:22:06 - [] ----D C:\Users\Marta Tasca\AppData\Local\026999F1-B22C-4BA5-9120-5AB1A864D938.aplzod
O43 - CFD: 04/04/2012 - 22:56:17 - [] ----D C:\Users\Marta Tasca\AppData\Local\Cenize
O43 - CFD: 17/06/2014 - 00:38:32 - [] ----D C:\Users\Marta Tasca\AppData\Local\com
O43 - CFD: 10/08/2011 - 05:23:19 - [] ----D C:\Users\Marta Tasca\AppData\Local\fd
O43 - CFD: 28/07/2014 - 14:02:26 - [0] ----D C:\Users\Marta Tasca\AppData\Local\PokerStars
O43 - CFD: 24/10/2011 - 21:13:33 - [0] ----D C:\Users\Marta Tasca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\888casino
O43 - CFD: 24/10/2011 - 22:35:10 - [0] ----D C:\Users\Marta Tasca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Casino-On-Net
~ Program Folder: 326 Legitimates Filtered in 00mn 03s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.5C0A032AADC3EA0A74718C923159CD64] - 01/08/2014 - 15:06:36 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [18928]
O44 - LFC:[MD5.5C0A032AADC3EA0A74718C923159CD64] - 01/08/2014 - 15:06:36 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [18928]
O44 - LFC:[MD5.3FC0020C04CDDB8E9C822A2022992D0D] - 28/07/2014 - 17:23:55 ---A- . (...) -- C:\Windows\win.ini [601]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 29/07/2014 - 11:31:29 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.65C14AD1DE14233A8E653A0203A953E9] - 29/07/2014 - 12:19:52 ---A- . (...) -- C:\zoek-results.log [63652]
O44 - LFC:[MD5.C39899600C02A800EFCA40C269C385D1] - 29/07/2014 - 13:30:44 ---A- . (...) -- C:\test.xml [165531]
~ Files: 61 Legitimates Filtered in 00mn 17s



---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj [64Bits] - {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj [64Bits] - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ SMSR Keys: 1 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:23/06/2010 - 17:02:59 ---A- . (.REDC - RICOH MS Driver.) -- C:\Windows\System32\Drivers\rimssne64.sys [94208]
O58 - SDL:23/06/2010 - 17:03:07 ---A- . (.REDC - RICOH PCIe SD/MMC Driver.) -- C:\Windows\System32\Drivers\risdsne64.sys [78848]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:13/12/2012 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:08/05/2013 - 09:52:48 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpkm.sys [49536]
O58 - SDL:01/08/2014 - 14:07:26 ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpndisrd.sys [31088]
O58 - SDL:21/11/2013 - 13:56:35 ---A- . (...) -- C:\Windows\SysWOW64\drivers\snpmeny.sys [61440]
O58 - SDL:01/03/2012 - 09:48:45 -SHA- . (...) -- C:\Windows\SysWOW64\KGyGaAvL.sys [2828]
~ Drivers: 78 Legitimates Filtered in 00mn 06s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Marta Tasca\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.52022BCFF95C7931E937A6EF917F6B55] [SPRF][04/01/2012] (...) -- C:\ProgramData\KGyGaAvL.sys [952]
[MD5.D1764CFBB53DA8212A7EFC22F0CE9B73] [SPRF][09/11/2013] (.No owner - {cm:appName} setup.) -- C:\Users\Marta Tasca\Desktop\jigsaw-setup-win-5-3-0-3_ES.exe [11600280]
[MD5.6C033A1EC8317DFF6AC977BF75726BE6] [SPRF][26/04/2011] (.No owner - GbpDist Module.) -- C:\Windows\Downloaded Program Files\gbpdist.dll [119288]
~ Files: 9 Legitimates Filtered in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{7078BD60-EE4B-4B29-BDB6-8FF6BAB48335}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{A4554B88-148B-4481-B915-6A004088D4F7}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 02s



---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.D6FF666912D06A04251DCF726A8AF51B] [WIS][15/06/2014] (.LPT - LPT System Updater Service.) -- C:\Windows\Installer\2bfa4ae.msi [2068480] =>Adware.IncrediBar
~ WIS: 1 Legitimates Filtered in 00mn 08s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASAPI32 =>Adware.NewPlayer
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASMANCS =>Adware.NewPlayer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Anti-phishing Domain Advisor uninstall_RASAPI32 =>Adware.PUP.VisicomAntiPhishing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Anti-phishing Domain Advisor uninstall_RASMANCS =>Adware.PUP.VisicomAntiPhishing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Muvic_RASAPI32 =>Hijacker.SmartBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Muvic_RASMANCS =>Hijacker.SmartBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Webblog uninstall_RASAPI32 =>Adware.Webblog
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Webblog uninstall_RASMANCS =>Adware.Webblog
~ BTK: 417 Legitimates Filtered in 00mn 00s



---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{A795735C-F30D-0140-EE46-0AE4459CB4B4}] (YoutubeAdblocker) =>PUP.Multiplug
~ BCK: 5261 Legitimates Filtered in 00mn 11s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 18/03/2010 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SS - | Demand 06/09/2009 169312 | (AdobeActiveFileMonitor8.0) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
SS - | Demand 28/07/2014 262320 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 01/03/2011 867080 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 18/04/2011 135664 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 18/04/2011 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 15/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 19/07/2010 340240 | (MyWiFiDHCPDNS) . (...) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
SS - | Demand 25/10/2010 101152 | (VcmXmlIfHelper) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
SS - | Demand 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 07/01/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 09/06/2010 952096 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SR - | Auto 19/07/2010 1429776 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SR - | Auto 15/07/2013 409640 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
SR - | Auto 04/03/2010 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Demand 06/02/2014 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 05/01/2007 112152 | (IviRegMgr) . (.InterVideo.) - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
SR - | Auto 28/05/2010 268824 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 11/03/2014 23808 | (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 21/05/2013 144368 | (N360) . (.Symantec Corporation.) - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.5.0.28\ccSvcHst.exe
SR - | Auto 02/07/2013 61440 | (Oasis2Service) . (.Digital Delivery Networks, Inc..) - C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
SR - | Auto 09/11/2005 397312 | (PenRendezvous) . (.Logitech.) - C:\Program Files (x86)\Common Files\Logitech\Pen\Phal\Service\LPhal.exe
SR - | Auto 09/11/2005 397312 | (PenSup) . (.Logitech.) - C:\Program Files (x86)\Common Files\Logitech\Pen\Phal\Service\LPhal.exe
SR - | Auto 24/07/2007 185632 | (PSI_SVC_2) . (.Protexis Inc..) - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
SR - | Auto 19/07/2010 838928 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SR - | Auto 29/01/2011 259192 | (SampleCollector) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
SR - | Auto 05/08/2011 368544 | (scpVista) . (.Banco Bradesco S.A..) - C:\Program Files (x86)\Scpad\scpVista.exe
SR - | Auto 21/06/2010 108400 | (SOHCImp) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
SR - | Auto 18/06/2010 423280 | (SOHDms) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
SR - | Auto 21/06/2010 67952 | (SOHDs) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
SR - | Demand 07/06/2010 304496 | (SpfService) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
SR - | Auto 30/08/2011 2358656 | (TeamViewer6) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
SR - | Auto 18/09/2008 104960 | (uCamMonitor) . (.ArcSoft, Inc..) - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
SR - | Auto 28/05/2010 2320920 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 01/06/2010 217968 | (VAIO Event Service) . (.Sony Corporation.) - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
SR - | Auto 21/06/2010 575856 | (VAIO Power Management) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
SR - | Auto 27/09/2010 864000 | (VCFw) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
SR - | Auto 24/05/2011 655088 | (VcmIAlzMgr) . (.Sony Corporation.) - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
SR - | Auto 09/06/2010 384880 | (VcmINSMgr) . (.Sony Corporation.) - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
SR - | Demand 14/02/2011 44736 | (VCService) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Care\VCService.exe
SR - | Demand 23/09/2011 1429608 | (VUAgent) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 14s



---\\ Scâner Aditional (088)
Database Version : 13026 - (30/07/2014)
Clés trouvées (Keys found) : 13
Valeurs trouvées (Values found) : 5
Dossiers trouvés (Folders found) : 5
Fichiers trouvés (Files found) : 2

[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] =>P2P.BitTorrent^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask
C:\Program Files (x86)\CasinoOnNet =>Spyware.OnlineGames
C:\Program Files (x86)\Casino-On-Net =>Spyware.OnlineGames
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Casino-On-Net =>Spyware.OnlineGames
C:\Users\Marta Tasca\AppData\Roaming\CasinoOnNet =>Spyware.OnlineGames
C:\Users\Marta Tasca\AppData\Roaming\Casino-On-Net =>Spyware.OnlineGames
C:\Windows\Installer\2bfa4ae.msi =>Adware.IncrediBar^
[HKCR\CLSID\{A795735C-F30D-0140-EE46-0AE4459CB4B4}] (YoutubeAdblocker) =>PUP.Multiplug^
~ Additionnel Scan: 434238 Items scanned in 02mn 40s



---\\ Informações complémentaires do módulos
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Internet Explorer, Gestão do Proxy (R5)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Browser Helper Objects do navegador (02)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Barras do Internet Explorer (03))
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Aplicações iniciadas por registo & pastas (04)
~ AMI: 5 Legitimates Filtered in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.AddLyrics
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.AutoKMS
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.IncrediBar
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.SmartBar
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.Webblog
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Multiplug
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.Ask
~ MSI: 7 link(s) detected in 00mn 00s



~ 1148 Legitimates filtered by white list
End of the scan (626 lines in 17mn 33s)(0)

 Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC.
_____________________________________________________________________________________

Desative temporariamente seu antivírus para evitar conflitos.

 Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]
_________________________________________________________________________________________________________

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta juntamente com o log do Zoek que estará em C:\zoek-results.txt

segue relatório, mas parece que abriram algumas abas no meu browser do virus total e mensagens que não consegue acesso... são 3 abas do virustotal e parece-me que em todas não foi encontrado nada, pois a taxa de detecção está em 0/54 nas tres abas. Se eu não responder ao proximo passo, é que só poderei fazer isso novamente na segunda feira, quando volto para o escritório, pois daqui a pouco estarei indo embora, bom final de semana e obrigado até agora.



Zoek.exe v5.0.0.0 Updated 31-07-2014
Tool run by Marta Tasca on 01/08/2014 at 16:49:14,11.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Marta Tasca\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================


C:\zoek-results2014-07-29-151952.log 63652 bytes

==== VirusTotal Scan ======================

C:\Windows\Tasks\ReclaimerUpdateFiles_Marta Tasca.job [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Marta Tasca [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Windows\Tasks\ReclaimerUpdateXML_Marta Tasca.job [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Windows\System32\Tasks\ReclaimerUpdateXML_Marta Tasca [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Marta Tasca.job [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_Marta Tasca [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1159 folders=373 23802877 bytes)

==== EOF on 01/08/2014 at 16:56:46,64 ======================




RELATÓRIO DO ZHPFix



Rapport de ZHPFix 2014.7.27.5 par Nicolas Coolman, Update du 27/07/2014
Fichier d'export Registre :
Run by Marta Tasca at 01/08/2014 17:21:13
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 06s)
Reparação de atalhos do navegador

========== Chaves do Registo ==========
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASAPI32
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Anti-phishing Domain Advisor uninstall_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Anti-phishing Domain Advisor uninstall_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Muvic_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Muvic_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Webblog uninstall_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Webblog uninstall_RASMANCS
ELIMINÉ:* HKCR\CLSID\{A795735C-F30D-0140-EE46-0AE4459CB4B4}
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E

========== Elementos dos dados do Registo ==========
ELIMINÉ AppInit: \Program Files (x86)\GS_X64~1.EN~

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ: C:\Windows\Installer\2bfa4ae.msi
ELIMINÉ Temporários windows (146) (2.967.011 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: Java Update

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
21 : Chaves do Registo
1 : Elementos dos dados do Registo
1 : Pastas
3 : Ficheiros
1 : Tarefa planificada
1 : Restauração Sistema


End of clean in 08mn 28s

========== Caminho do ficheiro do relatório ==========
C:\Users\Marta Tasca\AppData\Roaming\ZHP\ZHPFix[R1].txt - 01/08/2014 17:21:19 [3397]

 Abra novamente o ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Obs : como estou acessando a Internet pelo celular, amanhã te passo o próximo procedimento.

Boa tarde, segue relatório do ZHPDiag


~ Relatório do ZHPDiag v2014.8.6.114 - Nicolas Coolman (06/08/2014)
~ Iniciado por Marta Tasca (07/08/2014 12:28:46)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Endereço do Webforum : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17207
GCIE: Google Chrome v36.0.1985.125 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK

---\\ Softwares de proteçao do sistema
Malwarebytes Anti-Malware versão 2.0.2.1012
Microsoft Security Client v4.5.0216.0
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema
CCleaner v4.02

---\\ Softwares de partilha do PeerToPeer (P2P)
µTorrent v2.2.1 =>P2P.µTorrent

---\\ Monitoramento dos softwares
Adobe Flash Player 14 Plugin
Adobe Reader X
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3758 MB (25% free)
System Restore: Activé (Enable)
System drive C: has 250 GB (43%) free of 582 GB

---\\ Modo de conexão ao sistema
~ Computer Name: MARTA-VAIO
~ User Name: Marta Tasca
~ All Users Names: Marta Tasca, HomeGroupUser$, Guest, boinc_project, boinc_master, Administrator,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Marta Tasca\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Marta Tasca\AppData\Roaming\
~ %Desktop% : C:\Users\Marta Tasca\Desktop\
~ %Favorites% : C:\Users\Marta Tasca\Favorites\
~ %LocalAppData% : C:\Users\Marta Tasca\AppData\Local\
~ %StartMenu% : C:\Users\Marta Tasca\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 250 Go of 582 Go)
E: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 03:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Windows Start-Up Application.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.2EE102DF0EDD8A1EDD3D1E9B99A91BEC] - (.Microsoft Corporation - Internet Extensions for Win32.) (.18/06/2014 - 19:58:27.) -- C:\Windows\System32\wininet.dll [2266112]
[MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Windows Logon Application.) (.04/03/2014 - 06:43:50.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Software Licensing Library.) (.20/11/2010 - 10:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 03:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 06:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 06:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 07:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - i8042 Port Driver.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 06:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - NT File System Driver.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Parallel Port Driver.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 07:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 06:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Volume Shadow Copy Driver.) (.20/11/2010 - 10:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/37327
~ Mes musiques (My Musics) : 1/79373
~ Mes Videos (My Videos) : 1/932
~ Mes Favoris (My Favorites) : 1/116
~ Mes Documents (My Documents) : 2/12075
~ Mon Bureau (My Desktop) : 1/39
~ Menu demarrer (Programs) : 1/34
~ Hidden Files: Scanned in 05mn 16s



---\\ Processos lançados
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.2196]
[MD5.607AA4260DB60270916B871BA99FF8E0] - (.Sony Corporation - No Comment.) -- C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [81264] [PID.4556]
[MD5.2272BFCAA05155C2310A09DE3D92C113] - (.Sony Corporation - VRLPHelper.) -- C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe [183152] [PID.4416]
[MD5.48C3EBD6D5E52AFCB1A0FA9B7F9802FA] - (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720] [PID.5632]
[MD5.25107F58D1B8F60D67D1EE95798C0DE8] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696] [PID.6008]
[MD5.B41D1BDB8673873AB25B7540E9B433F1] - (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe [642664] [PID.5148]
[MD5.CCA9023E3DDBE290D4381344115D99B7] - (.Sony Corporation - No Comment.) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673136] [PID.2624]
[MD5.96A8933D2F6D731E6BA2AC4914513A2B] - (.Sony Corporation - SHTtray.) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [99696] [PID.5780]
[MD5.7D58C9BDF9C0A3955BDCDE7387AD12AC] - (.Macrovision Corporation - InstallShield Update Service Scheduler.) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920] [PID.6048]
[MD5.8FB740D758B14B1BC950CC347C21E461] - (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [32768] [PID.4060]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.5008]
[MD5.B4E6C1B28AF8806008CB654C716ABAFA] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.1732]
[MD5.E0ACF6A07402A8ABF4083BE6470E3653] - (.Anoto AB - Anoto Digital penDirector.) -- C:\Program Files (x86)\Anoto\penDirector\penDirector.exe [700416] [PID.6644]
[MD5.6912D02CC912B980C8C12F9CDADB8763] - (.Evernote Corp., 333 W Evelyn Ave. Mountain - Evernote Clipper.) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe [956416] [PID.6876]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\RunDll32.exe [0] [PID.7044]
[MD5.56625FF37D4E21069D3743A0DA0F4DC9] - (.Anoto AB - LPLS DockingEngine Module.) -- C:\Program Files (x86)\Common Files\Anoto\4.1\DockingEngine.exe [1470464] [PID.7088]
[MD5.CCC250711E6B5F998DC1B7393233A755] - (.Broadcom Corporation. - Bluetooth Headset Skype Proxy.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe [13600] [PID.6824]
[MD5.046C4928FB5D09D3BB3967B79845427E] - (.No owner - CCP.) -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe [22504] [PID.4212]
[MD5.B7F182F0972EA735207AE66C775E77F1] - (.No owner - ThirdPartyAppMgr.) -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe [23552] [PID.7536]
[MD5.20E915CF7C6F5E74E1FB4C8078D7CB83] - (.No owner - PowerManager.) -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe [40952] [PID.7544]
[MD5.F120F63F99343B7D55C0E04285858295] - (...) -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe [184816] [PID.8164]
[MD5.05D8BC3C23ECB752E26DB2153B305562] - (.Sony Corporation - VAIO Personalization Manager.) -- C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe [243056] [PID.4160]
[MD5.C967BDA9397E004842498A25583983A2] - (.Sony Corporation - VAIO Personalization Manager Morphological.) -- C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe [87408] [PID.3972]
[MD5.ED561B00BA0DB6F4A51D711A8720395C] - (.Digital Delivery Networks, Inc. - VAIO Messenger.) -- C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe [1498024] [PID.8732]
[MD5.1C46FC1AB600766B8554580204806E84] - (.Macrovision Corporation - InstallShield Update Service Update Manager.) -- c:\program files (x86)\common files\installshield\updateservice\isuspm.exe [249856] [PID.7952]
[MD5.A05602FCF939A0A051D0CDF8C5CEDA98] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296096] [PID.9340]
[MD5.4D96F6F7508BDF46771262EEEA505F98] - (.Sony of America Corporation - VaioCare Window Listener Application.) -- C:\Program Files\Sony\VAIO Care\listener.exe [81016] [PID.8156]
[MD5.A325C1DDE8913D168905408E89C0BE08] - (.Macrovision Corporation - InstallShield Update Service Agent.) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe [618496] [PID.3896]
[MD5.B43E68B8A022FB00FF54360D408E871B] - (.Google Inc. - Google Chrome.) -- C:\Users\Marta Tasca\AppData\Local\Google\Chrome\Application\chrome.exe [860488] [PID.7928]
[MD5.3706CC0C7A9737CE7166164AC0BFE735] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8087040] [PID.212]
~ Processes Running: Scanned in 00mn 03s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Marta Tasca\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 18 Legitimates Filtered in 00mn 03s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: CompSegIB [64Bits] - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Banco Bradesco S.A. - scpsssh2 Module.) -- C:\Program Files (x86)\Scpad\scpsssh2.dll
O2 - BHO: G-Buster Browser Defense [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O2 - BHO: G-Buster Browser Defense Banco Real [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540007} . (.Banco Real - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbiehabn.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540008} . (.Banco Itaú Unibanco - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbiehUni.dll
~ BHO: 22 Legitimates Filtered in 00mn 02s



---\\ Barras do Internet Explorer (03))
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{47833539-D0C5-4125-9FA8-0819E2EAAC93} Chave orfã
~ Toolbar: Scanned in 00mn 00s



---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\QuickLaunch [Marta Tasca]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 2 Legitimates Filtered in 00mn 13s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [IntelWireless] . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Framework.) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKLM\..\Run: [Windows Mobile Device Center] . (.Microsoft Corporation - Windows Mobile Device Center.) -- C:\Windows\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ISUSPM Startup] . (.Macrovision Corporation - InstallShield Update Service Update Manager.) -- c:\Program Files (x86)\Common Files\InstallShield\UpdateService\isuspm.exe
O4 - HKCU\..\Run: [Elbserver] . (.Sony Corporation - No Comment.) -- C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
O4 - HKCU\..\Run: [VRLPHelper] . (.Sony Corporation - VRLPHelper.) -- C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe
O4 - HKCU\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.exe
O4 - HKCU\..\Run: [MyScript InkRetriever] . (...) -- C:\Program Files (x86)\Vision Objects\MyScript Studio\MyScript_GenericInkRetriever.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen] . (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] . (.Apple Inc. - Apple Photostreams Uploader Executable.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Marta Tasca\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [Adobe Acrobat Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [Acrobat Assistant 8.0] . (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
O4 - HKLM\..\Wow6432Node\Run: [SmartWiHelper] . (.Sony Electronics Corporation - SmartWi Helper.) -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [ISBMgr.exe] . (.Sony Corporation - No Comment.) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Wow6432Node\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Wow6432Node\Run: [SHTtray.exe] . (.Sony Corporation - SHTtray.) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
O4 - HKLM\..\Wow6432Node\Run: [ISUSScheduler] . (.Macrovision Corporation - InstallShield Update Service Scheduler.) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl] . (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe =>.RealNetworks, Inc
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKUS\S-1-5-21-1433544187-2707227800-1237913233-1008\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-1433544187-2707227800-1237913233-1008\..\Run: [ISUSPM Startup] . (.Macrovision Corporation - InstallShield Update Service Update Manager.) -- c:\Program Files (x86)\Common Files\InstallShield\UpdateService\isuspm.exe
O4 - HKUS\S-1-5-21-1433544187-2707227800-1237913233-1008\..\Run: [Elbserver] . (.Sony Corporation - No Comment.) -- C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
O4 - HKUS\S-1-5-21-1433544187-2707227800-1237913233-1008\..\Run: [VRLPHelper] . (.Sony Corporation - VRLPHelper.) -- C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe
O4 - HKUS\S-1-5-21-1433544187-2707227800-1237913233-1008\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.exe
O4 - HKUS\S-1-5-21-1433544187-2707227800-1237913233-1008\..\Run: [MyScript InkRetriever] . (...) -- C:\Program Files (x86)\Vision Objects\MyScript Studio\MyScript_GenericInkRetriever.exe
O4 - HKUS\S-1-5-21-1433544187-2707227800-1237913233-1008\..\Run: [Gadwin PrintScreen] . (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
O4 - HKUS\S-1-5-21-1433544187-2707227800-1237913233-1008\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-1433544187-2707227800-1237913233-1008\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKUS\S-1-5-21-1433544187-2707227800-1237913233-1008\..\Run: [ApplePhotoStreams] . (.Apple Inc. - Apple Photostreams Uploader Executable.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKUS\S-1-5-21-1433544187-2707227800-1237913233-1008\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Marta Tasca\AppData\Local\Google\Update\GoogleUpdate.exe
~ Application: Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.santander.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.santandernet.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.secureweb.com.br
~ IE Zone Confiance: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{172F2F57-9B13-4095-8ADB-7D63B1ADE604}: DhcpNameServer = 189.7.32.15 189.7.32.16
O17 - HKLM\System\CCS\Services\Tcpip\..\{3104D023-7EC6-4901-8295-C7492BCBCE73}: DhcpNameServer = 192.168.88.1 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{172F2F57-9B13-4095-8ADB-7D63B1ADE604}: DhcpNameServer = 189.7.32.15 189.7.32.16
O17 - HKLM\System\CS1\Services\Tcpip\..\{3104D023-7EC6-4901-8295-C7492BCBCE73}: DhcpNameServer = 192.168.88.1 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{172F2F57-9B13-4095-8ADB-7D63B1ADE604}: DhcpNameServer = 189.7.32.15 189.7.32.16
O17 - HKLM\System\CS2\Services\Tcpip\..\{3104D023-7EC6-4901-8295-C7492BCBCE73}: DhcpNameServer = 192.168.88.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.88.1 192.168.0.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
O23 - Service: (Oasis2Service) . (.Digital Delivery Networks, Inc. - Oasis2Service.) - C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
O23 - Service: scpVista (scpVista) . (.Banco Bradesco S.A. - scpVista.) - C:\Program Files (x86)\Scpad\scpVista.exe
~ Services: 29 Legitimates Filtered in 00mn 00s



---\\ Tarefas planificadas automaticamente (039)
[MD5.DE54B81B68132B3716EAF95DBF66A59F] [APT] [DDNi Startup] (.Digital Delivery Networks, Inc..) -- C:\Program Files (x86)\DDNi\Oasis\DDNiStartup.exe [12200]
[MD5.ED561B00BA0DB6F4A51D711A8720395C] [APT] [VAIO© Messenger (Marta Tasca)] (.Digital Delivery Networks, Inc..) -- C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe [1498024]
[MD5.00000000000000000000000000000000] [APT] [Java Update] (...) -- C:\Program Files\Java\jre6\bin\jusched.exe (.not file.) [0]
[MD5.C4AF8FF242602D9B88686387A6DAED96] [APT] [VAIO Survey] (...) -- C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe [390448]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1433544187-2707227800-1237913233-1008Core [1050]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1433544187-2707227800-1237913233-1008UA [1102]
O39 - APT: - (..) -- C:\Windows\Tasks\ReclaimerUpdateFiles_Marta Tasca.job [394]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Marta Tasca [394]
O39 - APT: - (..) -- C:\Windows\Tasks\ReclaimerUpdateXML_Marta Tasca.job [390]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\ReclaimerUpdateXML_Marta Tasca [390]
O39 - APT: - (..) -- C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Marta Tasca.job [400]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_Marta Tasca [400]
~ Scheduled Task: 34 Legitimates Filtered in 00mn 08s



---\\ Software instalados (042)
O42 - Logiciel: 888casino - (...) [HKLM][64Bits] -- 888casino
O42 - Logiciel: Anoto penDirector 1.2.0.0 - (.Anoto AB.) [HKLM][64Bits] -- {770E1C5A-8004-4875-BC53-C10142432392}
O42 - Logiciel: BrainsBreaker 5.3.0(003) - (...) [HKLM][64Bits] -- BBrk5_is1
O42 - Logiciel: Oasis2Service - (.DDNi.) [HKLM][64Bits] -- {E50FC5DB-7CBD-407D-A46E-0C13E45BC386}
~ Logic: 30 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\8.1]
[HKCU\Software\Anoto]
[HKCU\Software\BGroom]
[HKCU\Software\Cenize]
[HKCU\Software\Vagalume]
[HKLM\Software\Wow6432Node\Anoto]
[HKLM\Software\Wow6432Node\Cenize]
[HKLM\Software\Wow6432Node\DDNi]
[HKLM\Software\Wow6432Node\MaxPower]
[HKLM\Software\Wow6432Node\MegaJogos]
[HKLM\Software\Wow6432Node\ds]
~ Key Software: 392 Legitimates Filtered in 00mn 01s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 15/06/2011 - 00:27:00 - [] ----D C:\Program Files (x86)\Anoto
O43 - CFD: 09/11/2013 - 13:52:18 - [] ----D C:\Program Files (x86)\BrainsBreaker 5
O43 - CFD: 04/07/2013 - 22:08:27 - [] ----D C:\Program Files (x86)\DDNi
O43 - CFD: 18/06/2011 - 15:36:48 - [] ----D C:\Program Files (x86)\Meu GPS Airis
O43 - CFD: 28/07/2014 - 14:03:00 - [0] ----D C:\Program Files (x86)\PokerStars
O43 - CFD: 24/12/2012 - 17:17:11 - [] ----D C:\Program Files (x86)\Scpad
O43 - CFD: 15/06/2011 - 00:27:01 - [] ----D C:\Program Files (x86)\Common Files\Anoto
O43 - CFD: 15/06/2011 - 00:27:21 - [] ----D C:\ProgramData\Anoto
O43 - CFD: 18/10/2011 - 18:59:30 - [] ----D C:\ProgramData\DDNi
O43 - CFD: 01/08/2014 - 14:00:58 - [] ----D C:\ProgramData\Plugin
O43 - CFD: 29/07/2011 - 14:07:55 - [] ----D C:\ProgramData\RegUse
O43 - CFD: 04/07/2013 - 22:09:50 - [] --H-D C:\ProgramData\{AA28280A-C4CA-4B4F-9DF1-593032D2F3EC}
O43 - CFD: 18/10/2011 - 10:23:02 - [] ----D C:\ProgramData\{F77EE8EF-305B-4394-A018-C1A57D2D66B5}
O43 - CFD: 15/06/2011 - 00:27:30 - [] ----D C:\Users\Marta Tasca\AppData\Roaming\anoto
O43 - CFD: 14/01/2014 - 00:22:50 - [] ----D C:\Users\Marta Tasca\AppData\Roaming\DominiGames
O43 - CFD: 18/08/2012 - 01:23:15 - [] ----D C:\Users\Marta Tasca\AppData\Roaming\InfernalBros
O43 - CFD: 09/11/2013 - 13:52:28 - [] ----D C:\Users\Marta Tasca\AppData\Roaming\JTTSoft
O43 - CFD: 12/07/2011 - 23:32:35 - [] ----D C:\Users\Marta Tasca\AppData\Roaming\Nextel
O43 - CFD: 19/12/2012 - 19:23:06 - [] ----D C:\Users\Marta Tasca\AppData\Roaming\PlayWay
O43 - CFD: 07/08/2011 - 22:05:48 - [] ----D C:\Users\Marta Tasca\AppData\Roaming\sekrbfg
O43 - CFD: 15/08/2011 - 14:50:36 - [] ----D C:\Users\Marta Tasca\AppData\Roaming\Teyon
O43 - CFD: 26/10/2011 - 14:22:06 - [] ----D C:\Users\Marta Tasca\AppData\Local\026999F1-B22C-4BA5-9120-5AB1A864D938.aplzod
O43 - CFD: 04/04/2012 - 22:56:17 - [] ----D C:\Users\Marta Tasca\AppData\Local\Cenize
O43 - CFD: 17/06/2014 - 00:38:32 - [] ----D C:\Users\Marta Tasca\AppData\Local\com
O43 - CFD: 10/08/2011 - 05:23:19 - [] ----D C:\Users\Marta Tasca\AppData\Local\fd
O43 - CFD: 28/07/2014 - 14:02:26 - [0] ----D C:\Users\Marta Tasca\AppData\Local\PokerStars
O43 - CFD: 24/10/2011 - 21:13:33 - [0] ----D C:\Users\Marta Tasca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\888casino
~ Program Folder: 321 Legitimates Filtered in 00mn 05s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.52E2E06B61E5C5CC40D358C9951AA779] - 01/08/2014 - 16:56:46 ---A- . (...) -- C:\zoek-results.log [1610]
O44 - LFC:[MD5.67E1446D8973B6E355B2F35640EE3DAF] - 07/08/2014 - 12:33:51 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [18928]
O44 - LFC:[MD5.67E1446D8973B6E355B2F35640EE3DAF] - 07/08/2014 - 12:33:51 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [18928]
O44 - LFC:[MD5.3FC0020C04CDDB8E9C822A2022992D0D] - 28/07/2014 - 17:23:55 ---A- . (...) -- C:\Windows\win.ini [601]
O44 - LFC:[MD5.65C14AD1DE14233A8E653A0203A953E9] - 29/07/2014 - 12:19:52 ---A- . (...) -- C:\zoek-results2014-07-29-151952.log [63652]
O44 - LFC:[MD5.C39899600C02A800EFCA40C269C385D1] - 29/07/2014 - 13:30:44 ---A- . (...) -- C:\test.xml [165531]
~ Files: 61 Legitimates Filtered in 00mn 12s



---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj [64Bits] - {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj [64Bits] - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ SMSR Keys: 1 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:23/06/2010 - 17:02:59 ---A- . (.REDC - RICOH MS Driver.) -- C:\Windows\System32\Drivers\rimssne64.sys [94208]
O58 - SDL:23/06/2010 - 17:03:07 ---A- . (.REDC - RICOH PCIe SD/MMC Driver.) -- C:\Windows\System32\Drivers\risdsne64.sys [78848]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:13/12/2012 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:08/05/2013 - 09:52:48 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpkm.sys [49536]
O58 - SDL:01/08/2014 - 14:07:26 ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpndisrd.sys [31088]
O58 - SDL:21/11/2013 - 13:56:35 ---A- . (...) -- C:\Windows\SysWOW64\drivers\snpmeny.sys [61440]
O58 - SDL:01/03/2012 - 09:48:45 -SHA- . (...) -- C:\Windows\SysWOW64\KGyGaAvL.sys [2828]
~ Drivers: 78 Legitimates Filtered in 00mn 15s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Marta Tasca\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.52022BCFF95C7931E937A6EF917F6B55] [SPRF][04/01/2012] (...) -- C:\ProgramData\KGyGaAvL.sys [952]
[MD5.D1764CFBB53DA8212A7EFC22F0CE9B73] [SPRF][09/11/2013] (.No owner - {cm:appName} setup.) -- C:\Users\Marta Tasca\Desktop\jigsaw-setup-win-5-3-0-3_ES.exe [11600280]
[MD5.6C033A1EC8317DFF6AC977BF75726BE6] [SPRF][26/04/2011] (.No owner - GbpDist Module.) -- C:\Windows\Downloaded Program Files\gbpdist.dll [119288]
~ Files: 9 Legitimates Filtered in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{7078BD60-EE4B-4B29-BDB6-8FF6BAB48335}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{A4554B88-148B-4481-B915-6A004088D4F7}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 02s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASMANCS =>P2P.µTorrent
~ BTK: 409 Legitimates Filtered in 00mn 01s



---\\ Scâner Aditional (088)
Database Version : 13026 - (06/08/2014)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] =>P2P.BitTorrent^
~ Additionnel Scan: 433234 Items scanned in 01mn 45s



---\\ Informações complémentaires do módulos
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Internet Explorer, Gestão do Proxy (R5)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Browser Helper Objects do navegador (02)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Barras do Internet Explorer (03))
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Aplicações iniciadas por registo & pastas (04)
~ AMI: 5 Legitimates Filtered in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
~ MSI: 0 link(s) detected in 00mn 00s



~ 1126 Legitimates filtered by white list
End of the scan (498 lines in 09mn 15s)(0)