meu pc ta muito detonado cheio de virus

olha ai
usei o hijackthis como vi indicado no forum

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:00:46, on 06/05/2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\PROGRA~1\GbPlugin\GbpSv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\ProgramData\eSafe\eGdpSvc.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\DllHost.exe
C:\ProgramData\netm.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Users\Patrícia\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\StikyNot.exe
C:\Users\Patrícia\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\USB Video Camera\Monitor.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\MultiDesktop Manager\MegaScale MultiDesktop Manager.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
D:\Hijack\HiJackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll
R3 - URLSearchHook: (no name) - {e84cc2c1-b722-48fc-a39c-edb8b525c777} - (no file)
R3 - URLSearchHook: (no name) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Patrícia\AppData\Roaming\Complitly\Complitly.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: DealPly Shopping - {4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7} - C:\Program Files\DealPly\DealPlyIE.dll
O2 - BHO: TBSB01620 - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files\IMinent Toolbar\tbcore3.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: IEExtension.VDownloaderBHO - {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dll (file missing)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll (file missing)
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files\GbPlugin\gbiehcef.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll (file missing)
O3 - Toolbar: (no name) - !{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [VDownloader] C:\Program Files\VDownloader\VDownloader.exe /silent
O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Finder] C:\ProgramData\netm.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Patrícia\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - Startup: MultiDesktop Manager.lnk = C:\Program Files\MultiDesktop Manager\MegaScale MultiDesktop Manager.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Monitor.lnk = C:\Program Files\USB Video Camera\Monitor.exe
O4 - Global Startup: Software Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O15 - Trusted Zone: imagem.caixa.gov.br
O15 - Trusted Zone: internetbanking.caixa.gov.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {5C1B293E-DA77-4AFF-8B52-63DEF8C8A071} (NetmarbleAutoUpdater Class) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {8768D5EA-5412-4810-A032-09AD2A726C69} (DownStarter2 Control) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} (Kdfense8 Control) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O20 - Winlogon Notify: GbPluginCef - C:\Program Files\GbPlugin\gbiehCef.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Desk 365 service (desksvc) - Unknown owner - C:\Program Files\Desk 365\deskSvc.exe (file missing)
O23 - Service: eSafe Service (eSafeSvc) - eSafe Security Co., Ltd. - C:\ProgramData\eSafe\eGdpSvc.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe
O23 - Service: TipCtrl - Unknown owner - C:\Program Files\uTIPu\TipCtrl.exe (file missing)

--
End of file - 13991 bytes

Olá Durval!

Faça uma limpeza de seu PC seguindo as dicas do [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

|- Ao concluir, poste o relatório que estará em C:\AdwCleaner[S1].txt juntamente com um novo log do Hijackthis e nos diga como está seu PC depois deste procedimento. Ficamos na espera.

Ate agora párece qe deu certo
o relatorio do AdwCleaner
# AdwCleaner v2.300 - Relatório criado em 09/05/2013 às 07:59:21
# Atualizado em 28/04/2013 por Xplode
# Sistema Operacional : Windows 7 Ultimate (32 bits)
# Usuário : Patrícia - PATRÍCIA-PC
# Modo de Boot : Normal
# Executado de : C:\Users\Patrícia\Downloads\adwcleaner.exe
# Opção [Remover]


***** [Serviços] *****

Encerrado & Removido : Application Updater
Encerrado & Removido : desksvc
Encerrado & Removido : eSafeSvc

***** [Arquivos/Pastas] *****

Arquivo Désinfected : C:\Users\Patrícia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Arquivo Désinfected : C:\Users\Patrícia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Arquivo Désinfected : C:\Users\Patrícia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Arquivo Désinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Arquivo Removido : C:\Program Files\Mozilla Firefox\searchplugins\22find.xml
Arquivo Removido : C:\Program Files\Mozilla FireFox\searchplugins\qvo6.xml
Arquivo Removido : C:\Users\PATRCI~1\AppData\Local\Temp\Uninstall.exe
Arquivo Removido : C:\Users\Patrícia\AppData\Roaming\Mozilla\Firefox\Profiles\hzd9vj7x.default\searchplugins\SearchResults.xml
Pasta Removido : C:\Program Files\Application Updater
Pasta Removido : C:\Program Files\Common Files\337
Pasta Removido : C:\Program Files\Complitly
Pasta Removido : C:\Program Files\DealPly
Pasta Removido : C:\Program Files\Desk 365
Pasta Removido : C:\Program Files\Search Settings
Pasta Removido : C:\ProgramData\boost_interprocess
Pasta Removido : C:\ProgramData\eSafe
Pasta Removido : C:\ProgramData\Tarma Installer
Pasta Removido : C:\Users\PATRCI~1\AppData\Local\Temp\Desk365
Pasta Removido : C:\Users\Patrícia\AppData\Local\AskToolbar
Pasta Removido : C:\Users\Patrícia\AppData\Local\Conduit
Pasta Removido : C:\Users\Patrícia\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda
Pasta Removido : C:\Users\Patrícia\AppData\Local\lollipop
Pasta Removido : C:\Users\Patrícia\AppData\Local\PackageAware
Pasta Removido : C:\Users\Patrícia\AppData\LocalLow\Conduit
Pasta Removido : C:\Users\Patrícia\AppData\LocalLow\PriceGong
Pasta Removido : C:\Users\Patrícia\AppData\LocalLow\Search Settings
Pasta Removido : C:\Users\Patrícia\AppData\LocalLow\searchquband
Pasta Removido : C:\Users\Patrícia\AppData\LocalLow\Toolbar4
Pasta Removido : C:\Users\Patrícia\AppData\Roaming\Complitly
Pasta Removido : C:\Users\Patrícia\AppData\Roaming\DealPly
Pasta Removido : C:\Users\Patrícia\AppData\Roaming\Desk 365
Pasta Removido : C:\Users\Patrícia\AppData\Roaming\eIntaller
Pasta Removido : C:\Users\Patrícia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Pasta Removido : C:\Users\Patrícia\AppData\Roaming\Mozilla\Firefox\Profiles\hzd9vj7x.default\Conduit
Pasta Removido : C:\Users\Patrícia\AppData\Roaming\Mozilla\Firefox\Profiles\hzd9vj7x.default\ConduitCommon
Pasta Removido : C:\Users\Patrícia\AppData\Roaming\Mozilla\Firefox\Profiles\hzd9vj7x.default\ConduitEngine
Pasta Removido : C:\Users\Patrícia\AppData\Roaming\Mozilla\Firefox\Profiles\hzd9vj7x.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
Pasta Removido : C:\Users\Patrícia\AppData\Roaming\Mozilla\Firefox\Profiles\hzd9vj7x.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
Pasta Removido : C:\Users\Patrícia\AppData\Roaming\OpenCandy

***** [Registro] *****

Chave Removida : HKCU\Software\AppDataLow\Software\PriceGong
Chave Removida : HKCU\Software\AppDataLow\Software\searchqutoolbar
Chave Removida : HKCU\Software\Complitly
Chave Removida : HKCU\Software\DataMngr
Chave Removida : HKCU\Software\DealPly
Chave Removida : HKCU\Software\lollipop
Chave Removida : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings
Chave Removida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Removida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Chave Removida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E84CC2C1-B722-48FC-A39C-EDB8B525C777}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\lollipop
Chave Removida : HKCU\Software\Softonic
Chave Removida : HKLM\Software\Application Updater
Chave Removida : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Chave Removida : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Chave Removida : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Chave Removida : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Chave Removida : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Chave Removida : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Chave Removida : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Chave Removida : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Chave Removida : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Chave Removida : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Chave Removida : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Chave Removida : HKLM\SOFTWARE\Classes\Conduit.Engine
Chave Removida : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Chave Removida : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Chave Removida : HKLM\SOFTWARE\Classes\Prod.cap
Chave Removida : HKLM\SOFTWARE\Classes\SearchSettings.BHO
Chave Removida : HKLM\SOFTWARE\Classes\SearchSettings.BHO.1
Chave Removida : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Chave Removida : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Chave Removida : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Chave Removida : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Chave Removida : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Chave Removida : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Chave Removida : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Chave Removida : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Chave Removida : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Chave Removida : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Chave Removida : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Chave Removida : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Chave Removida : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Chave Removida : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Chave Removida : HKLM\SOFTWARE\Classes\TBSB01620.IEToolbar
Chave Removida : HKLM\SOFTWARE\Classes\TBSB01620.IEToolbar.1
Chave Removida : HKLM\SOFTWARE\Classes\TBSB01620.TBSB01620
Chave Removida : HKLM\SOFTWARE\Classes\TBSB01620.TBSB01620.3
Chave Removida : HKLM\SOFTWARE\Classes\Toolbar.CT2304157
Chave Removida : HKLM\SOFTWARE\Classes\Toolbar.CT2720081
Chave Removida : HKLM\SOFTWARE\Classes\Toolbar.CT2903601
Chave Removida : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Chave Removida : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Chave Removida : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Chave Removida : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Chave Removida : HKLM\SOFTWARE\Classes\Toolbar3.TBSB01620
Chave Removida : HKLM\SOFTWARE\Classes\Toolbar3.TBSB01620.1
Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Chave Removida : HKLM\Software\Conduit
Chave Removida : HKLM\Software\DealPly
Chave Removida : HKLM\Software\Desksvc
Chave Removida : HKLM\Software\eSafeSecControl
Chave Removida : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Chave Removida : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Chave Removida : HKLM\Software\Iminent
Chave Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Chave Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Chave Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASAPI32
Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASMANCS
Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7}
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F05C28D-DEA9-4AD6-A73A-064175988EAB}
Chave Removida : HKLM\Software\qvo6Software
Chave Removida : HKLM\Software\Search Settings
Chave Removida : HKLM\Software\SimplyGen
Chave Removida : HKLM\Software\Tarma Installer
Chave Removida : HKLM\Software\V9
Dados Removida : HKLM\...\StartMenuInternet\FIREFOX.EXE [(Default)] = C:\Program Files\Mozilla Firefox\firefox.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Dados Removida : HKLM\...\StartMenuInternet\IEXPLORE.EXE [(Default)] = C:\Program Files\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Valor Removida : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valor Removida : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E84CC2C1-B722-48FC-A39C-EDB8B525C777}]
Valor Removida : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
Valor Removida : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{E84CC2C1-B722-48FC-A39C-EDB8B525C777}]
Valor Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
Valor Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valor Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [Navegadores] *****

-\\ Internet Explorer v8.0.7600.16700

Substituído : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] --> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Substituído : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] --> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Substituído : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Default_Page_URL] = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] --> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Substituído : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] --> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

-\\ Mozilla Firefox v20.0.1 (pt-BR)

Arquivo : C:\Users\Patrícia\AppData\Roaming\Mozilla\Firefox\Profiles\hzd9vj7x.default\prefs.js

Removida : user_pref("CT2720081..clientLogIsEnabled", false);
Removida : user_pref("CT2720081..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Removida : user_pref("CT2720081..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Removida : user_pref("CT2720081.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Removida : user_pref("CT2720081.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Removida : user_pref("CT2720081.AppTrackingLastCheckTime", "Sun Jul 17 2011 17:40:57 GMT-0300 (Hora oficial do [...]
Removida : user_pref("CT2720081.CTID", "CT2720081");
Removida : user_pref("CT2720081.CurrentServerDate", "16-7-2012");
Removida : user_pref("CT2720081.DialogsAlignMode", "LTR");
Removida : user_pref("CT2720081.DialogsGetterLastCheckTime", "Sun Jul 15 2012 09:58:27 GMT-0300 (Hora oficial d[...]
Removida : user_pref("CT2720081.DownloadReferralCookieData", "");
Removida : user_pref("CT2720081.EMailNotifierPollDate", "Fri Jul 15 2011 11:24:59 GMT-0300 (Hora oficial do Bra[...]
Removida : user_pref("CT2720081.FeedLastCount129248891425073064", 200);
Removida : user_pref("CT2720081.FeedPollDate129225116238185771", "Fri Jul 15 2011 10:55:00 GMT-0300 (Hora ofici[...]
Removida : user_pref("CT2720081.FeedPollDate129225147492879732", "Fri Jul 15 2011 10:55:00 GMT-0300 (Hora ofici[...]
Removida : user_pref("CT2720081.FeedPollDate129245643951202078", "Fri Jul 15 2011 10:55:00 GMT-0300 (Hora ofici[...]
Removida : user_pref("CT2720081.FeedPollDate129245643951202084", "Fri Jul 15 2011 10:55:00 GMT-0300 (Hora ofici[...]
Removida : user_pref("CT2720081.FeedTTL129225116238185771", 40);
Removida : user_pref("CT2720081.FeedTTL129225147492879732", 40);
Removida : user_pref("CT2720081.FeedTTL129245643951202078", 40);
Removida : user_pref("CT2720081.FeedTTL129245643951202084", 40);
Removida : user_pref("CT2720081.FirstServerDate", "18-10-2010");
Removida : user_pref("CT2720081.FirstTime", true);
Removida : user_pref("CT2720081.FirstTimeFF3", true);
Removida : user_pref("CT2720081.FirstTimeSettingsDone", true);
Removida : user_pref("CT2720081.FixPageNotFoundErrors", true);
Removida : user_pref("CT2720081.GroupingServerCheckInterval", 1440);
Removida : user_pref("CT2720081.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Removida : user_pref("CT2720081.HasUserGlobalKeys", true);
Removida : user_pref("CT2720081.HomePageProtectorEnabled", false);
Removida : user_pref("CT2720081.Initialize", true);
Removida : user_pref("CT2720081.InitializeCommonPrefs", true);
Removida : user_pref("CT2720081.InstallationAndCookieDataSentCount", 3);
Removida : user_pref("CT2720081.InstallationType", "UnknownIntegration");
Removida : user_pref("CT2720081.InstalledDate", "Mon Oct 18 2010 17:40:03 GMT-0200");
Removida : user_pref("CT2720081.InvalidateCache", false);
Removida : user_pref("CT2720081.IsAlertDBUpdated", true);
Removida : user_pref("CT2720081.IsGrouping", false);
Removida : user_pref("CT2720081.IsMulticommunity", false);
Removida : user_pref("CT2720081.IsOpenThankYouPage", false);
Removida : user_pref("CT2720081.IsOpenUninstallPage", true);
Removida : user_pref("CT2720081.LanguagePackLastCheckTime", "Mon Jul 16 2012 00:08:13 GMT-0300 (Hora oficial do[...]
Removida : user_pref("CT2720081.LanguagePackReloadIntervalMM", 1440);
Removida : user_pref("CT2720081.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Removida : user_pref("CT2720081.LastLogin_2.7.2.0", "Mon Oct 18 2010 17:40:04 GMT-0200");
Removida : user_pref("CT2720081.LastLogin_3.12.2.3", "Sun Jun 10 2012 08:49:16 GMT-0300 (Hora oficial do Brasil[...]
Removida : user_pref("CT2720081.LastLogin_3.13.0.6", "Sun Jul 15 2012 22:31:53 GMT-0300 (Hora oficial do Brasil[...]
Removida : user_pref("CT2720081.LastLogin_3.5.0.12", "Sun Jul 17 2011 17:40:45 GMT-0300 (Hora oficial do Brasil[...]
Removida : user_pref("CT2720081.LastLogin_3.6.0.10", "Wed Sep 07 2011 15:21:13 GMT-0300 (Hora oficial do Brasil[...]
Removida : user_pref("CT2720081.LatestVersion", "3.13.0.6");
Removida : user_pref("CT2720081.Locale", "en");
Removida : user_pref("CT2720081.LoginCache", 4);
Removida : user_pref("CT2720081.MCDetectTooltipHeight", "83");
Removida : user_pref("CT2720081.MCDetectTooltipShow", false);
Removida : user_pref("CT2720081.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Removida : user_pref("CT2720081.MCDetectTooltipWidth", "295");
Removida : user_pref("CT2720081.MyStuffEnabledAtInstallation", true);
Removida : user_pref("CT2720081.RadioIsPodcast", false);
Removida : user_pref("CT2720081.RadioLastCheckTime", "Thu Jul 14 2011 21:46:00 GMT-0300 (Hora oficial do Brasil[...]
Removida : user_pref("CT2720081.RadioLastUpdateIPServer", "3");
Removida : user_pref("CT2720081.RadioLastUpdateServer", "129248947734170000");
Removida : user_pref("CT2720081.RadioMediaID", "21079850");
Removida : user_pref("CT2720081.RadioMediaType", "Media Player");
Removida : user_pref("CT2720081.RadioMenuSelectedID", "EBRadioMenu_CT272008121079850");
Removida : user_pref("CT2720081.RadioShrinkedFromSetup", false);
Removida : user_pref("CT2720081.RadioStationName", "AHL%20-%20Grand%20Rapids%20Griffins");
Removida : user_pref("CT2720081.RadioStationURL", "hxxp://cdncon.wm.llnwd.net/cdncon_neulion1_ahl_griffins?eid=[...]
Removida : user_pref("CT2720081.RadioVolume", "0");
Removida : user_pref("CT2720081.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Removida : user_pref("CT2720081.SearchEngineBeforeUnload", "Google");
Removida : user_pref("CT2720081.SearchFromAddressBarIsInit", true);
Removida : user_pref("CT2720081.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT272[...]
Removida : user_pref("CT2720081.SearchInNewTabEnabled", true);
Removida : user_pref("CT2720081.SearchInNewTabIntervalMM", 1440);
Removida : user_pref("CT2720081.SearchInNewTabLastCheckTime", "Mon Jul 16 2012 00:08:12 GMT-0300 (Hora oficial [...]
Removida : user_pref("CT2720081.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Removida : user_pref("CT2720081.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Removida : user_pref("CT2720081.SearchInNewTabUserEnabled", false);
Removida : user_pref("CT2720081.SearchProtectorEnabled", false);
Removida : user_pref("CT2720081.SearchProtectorToolbarDisabled", false);
Removida : user_pref("CT2720081.ServiceMapLastCheckTime", "Mon Jul 16 2012 00:08:14 GMT-0300 (Hora oficial do B[...]
Removida : user_pref("CT2720081.SettingsCheckIntervalMin", 120);
Removida : user_pref("CT2720081.SettingsLastCheckTime", "Sun Jul 15 2012 21:59:14 GMT-0300 (Hora oficial do Bra[...]
Removida : user_pref("CT2720081.SettingsLastUpdate", "1339415225");
Removida : user_pref("CT2720081.ThirdPartyComponentsInterval", 504);
Removida : user_pref("CT2720081.ThirdPartyComponentsLastCheck", "Tue Aug 23 2011 21:50:33 GMT-0300 (Hora oficia[...]
Removida : user_pref("CT2720081.ThirdPartyComponentsLastUpdate", "1246790578");
Removida : user_pref("CT2720081.ToolbarShrinkedFromSetup", false);
Removida : user_pref("CT2720081.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2720081");
Removida : user_pref("CT2720081.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Removida : user_pref("CT2720081.UserID", "UN41794546744088793");
Removida : user_pref("CT2720081.ValidationData_Toolbar", 2);
Removida : user_pref("CT2720081.WeatherNetwork", "");
Removida : user_pref("CT2720081.WeatherPollDate", "Fri Jul 15 2011 11:15:03 GMT-0300 (Hora oficial do Brasil)")[...]
Removida : user_pref("CT2720081.WeatherUnit", "C");
Removida : user_pref("CT2720081.alertChannelId", "1112366");
Removida : user_pref("CT2720081.approveUntrustedApps", false);
Removida : user_pref("CT2720081.backendstorage.ct2720081ads1", "25374225323261647325323225334125354225374225323[...]
Removida : user_pref("CT2720081.backendstorage.ct2720081current_term", "");
Removida : user_pref("CT2720081.backendstorage.ct2720081sdate", "3135");
Removida : user_pref("CT2720081.backendstorage.hxxp://api16_thetrafficstat_net.pid2", "383566653963623762623736[...]
Removida : user_pref("CT2720081.backendstorage.hxxp://api18_thetrafficstat_net.pid2", "383566653963623762623736[...]
Removida : user_pref("CT2720081.backendstorage.hxxp://api19_thetrafficstat_net.pid2", "383566653963623762623736[...]
Removida : user_pref("CT2720081.backendstorage.hxxp://api20_thetrafficstat_net.pid2", "383566653963623762623736[...]
Removida : user_pref("CT2720081.backendstorage.hxxp://api21_thetrafficstat_net.pid2", "383566653963623762623736[...]
Removida : user_pref("CT2720081.clientLogIsEnabled", true);
Removida : user_pref("CT2720081.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Removida : user_pref("CT2720081.components.1000034", false);
Removida : user_pref("CT2720081.components.1000082", false);
Removida : user_pref("CT2720081.components.1000234", false);
Removida : user_pref("CT2720081.components.129248875812655100", false);
Removida : user_pref("CT2720081.components.129248877724530829", false);
Removida : user_pref("CT2720081.components.129248890913197855", false);
Removida : user_pref("CT2720081.components.129248891425073064", false);
Removida : user_pref("CT2720081.components.129248891798510728", false);
Removida : user_pref("CT2720081.components.129248892232416767", false);
Removida : user_pref("CT2720081.components.129319739420043910", false);
Removida : user_pref("CT2720081.components.129326609897400864", false);
Removida : user_pref("CT2720081.components.4221156542888680494", false);
Removida : user_pref("CT2720081.components.5325145384281180184", false);
Removida : user_pref("CT2720081.components.5611289133187350459", false);
Removida : user_pref("CT2720081.components.5839507107235391905", false);
Removida : user_pref("CT2720081.components.6848626366586256370", false);
Removida : user_pref("CT2720081.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Removida : user_pref("CT2720081.globalFirstTimeInfoLastCheckTime", "Wed Sep 07 2011 15:21:13 GMT-0300 (Hora ofi[...]
Removida : user_pref("CT2720081.homepageProtectorEnableByLogin", true);
Removida : user_pref("CT2720081.initDone", true);
Removida : user_pref("CT2720081.isAppTrackingManagerOn", true);
Removida : user_pref("CT2720081.isFirstRadioInstallation", false);
Removida : user_pref("CT2720081.myStuffEnabled", true);
Removida : user_pref("CT2720081.myStuffPublihserMinWidth", 400);
Removida : user_pref("CT2720081.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Removida : user_pref("CT2720081.myStuffServiceIntervalMM", 1440);
Removida : user_pref("CT2720081.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Removida : user_pref("CT2720081.oldAppsList", "129246060025636489,129246060025636490,111,4221156542888680494,12[...]
Removida : user_pref("CT2720081.revertSettingsEnabled", false);
Removida : user_pref("CT2720081.searchProtectorDialogDelayInSec", 10);
Removida : user_pref("CT2720081.searchProtectorEnableByLogin", true);
Removida : user_pref("CT2720081.testingCtid", "");
Removida : user_pref("CT2720081.toolbarAppMetaDataLastCheckTime", "Mon Jul 16 2012 00:08:14 GMT-0300 (Hora ofic[...]
Removida : user_pref("CT2720081.toolbarContextMenuLastCheckTime", "Wed Sep 07 2011 15:21:13 GMT-0300 (Hora ofic[...]
Removida : user_pref("CT2720081.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Removida : user_pref("CT2720081.usagesFlag", 2);
Removida : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2720081/CT2720081[...]
Removida : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1112366/1108070/BR", "\"0\"[...]
Removida : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/BR", "\"0\"")[...]
Removida : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2720081", [...]
Removida : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Removida : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Removida : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Removida : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Removida : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Removida : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Removida : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Removida : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Removida : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Removida : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Removida : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2720081",[...]
Removida : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Removida : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/20[...]
Removida : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/17/20[...]
Removida : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2720081&octid=[...]
Removida : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2720081/CT2720081[...]
Removida : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/equaliz[...]
Removida : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/minimiz[...]
Removida : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/play.gi[...]
Removida : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/stop.gi[...]
Removida : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/vol.gif[...]
Removida : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"21b[...]
Removida : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/14293310.xml", "\"97f6173d6f0e495ec36[...]
Removida : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/2557521.xml", "\"81e8152a3d42e5c317eb[...]
Removida : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/428333.xml", "\"680292de581fcf431c281[...]
Removida : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/807095.xml", "\"a12a34d9aec95f941231c[...]
Removida : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Removida : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Removida : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Removida : user_pref("CommunityToolbar.IsEngineShown", true);
Removida : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Removida : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Patr?cia\\AppData\\Roaming\\Mozilla[...]
Removida : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.6.0.10");
Removida : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Removida : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Removida : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Removida : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.babylon.com/?babsrc=adbart[...]
Removida : user_pref("CommunityToolbar.ToolbarsList", "CT2720081,ConduitEngine");
Removida : user_pref("CommunityToolbar.ToolbarsList2", "CT2720081");
Removida : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Tue May 24 2011 15:29:24 GMT-03[...]
Removida : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Removida : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun Jul 17 2011 17:40:51 GMT-0300 (Hora [...]
Removida : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Removida : user_pref("CommunityToolbar.alert.locale", "en");
Removida : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Removida : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Jul 17 2011 17:40:43 GMT-0300 (Hora ofic[...]
Removida : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Removida : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Removida : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Removida : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Removida : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Removida : user_pref("CommunityToolbar.alert.userId", "{6f69184c-f177-472b-b231-9fac31c135fe}");
Removida : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Jul 14 2011 21:46:00 GMT-0300 (Hor[...]
Removida : user_pref("CommunityToolbar.globalUserId", "17d120f9-2d36-4b0d-afdd-c60d2735af1a");
Removida : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Removida : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Removida : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Sep 07 2011 15:21:1[...]
Removida : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Removida : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Sep 07 2011 15:21:21 GMT-030[...]
Removida : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Removida : user_pref("CommunityToolbar.notifications.locale", "en");
Removida : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Removida : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Sep 07 2011 15:21:13 GMT-0300 (H[...]
Removida : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Removida : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Removida : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Removida : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Removida : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Removida : user_pref("CommunityToolbar.notifications.userId", "9b0c93db-f25d-42c8-a329-e358c615dbe3");
Removida : user_pref("CommunityToolbar.twitter.user_14293310.LastCheckTime", "Fri Jul 15 2011 16:15:04 GMT-0300[...]
Removida : user_pref("CommunityToolbar.twitter.user_2557521.LastCheckTime", "Fri Jul 15 2011 16:15:04 GMT-0300 [...]
Removida : user_pref("CommunityToolbar.twitter.user_428333.LastCheckTime", "Fri Jul 15 2011 16:15:04 GMT-0300 ([...]
Removida : user_pref("CommunityToolbar.twitter.user_807095.LastCheckTime", "Fri Jul 15 2011 16:15:04 GMT-0300 ([...]
Removida : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Sun Jul 17 2011 17:40:57 GMT-0300 (Hora oficial[...]
Removida : user_pref("ConduitEngine.CTID", "ConduitEngine");
Removida : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Thu Jul 14 2011 21:46:06 GMT-0300 (Hora ofici[...]
Removida : user_pref("ConduitEngine.FirstServerDate", "02/16/2011 19");
Removida : user_pref("ConduitEngine.FirstTime", true);
Removida : user_pref("ConduitEngine.FirstTimeFF3", true);
Removida : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Removida : user_pref("ConduitEngine.Initialize", true);
Removida : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Removida : user_pref("ConduitEngine.InstalledDate", "Wed Feb 16 2011 14:12:18 GMT-0200");
Removida : user_pref("ConduitEngine.IsMulticommunity", false);
Removida : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Removida : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Removida : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sun Jul 17 2011 17:40:44 GMT-0300 (Hora oficia[...]
Removida : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Sat Apr 16 2011 22:14:07 GMT-0300 (Hora oficial do Bra[...]
Removida : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Sun Jul 17 2011 17:40:45 GMT-0300 (Hora oficial do Bra[...]
Removida : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Removida : user_pref("ConduitEngine.SettingsLastCheckTime", "Sun Jul 17 2011 17:40:44 GMT-0300 (Hora oficial do[...]
Removida : user_pref("ConduitEngine.UserID", "UN21481200709968884");
Removida : user_pref("ConduitEngine.componentAlertEnabled", true);
Removida : user_pref("ConduitEngine.engineLocale", "pt-BR");
Removida : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sun Jul 17 2011 17:40:44 GMT-0300 (Hora [...]
Removida : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sun Jul 17 2011 17:40:44 GMT-0300 (Hora[...]
Removida : user_pref("ConduitEngine.initDone", true);
Removida : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Removida : user_pref("ConduitEngine.usagesFlag", 2);
Removida : user_pref("browser.babylon.HPOnNewTab", "1");
Removida : user_pref("browser.search.defaultenginename", "qvo6");
Removida : user_pref("browser.search.defaulturl", "hxxp://search.babylon.com/web/{searchTerms}?babsrc=browserse[...]
Removida : user_pref("browser.search.order.1", "qvo6");
Removida : user_pref("extensions.engine@conduit.com.install-event-fired", true);
Removida : user_pref("keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&q=");

-\\ Google Chrome v [Impossível ler a versão]

Arquivo : C:\Users\Patrícia\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Arquivo está limpo.

*************************

AdwCleaner[R1].txt - [46006 octets] - [09/05/2013 07:59:02]
AdwCleaner[S1].txt - [43139 octets] - [09/05/2013 07:59:21]

########## EOF - C:\AdwCleaner[S1].txt - [43200 octets] ##########

e o do hijackthis

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 08:06:16, on 09/05/2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\PROGRA~1\GbPlugin\GbpSv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\ProgramData\netm.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Users\Patrícia\AppData\Local\Akamai\netsession_win.exe
C:\Windows\System32\StikyNot.exe
C:\Users\Patrícia\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\USB Video Camera\Monitor.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\MultiDesktop Manager\MegaScale MultiDesktop Manager.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\msiexec.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\wmiprvse.exe
D:\Programas para proteção do pc e escaneamento\HiJackThis.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: IEExtension.VDownloaderBHO - {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dll (file missing)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files\GbPlugin\gbiehcef.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - !{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [VDownloader] C:\Program Files\VDownloader\VDownloader.exe /silent
O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Finder] C:\ProgramData\netm.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Patrícia\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - Startup: MultiDesktop Manager.lnk = C:\Program Files\MultiDesktop Manager\MegaScale MultiDesktop Manager.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Monitor.lnk = C:\Program Files\USB Video Camera\Monitor.exe
O4 - Global Startup: Software Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O15 - Trusted Zone: imagem.caixa.gov.br
O15 - Trusted Zone: internetbanking.caixa.gov.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {5C1B293E-DA77-4AFF-8B52-63DEF8C8A071} (NetmarbleAutoUpdater Class) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {8768D5EA-5412-4810-A032-09AD2A726C69} (DownStarter2 Control) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} (Kdfense8 Control) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O20 - Winlogon Notify: GbPluginCef - C:\Program Files\GbPlugin\gbiehCef.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe
O23 - Service: TipCtrl - Unknown owner - C:\Program Files\uTIPu\TipCtrl.exe (file missing)

--
End of file - 11684 bytes

Fiz como vc mandou

Vários problemas foram removidos pelo AdwCleaner.
_____________________

Abra o HijackThis, clique em Do a system scan only, marque as entradas abaixo e clique em Fix checked:

R3 - URLSearchHook: (no name) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - (no file)

O2 - BHO: IEExtension.VDownloaderBHO - {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dll (file missing)

O3 - Toolbar: (no name) - !{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
_______________________

Siga também, por gentileza, as dicas destes tutoriais:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
________________________

Na sua próxima resposta poste o log do Malwarebytes juntamente com um novo log do Hijackthis, o log do Ad-Remover e o log do Junkware Removal Tool e nos diga como está o seu PC após estes procedimentos.

Ficamos no aguardo.

+ mesmo assim meu pc ta otimo depois que fiz o que vc mandou , so não sei pq num da pra enviar os logs da sempre uma mensagem de erro

Durval escreveu:+ mesmo assim meu pc ta otimo depois que fiz o que vc mandou , so não sei pq num da pra enviar os logs da sempre uma mensagem de erro

FIREFOX.EXE\Shell\Open\Command - "C:\Program Files\Mozilla Firefox\firefox.exe"
HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKLM_MozillaPlugins\@raidcall.en/RCplugin (x)
HKLM_MozillaPlugins\@realnetworks.com/npdlplugin;version=1 (x)
HKCU_MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0 (x)
HKCU_MozillaPlugins\opencandy.com/Ignite (x)
HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
HKCU_MozillaPlugins\vitzo.com/VDownloader (x)
Searchplugins\buscape.xml (hxxp://busca.buscape.com.br/cprocura)
Searchplugins\mercadolivre.xml (hxxp://pmstrk.mercadolivre.com.br/jm/PmsTrk)
Searchplugins\twitter.xml (hxxps://twitter.com/search)
Searchplugins\wikipedia-br.xml (hxxp://pt.wikipedia.org/wiki/Especial:Busca)
Searchplugins\yahoo-br.xml (hxxp://br.search.yahoo.com/search)
Components\browsercomps.dll (Mozilla Foundation)
HKLM_Extensions|smartwebprinting@hp.com - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
HKLM_Extensions|support@vdownloader.com - C:\Program Files\VDownloader\Addons\FireFox (x)
HKLM_Extensions|{34712C68-7391-4c47-94F3-8F88D49AD632} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
HKCU_Extensions|smartwebprinting@hp.com - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

-- C:\Users\Patrícia\AppData\Roaming\Mozilla\FireFox\Profiles\hzd9vj7x.default --
Prefs.js - browser.download.lastDir, C:\\Users\\Patrícia\\Downloads
Prefs.js - browser.startup.homepage, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Prefs.js - browser.startup.homepage_override.buildID, 20130409194949
Prefs.js - browser.startup.homepage_override.mstone, 20.0.1

========================================

**** Internet Explorer Version [8.0.7600.16385] ****

HKCU_Main|Default_Page_URL - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU_Main|Default_Search_URL - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU_Main|Search bar - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU_Main|Start Page - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM_Main|Default_Page_URL - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM_Main|Default_Search_URL - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM_Main|Search bar - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM_Main|Search Page - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM_Main|Start Page - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU_Toolbar\WebBrowser|{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} (x)
HKLM_Toolbar|!{977AE9CC-AF83-45E8-9E03-E2798216E2D5} (x)
HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll)
HKCU_ElevationPolicy\{91c489dc-393c-428b-9aed-2fc2d2e60f8e} - C:\Users\Patrícia\AppData\Local\Ignite\Ignite.exe (OpenCandy, Inc.)
HKLM_ElevationPolicy\{3B9A6E32-36C9-4946-B78C-3F58E3785EC1} - C:\Program Files\Java\jre6\bin\unpack200.exe (Oracle)
HKLM_ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7} - C:\Program Files\Java\jre7\bin\jp2launcher.exe (Oracle Corporation)
HKLM_ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284} - C:\Program Files\Java\jre7\bin\javaws.exe (Oracle Corporation)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{BA3D8769-A71C-4D88-8ED6-745E2B058B89} - C:\PROGRA~1\WIA6EB~1\Datamngr\ToolBar\dtUser.exe (x)
HKLM_ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A} - C:\Program Files\Java\jre7\bin\ssvagent.exe (Oracle Corporation)
BHO\{3049C3E9-B461-4BC5-8870-4C09146192CA} - "RealNetworks Download and Record Plugin for Internet Explorer" (C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll)
BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll)
BHO\{C41A1C0E-EA6C-11D4-B1B8-444553540003} - "GbIehObj Class" (C:\Program Files\GbPlugin\gbiehcef.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 File(s)
C:\Program Files\Ad-Remover\Backup: 14 File(s)

C:\Ad-Report-CLEAN[1].txt - 09/05/2013 23:34:06 (4883 Byte(s))

End at: 23:35:19, 09/05/2013

============== E.O.F ==============
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Versão da Base de Dados: v2013.05.09.07

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Patrícia :: PATRÍCIA-PC [administrador]

Proteção: Permitir

09/05/2013 23:50:17
mbam-log-2013-05-09 (23-50-17).txt

Tipo de Verificação: Verificação Completa (C:\|D:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 392938
Tempo decorrido: 1 hora(s), 3 minuto(s), 51 segundo(s)

Processos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Chaves de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Valores de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Pastas Detectadas: 0
(Não foram detectados ítens maliciosos)

Arquivos Detectados: 2
C:\Gbps_rg.pic (Banker.Trace) -> Enviado para a Quarentena e deletado com sucesso.
C:\ProgramData\taskmon.exe (Trojan.Agent) -> Enviado para a Quarentena e deletado com sucesso.

(fim)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 08:02:09, on 10/05/2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\PROGRA~1\GbPlugin\GbpSv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\System32\svchost.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\ProgramData\netm.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Users\Patrícia\AppData\Local\Akamai\netsession_win.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Patrícia\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\USB Video Camera\Monitor.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\MultiDesktop Manager\MegaScale MultiDesktop Manager.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
C:\Program Files\Gamemaxx\Cabal Online\Xtrap\Xtrap.xt
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe
D:\Programas para proteção do pc e escaneamento\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files\GbPlugin\gbiehcef.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - !{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [VDownloader] C:\Program Files\VDownloader\VDownloader.exe /silent
O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Finder] C:\ProgramData\netm.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Patrícia\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - Startup: MultiDesktop Manager.lnk = C:\Program Files\MultiDesktop Manager\MegaScale MultiDesktop Manager.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Monitor.lnk = C:\Program Files\USB Video Camera\Monitor.exe
O4 - Global Startup: Software Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O15 - Trusted Zone: imagem.caixa.gov.br
O15 - Trusted Zone: internetbanking.caixa.gov.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {5C1B293E-DA77-4AFF-8B52-63DEF8C8A071} (NetmarbleAutoUpdater Class) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {8768D5EA-5412-4810-A032-09AD2A726C69} (DownStarter2 Control) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} (Kdfense8 Control) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: GbPluginCef - C:\Program Files\GbPlugin\gbiehCef.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe
O23 - Service: TipCtrl - Unknown owner - C:\Program Files\uTIPu\TipCtrl.exe (file missing)

--
End of file - 12047 bytes

e isso ai que deu pra enviar qualquer coisa me avisa to no aguardo, + muito obrigado por tudo mesmo

Outros problemas foram removidos.
___________________

Abra o HijackThis, clique em Do a system scan only, marque a entrada abaixo e clique em Fix checked:

O3 - Toolbar: (no name) - !{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
_____________________

Siga, por gentileza, as dicas deste tutorial para fazer um escaneamento de seu PC pelo Nod32 Online:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Após o término do escaneamento será gerado um relatório (log) que estará no seguinte local do seu computador:
C:\Arquivos de programas\Eset\Eset Online Scanner\log.txt

Na sua próxima resposta poste este log do Nod32 Online juntamente com um novo log do Hijackthis e nos diga, por gentileza, como está o seu PC após seguir este procedimento. Ficamos no aguardo de sua resposta.

ta aqui os log's

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=46af67b338607849a6f89e3cc085e105
# engine=13819
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-05-13 01:48:22
# local_time=2013-05-13 10:48:22 (-0300, Hora oficial do Brasil)
# country="Brazil"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=770 16774141 100 95 211657 144244774 0 0
# compatibility_mode=5893 16776574 100 94 5166108 120001293 0 0
# compatibility_mode=7937 16777214 28 75 2318021 20541060 0 0
# scanned=235463
# found=15
# cleaned=7
# scan_time=7953
sh=F5184BBFE911BEE8E5FCE32DC0DC853618B6435A ft=1 fh=0aad82ea6c3560d3 vn="probably a variant of Win32/Spy.Banker.ZDE trojan" ac=I fn="C:\Users\All Users\netm.exe"
sh=F5184BBFE911BEE8E5FCE32DC0DC853618B6435A ft=1 fh=0aad82ea6c3560d3 vn="probably a variant of Win32/Spy.Banker.ZDE trojan" ac=I fn="C:\Users\Todos os Usuários\netm.exe"
sh=F5184BBFE911BEE8E5FCE32DC0DC853618B6435A ft=1 fh=0aad82ea6c3560d3 vn="probably a variant of Win32/Spy.Banker.ZDE trojan" ac=I fn="\\PatrÍcia-pc\Users\All Users\netm.exe"
sh=5E993CB64752A7F2A94CB240D4D1021E4A8338F5 ft=0 fh=0000000000000000 vn="Java/Exploit.CVE-2013-0422.A trojan" ac=I fn="\\PatrÍcia-pc\Users\Patrícia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\742aa295-4826639d"
sh=3078E123A2C63AF05B87C075C8E4E954A8B43B8E ft=0 fh=0000000000000000 vn="Java/TrojanDownloader.Agent.NGD trojan" ac=I fn="\\PatrÍcia-pc\Users\Patrícia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\3444af88-5332dcb8"
sh=0B863788FD5C1EBE33105B4BD981B494F8D216DF ft=1 fh=6651e700bdf2e0da vn="Win32/InstallCore.BL application" ac=I fn="\\PatrÍcia-pc\Users\Patrícia\Downloads\avast--browser-cleanup--baixaki-32-bits.exe"
sh=B811091A135AD7ED8D5FEF6BC9267F910E177220 ft=1 fh=6722d963000879b5 vn="MSIL/Solimba.H application" ac=I fn="\\PatrÍcia-pc\Users\Patrícia\Downloads\avast.exe"
sh=F5184BBFE911BEE8E5FCE32DC0DC853618B6435A ft=1 fh=0aad82ea6c3560d3 vn="probably a variant of Win32/Spy.Banker.ZDE trojan" ac=I fn="\\PatrÍcia-pc\Users\Todos os Usuários\netm.exe"
sh=F5184BBFE911BEE8E5FCE32DC0DC853618B6435A ft=1 fh=0aad82ea6c3560d3 vn="probably a variant of Win32/Spy.Banker.ZDE trojan (cleaned by deleting - quarantined)" ac=C fn="C:\ProgramData\netm.exe"
sh=5E993CB64752A7F2A94CB240D4D1021E4A8338F5 ft=0 fh=0000000000000000 vn="Java/Exploit.CVE-2013-0422.A trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Patrícia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\742aa295-4826639d"
sh=3078E123A2C63AF05B87C075C8E4E954A8B43B8E ft=0 fh=0000000000000000 vn="Java/TrojanDownloader.Agent.NGD trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Patrícia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\3444af88-5332dcb8"
sh=0B863788FD5C1EBE33105B4BD981B494F8D216DF ft=1 fh=6651e700bdf2e0da vn="Win32/InstallCore.BL application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Patrícia\Downloads\avast--browser-cleanup--baixaki-32-bits.exe"
sh=B811091A135AD7ED8D5FEF6BC9267F910E177220 ft=1 fh=6722d963000879b5 vn="MSIL/Solimba.H application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Patrícia\Downloads\avast.exe"
sh=F3C9DA33191FB9F0B59D29A86C74BE8AD0890684 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Widgi application (deleted - quarantined)" ac=C fn="C:\Windows\Installer\a9ce7.msi"
sh=0B863788FD5C1EBE33105B4BD981B494F8D216DF ft=1 fh=6651e700bdf2e0da vn="Win32/InstallCore.BL application (cleaned by deleting - quarantined)" ac=C fn="D:\Programas para proteção do pc e escaneamento\avast--browser-cleanup--baixaki-32-bits.exe"

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:25:53, on 15/05/2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\PROGRA~1\GbPlugin\GbpSv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Users\Patrícia\AppData\Local\Akamai\netsession_win.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\USB Video Camera\Monitor.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Users\Patrícia\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\MultiDesktop Manager\MegaScale MultiDesktop Manager.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Spyware Terminator\SpywareTerminator.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
D:\Programas para proteção do pc e escaneamento\HiJackThis.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\taskeng.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files\GbPlugin\gbiehcef.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - !{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [VDownloader] C:\Program Files\VDownloader\VDownloader.exe /silent
O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Patrícia\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - Startup: MultiDesktop Manager.lnk = C:\Program Files\MultiDesktop Manager\MegaScale MultiDesktop Manager.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Monitor.lnk = C:\Program Files\USB Video Camera\Monitor.exe
O4 - Global Startup: Software Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O15 - Trusted Zone: imagem.caixa.gov.br
O15 - Trusted Zone: internetbanking.caixa.gov.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {5C1B293E-DA77-4AFF-8B52-63DEF8C8A071} (NetmarbleAutoUpdater Class) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {8768D5EA-5412-4810-A032-09AD2A726C69} (DownStarter2 Control) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} (Kdfense8 Control) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: GbPluginCef - C:\Program Files\GbPlugin\gbiehCef.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe
O23 - Service: TipCtrl - Unknown owner - C:\Program Files\uTIPu\TipCtrl.exe (file missing)

--
End of file - 11742 bytes
o que vc mandou eu marca no HijackThis
O3 - Toolbar: (no name) - !{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file) eu marquei + mesmo assim ele não sai

Outros problemas foram removidos.
_________________

Siga, por gentileza, as dicas dos tutoriais abaixo para fazer uma limpeza de seu PC com o Norman Malware Cleaner e o Bankerfix:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
________________

Na sua próxima resposta poste o conteúdo do relatorio.txt do BankerFix que estará em C:\LinhaDefensiva\relatorio.txt juntamente com o log do Norman Malware Cleaner e nos diga como está o seu PC depois disto.

Ficamos na espera.

BankerFix 3.5 VALKYRIE - Removedor de Bankers
Linha Defensiva | [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
-------------------------------------------------------
Data: 2013-05-21 - 16:43
-------------------------------------------------------
Lista de Definição: 2012-08-22-1 | CORE: 2012-08-22-6
=======================================================



----- Fim -------------------------

Norman Malware Cleaner v2.07.06
Copyright 1990 - 2012, Norman AS.

Norman Scanner Engine Version: 7.01.04
nvcbin.def: Version: 7.01.4422, Date: 2013/05/20 22:42:14, Variants: 20520878
nvcmacro.def: Version: 7.01.4422, Date: 2013/05/20 22:42:14, Variants: 0

Operating System: Windows 7

Switches: /iagree /cleanrootkit

Scan started: 2013/05/21 08:25:52

Running pre-scan cleanup routine...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Scanning time: 0s

Scanning system for active rootkit activity...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 3s

Scanning running processes and process memory...

Number of files found: 868
Number of objects found: 10938
Number of objects scanned: 10938
Number of objects not scanned: 0
Number of malicious memory objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 3m 8s

Scanning system for FakeAV...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 0s

Running full scan...
C:\Program Files\Marcos Velasco Security\MV RegClean 5.9\MVREGCLEAN.EXE: File infected with win32:winpe/Scar.AV
Delete file: C:\Program Files\Marcos Velasco Security\MV RegClean 5.9\MVREGCLEAN.EXE
Cleaning successful
C:\ProgramData\Microsoft\Microsoft Antimalware\IMpServiceEDB4FA23-53B8-4AFA-8C5D-99752CCA7094.lock: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\CacheManager\MpScanCache-0.bin: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-0774089B33EF8E96336BCF07DD77BCC38708F261.bin.67: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-0774089B33EF8E96336BCF07DD77BCC38708F261.bin.7E: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-0774089B33EF8E96336BCF07DD77BCC38708F261.bin.80: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-0774089B33EF8E96336BCF07DD77BCC38708F261.bin.87: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-0774089B33EF8E96336BCF07DD77BCC38708F261.bin.A0: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-0774089B33EF8E96336BCF07DD77BCC38708F261.bin.VE0: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-0774089B33EF8E96336BCF07DD77BCC38708F261.bin.VF: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MpDiag.bin: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-0774089B33EF8E96336BCF07DD77BCC38708F261.bin.VE1: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\PersistedStore\MpPersistedStore.bin: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.log: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb: Error opening file for read: 0x00000020
C:\System Volume Information\Syscache.hve: Error opening file for read: 0x00000020
C:\System Volume Information\Syscache.hve.LOG1: Error opening file for read: 0x00000020
C:\System Volume Information\Syscache.hve.LOG2: Error opening file for read: 0x00000020
C:\Users\Patrícia\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{445CA8AF-C20C-11E2-BF86-8DE80C56F70C}.dat: Error opening file for read: 0x00000020
C:\Users\Patrícia\AppData\Local\Microsoft\Windows\UsrClass.dat: Error opening file for read: 0x00000020
C:\Users\Patrícia\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1: Error opening file for read: 0x00000020
C:\Users\Patrícia\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2: Error opening file for read: 0x00000020
C:\Users\Patrícia\AppData\Local\Temp\~DF331191F1AB13E9C9.TMP: Error opening file for read: 0x00000020
C:\Users\Patrícia\AppData\Roaming\CTBC\Common\setup.exe: Archive infected
C:\Users\Patrícia\AppData\Roaming\CTBC\Common\setup.exe/file4: File infected with winpe/Suspicious_Gen5.FZM
Delete archive object: C:\Users\Patrícia\AppData\Roaming\CTBC\Common\setup.exe/file4
Cleaning not supported (220000)
C:\Users\Patrícia\AppData\Roaming\Mozilla\Firefox\Profiles\hzd9vj7x.default\parent.lock: Error opening file for read: 0x00000020
C:\Users\Patrícia\ntuser.dat: Error opening file for read: 0x00000020
C:\Users\Patrícia\ntuser.dat.LOG1: Error opening file for read: 0x00000020
C:\Users\Patrícia\ntuser.dat.LOG2: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\PeerNetworking\4e112f14208d83e23c43f4f64913ba60\469944770b7fd3bc70746a46040ac21e\grouping\db.mdb: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\PeerNetworking\4e112f14208d83e23c43f4f64913ba60\469944770b7fd3bc70746a46040ac21e\grouping\edb.log: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\PeerNetworking\4e112f14208d83e23c43f4f64913ba60\469944770b7fd3bc70746a46040ac21e\grouping\tmp.edb: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\ntuser.dat: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG1: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG2: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\NetworkService\ntuser.dat: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG1: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\catroot2\edb.log: Error opening file for read: 0x00000020
C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb: Error opening file for read: 0x00000020
C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb: Error opening file for read: 0x00000020
C:\Windows\System32\config\default: Error opening file for read: 0x00000020
C:\Windows\System32\config\DEFAULT.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\DEFAULT.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\DEFAULT: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SAM: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SECURITY: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SOFTWARE: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SYSTEM: Error opening file for read: 0x00000020
C:\Windows\System32\config\sam: Error opening file for read: 0x00000020
C:\Windows\System32\config\SAM.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SAM.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\security: Error opening file for read: 0x00000020
C:\Windows\System32\config\SECURITY.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SECURITY.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\software: Error opening file for read: 0x00000020
C:\Windows\System32\config\SOFTWARE.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SOFTWARE.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\system: Error opening file for read: 0x00000020
C:\Windows\System32\config\SYSTEM.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\SYSTEM.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTkerberos.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTUBPM.etl: Error opening file for read: 0x00000020
C:\Windows\Temp\TMP00000043A6147980F537E9AC: Error opening file for read: 0x00000020
C:\Windows\Temp\TMP000000458F2CF85A7EEB1640: Error opening file for read: 0x00000020
C:\Windows\Temp\_avast_\Webshlock.txt: Error opening file for read: 0x00000020

Number of files found: 194346
Number of archives unpacked: 4749
Number of objects found: 490978
Number of objects scanned: 490907
Number of objects not scanned: 71
Number of malicious objects found: 2
Number of malicious objects cleaned: 1
Number of malicious files found: 2
Number of malicious files cleaned: 1
Scanning time: 1h 40m 40s

Running post-scan cleanup routine...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Scanning time: 0s

Results:
Total number of files found: 195214
Total number of archives unpacked: 4749
Total number of objects found: 501916
Total number of objects scanned: 501845
Total number of objects not scanned: 71
Total number of malicious objects found: 2
Total number of malicious objects cleaned: 1
Total number of malicious files found: 2
Total number of malicious files cleaned: 1
Total number of objects quarantined: 2
Total scanning time: 1h 43m 51s

uai agora meu pc ta bom pelo que to notando

uai agora meu pc ta bom pelo que to notando

Ficamos felizes que seu PC esteja bem.
_________________

Há um serviço ativo no seu PC que o deixa mais lento e não tem utilidade real, que é o Bonjour. Para desativá-lo, faça o download do programa indicado no link abaixo, extraia-o para a sua área de trabalho (Desktop) e execute-o:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
__________________

Desinstale o Norman Malware Cleaner e demais ferramentas que usamos para a desinfecção de seu PC.
__________________

Faça o download do CCleaner Slim:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Abra o programa e clique em Executar Limpeza;

Após isto, clique em Registro > Procurar erros > Corrigir erros selecionados
___________________

Para evitar que os problemas voltem, desative e ative novamente a restauração do sistema. Para isso é só seguir os passos indicados no tutorial abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
__________________

Foi um prazer ajudar, conte sempre conosco!

vlw mesmo muito obrigado

posso dizer que sou um cara sem sorte mesmo, meu pc tinha melhorado com o que vc me passou + ai coloquei um antigo pen drive meu que usei na epoca que deu todos esses problemas e por acaso parece que alguns problemas voltaram, não ta dando pra usar o navegador(mozila) direito pq meu antivirus barra ele toda hora que vou mecher avisando que encontrou uma ameça, uso o avast ultima versão, se puderem me ajudar novamente agradeço. Se possivel me diz como faço pra recuperar esse pen drive ja que tenho que usar ele e nem tem como colocar no pc, pois acredito que os virus estão nele + não sei ao certo, desde já agradeço.
so meio burrim mesmo
so pra completar uso tambem o microsoft security essentials e a mensagem que aparece do avast e + ou - essa
URL: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Processo: C:\Program Files\Mozilla Firefox\firefox...
Infecção: HTML:Iframe-inf
obs: tirei do site que o avast me mandou nem lembro do que tava escrito na mensagem mais e mais ou menos isso ai mesmo.

so pra completar uso tambem o microsoft security essentials

Seria bom você escolher só um destes antivirus e ficar com um só, pois mais de um antivirus pode trazer conflitos entre eles, além de lentidão à sua máquina.
________________

coloquei um antigo pen drive meu que usei na epoca que deu todos esses problemas e por acaso parece que alguns problemas voltaram

Então, vamos fazer uma limpeza neste seu pendrive também:

Conecte este pendrive no PC e depois com ele conectado siga, por gentileza, as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Poste o log do Usbfix que estará em C:\UsbFix.txt em sua próxima resposta juntamente com um novo log do Hijackthis e nos diga como está o PC após este procedimento.

Ficamos no aguardo.

Tópico arquivado.

Como o autor não respondeu ao tópico por mais de 15 dias, o mesmo foi arquivado.

Caso você seja o autor do tópico e quer que o mesmo seja reaberto, envie uma mensagem privada para um membro da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] com um link para este tópico e justifique porque você precisa dele reaberto.